Vergleich editpost.php - 1.6.10 - 1.6.14

Zeile 62	Zeile 62
// Get forum info $fid = $post['fid']; $forum = get_forum($fid);	// Get forum info $fid = $post['fid']; $forum = get_forum($fid);
	if(($thread['visible'] == 0 && !is_moderator($fid)) \|\| ($thread['visible'] < 0 && $thread['uid'] != $mybb->user['uid'])) { error($lang->error_invalidthread); }
if(!$forum \|\| $forum['type'] != "f")	if(!$forum \|\| $forum['type'] != "f")
{	{
error($lang->error_closedinvalidforum);	error($lang->error_closedinvalidforum);
} if($forum['open'] == 0 \|\| $mybb->user['suspendposting'] == 1) {	} if(($forum['open'] == 0 && !is_moderator($fid, "caneditposts")) \|\| $mybb->user['suspendposting'] == 1) {
error_no_permission(); } // Add prefix to breadcrumb $query = $db->simple_select('threadprefixes', 'displaystyle', "pid='{$thread['prefix']}'"); $breadcrumbprefix = $db->fetch_field($query, 'displaystyle');	error_no_permission(); } // Add prefix to breadcrumb $query = $db->simple_select('threadprefixes', 'displaystyle', "pid='{$thread['prefix']}'"); $breadcrumbprefix = $db->fetch_field($query, 'displaystyle');

if($breadcrumbprefix) { $breadcrumbprefix .= ' ';	if($breadcrumbprefix) { $breadcrumbprefix .= ' ';
Zeile 88	Zeile 93
$forumpermissions = forum_permissions($fid); if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0)	$forumpermissions = forum_permissions($fid); if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0)
{	{
$codebuttons = build_mycode_inserter(); } if($mybb->settings['smilieinserter'] != 0)	$codebuttons = build_mycode_inserter(); } if($mybb->settings['smilieinserter'] != 0)
Zeile 110	Zeile 115
error($lang->redirect_threadclosed); } if($forumpermissions['candeleteposts'] == 0)	error($lang->redirect_threadclosed); } if($forumpermissions['candeleteposts'] == 0)
{ error_no_permission(); }	{ error_no_permission(); }
if($mybb->user['uid'] != $post['uid']) { error_no_permission(); }	if($mybb->user['uid'] != $post['uid']) { error_no_permission(); }
// User can't delete unapproved post if($post['visible'] == 0) { error_no_permission(); } }	// User can't delete unapproved post if($post['visible'] == 0) { error_no_permission(); } }
} else {	} else {
Zeile 137	Zeile 142
error_no_permission(); } if($mybb->user['uid'] != $post['uid'])	error_no_permission(); } if($mybb->user['uid'] != $post['uid'])
{	{
error_no_permission(); } // Edit time limit	error_no_permission(); } // Edit time limit
Zeile 151	Zeile 156
if($post['visible'] == 0) { error_no_permission();	if($post['visible'] == 0) { error_no_permission();
} }	} }
} // Check if this forum is password protected and we have a valid password	} // Check if this forum is password protected and we have a valid password
Zeile 167	Zeile 172
{ // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);	{ // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);
$query = $db->simple_select("attachments", "COUNT(aid) as numattachs", "pid='{$pid}'"); $attachcount = $db->fetch_field($query, "numattachs");
// If there's an attachment, check it and upload it	// If there's an attachment, check it and upload it
if($_FILES['attachment']['size'] > 0 && $forumpermissions['canpostattachments'] != 0 && ($mybb->settings['maxattachments'] == 0 \|\| $attachcount < $mybb->settings['maxattachments']))	if($_FILES['attachment']['size'] > 0 && $forumpermissions['canpostattachments'] != 0)
{	{
	$query = $db->simple_select("attachments", "aid", "filename='".$db->escape_string($_FILES['attachment']['name'])."' AND pid='{$pid}'"); $updateattach = $db->fetch_field($query, "aid");
$update_attachment = false;	$update_attachment = false;
if($mybb->input['updateattachment'] && ($mybb->usergroup['caneditattachments'] \|\| $forumpermissions['caneditattachments']))	if($updateattach > 0 && $mybb->input['updateattachment'] && ($mybb->usergroup['caneditattachments'] \|\| $forumpermissions['caneditattachments']))
{ $update_attachment = true; }	{ $update_attachment = true; }
Zeile 184	Zeile 189
if($attachedfile['error']) { eval("\$attacherror = \"".$templates->get("error_attacherror")."\";");	if($attachedfile['error']) { eval("\$attacherror = \"".$templates->get("error_attacherror")."\";");
$mybb->input['action'] = "editpost"; } if(!$mybb->input['submit'])	$mybb->input['action'] = "editpost"; } if(!$mybb->input['submit'])
{ $mybb->input['action'] = "editpost"; }	{ $mybb->input['action'] = "editpost"; }
Zeile 206	Zeile 211
{ $update_sql = array("visible" => 1); $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");	{ $update_sql = array("visible" => 1); $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");
	update_thread_counters($post['tid'], array('attachmentcount' => "+1"));
} elseif($mybb->input['attachmentact'] == "unapprove" && is_moderator($fid, 'caneditposts')) { $update_sql = array("visible" => 0); $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");	} elseif($mybb->input['attachmentact'] == "unapprove" && is_moderator($fid, 'caneditposts')) { $update_sql = array("visible" => 0); $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");
	update_thread_counters($post['tid'], array('attachmentcount' => "-1"));
} if(!$mybb->input['submit']) {	} if(!$mybb->input['submit']) {
Zeile 424	Zeile 431
if($attachment['visible'] != 1) { eval("\$attachments .= \"".$templates->get("post_attachments_attachment_unapproved")."\";");	if($attachment['visible'] != 1) { eval("\$attachments .= \"".$templates->get("post_attachments_attachment_unapproved")."\";");
}	}
else { eval("\$attachments .= \"".$templates->get("post_attachments_attachment")."\";");	else { eval("\$attachments .= \"".$templates->get("post_attachments_attachment")."\";");
Zeile 449	Zeile 456
$lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyusage, $friendlyquota); if($mybb->settings['maxattachments'] == 0 \|\| ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach) {	$lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyusage, $friendlyquota); if($mybb->settings['maxattachments'] == 0 \|\| ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach) {
if($mybb->usergroup['caneditattachments'] \|\| $forumpermissions['caneditattachments']) { eval("\$attach_update_options = \"".$templates->get("post_attachments_update")."\";"); }	eval("\$attach_add_options = \"".$templates->get("post_attachments_add")."\";"); } if($mybb->usergroup['caneditattachments'] \|\| $forumpermissions['caneditattachments']) { eval("\$attach_update_options = \"".$templates->get("post_attachments_update")."\";"); } if($attach_add_options \|\| $attach_update_options) {
eval("\$newattach = \"".$templates->get("post_attachments_new")."\";"); }	eval("\$newattach = \"".$templates->get("post_attachments_new")."\";"); }

eval("\$attachbox = \"".$templates->get("post_attachments")."\";"); } if(!$mybb->input['attachmentaid'] && !$mybb->input['newattachment'] && !$mybb->input['updateattachment'] && !$mybb->input['previewpost'] && !$maximageserror)	eval("\$attachbox = \"".$templates->get("post_attachments")."\";"); } if(!$mybb->input['attachmentaid'] && !$mybb->input['newattachment'] && !$mybb->input['updateattachment'] && !$mybb->input['previewpost'] && !$maximageserror)
Zeile 464	Zeile 477
$subject = $post['subject']; } else	$subject = $post['subject']; } else
{	{
$message = $mybb->input['message']; $subject = $mybb->input['subject']; }	$message = $mybb->input['message']; $subject = $mybb->input['subject']; }
Zeile 485	Zeile 498
"uid" => $post['uid'], "edit_uid" => $mybb->user['uid'], "message" => $mybb->input['message'],	"uid" => $post['uid'], "edit_uid" => $mybb->user['uid'], "message" => $mybb->input['message'],
);	);
if(!$mybb->input['previewpost']) { $post['uid'] = $mybb->user['uid'];	if(!$mybb->input['previewpost']) { $post['uid'] = $mybb->user['uid'];
Zeile 501	Zeile 514
); $posthandler->set_data($post);	); $posthandler->set_data($post);

// Now let the post handler do all the hard work. if(!$posthandler->validate_post()) {	// Now let the post handler do all the hard work. if(!$posthandler->validate_post()) {
Zeile 509	Zeile 522
$post_errors = inline_error($post_errors); $mybb->input['action'] = "editpost"; $mybb->input['previewpost'] = 0;	$post_errors = inline_error($post_errors); $mybb->input['action'] = "editpost"; $mybb->input['previewpost'] = 0;
}	}
else { $previewmessage = $message; $previewsubject = $subject; $message = htmlspecialchars_uni($message); $subject = htmlspecialchars_uni($subject);	else { $previewmessage = $message; $previewsubject = $subject; $message = htmlspecialchars_uni($message); $subject = htmlspecialchars_uni($subject);

$postoptions = $mybb->input['postoptions'];	$postoptions = $mybb->input['postoptions'];

if($postoptions['signature'] == 1) { $postoptionschecked['signature'] = " checked=\"checked\"";	if($postoptions['signature'] == 1) { $postoptionschecked['signature'] = " checked=\"checked\"";
}	}
if($postoptions['subscriptionmethod'] == "none")	if($postoptions['subscriptionmethod'] == "none")
{	{
$postoptions_subscriptionmethod_none = "checked=\"checked\""; } else if($postoptions['subscriptionmethod'] == "instant") { $postoptions_subscriptionmethod_instant = "checked=\"checked\"";	$postoptions_subscriptionmethod_none = "checked=\"checked\""; } else if($postoptions['subscriptionmethod'] == "instant") { $postoptions_subscriptionmethod_instant = "checked=\"checked\"";
}	}
else { $postoptions_subscriptionmethod_dont = "checked=\"checked\"";	else { $postoptions_subscriptionmethod_dont = "checked=\"checked\"";
Zeile 546	Zeile 559
if($mybb->input['previewpost']) {	if($mybb->input['previewpost']) {
// Figure out the poster's other information. $query = $db->query(" SELECT u., f., p.dateline FROM ".TABLE_PREFIX."users u LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid) LEFT JOIN ".TABLE_PREFIX."posts p ON (p.uid=u.uid) WHERE u.uid='{$post['uid']}' AND p.pid='{$pid}' LIMIT 1 "); $postinfo = $db->fetch_array($query);	if(!$post['uid']) { $query = $db->simple_select('posts', 'username', "pid='{$pid}'"); $postinfo['username'] = $db->fetch_field($query, 'username'); } else { // Figure out the poster's other information. $query = $db->query(" SELECT u., f., p.dateline FROM ".TABLE_PREFIX."users u LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid) LEFT JOIN ".TABLE_PREFIX."posts p ON (p.uid=u.uid) WHERE u.uid='{$post['uid']}' AND p.pid='{$pid}' LIMIT 1 "); $postinfo = $db->fetch_array($query); $postinfo['userusername'] = $postinfo['username']; }
$query = $db->simple_select("attachments", "*", "pid='{$pid}'"); while($attachment = $db->fetch_array($query))	$query = $db->simple_select("attachments", "*", "pid='{$pid}'"); while($attachment = $db->fetch_array($query))
Zeile 564	Zeile 586
} // Set the values of the post info array.	} // Set the values of the post info array.
$postinfo['userusername'] = $postinfo['username'];
$postinfo['message'] = $previewmessage; $postinfo['subject'] = $previewsubject; $postinfo['icon'] = $icon;	$postinfo['message'] = $previewmessage; $postinfo['subject'] = $previewsubject; $postinfo['icon'] = $icon;