Vergleich newreply.php - 1.6.10 - 1.6.17

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 12Zeile 12
define("IN_MYBB", 1);
define('THIS_SCRIPT', 'newreply.php');


define("IN_MYBB", 1);
define('THIS_SCRIPT', 'newreply.php');


$templatelist = "newreply,previewpost,loginbox,changeuserbox,posticons,newreply_threadreview,newreply_threadreview_post,forumdisplay_rules,forumdisplay_rules_link,newreply_multiquote_external";

$templatelist = "newreply,previewpost,loginbox,changeuserbox,posticons,newreply_threadreview,newreply_threadreview_post,forumdisplay_rules,forumdisplay_rules_link,newreply_multiquote_external,post_attachments_add";

$templatelist .= ",smilieinsert,smilieinsert_getmore,codebuttons,post_attachments_new,post_attachments,post_savedraftbutton,newreply_modoptions,newreply_threadreview_more,newreply_disablesmilies,postbit_online,postbit_find,postbit_pm";
$templatelist .= ",postbit_www,postbit_email,postbit_reputation,postbit_warninglevel,postbit_author_user,postbit_edit,postbit_quickdelete,postbit_inlinecheck,postbit_posturl,postbit_quote,postbit_multiquote,postbit_report,postbit_ignored,postbit,post_subscription_method";
$templatelist .= ",post_attachments_attachment_postinsert,post_attachments_attachment_remove,post_attachments_attachment_unapproved,post_attachments_attachment,postbit_attachments_attachment,postbit_attachments,newreply_options_signature";

$templatelist .= ",smilieinsert,smilieinsert_getmore,codebuttons,post_attachments_new,post_attachments,post_savedraftbutton,newreply_modoptions,newreply_threadreview_more,newreply_disablesmilies,postbit_online,postbit_find,postbit_pm";
$templatelist .= ",postbit_www,postbit_email,postbit_reputation,postbit_warninglevel,postbit_author_user,postbit_edit,postbit_quickdelete,postbit_inlinecheck,postbit_posturl,postbit_quote,postbit_multiquote,postbit_report,postbit_ignored,postbit,post_subscription_method";
$templatelist .= ",post_attachments_attachment_postinsert,post_attachments_attachment_remove,post_attachments_attachment_unapproved,post_attachments_attachment,postbit_attachments_attachment,postbit_attachments,newreply_options_signature";

Zeile 40Zeile 40
}

// Get the pid and tid and replyto from the input.

}

// Get the pid and tid and replyto from the input.

$tid = $mybb->input['tid'];

$tid = intval($mybb->input['tid']);


$replyto = 0;
if($mybb->input['replyto'])


$replyto = 0;
if($mybb->input['replyto'])

Zeile 57Zeile 57
// Edit a draft post.
$pid = 0;
$editdraftpid = '';

// Edit a draft post.
$pid = 0;
$editdraftpid = '';

if($mybb->input['action'] == "editdraft" && $mybb->input['pid'])

if(($mybb->input['action'] == "editdraft" || $mybb->input['action'] == "do_newreply") && $mybb->input['pid'])

{
$options = array(
"limit" => 1

{
$options = array(
"limit" => 1

Zeile 106Zeile 106
$forumpermissions = forum_permissions($fid);

// See if everything is valid up to here.

$forumpermissions = forum_permissions($fid);

// See if everything is valid up to here.

if(isset($post) && (($post['visible'] == 0 && !is_moderator($fid)) || $post['visible'] == 0))

if(isset($post) && (($post['visible'] == 0 && !is_moderator($fid)) || ($post['visible'] < 0 && $post['uid'] != $mybb->user['uid'])))

{
error($lang->error_invalidpost);
}

{
error($lang->error_invalidpost);
}

Zeile 220Zeile 220
	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	if($mybb->input['action'] == "editdraft" || ($mybb->input['tid'] && $mybb->input['pid']))

	if($pid)

	{
$attachwhere = "pid='{$pid}'";
}

	{
$attachwhere = "pid='{$pid}'";
}

Zeile 288Zeile 288
	}
}


	}
}


if($mybb->input['action'] == "do_newreply" && $mybb->request_method == "post")


// If this isn't a logged in user, then we need to do some special validation.
if($mybb->user['uid'] == 0)

{

{

	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

$plugins->run_hooks("newreply_do_newreply_start");

// If this isn't a logged in user, then we need to do some special validation.
if($mybb->user['uid'] == 0)

	$username = htmlspecialchars_uni($mybb->input['username']);

// Check if username exists.
if(username_exists($mybb->input['username']))




	{

	{

		$username = htmlspecialchars_uni($mybb->input['username']);

// Check if username exists.
if(username_exists($mybb->input['username']))





		// If it does throw back "username is taken"
error($lang->error_usernametaken);
}
// This username does not exist.
else
{
// If they didn't specify a username then give them "Guest"
if(!$mybb->input['username'])

		{

		{

			// If it does throw back "username is taken"
error($lang->error_usernametaken);

			$username = $lang->guest;


		}

		}

		// This username does not exist.

		// Otherwise use the name they specified.

		else
{

		else
{

			// If they didn't specify a username then give them "Guest"
if(!$mybb->input['username'])
{
$username = $lang->guest;
}
// Otherwise use the name they specified.
else
{
$username = htmlspecialchars_uni($mybb->input['username']);
}
$uid = 0;

			$username = htmlspecialchars_uni($mybb->input['username']);











		}

		}

 
		$uid = 0;

	}

	}

	// This user is logged in.
else
{
$username = $mybb->user['username'];
$uid = $mybb->user['uid'];
}









}
// This user is logged in.
else
{
$username = $mybb->user['username'];
$uid = $mybb->user['uid'];
}

if($mybb->input['action'] == "do_newreply" && $mybb->request_method == "post")
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

$plugins->run_hooks("newreply_do_newreply_start");


// Attempt to see if this post is a duplicate or not
if($uid > 0)


// Attempt to see if this post is a duplicate or not
if($uid > 0)

Zeile 470Zeile 470
		$postinfo = $posthandler->insert_post();
$pid = $postinfo['pid'];
$visible = $postinfo['visible'];

		$postinfo = $posthandler->insert_post();
$pid = $postinfo['pid'];
$visible = $postinfo['visible'];

 

// Invalidate solved captcha
if($mybb->settings['captchaimage'] && !$mybb->user['uid'])
{
$post_captcha->invalidate_captcha();
}


// Deciding the fate
if($visible == -2)


// Deciding the fate
if($visible == -2)

Zeile 562Zeile 568
					{
redirect(get_thread_link($tid, 0, "lastpost"));
}

					{
redirect(get_thread_link($tid, 0, "lastpost"));
}

 
				}

if(!$mybb->settings['postsperpage'] || (int)$mybb->settings['postsperpage'] < 1)
{
$mybb->settings['postsperpage'] = 20;

				}

// Lets see if this post is on the same page as the one we're viewing or not

				}

// Lets see if this post is on the same page as the one we're viewing or not

Zeile 709Zeile 720
					if($pid == $quoted_post['pid'])
{
$subject = preg_replace('#RE:\s?#i', '', $quoted_post['subject']);

					if($pid == $quoted_post['pid'])
{
$subject = preg_replace('#RE:\s?#i', '', $quoted_post['subject']);

 
						// Subject too long? Shorten it to avoid error message
if(my_strlen($subject) > 85)
{
$subject = my_substr($subject, 0, 82).'...';
}

						$subject = "RE: ".$subject;
}
$message .= parse_quoted_message($quoted_post);
$quoted_ids[] = $quoted_post['pid'];
}
// Count the rest

						$subject = "RE: ".$subject;
}
$message .= parse_quoted_message($quoted_post);
$quoted_ids[] = $quoted_post['pid'];
}
// Count the rest

				else
{

				else
{

					++$external_quotes;
}

					++$external_quotes;
}

			}

			}

			if($mybb->settings['maxquotedepth'] != '0')

			if($mybb->settings['maxquotedepth'] != '0')

			{

			{

				$message = remove_message_quotes($message);
}
if($external_quotes > 0)
{
if($external_quotes == 1)

				$message = remove_message_quotes($message);
}
if($external_quotes > 0)
{
if($external_quotes == 1)

				{

				{

					$multiquote_text = $lang->multiquote_external_one;
$multiquote_deselect = $lang->multiquote_external_one_deselect;
$multiquote_quote = $lang->multiquote_external_one_quote;

					$multiquote_text = $lang->multiquote_external_one;
$multiquote_deselect = $lang->multiquote_external_one_deselect;
$multiquote_quote = $lang->multiquote_external_one_quote;

Zeile 757Zeile 773
		$previewmessage = $mybb->input['message'];
}
if(!$message)

		$previewmessage = $mybb->input['message'];
}
if(!$message)

	{

	{

		$message = $mybb->input['message'];
}
$message = htmlspecialchars_uni($message);

		$message = $mybb->input['message'];
}
$message = htmlspecialchars_uni($message);

Zeile 798Zeile 814
		$message = htmlspecialchars_uni($post['message']);
$subject = $post['subject'];
if($post['includesig'] != 0)

		$message = htmlspecialchars_uni($post['message']);
$subject = $post['subject'];
if($post['includesig'] != 0)

		{

		{

			$postoptionschecked['signature'] = " checked=\"checked\"";
}
if($post['smilieoff'] == 1)

			$postoptionschecked['signature'] = " checked=\"checked\"";
}
if($post['smilieoff'] == 1)

Zeile 839Zeile 855
		else
{
$postoptions_subscriptionmethod_dont = "checked=\"checked\"";

		else
{
$postoptions_subscriptionmethod_dont = "checked=\"checked\"";

		}
}

		}
}


if($forum['allowpicons'] != 0)
{


if($forum['allowpicons'] != 0)
{

Zeile 881Zeile 897
			"ipaddress" => get_ip(),
"posthash" => $mybb->input['posthash']
);

			"ipaddress" => get_ip(),
"posthash" => $mybb->input['posthash']
);





		if($mybb->input['pid'])
{
$post['pid'] = $mybb->input['pid'];
}

		if($mybb->input['pid'])
{
$post['pid'] = $mybb->input['pid'];
}





		$posthandler->set_data($post);

// Now let the post handler do all the hard work.
$valid_post = $posthandler->verify_message();
$valid_subject = $posthandler->verify_subject();

		$posthandler->set_data($post);

// Now let the post handler do all the hard work.
$valid_post = $posthandler->verify_message();
$valid_subject = $posthandler->verify_subject();













		
// guest post --> verify author
if($post['uid'] == 0)
{
$valid_username = $posthandler->verify_author();
}
else
{
$valid_username = true;
}


		$post_errors = array();
// Fetch friendly error messages if this is an invalid post

		$post_errors = array();
// Fetch friendly error messages if this is an invalid post

		if(!$valid_post || !$valid_subject)

		if(!$valid_post || !$valid_subject || !$valid_username)

		{
$post_errors = $posthandler->get_friendly_errors();
}

		{
$post_errors = $posthandler->get_friendly_errors();
}

Zeile 923Zeile 949
			if(!$mybb->user['uid'] || !$post['username'])
{
$post['username'] = $mybb->input['username'];

			if(!$mybb->user['uid'] || !$post['username'])
{
$post['username'] = $mybb->input['username'];

			}

			}

			else
{
$post['userusername'] = $mybb->user['username'];

			else
{
$post['userusername'] = $mybb->user['username'];

Zeile 944Zeile 970
			if($mybb->input['pid'])
{
$attachwhere = "pid='".intval($mybb->input['pid'])."'";

			if($mybb->input['pid'])
{
$attachwhere = "pid='".intval($mybb->input['pid'])."'";

			}

			}

			else
{
$attachwhere = "posthash='".$db->escape_string($mybb->input['posthash'])."'";

			else
{
$attachwhere = "posthash='".$db->escape_string($mybb->input['posthash'])."'";

Zeile 965Zeile 991

if(!$pid && !$mybb->input['previewpost'])
{


if(!$pid && !$mybb->input['previewpost'])
{

		$subject = "RE: " . $thread['subject'];







		$subject = $thread['subject'];
// Subject too long? Shorten it to avoid error message
if(my_strlen($subject) > 85)
{
$subject = my_substr($subject, 0, 82).'...';
}
$subject = "RE: ".$subject;

	}

$posthash = htmlspecialchars_uni($mybb->input['posthash']);

	}

$posthash = htmlspecialchars_uni($mybb->input['posthash']);

Zeile 980Zeile 1012
	if($forumpermissions['canpostattachments'] != 0)
{
$attachcount = 0;

	if($forumpermissions['canpostattachments'] != 0)
{
$attachcount = 0;

		if($mybb->input['action'] == "editdraft" && $mybb->input['pid'])

		if($pid)

		{
$attachwhere = "pid='$pid'";
}

		{
$attachwhere = "pid='$pid'";
}

Zeile 1037Zeile 1069

if($mybb->settings['maxattachments'] == 0 || ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach)
{


if($mybb->settings['maxattachments'] == 0 || ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach)
{

 
			eval("\$attach_add_options = \"".$templates->get("post_attachments_add")."\";");

			eval("\$newattach = \"".$templates->get("post_attachments_new")."\";");
}


			eval("\$newattach = \"".$templates->get("post_attachments_new")."\";");
}


Zeile 1099Zeile 1132

if($mybb->settings['threadreview'] != 0)
{


if($mybb->settings['threadreview'] != 0)
{

		if(!$mybb->settings['postsperpage'])

		if(!$mybb->settings['postsperpage'] || (int)$mybb->settings['postsperpage'] < 1)

		{

		{

			$mybb->settings['postperpage'] = 20;

			$mybb->settings['postsperpage'] = 20;

		}

if(is_moderator($fid))

		}

if(is_moderator($fid))