Vergleich editpost.php - 1.8.9 - 1.8.21

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 11	Zeile 11
define("IN_MYBB", 1); define('THIS_SCRIPT', 'editpost.php');	define("IN_MYBB", 1); define('THIS_SCRIPT', 'editpost.php');
$templatelist = "editpost,previewpost,changeuserbox,codebuttons,post_attachments_attachment_postinsert,post_attachments_attachment_mod_unapprove,postbit_attachments_thumbnails,posticons"; $templatelist .= ",editpost_delete,forumdisplay_password_wrongpass,forumdisplay_password,editpost_reason,post_attachments_attachment_remove,post_attachments_update,post_subscription_method"; $templatelist .= ",postbit_avatar,postbit_find,postbit_pm,postbit_rep_button,postbit_www,postbit_email,postbit_reputation,postbit_warn,postbit_warninglevel,postbit_author_user,error_attacherror";	$templatelist = "editpost,previewpost,changeuserbox,codebuttons,post_attachments_attachment_postinsert,post_attachments_attachment_mod_unapprove,postbit_attachments_thumbnails,postbit_profilefield_multiselect_value"; $templatelist .= ",editpost_delete,forumdisplay_password_wrongpass,forumdisplay_password,editpost_reason,post_attachments_attachment_remove,post_attachments_update,post_subscription_method,postbit_profilefield_multiselect"; $templatelist .= ",postbit_avatar,postbit_find,postbit_pm,postbit_rep_button,postbit_www,postbit_email,postbit_reputation,postbit_warn,postbit_warninglevel,postbit_author_user,posticons";
$templatelist .= ",postbit_signature,postbit_classic,postbit,postbit_attachments_thumbnails_thumbnail,postbit_attachments_images_image,postbit_attachments_attachment,postbit_attachments_attachment_unapproved"; $templatelist .= ",posticons_icon,post_prefixselect_prefix,post_prefixselect_single,newthread_postpoll,editpost_disablesmilies,post_attachments_attachment_mod_approve,post_attachments_attachment_unapproved"; $templatelist .= ",postbit_warninglevel_formatted,postbit_reputation_formatted_link,editpost_signature,attachment_icon,post_attachments_attachment,post_attachments_add,post_attachments,editpost_postoptions";	$templatelist .= ",postbit_signature,postbit_classic,postbit,postbit_attachments_thumbnails_thumbnail,postbit_attachments_images_image,postbit_attachments_attachment,postbit_attachments_attachment_unapproved"; $templatelist .= ",posticons_icon,post_prefixselect_prefix,post_prefixselect_single,newthread_postpoll,editpost_disablesmilies,post_attachments_attachment_mod_approve,post_attachments_attachment_unapproved"; $templatelist .= ",postbit_warninglevel_formatted,postbit_reputation_formatted_link,editpost_signature,attachment_icon,post_attachments_attachment,post_attachments_add,post_attachments,editpost_postoptions";
Zeile 49	Zeile 49
$post = get_post($pid); }	$post = get_post($pid); }
if(!$post)	if(!$post \|\| ($post['visible'] == -1 && $mybb->input['action'] != "restorepost"))
{ error($lang->error_invalidpost); }	{ error($lang->error_invalidpost); }
Zeile 71	Zeile 71
if($thread['visible'] == 0 && !is_moderator($fid, "canviewunapprove") \|\| $thread['visible'] == -1 && !is_moderator($fid, "canviewdeleted") \|\| ($thread['visible'] < -1 && $thread['uid'] != $mybb->user['uid'])) {	if($thread['visible'] == 0 && !is_moderator($fid, "canviewunapprove") \|\| $thread['visible'] == -1 && !is_moderator($fid, "canviewdeleted") \|\| ($thread['visible'] < -1 && $thread['uid'] != $mybb->user['uid'])) {
error($lang->error_invalidthread);	if($thread['visible'] == 0 && !($mybb->settings['showownunapproved'] && $thread['uid'] == $mybb->user['uid'])) { error($lang->error_invalidthread); }
} if(!$forum \|\| $forum['type'] != "f") {	} if(!$forum \|\| $forum['type'] != "f") {
Zeile 131	Zeile 134
{ error_no_permission(); }	{ error_no_permission(); }
// User can't delete unapproved post if($post['visible'] == 0)	// User can't delete unapproved post unless allowed for own if($post['visible'] == 0 && !($mybb->settings['showownunapproved'] && $post['uid'] == $mybb->user['uid']))
{ error_no_permission(); }	{ error_no_permission(); }
Zeile 173	Zeile 176
error($lang->edit_time_limit); } // User can't edit unapproved post	error($lang->edit_time_limit); } // User can't edit unapproved post
if($post['visible'] == 0 \|\| $post['visible'] == -1)	if(($post['visible'] == 0 && !($mybb->settings['showownunapproved'] && $post['uid'] == $mybb->user['uid'])) \|\| $post['visible'] == -1)
{ error_no_permission(); }	{ error_no_permission(); }
Zeile 185	Zeile 188
if((empty($_POST) && empty($_FILES)) && $mybb->get_input('processed', MyBB::INPUT_INT) == '1') {	if((empty($_POST) && empty($_FILES)) && $mybb->get_input('processed', MyBB::INPUT_INT) == '1') {
error($lang->error_cannot_upload_php_post);	error($lang->error_empty_post_input);
} $attacherror = '';	} $attacherror = '';
Zeile 194	Zeile 197
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
// If there's an attachment, check it and upload it if($_FILES['attachment']['size'] > 0 && $forumpermissions['canpostattachments'] != 0)	if($pid)
{	{
$query = $db->simple_select("attachments", "aid", "filename='".$db->escape_string($_FILES['attachment']['name'])."' AND pid='{$pid}'"); $updateattach = $db->fetch_field($query, "aid"); $update_attachment = false; if($updateattach > 0 && $mybb->get_input('updateattachment') && ($mybb->usergroup['caneditattachments'] \|\| $forumpermissions['caneditattachments'])) { $update_attachment = true; } $attachedfile = upload_attachment($_FILES['attachment'], $update_attachment); } if(!empty($attachedfile['error'])) { eval("\$attacherror = \"".$templates->get("error_attacherror")."\";"); $mybb->input['action'] = "editpost";	$attachwhere = "pid='{$pid}'";
}	}
	else { $attachwhere = "posthash='".$db->escape_string($mybb->get_input('posthash'))."'"; } $ret = add_attachments($pid, $forumpermissions, $attachwhere, "editpost"); if(!empty($ret['errors'])) { $errors = $ret['errors']; } // Do we have attachment errors? if(!empty($errors)) { $attacherror = inline_error($errors); } // If we were dealing with an attachment but didn't click 'Update Post', force the post edit page again.
if(!isset($mybb->input['submit']))	if(!isset($mybb->input['submit']))
{	{
$mybb->input['action'] = "editpost"; } }	$mybb->input['action'] = "editpost"; } }
Zeile 222	Zeile 230
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));

$mybb->input['attachmentaid'] = $mybb->get_input('attachmentaid', MyBB::INPUT_INT); if($mybb->input['attachmentact'] == "remove") {	$mybb->input['attachmentaid'] = $mybb->get_input('attachmentaid', MyBB::INPUT_INT); if($mybb->input['attachmentact'] == "remove") {
Zeile 231	Zeile 239
elseif($mybb->get_input('attachmentact') == "approve" && is_moderator($fid, 'canapproveunapproveattachs')) { $update_sql = array("visible" => 1);	elseif($mybb->get_input('attachmentact') == "approve" && is_moderator($fid, 'canapproveunapproveattachs')) { $update_sql = array("visible" => 1);
$db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");	$db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'");
update_thread_counters($post['tid'], array('attachmentcount' => "+1")); } elseif($mybb->get_input('attachmentact') == "unapprove" && is_moderator($fid, 'canapproveunapproveattachs'))	update_thread_counters($post['tid'], array('attachmentcount' => "+1")); } elseif($mybb->get_input('attachmentact') == "unapprove" && is_moderator($fid, 'canapproveunapproveattachs'))
{	{
$update_sql = array("visible" => 0); $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'"); update_thread_counters($post['tid'], array('attachmentcount' => "-1")); }	$update_sql = array("visible" => 0); $db->update_query("attachments", $update_sql, "aid='{$mybb->input['attachmentaid']}'"); update_thread_counters($post['tid'], array('attachmentcount' => "-1")); }
	if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1) { header("Content-type: application/json; charset={$lang->settings['charset']}"); echo json_encode(array("success" => true)); exit(); }
if(!isset($mybb->input['submit'])) { $mybb->input['action'] = "editpost";	if(!isset($mybb->input['submit'])) { $mybb->input['action'] = "editpost";
Zeile 294	Zeile 310
header("Content-type: application/json; charset={$lang->settings['charset']}"); if(is_moderator($fid, "canviewdeleted")) {	header("Content-type: application/json; charset={$lang->settings['charset']}"); if(is_moderator($fid, "canviewdeleted")) {
echo json_encode(array("data" => '1'));	echo json_encode(array("data" => '1', "first" => '1'));
} else {	} else {
Zeile 349	Zeile 365
header("Content-type: application/json; charset={$lang->settings['charset']}"); if(is_moderator($fid, "canviewdeleted")) {	header("Content-type: application/json; charset={$lang->settings['charset']}"); if(is_moderator($fid, "canviewdeleted")) {
echo json_encode(array("data" => '1'));	echo json_encode(array("data" => '1', "first" => '0'));
} else {	} else {
Zeile 407	Zeile 423
if($mybb->input['ajax'] == 1) { header("Content-type: application/json; charset={$lang->settings['charset']}");	if($mybb->input['ajax'] == 1) { header("Content-type: application/json; charset={$lang->settings['charset']}");
echo json_encode(array("data" => '1'));	echo json_encode(array("data" => '1', "first" => '1'));
} else {	} else {
Zeile 433	Zeile 449
if($mybb->input['ajax'] == 1) { header("Content-type: application/json; charset={$lang->settings['charset']}");	if($mybb->input['ajax'] == 1) { header("Content-type: application/json; charset={$lang->settings['charset']}");
echo json_encode(array("data" => '1'));	echo json_encode(array("data" => '1', "first" => '0'));
} else {	} else {
Zeile 591	Zeile 607
if(is_moderator($fid)) { if($attachment['visible'] == 1)	if(is_moderator($fid)) { if($attachment['visible'] == 1)
{	{
eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_unapprove")."\";"); } else	eval("\$attach_mod_options = \"".$templates->get("post_attachments_attachment_mod_unapprove")."\";"); } else
Zeile 616	Zeile 632
$query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'"); $usage = $db->fetch_array($query); if($usage['ausage'] > ($mybb->usergroup['attachquota']*1024) && $mybb->usergroup['attachquota'] != 0)	$query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'"); $usage = $db->fetch_array($query); if($usage['ausage'] > ($mybb->usergroup['attachquota']*1024) && $mybb->usergroup['attachquota'] != 0)
{	{
$noshowattach = 1;	$noshowattach = 1;
} else	} else
{ $noshowattach = 0;	{ $noshowattach = 0;
}	}
if($mybb->usergroup['attachquota'] == 0) { $friendlyquota = $lang->unlimited; } else	if($mybb->usergroup['attachquota'] == 0) { $friendlyquota = $lang->unlimited; } else
{	{
$friendlyquota = get_friendly_size($mybb->usergroup['attachquota']*1024);	$friendlyquota = get_friendly_size($mybb->usergroup['attachquota']*1024);
}	}
$friendlyusage = get_friendly_size($usage['ausage']); $lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyusage, $friendlyquota); if($mybb->settings['maxattachments'] == 0 \|\| ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach)	$friendlyusage = get_friendly_size($usage['ausage']); $lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyusage, $friendlyquota); if($mybb->settings['maxattachments'] == 0 \|\| ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach)
Zeile 641	Zeile 657
if(($mybb->usergroup['caneditattachments'] \|\| $forumpermissions['caneditattachments']) && $attachcount > 0) { eval("\$attach_update_options = \"".$templates->get("post_attachments_update")."\";");	if(($mybb->usergroup['caneditattachments'] \|\| $forumpermissions['caneditattachments']) && $attachcount > 0) { eval("\$attach_update_options = \"".$templates->get("post_attachments_update")."\";");
}	}
if($attach_add_options \|\| $attach_update_options) {	if($attach_add_options \|\| $attach_update_options) {
Zeile 654	Zeile 670
$message = $post['message']; $subject = $post['subject']; $reason = htmlspecialchars_uni($post['editreason']);	$message = $post['message']; $subject = $post['subject']; $reason = htmlspecialchars_uni($post['editreason']);
}	}
else	else
{	{
$message = $mybb->get_input('message'); $subject = $mybb->get_input('subject'); $reason = htmlspecialchars_uni($mybb->get_input('editreason'));	$message = $mybb->get_input('message'); $subject = $mybb->get_input('subject'); $reason = htmlspecialchars_uni($mybb->get_input('editreason'));
}	} $previewmessage = $message; $previewsubject = $subject; $message = htmlspecialchars_uni($message); $subject = htmlspecialchars_uni($subject);
if(!isset($post_errors)) { $post_errors = ''; }	if(!isset($post_errors)) { $post_errors = ''; }
$postoptions_subscriptionmethod_dont = $postoptions_subscriptionmethod_none = $postoptions_subscriptionmethod_email = $postoptions_subscriptionmethod_pm = '';	$subscribe = $nonesubscribe = $emailsubscribe = $pmsubscribe = '';
$postoptionschecked = array('signature' => '', 'disablesmilies' => ''); if(!empty($mybb->input['previewpost']) \|\| $post_errors)	$postoptionschecked = array('signature' => '', 'disablesmilies' => ''); if(!empty($mybb->input['previewpost']) \|\| $post_errors)
Zeile 693	Zeile 714
if(!isset($postoptions['signature'])) { $postoptions['signature'] = 0;	if(!isset($postoptions['signature'])) { $postoptions['signature'] = 0;
}	}
if(!isset($postoptions['emailnotify'])) { $postoptions['emailnotify'] = 0;	if(!isset($postoptions['emailnotify'])) { $postoptions['emailnotify'] = 0;
Zeile 722	Zeile 743
} else {	} else {
$previewmessage = $message; $previewsubject = $subject; $message = htmlspecialchars_uni($message); $subject = htmlspecialchars_uni($subject);
$postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); if(isset($postoptions['signature']) && $postoptions['signature'] == 1) { $postoptionschecked['signature'] = " checked=\"checked\"";	$postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY); if(isset($postoptions['signature']) && $postoptions['signature'] == 1) { $postoptionschecked['signature'] = " checked=\"checked\"";
} if(isset($postoptions['subscriptionmethod']) && $postoptions['subscriptionmethod'] == "none") { $postoptions_subscriptionmethod_none = "checked=\"checked\""; } else if(isset($postoptions['subscriptionmethod']) && $postoptions['subscriptionmethod'] == "email") { $postoptions_subscriptionmethod_email = "checked=\"checked\""; } else if(isset($postoptions['subscriptionmethod']) && $postoptions['subscriptionmethod'] == "pm") { $postoptions_subscriptionmethod_pm = "checked=\"checked\""; } else { $postoptions_subscriptionmethod_dont = "checked=\"checked\""; } if(isset($postoptions['disablesmilies']) && $postoptions['disablesmilies'] == 1) {	} if(isset($postoptions['disablesmilies']) && $postoptions['disablesmilies'] == 1) {
$postoptionschecked['disablesmilies'] = " checked=\"checked\""; }	$postoptionschecked['disablesmilies'] = " checked=\"checked\""; }
	$subscription_method = get_subscription_method($tid, $postoptions); ${$subscription_method.'subscribe'} = "checked=\"checked\" ";
} }	} }
Zeile 763	Zeile 766
if(!$post['uid']) { $query = $db->simple_select('posts', 'username, dateline', "pid='{$pid}'");	if(!$post['uid']) { $query = $db->simple_select('posts', 'username, dateline', "pid='{$pid}'");
$postinfo = $db->fetch_array($query); }	$postinfo = $db->fetch_array($query); }
else { // Figure out the poster's other information.	else { // Figure out the poster's other information.
Zeile 789	Zeile 792
if(!isset($postoptions['disablesmilies'])) { $postoptions['disablesmilies'] = 0;	if(!isset($postoptions['disablesmilies'])) { $postoptions['disablesmilies'] = 0;
}	}
// Set the values of the post info array. $postinfo['message'] = $previewmessage;	// Set the values of the post info array. $postinfo['message'] = $previewmessage;
Zeile 802	Zeile 805
} else if(!$post_errors) {	} else if(!$post_errors) {
$message = htmlspecialchars_uni($message); $subject = htmlspecialchars_uni($subject);
$preview = '';	$preview = '';

if($post['includesig'] != 0) { $postoptionschecked['signature'] = " checked=\"checked\"";	if($post['includesig'] != 0) { $postoptionschecked['signature'] = " checked=\"checked\"";
}	}
if($post['smilieoff'] == 1)	if($post['smilieoff'] == 1)
{	{
$postoptionschecked['disablesmilies'] = " checked=\"checked\"";	$postoptionschecked['disablesmilies'] = " checked=\"checked\"";
} $query = $db->simple_select("threadsubscriptions", "notification", "tid='{$tid}' AND uid='{$mybb->user['uid']}'"); if($db->num_rows($query) > 0) { $notification = $db->fetch_field($query, 'notification');	}

if($notification == 0) { $postoptions_subscriptionmethod_none = "checked=\"checked\""; } else if($notification == 1) { $postoptions_subscriptionmethod_email = "checked=\"checked\""; } else if($notification == 2) { $postoptions_subscriptionmethod_pm = "checked=\"checked\""; } else { $postoptions_subscriptionmethod_dont = "checked=\"checked\""; } }	$subscription_method = get_subscription_method($tid, $postoptions); ${$subscription_method.'subscribe'} = "checked=\"checked\" ";
} // Generate thread prefix selector if this is the first post of the thread	} // Generate thread prefix selector if this is the first post of the thread
Zeile 937	Zeile 917
eval('$moderation_notice = "'.$templates->get('global_moderation_notice').'";'); } }	eval('$moderation_notice = "'.$templates->get('global_moderation_notice').'";'); } }
	$php_max_upload_filesize = return_bytes(ini_get('max_upload_filesize')); $php_post_max_size = return_bytes(ini_get('post_max_size')); if ($php_max_upload_filesize != 0 && $php_post_max_size != 0) { $php_max_upload_size = min($php_max_upload_filesize, $php_post_max_size); } else { $php_max_upload_size = max($php_max_upload_filesize, $php_post_max_size); } $php_max_file_uploads = (int)ini_get('max_file_uploads'); eval("\$post_javascript = \"".$templates->get("post_javascript")."\";");
$plugins->run_hooks("editpost_end");	$plugins->run_hooks("editpost_end");