Vergleich newreply.php - 1.8.24 - 1.8.28

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 24Zeile 24
require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";
require_once MYBB_ROOT."inc/functions_user.php";

require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";
require_once MYBB_ROOT."inc/functions_user.php";

 
require_once MYBB_ROOT."inc/functions_upload.php";

require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;


require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;


Zeile 203Zeile 204

$errors = array();
$maximageserror = $attacherror = '';


$errors = array();
$maximageserror = $attacherror = '';

if($mybb->settings['enableattachments'] == 1 && ($mybb->get_input('newattachment') || $mybb->get_input('updateattachment') || ((($mybb->input['action'] == "do_newreply" && $mybb->get_input('submit')) || ($mybb->input['action'] == "newreply" && isset($mybb->input['previewpost'])) || isset($mybb->input['savedraft'])) && $_FILES['attachments'])))

if($mybb->settings['enableattachments'] == 1 && ($mybb->get_input('newattachment') || $mybb->get_input('updateattachment') || ((($mybb->input['action'] == "do_newreply" && $mybb->get_input('submit')) || ($mybb->input['action'] == "newreply" && isset($mybb->input['previewpost'])) || isset($mybb->input['savedraft'])) && !empty($_FILES['attachments']))))

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

Zeile 216Zeile 217
	{
$attachwhere = "posthash='".$db->escape_string($mybb->get_input('posthash'))."'";
}

	{
$attachwhere = "posthash='".$db->escape_string($mybb->get_input('posthash'))."'";
}


require_once MYBB_ROOT."inc/functions_upload.php";

 

$ret = add_attachments($pid, $forumpermissions, $attachwhere, "newreply");


$ret = add_attachments($pid, $forumpermissions, $attachwhere, "newreply");

 

if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1)
{
if(isset($ret['success']))
{
$attachment = array('aid'=>'{1}', 'icon'=>'{2}', 'filename'=>'{3}', 'size'=>'{4}');
if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0)
{
eval("\$postinsert = \"".$templates->get("post_attachments_attachment_postinsert")."\";");
}
eval("\$attach_rem_options = \"".$templates->get("post_attachments_attachment_remove")."\";");
eval("\$attemplate = \"".$templates->get("post_attachments_attachment")."\";");
$ret['template'] = $attemplate;

$query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'");
$usage = $db->fetch_array($query);
$ret['usage'] = get_friendly_size($usage['ausage']);
}

header("Content-type: application/json; charset={$lang->settings['charset']}");
echo json_encode($ret);
exit();
}


if(!empty($ret['errors']))
{


if(!empty($ret['errors']))
{

Zeile 242Zeile 264
	// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));


	// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));


	require_once MYBB_ROOT."inc/functions_upload.php";

 
	remove_attachment($pid, $mybb->get_input('posthash'), $mybb->get_input('attachmentaid', MyBB::INPUT_INT));

	remove_attachment($pid, $mybb->get_input('posthash'), $mybb->get_input('attachmentaid', MyBB::INPUT_INT));

 


	if(!$mybb->get_input('submit'))

	if(!$mybb->get_input('submit'))

	{

	{

		eval("\$editdraftpid = \"".$templates->get("newreply_draftinput")."\";");
$mybb->input['action'] = "newreply";
}

		eval("\$editdraftpid = \"".$templates->get("newreply_draftinput")."\";");
$mybb->input['action'] = "newreply";
}





	if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1)
{

	if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1)
{

 
		$query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'");
$usage = $db->fetch_array($query);


		header("Content-type: application/json; charset={$lang->settings['charset']}");

		header("Content-type: application/json; charset={$lang->settings['charset']}");

		echo json_encode(array("success" => true));

		echo json_encode(array("success" => true, "usage" => get_friendly_size($usage['ausage'])));

		exit();

		exit();

	}
}

$reply_errors = '';
$quoted_ids = array();
$hide_captcha = false;

	}
}

$reply_errors = $quoted_ids = '';
$hide_captcha = false;



// Check the maximum posts per day for this user
if($mybb->usergroup['maxposts'] > 0)


// Check the maximum posts per day for this user
if($mybb->usergroup['maxposts'] > 0)

Zeile 273Zeile 297
		$lang->error_maxposts = $lang->sprintf($lang->error_maxposts, $mybb->usergroup['maxposts']);
error($lang->error_maxposts);
}

		$lang->error_maxposts = $lang->sprintf($lang->error_maxposts, $mybb->usergroup['maxposts']);
error($lang->error_maxposts);
}

 
}

if(!$mybb->settings['postsperpage'] || (int)$mybb->settings['postsperpage'] < 1)
{
$mybb->settings['postsperpage'] = 20;

}

if($mybb->input['action'] == "do_newreply" && $mybb->request_method == "post")

}

if($mybb->input['action'] == "do_newreply" && $mybb->request_method == "post")

Zeile 299Zeile 328


if($mybb->settings['stopforumspam_on_newreply'])



if($mybb->settings['stopforumspam_on_newreply'])

		{

		{

			require_once MYBB_ROOT . '/inc/class_stopforumspamchecker.php';

$stop_forum_spam_checker = new StopForumSpamChecker(

			require_once MYBB_ROOT . '/inc/class_stopforumspamchecker.php';

$stop_forum_spam_checker = new StopForumSpamChecker(

Zeile 349Zeile 378
	if(!$mybb->get_input('savedraft'))
{
$query = $db->simple_select("posts p", "p.pid, p.visible", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='".$db->escape_string($mybb->get_input('subject'))."' AND p.message='".$db->escape_string($mybb->get_input('message'))."' AND p.visible > -1 AND p.dateline>".(TIME_NOW-600));

	if(!$mybb->get_input('savedraft'))
{
$query = $db->simple_select("posts p", "p.pid, p.visible", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='".$db->escape_string($mybb->get_input('subject'))."' AND p.message='".$db->escape_string($mybb->get_input('message'))."' AND p.visible > -1 AND p.dateline>".(TIME_NOW-600));

		$duplicate_check = $db->fetch_field($query, "pid");
if($duplicate_check)

		if($db->num_rows($query) > 0)


		{
error($lang->error_post_already_submitted);
}

		{
error($lang->error_post_already_submitted);
}

Zeile 359Zeile 387
	// Set up posthandler.
require_once MYBB_ROOT."inc/datahandlers/post.php";
$posthandler = new PostDataHandler("insert");

	// Set up posthandler.
require_once MYBB_ROOT."inc/datahandlers/post.php";
$posthandler = new PostDataHandler("insert");





	// Set the post data that came from the input to the $post array.
$post = array(
"tid" => $mybb->get_input('tid', MyBB::INPUT_INT),

	// Set the post data that came from the input to the $post array.
$post = array(
"tid" => $mybb->get_input('tid', MyBB::INPUT_INT),

Zeile 377Zeile 405
	if(isset($mybb->input['pid']))
{
$post['pid'] = $mybb->get_input('pid', MyBB::INPUT_INT);

	if(isset($mybb->input['pid']))
{
$post['pid'] = $mybb->get_input('pid', MyBB::INPUT_INT);

	}


	}


	// Are we saving a draft post?
if($mybb->get_input('savedraft') && $mybb->user['uid'])
{

	// Are we saving a draft post?
if($mybb->get_input('savedraft') && $mybb->user['uid'])
{

Zeile 428Zeile 456
	// Mark thread as read
require_once MYBB_ROOT."inc/functions_indicators.php";
mark_thread_read($tid, $fid);

	// Mark thread as read
require_once MYBB_ROOT."inc/functions_indicators.php";
mark_thread_read($tid, $fid);

 

$json_data = '';


// Check captcha image
if($mybb->settings['captchaimage'] && !$mybb->user['uid'])


// Check captcha image
if($mybb->settings['captchaimage'] && !$mybb->user['uid'])

Zeile 446Zeile 476
		else
{
$hide_captcha = true;

		else
{
$hide_captcha = true;

		}


		}


		if($mybb->get_input('ajax', MyBB::INPUT_INT) && $post_captcha->type == 1)
{
$randomstr = random_str(5);
$imagehash = md5(random_str(12));

		if($mybb->get_input('ajax', MyBB::INPUT_INT) && $post_captcha->type == 1)
{
$randomstr = random_str(5);
$imagehash = md5(random_str(12));





			$imagearray = array(
"imagehash" => $imagehash,
"imagestring" => $randomstr,

			$imagearray = array(
"imagehash" => $imagehash,
"imagestring" => $randomstr,

Zeile 460Zeile 490
			);

$db->insert_query("captcha", $imagearray);

			);

$db->insert_query("captcha", $imagearray);





			//header("Content-type: text/html; charset={$lang->settings['charset']}");
$data = '';
$data .= "<captcha>$imagehash";

			//header("Content-type: text/html; charset={$lang->settings['charset']}");
$data = '';
$data .= "<captcha>$imagehash";





			if($hide_captcha)
{
$data .= "|$randomstr";
}

			if($hide_captcha)
{
$data .= "|$randomstr";
}





			$data .= "</captcha>";

//header("Content-type: application/json; charset={$lang->settings['charset']}");
$json_data = array("data" => $data);

			$data .= "</captcha>";

//header("Content-type: application/json; charset={$lang->settings['charset']}");
$json_data = array("data" => $data);

		}
}


		}
}


	// One or more errors returned, fetch error list and throw to newreply page
if(count($post_errors) > 0)

	// One or more errors returned, fetch error list and throw to newreply page
if(count($post_errors) > 0)

	{

	{

		$reply_errors = inline_error($post_errors, '', $json_data);
$mybb->input['action'] = "newreply";
}

		$reply_errors = inline_error($post_errors, '', $json_data);
$mybb->input['action'] = "newreply";
}

Zeile 488Zeile 518
		$postinfo = $posthandler->insert_post();
$pid = $postinfo['pid'];
$visible = $postinfo['visible'];

		$postinfo = $posthandler->insert_post();
$pid = $postinfo['pid'];
$visible = $postinfo['visible'];

		$closed = $postinfo['closed'];










if(isset($postinfo['closed']))
{
$closed = $postinfo['closed'];
}
else
{
$closed = '';
}


// Invalidate solved captcha
if($mybb->settings['captchaimage'] && !$mybb->user['uid'])


// Invalidate solved captcha
if($mybb->settings['captchaimage'] && !$mybb->user['uid'])

Zeile 588Zeile 626
					{
redirect(get_thread_link($tid, 0, "lastpost"));
}

					{
redirect(get_thread_link($tid, 0, "lastpost"));
}

				}

if(!$mybb->settings['postsperpage'] || (int)$mybb->settings['postsperpage'] < 1)
{
$mybb->settings['postsperpage'] = 20;

 
				}

// Lets see if this post is on the same page as the one we're viewing or not
// if it isn't, redirect us

				}

// Lets see if this post is on the same page as the one we're viewing or not
// if it isn't, redirect us

				if($perpage > 0 && (($postcounter) % $perpage) == 0)
{
$post_page = ($postcounter) / $mybb->settings['postsperpage'];

				if($mybb->settings['postsperpage'] > 0)
{
$post_page = ceil(($postcounter + 1) / $mybb->settings['postsperpage']);

				}
else

				}
else

				{
$post_page = (int)($postcounter / $mybb->settings['postsperpage']) + 1;

				{
$post_page = 1;

				}

if($post_page > $mybb->get_input('from_page', MyBB::INPUT_INT))
{
redirect(get_thread_link($tid, 0, "lastpost"));

				}

if($post_page > $mybb->get_input('from_page', MyBB::INPUT_INT))
{
redirect(get_thread_link($tid, 0, "lastpost"));

					exit;

					exit;

				}

// Return the post HTML and display it inline

				}

// Return the post HTML and display it inline

Zeile 632Zeile 665

// Establish altbg - may seem like this is backwards, but build_postbit reverses it
if(($postcounter - $mybb->settings['postsperpage']) % 2 != 0)


// Establish altbg - may seem like this is backwards, but build_postbit reverses it
if(($postcounter - $mybb->settings['postsperpage']) % 2 != 0)

				{

				{

					$altbg = "trow1";

					$altbg = "trow1";

				}

				}

				else

				else

				{

				{

					$altbg = "trow2";
}


					$altbg = "trow2";
}


Zeile 644Zeile 677
				if($lang->settings['charset'])
{
$charset = $lang->settings['charset'];

				if($lang->settings['charset'])
{
$charset = $lang->settings['charset'];

				}

				}


require_once MYBB_ROOT."inc/functions_post.php";
$pid = $post['pid'];


require_once MYBB_ROOT."inc/functions_post.php";
$pid = $post['pid'];

Zeile 691Zeile 724
			$lang->redirect_newreply .= $lang->sprintf($lang->redirect_return_forum, get_forum_link($fid));
redirect($url, $lang->redirect_newreply, "", $force_redirect);
exit;

			$lang->redirect_newreply .= $lang->sprintf($lang->redirect_return_forum, get_forum_link($fid));
redirect($url, $lang->redirect_newreply, "", $force_redirect);
exit;

		}
}

		}
}

}

// Show the newreply form.

}

// Show the newreply form.

Zeile 726Zeile 759
		{
$external_quotes = 0;
$quoted_posts = implode(",", $quoted_posts);

		{
$external_quotes = 0;
$quoted_posts = implode(",", $quoted_posts);

 
			$quoted_ids = array();

			$unviewable_forums = get_unviewable_forums();
$inactiveforums = get_inactive_forums();
if($unviewable_forums)

			$unviewable_forums = get_unviewable_forums();
$inactiveforums = get_inactive_forums();
if($unviewable_forums)

Zeile 1113Zeile 1147
		{
$friendlyquota = get_friendly_size($mybb->usergroup['attachquota']*1024);
}

		{
$friendlyquota = get_friendly_size($mybb->usergroup['attachquota']*1024);
}

 
		$lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyquota);





		$lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyquota);

		$link_viewattachments = '';

		if($usage['ausage'] !== NULL)

		if($usage['ausage'] !== NULL)

		{

		{

			$friendlyusage = get_friendly_size($usage['ausage']);
$lang->attach_usage = $lang->sprintf($lang->attach_usage, $friendlyusage);
eval("\$link_viewattachments = \"".$templates->get("post_attachments_viewlink")."\";");

			$friendlyusage = get_friendly_size($usage['ausage']);
$lang->attach_usage = $lang->sprintf($lang->attach_usage, $friendlyusage);
eval("\$link_viewattachments = \"".$templates->get("post_attachments_viewlink")."\";");

		}

		}

		else
{
$lang->attach_usage = "";
}

		else
{
$lang->attach_usage = "";
}

		



$attach_add_options = '';

		if($mybb->settings['maxattachments'] == 0 || ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach)

		if($mybb->settings['maxattachments'] == 0 || ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !$noshowattach)

		{

		{

			eval("\$attach_add_options = \"".$templates->get("post_attachments_add")."\";");
}


			eval("\$attach_add_options = \"".$templates->get("post_attachments_add")."\";");
}


 
		$attach_update_options = '';

		if(($mybb->usergroup['caneditattachments'] || $forumpermissions['caneditattachments']) && $attachcount > 0)
{
eval("\$attach_update_options = \"".$templates->get("post_attachments_update")."\";");

		if(($mybb->usergroup['caneditattachments'] || $forumpermissions['caneditattachments']) && $attachcount > 0)
{
eval("\$attach_update_options = \"".$templates->get("post_attachments_update")."\";");

		}

		}


if($attach_add_options || $attach_update_options)
{


if($attach_add_options || $attach_update_options)
{

Zeile 1142Zeile 1179
		}

eval("\$attachbox = \"".$templates->get("post_attachments")."\";");

		}

eval("\$attachbox = \"".$templates->get("post_attachments")."\";");

 
	}
else
{
$attachbox = '';

	}

// If the user is logged in, provide a save draft button.

	}

// If the user is logged in, provide a save draft button.

Zeile 1173Zeile 1214

if(!$correct)
{


if(!$correct)
{

			if($post_captcha->type == 1)

			if($post_captcha->type == captcha::DEFAULT_CAPTCHA)

			{
$post_captcha->build_captcha();
}

			{
$post_captcha->build_captcha();
}

			elseif(in_array($post_captcha->type, array(4, 5, 8)))

			elseif(in_array($post_captcha->type, array(captcha::NOCAPTCHA_RECAPTCHA, captcha::RECAPTCHA_INVISIBLE, captcha::RECAPTCHA_V3)))

			{
$post_captcha->build_recaptcha();
}

			{
$post_captcha->build_recaptcha();
}

			elseif(in_array($post_captcha->type, array(6, 7)))

			elseif(in_array($post_captcha->type, array(captcha::HCAPTCHA, captcha::HCAPTCHA_INVISIBLE)))

			{
$post_captcha->build_hcaptcha();
}
}

			{
$post_captcha->build_hcaptcha();
}
}

		else if($correct && (in_array($post_captcha->type, array(4, 5, 8))))

		else if($correct && (in_array($post_captcha->type, array(captcha::NOCAPTCHA_RECAPTCHA, captcha::RECAPTCHA_INVISIBLE, captcha::RECAPTCHA_V3))))

		{
$post_captcha->build_recaptcha();
}

		{
$post_captcha->build_recaptcha();
}

		else if($correct && (in_array($post_captcha->type, array(6, 7))))

		else if($correct && (in_array($post_captcha->type, array(captcha::HCAPTCHA, captcha::HCAPTCHA_INVISIBLE))))

		{
$post_captcha->build_hcaptcha();
}

		{
$post_captcha->build_hcaptcha();
}

Zeile 1204Zeile 1245
	$reviewmore = '';
if($mybb->settings['threadreview'] != 0)
{

	$reviewmore = '';
if($mybb->settings['threadreview'] != 0)
{

		if(!$mybb->settings['postsperpage'] || (int)$mybb->settings['postsperpage'] < 1)
{
$mybb->settings['postsperpage'] = 20;
}

if(is_moderator($fid, "canviewunapprove") || $mybb->settings['showownunapproved'])

		if(is_moderator($fid, "canviewunapprove") || $mybb->settings['showownunapproved'])






		{
$visibility = "(visible='1' OR visible='0')";

		{
$visibility = "(visible='1' OR visible='0')";

		}

		}

		else
{
$visibility = "visible='1'";

		else
{
$visibility = "visible='1'";

		}

		}

		$query = $db->simple_select("posts", "COUNT(pid) AS post_count", "tid='{$tid}' AND {$visibility}");
$numposts = $db->fetch_field($query, "post_count");

		$query = $db->simple_select("posts", "COUNT(pid) AS post_count", "tid='{$tid}' AND {$visibility}");
$numposts = $db->fetch_field($query, "post_count");


if(!$mybb->settings['postsperpage'] || (int)$mybb->settings['postsperpage'] < 1)
{
$mybb->settings['postsperpage'] = 20;
}

 

if($numposts > $mybb->settings['postsperpage'])
{


if($numposts > $mybb->settings['postsperpage'])
{

Zeile 1232Zeile 1263
			eval("\$reviewmore = \"".$templates->get("newreply_threadreview_more")."\";");
}


			eval("\$reviewmore = \"".$templates->get("newreply_threadreview_more")."\";");
}


		$query = $db->simple_select("posts", "pid", "tid='{$tid}' AND {$visibility}", array("order_by" => "dateline", "order_dir" => "desc", "limit" => $mybb->settings['postsperpage']));

		$query = $db->simple_select("posts", "pid", "tid='{$tid}' AND {$visibility}", array("order_by" => "dateline DESC, pid DESC", "limit" => $mybb->settings['postsperpage']));

		while($post = $db->fetch_array($query))
{
$pidin[] = $post['pid'];

		while($post = $db->fetch_array($query))
{
$pidin[] = $post['pid'];

Zeile 1251Zeile 1282
			FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid)
WHERE pid IN ($pidin)

			FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."users u ON (p.uid=u.uid)
WHERE pid IN ($pidin)

			ORDER BY dateline DESC

			ORDER BY dateline DESC, pid DESC

		");
$postsdone = 0;
$altbg = "trow1";

		");
$postsdone = 0;
$altbg = "trow1";

Zeile 1277Zeile 1308
				$parser_options['allow_smilies'] = 0;
}


				$parser_options['allow_smilies'] = 0;
}


			if($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0)

			if($mybb->user['uid'] != 0 && $mybb->user['showimages'] != 1 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0)

			{
$parser_options['allow_imgcode'] = 0;
}


			{
$parser_options['allow_imgcode'] = 0;
}


			if($mybb->user['showvideos'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestvideos'] != 1 && $mybb->user['uid'] == 0)

			if($mybb->user['uid'] != 0 && $mybb->user['showvideos'] != 1 || $mybb->settings['guestvideos'] != 1 && $mybb->user['uid'] == 0)

			{
$parser_options['allow_videocode'] = 0;
}

			{
$parser_options['allow_videocode'] = 0;
}

Zeile 1471Zeile 1502
		}
}


		}
}


	$php_max_upload_filesize = return_bytes(ini_get('max_upload_filesize'));
$php_post_max_size = return_bytes(ini_get('post_max_size'));

if ($php_max_upload_filesize != 0 && $php_post_max_size != 0)
{
$php_max_upload_size = min($php_max_upload_filesize, $php_post_max_size);
}
else
{
$php_max_upload_size = max($php_max_upload_filesize, $php_post_max_size);
}


	$php_max_upload_size = get_php_upload_limit();












	$php_max_file_uploads = (int)ini_get('max_file_uploads');
eval("\$post_javascript = \"".$templates->get("post_javascript")."\";");


	$php_max_file_uploads = (int)ini_get('max_file_uploads');
eval("\$post_javascript = \"".$templates->get("post_javascript")."\";");