| Zeile 23 | Zeile 23 |
|---|
require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";
require_once MYBB_ROOT."inc/functions_user.php";
|
require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";
require_once MYBB_ROOT."inc/functions_user.php";
|
| | require_once MYBB_ROOT."inc/functions_upload.php";
|
// Load global language phrases
$lang->load("newthread");
|
// Load global language phrases
$lang->load("newthread");
|
| Zeile 35 | Zeile 36 |
|---|
{
$thread = get_thread($mybb->input['tid']);
|
{
$thread = get_thread($mybb->input['tid']);
|
$query = $db->simple_select("posts", "*", "tid='".$mybb->get_input('tid', MyBB::INPUT_INT)."' AND visible='-2'", array('order_by' => 'dateline', 'limit' => 1));
| $query = $db->simple_select("posts", "*", "tid='".$mybb->input['tid']."' AND visible='-2'", array('order_by' => 'dateline, pid', 'limit' => 1));
|
$post = $db->fetch_array($query);
|
$post = $db->fetch_array($query);
|
if(!$thread['tid'] || !$post['pid'] || $thread['visible'] != -2 || $thread['uid'] != $mybb->user['uid'])
| if(!$thread || !$post || $thread['visible'] != -2 || $thread['uid'] != $mybb->user['uid'])
|
{
error($lang->invalidthread);
}
| {
error($lang->invalidthread);
}
|
| Zeile 94 | Zeile 95 |
|---|
check_forum_password($forum['fid']);
// If MyCode is on for this forum and the MyCode editor is enabled in the Admin CP, draw the code buttons and smilie inserter.
|
check_forum_password($forum['fid']);
// If MyCode is on for this forum and the MyCode editor is enabled in the Admin CP, draw the code buttons and smilie inserter.
|
| | $codebuttons = '';
$smilieinserter = '';
|
if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && (!$mybb->user['uid'] || $mybb->user['showcodebuttons'] != 0))
{
$codebuttons = build_mycode_inserter("message", $forum['allowsmilies']);
| if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && (!$mybb->user['uid'] || $mybb->user['showcodebuttons'] != 0))
{
$codebuttons = build_mycode_inserter("message", $forum['allowsmilies']);
|
| Zeile 102 | Zeile 105 |
|---|
$smilieinserter = build_clickable_smilies();
}
}
|
$smilieinserter = build_clickable_smilies();
}
}
|
| |
$posticons = '';
|
// Does this forum allow post icons? If so, fetch the post icons.
if($forum['allowpicons'] != 0)
{
$posticons = get_post_icons();
|
// Does this forum allow post icons? If so, fetch the post icons.
if($forum['allowpicons'] != 0)
{
$posticons = get_post_icons();
|
}
| }
|
// If we have a currently logged in user then fetch the change user box.
if($mybb->user['uid'] != 0)
{
| // If we have a currently logged in user then fetch the change user box.
if($mybb->user['uid'] != 0)
{
|
| Zeile 118 | Zeile 123 |
|---|
// Otherwise we have a guest, determine the "username" and get the login box.
else
|
// Otherwise we have a guest, determine the "username" and get the login box.
else
|
{
| {
|
if(!isset($mybb->input['previewpost']) && $mybb->input['action'] != "do_newthread")
{
$username = '';
| if(!isset($mybb->input['previewpost']) && $mybb->input['action'] != "do_newthread")
{
$username = '';
|
| Zeile 128 | Zeile 133 |
|---|
$username = htmlspecialchars_uni($mybb->get_input('username'));
}
eval("\$loginbox = \"".$templates->get("loginbox")."\";");
|
$username = htmlspecialchars_uni($mybb->get_input('username'));
}
eval("\$loginbox = \"".$templates->get("loginbox")."\";");
|
}
| }
|
// If we're not performing a new thread insert and not editing a draft then we're posting a new thread.
if($mybb->input['action'] != "do_newthread" && $mybb->input['action'] != "editdraft")
|
// If we're not performing a new thread insert and not editing a draft then we're posting a new thread.
if($mybb->input['action'] != "do_newthread" && $mybb->input['action'] != "editdraft")
|
{
$mybb->input['action'] = "newthread";
}
| {
$mybb->input['action'] = "newthread";
}
|
// Previewing a post, overwrite the action to the new thread action.
if(!empty($mybb->input['previewpost']))
|
// Previewing a post, overwrite the action to the new thread action.
if(!empty($mybb->input['previewpost']))
|
| Zeile 157 | Zeile 162 |
|---|
$maximageserror = $attacherror = '';
// Handle attachments if we've got any.
|
$maximageserror = $attacherror = '';
// Handle attachments if we've got any.
|
if($mybb->settings['enableattachments'] == 1 && ($mybb->get_input('newattachment') || $mybb->get_input('updateattachment') || ((($mybb->input['action'] == "do_newthread" && $mybb->get_input('submit')) || ($mybb->input['action'] == "newthread" && isset($mybb->input['previewpost'])) || isset($mybb->input['savedraft'])) && $_FILES['attachments'])))
| if($mybb->settings['enableattachments'] == 1 &&
($mybb->get_input('newattachment') || $mybb->get_input('updateattachment') ||
((($mybb->input['action'] == "do_newthread" && $mybb->get_input('submit')) ||
($mybb->input['action'] == "newthread" && isset($mybb->input['previewpost'])) ||
isset($mybb->input['savedraft'])) && isset($_FILES['attachments']))))
|
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));
| {
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));
|
| Zeile 167 | Zeile 176 |
|---|
$attachwhere = "pid='{$pid}'";
}
else
|
$attachwhere = "pid='{$pid}'";
}
else
|
{
| {
|
$attachwhere = "posthash='".$db->escape_string($mybb->get_input('posthash'))."'";
|
$attachwhere = "posthash='".$db->escape_string($mybb->get_input('posthash'))."'";
|
}
require_once MYBB_ROOT."inc/functions_upload.php";
| }
|
$ret = add_attachments($pid, $forumpermissions, $attachwhere, "newthread");
|
$ret = add_attachments($pid, $forumpermissions, $attachwhere, "newthread");
|
| |
if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1)
{
if(isset($ret['success']))
{
$attachment = array('aid'=>'{1}', 'icon'=>'{2}', 'filename'=>'{3}', 'size'=>'{4}');
if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0)
{
eval("\$postinsert = \"".$templates->get("post_attachments_attachment_postinsert")."\";");
}
eval("\$attach_rem_options = \"".$templates->get("post_attachments_attachment_remove")."\";");
$attach_mod_options = '';
eval("\$attemplate = \"".$templates->get("post_attachments_attachment")."\";");
$ret['template'] = $attemplate;
$query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'");
$usage = $db->fetch_array($query);
$ret['usage'] = get_friendly_size($usage['ausage']);
}
header("Content-type: application/json; charset={$lang->settings['charset']}");
echo json_encode($ret);
exit();
}
|
if(!empty($ret['errors']))
{
|
if(!empty($ret['errors']))
{
|
| Zeile 182 | Zeile 213 |
|---|
// If we were dealing with an attachment but didn't click 'Post Thread' or 'Save as Draft', force the new thread page again.
if(!$mybb->get_input('submit') && !$mybb->get_input('savedraft'))
|
// If we were dealing with an attachment but didn't click 'Post Thread' or 'Save as Draft', force the new thread page again.
if(!$mybb->get_input('submit') && !$mybb->get_input('savedraft'))
|
{
$mybb->input['action'] = "newthread";
}
| {
$mybb->input['action'] = "newthread";
}
|
}
|
}
|
detect_attachmentact();
| detect_attachmentact();
|
// Are we removing an attachment from the thread?
if($mybb->settings['enableattachments'] == 1 && $mybb->get_input('attachmentaid', MyBB::INPUT_INT) && $mybb->get_input('attachmentact') == "remove")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));
|
// Are we removing an attachment from the thread?
if($mybb->settings['enableattachments'] == 1 && $mybb->get_input('attachmentaid', MyBB::INPUT_INT) && $mybb->get_input('attachmentact') == "remove")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));
|
require_once MYBB_ROOT."inc/functions_upload.php";
|
|
remove_attachment($pid, $mybb->get_input('posthash'), $mybb->get_input('attachmentaid', MyBB::INPUT_INT));
|
remove_attachment($pid, $mybb->get_input('posthash'), $mybb->get_input('attachmentaid', MyBB::INPUT_INT));
|
| |
|
if(!$mybb->get_input('submit'))
{
$mybb->input['action'] = "newthread";
|
if(!$mybb->get_input('submit'))
{
$mybb->input['action'] = "newthread";
|
}
| }
|
if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1)
{
|
if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1)
{
|
| | $query = $db->simple_select("attachments", "SUM(filesize) AS ausage", "uid='".$mybb->user['uid']."'");
$usage = $db->fetch_array($query);
|
header("Content-type: application/json; charset={$lang->settings['charset']}");
|
header("Content-type: application/json; charset={$lang->settings['charset']}");
|
echo json_encode(array("success" => true));
| echo json_encode(array("success" => true, "usage" => get_friendly_size($usage['ausage'])));
|
exit();
}
}
| exit();
}
}
|
| Zeile 233 | Zeile 267 |
|---|
verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("newthread_do_newthread_start");
|
verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("newthread_do_newthread_start");
|
|
|
// If this isn't a logged in user, then we need to do some special validation.
if($mybb->user['uid'] == 0)
{
| // If this isn't a logged in user, then we need to do some special validation.
if($mybb->user['uid'] == 0)
{
|
| Zeile 300 | Zeile 334 |
|---|
if(!$mybb->get_input('savedraft') && !$pid)
{
$query = $db->simple_select("posts p", "p.pid", "$user_check AND p.fid='{$forum['fid']}' AND p.subject='".$db->escape_string($mybb->get_input('subject'))."' AND p.message='".$db->escape_string($mybb->get_input('message'))."' AND p.dateline>".(TIME_NOW-600));
|
if(!$mybb->get_input('savedraft') && !$pid)
{
$query = $db->simple_select("posts p", "p.pid", "$user_check AND p.fid='{$forum['fid']}' AND p.subject='".$db->escape_string($mybb->get_input('subject'))."' AND p.message='".$db->escape_string($mybb->get_input('message'))."' AND p.dateline>".(TIME_NOW-600));
|
$duplicate_check = $db->fetch_field($query, "pid");
if($duplicate_check)
| if($db->num_rows($query) > 0)
|
{
error($lang->error_post_already_submitted);
}
| {
error($lang->error_post_already_submitted);
}
|
| Zeile 567 | Zeile 600 |
|---|
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)
WHERE p.pid IN ({$quoted_posts}) {$unviewable_forums} {$inactiveforums} {$onlyusforums} {$visible_where}
|
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)
WHERE p.pid IN ({$quoted_posts}) {$unviewable_forums} {$inactiveforums} {$onlyusforums} {$visible_where}
|
ORDER BY p.dateline
| ORDER BY p.dateline, p.pid
|
");
while($quoted_post = $db->fetch_array($query))
{
| ");
while($quoted_post = $db->fetch_array($query))
{
|
| Zeile 614 | Zeile 647 |
|---|
}
if(isset($mybb->input['quoted_ids']))
|
}
if(isset($mybb->input['quoted_ids']))
|
{
| {
|
$quoted_ids = htmlspecialchars_uni($mybb->get_input('quoted_ids'));
}
| $quoted_ids = htmlspecialchars_uni($mybb->get_input('quoted_ids'));
}
|
| Zeile 645 | Zeile 678 |
|---|
}
$subscription_method = get_subscription_method($tid, $postoptions);
$numpolloptions = $mybb->get_input('numpolloptions', MyBB::INPUT_INT);
|
}
$subscription_method = get_subscription_method($tid, $postoptions);
$numpolloptions = $mybb->get_input('numpolloptions', MyBB::INPUT_INT);
|
}
| }
|
// Editing a draft thread
else if($mybb->input['action'] == "editdraft" && $mybb->user['uid'])
{
| // Editing a draft thread
else if($mybb->input['action'] == "editdraft" && $mybb->user['uid'])
{
|
| Zeile 667 | Zeile 700 |
|---|
$posticons = get_post_icons();
}
$subscription_method = get_subscription_method($tid); // Subscription method doesn't get saved in drafts
|
$posticons = get_post_icons();
}
$subscription_method = get_subscription_method($tid); // Subscription method doesn't get saved in drafts
|
| | $numpolloptions = "2";
|
}
// Otherwise, this is our initial visit to this page.
| }
// Otherwise, this is our initial visit to this page.
|
| Zeile 741 | Zeile 775 |
|---|
if($new_thread['uid'] == 0)
{
$valid_username = $posthandler->verify_author();
|
if($new_thread['uid'] == 0)
{
$valid_username = $posthandler->verify_author();
|
}
| }
|
else
{
$valid_username = true;
| else
{
$valid_username = true;
|
| Zeile 820 | Zeile 854 |
|---|
{
$message = htmlspecialchars_uni($mybb->get_input('message'));
$subject = htmlspecialchars_uni($mybb->get_input('subject'));
|
{
$message = htmlspecialchars_uni($mybb->get_input('message'));
$subject = htmlspecialchars_uni($mybb->get_input('subject'));
|
}
| }
|
// Generate thread prefix selector
if(!$mybb->get_input('threadprefix', MyBB::INPUT_INT))
|
// Generate thread prefix selector
if(!$mybb->get_input('threadprefix', MyBB::INPUT_INT))
|
| Zeile 852 | Zeile 886 |
|---|
eval("\$postoptions = \"".$templates->get("newthread_postoptions")."\";");
$bgcolor = "trow2";
$bgcolor2 = "trow1";
|
eval("\$postoptions = \"".$templates->get("newthread_postoptions")."\";");
$bgcolor = "trow2";
$bgcolor2 = "trow1";
|
}
| }
|
else
|
else
|
{
| {
|
$bgcolor = "trow1";
$bgcolor2 = "trow2";
}
| $bgcolor = "trow1";
$bgcolor2 = "trow2";
}
|
| Zeile 867 | Zeile 901 |
|---|
if(isset($modoptions['closethread']) && $modoptions['closethread'] == 1)
{
$closecheck = "checked=\"checked\"";
|
if(isset($modoptions['closethread']) && $modoptions['closethread'] == 1)
{
$closecheck = "checked=\"checked\"";
|
}
| }
|
else
{
$closecheck = '';
| else
{
$closecheck = '';
|
| Zeile 882 | Zeile 916 |
|---|
}
$closeoption = '';
|
}
$closeoption = '';
|
if(is_moderator($thread['fid'], "canopenclosethreads"))
| if(is_moderator($fid, "canopenclosethreads"))
|
{
eval("\$closeoption = \"".$templates->get("newreply_modoptions_close")."\";");
}
$stickoption = '';
|
{
eval("\$closeoption = \"".$templates->get("newreply_modoptions_close")."\";");
}
$stickoption = '';
|
if(is_moderator($thread['fid'], "canstickunstickthreads"))
| if(is_moderator($fid, "canstickunstickthreads"))
|
{
eval("\$stickoption = \"".$templates->get("newreply_modoptions_stick")."\";");
}
| {
eval("\$stickoption = \"".$templates->get("newreply_modoptions_stick")."\";");
}
|
| Zeile 932 | Zeile 966 |
|---|
$attachment['size'] = get_friendly_size($attachment['filesize']);
$attachment['icon'] = get_attachment_icon(get_extension($attachment['filename']));
$attachment['filename'] = htmlspecialchars_uni($attachment['filename']);
|
$attachment['size'] = get_friendly_size($attachment['filesize']);
$attachment['icon'] = get_attachment_icon(get_extension($attachment['filename']));
$attachment['filename'] = htmlspecialchars_uni($attachment['filename']);
|
|
|
if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && (!$mybb->user['uid'] || $mybb->user['showcodebuttons'] != 0))
{
eval("\$postinsert = \"".$templates->get("post_attachments_attachment_postinsert")."\";");
| if($mybb->settings['bbcodeinserter'] != 0 && $forum['allowmycode'] != 0 && (!$mybb->user['uid'] || $mybb->user['showcodebuttons'] != 0))
{
eval("\$postinsert = \"".$templates->get("post_attachments_attachment_postinsert")."\";");
|
| Zeile 964 | Zeile 998 |
|---|
else
{
$friendlyquota = get_friendly_size($mybb->usergroup['attachquota']*1024);
|
else
{
$friendlyquota = get_friendly_size($mybb->usergroup['attachquota']*1024);
|
}
| }
|
$lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyquota);
|
$lang->attach_quota = $lang->sprintf($lang->attach_quota, $friendlyquota);
|
|
$link_viewattachments = '';
|
if($usage['ausage'] !== NULL)
|
if($usage['ausage'] !== NULL)
|
{
| {
|
$friendlyusage = get_friendly_size($usage['ausage']);
$lang->attach_usage = $lang->sprintf($lang->attach_usage, $friendlyusage);
eval("\$link_viewattachments = \"".$templates->get("post_attachments_viewlink")."\";");
| $friendlyusage = get_friendly_size($usage['ausage']);
$lang->attach_usage = $lang->sprintf($lang->attach_usage, $friendlyusage);
eval("\$link_viewattachments = \"".$templates->get("post_attachments_viewlink")."\";");
|
| Zeile 977 | Zeile 1012 |
|---|
{
$lang->attach_usage = "";
}
|
{
$lang->attach_usage = "";
}
|
|
$attach_add_options = '';
|
if($mybb->settings['maxattachments'] == 0 || ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !isset($noshowattach))
{
eval("\$attach_add_options = \"".$templates->get("post_attachments_add")."\";");
}
|
if($mybb->settings['maxattachments'] == 0 || ($mybb->settings['maxattachments'] != 0 && $attachcount < $mybb->settings['maxattachments']) && !isset($noshowattach))
{
eval("\$attach_add_options = \"".$templates->get("post_attachments_add")."\";");
}
|
| | $attach_update_options = '';
|
if(($mybb->usergroup['caneditattachments'] || $forumpermissions['caneditattachments']) && $attachcount > 0)
{
eval("\$attach_update_options = \"".$templates->get("post_attachments_update")."\";");
| if(($mybb->usergroup['caneditattachments'] || $forumpermissions['caneditattachments']) && $attachcount > 0)
{
eval("\$attach_update_options = \"".$templates->get("post_attachments_update")."\";");
|
| Zeile 995 | Zeile 1032 |
|---|
eval("\$attachbox = \"".$templates->get("post_attachments")."\";");
$bgcolor = alt_trow();
|
eval("\$attachbox = \"".$templates->get("post_attachments")."\";");
$bgcolor = alt_trow();
|
}
| }
else
{
$attachbox = '';
}
|
|
|
| | $savedraftbutton = '';
|
if($mybb->user['uid'])
{
eval("\$savedraftbutton = \"".$templates->get("post_savedraftbutton", 1, 0)."\";");
| if($mybb->user['uid'])
{
eval("\$savedraftbutton = \"".$templates->get("post_savedraftbutton", 1, 0)."\";");
|
| Zeile 1021 | Zeile 1063 |
|---|
// Generate a hidden list of items for our captcha
$captcha = $post_captcha->build_hidden_captcha();
|
// Generate a hidden list of items for our captcha
$captcha = $post_captcha->build_hidden_captcha();
|
}
}
| }
}
|
if(!$correct)
|
if(!$correct)
|
{
if($post_captcha->type == 1)
{
| {
if($post_captcha->type == captcha::DEFAULT_CAPTCHA)
{
|
$post_captcha->build_captcha();
|
$post_captcha->build_captcha();
|
}
elseif(in_array($post_captcha->type, array(4, 5, 8)))
| }
elseif(in_array($post_captcha->type, array(captcha::NOCAPTCHA_RECAPTCHA, captcha::RECAPTCHA_INVISIBLE, captcha::RECAPTCHA_V3)))
|
{
$post_captcha->build_recaptcha();
}
|
{
$post_captcha->build_recaptcha();
}
|
elseif(in_array($post_captcha->type, array(6, 7)))
| elseif(in_array($post_captcha->type, array(captcha::HCAPTCHA, captcha::HCAPTCHA_INVISIBLE)))
|
{
$post_captcha->build_hcaptcha();
}
}
|
{
$post_captcha->build_hcaptcha();
}
}
|
else if($correct && (in_array($post_captcha->type, array(4, 5, 8))))
| else if($correct && (in_array($post_captcha->type, array(captcha::NOCAPTCHA_RECAPTCHA, captcha::RECAPTCHA_INVISIBLE, captcha::RECAPTCHA_V3))))
|
{
$post_captcha->build_recaptcha();
|
{
$post_captcha->build_recaptcha();
|
}
else if($correct && (in_array($post_captcha->type, array(6, 7))))
{
| }
else if($correct && (in_array($post_captcha->type, array(captcha::HCAPTCHA, captcha::HCAPTCHA_INVISIBLE))))
{
|
$post_captcha->build_hcaptcha();
|
$post_captcha->build_hcaptcha();
|
}
| }
|
if($post_captcha->html)
{
$captcha = $post_captcha->html;
}
}
|
if($post_captcha->html)
{
$captcha = $post_captcha->html;
}
}
|
| |
$pollbox = '';
|
if($forumpermissions['canpostpolls'] != 0)
{
|
if($forumpermissions['canpostpolls'] != 0)
{
|
| Zeile 1069 | Zeile 1113 |
|---|
$forum['rulestitle'] = $lang->sprintf($lang->forum_rules, $forum['name']);
}
|
$forum['rulestitle'] = $lang->sprintf($lang->forum_rules, $forum['name']);
}
|
if(!$parser)
| if(empty($parser))
|
{
require_once MYBB_ROOT.'inc/class_parser.php';
$parser = new postParser;
|
{
require_once MYBB_ROOT.'inc/class_parser.php';
$parser = new postParser;
|
}
| }
|
$rules_parser = array(
"allow_html" => 1,
"allow_mycode" => 1,
| $rules_parser = array(
"allow_html" => 1,
"allow_mycode" => 1,
|
| Zeile 1123 | Zeile 1167 |
|---|
}
}
|
}
}
|
$php_max_upload_filesize = return_bytes(ini_get('max_upload_filesize'));
$php_post_max_size = return_bytes(ini_get('post_max_size'));
if ($php_max_upload_filesize != 0 && $php_post_max_size != 0)
{
$php_max_upload_size = min($php_max_upload_filesize, $php_post_max_size);
}
else
{
$php_max_upload_size = max($php_max_upload_filesize, $php_post_max_size);
}
| $php_max_upload_size = get_php_upload_limit();
|
$php_max_file_uploads = (int)ini_get('max_file_uploads');
eval("\$post_javascript = \"".$templates->get("post_javascript")."\";");
| $php_max_file_uploads = (int)ini_get('max_file_uploads');
eval("\$post_javascript = \"".$templates->get("post_javascript")."\";");
|