[6] | 1 | <?php |
---|
| 2 | |
---|
| 3 | /** |
---|
| 4 | * Copyright (C) 2008-2011 FluxBB |
---|
| 5 | * based on code by Rickard Andersson copyright (C) 2002-2008 PunBB |
---|
| 6 | * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher |
---|
| 7 | */ |
---|
| 8 | |
---|
| 9 | define('PUN_ROOT', dirname(__FILE__).'/'); |
---|
| 10 | require PUN_ROOT.'include/common.php'; |
---|
| 11 | |
---|
| 12 | |
---|
| 13 | if ($pun_user['g_read_board'] == '0') |
---|
| 14 | message($lang_common['No view']); |
---|
| 15 | |
---|
| 16 | |
---|
| 17 | $id = isset($_GET['id']) ? intval($_GET['id']) : 0; |
---|
| 18 | if ($id < 1) |
---|
| 19 | message($lang_common['Bad request']); |
---|
| 20 | |
---|
| 21 | // Fetch some info about the post, the topic and the forum |
---|
| 22 | $result = $db->query('SELECT f.id AS fid, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, t.id AS tid, t.subject, t.posted, t.first_post_id, t.sticky, t.closed, p.poster, p.poster_id, p.message, p.hide_smilies FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error()); |
---|
| 23 | if (!$db->num_rows($result)) |
---|
| 24 | message($lang_common['Bad request']); |
---|
| 25 | |
---|
| 26 | $cur_post = $db->fetch_assoc($result); |
---|
| 27 | |
---|
| 28 | // Sort out who the moderators are and if we are currently a moderator (or an admin) |
---|
| 29 | $mods_array = ($cur_post['moderators'] != '') ? unserialize($cur_post['moderators']) : array(); |
---|
| 30 | $is_admmod = ($pun_user['g_id'] == PUN_ADMIN || ($pun_user['g_moderator'] == '1' && array_key_exists($pun_user['username'], $mods_array))) ? true : false; |
---|
| 31 | |
---|
| 32 | $can_edit_subject = $id == $cur_post['first_post_id']; |
---|
| 33 | |
---|
| 34 | if ($pun_config['o_censoring'] == '1') |
---|
| 35 | { |
---|
| 36 | $cur_post['subject'] = censor_words($cur_post['subject']); |
---|
| 37 | $cur_post['message'] = censor_words($cur_post['message']); |
---|
| 38 | } |
---|
| 39 | |
---|
| 40 | // Do we have permission to edit this post? |
---|
| 41 | if (($pun_user['g_edit_posts'] == '0' || |
---|
| 42 | $cur_post['poster_id'] != $pun_user['id'] || |
---|
| 43 | $cur_post['closed'] == '1') && |
---|
| 44 | !$is_admmod) |
---|
| 45 | message($lang_common['No permission']); |
---|
| 46 | |
---|
| 47 | // Load the post.php/edit.php language file |
---|
| 48 | require PUN_ROOT.'lang/'.$pun_user['language'].'/post.php'; |
---|
| 49 | |
---|
| 50 | // Start with a clean slate |
---|
| 51 | $errors = array(); |
---|
| 52 | |
---|
| 53 | |
---|
| 54 | if (isset($_POST['form_sent'])) |
---|
| 55 | { |
---|
| 56 | if ($is_admmod) |
---|
| 57 | confirm_referrer('edit.php'); |
---|
| 58 | |
---|
| 59 | // If it's a topic it must contain a subject |
---|
| 60 | if ($can_edit_subject) |
---|
| 61 | { |
---|
| 62 | $subject = pun_trim($_POST['req_subject']); |
---|
| 63 | |
---|
| 64 | if ($pun_config['o_censoring'] == '1') |
---|
| 65 | $censored_subject = pun_trim(censor_words($subject)); |
---|
| 66 | |
---|
| 67 | if ($subject == '') |
---|
| 68 | $errors[] = $lang_post['No subject']; |
---|
| 69 | else if ($pun_config['o_censoring'] == '1' && $censored_subject == '') |
---|
| 70 | $errors[] = $lang_post['No subject after censoring']; |
---|
| 71 | else if (pun_strlen($subject) > 70) |
---|
| 72 | $errors[] = $lang_post['Too long subject']; |
---|
| 73 | else if ($pun_config['p_subject_all_caps'] == '0' && is_all_uppercase($subject) && !$pun_user['is_admmod']) |
---|
| 74 | $errors[] = $lang_post['All caps subject']; |
---|
| 75 | } |
---|
| 76 | |
---|
| 77 | // Clean up message from POST |
---|
| 78 | $message = pun_linebreaks(pun_trim($_POST['req_message'])); |
---|
| 79 | |
---|
| 80 | // Here we use strlen() not pun_strlen() as we want to limit the post to PUN_MAX_POSTSIZE bytes, not characters |
---|
| 81 | if (strlen($message) > PUN_MAX_POSTSIZE) |
---|
| 82 | $errors[] = sprintf($lang_post['Too long message'], forum_number_format(PUN_MAX_POSTSIZE)); |
---|
| 83 | else if ($pun_config['p_message_all_caps'] == '0' && is_all_uppercase($message) && !$pun_user['is_admmod']) |
---|
| 84 | $errors[] = $lang_post['All caps message']; |
---|
| 85 | |
---|
| 86 | // Validate BBCode syntax |
---|
| 87 | if ($pun_config['p_message_bbcode'] == '1') |
---|
| 88 | { |
---|
| 89 | require PUN_ROOT.'include/parser.php'; |
---|
| 90 | $message = preparse_bbcode($message, $errors); |
---|
| 91 | } |
---|
| 92 | |
---|
| 93 | if (empty($errors)) |
---|
| 94 | { |
---|
| 95 | if ($message == '') |
---|
| 96 | $errors[] = $lang_post['No message']; |
---|
| 97 | else if ($pun_config['o_censoring'] == '1') |
---|
| 98 | { |
---|
| 99 | // Censor message to see if that causes problems |
---|
| 100 | $censored_message = pun_trim(censor_words($message)); |
---|
| 101 | |
---|
| 102 | if ($censored_message == '') |
---|
| 103 | $errors[] = $lang_post['No message after censoring']; |
---|
| 104 | } |
---|
| 105 | } |
---|
| 106 | |
---|
| 107 | $hide_smilies = isset($_POST['hide_smilies']) ? '1' : '0'; |
---|
| 108 | $stick_topic = isset($_POST['stick_topic']) ? '1' : '0'; |
---|
| 109 | if (!$is_admmod) |
---|
| 110 | $stick_topic = $cur_post['sticky']; |
---|
| 111 | |
---|
| 112 | // Did everything go according to plan? |
---|
| 113 | if (empty($errors) && !isset($_POST['preview'])) |
---|
| 114 | { |
---|
| 115 | $edited_sql = (!isset($_POST['silent']) || !$is_admmod) ? ', edited='.time().', edited_by=\''.$db->escape($pun_user['username']).'\'' : ''; |
---|
| 116 | |
---|
| 117 | require PUN_ROOT.'include/search_idx.php'; |
---|
| 118 | |
---|
| 119 | if ($can_edit_subject) |
---|
| 120 | { |
---|
| 121 | // Update the topic and any redirect topics |
---|
| 122 | $db->query('UPDATE '.$db->prefix.'topics SET subject=\''.$db->escape($subject).'\', sticky='.$stick_topic.' WHERE id='.$cur_post['tid'].' OR moved_to='.$cur_post['tid']) or error('Unable to update topic', __FILE__, __LINE__, $db->error()); |
---|
| 123 | |
---|
| 124 | // We changed the subject, so we need to take that into account when we update the search words |
---|
| 125 | update_search_index('edit', $id, $message, $subject); |
---|
| 126 | } |
---|
| 127 | else |
---|
| 128 | update_search_index('edit', $id, $message); |
---|
| 129 | |
---|
| 130 | // Update the post |
---|
| 131 | $db->query('UPDATE '.$db->prefix.'posts SET message=\''.$db->escape($message).'\', hide_smilies='.$hide_smilies.$edited_sql.' WHERE id='.$id) or error('Unable to update post', __FILE__, __LINE__, $db->error()); |
---|
| 132 | |
---|
| 133 | redirect('viewtopic.php?pid='.$id.'#p'.$id, $lang_post['Edit redirect']); |
---|
| 134 | } |
---|
| 135 | } |
---|
| 136 | |
---|
| 137 | |
---|
| 138 | |
---|
| 139 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_post['Edit post']); |
---|
| 140 | $required_fields = array('req_subject' => $lang_common['Subject'], 'req_message' => $lang_common['Message']); |
---|
| 141 | $focus_element = array('edit', 'req_message'); |
---|
| 142 | define('PUN_ACTIVE_PAGE', 'index'); |
---|
| 143 | require PUN_ROOT.'header.php'; |
---|
| 144 | |
---|
| 145 | $cur_index = 1; |
---|
| 146 | |
---|
| 147 | ?> |
---|
| 148 | <div class="linkst"> |
---|
| 149 | <div class="inbox"> |
---|
| 150 | <ul class="crumbs"> |
---|
| 151 | <li><a href="index.php"><?php echo $lang_common['Index'] ?></a></li> |
---|
| 152 | <li><span>» </span><a href="viewforum.php?id=<?php echo $cur_post['fid'] ?>"><?php echo pun_htmlspecialchars($cur_post['forum_name']) ?></a></li> |
---|
| 153 | <li><span>» </span><a href="viewtopic.php?id=<?php echo $cur_post['tid'] ?>"><?php echo pun_htmlspecialchars($cur_post['subject']) ?></a></li> |
---|
| 154 | <li><span>» </span><strong><?php echo $lang_post['Edit post'] ?></strong></li> |
---|
| 155 | </ul> |
---|
| 156 | </div> |
---|
| 157 | </div> |
---|
| 158 | |
---|
| 159 | <?php |
---|
| 160 | |
---|
| 161 | // If there are errors, we display them |
---|
| 162 | if (!empty($errors)) |
---|
| 163 | { |
---|
| 164 | |
---|
| 165 | ?> |
---|
| 166 | <div id="posterror" class="block"> |
---|
| 167 | <h2><span><?php echo $lang_post['Post errors'] ?></span></h2> |
---|
| 168 | <div class="box"> |
---|
| 169 | <div class="inbox error-info"> |
---|
| 170 | <p><?php echo $lang_post['Post errors info'] ?></p> |
---|
| 171 | <ul class="error-list"> |
---|
| 172 | <?php |
---|
| 173 | |
---|
| 174 | foreach ($errors as $cur_error) |
---|
| 175 | echo "\t\t\t\t".'<li><strong>'.$cur_error.'</strong></li>'."\n"; |
---|
| 176 | ?> |
---|
| 177 | </ul> |
---|
| 178 | </div> |
---|
| 179 | </div> |
---|
| 180 | </div> |
---|
| 181 | |
---|
| 182 | <?php |
---|
| 183 | |
---|
| 184 | } |
---|
| 185 | else if (isset($_POST['preview'])) |
---|
| 186 | { |
---|
| 187 | require_once PUN_ROOT.'include/parser.php'; |
---|
| 188 | $preview_message = parse_message($message, $hide_smilies); |
---|
| 189 | |
---|
| 190 | ?> |
---|
| 191 | <div id="postpreview" class="blockpost"> |
---|
| 192 | <h2><span><?php echo $lang_post['Post preview'] ?></span></h2> |
---|
| 193 | <div class="box"> |
---|
| 194 | <div class="inbox"> |
---|
| 195 | <div class="postbody"> |
---|
| 196 | <div class="postright"> |
---|
| 197 | <div class="postmsg"> |
---|
| 198 | <?php echo $preview_message."\n" ?> |
---|
| 199 | </div> |
---|
| 200 | </div> |
---|
| 201 | </div> |
---|
| 202 | </div> |
---|
| 203 | </div> |
---|
| 204 | </div> |
---|
| 205 | |
---|
| 206 | <?php |
---|
| 207 | |
---|
| 208 | } |
---|
| 209 | |
---|
| 210 | ?> |
---|
| 211 | <div id="editform" class="blockform"> |
---|
| 212 | <h2><span><?php echo $lang_post['Edit post'] ?></span></h2> |
---|
| 213 | <div class="box"> |
---|
| 214 | <form id="edit" method="post" action="edit.php?id=<?php echo $id ?>&action=edit" onsubmit="return process_form(this)"> |
---|
| 215 | <div class="inform"> |
---|
| 216 | <fieldset> |
---|
| 217 | <legend><?php echo $lang_post['Edit post legend'] ?></legend> |
---|
| 218 | <input type="hidden" name="form_sent" value="1" /> |
---|
| 219 | <div class="infldset txtarea"> |
---|
| 220 | <?php if ($can_edit_subject): ?> <label class="required"><strong><?php echo $lang_common['Subject'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /> |
---|
| 221 | <input class="longinput" type="text" name="req_subject" size="80" maxlength="70" tabindex="<?php echo $cur_index++ ?>" value="<?php echo pun_htmlspecialchars(isset($_POST['req_subject']) ? $_POST['req_subject'] : $cur_post['subject']) ?>" /><br /></label> |
---|
| 222 | <?php endif; ?> <label class="required"><strong><?php echo $lang_common['Message'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /> |
---|
| 223 | <textarea name="req_message" rows="20" cols="95" tabindex="<?php echo $cur_index++ ?>"><?php echo pun_htmlspecialchars(isset($_POST['req_message']) ? $message : $cur_post['message']) ?></textarea><br /></label> |
---|
| 224 | <ul class="bblinks"> |
---|
| 225 | <li><span><a href="help.php#bbcode" onclick="window.open(this.href); return false;"><?php echo $lang_common['BBCode'] ?></a> <?php echo ($pun_config['p_message_bbcode'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></span></li> |
---|
| 226 | <li><span><a href="help.php#img" onclick="window.open(this.href); return false;"><?php echo $lang_common['img tag'] ?></a> <?php echo ($pun_config['p_message_bbcode'] == '1' && $pun_config['p_message_img_tag'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></span></li> |
---|
| 227 | <li><span><a href="help.php#smilies" onclick="window.open(this.href); return false;"><?php echo $lang_common['Smilies'] ?></a> <?php echo ($pun_config['o_smilies'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></span></li> |
---|
| 228 | </ul> |
---|
| 229 | </div> |
---|
| 230 | </fieldset> |
---|
| 231 | <?php |
---|
| 232 | |
---|
| 233 | $checkboxes = array(); |
---|
| 234 | if ($can_edit_subject && $is_admmod) |
---|
| 235 | { |
---|
| 236 | if (isset($_POST['stick_topic']) || $cur_post['sticky'] == '1') |
---|
| 237 | $checkboxes[] = '<label><input type="checkbox" name="stick_topic" value="1" checked="checked" tabindex="'.($cur_index++).'" />'.$lang_common['Stick topic'].'<br /></label>'; |
---|
| 238 | else |
---|
| 239 | $checkboxes[] = '<label><input type="checkbox" name="stick_topic" value="1" tabindex="'.($cur_index++).'" />'.$lang_common['Stick topic'].'<br /></label>'; |
---|
| 240 | } |
---|
| 241 | |
---|
| 242 | if ($pun_config['o_smilies'] == '1') |
---|
| 243 | { |
---|
| 244 | if (isset($_POST['hide_smilies']) || $cur_post['hide_smilies'] == '1') |
---|
| 245 | $checkboxes[] = '<label><input type="checkbox" name="hide_smilies" value="1" checked="checked" tabindex="'.($cur_index++).'" />'.$lang_post['Hide smilies'].'<br /></label>'; |
---|
| 246 | else |
---|
| 247 | $checkboxes[] = '<label><input type="checkbox" name="hide_smilies" value="1" tabindex="'.($cur_index++).'" />'.$lang_post['Hide smilies'].'<br /></label>'; |
---|
| 248 | } |
---|
| 249 | |
---|
| 250 | if ($is_admmod) |
---|
| 251 | { |
---|
| 252 | if ((isset($_POST['form_sent']) && isset($_POST['silent'])) || !isset($_POST['form_sent'])) |
---|
| 253 | $checkboxes[] = '<label><input type="checkbox" name="silent" value="1" tabindex="'.($cur_index++).'" checked="checked" />'.$lang_post['Silent edit'].'<br /></label>'; |
---|
| 254 | else |
---|
| 255 | $checkboxes[] = '<label><input type="checkbox" name="silent" value="1" tabindex="'.($cur_index++).'" />'.$lang_post['Silent edit'].'<br /></label>'; |
---|
| 256 | } |
---|
| 257 | |
---|
| 258 | if (!empty($checkboxes)) |
---|
| 259 | { |
---|
| 260 | |
---|
| 261 | ?> |
---|
| 262 | </div> |
---|
| 263 | <div class="inform"> |
---|
| 264 | <fieldset> |
---|
| 265 | <legend><?php echo $lang_common['Options'] ?></legend> |
---|
| 266 | <div class="infldset"> |
---|
| 267 | <div class="rbox"> |
---|
| 268 | <?php echo implode("\n\t\t\t\t\t\t\t", $checkboxes)."\n" ?> |
---|
| 269 | </div> |
---|
| 270 | </div> |
---|
| 271 | </fieldset> |
---|
| 272 | <?php |
---|
| 273 | |
---|
| 274 | } |
---|
| 275 | |
---|
| 276 | ?> |
---|
| 277 | </div> |
---|
| 278 | <p class="buttons"><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" tabindex="<?php echo $cur_index++ ?>" accesskey="s" /> <input type="submit" name="preview" value="<?php echo $lang_post['Preview'] ?>" tabindex="<?php echo $cur_index++ ?>" accesskey="p" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p> |
---|
| 279 | </form> |
---|
| 280 | </div> |
---|
| 281 | </div> |
---|
| 282 | <?php |
---|
| 283 | |
---|
| 284 | require PUN_ROOT.'footer.php'; |
---|