/**
* Returns true, if the active user can edit or delete this post.
*
* @param Board $board
* @param Thread $thread
* @return boolean
*/
public function canEditPost($board, $thread)
{
$isModerator = $board->getModeratorPermission('canEditPost') || $board->getModeratorPermission('canDeletePost');
$isAuthor = $this->userID && $this->userID == WCF::getUser()->userID;
$canEditPost = $board->getModeratorPermission('canEditPost') || $isAuthor && $board->getPermission('canEditOwnPost');
$canDeletePost = $board->getModeratorPermission('canDeletePost') || $isAuthor && $board->getPermission('canDeleteOwnPost');
if (!$canEditPost && !$canDeletePost || !$isModerator && ($board->isClosed || $thread->isClosed || $this->isClosed)) {
return false;
}
// check post edit timeout
if (!$isModerator && WCF::getUser()->getPermission('user.board.postEditTimeout') != -1 && TIME_NOW - $this->time > WCF::getUser()->getPermission('user.board.postEditTimeout') * 60) {
return false;
}
return true;
}
/**
* @see EventListener::execute()
*/
public function execute($eventObj, $className, $eventName)
{
if ($eventObj->poll->messageType == 'post') {
// check permissions
require_once WBB_DIR . 'lib/data/post/Post.class.php';
$post = new Post($eventObj->poll->messageID);
if (!$post->postID) {
throw new IllegalLinkException();
}
require_once WBB_DIR . 'lib/data/thread/Thread.class.php';
$thread = new Thread($post->threadID);
$thread->enter();
require_once WBB_DIR . 'lib/data/board/Board.class.php';
$board = new Board($thread->boardID);
$eventObj->canVotePoll = $board->getPermission('canVotePoll');
// plug in breadcrumbs
WCF::getTPL()->assign(array('board' => $board, 'thread' => $thread, 'showThread' => true));
WCF::getTPL()->append('specialBreadCrumbs', WCF::getTPL()->fetch('navigation'));
// get other polls from this thread
if ($thread->polls > 1) {
require_once WCF_DIR . 'lib/data/message/poll/Poll.class.php';
$polls = array();
$sql = "SELECT \t\tpoll_vote.pollID AS voted,\n\t\t\t\t\t\t\tpoll_vote.isChangeable,\n\t\t\t\t\t\t\tpoll.*\n\t\t\t\t\tFROM \t\twcf" . WCF_N . "_poll poll\n\t\t\t\t\tLEFT JOIN \twcf" . WCF_N . "_poll_vote poll_vote\n\t\t\t\t\tON \t\t(poll_vote.pollID = poll.pollID\n\t\t\t\t\t\t\t" . (!WCF::getUser()->userID ? "AND poll_vote.ipAddress = '" . escapeString(WCF::getSession()->ipAddress) . "'" : '') . "\n\t\t\t\t\t\t\tAND poll_vote.userID = " . WCF::getUser()->userID . ")\n\t\t\t\t\tWHERE \t\tpoll.pollID IN (\n\t\t\t\t\t\t\t\tSELECT\tpollID\n\t\t\t\t\t\t\t\tFROM\twbb" . WBB_N . "_post\n\t\t\t\t\t\t\t\tWHERE\tthreadID = " . $thread->threadID . "\n\t\t\t\t\t\t\t\t\tAND isDeleted = 0\n\t\t\t\t\t\t\t\t\tAND isDisabled = 0\n\t\t\t\t\t\t\t\t\tAND pollID <> 0\n\t\t\t\t\t\t\t)\n\t\t\t\t\tORDER BY\tpoll.question";
$result = WCF::getDB()->sendQuery($sql);
while ($row = WCF::getDB()->fetchArray($result)) {
$polls[] = new Poll(null, $row, $eventObj->canVotePoll);
}
if (count($polls) > 1) {
WCF::getTPL()->assign(array('polls' => $polls, 'pollID' => $eventObj->pollID));
WCF::getTPL()->append('additionalSidebarContent', WCF::getTPL()->fetch('pollOverviewSidebar'));
}
}
}
}
/**
* Handles a rating request on this thread.
*/
public function handleRating()
{
if (isset($_POST['rating'])) {
$rating = intval($_POST['rating']);
// rating is disabled
if (!$this->enableRating) {
throw new IllegalLinkException();
}
// user has already rated this thread and the rating is NOT changeable
if ($this->thread->userRating !== null && !$this->thread->userRating) {
throw new IllegalLinkException();
}
// user has no permission to rate this thread
if (!$this->board->getPermission('canRateThread')) {
throw new IllegalLinkException();
}
// illegal rating
if ($rating < 1 || $rating > 5) {
throw new IllegalLinkException();
}
// user has already rated this thread and the rating is changeable
// change rating
if ($this->thread->userRating) {
$sql = "UPDATE \twbb" . WBB_N . "_thread_rating\n\t\t\t\t\tSET \trating = " . $rating . "\n\t\t\t\t\tWHERE \tthreadID = " . $this->threadID . "\n\t\t\t\t\t\tAND " . (WCF::getUser()->userID ? "userID = " . WCF::getUser()->userID : "ipAddress = '" . escapeString(WCF::getSession()->ipAddress) . "'");
WCF::getDB()->registerShutdownUpdate($sql);
$sql = "UPDATE \twbb" . WBB_N . "_thread\n\t\t\t\t\tSET \trating = (rating + " . $rating . ") - " . $this->thread->userRating . "\n\t\t\t\t\tWHERE \tthreadID = " . $this->threadID;
WCF::getDB()->registerShutdownUpdate($sql);
} else {
$sql = "INSERT INTO\twbb" . WBB_N . "_thread_rating\n\t\t\t\t\t\t\t(threadID, rating, userID, ipAddress)\n\t\t\t\t\tVALUES\t\t(" . $this->threadID . ",\n\t\t\t\t\t\t\t" . $rating . ",\n\t\t\t\t\t\t\t" . WCF::getUser()->userID . ",\n\t\t\t\t\t\t\t'" . escapeString(WCF::getSession()->ipAddress) . "')";
WCF::getDB()->registerShutdownUpdate($sql);
$sql = "UPDATE \twbb" . WBB_N . "_thread\n\t\t\t\t\tSET \tratings = ratings + 1,\n\t\t\t\t\t\trating = rating + " . $rating . "\n\t\t\t\t\tWHERE \tthreadID = " . $this->threadID;
WCF::getDB()->registerShutdownUpdate($sql);
}
HeaderUtil::redirect('index.php?page=Thread&threadID=' . $this->threadID . '&pageNo=' . $this->pageNo . SID_ARG_2ND_NOT_ENCODED);
exit;
}
}
