case 'approve': $qa_content['error'] = qa_lang_html('question/ask_must_be_approved'); break; default: $qa_content['error'] = qa_lang_html('users/no_permission'); break; } return $qa_content; } // Process input $captchareason = qa_user_captcha_reason(); $in['title'] = qa_post_text('title'); // allow title and tags to be posted by an external form $in['extra'] = qa_opt('extra_field_active') ? qa_post_text('extra') : null; if (qa_using_tags()) { $in['tags'] = qa_get_tags_field_value('tags'); } if (qa_clicked('doask')) { require_once QA_INCLUDE_DIR . 'qa-app-post-create.php'; require_once QA_INCLUDE_DIR . 'qa-util-string.php'; $categoryids = array_keys(qa_category_path($categories, @$in['categoryid'])); $userlevel = qa_user_level_for_categories($categoryids); $in['name'] = qa_post_text('name'); $in['notify'] = qa_post_text('notify') ? true : false; $in['email'] = qa_post_text('email'); $in['queued'] = qa_user_moderation_reason($userlevel) ? true : false; qa_get_post_content('editor', 'content', $in['editor'], $in['content'], $in['format'], $in['text']); $errors = array(); if (!qa_check_form_security_code('ask', qa_post_text('code'))) { $errors['page'] = qa_lang_html('misc/form_security_again'); } else {
function qa_page_q_edit_q_submit($question, $answers, $commentsfollows, $closepost, &$in, &$errors) { $in = array(); if ($question['editable']) { $in['title'] = qa_post_text('q_title'); qa_get_post_content('q_editor', 'q_content', $in['editor'], $in['content'], $in['format'], $in['text']); $in['extra'] = qa_opt('extra_field_active') ? qa_post_text('q_extra') : null; } if ($question['retagcatable']) { if (qa_using_tags()) { $in['tags'] = qa_get_tags_field_value('q_tags'); } if (qa_using_categories()) { $in['categoryid'] = qa_get_category_field_value('q_category'); } } if (array_key_exists('categoryid', $in)) { // need to check if we can move it to that category, and if we need moderation $categories = qa_db_select_with_pending(qa_db_category_nav_selectspec($in['categoryid'], true)); $categoryids = array_keys(qa_category_path($categories, $in['categoryid'])); $userlevel = qa_user_level_for_categories($categoryids); } else { $userlevel = null; } if ($question['isbyuser']) { $in['name'] = qa_post_text('q_name'); $in['notify'] = qa_post_text('q_notify') ? true : false; $in['email'] = qa_post_text('q_email'); } if (!qa_user_post_permit_error('permit_edit_silent', $question)) { $in['silent'] = qa_post_text('q_silent'); } // here the $in array only contains values for parts of the form that were displayed, so those are only ones checked by filters $errors = array(); if (!qa_check_form_security_code('edit-' . $question['postid'], qa_post_text('code'))) { $errors['page'] = qa_lang_html('misc/form_security_again'); } else { $in['queued'] = qa_opt('moderate_edited_again') && qa_user_moderation_reason($userlevel); $filtermodules = qa_load_modules_with('filter', 'filter_question'); foreach ($filtermodules as $filtermodule) { $oldin = $in; $filtermodule->filter_question($in, $errors, $question); if ($question['editable']) { qa_update_post_text($in, $oldin); } } if (array_key_exists('categoryid', $in) && strcmp($in['categoryid'], $question['categoryid'])) { if (qa_user_permit_error('permit_post_q', null, $userlevel)) { $errors['categoryid'] = qa_lang_html('question/category_ask_not_allowed'); } } if (empty($errors)) { $userid = qa_get_logged_in_userid(); $handle = qa_get_logged_in_handle(); $cookieid = qa_cookie_get(); // now we fill in the missing values in the $in array, so that we have everything we need for qa_question_set_content() // we do things in this way to avoid any risk of a validation failure on elements the user can't see (e.g. due to admin setting changes) if (!$question['editable']) { $in['title'] = $question['title']; $in['content'] = $question['content']; $in['format'] = $question['format']; $in['text'] = qa_viewer_text($in['content'], $in['format']); $in['extra'] = $question['extra']; } if (!isset($in['tags'])) { $in['tags'] = qa_tagstring_to_tags($question['tags']); } if (!array_key_exists('categoryid', $in)) { $in['categoryid'] = $question['categoryid']; } if (!isset($in['silent'])) { $in['silent'] = false; } $setnotify = $question['isbyuser'] ? qa_combine_notify_email($question['userid'], $in['notify'], $in['email']) : $question['notify']; qa_question_set_content($question, $in['title'], $in['content'], $in['format'], $in['text'], qa_tags_to_tagstring($in['tags']), $setnotify, $userid, $handle, $cookieid, $in['extra'], @$in['name'], $in['queued'], $in['silent']); if (qa_using_categories() && strcmp($in['categoryid'], $question['categoryid'])) { qa_question_set_category($question, $in['categoryid'], $userid, $handle, $cookieid, $answers, $commentsfollows, $closepost, $in['silent']); } return true; } } return false; }
$qa_content['error'] = qa_insert_login_links(qa_lang_html('question/ask_must_confirm'), $qa_request, isset($infollow) ? array('follow' => $infollow) : null); break; case 'limit': $qa_content['error'] = qa_lang_html('question/ask_limit'); break; default: $qa_content['error'] = qa_lang_html('users/no_permission'); break; } return $qa_content; } // Process input $usecaptcha = qa_user_use_captcha('captcha_on_anon_post'); $intitle = qa_post_text('title'); // allow title and tags to be posted by an external form $intags = qa_get_tags_field_value('tags'); if (qa_clicked('doask')) { require_once QA_INCLUDE_DIR . 'qa-app-post-create.php'; require_once QA_INCLUDE_DIR . 'qa-util-string.php'; $innotify = qa_post_text('notify') ? true : false; $inemail = qa_post_text('email'); qa_get_post_content('editor', 'content', $ineditor, $incontent, $informat, $intext); $tagstring = qa_tags_to_tagstring($intags); $errors = qa_question_validate($intitle, $incontent, $informat, $intext, $tagstring, $innotify, $inemail); if (qa_using_categories() && count($categories) && !qa_opt('allow_no_category') && !isset($incategoryid)) { $errors['category'] = qa_lang_html('question/category_required'); } if ($usecaptcha) { require_once 'qa-app-captcha.php'; qa_captcha_validate($_POST, $errors); }
function qa_page_q_edit_q_submit($question, $answers, $commentsfollows, $closepost, &$in, &$errors) { $in = array(); if ($question['editable']) { $in['title'] = qa_post_text('q_title'); qa_get_post_content('q_editor', 'q_content', $in['editor'], $in['content'], $in['format'], $in['text']); $in['extra'] = qa_opt('extra_field_active') ? qa_post_text('q_extra') : null; } if ($question['retagcatable']) { if (qa_using_tags()) { $in['tags'] = qa_get_tags_field_value('q_tags'); } if (qa_using_categories()) { $in['categoryid'] = qa_get_category_field_value('q_category'); } } if ($question['isbyuser']) { $in['notify'] = qa_post_text('q_notify') ? true : false; $in['email'] = qa_post_text('q_email'); } // here the $in array only contains values for parts of the form that were displayed, so those are only ones checked by filters $errors = array(); $filtermodules = qa_load_modules_with('filter', 'filter_question'); foreach ($filtermodules as $filtermodule) { $oldin = $in; $filtermodule->filter_question($in, $errors, $question); if ($question['editable']) { qa_update_post_text($in, $oldin); } } if (empty($errors)) { $userid = qa_get_logged_in_userid(); $handle = qa_get_logged_in_handle(); $cookieid = qa_cookie_get(); // now we fill in the missing values in the $in array, so that we have everything we need for qa_question_set_content() // we do things in this way to avoid any risk of a validation failure on elements the user can't see (e.g. due to admin setting changes) if (!$question['editable']) { $in['title'] = $question['title']; $in['content'] = $question['content']; $in['format'] = $question['format']; $in['text'] = qa_viewer_text($in['content'], $in['format']); $in['extra'] = $question['extra']; } if (!isset($in['tags'])) { $in['tags'] = qa_tagstring_to_tags($question['tags']); } if (!array_key_exists('categoryid', $in)) { $in['categoryid'] = $question['categoryid']; } $setnotify = $question['isbyuser'] ? qa_combine_notify_email($question['userid'], $in['notify'], $in['email']) : $question['notify']; qa_question_set_content($question, $in['title'], $in['content'], $in['format'], $in['text'], qa_tags_to_tagstring($in['tags']), $setnotify, $userid, $handle, $cookieid, $in['extra']); if (qa_using_categories() && strcmp($in['categoryid'], $question['categoryid'])) { qa_question_set_category($question, $in['categoryid'], $userid, $handle, $cookieid, $answers, $commentsfollows, $closepost); } return true; } return false; }
} if (qa_clicked('doclearflagsq') && $question['clearflaggable']) { require_once QA_INCLUDE_DIR . 'qa-app-votes.php'; qa_flags_clear_all($question, $qa_login_userid, qa_get_logged_in_handle(), $qa_cookieid); qa_redirect($qa_request); } // Process edit or save button for question if ($question['editbutton']) { if (qa_clicked('docancel')) { qa_redirect($qa_request); } elseif (qa_clicked('doeditq')) { qa_redirect($qa_request, array('state' => 'edit-' . $questionid)); } elseif (qa_clicked('dosaveq') && qa_page_q_permit_edit($question, 'permit_edit_q')) { $incategoryid = qa_get_category_field_value('category'); $inqtitle = qa_post_text('qtitle'); $inqtags = qa_get_tags_field_value('qtags'); $tagstring = qa_using_tags() ? qa_tags_to_tagstring($inqtags) : $question['tags']; qa_get_post_content('editor', 'qcontent', $ineditor, $inqcontent, $inqformat, $inqtext); $innotify = qa_post_text('notify') ? true : false; $inemail = qa_post_text('email'); $qerrors = qa_question_validate($inqtitle, $inqcontent, $inqformat, $inqtext, $tagstring, $innotify, $inemail); if (empty($qerrors)) { $setnotify = $question['isbyuser'] ? qa_combine_notify_email($question['userid'], $innotify, $inemail) : $question['notify']; if (qa_using_categories() && strcmp($incategoryid, $question['categoryid'])) { qa_question_set_category($question, $incategoryid, $qa_login_userid, qa_get_logged_in_handle(), $qa_cookieid, $answers, $commentsfollows); } qa_question_set_content($question, $inqtitle, $inqcontent, $inqformat, $inqtext, $tagstring, $setnotify, $qa_login_userid, qa_get_logged_in_handle(), $qa_cookieid); qa_report_write_action($qa_login_userid, $qa_cookieid, 'q_edit', $questionid, null, null); if (qa_q_request($questionid, $question['title']) != qa_q_request($questionid, $inqtitle)) { qa_redirect(qa_q_request($questionid, $inqtitle)); } else {