html_draw_top(sprintf("title=%s", gettext("Error")));
html_display_error_msg(gettext("That post does not exist in this thread!"));
html_draw_bottom();
exit;
}
$post_edit_time = forum_get_setting('post_edit_time', null, 0);
$uid = session::get_value('UID');
if ((forum_get_setting('allow_post_editing', 'N') || $uid != $edit_message['FROM_UID'] && !(perm_get_user_permissions($edit_message['FROM_UID']) & USER_PERM_PILLORIED) || session::check_perm(USER_PERM_PILLORIED, 0) || $post_edit_time > 0 && time() - $edit_message['CREATED'] >= $post_edit_time * HOUR_IN_SECONDS) && !session::check_perm(USER_PERM_FOLDER_MODERATE, $t_fid)) {
html_draw_error(gettext("You are not permitted to edit this message."), 'discussion.php', 'get', array('back' => gettext("Back")), array('msg' => $edit_message));
}
if (forum_get_setting('require_post_approval', 'Y') && isset($edit_message['APPROVED']) && $edit_message['APPROVED'] == 0 && !session::check_perm(USER_PERM_FOLDER_MODERATE, $t_fid)) {
html_draw_error(gettext("You are not permitted to edit this message."), 'discussion.php', 'get', array('back' => gettext("Back")), array('msg' => $edit_message));
}
if ($preview_message = messages_get($tid, $pid, 1)) {
$preview_message['CONTENT'] = message_get_content($tid, $pid);
if (strlen(trim($preview_message['CONTENT'])) < 1 && !thread_is_poll($tid)) {
html_draw_top(sprintf("title=%s", gettext("Error")));
post_edit_refuse($tid, $pid);
html_draw_bottom();
exit;
}
if ((session::get_value('UID') != $preview_message['FROM_UID'] || session::check_perm(USER_PERM_PILLORIED, 0)) && !session::check_perm(USER_PERM_FOLDER_MODERATE, $t_fid)) {
html_draw_top(sprintf("title=%s", gettext("Error")));
post_edit_refuse($tid, $pid);
html_draw_bottom();
exit;
}
if (forum_get_setting('require_post_approval', 'Y') && isset($preview_message['APPROVED']) && $preview_message['APPROVED'] == 0 && !session::check_perm(USER_PERM_FOLDER_MODERATE, $t_fid)) {
html_draw_top(sprintf("title=%s", gettext("Error")));
post_edit_refuse($tid, $pid);
html_draw_bottom();
function post_delete($tid, $pid)
{
if (!is_numeric($tid)) {
return false;
}
if (!is_numeric($pid)) {
return false;
}
if (!($table_prefix = get_table_prefix())) {
return false;
}
if (!($db = db::get())) {
return false;
}
if (($approve_uid = session::get_value('UID')) === false) {
return false;
}
$current_datetime = date(MYSQL_DATETIME, time());
if (thread_is_poll($tid) && $pid == 1) {
$sql = "UPDATE LOW_PRIORITY `{$table_prefix}THREAD` SET POLL_FLAG = 'N', ";
$sql .= "MODIFIED = CAST('{$current_datetime}' AS DATETIME) WHERE TID = '{$tid}'";
if (!$db->query($sql)) {
return false;
}
}
$sql = "UPDATE LOW_PRIORITY `{$table_prefix}THREAD` SET DELETED = 'Y', ";
$sql .= "MODIFIED = CAST('{$current_datetime}' AS DATETIME) WHERE TID = '{$tid}' AND LENGTH = 1";
if (!$db->query($sql)) {
return false;
}
$sql = "UPDATE LOW_PRIORITY `{$table_prefix}POST_CONTENT` SET CONTENT = NULL ";
$sql .= "WHERE TID = '{$tid}' AND PID = '{$pid}'";
if (!$db->query($sql)) {
return false;
}
$sql = "UPDATE LOW_PRIORITY `{$table_prefix}POST` ";
$sql .= "SET APPROVED = CAST('{$current_datetime}' AS DATETIME), ";
$sql .= "APPROVED_BY = '{$approve_uid}' WHERE TID = '{$tid}' ";
$sql .= "AND PID = '{$pid}'";
if (!$db->query($sql)) {
return false;
}
return true;
}
$msg = $_POST['msg'];
list($tid, $pid) = explode('.', $_POST['msg']);
if (!($t_fid = thread_get_folder($tid, $pid))) {
html_draw_error(gettext("The requested thread could not be found or access was denied."));
}
} else {
html_draw_error(gettext("No message specified for editing"), 'discussion.php', 'get', array('back' => gettext("Back")));
}
}
if (!($edit_message = messages_get($tid, $pid, 1))) {
html_draw_top(sprintf("title=%s", gettext("Error")));
html_display_error_msg(gettext("That post does not exist in this thread!"));
html_draw_bottom();
exit;
}
if (thread_is_poll($tid) && $pid == 1) {
header_redirect("edit_poll.php?webtag={$webtag}&msg={$msg}");
exit;
}
if (session::check_perm(USER_PERM_EMAIL_CONFIRM, 0)) {
html_email_confirmation_error();
exit;
}
if (!session::check_perm(USER_PERM_POST_EDIT | USER_PERM_POST_READ, $t_fid)) {
html_draw_error(gettext("You cannot edit posts in this folder"));
}
if (!($thread_data = thread_get($tid))) {
html_draw_error(gettext("The requested thread could not be found or access was denied."));
}
$error_msg_array = array();
$show_sigs = session::get_value('VIEW_SIGS') == 'N' ? false : true;
echo " <td align=\"left\"> </td>\n";
echo " <td align=\"left\">", form_checkbox("merge_thread_con", "Y", gettext("Confirm")), "</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
} else {
if (!thread_is_poll($tid) && $thread_available_pids) {
$thread_available_pids = array(' ') + $thread_available_pids;
echo " <br />\n";
echo " <table class=\"box\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"posthead\">\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"subhead\" colspan=\"2\">", gettext("Merge / Split Thread"), "</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\">\n";
echo " <table class=\"posthead\" width=\"95%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" width=\"260\">", form_radio("thread_merge_split", 0, gettext("Merge with thread ID:"), false, false, 'posthead'), "</td>\n";
echo " <td align=\"left\" style=\"white-space: nowrap\">", form_input_text_search('merge_thread', '', 37, false, SEARCH_THREAD, false, "", "merge_thread_id"), "</td>\n";
list($tid, $pid) = explode('.', $edit_msg);
if (!($fid = thread_get_folder($tid, $pid))) {
html_draw_error(gettext("The requested thread could not be found or access was denied."));
}
} else {
if (isset($_POST['msg']) && validate_msg($_POST['msg'])) {
$edit_msg = $_POST['msg'];
list($tid, $pid) = explode('.', $_POST['msg']);
if (!($fid = thread_get_folder($tid, $pid))) {
html_draw_error(gettext("The requested thread could not be found or access was denied."));
}
} else {
html_draw_error(gettext("No message specified for editing"));
}
}
if (!thread_is_poll($tid) || $pid != 1) {
$uri = "edit.php?webtag={$webtag}";
if (isset($_GET['msg']) && validate_msg($_GET['msg'])) {
$uri .= "&msg=" . $_GET['msg'];
} else {
if (isset($_POST['msg']) && validate_msg($_POST['msg'])) {
$uri .= "&msg=" . $_POST['msg'];
}
}
header_redirect($uri);
}
if (!folder_get_by_type_allowed(FOLDER_ALLOW_POLL_THREAD)) {
html_message_type_error();
exit;
}
if (!($fid = thread_get_folder($tid))) {
$message['CONTENT'] = message_get_content($search_result['TID'], $search_result['PID']);
$message['CONTENT'] = message_apply_formatting($message['CONTENT'], true);
$message['CONTENT'] = trim(strip_tags($message['CONTENT']));
// Limit thread title to 20 characters.
if (mb_strlen($message['TITLE']) > 20) {
$message['TITLE'] = word_filter_add_ob_tags(mb_substr($message['TITLE'], 0, 20), true) . "…";
} else {
$message['TITLE'] = word_filter_add_ob_tags($message['TITLE'], true);
}
// Limit displayed post content to 35 characters
if (mb_strlen($message['CONTENT']) > 70) {
$message['CONTENT'] = word_filter_add_ob_tags(fix_html(mb_substr($message['CONTENT'], 0, 70)), true) . "…";
} else {
$message['CONTENT'] = word_filter_add_ob_tags($message['CONTENT'], true);
}
if (thread_is_poll($search_result['TID']) && $search_result['PID'] == 1 || strlen($message['CONTENT']) < 1) {
echo " <li><p><a href=\"messages.php?webtag={$webtag}&msg={$search_result['TID']}.{$search_result['PID']}&hightlight=yes\" target=\"", html_get_frame_name('right'), "\"><b>{$message['TITLE']}</b></a><br />";
echo "<span><b>", gettext("From"), ":</b> ", word_filter_add_ob_tags(format_user_name($search_result['FROM_LOGON'], $search_result['FROM_NICKNAME']), true), ", ", format_date_time($search_result['CREATED']), "</span></p></li>\n";
} else {
echo " <li><p><a href=\"messages.php?webtag={$webtag}&msg={$search_result['TID']}.{$search_result['PID']}&highlight=yes\" target=\"", html_get_frame_name('right'), "\"><b>{$message['TITLE']}</b></a><br />";
echo "{$message['CONTENT']}<br /><span><b>", gettext("From"), ":</b> ", word_filter_add_ob_tags(format_user_name($search_result['FROM_LOGON'], $search_result['FROM_NICKNAME']), true), ", ", format_date_time($search_result['CREATED']), "</span></p></li>\n";
}
}
}
}
echo "</ol>\n";
if (ceil($search_results_array['result_count'] / 20) > $page) {
echo "", html_style_image('current_thread'), " <a href=\"search.php?webtag={$webtag}&page=", $page + 1, "&sort_by={$sort_by}&sort_dir={$sort_dir}\">", gettext("Find more"), "</a><br />\n";
}
echo "<br />\n";
echo "<form accept-charset=\"utf-8\" name=\"f_nav\" method=\"get\" action=\"search.php\" target=\"_self\">\n";
function post_delete($tid, $pid)
{
if (!is_numeric($tid)) {
return false;
}
if (!is_numeric($pid)) {
return false;
}
if (!($table_prefix = get_table_prefix())) {
return false;
}
if (!($db = db::get())) {
return false;
}
if (!isset($_SESSION['UID']) || !is_numeric($_SESSION['UID'])) {
return false;
}
$current_datetime = date(MYSQL_DATETIME, time());
$modified_cutoff_datetime = forum_get_unread_cutoff_datetime();
if (thread_is_poll($tid) && $pid == 1) {
$sql = "UPDATE LOW_PRIORITY `{$table_prefix}THREAD` SET POLL_FLAG = 'N', ";
$sql .= "MODIFIED = IF(MODIFIED < CAST('{$modified_cutoff_datetime}' AS DATETIME), ";
$sql .= "MODIFIED, CAST('{$current_datetime}' AS DATETIME)) WHERE TID = '{$tid}'";
if (!$db->query($sql)) {
return false;
}
}
$sql = "UPDATE LOW_PRIORITY `{$table_prefix}THREAD` SET DELETED = 'Y', ";
$sql .= "MODIFIED = IF(MODIFIED < CAST('{$modified_cutoff_datetime}' AS DATETIME), ";
$sql .= "MODIFIED, CAST('{$current_datetime}' AS DATETIME)) WHERE TID = '{$tid}' ";
$sql .= "AND LENGTH = 1";
if (!$db->query($sql)) {
return false;
}
$sql = "UPDATE LOW_PRIORITY `{$table_prefix}POST_CONTENT` SET CONTENT = NULL ";
$sql .= "WHERE TID = '{$tid}' AND PID = '{$pid}'";
if (!$db->query($sql)) {
return false;
}
$sql = "UPDATE LOW_PRIORITY `{$table_prefix}POST` ";
$sql .= "SET APPROVED = CAST('{$current_datetime}' AS DATETIME), ";
$sql .= "APPROVED_BY = '{$_SESSION['UID']}' WHERE TID = '{$tid}' ";
$sql .= "AND PID = '{$pid}'";
if (!$db->query($sql)) {
return false;
}
post_delete_tags($tid, $pid);
return true;
}
