function message_on_send(&$api) { include dirname(__FILE__) . '/message_controller.class.php'; $parent_id = (int) $_POST['parent_id']; $may_quote = (int) $_POST['may_quote']; $controller = new MessageController($api); $user = $api->user(); $forum_id = $api->forum()->get_id(); $forumdb = $api->forumdb(); $api->group()->assert_may('write'); // Check whether editing is allowed per configuration. if ($_POST['msg_id'] && !cfg('postings_editable')) { die('Postings may not be changed as per configuration.'); } // Fetch the posting from the database (when editing an existing one) or // create a new one from the POST data. if ($_POST['msg_id']) { $posting = $forumdb->get_posting_from_id($_POST['msg_id']); $old_hash = $posting->get_hash(); $posting->set_subject($_POST['subject']); $posting->set_body($_POST['body']); $new_hash = $posting->get_hash(); // Was the content changed? if ($old_hash === $new_hash) { $api->refer_to_posting($posting); } else { // Processing without labeling as modified after creation for xx seconds. $marker_delay = (int) cfg('posting_marker_delay', 10); $created_on = (int) $posting->get_created_unixtime(); $updated_on = time(); if ($created_on + $marker_delay < $updated_on) { $posting->set_updated_unixtime($updated_on); } } } else { $posting = message_get_new_posting($api); message_init_posting_from_post_data($posting); } // Make sure that the user is not trying to spoof a name. if (!$user->is_anonymous() && $user->get_name() !== $posting->get_username()) { die('Username does not match currently logged in user'); } // Check the posting for completeness. $err = $posting->check_complete(); if ($err) { $controller->add_hint(new \hint\Error($err)); return $controller->show_compose($posting, $parent_id, $may_quote); } // Make sure that the username is not in use. if ($user->is_anonymous() && !$api->userdb()->username_is_available($posting->get_username())) { $err = _('The entered username is not available.'); $controller->add_hint(new \hint\Error($err)); return $controller->show_compose($posting, $parent_id, $may_quote); } if ($posting->get_id() <= 0) { // If the posting a new one (not an edited one), check for duplicates. $duplicate_id = $forumdb->get_duplicate_id_from_posting($posting); if ($duplicate_id) { $api->refer_to_posting_id($duplicate_id); } // Check whether too many messages were sent. $blocked_until = $api->forumdb()->get_flood_blocked_until($posting); if ($blocked_until) { $err = sprintf(_('You have sent too many messages.' . ' %d seconds until your message may be sent.'), $blocked_until - time()); $controller->add_hint(new \hint\Error($err)); return $controller->show_compose($posting, $parent_id, $may_quote); } // Check whether the user or IP is spam-locked. if ($api->forumdb()->is_spam($posting)) { $controller->add_hint(new \hint\Error(_('Message rejected by spamblocker.'))); return $controller->show_compose($posting, $parent_id, $may_quote); } } // Save the posting. $eventbus = $api->eventbus(); if ($posting->get_id()) { $forumdb->save($forum_id, $parent_id, $posting); /* Plugin hook: on_message_edit_after * Called after a message was edited. * Args: parent: The parent message id or NULL. * posting: The posting that was saved. */ $eventbus->emit('on_message_edit_after', $api, $parent_id, $posting); } else { $forumdb->insert($forum_id, $parent_id, $posting); /* Plugin hook: on_message_insert_after * Called after a new message was posted. * Args: parent: The parent message id or NULL. * posting: The posting that was sent. */ $eventbus->emit('on_message_insert_after', $api, $parent_id, $posting); } if (!$posting->get_id()) { $controller->add_hint(new \hint\Error(_('Failed to save the posting.'))); return $controller->show_compose($posting, $parent_id, $may_quote); } // Success! Refer to the new item. $api->refer_to_posting($posting); }