/** * @see Page::readParameters() */ public function readParameters() { MessageForm::readParameters(); if (isset($_REQUEST['postID'])) { $this->postID = intval($_REQUEST['postID']); } $this->post = new PostEditor($this->postID); $this->thread = new ThreadEditor($this->post->threadID); if (!$this->thread->threadID) { throw new IllegalLinkException(); } $this->board = new BoardEditor($this->thread->boardID); $this->thread->enter($this->board); // check permissions (TODO: maybe we can use post->canEditPost() here) $this->isModerator = $this->board->getModeratorPermission('canEditPost') || $this->board->getModeratorPermission('canDeletePost'); $this->isAuthor = $this->post->userID && $this->post->userID == WCF::getUser()->userID; $this->canEditPost = $this->board->getModeratorPermission('canEditPost') || $this->isAuthor && $this->board->getPermission('canEditOwnPost'); $this->canDeletePost = $this->board->getModeratorPermission('canDeletePost') || $this->isAuthor && $this->board->getPermission('canDeleteOwnPost'); if (!$this->canEditPost && !$this->canDeletePost || !$this->isModerator && ($this->board->isClosed || $this->thread->isClosed || $this->post->isClosed)) { throw new PermissionDeniedException(); } // check post edit timeout if (!$this->isModerator && WCF::getUser()->getPermission('user.board.postEditTimeout') != -1 && TIME_NOW - $this->post->time > WCF::getUser()->getPermission('user.board.postEditTimeout') * 60) { throw new NamedUserException(WCF::getLanguage()->getDynamicVariable('wbb.postEdit.error.timeout', array('timeout' => WCF::getUser()->getPermission('user.board.postEditTimeout')))); } }
/** * @see Action::readParameters() */ public function readParameters() { parent::readParameters(); // get post $this->post = new PostEditor($this->objectID); if (!$this->post->postID) { throw new IllegalLinkException(); } // get thread $this->thread = new ThreadEditor($this->post->threadID); $this->thread->enter(); }
/** * @see Action::readParameters() */ public function readParameters() { parent::readParameters(); if (isset($_REQUEST['threadID'])) { $this->threadID = intval($_REQUEST['threadID']); } // get thread $this->thread = new ThreadEditor($this->threadID); // get board $this->board = Board::getBoard($this->thread->boardID); // enter thread $this->thread->enter($this->board); }
/** * @see Page::readParameters() */ public function readParameters() { parent::readParameters(); // get post if (isset($_REQUEST['postID'])) { $this->postID = intval($_REQUEST['postID']); } $this->post = new Post($this->postID); if (!$this->post->postID) { throw new IllegalLinkException(); } // get thread $this->thread = new Thread($this->post->threadID); $this->thread->enter(); }
/** * @see Page::readParameters() */ public function readParameters() { MessageForm::readParameters(); if (isset($_REQUEST['threadID'])) { $this->threadID = intval($_REQUEST['threadID']); } if (isset($_REQUEST['postID'])) { $this->postID = intval($_REQUEST['postID']); } if (isset($_REQUEST['action'])) { $this->action = $_REQUEST['action']; } // get thread $this->thread = new ThreadEditor($this->threadID, null, $this->postID); $this->threadID = $this->thread->threadID; // get board $this->board = new BoardEditor($this->thread->boardID); // check permissions $this->thread->enter($this->board); if (!$this->thread->canReplyThread($this->board)) { throw new PermissionDeniedException(); } // check double posts if (WCF::getUser()->getPermission('user.board.doublePostLock') != 0 && WCF::getUser()->userID && WCF::getUser()->userID == $this->thread->lastPosterID) { if (WCF::getUser()->getPermission('user.board.doublePostLock') == -1) { throw new NamedUserException(WCF::getLanguage()->get('wbb.postAdd.error.doublePostLock')); } else { if ($this->thread->lastPostTime >= TIME_NOW - WCF::getUser()->getPermission('user.board.doublePostLock') * 60) { throw new NamedUserException(WCF::getLanguage()->getDynamicVariable('wbb.postAdd.error.doublePostLockTime', array('timeout' => WCF::getUser()->getPermission('user.board.doublePostLock')))); } } } $this->messageTable = "wbb" . WBB_N . "_post"; }
/** * @see Action::readParameters() */ public function readParameters() { parent::readParameters(); try { // get post if (isset($_REQUEST['postID'])) { $this->postID = intval($_REQUEST['postID']); } $this->post = new PostEditor($this->postID); if (!$this->post->postID) { throw new IllegalLinkException(); } // get thread $this->thread = new ThreadEditor($this->post->threadID); $this->board = new BoardEditor($this->thread->boardID); $this->thread->enter($this->board); // check permissions $isModerator = $this->board->getModeratorPermission('canEditPost') || $this->board->getModeratorPermission('canDeletePost'); $isAuthor = $this->post->userID && $this->post->userID == WCF::getUser()->userID; $canEditPost = $this->board->getModeratorPermission('canEditPost') || $isAuthor && $this->board->getPermission('canEditOwnPost'); if (!$canEditPost || !$isModerator && ($this->board->isClosed || $this->thread->isClosed || $this->post->isClosed)) { throw new PermissionDeniedException(); } // check post edit timeout if (!$isModerator && WCF::getUser()->getPermission('user.board.postEditTimeout') != -1 && TIME_NOW - $this->post->time > WCF::getUser()->getPermission('user.board.postEditTimeout') * 60) { throw new NamedUserException(WCF::getLanguage()->get('wbb.postEdit.error.timeout', array('$timeout' => WCF::getUser()->getPermission('user.board.postEditTimeout')))); } // get message if (isset($_POST['text'])) { $this->text = StringUtil::trim($_POST['text']); if (CHARSET != 'UTF-8') { $this->text = StringUtil::convertEncoding('UTF-8', CHARSET, $this->text); } if (empty($this->text)) { throw new IllegalLinkException(); } } } catch (UserException $e) { @header('HTTP/1.0 403 Forbidden'); echo $e->getMessage(); exit; } }
/** * @see Page::readParameters() */ public function readParameters() { parent::readParameters(); if (isset($_REQUEST['postID'])) { $this->postID = intval($_REQUEST['postID']); } $this->post = new PostEditor($this->postID); $this->thread = new ThreadEditor($this->post->threadID); $this->board = new BoardEditor($this->thread->boardID); $this->thread->enter($this->board); if (!WCF::getUser()->userID) { throw new PermissionDeniedException(); } // check whether this post was already reported $sql = "SELECT \tpostID\n\t\t\tFROM\twbb" . WBB_N . "_post_report\n\t\t\tWHERE\tpostID = " . $this->postID; $row = WCF::getDB()->getFirstRow($sql); if (isset($row['postID'])) { throw new NamedUserException(WCF::getLanguage()->get('wbb.report.error.alreadyReported')); } }
/** * @see Page::readParameters() */ public function readParameters() { parent::readParameters(); if (isset($_REQUEST['boardID'])) { $this->boardID = intval($_REQUEST['boardID']); } if (isset($_REQUEST['threadID'])) { $this->threadID = ArrayUtil::toIntegerArray($_REQUEST['threadID']); } if (isset($_REQUEST['reason'])) { $this->reason = StringUtil::trim($_REQUEST['reason']); if (CHARSET != 'UTF-8') { $this->reason = StringUtil::convertEncoding('UTF-8', CHARSET, $this->reason); } } if (isset($_REQUEST['topic'])) { $this->topic = StringUtil::trim($_REQUEST['topic']); if (CHARSET != 'UTF-8') { $this->topic = StringUtil::convertEncoding('UTF-8', CHARSET, $this->topic); } } if (isset($_REQUEST['prefix'])) { $this->prefix = $_REQUEST['prefix']; if (CHARSET != 'UTF-8') { $this->prefix = StringUtil::convertEncoding('UTF-8', CHARSET, $this->prefix); } } if (isset($_REQUEST['url'])) { $this->url = $_REQUEST['url']; } if (!is_array($this->threadID) && $this->threadID != 0) { $this->thread = new ThreadEditor($this->threadID); $this->boardID = $this->thread->boardID; if ($this->thread->movedThreadID) { $movedThread = new ThreadEditor($this->thread->movedThreadID); $movedThread->enter(); } else { $this->thread->enter(); } } if ($this->boardID != 0) { $this->board = new BoardEditor($this->boardID); if ($this->thread == null) { $this->board->enter(); } } }
/** * Unmarks the selected post. */ public function unmark() { if ($this->post != null) { $this->post->unmark(); } else { if (is_array($this->postID)) { $threadIDs = PostEditor::getThreadIDs(implode(',', $this->postID)); if (!empty($threadIDs)) { // check permissions $sql = "SELECT\t*\n\t\t\t\t\tFROM\twbb" . WBB_N . "_thread\n\t\t\t\t\tWHERE\tthreadID IN (" . $threadIDs . ")"; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { $thread = new ThreadEditor(null, $row); $thread->enter(); } foreach ($this->postID as $postID) { $post = new PostEditor($postID); $post->unmark(); } } } } }
/** * Unmarks the selected thread. */ public function unmark() { if ($this->thread != null) { $this->thread->unmark(); } else { if (is_array($this->threadID)) { foreach ($this->threadID as $threadID) { $thread = new ThreadEditor($threadID); $thread->enter(); $thread->unmark(); } } } }