public static function validateExecution() { global $asgarosforum; // Cancel if there is already an error. if (!empty($asgarosforum->error)) { return false; } // Cancel if the current user is banned. if (AsgarosForumPermissions::isBanned('current')) { $asgarosforum->error = __('You are banned!', 'asgaros-forum'); return false; } // Cancel if the current user is not allowed to edit that post. if (self::getAction() === 'edit_post' && !AsgarosForumPermissions::isModerator('current') && get_current_user_id() != $asgarosforum->get_post_author($asgarosforum->current_post)) { $asgarosforum->error = __('You are not allowed to do this.', 'asgaros-forum'); return false; } // Cancel if subject is empty. if ((self::getAction() === 'add_thread' || self::getAction() === 'edit_post' && $asgarosforum->is_first_post($asgarosforum->current_post)) && empty(self::$dataSubject)) { $asgarosforum->info = __('You must enter a subject.', 'asgaros-forum'); return false; } // Cancel if content is empty. if (empty(self::$dataContent)) { $asgarosforum->info = __('You must enter a message.', 'asgaros-forum'); return false; } // Do custom insert validation checks. $custom_check = apply_filters('asgarosforum_filter_insert_custom_validation', true); if (!$custom_check) { return false; } return true; }
echo '<div class="notice">' . __('You are not allowed to do this.', 'asgaros-forum') . '</div>'; } if (!$error) { if (!isset($_POST['message']) && isset($_GET['quote']) && $this->element_exists($_GET['quote'], $this->tables->posts)) { $quote_id = absint($_GET['quote']); $text = $this->db->get_row($this->db->prepare("SELECT text, author_id, date FROM {$this->tables->posts} WHERE id = %d;", $quote_id)); $display_name = $this->get_username($text->author_id); $threadcontent = '<blockquote><div class="quotetitle">' . __('Quote from', 'asgaros-forum') . ' ' . $display_name . ' ' . sprintf(__('on %s', 'asgaros-forum'), $this->format_date($text->date)) . '</div>' . $text->text . '</blockquote><br />'; } } } else { if ($this->current_view === 'editpost') { if (!$error) { $id = !empty($_GET['id']) && is_numeric($_GET['id']) ? absint($_GET['id']) : 0; $post = $this->db->get_row($this->db->prepare("SELECT id, text, parent_id, author_id, uploads FROM {$this->tables->posts} WHERE id = %d;", $id)); if (!is_user_logged_in() || get_current_user_id() != $post->author_id && !AsgarosForumPermissions::isModerator('current') || AsgarosForumPermissions::isBanned('current')) { $error = true; echo '<div class="notice">' . __('Sorry, you are not allowed to edit this post.', 'asgaros-forum') . '</div>'; } } if (!$error) { if (!isset($_POST['message'])) { $threadcontent = $post->text; } if (!isset($_POST['subject']) && $this->is_first_post($post->id)) { $threadname = $this->db->get_var($this->db->prepare("SELECT name FROM {$this->tables->topics} WHERE id = %d;", $post->parent_id)); } } } } }
function get_forum_status() { if (!AsgarosForumPermissions::isModerator('current')) { $closed = intval($this->db->get_var($this->db->prepare("SELECT closed FROM {$this->tables->forums} WHERE id = %d;", $this->current_forum))); if ($closed === 1) { return false; } } return true; }