public function edit()
{
//hacking attempt
if ($_POST['end_of_line'] != "") {
exit;
}
$tid = (int) $_POST['tid'];
$topic = new \CODOF\Forum\Topic($this->db);
$topic_info = $topic->get_topic_info($tid);
//i have come to edit the topic
$tuid = $topic_info['uid'];
$cid = $topic_info['cat_id'];
$topic_status = (int) $topic_info['topic_status'];
$req_cid = (int) $_POST['cat'];
$topicNeedsToBeMoved = $cid != $req_cid;
$has_permission = $topic->canViewTopic($tuid, $cid, $tid) && $topic->canEditTopic($tuid, $cid, $tid);
$user = \CODOF\User\User::get();
if ($topicNeedsToBeMoved) {
$has_permission = $has_permission && $user->can('move topics', $req_cid);
}
if ($has_permission) {
if (isset($_POST['title']) && isset($_POST['cat']) && isset($_POST['imesg']) && isset($_POST['omesg'])) {
if ($topicNeedsToBeMoved) {
\DB::table(PREFIX . 'codo_notify_subscribers')->where('tid', '=', $tid)->update(array('cid' => $req_cid));
//above also checks whether category exists
\DB::table(PREFIX . 'codo_categories')->where('cat_id', $cid)->update(array('no_topics' => \DB::raw('no_topics-1'), 'no_posts' => \DB::raw('no_posts-' . $topic_info['no_posts'])));
\DB::table(PREFIX . 'codo_categories')->where('cat_id', $req_cid)->update(array('no_topics' => \DB::raw('no_topics+1'), 'no_posts' => \DB::raw('no_posts+' . $topic_info['no_posts'])));
$cid = $req_cid;
if ($_POST['notify'] === 'true') {
$categoryName = $topic->getCatNameFromId($cid);
$topicData = array("label" => 'Topic moved', "cid" => $req_cid, "tid" => $tid, "pid" => $topic_info['post_id'], "notification" => "%actor% moved <b>%title%</b> to %category%", "bindings" => array("title" => \CODOF\Util::start_cut($topic_info['title'], 100), "category" => $categoryName));
$notifier = new \CODOF\Forum\Notification\Notifier();
$notifier->queueNotify('ofTopic', $topicData);
}
}
$sticky = $_POST['sticky'] === "true" ? 'yes' : 'no';
$frontpage = $_POST['frontpage'] === "true" ? 'yes' : 'no';
$new_topic_status = $topic_status;
if ($sticky == 'yes' && $user->can('make sticky')) {
if ($frontpage == 'yes') {
$new_topic_status = \CODOF\Forum\Forum::STICKY;
} else {
$new_topic_status = \CODOF\Forum\Forum::STICKY_ONLY_CATEGORY;
}
}
if ($sticky == 'no' && \CODOF\Forum\Forum::isSticky($topic_status)) {
$new_topic_status = \CODOF\Forum\Forum::APPROVED;
}
$topic->edit_topic($cid, $tid, $topic_info['post_id'], $_POST['title'], $_POST['imesg'], $_POST['omesg'], $new_topic_status);
}
if (isset($_POST['tags']) && $user->can('add tags')) {
$tags = $_POST['tags'];
$dbTags = $topic->getTags($tid);
$_tags = $topic->getTagStatus($dbTags, $tags);
$topic->insertTags($tid, $_tags['toInsert']);
$topic->removeTags($tid, $_tags['toDelete']);
}
echo json_encode(array('tid' => $tid));
} else {
echo _t("You do not have permission to ") . _t("edit this topic");
}
}
