<?php
require_once dirname(__FILE__) . '/main_functions.php';
require_once dirname(__FILE__) . '/common_functions.php';
require_once dirname(dirname(__FILE__)) . '/class/d3forum.textsanitizer.php';
$myts =& D3forumTextSanitizer::getInstance();
$db =& Database::getInstance();
// GET $uid
$uid = is_object(@$xoopsUser) ? $xoopsUser->getVar('uid') : 0;
$isadmin = $uid > 0 ? $xoopsUser->isAdmin() : false;
// post orders (default post_time desc)
$postorder = isset($_COOKIE[$mydirname . '_postorder']) ? intval($_COOKIE[$mydirname . '_postorder']) : 2;
// icon meanings
$d3forum_icon_meanings = explode('|', $xoopsModuleConfig['icon_meanings']);
// get this user's permissions as perm array
$category_permissions = d3forum_get_category_permissions_of_current_user($mydirname);
$whr_read4cat = 'c.`cat_id` IN (' . implode(",", array_keys($category_permissions)) . ')';
$forum_permissions = d3forum_get_forum_permissions_of_current_user($mydirname);
$whr_read4forum = 'f.`forum_id` IN (' . implode(",", array_keys($forum_permissions)) . ')';
// init xoops_breadcrumbs
if (is_object($xoopsModule)) {
$xoops_breadcrumbs[0] = array('url' => XOOPS_URL . '/modules/' . $mydirname . '/index.php', 'name' => $xoopsModule->getVar('name'));
} else {
$xoops_breadcrumbs = array();
}
function attachfile_check_upload_permission_plugin( $target_id )
{
global $config_handler , $module_handler , $xoopsUser , $xoopsDB ;
// emulate d3forum
$mytrustdirname = $this->target_trustdirname ;
$mytrustdirpath = XOOPS_TRUST_PATH.'/modules/'.$mytrustdirname ;
$mydirname = $this->target_dirname ;
$xoopsModule =& $module_handler->getByDirname( $mydirname );
if ($xoopsModule->getVar('hasconfig') == 1 || $xoopsModule->getVar('hascomments') == 1 || $xoopsModule->getVar( 'hasnotification' ) == 1) {
$xoopsModuleConfig =& $config_handler->getConfigsByCat(0, $xoopsModule->getVar('mid'));
}
include_once $mytrustdirpath.'/include/main_functions.php' ;
// from include/common_prepend.php
// GET $uid
$uid = is_object( @$xoopsUser ) ? $xoopsUser->getVar('uid') : 0 ;
$isadmin = $uid > 0 ? $xoopsUser->isAdmin() : false ;
// get this user's permissions as perm array
$category_permissions = d3forum_get_category_permissions_of_current_user( $mydirname ) ;
$whr_read4cat = 'c.`cat_id` IN (' . implode( "," , array_keys( $category_permissions ) ) . ')' ;
$forum_permissions = d3forum_get_forum_permissions_of_current_user( $mydirname ) ;
$whr_read4forum = 'f.`forum_id` IN (' . implode( "," , array_keys( $forum_permissions ) ) . ')' ;
// from main/edit.php
$post_id = intval( $target_id ) ;
// get this "post" from given $post_id
$sql = "SELECT * FROM ".$xoopsDB->prefix($mydirname."_posts")." WHERE post_id=$post_id" ;
if( ! $prs = $xoopsDB->query( $sql ) ) return false ;
if( $xoopsDB->getRowsNum( $prs ) <= 0 ) return false ;
$post_row = $xoopsDB->fetchArray( $prs ) ;
$topic_id = intval( $post_row['topic_id'] ) ;
// from include/process_this_topic.inc.php
// get this "topic" from given $topic_id
$sql = "SELECT t.*,u2t.u2t_time,u2t.u2t_marked,u2t.u2t_rsv,p.number_entity,p.special_entity FROM ".$xoopsDB->prefix($mydirname."_topics")." t LEFT JOIN ".$xoopsDB->prefix($mydirname."_users2topics")." u2t ON t.topic_id=u2t.topic_id AND u2t.uid=$uid LEFT JOIN ".$xoopsDB->prefix($mydirname."_posts")." p ON t.topic_first_post_id=p.post_id WHERE t.topic_id=$topic_id" ;
if( ! $trs = $xoopsDB->query( $sql ) ) return false ;
if( $xoopsDB->getRowsNum( $trs ) <= 0 ) return false ;
$topic_row = $xoopsDB->fetchArray( $trs ) ;
$forum_id = intval( $topic_row['forum_id'] ) ;
$isadminormod = (boolean) @$forum_permissions[ $forum_id ]['is_moderator'] || $isadmin ;
// TOPIC_INVISIBLE (check & make where)
if( $isadminormod ) {
$whr_topic_invisible = '1' ;
} else {
if( $topic_row['topic_invisible'] ) return false ;
$whr_topic_invisible = '! topic_invisible' ;
}
// from include/process_this_forum.inc.php
// get this "forum" from given $forum_id
$sql = "SELECT * FROM ".$xoopsDB->prefix($mydirname."_forums")." f WHERE ($whr_read4forum) AND f.forum_id=$forum_id" ;
if( ! $frs = $xoopsDB->query( $sql ) ) die( _MD_D3FORUM_ERR_SQL.__LINE__ ) ;
if( $xoopsDB->getRowsNum( $frs ) <= 0 ) return false ;
$forum_row = $xoopsDB->fetchArray( $frs ) ;
$cat_id = intval( $forum_row['cat_id'] ) ;
$isadminormod = (boolean)$forum_permissions[ $forum_id ]['is_moderator'] || $isadmin ;
$can_post = (boolean)$forum_permissions[ $forum_id ]['can_post'] || $isadminormod ;
$can_edit = (boolean)$forum_permissions[ $forum_id ]['can_edit'] || $isadminormod ;
$can_delete = (boolean)$forum_permissions[ $forum_id ]['can_delete'] || $isadminormod ;
$need_approve = ! (boolean)$forum_permissions[ $forum_id ]['post_auto_approved'] && ! $isadminormod ;
// from include/process_this_category.inc.php
// get this "category" from given $cat_id
$sql = "SELECT * FROM ".$xoopsDB->prefix($mydirname."_categories")." c WHERE $whr_read4cat AND c.cat_id=$cat_id" ;
if( ! $crs = $xoopsDB->query( $sql ) ) return false ;
if( $xoopsDB->getRowsNum( $crs ) <= 0 ) return false ;
$cat_row = $xoopsDB->fetchArray( $crs ) ;
$isadminorcatmod = (boolean)$category_permissions[ $cat_id ]['is_moderator'] || $isadmin ;
$can_makeforum = (boolean)$category_permissions[ $cat_id ]['can_makeforum'] ;
// from main/edit.php
// hidden_uid
if( $uid == $post_row['uid_hidden'] ) $post_row['uid'] = $post_row['uid_hidden'] ;
// from include/process_eachpost.inc.php
// get this poster's object
$user_handler =& xoops_gethandler( 'user' ) ;
$poster_obj =& $user_handler->get( intval( $post_row['uid'] ) ) ;
if( is_object( $poster_obj ) ) {
// active user's post
// permissions
$can_reply = ( $topic_row['topic_locked'] || $post_row['invisible'] || ! $post_row['approval'] ) ? false : $can_post ;
if( $isadminormod ) {
$can_edit = true ;
$can_delete = true ;
} else if( $post_row['uid'] == $uid ) {
$can_edit = $forum_permissions[ $forum_id ]['can_edit'] && time() < $post_row['post_time'] + $xoopsModuleConfig['selfeditlimit'] ? true : false ;
$can_delete = $forum_permissions[ $forum_id ]['can_delete'] && time() < $post_row['post_time'] + $xoopsModuleConfig['selfdellimit'] ? true : false ;
} else {
$can_edit = false ;
$can_delete = false ;
}
} else {
// guest or quitted or hidden user's post
// permissions
$can_reply = ( $topic_row['topic_locked'] || $post_row['invisible'] || ! $post_row['approval'] ) ? false : $can_post ;
if( $isadminormod ) {
$can_edit = true ;
$can_delete = true ;
} else if( $post_row['uid_hidden'] && $post_row['uid_hidden'] == $uid ) {
$can_edit = $forum_permissions[ $forum_id ]['can_edit'] && time() < $post_row['post_time'] + $xoopsModuleConfig['selfeditlimit'] ? true : false ;
$can_delete = $forum_permissions[ $forum_id ]['can_delete'] && time() < $post_row['post_time'] + $xoopsModuleConfig['selfdellimit'] ? true : false ;
} else {
$can_edit = false ;
$can_delete = false ;
}
}
// from main/edit.php
// check edit permission
if( empty( $can_edit ) ) return false ;
// check edit permission
if( ! $uid ) {
// guest edit (TODO)
return false ;
} else if( $isadminormod ) {
// admin edit
// ok
} else if( $uid == $post_row['uid'] && $xoopsModuleConfig['selfeditlimit'] > 0 ) {
// self edit
if( time() < $post_row['post_time'] + intval( $xoopsModuleConfig['selfeditlimit'] ) ) {
// before time limit
// all green for self edit
} else {
// after time limit
return false ;
}
} else {
// no perm
return false ;
}
return true;
}
