while ($attachment = $db->fetch_array($attachs)) {
if (!$attachment['build_thumbnail']) {
$attachment['hasthumbnail'] = false;
}
$postattach["{$attachment['attachmentid']}"] = $attachment;
}
// Attachments added since the edit began.
$attachs = $db->query_read("\n\t\t\tSELECT dateline, thumbnail_dateline, filename, filesize, visible, attachmentid, counter,\n\t\t\t\tIF(thumbnail_filesize > 0, 1, 0) AS hasthumbnail, thumbnail_filesize,\n\t\t\t\tattachmenttype.thumbnail AS build_thumbnail, attachmenttype.newwindow\n\t\t\tFROM " . TABLE_PREFIX . "attachment AS attachment\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "attachmenttype AS attachmenttype USING (extension)\n\t\t\tWHERE posthash = '" . $db->escape_string($posthash) . "'\n\t\t\t\tAND (userid = " . $vbulletin->userinfo['userid'] . " OR userid = {$postinfo['userid']})\n\t\t\tORDER BY attachmentid\n\t\t");
while ($attachment = $db->fetch_array($attachs)) {
if (!$attachment['build_thumbnail']) {
$attachment['hasthumbnail'] = false;
}
$postattach["{$attachment['attachmentid']}"] = $attachment;
}
// ### PREVIEW POST ###
$postpreview = process_post_preview($edit, $postinfo['userid'], $postattach);
$previewpost = true;
$_REQUEST['do'] = 'editpost';
} else {
if ($vbulletin->GPC['advanced']) {
// Don't display preview on QuickEdit->Advanced as parseurl is turned off and so the preview won't be correct unless the post originally had checked to not parse links
// If you turn on parseurl then the opposite happens and you have to go unparse your links if that is what you want. Compromise
$_REQUEST['do'] = 'editpost';
} else {
// ### POST HAS NO ERRORS ###
$dataman->save();
$update_edit_log = true;
// don't show edited by AND reason unchanged - don't update edit log
if (!($permissions['genericoptions'] & $vbulletin->bf_ugp_genericoptions['showeditedby']) and $edit['reason'] == $postinfo['edit_reason']) {
$update_edit_log = false;
}
$errors[] = fetch_error('pmfloodcheck', $vbulletin->options['pmfloodtime'], $vbulletin->options['pmfloodtime'] - $timepassed);
}
}
}
// process errors if there are any
$errors = array_merge($errors, $pmdm->errors);
if (!empty($errors)) {
define('PMPREVIEW', 1);
$preview = construct_errors($errors);
// this will take the preview's place
$_REQUEST['do'] = 'newpm';
} else {
if ($vbulletin->GPC['preview'] != '') {
define('PMPREVIEW', 1);
$foruminfo = array('forumid' => 'privatemessage', 'allowicons' => $vbulletin->options['privallowicons']);
$preview = process_post_preview($pm);
$_REQUEST['do'] = 'newpm';
} else {
// everything's good!
$pmdm->save();
// force pm counters to be rebuilt
$vbulletin->userinfo['pmunread'] = -1;
build_pm_counters();
($hook = vBulletinHook::fetch_hook('private_insertpm_complete')) ? eval($hook) : false;
$vbulletin->url = 'private.php' . $vbulletin->session->vars['sessionurl_q'];
eval(print_standard_redirect('pm_messagesent'));
}
}
}
// ############################### start new pm ###############################
// form for creating a new private message
$newpost['message'] = htmlspecialchars_uni($newpost['message']);
$podcasturl = htmlspecialchars_uni($newpost['podcasturl']);
$podcastsize = $newpost['podcastsize'] ? $newpost['podcastsize'] : '';
$podcastkeywords = htmlspecialchars_uni($newpost['podcastkeywords']);
$podcastsubtitle = htmlspecialchars_uni($newpost['podcastsubtitle']);
$podcastauthor = htmlspecialchars_uni($newpost['podcastauthor']);
$explicitchecked = $newpost['podcastexplicit'] ? 'checked="checked"' : '';
} else {
if ($newpost['preview']) {
if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid'] and !empty($vbulletin->userinfo['attachmentextensions'])) {
require_once DIR . '/packages/vbattach/attach.php';
$attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post');
$postattach = $attach->fetch_postattach($posthash);
}
// ### PREVIEW POST ###
$postpreview = process_post_preview($newpost, 0, $postattach);
$_REQUEST['do'] = 'newthread';
$newpost['message'] = htmlspecialchars_uni($newpost['message']);
$podcasturl = htmlspecialchars_uni($newpost['podcasturl']);
$podcastsize = $newpost['podcastsize'] ? $newpost['podcastsize'] : '';
$podcastkeywords = htmlspecialchars_uni($newpost['podcastkeywords']);
$podcastsubtitle = htmlspecialchars_uni($newpost['podcastsubtitle']);
$podcastauthor = htmlspecialchars_uni($newpost['podcastauthor']);
$explicitchecked = $newpost['podcastexplicit'] ? 'checked="checked"' : '';
} else {
// ### NOT PREVIEW - ACTUAL POST ###
$threadinfo = fetch_threadinfo($newpost['threadid']);
// need the forumread variable from this
mark_thread_read($threadinfo, $foruminfo, $vbulletin->userinfo['userid'], TIMENOW);
($hook = vBulletinHook::fetch_hook('newthread_post_complete')) ? eval($hook) : false;
if ($newpost['postpoll']) {
$ids = $vbulletin->db->query_read_slave("\n\t\t\tSELECT postid\n\t\t\tFROM " . TABLE_PREFIX . "post\n\t\t\tWHERE\n\t\t\t\tthreadid = {$postinfo['threadid']}\n\t\t\t\t\tAND\n\t\t\t\tattach > 0\n\t\t");
while ($id = $vbulletin->db->fetch_array($ids)) {
$idlist[] = $id['postid'];
}
$postattach = $attach->fetch_postattach($posthash, $idlist, $postinfo['userid'], true);
if ($postattach['bycontent'][0]) {
if ($postattach['bycontent'][$postinfo['postid']]) {
$postattach['bycontent'][$postinfo['postid']] = $postattach['bycontent'][$postinfo['postid']] + $postattach['bycontent'][0];
} else {
$postattach['bycontent'][$postinfo['postid']] = $postattach['bycontent'][0];
}
unset($postattach['bycontent'][0]);
}
$edit['postid'] = $postinfo['postid'];
// ### PREVIEW POST ###
$postpreview = process_post_preview($edit, $postinfo['userid'], $postattach['bycontent'][$postinfo['postid']], $postattach['byattachment']);
$previewpost = true;
$_REQUEST['do'] = 'editpost';
} else {
if ($vbulletin->GPC['advanced']) {
// Don't display preview on QuickEdit->Advanced as parseurl is turned off and so the preview won't be correct unless the post originally had checked to not parse links
// If you turn on parseurl then the opposite happens and you have to go unparse your links if that is what you want. Compromise
$_REQUEST['do'] = 'editpost';
} else {
// ### POST HAS NO ERRORS ###
$dataman->save();
clear_autosave_text('vBForum_Post', $postinfo['postid'], 0, $vbulletin->userinfo['userid']);
$update_edit_log = true;
// don't show edited by AND reason unchanged - don't update edit log
if (!($permissions['genericoptions'] & $vbulletin->bf_ugp_genericoptions['showeditedby']) and $edit['reason'] == $postinfo['edit_reason']) {
$update_edit_log = false;
function do_send_pm()
{
global $vbulletin, $db, $permissions;
if (!$vbulletin->userinfo['userid']) {
json_error(ERR_INVALID_LOGGEDIN, RV_NOT_LOGGED_IN);
}
$vbulletin->input->clean_array_gpc('r', array('wysiwyg' => TYPE_BOOL, 'title' => TYPE_NOHTML, 'message' => TYPE_STR, 'parseurl' => TYPE_BOOL, 'savecopy' => TYPE_BOOL, 'signature' => TYPE_BOOL, 'disablesmilies' => TYPE_BOOL, 'receipt' => TYPE_BOOL, 'preview' => TYPE_STR, 'recipients' => TYPE_STR, 'bccrecipients' => TYPE_STR, 'iconid' => TYPE_UINT, 'forward' => TYPE_BOOL, 'folderid' => TYPE_INT, 'sendanyway' => TYPE_BOOL));
if ($vbulletin->GPC['message']) {
$vbulletin->GPC['message'] = prepare_remote_utf8_string($vbulletin->GPC['message']);
}
if ($vbulletin->GPC['title']) {
$vbulletin->GPC['title'] = prepare_remote_utf8_string($vbulletin->GPC['title']);
}
if ($vbulletin->GPC['recipients']) {
$vbulletin->GPC['recipients'] = prepare_remote_utf8_string($vbulletin->GPC['recipients']);
}
$vbulletin->GPC['savecopy'] = true;
if ($permissions['pmquota'] < 1) {
json_error(ERR_NO_PERMISSION);
} else {
if (!$vbulletin->userinfo['receivepm']) {
json_error(strip_tags(fetch_error('pm_turnedoff')), RV_POST_ERROR);
}
}
if (fetch_privatemessage_throttle_reached($vbulletin->userinfo['userid'])) {
json_error(strip_tags(fetch_error('pm_throttle_reached', $vbulletin->userinfo['permissions']['pmthrottlequantity'], $vbulletin->options['pmthrottleperiod'])), RV_POST_ERROR);
}
// include useful functions
require_once DIR . '/includes/functions_newpost.php';
// parse URLs in message text
if ($vbulletin->options['privallowbbcode'] and $vbulletin->GPC['parseurl']) {
$vbulletin->GPC['message'] = convert_url_to_bbcode($vbulletin->GPC['message']);
}
$pm['message'] =& $vbulletin->GPC['message'];
$pm['title'] =& $vbulletin->GPC['title'];
$pm['parseurl'] =& $vbulletin->GPC['parseurl'];
$pm['savecopy'] =& $vbulletin->GPC['savecopy'];
$pm['signature'] =& $vbulletin->GPC['signature'];
$pm['disablesmilies'] =& $vbulletin->GPC['disablesmilies'];
$pm['sendanyway'] =& $vbulletin->GPC['sendanyway'];
$pm['receipt'] =& $vbulletin->GPC['receipt'];
$pm['recipients'] =& $vbulletin->GPC['recipients'];
$pm['bccrecipients'] =& $vbulletin->GPC['bccrecipients'];
$pm['pmid'] =& $vbulletin->GPC['pmid'];
$pm['iconid'] =& $vbulletin->GPC['iconid'];
$pm['forward'] =& $vbulletin->GPC['forward'];
$pm['folderid'] =& $vbulletin->GPC['folderid'];
// *************************************************************
// PROCESS THE MESSAGE AND INSERT IT INTO THE DATABASE
$errors = array();
// catches errors
if ($vbulletin->userinfo['pmtotal'] > $permissions['pmquota'] or $vbulletin->userinfo['pmtotal'] == $permissions['pmquota'] and $pm['savecopy']) {
json_error(strip_tags(fetch_error('yourpmquotaexceeded')), RV_POST_ERROR);
}
// create the DM to do error checking and insert the new PM
$pmdm =& datamanager_init('PM', $vbulletin, ERRTYPE_ARRAY);
$pmdm->set_info('savecopy', $pm['savecopy']);
$pmdm->set_info('receipt', $pm['receipt']);
$pmdm->set_info('cantrackpm', $cantrackpm);
$pmdm->set_info('forward', $pm['forward']);
$pmdm->set_info('bccrecipients', $pm['bccrecipients']);
if ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) {
$pmdm->overridequota = true;
}
$pmdm->set('fromuserid', $vbulletin->userinfo['userid']);
$pmdm->set('fromusername', $vbulletin->userinfo['username']);
$pmdm->setr('title', $pm['title']);
$pmdm->set_recipients($pm['recipients'], $permissions, 'cc');
$pmdm->set_recipients($pm['bccrecipients'], $permissions, 'bcc');
$pmdm->setr('message', $pm['message']);
$pmdm->setr('iconid', $pm['iconid']);
$pmdm->set('dateline', TIMENOW);
$pmdm->setr('showsignature', $pm['signature']);
$pmdm->set('allowsmilie', $pm['disablesmilies'] ? 0 : 1);
if (!$pm['forward']) {
$pmdm->set_info('parentpmid', $pm['pmid']);
}
$pmdm->set_info('replypmid', $pm['pmid']);
($hook = vBulletinHook::fetch_hook('private_insertpm_process')) ? eval($hook) : false;
$pmdm->pre_save();
// deal with user using receivepmbuddies sending to non-buddies
if ($vbulletin->userinfo['receivepmbuddies'] and is_array($pmdm->info['recipients'])) {
$users_not_on_list = array();
// get a list of super mod groups
$smod_groups = array();
foreach ($vbulletin->usergroupcache as $ugid => $groupinfo) {
if ($groupinfo['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator']) {
// super mod group
$smod_groups[] = $ugid;
}
}
// now filter out all moderators (and super mods) from the list of recipients
// to check against the buddy list
$check_recipients = $pmdm->info['recipients'];
$mods = $db->query_read_slave("\n\t\t\tSELECT user.userid\n\t\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "moderator AS moderator ON (moderator.userid = user.userid)\n\t\t\tWHERE user.userid IN (" . implode(',', array_keys($check_recipients)) . ")\n\t\t\t\tAND ((moderator.userid IS NOT NULL AND moderator.forumid <> -1)\n\t\t\t\t" . (!empty($smod_groups) ? "OR user.usergroupid IN (" . implode(',', $smod_groups) . ")" : '') . "\n\t\t\t\t)\n\t\t");
while ($mod = $db->fetch_array($mods)) {
unset($check_recipients["{$mod['userid']}"]);
}
if (!empty($check_recipients)) {
// filter those on our buddy list out
$users = $db->query_read_slave("\n\t\t\t\tSELECT userlist.relationid\n\t\t\t\tFROM " . TABLE_PREFIX . "userlist AS userlist\n\t\t\t\tWHERE userid = " . $vbulletin->userinfo['userid'] . "\n\t\t\t\t\tAND userlist.relationid IN(" . implode(array_keys($check_recipients), ',') . ")\n\t\t\t\t\tAND type = 'buddy'\n\t\t\t");
while ($user = $db->fetch_array($users)) {
unset($check_recipients["{$user['relationid']}"]);
}
}
// what's left must be those who are neither mods or on our buddy list
foreach ($check_recipients as $userid => $user) {
$users_not_on_list["{$userid}"] = $user['username'];
}
if (!empty($users_not_on_list) and (!$vbulletin->GPC['sendanyway'] or !empty($errors))) {
$users = '';
foreach ($users_not_on_list as $userid => $username) {
$users .= "<li><a href=\"member.php?" . $vbulletin->session->vars['sessionurl'] . "u={$userid}\" target=\"profile\">{$username}</a></li>";
}
$pmdm->error('pm_non_contacts_cant_reply', $users);
}
}
// check for message flooding
if ($vbulletin->options['pmfloodtime'] > 0 and !$vbulletin->GPC['preview']) {
if (!($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) and !can_moderate()) {
$floodcheck = $db->query_first("\n\t\t\t\tSELECT pmtextid, title, dateline\n\t\t\t\tFROM " . TABLE_PREFIX . "pmtext AS pmtext\n\t\t\t\tWHERE fromuserid = " . $vbulletin->userinfo['userid'] . "\n\t\t\t\tORDER BY dateline DESC\n\t\t\t");
if (($timepassed = TIMENOW - $floodcheck['dateline']) < $vbulletin->options['pmfloodtime']) {
json_error(strip_tags(fetch_error('pmfloodcheck', $vbulletin->options['pmfloodtime'], $vbulletin->options['pmfloodtime'] - $timepassed)), RV_POST_ERROR);
}
}
}
// process errors if there are any
$errors = array_merge($errors, $pmdm->errors);
if (!empty($errors)) {
json_error(strip_tags($errors[0]), RV_POST_ERROR);
} else {
if ($vbulletin->GPC['preview'] != '') {
define('PMPREVIEW', 1);
$foruminfo = array('forumid' => 'privatemessage', 'allowicons' => $vbulletin->options['privallowicons']);
$preview = process_post_preview($pm);
$_REQUEST['do'] = 'newpm';
} else {
// everything's good!
$pmdm->save();
// force pm counters to be rebuilt
$vbulletin->userinfo['pmunread'] = -1;
build_pm_counters();
}
}
return array('success' => 1);
}
function do_post_edit()
{
global $vbulletin, $db, $foruminfo, $forumperms, $threadinfo;
global $postinfo, $vbphrase, $stylevar, $permissions;
$checked = array();
$edit = array();
$postattach = array();
$contenttype = 'vBForum_Post';
if (!$postinfo['postid'] or $postinfo['isdeleted'] or !$postinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
json_error(ERR_INVALID_TOP, RV_POST_ERROR);
}
if (!$threadinfo['threadid'] or $threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
json_error(ERR_INVALID_TOP, RV_POST_ERROR);
}
if ($vbulletin->options['wordwrap']) {
$threadinfo['title'] = fetch_word_wrapped_string($threadinfo['title']);
}
// get permissions info
$_permsgetter_ = 'edit post';
$forumperms = fetch_permissions($threadinfo['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
json_error(ERR_NO_PERMISSION, RV_POST_ERROR);
}
$foruminfo = fetch_foruminfo($threadinfo['forumid'], false);
// check if there is a forum password and if so, ensure the user has it set
verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
// need to get last post-type information
cache_ordered_forums(1);
// determine if we are allowed to be updating the thread's info
$can_update_thread = ($threadinfo['firstpostid'] == $postinfo['postid'] and (can_moderate($threadinfo['forumid'], 'caneditthreads') or $postinfo['dateline'] + $vbulletin->options['editthreadtitlelimit'] * 60 > TIMENOW));
// otherwise, post is being edited
if (!can_moderate($threadinfo['forumid'], 'caneditposts')) {
// check for moderator
if (!$threadinfo['open']) {
$vbulletin->url = 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}";
json_error(fetch_error('threadclosed'), RV_POST_ERROR);
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['caneditpost'])) {
json_error(ERR_NO_PERMISSION, RV_POST_ERROR);
} else {
if ($vbulletin->userinfo['userid'] != $postinfo['userid']) {
// check user owns this post
json_error(ERR_NO_PERMISSION, RV_POST_ERROR);
} else {
// check for time limits
if ($postinfo['dateline'] < TIMENOW - $vbulletin->options['edittimelimit'] * 60 and $vbulletin->options['edittimelimit'] != 0) {
json_error(fetch_error('edittimelimit', $vbulletin->options['edittimelimit'], $vbulletin->options['contactuslink']), RV_POST_ERROR);
}
}
}
}
// Variables reused in templates
$poststarttime =& $vbulletin->input->clean_gpc('r', poststarttime, TYPE_UINT);
$posthash = md5($vbulletin->GPC['poststarttime'] . $vbulletin->userinfo['userid'] . $vbulletin->userinfo['salt']);
$vbulletin->input->clean_array_gpc('p', array('stickunstick' => TYPE_BOOL, 'openclose' => TYPE_BOOL, 'wysiwyg' => TYPE_BOOL, 'message' => TYPE_STR, 'title' => TYPE_STR, 'prefixid' => TYPE_NOHTML, 'iconid' => TYPE_UINT, 'parseurl' => TYPE_BOOL, 'signature' => TYPE_BOOL, 'disablesmilies' => TYPE_BOOL, 'reason' => TYPE_NOHTML, 'preview' => TYPE_STR, 'folderid' => TYPE_UINT, 'emailupdate' => TYPE_UINT, 'ajax' => TYPE_BOOL, 'advanced' => TYPE_BOOL, 'postcount' => TYPE_UINT, 'podcasturl' => TYPE_STR, 'podcastsize' => TYPE_UINT, 'podcastexplicit' => TYPE_BOOL, 'podcastkeywords' => TYPE_STR, 'podcastsubtitle' => TYPE_STR, 'podcastauthor' => TYPE_STR, 'quickeditnoajax' => TYPE_BOOL));
if ($vbulletin->GPC['message']) {
$vbulletin->GPC['message'] = prepare_remote_utf8_string($vbulletin->GPC['message']);
}
$vbulletin->GPC['signature'] = $vbulletin->GPC_exists['signature'] = true;
// Make sure the posthash is valid
($hook = vBulletinHook::fetch_hook('editpost_update_start')) ? eval($hook) : false;
if (md5($poststarttime . $vbulletin->userinfo['userid'] . $vbulletin->userinfo['salt']) != $posthash) {
$posthash = 'invalid posthash';
// don't phrase me
}
// ### PREP INPUT ###
if ($vbulletin->GPC['wysiwyg']) {
require_once DIR . '/includes/functions_wysiwyg.php';
$edit['message'] = convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $foruminfo['allowhtml']);
} else {
$edit['message'] =& $vbulletin->GPC['message'];
}
$cansubscribe = true;
// Are we editing someone else's post? If so load that users subscription info for this thread.
if ($vbulletin->userinfo['userid'] != $postinfo['userid']) {
if ($postinfo['userid']) {
$userinfo = fetch_userinfo($postinfo['userid']);
cache_permissions($userinfo);
}
$cansubscribe = ($userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview'] and $userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads'] and ($threadinfo['postuserid'] == $userinfo['userid'] or $userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewothers']));
if ($cansubscribe and $otherthreadinfo = $db->query_first_slave("\n\t\t\tSELECT emailupdate, folderid\n\t\t\tFROM " . TABLE_PREFIX . "subscribethread\n\t\t\tWHERE threadid = {$threadinfo['threadid']} AND\n\t\t\t\tuserid = {$postinfo['userid']} AND\n\t\t\t\tcanview = 1")) {
$threadinfo['issubscribed'] = true;
$threadinfo['emailupdate'] = $otherthreadinfo['emailupdate'];
$threadinfo['folderid'] = $otherthreadinfo['folderid'];
} else {
$threadinfo['issubscribed'] = false;
// use whatever emailupdate setting came through
}
}
if ($vbulletin->GPC['ajax'] or $vbulletin->GPC['quickeditnoajax']) {
// quick edit
$tmpmessage = $vbulletin->GPC['ajax'] ? convert_urlencoded_unicode($edit['message']) : $edit['message'];
$edit = $postinfo;
$edit['message'] =& $tmpmessage;
$edit['title'] = unhtmlspecialchars($edit['title']);
$edit['signature'] =& $edit['showsignature'];
$edit['enablesmilies'] =& $edit['allowsmilie'];
$edit['disablesmilies'] = $edit['enablesmilies'] ? 0 : 1;
$edit['parseurl'] = true;
$edit['prefixid'] = $threadinfo['prefixid'];
$edit['reason'] = fetch_censored_text($vbulletin->GPC['ajax'] ? convert_urlencoded_unicode($vbulletin->GPC['reason']) : $vbulletin->GPC['reason']);
} else {
$edit['iconid'] =& $vbulletin->GPC['iconid'];
$edit['title'] =& $vbulletin->GPC['title'];
$edit['prefixid'] = ($vbulletin->GPC_exists['prefixid'] and can_use_prefix($vbulletin->GPC['prefixid'])) ? $vbulletin->GPC['prefixid'] : $threadinfo['prefixid'];
$edit['podcasturl'] =& $vbulletin->GPC['podcasturl'];
$edit['podcastsize'] =& $vbulletin->GPC['podcastsize'];
$edit['podcastexplicit'] =& $vbulletin->GPC['podcastexplicit'];
$edit['podcastkeywords'] =& $vbulletin->GPC['podcastkeywords'];
$edit['podcastsubtitle'] =& $vbulletin->GPC['podcastsubtitle'];
$edit['podcastauthor'] =& $vbulletin->GPC['podcastauthor'];
// Leave this off for quickedit->advanced so that a post with unparsed links doesn't get parsed just by going to Advanced Edit
$edit['parseurl'] = true;
$edit['signature'] =& $vbulletin->GPC['signature'];
$edit['disablesmilies'] =& $vbulletin->GPC['disablesmilies'];
$edit['enablesmilies'] = $edit['allowsmilie'] = $edit['disablesmilies'] ? 0 : 1;
$edit['stickunstick'] =& $vbulletin->GPC['stickunstick'];
$edit['openclose'] =& $vbulletin->GPC['openclose'];
$edit['reason'] = fetch_censored_text($vbulletin->GPC['reason']);
$edit['preview'] =& $vbulletin->GPC['preview'];
$edit['folderid'] =& $vbulletin->GPC['folderid'];
if (!$vbulletin->GPC['advanced']) {
if ($vbulletin->GPC_exists['emailupdate']) {
$edit['emailupdate'] =& $vbulletin->GPC['emailupdate'];
} else {
$edit['emailupdate'] = array_pop($array = array_keys(fetch_emailchecked($threadinfo)));
}
}
}
$dataman =& datamanager_init('Post', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
$dataman->set_existing($postinfo);
($hook = vBulletinHook::fetch_hook('editpost_update_process')) ? eval($hook) : false;
// set info
$dataman->set_info('parseurl', $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_URL and $foruminfo['allowbbcode'] and $edit['parseurl']);
$dataman->set_info('posthash', $posthash);
$dataman->set_info('forum', $foruminfo);
$dataman->set_info('thread', $threadinfo);
$dataman->set_info('show_title_error', true);
$dataman->set_info('podcasturl', $edit['podcasturl']);
$dataman->set_info('podcastsize', $edit['podcastsize']);
$dataman->set_info('podcastexplicit', $edit['podcastexplicit']);
$dataman->set_info('podcastkeywords', $edit['podcastkeywords']);
$dataman->set_info('podcastsubtitle', $edit['podcastsubtitle']);
$dataman->set_info('podcastauthor', $edit['podcastauthor']);
if ($postinfo['userid'] == $vbulletin->userinfo['userid']) {
$dataman->set_info('user', $vbulletin->userinfo);
}
// set options
$dataman->setr('showsignature', $edit['signature']);
$dataman->setr('allowsmilie', $edit['enablesmilies']);
// set data
/*$dataman->setr('userid', $vbulletin->userinfo['userid']);
if ($vbulletin->userinfo['userid'] == 0)
{
$dataman->setr('username', $post['username']);
}*/
$dataman->setr('title', $edit['title']);
$dataman->setr('pagetext', $edit['message']);
if ($postinfo['userid'] != $vbulletin->userinfo['userid']) {
$dataman->setr('iconid', $edit['iconid'], true, false);
} else {
$dataman->setr('iconid', $edit['iconid']);
}
$postusername = $vbulletin->userinfo['username'];
$dataman->pre_save();
if ($dataman->errors) {
$errors = $dataman->errors;
}
if ($dataman->info['podcastsize']) {
$edit['podcastsize'] = $dataman->info['podcastsize'];
}
if (sizeof($errors) > 0) {
fr_standard_error($errors[0]);
} else {
if ($edit['preview']) {
require_once DIR . '/packages/vbattach/attach.php';
$attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post');
$postattach = $attach->fetch_postattach($posthash, $postinfo['postid']);
// ### PREVIEW POST ###
$postpreview = process_post_preview($edit, $postinfo['userid'], $postattach);
$previewpost = true;
$_REQUEST['do'] = 'editpost';
} else {
if ($vbulletin->GPC['advanced']) {
// Don't display preview on QuickEdit->Advanced as parseurl is turned off and so the preview won't be correct unless the post originally had checked to not parse links
// If you turn on parseurl then the opposite happens and you have to go unparse your links if that is what you want. Compromise
$_REQUEST['do'] = 'editpost';
} else {
// ### POST HAS NO ERRORS ###
$dataman->save();
$update_edit_log = true;
// don't show edited by AND reason unchanged - don't update edit log
if (!($permissions['genericoptions'] & $vbulletin->bf_ugp_genericoptions['showeditedby']) and $edit['reason'] == $postinfo['edit_reason']) {
$update_edit_log = false;
}
if ($update_edit_log) {
// ug perm: show edited by
if ($postinfo['dateline'] < TIMENOW - $vbulletin->options['noeditedbytime'] * 60 or !empty($edit['reason'])) {
// save the postedithistory
if ($vbulletin->options['postedithistory']) {
// insert original post on first edit
if (!$db->query_first("SELECT postedithistoryid FROM " . TABLE_PREFIX . "postedithistory WHERE original = 1 AND postid = " . $postinfo['postid'])) {
$db->query_write("\n\t\t\t\t\t\t\tINSERT INTO " . TABLE_PREFIX . "postedithistory\n\t\t\t\t\t\t\t\t(postid, userid, username, title, iconid, dateline, reason, original, pagetext)\n\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t\t({$postinfo['postid']},\n\t\t\t\t\t\t\t\t" . $postinfo['userid'] . ",\n\t\t\t\t\t\t\t\t'" . $db->escape_string($postinfo['username']) . "',\n\t\t\t\t\t\t\t\t'" . $db->escape_string($postinfo['title']) . "',\n\t\t\t\t\t\t\t\t{$postinfo['iconid']},\n\t\t\t\t\t\t\t\t" . $postinfo['dateline'] . ",\n\t\t\t\t\t\t\t\t'',\n\t\t\t\t\t\t\t\t1,\n\t\t\t\t\t\t\t\t'" . $db->escape_string($postinfo['pagetext']) . "')\n\t\t\t\t\t\t");
}
// insert the new version
$db->query_write("\n\t\t\t\t\t\tINSERT INTO " . TABLE_PREFIX . "postedithistory\n\t\t\t\t\t\t\t(postid, userid, username, title, iconid, dateline, reason, pagetext)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t({$postinfo['postid']},\n\t\t\t\t\t\t\t" . $vbulletin->userinfo['userid'] . ",\n\t\t\t\t\t\t\t'" . $db->escape_string($vbulletin->userinfo['username']) . "',\n\t\t\t\t\t\t\t'" . $db->escape_string($edit['title']) . "',\n\t\t\t\t\t\t\t{$edit['iconid']},\n\t\t\t\t\t\t\t" . TIMENOW . ",\n\t\t\t\t\t\t\t'" . $db->escape_string($edit['reason']) . "',\n\t\t\t\t\t\t\t'" . $db->escape_string($edit['message']) . "')\n\t\t\t\t\t");
}
/*insert query*/
$db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "editlog\n\t\t\t\t\t\t(postid, userid, username, dateline, reason, hashistory)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t({$postinfo['postid']},\n\t\t\t\t\t\t" . $vbulletin->userinfo['userid'] . ",\n\t\t\t\t\t\t'" . $db->escape_string($vbulletin->userinfo['username']) . "',\n\t\t\t\t\t\t" . TIMENOW . ",\n\t\t\t\t\t\t'" . $db->escape_string($edit['reason']) . "',\n\t\t\t\t\t\t" . ($vbulletin->options['postedithistory'] ? 1 : 0) . ")\n\t\t\t\t");
}
}
$date = vbdate($vbulletin->options['dateformat'], TIMENOW);
$time = vbdate($vbulletin->options['timeformat'], TIMENOW);
// initialize thread / forum update clauses
$forumupdate = false;
$threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_SILENT, 'threadpost');
$threadman->set_existing($threadinfo);
$threadman->set_info('pagetext', $edit['message']);
if ($can_update_thread and $edit['title'] != '') {
// need to update thread title and iconid
if (!can_moderate($threadinfo['forumid'])) {
$threadman->set_info('skip_moderator_log', true);
}
$threadman->set_info('skip_first_post_update', true);
if ($edit['title'] != $postinfo['title']) {
$threadman->set('title', unhtmlspecialchars($edit['title']));
}
if ($edit['iconid'] != $postinfo['iconid']) {
$threadman->set('iconid', $edit['iconid']);
}
if ($vbulletin->GPC_exists['prefixid'] and can_use_prefix($vbulletin->GPC['prefixid'])) {
$threadman->set('prefixid', $vbulletin->GPC['prefixid']);
if ($threadman->thread['prefixid'] === '' and $foruminfo['options'] & $vbulletin->bf_misc_forumoptions['prefixrequired']) {
// the prefix wasn't valid or was set to an empty one, but that's not allowed
$threadman->do_unset('prefixid');
}
}
// do we need to update the forum counters?
$forumupdate = $foruminfo['lastthreadid'] == $threadinfo['threadid'] ? true : false;
}
// can this user open/close this thread if they want to?
if ($vbulletin->GPC['openclose'] and ($threadinfo['postuserid'] != 0 and $threadinfo['postuserid'] == $vbulletin->userinfo['userid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'] or can_moderate($threadinfo['forumid'], 'canopenclose'))) {
$threadman->set('open', $threadman->fetch_field('open') == 1 ? 0 : 1);
}
if ($vbulletin->GPC['stickunstick'] and can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
$threadman->set('sticky', $threadman->fetch_field('sticky') == 1 ? 0 : 1);
}
($hook = vBulletinHook::fetch_hook('editpost_update_thread')) ? eval($hook) : false;
$threadman->save();
// if this is a mod edit, then log it
if ($vbulletin->userinfo['userid'] != $postinfo['userid'] and can_moderate($threadinfo['forumid'], 'caneditposts')) {
$modlog = array('threadid' => $threadinfo['threadid'], 'forumid' => $threadinfo['forumid'], 'postid' => $postinfo['postid']);
log_moderator_action($modlog, 'post_x_edited', $postinfo['title']);
}
require_once DIR . '/includes/functions_databuild.php';
// do forum update if necessary
if ($forumupdate) {
build_forum_counters($threadinfo['forumid']);
}
// don't do thread subscriptions if we are doing quick edit
if (!$vbulletin->GPC['ajax'] and !$vbulletin->GPC['quickeditnoajax']) {
// ### DO THREAD SUBSCRIPTION ###
// We use $postinfo[userid] so that we update the user who posted this, not the user who is editing this
if (!$threadinfo['issubscribed'] and $edit['emailupdate'] != 9999) {
// user is not subscribed to this thread so insert it
/*insert query*/
$db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\tVALUES ({$postinfo['userid']}, {$threadinfo['threadid']}, {$edit['emailupdate']}, {$edit['folderid']}, 1)\n\t\t\t\t");
} else {
// User is subscribed, see if they changed the settings for this thread
if ($edit['emailupdate'] == 9999) {
// Remove this subscription, user chose 'No Subscription'
/*insert query*/
$db->query_write("\n\t\t\t\t\t\tDELETE FROM " . TABLE_PREFIX . "subscribethread\n\t\t\t\t\t\tWHERE threadid = {$threadinfo['threadid']}\n\t\t\t\t\t\t\tAND userid = {$postinfo['userid']}\n\t\t\t\t\t");
} else {
if ($threadinfo['emailupdate'] != $edit['emailupdate'] or $threadinfo['folderid'] != $edit['folderid']) {
// User changed the settings so update the current record
/*insert query*/
$db->query_write("\n\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\t\tVALUES ({$postinfo['userid']}, {$threadinfo['threadid']}, {$edit['emailupdate']}, {$edit['folderid']}, 1)\n\t\t\t\t\t");
}
}
}
}
($hook = vBulletinHook::fetch_hook('editpost_update_complete')) ? eval($hook) : false;
}
}
}
return array('success' => true);
}
$quote_postids = explode(',', $vbulletin->GPC['vbulletin_multiquote']);
} else {
$quote_postids = array();
}
if ($quote_postids) {
fetch_quotable_posts($quote_postids, $threadinfo['threadid'], $unquoted_post_count, $quoted_post_ids);
// handle MQ VBIV-388
$multiquote_empty = 'only';
}
if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid'] and !empty($vbulletin->userinfo['attachmentextensions'])) {
require_once DIR . '/packages/vbattach/attach.php';
$attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post');
$postattach = $attach->fetch_postattach($posthash, 0, $postinfo['userid'], true, $attachid);
}
// ### PREVIEW POST ###
$postpreview = process_post_preview($newpost, 0, $postattach['bycontent'][0], $postattach['byattachment']);
$_REQUEST['do'] = 'newreply';
$newpost['message'] = htmlspecialchars_uni($newpost['message']);
} else {
// ### NOT PREVIEW - ACTUAL POST ###
if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) {
$threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400);
} else {
$threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid']));
if (!$threadview) {
$threadview = $vbulletin->userinfo['lastvisit'];
}
}
$newpostid = $newpost['postid'];
if ($cms_comment_thread) {
// Expire any CMS comments cache entries.
