if ($CURUSER->get('id') != $Post['author']) { //Since we dont own the post //Check if we have the minimum required rank if ($CURUSER->getRank()->int() < $config['FORUM']['Min_Rank_Post_Edit']) { WCF::SetupNotification('You do not meet the requirements to edit this post.'); header("Location: " . $config['BaseURL'] . "/forums.php"); die; } else { //We have the minimum required rank //now check if the authoer is lower rank //If the author is not resolved we assume he is lower rank if ($userInfo = WCF::getAuthorInfo($Post['author'])) { //Get the poster rank $userRank = new UserRank($userInfo['rank']); //The author has equal or geater rank, we cant delete his post if ($CURUSER->getRank()->int() <= $userRank->int()) { WCF::SetupNotification('You do not meet the requirements to edit this post.'); header("Location: " . $config['BaseURL'] . "/forums.php"); die; } } } } //Set the title $TPL->SetTitle('Edit Reply'); $TPL->SetParameter('topbar', true); //Print the header $TPL->LoadHeader(); if ($topic = WCF::getTopicInfo($Post['topic'])) { if ($forum = WCF::getForumInfo($topic['forum'])) { if ($catName = WCF::getCategoryName($forum['category'])) {
if ((int) $webRecord['avatarType'] == AVATAR_TYPE_UPLOAD) { $Avatar = new Avatar(0, $webRecord['avatar'], 0, AVATAR_TYPE_UPLOAD); } } echo ' <tr><td>ID</td><td>', $webRecord['id'], '</td></tr> <tr><td>Display Name</td><td>', $webRecord['displayName'], '</td></tr> <tr><td>Silver</td><td>', $webRecord['silver'], '</td></tr> <tr><td>Gold</td><td>', $webRecord['gold'], '</td> <tr><td>Birthday</td><td>', $webRecord['birthday'], '</td></tr> <tr><td>Gender</td><td>', $webRecord['gender'], '</td></tr> <tr><td>Country</td><td>', $webRecord['country'], '</td></tr> <tr><td style="vertical-align: top">Avatar</td><td><img src="', $Avatar->type() == AVATAR_TYPE_GALLERY ? $config['BaseURL'] . '/resources/avatars/' . $Avatar->string() : $Avatar->string(), '" /></td></tr> <tr> <td style="vertical-align: middle">Rank</td> <td>', $Rank->string(), ' [', $Rank->int(), ']'; //Is allowed to change users rank if ($CURUSER->getPermissions()->isAllowed(PERMISSION_CHANGE_USER_RANK)) { $RanksData = new RankStringData(); echo ' <div id="change-rank-cont" style="float: right"> <form method="post" action="execute.php?take=change_user_rank"> <select name="rank" id="change-rank-select" style="display: inline-block">'; foreach ($RanksData->data as $trank => $name) { echo '<option value="', $trank, '" ', $trank == $Rank->int() ? 'selected="selected"' : '', '>', $name, '</option>'; } echo ' </select> <input type="hidden" value="', $webRecord['id'], '" name="id" /> <input type="button" value="Change" class="button" style="display: inline-block" onclick="this.form.submit()" /> </form>
//Pull some data from the Auth DB $authRes = $AUTH_DB->prepare("SELECT * FROM `account` WHERE `id` = :acc LIMIT 1;"); $authRes->bindParam(':acc', $aRow['id'], PDO::PARAM_INT); $authRes->execute(); //Fetch it $authRow = $authRes->fetch(); $GMLevel = ''; //Check for GM Level $gmRes = $AUTH_DB->prepare("SELECT * FROM `account_access` WHERE `id` = :acc;"); $gmRes->bindParam(':acc', $aRow['id'], PDO::PARAM_INT); $gmRes->execute(); //Loop the records while ($gmRec = $gmRes->fetch()) { $GMLevel .= 'Level: ' . $gmRec['gmlevel'] . ' - Realm: ' . $gmRec['RealmID'] . '<br>'; } //remove the last <br> $GMLevel = substr($GMLevel, 0, strlen($GMLevel) - 4); //Setup the rank $Rank = new UserRank($aRow['rank']); //Set the first two columns $row[0] = $aRow['id']; $row[1] = '<a href="index.php?page=user-preview&uid=' . $aRow['id'] . '">' . $aRow['displayName'] . '</a> [' . $authRow['username'] . ']'; $row[2] = $Rank->string() . ' [' . $Rank->int() . ']'; $row[3] = $GMLevel; $row[4] = $authRow['email']; $row[5] = $aRow['reg_ip']; $row[6] = $authRow['joindate']; //Now we have to pull $output['aaData'][] = $row; } echo json_encode($output);
</div> <h3>', $userRank->string(), '</h3> </div> </div> <div class="right_side"> <div class="post_container"> ', $deletedPost ? '<p style="color: red;">This post has been deleted by ' . $arr['deleted_by_str'] . ' on ' . $arr['deleted_time'] . '.</p><br>' : '', ' ', $text, ' </div> <ul class="post_controls"> <li class="post_date">', $arr['added'], '</li>'; //Check if we can edit the post if ($CURUSER->isOnline() && !$deletedPost && ($CURUSER->get('id') == $arr['author'] || $CURUSER->getRank()->int() >= $config['FORUM']['Min_Rank_Post_Edit'] && $CURUSER->getRank()->int() > $userRank->int())) { echo '<li><a class="edit" href="', $config['BaseURL'], '/forums.php?page=edit_reply&id=', $arr['id'], '" title="Edit">Edit</a></li>'; } //Check if we can delete the post if ($CURUSER->isOnline() && !$deletedPost && ($CURUSER->get('id') == $arr['author'] || $CURUSER->getRank()->int() >= $config['FORUM']['Min_Rank_Post_Delete'] && $CURUSER->getRank()->int() > $userRank->int())) { echo '<li><a class="delete post-delete-button" data-post-id="', $arr['id'], '" href="', $config['BaseURL'], '" title="Delete">Delete</a></li>'; } //Staff is not reportable if (!$staffPost) { echo '<!--<li><a class="report" href="', $config['BaseURL'], '" title="Report">Report</a></li>-->'; } echo '<!--<li><a class="warn" href="', $config['BaseURL'], '" title="Warn">Warn</a></li>-->'; //Can quote only if online and the post is not deleted if ($CURUSER->isOnline() && !$deletedPost) { echo '<li><a class="quote post-quote-button" data-post-id="', $arr['id'], '" href="', $config['BaseURL'], '" title="Quote">Quote</a></li>'; }