예제 #1
0
 public function render_edit_form()
 {
     global $locale, $userdata, $forum_settings, $defender;
     $thread_data = $this->thread_info['thread'];
     if ((!iMOD or !iSUPERADMIN) && $thread_data['thread_locked']) {
         redirect(INFUSIONS . 'forum/index.php');
     }
     if (isset($_GET['post_id']) && isnum($_GET['post_id'])) {
         add_to_title($locale['global_201'] . $locale['forum_0503']);
         add_breadcrumb(array('link' => '', 'title' => $locale['forum_0503']));
         $result = dbquery("SELECT tp.*, tt.thread_subject, tt.thread_poll, tt.thread_author, tt.thread_locked, MIN(tp2.post_id) AS first_post\n\t\t\t\tFROM " . DB_FORUM_POSTS . " tp\n\t\t\t\tINNER JOIN " . DB_FORUM_THREADS . " tt on tp.thread_id=tt.thread_id\n\t\t\t\tINNER JOIN " . DB_FORUM_POSTS . " tp2 on tp.thread_id=tp2.thread_id\n\t\t\t\tWHERE tp.post_id='" . intval($_GET['post_id']) . "' AND tp.thread_id='" . intval($thread_data['thread_id']) . "' AND tp.forum_id='" . intval($thread_data['forum_id']) . "'\n\t\t\t\tGROUP BY tp2.post_id\n\t\t\t\t");
         if (dbrows($result) > 0) {
             $post_data = dbarray($result);
             if ((iMOD or iSUPERADMIN) || $this->getThreadPermission("can_reply") && $post_data['post_author'] == $userdata['user_id']) {
                 $is_first_post = $post_data['post_id'] == $this->thread_info['post_firstpost'] ? TRUE : FALSE;
                 // no edit if locked
                 if ($post_data['post_locked'] && !iMOD) {
                     redirect(INFUSIONS . "forum/postify.php?post=edit&error=5&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "&post_id=" . $post_data['post_id']);
                 }
                 // no edit if time limit reached
                 if (!iMOD && ($forum_settings['forum_edit_timelimit'] > 0 && time() - $forum_settings['forum_edit_timelimit'] * 60 > $post_data['post_datestamp'])) {
                     redirect(INFUSIONS . "forum/postify.php?post=edit&error=6&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "&post_id=" . $post_data['post_id']);
                 }
                 // execute form post actions
                 if (isset($_POST['post_edit'])) {
                     require_once INCLUDES . "flood_include.php";
                     // all data is sanitized here.
                     if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
                         // have notice
                         $post_data = array('forum_id' => $thread_data['forum_id'], 'thread_id' => $thread_data['thread_id'], 'post_id' => $post_data['post_id'], "thread_subject" => "", 'post_message' => form_sanitizer($_POST['post_message'], '', 'post_message'), 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 1 : 0, 'post_author' => $userdata['user_id'], 'post_datestamp' => $post_data['post_datestamp'], 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => $userdata['user_id'], 'post_edittime' => time(), 'post_editreason' => form_sanitizer($_POST['post_editreason'], '', 'post_editreason'), 'post_hidden' => 0, 'notify_me' => 0, 'post_locked' => $forum_settings['forum_edit_lock'] || isset($_POST['post_locked']) ? 1 : 0);
                         // require thread_subject if first post
                         if ($is_first_post == TRUE) {
                             $post_data['thread_subject'] = form_sanitizer($_POST['thread_subject'], '', 'thread_subject');
                         }
                         if ($defender->safe()) {
                             // Prepare forum merging action
                             $last_post_author = dbarray(dbquery("SELECT post_author FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $thread_data['thread_id'] . "' ORDER BY post_id DESC LIMIT 1"));
                             if ($last_post_author == $post_data['post_author'] && $thread_data['forum_merge']) {
                                 $last_message = dbarray(dbquery("SELECT post_id, post_message FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $thread_data['thread_id'] . "' ORDER BY post_id DESC"));
                                 $post_data['post_id'] = $last_message['post_id'];
                                 $post_data['post_message'] = $last_message['post_message'] . "\n\n" . $locale['forum_0640'] . " " . showdate("longdate", time()) . ":\n" . $post_data['post_message'];
                                 dbquery_insert(DB_FORUM_POSTS, $post_data, 'update', array('primary_key' => 'post_id', 'keep_session' => TRUE));
                             } else {
                                 dbquery_insert(DB_FORUM_POSTS, $post_data, 'update', array('primary_key' => 'post_id', 'keep_session' => TRUE));
                             }
                             // Delete attachments if there is any
                             foreach ($_POST as $key => $value) {
                                 if (!strstr($key, "delete_attach")) {
                                     continue;
                                 }
                                 $key = str_replace("delete_attach_", "", $key);
                                 $result = dbquery("SELECT * FROM " . DB_FORUM_ATTACHMENTS . " WHERE post_id='" . $post_data['post_id'] . "' AND attach_id='" . (isnum($key) ? $key : 0) . "'");
                                 if (dbrows($result) != 0 && $value) {
                                     $adata = dbarray($result);
                                     unlink(FORUM . "attachments/" . $adata['attach_name']);
                                     dbquery("DELETE FROM " . DB_FORUM_ATTACHMENTS . " WHERE post_id='" . $post_data['post_id'] . "' AND attach_id='" . (isnum($key) ? $key : 0) . "'");
                                 }
                             }
                             if (!empty($_FILES) && is_uploaded_file($_FILES['file_attachments']['tmp_name'][0]) && $this->getThreadPermission("can_upload_attach")) {
                                 $upload = form_sanitizer($_FILES['file_attachments'], '', 'file_attachments');
                                 if ($upload['error'] == 0) {
                                     foreach ($upload['target_file'] as $arr => $file_name) {
                                         $attachment = array('thread_id' => $thread_data['thread_id'], 'post_id' => $post_data['post_id'], 'attach_name' => $file_name, 'attach_mime' => $upload['type'][$arr], 'attach_size' => $upload['source_size'][$arr], 'attach_count' => '0');
                                         dbquery_insert(DB_FORUM_ATTACHMENTS, $attachment, 'save', array('keep_session' => TRUE));
                                     }
                                 }
                             }
                             if ($defender->safe()) {
                                 redirect(INFUSIONS . "forum/postify.php?post=edit&error=0&forum_id=" . intval($post_data['forum_id']) . "&thread_id=" . intval($post_data['thread_id']) . "&post_id=" . intval($post_data['post_id']));
                             }
                         }
                     }
                 }
                 // template data
                 $form_action = INFUSIONS . "forum/viewthread.php?action=edit&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "&post_id=" . $_GET['post_id'];
                 // get attachment.
                 $attachments = array();
                 $attach_rows = 0;
                 if ($this->getThreadPermission("can_upload_attach") && !empty($this->thread_info['post_items'][$post_data['post_id']]['post_attachments'])) {
                     // need id
                     $a_result = dbquery("SELECT * FROM " . DB_FORUM_ATTACHMENTS . " WHERE post_id='" . intval($post_data['post_id']) . "' AND thread_id='" . intval($thread_data['thread_id']) . "'");
                     $attach_rows = dbrows($a_result);
                     if ($attach_rows > 0) {
                         while ($a_data = dbarray($a_result)) {
                             $attachments[] = $a_data;
                         }
                     }
                 }
                 $info = array('title' => $locale['forum_0507'], 'description' => $locale['forum_2000'] . $thread_data['thread_subject'], 'openform' => openform('input_form', 'post', $form_action, array('enctype' => $this->getThreadPermission("can_upload_attach") ? TRUE : FALSE)), 'closeform' => closeform(), 'forum_id_field' => form_hidden('forum_id', '', $post_data['forum_id']), 'thread_id_field' => form_hidden('thread_id', '', $post_data['thread_id']), "forum_field" => "", 'subject_field' => $this->thread_info['post_firstpost'] == $_GET['post_id'] ? form_text('thread_subject', $locale['forum_0600'], $thread_data['thread_subject'], array('required' => TRUE, 'placeholder' => $locale['forum_2001'], "class" => 'm-t-20 m-b-20')) : form_hidden("thread_subject", "", $thread_data['thread_subject']), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => TRUE, 'autosize' => TRUE, 'no_resize' => TRUE, 'preview' => TRUE, 'form_name' => 'input_form', 'bbcode' => TRUE)), 'delete_field' => form_checkbox('delete', $locale['forum_0624'], '', array('class' => 'm-b-0')), 'edit_reason_field' => form_text('post_editreason', $locale['forum_0611'], $post_data['post_editreason'], array('placeholder' => '', 'class' => 'm-t-20 m-b-20')), 'attachment_field' => $this->getThreadPermission("can_upload_attach") ? form_fileinput('file_attachments[]', $locale['forum_0557'], "", array('input_id' => 'file_attachments', 'upload_path' => INFUSIONS . 'forum/attachments/', 'type' => 'object', 'preview_off' => TRUE, 'multiple' => TRUE, 'max_count' => $attach_rows > 0 ? $forum_settings['forum_attachmax_count'] - $attach_rows : $forum_settings['forum_attachmax_count'], 'valid_ext' => $forum_settings['forum_attachtypes'])) . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t <div class='m-b-20'>\n<small>" . sprintf($locale['forum_0559'], parsebytesize($forum_settings['forum_attachmax']), str_replace('|', ', ', $forum_settings['forum_attachtypes']), $forum_settings['forum_attachmax_count']) . "</small>\n</div>\n" : "", "poll_form" => "", 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0')), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0')) : '', 'sticky_field' => (iMOD || iSUPERADMIN) && $is_first_post ? form_checkbox('thread_sticky', $locale['forum_0620'], $thread_data['thread_sticky'], array('class' => 'm-b-0')) : '', 'lock_field' => iMOD || iSUPERADMIN ? form_checkbox('thread_locked', $locale['forum_0621'], $thread_data['thread_locked'], array('class' => 'm-b-0')) : '', 'hide_edit_field' => form_checkbox('hide_edit', $locale['forum_0627'], '', array('class' => 'm-b-0')), 'post_locked_field' => iMOD || iSUPERADMIN ? form_checkbox('post_locked', $locale['forum_0628'], $post_data['post_locked'], array('class' => 'm-b-0')) : '', 'notify_field' => '', 'post_buttons' => form_button('post_edit', $locale['forum_0504'], $locale['forum_0504'], array('class' => 'btn-primary')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default m-l-10')), 'last_posts_reply' => '');
                 $a_info = '';
                 if (!empty($attachments)) {
                     foreach ($attachments as $a_data) {
                         $a_info .= "<label><input type='checkbox' name='delete_attach_" . $a_data['attach_id'] . "' value='1' /> " . $locale['forum_0625'] . "</label>\n" . "<a href='" . INFUSIONS . "forum/attachments/" . $a_data['attach_name'] . "'>" . $a_data['attach_name'] . "</a> [" . parsebytesize($a_data['attach_size']) . "]\n" . "<br/>\n";
                     }
                     $info['attachment_field'] = $a_info . $info['attachment_field'];
                 }
                 postform($info);
             } else {
                 redirect(INFUSIONS . 'forum/index.php');
                 // no access
             }
         } else {
             redirect(INFUSIONS . "forum/postify.php?post=edit&error=4&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "&post_id=" . $_GET['post_id']);
         }
     } else {
         redirect(INFUSIONS . 'forum/index.php');
     }
 }
예제 #2
0
                        }
                        // update current forum
                        dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $post_data['forum_id'] . "'");
                        // update current thread
                        dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost='" . time() . "', thread_lastpostid='" . $post_data['post_id'] . "', thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $post_data['thread_id'] . "'");
                        // set notify
                        if ($forum_settings['thread_notify'] && isset($_POST['notify_me']) && $post_data['thread_id']) {
                            if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $post_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
                                dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $post_data['thread_id'] . "', '" . time() . "', '" . $post_data['post_author'] . "', '1')");
                            }
                        }
                        if ($defender->safe()) {
                            redirect(INFUSIONS . "forum/postify.php?post=new&error=0&amp;forum_id=" . intval($post_data['forum_id']) . "&amp;parent_id=" . intval($post_data['forum_cat']) . "&amp;thread_id=" . intval($post_data['thread_id'] . ""));
                        }
                    } else {
                        addNotice("danger", $locale['forum_0186']);
                    }
                } else {
                    addNotice("danger", $locale['forum_0187']);
                    redirect(INFUSIONS . "forum/index.php");
                }
            }
        }
        $form_action = INFUSIONS . "forum/newthread.php";
        $info = array('title' => $locale['forum_0057'], 'description' => '', 'openform' => openform('input_form', 'post', $form_action, array('enctype' => FALSE)), 'closeform' => closeform(), 'forum_id_field' => '', 'thread_id_field' => '', 'forum_field' => form_select_tree("forum_id", $locale['forum_0395'], $thread_data['forum_id'], array("required" => true, "width" => "320px", "no_root" => TRUE, "query" => multilang_table("FO") ? "WHERE forum_language='" . LANGUAGE . "'" : ""), DB_FORUMS, "forum_name", "forum_id", "forum_cat"), 'subject_field' => form_text('thread_subject', $locale['forum_0600'], $thread_data['thread_subject'], array('required' => 1, 'placeholder' => $locale['forum_2001'], 'error_text' => '', 'class' => 'm-t-20 m-b-20')), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => 1, 'error_text' => '', 'autosize' => 1, 'no_resize' => 1, 'preview' => 1, 'form_name' => 'input_form', 'bbcode' => 1)), 'attachment_field' => "", 'poll_form' => "", 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0')), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0')) : '', 'sticky_field' => iSUPERADMIN ? form_checkbox('thread_sticky', $locale['forum_0620'], $thread_data['thread_sticky'], array('class' => 'm-b-0')) : '', 'lock_field' => iSUPERADMIN ? form_checkbox('thread_locked', $locale['forum_0621'], $thread_data['thread_locked'], array('class' => 'm-b-0')) : '', 'edit_reason_field' => '', 'delete_field' => '', 'hide_edit_field' => '', 'post_locked_field' => '', 'notify_field' => $forum_settings['thread_notify'] ? form_checkbox('notify_me', $locale['forum_0626'], $post_data['notify_me'], array('class' => 'm-b-0')) : '', 'post_buttons' => form_button('post_newthread', $locale['forum_0057'], $locale['forum_0057'], array('class' => 'btn-primary btn-sm')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default btn-sm m-l-10')), 'last_posts_reply' => '');
        postform($info);
    }
} else {
    redirect(INFUSIONS . 'forum/index.php');
}
require_once THEMES . "templates/footer.php";