<?php
authorize();
if (!isset($_POST['postid']) || !is_number($_POST['postid']) || !isset($_POST['body']) || trim($_POST['body']) === '') {
error(0);
}
if ($LoggedUser['DisablePosting']) {
error('Your posting privileges have been removed.');
}
$SendPM = isset($_POST['pm']) && $_POST['pm'];
Comments::edit((int) $_POST['postid'], $_POST['body'], $SendPM);
// This gets sent to the browser, which echoes it in place of the old body
echo Text::full_format($_POST['body']);
/*
* Comment component
*/
Route::get('comments/paginate/{foreignType}/{foreignId}', function ($foreignType, $foreignId) {
return Comments::paginate($foreignType, $foreignId)->setPath(Request::url());
});
Route::post('comments/store', ['as' => 'comments.store', 'middleware' => 'csrf', 'uses' => function () {
$foreignType = Input::get('foreigntype');
$foreignId = Input::get('foreignid');
return Comments::store($foreignType, $foreignId);
}]);
Route::get('comments/{id}', function ($id) {
return Comments::get($id);
});
Route::get('comments/{id}/edit', ['as' => 'comments.edit', 'uses' => function ($id) {
return Comments::edit($id);
}]);
Route::put('comments/{id}/update', ['as' => 'comments.update', 'middleware' => 'csrf', 'uses' => function ($id) {
return Comments::update($id);
}]);
Route::delete('comments/{id}/delete', ['as' => 'comments.delete', 'middleware' => 'csrf', 'uses' => function ($id) {
return Comments::delete($id);
}]);
/*
* Ratings
*/
Route::post('ratings/store', ['as' => 'ratings.store', 'middleware' => 'csrf', 'uses' => function () {
$foreignType = Input::get('foreigntype');
$foreignId = Input::get('foreignid');
return Ratings::store($foreignType, $foreignId);
}]);
$PrivateMessage = $_POST['privatemessage'];
$Body = $_POST['body'];
$Length = $_POST['length'];
$PostID = (int) $_POST['postid'];
$DB->query("\n\tSELECT AuthorID\n\tFROM comments\n\tWHERE ID = {$PostID}");
if (!$DB->has_results()) {
error(404);
}
list($AuthorID) = $DB->next_record();
$UserInfo = Users::user_info($AuthorID);
if ($UserInfo['Class'] > $LoggedUser['Class']) {
error(403);
}
$URL = site_url() . Comments::get_url_query($PostID);
if ($Length !== 'verbal') {
$Time = (int) $Length * (7 * 24 * 60 * 60);
Tools::warn_user($AuthorID, $Time, "{$URL} - {$Reason}");
$Subject = 'You have received a warning';
$PrivateMessage = "You have received a {$Length} week warning for [url={$URL}]this comment[/url].\n\n[quote]{$PrivateMessage}[/quote]";
$WarnTime = time_plus($Time);
$AdminComment = date('Y-m-d') . " - Warned until {$WarnTime} by " . $LoggedUser['Username'] . "\nReason: {$URL} - {$Reason}\n\n";
} else {
$Subject = 'You have received a verbal warning';
$PrivateMessage = "You have received a verbal warning for [url={$URL}]this comment[/url].\n\n[quote]{$PrivateMessage}[/quote]";
$AdminComment = date('Y-m-d') . ' - Verbally warned by ' . $LoggedUser['Username'] . " for {$URL}\nReason: {$Reason}\n\n";
Tools::update_user_notes($AuthorID, $AdminComment);
}
$DB->query("\n\tINSERT INTO users_warnings_forums\n\t\t(UserID, Comment)\n\tVALUES\n\t\t('{$AuthorID}', '" . db_string($AdminComment) . "')\n\tON DUPLICATE KEY UPDATE\n\t\tComment = CONCAT('" . db_string($AdminComment) . "', Comment)");
Misc::send_pm($AuthorID, $LoggedUser['ID'], $Subject, $PrivateMessage);
Comments::edit($PostID, $Body);
header("Location: {$URL}");
