function qa_page_q_edit_q_submit($question, $answers, $commentsfollows, $closepost, &$in, &$errors) { $in = array(); if ($question['editable']) { $in['title'] = qa_post_text('q_title'); qa_get_post_content('q_editor', 'q_content', $in['editor'], $in['content'], $in['format'], $in['text']); $in['extra'] = qa_opt('extra_field_active') ? qa_post_text('q_extra') : null; } if ($question['retagcatable']) { if (qa_using_tags()) { $in['tags'] = qa_get_tags_field_value('q_tags'); } if (qa_using_categories()) { $in['categoryid'] = qa_get_category_field_value('q_category'); } } if (array_key_exists('categoryid', $in)) { // need to check if we can move it to that category, and if we need moderation $categories = qa_db_select_with_pending(qa_db_category_nav_selectspec($in['categoryid'], true)); $categoryids = array_keys(qa_category_path($categories, $in['categoryid'])); $userlevel = qa_user_level_for_categories($categoryids); } else { $userlevel = null; } if ($question['isbyuser']) { $in['name'] = qa_post_text('q_name'); $in['notify'] = qa_post_text('q_notify') ? true : false; $in['email'] = qa_post_text('q_email'); } if (!qa_user_post_permit_error('permit_edit_silent', $question)) { $in['silent'] = qa_post_text('q_silent'); } // here the $in array only contains values for parts of the form that were displayed, so those are only ones checked by filters $errors = array(); if (!qa_check_form_security_code('edit-' . $question['postid'], qa_post_text('code'))) { $errors['page'] = qa_lang_html('misc/form_security_again'); } else { $in['queued'] = qa_opt('moderate_edited_again') && qa_user_moderation_reason($userlevel); $filtermodules = qa_load_modules_with('filter', 'filter_question'); foreach ($filtermodules as $filtermodule) { $oldin = $in; $filtermodule->filter_question($in, $errors, $question); if ($question['editable']) { qa_update_post_text($in, $oldin); } } if (array_key_exists('categoryid', $in) && strcmp($in['categoryid'], $question['categoryid'])) { if (qa_user_permit_error('permit_post_q', null, $userlevel)) { $errors['categoryid'] = qa_lang_html('question/category_ask_not_allowed'); } } if (empty($errors)) { $userid = qa_get_logged_in_userid(); $handle = qa_get_logged_in_handle(); $cookieid = qa_cookie_get(); // now we fill in the missing values in the $in array, so that we have everything we need for qa_question_set_content() // we do things in this way to avoid any risk of a validation failure on elements the user can't see (e.g. due to admin setting changes) if (!$question['editable']) { $in['title'] = $question['title']; $in['content'] = $question['content']; $in['format'] = $question['format']; $in['text'] = qa_viewer_text($in['content'], $in['format']); $in['extra'] = $question['extra']; } if (!isset($in['tags'])) { $in['tags'] = qa_tagstring_to_tags($question['tags']); } if (!array_key_exists('categoryid', $in)) { $in['categoryid'] = $question['categoryid']; } if (!isset($in['silent'])) { $in['silent'] = false; } $setnotify = $question['isbyuser'] ? qa_combine_notify_email($question['userid'], $in['notify'], $in['email']) : $question['notify']; qa_question_set_content($question, $in['title'], $in['content'], $in['format'], $in['text'], qa_tags_to_tagstring($in['tags']), $setnotify, $userid, $handle, $cookieid, $in['extra'], @$in['name'], $in['queued'], $in['silent']); if (qa_using_categories() && strcmp($in['categoryid'], $question['categoryid'])) { qa_question_set_category($question, $in['categoryid'], $userid, $handle, $cookieid, $answers, $commentsfollows, $closepost, $in['silent']); } return true; } } return false; }
More about this license: http://www.question2answer.org/license.php */ if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser header('Location: ../'); exit; } require_once QA_INCLUDE_DIR . 'qa-app-format.php'; require_once QA_INCLUDE_DIR . 'qa-app-limits.php'; require_once QA_INCLUDE_DIR . 'qa-db-selects.php'; require_once QA_INCLUDE_DIR . 'qa-util-sort.php'; // Check whether this is a follow-on question and get some info we need from the database $in = array(); $followpostid = qa_get('follow'); $in['categoryid'] = qa_get_category_field_value('category'); if (!isset($in['categoryid'])) { $in['categoryid'] = qa_get('cat'); } $userid = qa_get_logged_in_userid(); list($categories, $followanswer, $completetags) = qa_db_select_with_pending(qa_db_category_nav_selectspec($in['categoryid'], true), isset($followpostid) ? qa_db_full_post_selectspec($userid, $followpostid) : null, qa_db_popular_tags_selectspec(0, QA_DB_RETRIEVE_COMPLETE_TAGS)); if (!isset($categories[$in['categoryid']])) { $in['categoryid'] = null; } if (@$followanswer['basetype'] != 'A') { $followanswer = null; } // Check for permission error $permiterror = qa_user_maximum_permit_error('permit_post_q', QA_LIMIT_QUESTIONS); if ($permiterror) { $qa_content = qa_content_prepare();
More about this license: http://www.question2answer.org/license.php */ if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser header('Location: ../'); exit; } require_once QA_INCLUDE_DIR . 'app/format.php'; require_once QA_INCLUDE_DIR . 'app/limits.php'; require_once QA_INCLUDE_DIR . 'db/selects.php'; require_once QA_INCLUDE_DIR . 'util/sort.php'; // Check whether this is a follow-on question and get some info we need from the database $in = array(); $followpostid = qa_get('follow'); $in['categoryid'] = qa_clicked('doask') ? qa_get_category_field_value('category') : qa_get('cat'); $userid = qa_get_logged_in_userid(); list($categories, $followanswer, $completetags) = qa_db_select_with_pending(qa_db_category_nav_selectspec($in['categoryid'], true), isset($followpostid) ? qa_db_full_post_selectspec($userid, $followpostid) : null, qa_db_popular_tags_selectspec(0, QA_DB_RETRIEVE_COMPLETE_TAGS)); if (!isset($categories[$in['categoryid']])) { $in['categoryid'] = null; } if (@$followanswer['basetype'] != 'A') { $followanswer = null; } // Check for permission error $permiterror = qa_user_maximum_permit_error('permit_post_q', QA_LIMIT_QUESTIONS); if ($permiterror) { $qa_content = qa_content_prepare(); // The 'approve', 'login', 'confirm', 'limit', 'userblock', 'ipblock' permission errors are reported to the user here // The other option ('level') prevents the menu option being shown, in qa_content_prepare(...) switch ($permiterror) {
qa_report_event('u_edit', $loginuserid, qa_get_logged_in_handle(), qa_cookie_get(), array('userid' => $userid, 'handle' => $useraccount['handle'])); } if (isset($maxlevelassign)) { $inlevel = min($maxlevelassign, (int) qa_post_text('level')); // constrain based on maximum permitted to prevent simple browser-based attack if ($inlevel != $useraccount['level']) { qa_set_user_level($userid, $useraccount['handle'], $inlevel, $useraccount['level']); } if (qa_using_categories()) { $inuserlevels = array(); for ($index = 1; $index <= 999; $index++) { $inlevel = qa_post_text('uc_' . $index . '_level'); if (!isset($inlevel)) { break; } $categoryid = qa_get_category_field_value('uc_' . $index . '_cat'); if (strlen($categoryid) && strlen($inlevel)) { $inuserlevels[] = array('entitytype' => QA_ENTITY_CATEGORY, 'entityid' => $categoryid, 'level' => min($maxlevelassign, (int) $inlevel)); } } qa_db_user_levels_set($userid, $inuserlevels); } } if (empty($errors)) { qa_redirect(qa_request()); } list($useraccount, $userprofile, $userlevels) = qa_db_select_with_pending(qa_db_user_account_selectspec($userid, true), qa_db_user_profile_selectspec($userid, true), qa_db_user_levels_selectspec($userid, true, true)); } } } if (qa_clicked('doapprove') || qa_clicked('doblock') || qa_clicked('dounblock') || qa_clicked('dohideall') || qa_clicked('dodelete')) {
} } elseif (qa_clicked('dosavecategory')) { if (!qa_check_form_security_code('admin/categories', qa_post_text('code'))) { $securityexpired = true; } elseif (qa_post_text('dodelete')) { if (!$hassubcategory) { $inreassign = qa_get_category_field_value('reassign'); qa_db_category_reassign($editcategory['categoryid'], $inreassign); qa_db_category_delete($editcategory['categoryid']); qa_redirect(qa_request(), array('recalc' => 1, 'edit' => $editcategory['parentid'])); } } else { require_once QA_INCLUDE_DIR . 'util/string.php'; $inname = qa_post_text('name'); $incontent = qa_post_text('content'); $inparentid = $setparent ? qa_get_category_field_value('parent') : $editcategory['parentid']; $inposition = qa_post_text('position'); $errors = array(); // Check the parent ID $incategories = qa_db_select_with_pending(qa_db_category_nav_selectspec($inparentid, true)); // Verify the name is legitimate for that parent ID if (empty($inname)) { $errors['name'] = qa_lang('main/field_required'); } elseif (qa_strlen($inname) > QA_DB_MAX_CAT_PAGE_TITLE_LENGTH) { $errors['name'] = qa_lang_sub('main/max_length_x', QA_DB_MAX_CAT_PAGE_TITLE_LENGTH); } else { foreach ($incategories as $category) { if (!strcmp($category['parentid'], $inparentid) && strcmp($category['categoryid'], @$editcategory['categoryid']) && qa_strtolower($category['title']) == qa_strtolower($inname)) { $errors['name'] = qa_lang('admin/category_already_used'); } }
function qa_page_q_edit_q_submit($question, $answers, $commentsfollows, $closepost, &$in, &$errors) { $in = array(); if ($question['editable']) { $in['title'] = qa_post_text('q_title'); qa_get_post_content('q_editor', 'q_content', $in['editor'], $in['content'], $in['format'], $in['text']); $in['extra'] = qa_opt('extra_field_active') ? qa_post_text('q_extra') : null; } if ($question['retagcatable']) { if (qa_using_tags()) { $in['tags'] = qa_get_tags_field_value('q_tags'); } if (qa_using_categories()) { $in['categoryid'] = qa_get_category_field_value('q_category'); } } if ($question['isbyuser']) { $in['notify'] = qa_post_text('q_notify') ? true : false; $in['email'] = qa_post_text('q_email'); } // here the $in array only contains values for parts of the form that were displayed, so those are only ones checked by filters $errors = array(); $filtermodules = qa_load_modules_with('filter', 'filter_question'); foreach ($filtermodules as $filtermodule) { $oldin = $in; $filtermodule->filter_question($in, $errors, $question); if ($question['editable']) { qa_update_post_text($in, $oldin); } } if (empty($errors)) { $userid = qa_get_logged_in_userid(); $handle = qa_get_logged_in_handle(); $cookieid = qa_cookie_get(); // now we fill in the missing values in the $in array, so that we have everything we need for qa_question_set_content() // we do things in this way to avoid any risk of a validation failure on elements the user can't see (e.g. due to admin setting changes) if (!$question['editable']) { $in['title'] = $question['title']; $in['content'] = $question['content']; $in['format'] = $question['format']; $in['text'] = qa_viewer_text($in['content'], $in['format']); $in['extra'] = $question['extra']; } if (!isset($in['tags'])) { $in['tags'] = qa_tagstring_to_tags($question['tags']); } if (!array_key_exists('categoryid', $in)) { $in['categoryid'] = $question['categoryid']; } $setnotify = $question['isbyuser'] ? qa_combine_notify_email($question['userid'], $in['notify'], $in['email']) : $question['notify']; qa_question_set_content($question, $in['title'], $in['content'], $in['format'], $in['text'], qa_tags_to_tagstring($in['tags']), $setnotify, $userid, $handle, $cookieid, $in['extra']); if (qa_using_categories() && strcmp($in['categoryid'], $question['categoryid'])) { qa_question_set_category($question, $in['categoryid'], $userid, $handle, $cookieid, $answers, $commentsfollows, $closepost); } return true; } return false; }
$qa_content['form'] = array('tags' => 'METHOD="POST" ACTION="' . qa_self_html() . '"', 'style' => 'tall', 'ok' => $passwordsent ? qa_lang_html('users/password_sent') : null, 'fields' => array('email_handle' => array('label' => qa_lang_html('users/email_handle_label'), 'tags' => 'NAME="emailhandle" ID="emailhandle"', 'value' => qa_html(@$inemailhandle), 'error' => qa_html(@$errors['emailhandle'])), 'password' => array('type' => 'password', 'label' => qa_lang_html('users/password_label'), 'tags' => 'NAME="password" ID="password"', 'value' => qa_html(@$inpassword), 'error' => empty($errors['password']) ? '' : qa_html(@$errors['password']) . ' - ' . $forgothtml . ' ->' . qa_html(@$errors['category']) . '<-', 'note' => $passwordsent ? qa_lang_html('users/password_sent') : $forgothtml), 'category' => array('label' => qa_lang_html('question/q_category_label'), 'tags' => 'NAME="category" ID="category"', 'value' => qa_html(@$incategory), 'error' => qa_html(@$errors['category'])), 'remember' => array('type' => 'checkbox', 'label' => qa_lang_html('users/remember_label'), 'tags' => 'NAME="remember"', 'value' => @$inremember ? true : false)), 'buttons' => array('login' => array('label' => qa_lang_html('users/login_button'))), 'hidden' => array('dologin' => '1')); $modulenames = qa_list_modules('login'); foreach ($modulenames as $tryname) { $module = qa_load_module('login', $tryname); if (method_exists($module, 'login_html')) { ob_start(); $module->login_html(qa_opt('site_url') . qa_get('to'), 'login'); $html = ob_get_clean(); if (strlen($html)) { @($qa_content['custom'] .= '<BR>' . $html . '<BR>'); } } } $qa_content['focusid'] = isset($inemailhandle) && !isset($errors['emailhandle']) ? 'password' : 'emailhandle'; // add handling of sub categories //if (qa_using_categories() && count($categories)) { // $incategoryid=qa_get_category_field_value('category'); // if (!isset($incategoryid)) // $incategoryid=qa_get('cat'); $incategoryid = qa_get_category_field_value('category'); $categories = qa_db_select_with_pending(qa_db_category_nav_selectspec($incategoryid, true)); qa_set_up_category_field($qa_content, $qa_content['form']['fields']['category'], 'category', $categories, $incategoryid, false, qa_opt('allow_no_sub_category')); // // if (!qa_opt('allow_no_category')) // don't auto-select a category even though one is required // $qa_content['form']['fields']['category']['options']['']=''; //} else //unset($qa_content['form']['fields']['category']); return $qa_content; /* Omit PHP closing tag to help avoid accidental output */