function luna_ajax_trash_notification() { if (empty($_POST['_nonce'])) { luna_send_json_error(-1); } $response = array(); if (false === LunaNonces::verify($_POST['_nonce'], 'trash-notification-nonce')) { $response['nonces_expired'] = true; luna_send_json($response); } $id = isset($_POST['id']) && !empty($_POST['id']) ? intval($_POST['id']) : 0; if (!$id) { luna_send_json_error(); } global $luna_user; delete_notification($id, $luna_user['id']); luna_send_json_success(); }
$cur_posting['subject'] = censor_words($cur_posting['subject']); } // Do we have permission to post? if (($tid && ($cur_posting['post_replies'] == '' && $luna_user['g_post_replies'] == '0' || $cur_posting['post_replies'] == '0') || $fid && ($cur_posting['post_topics'] == '' && $luna_user['g_post_topics'] == '0' || $cur_posting['post_topics'] == '0') || isset($cur_posting['closed']) && $cur_posting['closed'] == '1') && !$is_admmod) { message(__('You do not have permission to access this page.', 'luna'), false, '403 Forbidden'); } // Start with a clean slate $errors = array(); // Did someone just hit "Submit" or "Preview"? if (isset($_POST['form_sent'])) { // Flood protection if (!isset($_POST['preview']) && $luna_user['last_post'] != '' && time() - $luna_user['last_post'] < $luna_user['g_post_flood']) { $errors[] = sprintf(__('At least %s seconds have to pass between comments. Please wait %s seconds and try posting again.', 'luna'), $luna_user['g_post_flood'], $luna_user['g_post_flood'] - (time() - $luna_user['last_post'])); } // Make sure they got here from the site if ($fid && (!isset($_POST['_luna_nonce_post_topic']) || !LunaNonces::verify($_POST['_luna_nonce_post_topic'], 'post-reply')) || !$fid && (!isset($_POST['_luna_nonce_post_reply']) || !LunaNonces::verify($_POST['_luna_nonce_post_reply'], 'post-reply'))) { message(__('Are you sure you want to do this?', 'luna')); } // If it's a new thread if ($fid) { $subject = luna_trim($_POST['req_subject']); if ($luna_config['o_censoring'] == '1') { $censored_subject = luna_trim(censor_words($subject)); } if ($subject == '') { $errors[] = __('Threads must contain a subject.', 'luna'); } elseif ($luna_config['o_censoring'] == '1' && $censored_subject == '') { $errors[] = __('Threads must contain a subject. After applying censoring filters, your subject was empty.', 'luna'); } elseif (luna_strlen($subject) > 70) { $errors[] = __('Subjects cannot be longer than 70 characters.', 'luna'); } elseif ($luna_config['p_subject_all_caps'] == '0' && is_all_uppercase($subject) && !$luna_user['is_admmod']) {
if ($luna_config['o_censoring'] == '1') { $cur_post['subject'] = censor_words($cur_post['subject']); $cur_post['message'] = censor_words($cur_post['message']); } // Do we have permission to edit this post? if (($luna_user['g_edit_posts'] == '0' || $cur_post['poster_id'] != $luna_user['id'] || $cur_post['closed'] == '1') && !$is_admmod) { message(__('You do not have permission to access this page.', 'luna'), false, '403 Forbidden'); } if ($is_admmod && $luna_user['g_id'] != FORUM_ADMIN && in_array($cur_post['poster_id'], get_admin_ids())) { message(__('You do not have permission to access this page.', 'luna'), false, '403 Forbidden'); } // Start with a clean slate $errors = array(); if (isset($_POST['form_sent'])) { // Make sure they got here from the site if (!isset($_POST['_luna_nonce_edit_post']) || !LunaNonces::verify($_POST['_luna_nonce_edit_post'], 'edit-post')) { message(__('Are you sure you want to do this?', 'luna')); } // If it's a thread it must contain a subject if ($can_edit_subject) { $subject = luna_trim($_POST['req_subject']); if ($luna_config['o_censoring'] == '1') { $censored_subject = luna_trim(censor_words($subject)); } if ($subject == '') { $errors[] = __('Threads must contain a subject.', 'luna'); } elseif ($luna_config['o_censoring'] == '1' && $censored_subject == '') { $errors[] = __('Threads must contain a subject. After applying censoring filters, your subject was empty.', 'luna'); } elseif (luna_strlen($subject) > 70) { $errors[] = __('Subjects cannot be longer than 70 characters.', 'luna'); } elseif ($luna_config['p_subject_all_caps'] == '0' && is_all_uppercase($subject) && !$luna_user['is_admmod']) {
if ($luna_config['o_censoring'] == '1') { $cur_comment['subject'] = censor_words($cur_comment['subject']); $cur_comment['message'] = censor_words($cur_comment['message']); } // Do we have permission to edit this comment? if (($luna_user['g_edit_comments'] == '0' || $cur_comment['commenter_id'] != $luna_user['id'] || $cur_comment['closed'] == '1') && !$is_admmod) { message(__('You do not have permission to access this page.', 'luna'), false, '403 Forbidden'); } if ($is_admmod && $luna_user['g_id'] != LUNA_ADMIN && in_array($cur_comment['commenter_id'], get_admin_ids())) { message(__('You do not have permission to access this page.', 'luna'), false, '403 Forbidden'); } // Start with a clean slate $errors = array(); if (isset($_POST['form_sent'])) { // Make sure they got here from the site if (!isset($_POST['_luna_nonce_edit_comment']) || !LunaNonces::verify($_POST['_luna_nonce_edit_comment'], 'edit-comment')) { message(__('Are you sure you want to do this?', 'luna')); } // If it's a thread it must contain a subject if ($can_edit_subject) { $subject = luna_trim($_POST['req_subject']); if ($luna_config['o_censoring'] == '1') { $censored_subject = luna_trim(censor_words($subject)); } if ($subject == '') { $errors[] = __('Threads must contain a subject.', 'luna'); } elseif ($luna_config['o_censoring'] == '1' && $censored_subject == '') { $errors[] = __('Threads must contain a subject. After applying censoring filters, your subject was empty.', 'luna'); } elseif (luna_strlen($subject) > 70) { $errors[] = __('Subjects cannot be longer than 70 characters.', 'luna'); } elseif ($luna_config['p_subject_all_caps'] == '0' && is_all_uppercase($subject) && !$luna_user['is_admmod']) {