/** * Execute Normal and Inline Thread Moderation * * @param array Moderation information * @param mixed Thread IDs * @return boolean true */ function execute_thread_moderation($thread_options, $tids) { global $db, $mybb; $tid = intval($tids[0]); // Take the first thread to get thread data from $query = $db->simple_select("threads", 'fid', "tid='{$tid}'"); $thread = $db->fetch_array($query); // If deleting threads, only do that if ($thread_options['deletethread'] == 1) { foreach ($tids as $tid) { $this->delete_thread($tid); } } else { if ($thread_options['mergethreads'] == 1 && count($tids) > 1) { $tid_list = implode(',', $tids); $options = array('order_by' => 'dateline', 'order_dir' => 'DESC'); $query = $db->simple_select("threads", 'tid, subject', "tid IN ({$tid_list})", $options); // Select threads from newest to oldest $last_tid = 0; while ($tid = $db->fetch_array($query)) { if ($last_tid != 0) { $this->merge_threads($last_tid, $tid['tid'], $tid['subject']); // And keep merging them until we get down to one thread. } $last_tid = $tid['tid']; } } if ($thread_options['deletepoll'] == 1) { foreach ($tids as $tid) { $this->delete_poll($tid); } } if ($thread_options['removeredirects'] == 1) { foreach ($tids as $tid) { $this->remove_redirects($tid); } } if ($thread_options['approvethread'] == 'approve') { $this->approve_threads($tids, $thread['fid']); } elseif ($thread_options['approvethread'] == 'unapprove') { $this->unapprove_threads($tids, $thread['fid']); } elseif ($thread_options['approvethread'] == 'toggle') { $this->toggle_thread_visibility($tids, $thread['fid']); } if ($thread_options['openthread'] == 'open') { $this->open_threads($tids); } elseif ($thread_options['openthread'] == 'close') { $this->close_threads($tids); } elseif ($thread_options['openthread'] == 'toggle') { $this->toggle_thread_status($tids); } if ($thread_options['threadprefix'] != '-1') { $this->apply_thread_prefix($tids, $thread_options['threadprefix']); // Update thread prefix } if (my_strtolower(trim($thread_options['newsubject'])) != '{subject}') { $this->change_thread_subject($tids, $thread_options['newsubject']); } if (!empty($thread_options['addreply'])) { $tid_list = implode(',', $tids); $query = $db->simple_select("threads", 'fid, subject, tid, firstpost, closed', "tid IN ({$tid_list}) AND closed NOT LIKE 'moved|%'"); require_once MYBB_ROOT . "inc/datahandlers/post.php"; // Loop threads adding a reply to each one while ($thread = $db->fetch_array($query)) { $posthandler = new PostDataHandler("insert"); if (empty($thread_options['replysubject'])) { $new_subject = 'RE: ' . $thread['subject']; } else { $new_subject = str_ireplace('{username}', $mybb->user['username'], $thread_options['replysubject']); $new_subject = str_ireplace('{subject}', $thread['subject'], $new_subject); } // Set the post data that came from the input to the $post array. $post = array("tid" => $thread['tid'], "replyto" => $thread['firstpost'], "fid" => $thread['fid'], "subject" => $new_subject, "uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "message" => $thread_options['addreply'], "ipaddress" => $db->escape_string(get_ip())); // Set up the post options from the input. $post['options'] = array("signature" => 1, "emailnotify" => 0, "disablesmilies" => 0); if ($thread['closed'] == 1) { // Keep this thread closed $post['modoptions']['closethread'] = 1; } $posthandler->set_data($post); if ($posthandler->validate_post($post)) { $posthandler->insert_post($post); } } } if ($thread_options['movethread'] > 0 && $thread_options['movethread'] != $thread['fid']) { if ($thread_options['movethreadredirect'] == 1) { $time = TIME_NOW + $thread_options['movethreadredirectexpire'] * 86400; foreach ($tids as $tid) { $this->move_thread($tid, $thread_options['movethread'], 'redirect', $time); } } else { $this->move_threads($tids, $thread_options['movethread']); } } if ($thread_options['copythread'] > 0 || $thread_options['copythread'] == -2) { if ($thread_options['copythread'] == -2) { $thread_options['copythread'] = $thread['fid']; } foreach ($tids as $tid) { $new_tid = $this->move_thread($tid, $thread_options['copythread'], 'copy'); } } } return true; }
/** * Insert a new post into Database * * @param array $data Post Data * @return array|string When true it will return an array with postID and status of being visible - false = error array or inline string */ function createPost($data, $inline_errors = true) { require_once MYBB_ROOT . 'inc/functions_post.php'; require_once MYBB_ROOT . '/inc/datahandlers/post.php'; $posthandler = new PostDataHandler('insert'); $this->plugins->run_hooks('newreply_do_newreply_start'); $posthandler->set_data($data); if (!$posthandler->validate_post()) { $errors = $posthandler->get_friendly_errors(); return $inline_errors === true ? inline_error($errors) : $errors; } $this->plugins->run_hooks('newreply_do_newreply_end'); return $posthandler->insert_post(); }
} else { if ($post_captcha->type == 2) { //header("Content-type: text/html; charset={$lang->settings['charset']}"); $data = "<captcha>reload</captcha>"; //header("Content-type: application/json; charset={$lang->settings['charset']}"); $json_data = array("data" => $data); } } } } // One or more errors returned, fetch error list and throw to newreply page if (count($post_errors) > 0) { $reply_errors = inline_error($post_errors, '', $json_data); $mybb->input['action'] = "newreply"; } else { $postinfo = $posthandler->insert_post(); $pid = $postinfo['pid']; $visible = $postinfo['visible']; $closed = $postinfo['closed']; // Invalidate solved captcha if ($mybb->settings['captchaimage'] && !$mybb->user['uid']) { $post_captcha->invalidate_captcha(); } $force_redirect = false; // Deciding the fate if ($visible == -2) { // Draft post $lang->redirect_newreply = $lang->draft_saved; $url = "usercp.php?action=drafts"; } elseif ($visible == 1) { // Visible post
function reply_post_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $tid, $pid, $visible, $thread, $post; $input = Tapatalk_Input::filterXmlInput(array('forum_id' => Tapatalk_Input::INT, 'topic_id' => Tapatalk_Input::INT, 'subject' => Tapatalk_Input::STRING, 'text_body' => Tapatalk_Input::STRING, 'attachment_id_array' => Tapatalk_Input::RAW, 'group_id' => Tapatalk_Input::STRING, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params); $lang->load("newreply"); $parser = new Tapatalk_Parser(); $tid = $input['topic_id']; $options = array("limit" => 1); $query = $db->simple_select("threads", "*", "tid='" . $tid . "'"); if ($db->num_rows($query) == 0) { return xmlrespfalse($lang->error_invalidthread); } $thread = $db->fetch_array($query); $fid = $thread['fid']; // Get forum info $forum = get_forum($fid); if (!$forum) { return xmlrespfalse($lang->error_invalidforum); } $forumpermissions = forum_permissions($fid); if ($thread['visible'] == 0 && !is_moderator($fid) || $thread['visible'] < 0) { return xmlrespfalse($lang->error_invalidthread); } if ($forum['open'] == 0 || $forum['type'] != "f") { return xmlrespfalse($lang->error_closedinvalidforum); } if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostreplys'] == 0 || $mybb->user['suspendposting'] == 1) { return tt_no_permission(); } if ($forumpermissions['canonlyviewthreads'] == 1 && $thread['uid'] != $mybb->user['uid']) { return tt_no_permission(); } tt_check_forum_password($forum['fid']); // Check to see if the thread is closed, and if the user is a mod. if (!is_moderator($fid, "caneditposts")) { if ($thread['closed'] == 1) { return xmlrespfalse($lang->redirect_threadclosed); } } // Is the currently logged in user a moderator of this forum? if (is_moderator($fid)) { $ismod = true; } else { $ismod = false; } if (!empty($input['group_id'])) { $posthash = $input['group_id']; } else { $posthash = md5($thread['tid'] . $mybb->user['uid'] . random_str()); } if ($mybb->settings['maxposts'] > 0 && $mybb->usergroup['cancp'] != 1) { $daycut = TIME_NOW - 60 * 60 * 24; $query = $db->simple_select("posts", "COUNT(*) AS posts_today", "uid='{$mybb->user['uid']}' AND visible='1' AND dateline>{$daycut}"); $post_count = $db->fetch_field($query, "posts_today"); if ($post_count >= $mybb->settings['maxposts']) { $lang->error_maxposts = $lang->sprintf($lang->error_maxposts, $mybb->settings['maxposts']); return xmlrespfalse($lang->error_maxposts); } } $username = $mybb->user['username']; $uid = $mybb->user['uid']; $user_check = "p.uid='{$uid}'"; if (version_compare($mybb->version, '1.8.0', '<')) { $query = $db->simple_select("posts p", "p.pid, p.visible", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='" . $db->escape_string($mybb->input['subject']) . "' AND p.message='" . $db->escape_string($mybb->input['message']) . "' AND p.posthash='" . $db->escape_string($mybb->input['posthash']) . "' AND p.visible != '-2'"); } else { $query = $db->simple_select("posts p", "p.pid, p.visible", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='" . $db->escape_string($mybb->get_input('subject')) . "' AND p.message='" . $db->escape_string($mybb->get_input('message')) . "' AND p.visible != '-2' AND p.dateline>" . (TIME_NOW - 600)); } $duplicate_check = $db->fetch_field($query, "pid"); if ($duplicate_check) { return xmlrespfalse($lang->error_post_already_submitted); } require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("insert"); $post = array("tid" => $input['topic_id'], "replyto" => 0, "fid" => $thread['fid'], "subject" => $input['subject'], "icon" => 0, "uid" => $uid, "username" => $username, "message" => $input['text_body'], "ipaddress" => get_ip(), "posthash" => $posthash); if ($mybb->input['pid']) { $post['pid'] = $mybb->input['pid']; } $post['savedraft'] = 0; // Set up the post options from the input. $post['options'] = array("signature" => 1, "subscriptionmethod" => $mybb->user['subscriptionmethod'] == 0 ? '' : $mybb->user['subscriptionmethod'], "disablesmilies" => 0); $post['modoptions']['stickthread'] = $thread['sticky']; $post['modoptions']['closethread'] = $thread['closed']; $posthandler->set_data($post); // Now let the post handler do all the hard work. $valid_post = $posthandler->validate_post(); $post_errors = array(); // Fetch friendly error messages if this is an invalid post if (!$valid_post) { $post_errors = $posthandler->get_friendly_errors(); } // Mark thread as read require_once MYBB_ROOT . "inc/functions_indicators.php"; mark_thread_read($tid, $fid); // One or more errors returned, fetch error list and throw to newreply page if (count($post_errors) > 0) { return xmlrespfalse(implode(" :: ", $post_errors)); } else { $postinfo = $posthandler->insert_post(); $pid = $postinfo['pid']; $visible = $postinfo['visible']; tapatalk_push_reply(); tapatalk_push_quote(); tapatalk_push_tag(); // Deciding the fate if ($visible == -2) { $state = 1; } elseif ($visible == 1) { $state = 0; } else { $state = 1; } } $pid = intval($pid); if (!empty($input['group_id_esc'])) { $db->update_query("attachments", array("pid" => $pid), "posthash='{$input['group_id_esc']}'"); } // update thread attachment account if (count($input['attachment_id_array']) > 0) { update_thread_counters($tid, array("attachmentcount" => "+" . count($input['attachment_id_array']))); } $post = get_post($pid); $parser_options = array(); $parser_options['allow_html'] = false; $parser_options['allow_mycode'] = true; $parser_options['allow_smilies'] = false; $parser_options['allow_imgcode'] = true; $parser_options['allow_videocode'] = true; $parser_options['nl2br'] = (bool) $input['return_html']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } $post['message'] = post_bbcode_clean($post['message']); $post['message'] = $parser->parse_message($post['message'], $parser_options); global $attachcache; $attachcache = array(); if ($thread['attachmentcount'] > 0) { // Now lets fetch all of the attachments for these posts. $query = $db->simple_select("attachments", "*", "pid='{$pid}'"); while ($attachment = $db->fetch_array($query)) { $attachcache[$attachment['pid']][$attachment['aid']] = $attachment; } } $attachment_list = process_post_attachments($post['pid'], $post); $can_delete = 0; if ($mybb->user['uid'] == $post['uid']) { if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) { $can_delete = 1; } else { if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) { $can_delete = 1; } } } $can_delete = (is_moderator($fid, "candeleteposts") || $can_delete == 1) && $mybb->user['uid'] != 0; $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'post_id' => new xmlrpcval($postinfo['pid'], 'string'), 'state' => new xmlrpcval($state, 'int'), 'post_author_id' => new xmlrpcval($mybb->user['uid'], 'string'), 'post_author_name' => new xmlrpcval(basic_clean($mybb->user['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($mybb->user['avatar']), 'string'), 'post_content' => new xmlrpcval(process_post($post['message'], $input['return_html']), 'base64'), 'can_edit' => new xmlrpcval(is_moderator($fid, "caneditposts") || $thread['closed'] == 0 && $forumpermissions['caneditposts'] == 1, 'boolean'), 'can_delete' => new xmlrpcval($can_delete, 'boolean'), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode(TIME_NOW), 'dateTime.iso8601'), 'timestamp' => new xmlrpcval(TIME_NOW, 'string'), 'attachments' => new xmlrpcval($attachment_list, 'array')), 'struct'); return new xmlrpcresp($result); }