| [ Index ] |
PHP Cross Reference of phpBB-3.1.12-deutsch |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * This file is part of the phpBB Forum Software package. 5 * 6 * @copyright (c) phpBB Limited <https://www.phpbb.com> 7 * @license GNU General Public License, version 2 (GPL-2.0) 8 * 9 * For full copyright and license information, please see 10 * the docs/CREDITS.txt file. 11 * 12 */ 13 14 /** 15 * @ignore 16 */ 17 define('IN_PHPBB', true); 18 $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './'; 19 $phpEx = substr(strrchr(__FILE__, '.'), 1); 20 include($phpbb_root_path . 'common.' . $phpEx); 21 include($phpbb_root_path . 'includes/functions_posting.' . $phpEx); 22 include($phpbb_root_path . 'includes/functions_display.' . $phpEx); 23 include($phpbb_root_path . 'includes/message_parser.' . $phpEx); 24 25 26 // Start session management 27 $user->session_begin(); 28 $auth->acl($user->data); 29 30 31 // Grab only parameters needed here 32 $post_id = request_var('p', 0); 33 $topic_id = request_var('t', 0); 34 $forum_id = request_var('f', 0); 35 $draft_id = request_var('d', 0); 36 $lastclick = request_var('lastclick', 0); 37 38 $preview = (isset($_POST['preview'])) ? true : false; 39 $save = (isset($_POST['save'])) ? true : false; 40 $load = (isset($_POST['load'])) ? true : false; 41 $confirm = $request->is_set_post('confirm'); 42 $cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false; 43 44 $refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['cancel_unglobalise']) || $save || $load || $preview); 45 $submit = $request->is_set_post('post') && !$refresh && !$preview; 46 $mode = request_var('mode', ''); 47 48 // If the user is not allowed to delete the post, we try to soft delete it, so we overwrite the mode here. 49 if ($mode == 'delete' && (($confirm && !$request->is_set_post('delete_permanent')) || !$auth->acl_gets('f_delete', 'm_delete', $forum_id))) 50 { 51 $mode = 'soft_delete'; 52 } 53 54 $error = $post_data = array(); 55 $current_time = time(); 56 57 /** 58 * This event allows you to alter the above parameters, such as submit and mode 59 * 60 * Note: $refresh must be true to retain previously submitted form data. 61 * 62 * Note: The template class will not work properly until $user->setup() is 63 * called, and it has not been called yet. Extensions requiring template 64 * assignments should use an event that comes later in this file. 65 * 66 * @event core.modify_posting_parameters 67 * @var int post_id ID of the post 68 * @var int topic_id ID of the topic 69 * @var int forum_id ID of the forum 70 * @var int draft_id ID of the draft 71 * @var int lastclick Timestamp of when the form was last loaded 72 * @var bool submit Whether or not the form has been submitted 73 * @var bool preview Whether or not the post is being previewed 74 * @var bool save Whether or not a draft is being saved 75 * @var bool load Whether or not a draft is being loaded 76 * @var bool cancel Whether or not to cancel the form (returns to 77 * viewtopic or viewforum depending on if the user 78 * is posting a new topic or editing a post) 79 * @var bool refresh Whether or not to retain previously submitted data 80 * @var string mode What action to take if the form has been submitted 81 * post|reply|quote|edit|delete|bump|smilies|popup 82 * @var array error Any error strings; a non-empty array aborts 83 * form submission. 84 * NOTE: Should be actual language strings, NOT 85 * language keys. 86 * @since 3.1.0-a1 87 * @changed 3.1.2-RC1 Removed 'delete' var as it does not exist 88 */ 89 $vars = array( 90 'post_id', 91 'topic_id', 92 'forum_id', 93 'draft_id', 94 'lastclick', 95 'submit', 96 'preview', 97 'save', 98 'load', 99 'cancel', 100 'refresh', 101 'mode', 102 'error', 103 ); 104 extract($phpbb_dispatcher->trigger_event('core.modify_posting_parameters', compact($vars))); 105 106 // Was cancel pressed? If so then redirect to the appropriate page 107 if ($cancel || ($current_time - $lastclick < 2 && $submit)) 108 { 109 $f = ($forum_id) ? 'f=' . $forum_id . '&' : ''; 110 $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx"))); 111 redirect($redirect); 112 } 113 114 if (in_array($mode, array('post', 'reply', 'quote', 'edit', 'delete')) && !$forum_id) 115 { 116 trigger_error('NO_FORUM'); 117 } 118 119 $phpbb_content_visibility = $phpbb_container->get('content.visibility'); 120 121 // We need to know some basic information in all cases before we do anything. 122 switch ($mode) 123 { 124 case 'post': 125 $sql = 'SELECT * 126 FROM ' . FORUMS_TABLE . " 127 WHERE forum_id = $forum_id"; 128 break; 129 130 case 'bump': 131 case 'reply': 132 if (!$topic_id) 133 { 134 trigger_error('NO_TOPIC'); 135 } 136 137 // Force forum id 138 $sql = 'SELECT forum_id 139 FROM ' . TOPICS_TABLE . ' 140 WHERE topic_id = ' . $topic_id; 141 $result = $db->sql_query($sql); 142 $f_id = (int) $db->sql_fetchfield('forum_id'); 143 $db->sql_freeresult($result); 144 145 $forum_id = (!$f_id) ? $forum_id : $f_id; 146 147 $sql = 'SELECT f.*, t.* 148 FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f 149 WHERE t.topic_id = $topic_id 150 AND f.forum_id = t.forum_id 151 AND " . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id, 't.'); 152 break; 153 154 case 'quote': 155 case 'edit': 156 case 'delete': 157 case 'soft_delete': 158 if (!$post_id) 159 { 160 $user->setup('posting'); 161 trigger_error('NO_POST'); 162 } 163 164 // Force forum id 165 $sql = 'SELECT forum_id 166 FROM ' . POSTS_TABLE . ' 167 WHERE post_id = ' . $post_id; 168 $result = $db->sql_query($sql); 169 $f_id = (int) $db->sql_fetchfield('forum_id'); 170 $db->sql_freeresult($result); 171 172 $forum_id = (!$f_id) ? $forum_id : $f_id; 173 174 $sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield 175 FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u 176 WHERE p.post_id = $post_id 177 AND t.topic_id = p.topic_id 178 AND u.user_id = p.poster_id 179 AND f.forum_id = t.forum_id 180 AND " . $phpbb_content_visibility->get_visibility_sql('post', $forum_id, 'p.'); 181 break; 182 183 case 'smilies': 184 $sql = ''; 185 generate_smilies('window', $forum_id); 186 break; 187 188 case 'popup': 189 if ($forum_id) 190 { 191 $sql = 'SELECT forum_style 192 FROM ' . FORUMS_TABLE . ' 193 WHERE forum_id = ' . $forum_id; 194 } 195 else 196 { 197 phpbb_upload_popup(); 198 return; 199 } 200 break; 201 202 default: 203 $sql = ''; 204 break; 205 } 206 207 if (!$sql) 208 { 209 $user->setup('posting'); 210 trigger_error('NO_POST_MODE'); 211 } 212 213 $result = $db->sql_query($sql); 214 $post_data = $db->sql_fetchrow($result); 215 $db->sql_freeresult($result); 216 217 if (!$post_data) 218 { 219 if (!($mode == 'post' || $mode == 'bump' || $mode == 'reply')) 220 { 221 $user->setup('posting'); 222 } 223 trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST'); 224 } 225 226 // Not able to reply to unapproved posts/topics 227 // TODO: add more descriptive language key 228 if ($auth->acl_get('m_approve', $forum_id) && ((($mode == 'reply' || $mode == 'bump') && $post_data['topic_visibility'] != ITEM_APPROVED) || ($mode == 'quote' && $post_data['post_visibility'] != ITEM_APPROVED))) 229 { 230 trigger_error(($mode == 'reply' || $mode == 'bump') ? 'TOPIC_UNAPPROVED' : 'POST_UNAPPROVED'); 231 } 232 233 if ($mode == 'popup') 234 { 235 phpbb_upload_popup($post_data['forum_style']); 236 return; 237 } 238 239 $user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']); 240 241 if ($config['enable_post_confirm'] && !$user->data['is_registered']) 242 { 243 $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']); 244 $captcha->init(CONFIRM_POST); 245 } 246 247 // Use post_row values in favor of submitted ones... 248 $forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id; 249 $topic_id = (!empty($post_data['topic_id'])) ? (int) $post_data['topic_id'] : (int) $topic_id; 250 $post_id = (!empty($post_data['post_id'])) ? (int) $post_data['post_id'] : (int) $post_id; 251 252 // Need to login to passworded forum first? 253 if ($post_data['forum_password']) 254 { 255 login_forum_box(array( 256 'forum_id' => $forum_id, 257 'forum_name' => $post_data['forum_name'], 258 'forum_password' => $post_data['forum_password']) 259 ); 260 } 261 262 // Check permissions 263 if ($user->data['is_bot']) 264 { 265 redirect(append_sid("{$phpbb_root_path}index.$phpEx")); 266 } 267 268 // Is the user able to read within this forum? 269 if (!$auth->acl_get('f_read', $forum_id)) 270 { 271 if ($user->data['user_id'] != ANONYMOUS) 272 { 273 trigger_error('USER_CANNOT_READ'); 274 } 275 $message = $user->lang['LOGIN_EXPLAIN_POST']; 276 277 if ($request->is_ajax()) 278 { 279 $json = new phpbb\json_response(); 280 $json->send(array( 281 'title' => $user->lang['INFORMATION'], 282 'message' => $message, 283 )); 284 } 285 286 login_box('', $message); 287 } 288 289 // Permission to do the action asked? 290 $is_authed = false; 291 292 switch ($mode) 293 { 294 case 'post': 295 if ($auth->acl_get('f_post', $forum_id)) 296 { 297 $is_authed = true; 298 } 299 break; 300 301 case 'bump': 302 if ($auth->acl_get('f_bump', $forum_id)) 303 { 304 $is_authed = true; 305 } 306 break; 307 308 case 'quote': 309 310 $post_data['post_edit_locked'] = 0; 311 312 // no break; 313 314 case 'reply': 315 if ($auth->acl_get('f_reply', $forum_id)) 316 { 317 $is_authed = true; 318 } 319 break; 320 321 case 'edit': 322 if ($user->data['is_registered'] && $auth->acl_gets('f_edit', 'm_edit', $forum_id)) 323 { 324 $is_authed = true; 325 } 326 break; 327 328 case 'delete': 329 if ($user->data['is_registered'] && ($auth->acl_get('m_delete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)))) 330 { 331 $is_authed = true; 332 } 333 334 // no break; 335 336 case 'soft_delete': 337 if (!$is_authed && $user->data['is_registered'] && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $post_data['post_edit_locked'])) 338 { 339 // Fall back to soft_delete if we have no permissions to delete posts but to soft delete them 340 $is_authed = true; 341 $mode = 'soft_delete'; 342 } 343 break; 344 } 345 /** 346 * This event allows you to do extra auth checks and verify if the user 347 * has the required permissions 348 * 349 * Extensions should only change the error and is_authed variables. 350 * 351 * @event core.modify_posting_auth 352 * @var int post_id ID of the post 353 * @var int topic_id ID of the topic 354 * @var int forum_id ID of the forum 355 * @var int draft_id ID of the draft 356 * @var int lastclick Timestamp of when the form was last loaded 357 * @var bool submit Whether or not the form has been submitted 358 * @var bool preview Whether or not the post is being previewed 359 * @var bool save Whether or not a draft is being saved 360 * @var bool load Whether or not a draft is being loaded 361 * @var bool refresh Whether or not to retain previously submitted data 362 * @var string mode What action to take if the form has been submitted 363 * post|reply|quote|edit|delete|bump|smilies|popup 364 * @var array error Any error strings; a non-empty array aborts 365 * form submission. 366 * NOTE: Should be actual language strings, NOT 367 * language keys. 368 * @var bool is_authed Does the user have the required permissions? 369 * @var array post_data All post data from database 370 * @since 3.1.3-RC1 371 * @changed 3.1.10-RC1 Added post_data 372 */ 373 $vars = array( 374 'post_id', 375 'topic_id', 376 'forum_id', 377 'draft_id', 378 'lastclick', 379 'submit', 380 'preview', 381 'save', 382 'load', 383 'refresh', 384 'mode', 385 'error', 386 'is_authed', 387 'post_data', 388 ); 389 extract($phpbb_dispatcher->trigger_event('core.modify_posting_auth', compact($vars))); 390 391 if (!$is_authed || !empty($error)) 392 { 393 $check_auth = ($mode == 'quote') ? 'reply' : (($mode == 'soft_delete') ? 'delete' : $mode); 394 395 if ($user->data['is_registered']) 396 { 397 trigger_error(empty($error) ? 'USER_CANNOT_' . strtoupper($check_auth) : implode('<br/>', $error)); 398 } 399 $message = $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]; 400 401 if ($request->is_ajax()) 402 { 403 $json = new phpbb\json_response(); 404 $json->send(array( 405 'title' => $user->lang['INFORMATION'], 406 'message' => $message, 407 )); 408 } 409 410 login_box('', $message); 411 } 412 413 // Is the user able to post within this forum? 414 if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply'))) 415 { 416 trigger_error('USER_CANNOT_FORUM_POST'); 417 } 418 419 // Forum/Topic locked? 420 if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED)) && !$auth->acl_get('m_edit', $forum_id)) 421 { 422 trigger_error(($post_data['forum_status'] == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED'); 423 } 424 425 // Can we edit this post ... if we're a moderator with rights then always yes 426 // else it depends on editing times, lock status and if we're the correct user 427 if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id)) 428 { 429 $force_edit_allowed = false; 430 431 $s_cannot_edit = $user->data['user_id'] != $post_data['poster_id']; 432 $s_cannot_edit_time = $config['edit_time'] && $post_data['post_time'] <= time() - ($config['edit_time'] * 60); 433 $s_cannot_edit_locked = $post_data['post_edit_locked']; 434 435 /** 436 * This event allows you to modify the conditions for the "cannot edit post" checks 437 * 438 * @event core.posting_modify_cannot_edit_conditions 439 * @var array post_data Array with post data 440 * @var bool force_edit_allowed Allow the user to edit the post (all permissions and conditions are ignored) 441 * @var bool s_cannot_edit User can not edit the post because it's not his 442 * @var bool s_cannot_edit_locked User can not edit the post because it's locked 443 * @var bool s_cannot_edit_time User can not edit the post because edit_time has passed 444 * @since 3.1.0-b4 445 */ 446 $vars = array( 447 'post_data', 448 'force_edit_allowed', 449 's_cannot_edit', 450 's_cannot_edit_locked', 451 's_cannot_edit_time', 452 ); 453 extract($phpbb_dispatcher->trigger_event('core.posting_modify_cannot_edit_conditions', compact($vars))); 454 455 if (!$force_edit_allowed) 456 { 457 if ($s_cannot_edit) 458 { 459 trigger_error('USER_CANNOT_EDIT'); 460 } 461 else if ($s_cannot_edit_time) 462 { 463 trigger_error('CANNOT_EDIT_TIME'); 464 } 465 else if ($s_cannot_edit_locked) 466 { 467 trigger_error('CANNOT_EDIT_POST_LOCKED'); 468 } 469 } 470 } 471 472 // Handle delete mode... 473 if ($mode == 'delete' || $mode == 'soft_delete') 474 { 475 if ($mode == 'soft_delete' && $post_data['post_visibility'] == ITEM_DELETED) 476 { 477 $user->setup('posting'); 478 trigger_error('NO_POST'); 479 } 480 481 $delete_reason = $request->variable('delete_reason', '', true); 482 phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, ($mode == 'soft_delete' && !$request->is_set_post('delete_permanent')), $delete_reason); 483 return; 484 } 485 486 // Handle bump mode... 487 if ($mode == 'bump') 488 { 489 if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id']) 490 && check_link_hash(request_var('hash', ''), "topic_{$post_data['topic_id']}")) 491 { 492 $meta_url = phpbb_bump_topic($forum_id, $topic_id, $post_data, $current_time); 493 meta_refresh(3, $meta_url); 494 $message = $user->lang['TOPIC_BUMPED']; 495 496 if (!$request->is_ajax()) 497 { 498 $message .= '<br /><br />' . $user->lang('VIEW_MESSAGE', '<a href="' . $meta_url . '">', '</a>'); 499 $message .= '<br /><br />' . $user->lang('RETURN_FORUM', '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>'); 500 } 501 502 trigger_error($message); 503 } 504 505 trigger_error('BUMP_ERROR'); 506 } 507 508 // Subject length limiting to 60 characters if first post... 509 if ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_data['post_id'])) 510 { 511 $template->assign_var('S_NEW_MESSAGE', true); 512 } 513 514 // Determine some vars 515 if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS) 516 { 517 $post_data['quote_username'] = (!empty($post_data['post_username'])) ? $post_data['post_username'] : $user->lang['GUEST']; 518 } 519 else 520 { 521 $post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : ''; 522 } 523 524 $post_data['post_edit_locked'] = (isset($post_data['post_edit_locked'])) ? (int) $post_data['post_edit_locked'] : 0; 525 $post_data['post_subject_md5'] = (isset($post_data['post_subject']) && $mode == 'edit') ? md5($post_data['post_subject']) : ''; 526 $post_data['post_subject'] = (in_array($mode, array('quote', 'edit'))) ? $post_data['post_subject'] : ((isset($post_data['topic_title'])) ? $post_data['topic_title'] : ''); 527 $post_data['topic_time_limit'] = (isset($post_data['topic_time_limit'])) ? (($post_data['topic_time_limit']) ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit']) : 0; 528 $post_data['poll_length'] = (!empty($post_data['poll_length'])) ? (int) $post_data['poll_length'] / 86400 : 0; 529 $post_data['poll_start'] = (!empty($post_data['poll_start'])) ? (int) $post_data['poll_start'] : 0; 530 $post_data['icon_id'] = (!isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply'))) ? 0 : (int) $post_data['icon_id']; 531 $post_data['poll_options'] = array(); 532 533 // Get Poll Data 534 if ($post_data['poll_start']) 535 { 536 $sql = 'SELECT poll_option_text 537 FROM ' . POLL_OPTIONS_TABLE . " 538 WHERE topic_id = $topic_id 539 ORDER BY poll_option_id"; 540 $result = $db->sql_query($sql); 541 542 while ($row = $db->sql_fetchrow($result)) 543 { 544 $post_data['poll_options'][] = trim($row['poll_option_text']); 545 } 546 $db->sql_freeresult($result); 547 } 548 549 if ($mode == 'edit') 550 { 551 $original_poll_data = array( 552 'poll_title' => $post_data['poll_title'], 553 'poll_length' => $post_data['poll_length'], 554 'poll_max_options' => $post_data['poll_max_options'], 555 'poll_option_text' => implode("\n", $post_data['poll_options']), 556 'poll_start' => $post_data['poll_start'], 557 'poll_last_vote' => $post_data['poll_last_vote'], 558 'poll_vote_change' => $post_data['poll_vote_change'], 559 ); 560 } 561 562 $orig_poll_options_size = sizeof($post_data['poll_options']); 563 564 $message_parser = new parse_message(); 565 $plupload = $phpbb_container->get('plupload'); 566 $mimetype_guesser = $phpbb_container->get('mimetype.guesser'); 567 $message_parser->set_plupload($plupload); 568 $message_parser->set_mimetype_guesser($mimetype_guesser); 569 570 if (isset($post_data['post_text'])) 571 { 572 $message_parser->message = &$post_data['post_text']; 573 unset($post_data['post_text']); 574 } 575 576 // Set some default variables 577 $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0); 578 579 foreach ($uninit as $var_name => $default_value) 580 { 581 if (!isset($post_data[$var_name])) 582 { 583 $post_data[$var_name] = $default_value; 584 } 585 } 586 unset($uninit); 587 588 // Always check if the submitted attachment data is valid and belongs to the user. 589 // Further down (especially in submit_post()) we do not check this again. 590 $message_parser->get_submitted_attachment_data($post_data['poster_id']); 591 592 if ($post_data['post_attachment'] && !$submit && !$refresh && !$preview && $mode == 'edit') 593 { 594 // Do not change to SELECT * 595 $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename, filesize 596 FROM ' . ATTACHMENTS_TABLE . " 597 WHERE post_msg_id = $post_id 598 AND in_message = 0 599 AND is_orphan = 0 600 ORDER BY attach_id DESC"; 601 $result = $db->sql_query($sql); 602 $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result)); 603 $db->sql_freeresult($result); 604 } 605 606 if ($post_data['poster_id'] == ANONYMOUS) 607 { 608 $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['post_username']) : ''; 609 } 610 else 611 { 612 $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['username']) : ''; 613 } 614 615 $post_data['enable_urls'] = $post_data['enable_magic_url']; 616 617 if ($mode != 'edit') 618 { 619 $post_data['enable_sig'] = ($config['allow_sig'] && $user->optionget('attachsig')) ? true: false; 620 $post_data['enable_smilies'] = ($config['allow_smilies'] && $user->optionget('smilies')) ? true : false; 621 $post_data['enable_bbcode'] = ($config['allow_bbcode'] && $user->optionget('bbcode')) ? true : false; 622 $post_data['enable_urls'] = true; 623 } 624 625 if ($mode == 'post') 626 { 627 $post_data['topic_status'] = ($request->is_set_post('lock_topic') && $auth->acl_gets('m_lock', 'f_user_lock', $forum_id)) ? ITEM_LOCKED : ITEM_UNLOCKED; 628 } 629 630 $post_data['enable_magic_url'] = $post_data['drafts'] = false; 631 632 // User own some drafts? 633 if ($user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote')) 634 { 635 $sql = 'SELECT draft_id 636 FROM ' . DRAFTS_TABLE . ' 637 WHERE user_id = ' . $user->data['user_id'] . 638 (($forum_id) ? ' AND forum_id = ' . (int) $forum_id : '') . 639 (($topic_id) ? ' AND topic_id = ' . (int) $topic_id : '') . 640 (($draft_id) ? " AND draft_id <> $draft_id" : ''); 641 $result = $db->sql_query_limit($sql, 1); 642 643 if ($db->sql_fetchrow($result)) 644 { 645 $post_data['drafts'] = true; 646 } 647 $db->sql_freeresult($result); 648 } 649 650 $check_value = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1); 651 652 // Check if user is watching this topic 653 if ($mode != 'post' && $config['allow_topic_notify'] && $user->data['is_registered']) 654 { 655 $sql = 'SELECT topic_id 656 FROM ' . TOPICS_WATCH_TABLE . ' 657 WHERE topic_id = ' . $topic_id . ' 658 AND user_id = ' . $user->data['user_id']; 659 $result = $db->sql_query($sql); 660 $post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id'); 661 $db->sql_freeresult($result); 662 } 663 664 // Do we want to edit our post ? 665 if ($mode == 'edit' && $post_data['bbcode_uid']) 666 { 667 $message_parser->bbcode_uid = $post_data['bbcode_uid']; 668 } 669 670 // HTML, BBCode, Smilies, Images and Flash status 671 $bbcode_status = ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false; 672 $smilies_status = ($config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false; 673 $img_status = ($bbcode_status && $auth->acl_get('f_img', $forum_id)) ? true : false; 674 $url_status = ($config['allow_post_links']) ? true : false; 675 $flash_status = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false; 676 $quote_status = true; 677 678 // Save Draft 679 if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote')) 680 { 681 $subject = utf8_normalize_nfc(request_var('subject', '', true)); 682 $subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject; 683 $message = utf8_normalize_nfc(request_var('message', '', true)); 684 685 if ($subject && $message) 686 { 687 if (confirm_box(true)) 688 { 689 $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array( 690 'user_id' => (int) $user->data['user_id'], 691 'topic_id' => (int) $topic_id, 692 'forum_id' => (int) $forum_id, 693 'save_time' => (int) $current_time, 694 'draft_subject' => (string) $subject, 695 'draft_message' => (string) $message) 696 ); 697 $db->sql_query($sql); 698 699 $meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id"); 700 701 meta_refresh(3, $meta_info); 702 703 $message = $user->lang['DRAFT_SAVED'] . '<br /><br />'; 704 $message .= ($mode != 'post') ? sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>') . '<br /><br />' : ''; 705 $message .= sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>'); 706 707 trigger_error($message); 708 } 709 else 710 { 711 $s_hidden_fields = build_hidden_fields(array( 712 'mode' => $mode, 713 'save' => true, 714 'f' => $forum_id, 715 't' => $topic_id, 716 'subject' => $subject, 717 'message' => $message, 718 'attachment_data' => $message_parser->attachment_data, 719 ) 720 ); 721 722 $hidden_fields = array( 723 'icon_id' => 0, 724 725 'disable_bbcode' => false, 726 'disable_smilies' => false, 727 'disable_magic_url' => false, 728 'attach_sig' => true, 729 'lock_topic' => false, 730 731 'topic_type' => POST_NORMAL, 732 'topic_time_limit' => 0, 733 734 'poll_title' => '', 735 'poll_option_text' => '', 736 'poll_max_options' => 1, 737 'poll_length' => 0, 738 'poll_vote_change' => false, 739 ); 740 741 foreach ($hidden_fields as $name => $default) 742 { 743 if (!isset($_POST[$name])) 744 { 745 // Don't include it, if its not available 746 unset($hidden_fields[$name]); 747 continue; 748 } 749 750 if (is_bool($default)) 751 { 752 // Use the string representation 753 $hidden_fields[$name] = request_var($name, ''); 754 } 755 else 756 { 757 $hidden_fields[$name] = request_var($name, $default); 758 } 759 } 760 761 $s_hidden_fields .= build_hidden_fields($hidden_fields); 762 763 confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields); 764 } 765 } 766 else 767 { 768 if (utf8_clean_string($subject) === '') 769 { 770 $error[] = $user->lang['EMPTY_SUBJECT']; 771 } 772 773 if (utf8_clean_string($message) === '') 774 { 775 $error[] = $user->lang['TOO_FEW_CHARS']; 776 } 777 } 778 unset($subject, $message); 779 } 780 781 // Load requested Draft 782 if ($draft_id && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $user->data['is_registered'] && $auth->acl_get('u_savedrafts')) 783 { 784 $sql = 'SELECT draft_subject, draft_message 785 FROM ' . DRAFTS_TABLE . " 786 WHERE draft_id = $draft_id 787 AND user_id = " . $user->data['user_id']; 788 $result = $db->sql_query_limit($sql, 1); 789 $row = $db->sql_fetchrow($result); 790 $db->sql_freeresult($result); 791 792 if ($row) 793 { 794 $post_data['post_subject'] = $row['draft_subject']; 795 $message_parser->message = $row['draft_message']; 796 797 $template->assign_var('S_DRAFT_LOADED', true); 798 } 799 else 800 { 801 $draft_id = 0; 802 } 803 } 804 805 // Load draft overview 806 if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_data['drafts']) 807 { 808 load_drafts($topic_id, $forum_id); 809 } 810 811 812 if ($submit || $preview || $refresh) 813 { 814 $post_data['topic_cur_post_id'] = request_var('topic_cur_post_id', 0); 815 $post_data['post_subject'] = utf8_normalize_nfc(request_var('subject', '', true)); 816 $message_parser->message = utf8_normalize_nfc(request_var('message', '', true)); 817 818 $post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true)); 819 $post_data['post_edit_reason'] = ($request->variable('edit_reason', false, false, \phpbb\request\request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? utf8_normalize_nfc(request_var('edit_reason', '', true)) : ''; 820 821 $post_data['orig_topic_type'] = $post_data['topic_type']; 822 $post_data['topic_type'] = request_var('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL)); 823 $post_data['topic_time_limit'] = request_var('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0)); 824 825 if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id)) 826 { 827 $post_data['icon_id'] = request_var('icon', (int) $post_data['icon_id']); 828 } 829 830 $post_data['enable_bbcode'] = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true; 831 $post_data['enable_smilies'] = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true; 832 $post_data['enable_urls'] = (isset($_POST['disable_magic_url'])) ? 0 : 1; 833 $post_data['enable_sig'] = (!$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig')) ? false : ((isset($_POST['attach_sig']) && $user->data['is_registered']) ? true : false); 834 835 if ($config['allow_topic_notify'] && $user->data['is_registered']) 836 { 837 $notify = (isset($_POST['notify'])) ? true : false; 838 } 839 else 840 { 841 $notify = false; 842 } 843 844 $topic_lock = (isset($_POST['lock_topic'])) ? true : false; 845 $post_lock = (isset($_POST['lock_post'])) ? true : false; 846 $poll_delete = (isset($_POST['poll_delete'])) ? true : false; 847 848 if ($submit) 849 { 850 $status_switch = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1); 851 $status_switch = ($status_switch != $check_value); 852 } 853 else 854 { 855 $status_switch = 1; 856 } 857 858 // Delete Poll 859 if ($poll_delete && $mode == 'edit' && sizeof($post_data['poll_options']) && 860 ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))) 861 { 862 if ($submit && check_form_key('posting')) 863 { 864 $sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . " 865 WHERE topic_id = $topic_id"; 866 $db->sql_query($sql); 867 868 $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . " 869 WHERE topic_id = $topic_id"; 870 $db->sql_query($sql); 871 872 $topic_sql = array( 873 'poll_title' => '', 874 'poll_start' => 0, 875 'poll_length' => 0, 876 'poll_last_vote' => 0, 877 'poll_max_options' => 0, 878 'poll_vote_change' => 0 879 ); 880 881 $sql = 'UPDATE ' . TOPICS_TABLE . ' 882 SET ' . $db->sql_build_array('UPDATE', $topic_sql) . " 883 WHERE topic_id = $topic_id"; 884 $db->sql_query($sql); 885 } 886 887 $post_data['poll_title'] = $post_data['poll_option_text'] = ''; 888 $post_data['poll_vote_change'] = $post_data['poll_max_options'] = $post_data['poll_length'] = 0; 889 } 890 else 891 { 892 $post_data['poll_title'] = utf8_normalize_nfc(request_var('poll_title', '', true)); 893 $post_data['poll_length'] = request_var('poll_length', 0); 894 $post_data['poll_option_text'] = utf8_normalize_nfc(request_var('poll_option_text', '', true)); 895 $post_data['poll_max_options'] = request_var('poll_max_options', 1); 896 $post_data['poll_vote_change'] = ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0; 897 } 898 899 // If replying/quoting and last post id has changed 900 // give user option to continue submit or return to post 901 // notify and show user the post made between his request and the final submit 902 if (($mode == 'reply' || $mode == 'quote') && $post_data['topic_cur_post_id'] && $post_data['topic_cur_post_id'] != $post_data['topic_last_post_id']) 903 { 904 // Only do so if it is allowed forum-wide 905 if ($post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW) 906 { 907 if (topic_review($topic_id, $forum_id, 'post_review', $post_data['topic_cur_post_id'])) 908 { 909 $template->assign_var('S_POST_REVIEW', true); 910 } 911 912 $submit = false; 913 $refresh = true; 914 } 915 } 916 917 // Parse Attachments - before checksum is calculated 918 $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh); 919 920 /** 921 * This event allows you to modify message text before parsing 922 * 923 * @event core.posting_modify_message_text 924 * @var array post_data Array with post data 925 * @var string mode What action to take if the form is submitted 926 * post|reply|quote|edit|delete|bump|smilies|popup 927 * @var int post_id ID of the post 928 * @var int topic_id ID of the topic 929 * @var int forum_id ID of the forum 930 * @var bool submit Whether or not the form has been submitted 931 * @var bool preview Whether or not the post is being previewed 932 * @var bool save Whether or not a draft is being saved 933 * @var bool load Whether or not a draft is being loaded 934 * @var bool cancel Whether or not to cancel the form (returns to 935 * viewtopic or viewforum depending on if the user 936 * is posting a new topic or editing a post) 937 * @var bool refresh Whether or not to retain previously submitted data 938 * @var object message_parser The message parser object 939 * @var array error Array of errors 940 * @since 3.1.2-RC1 941 * @changed 3.1.11-RC1 Added error 942 */ 943 $vars = array( 944 'post_data', 945 'mode', 946 'post_id', 947 'topic_id', 948 'forum_id', 949 'submit', 950 'preview', 951 'save', 952 'load', 953 'cancel', 954 'refresh', 955 'message_parser', 956 'error', 957 ); 958 extract($phpbb_dispatcher->trigger_event('core.posting_modify_message_text', compact($vars))); 959 960 // Grab md5 'checksum' of new message 961 $message_md5 = md5($message_parser->message); 962 963 // If editing and checksum has changed we know the post was edited while we're editing 964 // Notify and show user the changed post 965 if ($mode == 'edit' && $post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW) 966 { 967 $edit_post_message_checksum = request_var('edit_post_message_checksum', ''); 968 $edit_post_subject_checksum = request_var('edit_post_subject_checksum', ''); 969 970 // $post_data['post_checksum'] is the checksum of the post submitted in the meantime 971 // $message_md5 is the checksum of the post we're about to submit 972 // $edit_post_message_checksum is the checksum of the post we're editing 973 // ... 974 975 // We make sure nobody else made exactly the same change 976 // we're about to submit by also checking $message_md5 != $post_data['post_checksum'] 977 if ($edit_post_message_checksum !== '' && 978 $edit_post_message_checksum != $post_data['post_checksum'] && 979 $message_md5 != $post_data['post_checksum'] 980 || 981 $edit_post_subject_checksum !== '' && 982 $edit_post_subject_checksum != $post_data['post_subject_md5'] && 983 md5($post_data['post_subject']) != $post_data['post_subject_md5']) 984 { 985 if (topic_review($topic_id, $forum_id, 'post_review_edit', $post_id)) 986 { 987 $template->assign_vars(array( 988 'S_POST_REVIEW' => true, 989 990 'L_POST_REVIEW' => $user->lang['POST_REVIEW_EDIT'], 991 'L_POST_REVIEW_EXPLAIN' => $user->lang['POST_REVIEW_EDIT_EXPLAIN'], 992 )); 993 } 994 995 $submit = false; 996 $refresh = true; 997 } 998 } 999 1000 // Check checksum ... don't re-parse message if the same 1001 $update_message = ($mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN) ? true : false; 1002 1003 // Also check if subject got updated... 1004 $update_subject = $mode != 'edit' || ($post_data['post_subject_md5'] && $post_data['post_subject_md5'] != md5($post_data['post_subject'])); 1005 1006 // Parse message 1007 if ($update_message) 1008 { 1009 if (sizeof($message_parser->warn_msg)) 1010 { 1011 $error[] = implode('<br />', $message_parser->warn_msg); 1012 $message_parser->warn_msg = array(); 1013 } 1014 1015 if (!$preview || !empty($message_parser->message)) 1016 { 1017 $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']); 1018 } 1019 1020 // On a refresh we do not care about message parsing errors 1021 if (sizeof($message_parser->warn_msg) && $refresh && !$preview) 1022 { 1023 $message_parser->warn_msg = array(); 1024 } 1025 } 1026 else 1027 { 1028 $message_parser->bbcode_bitfield = $post_data['bbcode_bitfield']; 1029 } 1030 1031 $ignore_flood = $auth->acl_get('u_ignoreflood') ? true : $auth->acl_get('f_ignoreflood', $forum_id); 1032 if ($mode != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$ignore_flood) 1033 { 1034 // Flood check 1035 $last_post_time = 0; 1036 1037 if ($user->data['is_registered']) 1038 { 1039 $last_post_time = $user->data['user_lastpost_time']; 1040 } 1041 else 1042 { 1043 $sql = 'SELECT post_time AS last_post_time 1044 FROM ' . POSTS_TABLE . " 1045 WHERE poster_ip = '" . $user->ip . "' 1046 AND post_time > " . ($current_time - $config['flood_interval']); 1047 $result = $db->sql_query_limit($sql, 1); 1048 if ($row = $db->sql_fetchrow($result)) 1049 { 1050 $last_post_time = $row['last_post_time']; 1051 } 1052 $db->sql_freeresult($result); 1053 } 1054 1055 if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval'])) 1056 { 1057 $error[] = $user->lang['FLOOD_ERROR']; 1058 } 1059 } 1060 1061 // Validate username 1062 if (($post_data['username'] && !$user->data['is_registered']) || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username'])) 1063 { 1064 if (!function_exists('validate_username')) 1065 { 1066 include($phpbb_root_path . 'includes/functions_user.' . $phpEx); 1067 } 1068 1069 $user->add_lang('ucp'); 1070 1071 if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false) 1072 { 1073 $error[] = $user->lang[$result . '_USERNAME']; 1074 } 1075 1076 if (($result = validate_string($post_data['username'], false, $config['min_name_chars'], $config['max_name_chars'])) !== false) 1077 { 1078 $min_max_amount = ($result == 'TOO_SHORT') ? $config['min_name_chars'] : $config['max_name_chars']; 1079 $error[] = $user->lang('FIELD_' . $result, $min_max_amount, $user->lang['USERNAME']); 1080 } 1081 } 1082 1083 if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply'))) 1084 { 1085 $captcha_data = array( 1086 'message' => utf8_normalize_nfc(request_var('message', '', true)), 1087 'subject' => utf8_normalize_nfc(request_var('subject', '', true)), 1088 'username' => utf8_normalize_nfc(request_var('username', '', true)), 1089 ); 1090 $vc_response = $captcha->validate($captcha_data); 1091 if ($vc_response) 1092 { 1093 $error[] = $vc_response; 1094 } 1095 } 1096 1097 // check form 1098 if (($submit || $preview) && !check_form_key('posting')) 1099 { 1100 $error[] = $user->lang['FORM_INVALID']; 1101 } 1102 1103 if ($submit && $mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED && !isset($_POST['soft_delete']) && $auth->acl_get('m_approve', $forum_id)) 1104 { 1105 $is_first_post = ($post_id == $post_data['topic_first_post_id'] || !$post_data['topic_posts_approved']); 1106 $is_last_post = ($post_id == $post_data['topic_last_post_id'] || !$post_data['topic_posts_approved']); 1107 $updated_post_data = $phpbb_content_visibility->set_post_visibility(ITEM_APPROVED, $post_id, $post_data['topic_id'], $post_data['forum_id'], $user->data['user_id'], time(), '', $is_first_post, $is_last_post); 1108 1109 if (!empty($updated_post_data)) 1110 { 1111 // Update the post_data, so we don't need to refetch it. 1112 $post_data = array_merge($post_data, $updated_post_data); 1113 } 1114 } 1115 1116 // Parse subject 1117 if (!$preview && !$refresh && utf8_clean_string($post_data['post_subject']) === '' && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id))) 1118 { 1119 $error[] = $user->lang['EMPTY_SUBJECT']; 1120 } 1121 1122 // Check for out-of-bounds characters that are currently 1123 // not supported by utf8_bin in MySQL 1124 if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $post_data['post_subject'], $matches)) 1125 { 1126 $character_list = implode('<br />', $matches[0]); 1127 $error[] = $user->lang('UNSUPPORTED_CHARACTERS_SUBJECT', $character_list); 1128 } 1129 1130 $post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0; 1131 1132 if ($post_data['poll_option_text'] && 1133 ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/)) 1134 && $auth->acl_get('f_poll', $forum_id)) 1135 { 1136 $poll = array( 1137 'poll_title' => $post_data['poll_title'], 1138 'poll_length' => $post_data['poll_length'], 1139 'poll_max_options' => $post_data['poll_max_options'], 1140 'poll_option_text' => $post_data['poll_option_text'], 1141 'poll_start' => $post_data['poll_start'], 1142 'poll_last_vote' => $post_data['poll_last_vote'], 1143 'poll_vote_change' => $post_data['poll_vote_change'], 1144 'enable_bbcode' => $post_data['enable_bbcode'], 1145 'enable_urls' => $post_data['enable_urls'], 1146 'enable_smilies' => $post_data['enable_smilies'], 1147 'img_status' => $img_status 1148 ); 1149 1150 $message_parser->parse_poll($poll); 1151 1152 $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array(); 1153 $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : ''; 1154 1155 /* We reset votes, therefore also allow removing options 1156 if ($post_data['poll_last_vote'] && ($poll['poll_options_size'] < $orig_poll_options_size)) 1157 { 1158 $message_parser->warn_msg[] = $user->lang['NO_DELETE_POLL_OPTIONS']; 1159 }*/ 1160 } 1161 else if ($mode == 'edit' && $post_id == $post_data['topic_first_post_id'] && $auth->acl_get('f_poll', $forum_id)) 1162 { 1163 // The user removed all poll options, this is equal to deleting the poll. 1164 $poll = array( 1165 'poll_title' => '', 1166 'poll_length' => 0, 1167 'poll_max_options' => 0, 1168 'poll_option_text' => '', 1169 'poll_start' => 0, 1170 'poll_last_vote' => 0, 1171 'poll_vote_change' => 0, 1172 'poll_options' => array(), 1173 ); 1174 1175 $post_data['poll_options'] = array(); 1176 $post_data['poll_title'] = ''; 1177 $post_data['poll_start'] = $post_data['poll_length'] = $post_data['poll_max_options'] = $post_data['poll_last_vote'] = $post_data['poll_vote_change'] = 0; 1178 } 1179 else if (!$auth->acl_get('f_poll', $forum_id) && ($mode == 'edit') && ($post_id == $post_data['topic_first_post_id']) && ($original_poll_data['poll_title'] != '')) 1180 { 1181 // We have a poll but the editing user is not permitted to create/edit it. 1182 // So we just keep the original poll-data. 1183 $poll = array_merge($original_poll_data, array( 1184 'enable_bbcode' => $post_data['enable_bbcode'], 1185 'enable_urls' => $post_data['enable_urls'], 1186 'enable_smilies' => $post_data['enable_smilies'], 1187 'img_status' => $img_status, 1188 )); 1189 1190 $message_parser->parse_poll($poll); 1191 1192 $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array(); 1193 $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : ''; 1194 } 1195 else 1196 { 1197 $poll = array(); 1198 } 1199 1200 // Check topic type 1201 if ($post_data['topic_type'] != POST_NORMAL && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id))) 1202 { 1203 switch ($post_data['topic_type']) 1204 { 1205 case POST_GLOBAL: 1206 case POST_ANNOUNCE: 1207 $auth_option = 'f_announce'; 1208 break; 1209 1210 case POST_STICKY: 1211 $auth_option = 'f_sticky'; 1212 break; 1213 1214 default: 1215 $auth_option = ''; 1216 break; 1217 } 1218 1219 if ($auth_option != '' && !$auth->acl_get($auth_option, $forum_id)) 1220 { 1221 // There is a special case where a user edits his post whereby the topic type got changed by an admin/mod. 1222 // Another case would be a mod not having sticky permissions for example but edit permissions. 1223 if ($mode == 'edit') 1224 { 1225 // To prevent non-authed users messing around with the topic type we reset it to the original one. 1226 $post_data['topic_type'] = $post_data['orig_topic_type']; 1227 } 1228 else 1229 { 1230 $error[] = $user->lang['CANNOT_POST_' . str_replace('F_', '', strtoupper($auth_option))]; 1231 } 1232 } 1233 } 1234 1235 if (sizeof($message_parser->warn_msg)) 1236 { 1237 $error[] = implode('<br />', $message_parser->warn_msg); 1238 } 1239 1240 // DNSBL check 1241 if ($config['check_dnsbl'] && !$refresh) 1242 { 1243 if (($dnsbl = $user->check_dnsbl('post')) !== false) 1244 { 1245 $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]); 1246 } 1247 } 1248 1249 /** 1250 * This event allows you to define errors before the post action is performed 1251 * 1252 * @event core.posting_modify_submission_errors 1253 * @var array post_data Array with post data 1254 * @var array poll Array with poll data from post (must be used instead of the post_data equivalent) 1255 * @var string mode What action to take if the form is submitted 1256 * post|reply|quote|edit|delete|bump|smilies|popup 1257 * @var string page_title Title of the mode page 1258 * @var int post_id ID of the post 1259 * @var int topic_id ID of the topic 1260 * @var int forum_id ID of the forum 1261 * @var bool submit Whether or not the form has been submitted 1262 * @var array error Any error strings; a non-empty array aborts form submission. 1263 * NOTE: Should be actual language strings, NOT language keys. 1264 * @since 3.1.0-RC5 1265 * @changed 3.1.5-RC1 Added poll array to the event 1266 */ 1267 $vars = array( 1268 'post_data', 1269 'poll', 1270 'mode', 1271 'page_title', 1272 'post_id', 1273 'topic_id', 1274 'forum_id', 1275 'submit', 1276 'error', 1277 ); 1278 extract($phpbb_dispatcher->trigger_event('core.posting_modify_submission_errors', compact($vars))); 1279 1280 // Store message, sync counters 1281 if (!sizeof($error) && $submit) 1282 { 1283 if ($submit) 1284 { 1285 // Lock/Unlock Topic 1286 $change_topic_status = $post_data['topic_status']; 1287 $perm_lock_unlock = ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED)) ? true : false; 1288 1289 if ($post_data['topic_status'] == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock) 1290 { 1291 $change_topic_status = ITEM_UNLOCKED; 1292 } 1293 else if ($post_data['topic_status'] == ITEM_UNLOCKED && $topic_lock && $perm_lock_unlock) 1294 { 1295 $change_topic_status = ITEM_LOCKED; 1296 } 1297 1298 if ($change_topic_status != $post_data['topic_status']) 1299 { 1300 $sql = 'UPDATE ' . TOPICS_TABLE . " 1301 SET topic_status = $change_topic_status 1302 WHERE topic_id = $topic_id 1303 AND topic_moved_id = 0"; 1304 $db->sql_query($sql); 1305 1306 $user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster']) ? 'USER_' : ''; 1307 1308 add_log('mod', $forum_id, $topic_id, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), $post_data['topic_title']); 1309 } 1310 1311 // Lock/Unlock Post Edit 1312 if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id)) 1313 { 1314 $post_data['post_edit_locked'] = ITEM_UNLOCKED; 1315 } 1316 else if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id)) 1317 { 1318 $post_data['post_edit_locked'] = ITEM_LOCKED; 1319 } 1320 1321 $data = array( 1322 'topic_title' => (empty($post_data['topic_title'])) ? $post_data['post_subject'] : $post_data['topic_title'], 1323 'topic_first_post_id' => (isset($post_data['topic_first_post_id'])) ? (int) $post_data['topic_first_post_id'] : 0, 1324 'topic_last_post_id' => (isset($post_data['topic_last_post_id'])) ? (int) $post_data['topic_last_post_id'] : 0, 1325 'topic_time_limit' => (int) $post_data['topic_time_limit'], 1326 'topic_attachment' => (isset($post_data['topic_attachment'])) ? (int) $post_data['topic_attachment'] : 0, 1327 'post_id' => (int) $post_id, 1328 'topic_id' => (int) $topic_id, 1329 'forum_id' => (int) $forum_id, 1330 'icon_id' => (int) $post_data['icon_id'], 1331 'poster_id' => (int) $post_data['poster_id'], 1332 'enable_sig' => (bool) $post_data['enable_sig'], 1333 'enable_bbcode' => (bool) $post_data['enable_bbcode'], 1334 'enable_smilies' => (bool) $post_data['enable_smilies'], 1335 'enable_urls' => (bool) $post_data['enable_urls'], 1336 'enable_indexing' => (bool) $post_data['enable_indexing'], 1337 'message_md5' => (string) $message_md5, 1338 'post_checksum' => (isset($post_data['post_checksum'])) ? (string) $post_data['post_checksum'] : '', 1339 'post_edit_reason' => $post_data['post_edit_reason'], 1340 'post_edit_user' => ($mode == 'edit') ? $user->data['user_id'] : ((isset($post_data['post_edit_user'])) ? (int) $post_data['post_edit_user'] : 0), 1341 'forum_parents' => $post_data['forum_parents'], 1342 'forum_name' => $post_data['forum_name'], 1343 'notify' => $notify, 1344 'notify_set' => $post_data['notify_set'], 1345 'poster_ip' => (isset($post_data['poster_ip'])) ? $post_data['poster_ip'] : $user->ip, 1346 'post_edit_locked' => (int) $post_data['post_edit_locked'], 1347 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 1348 'bbcode_uid' => $message_parser->bbcode_uid, 1349 'message' => $message_parser->message, 1350 'attachment_data' => $message_parser->attachment_data, 1351 'filename_data' => $message_parser->filename_data, 1352 'topic_status' => $post_data['topic_status'], 1353 1354 'topic_visibility' => (isset($post_data['topic_visibility'])) ? $post_data['topic_visibility'] : false, 1355 'post_visibility' => (isset($post_data['post_visibility'])) ? $post_data['post_visibility'] : false, 1356 ); 1357 1358 if ($mode == 'edit') 1359 { 1360 $data['topic_posts_approved'] = $post_data['topic_posts_approved']; 1361 $data['topic_posts_unapproved'] = $post_data['topic_posts_unapproved']; 1362 $data['topic_posts_softdeleted'] = $post_data['topic_posts_softdeleted']; 1363 } 1364 1365 // Only return the username when it is either a guest posting or we are editing a post and 1366 // the username was supplied; otherwise post_data might hold the data of the post that is 1367 // being quoted (which could result in the username being returned being that of the quoted 1368 // post's poster, not the poster of the current post). See: PHPBB3-11769 for more information. 1369 $post_author_name = ((!$user->data['is_registered'] || $mode == 'edit') && $post_data['username'] !== '') ? $post_data['username'] : ''; 1370 1371 /** 1372 * This event allows you to define errors before the post action is performed 1373 * 1374 * @event core.posting_modify_submit_post_before 1375 * @var array post_data Array with post data 1376 * @var array poll Array with poll data 1377 * @var array data Array with post data going to be stored in the database 1378 * @var string mode What action to take if the form is submitted 1379 * post|reply|quote|edit|delete 1380 * @var string page_title Title of the mode page 1381 * @var int post_id ID of the post 1382 * @var int topic_id ID of the topic 1383 * @var int forum_id ID of the forum 1384 * @var string post_author_name Author name for guest posts 1385 * @var bool update_message Boolean if the post message was changed 1386 * @var bool update_subject Boolean if the post subject was changed 1387 * NOTE: Should be actual language strings, NOT language keys. 1388 * @since 3.1.0-RC5 1389 * @changed 3.1.6-RC1 remove submit and error from event Submit and Error are checked previously prior to running event 1390 */ 1391 $vars = array( 1392 'post_data', 1393 'poll', 1394 'data', 1395 'mode', 1396 'page_title', 1397 'post_id', 1398 'topic_id', 1399 'forum_id', 1400 'post_author_name', 1401 'update_message', 1402 'update_subject', 1403 ); 1404 extract($phpbb_dispatcher->trigger_event('core.posting_modify_submit_post_before', compact($vars))); 1405 1406 // The last parameter tells submit_post if search indexer has to be run 1407 $redirect_url = submit_post($mode, $post_data['post_subject'], $post_author_name, $post_data['topic_type'], $poll, $data, $update_message, ($update_message || $update_subject) ? true : false); 1408 1409 /** 1410 * This event allows you to define errors after the post action is performed 1411 * 1412 * @event core.posting_modify_submit_post_after 1413 * @var array post_data Array with post data 1414 * @var array poll Array with poll data 1415 * @var array data Array with post data going to be stored in the database 1416 * @var string mode What action to take if the form is submitted 1417 * post|reply|quote|edit|delete 1418 * @var string page_title Title of the mode page 1419 * @var int post_id ID of the post 1420 * @var int topic_id ID of the topic 1421 * @var int forum_id ID of the forum 1422 * @var string post_author_name Author name for guest posts 1423 * @var bool update_message Boolean if the post message was changed 1424 * @var bool update_subject Boolean if the post subject was changed 1425 * @var string redirect_url URL the user is going to be redirected to 1426 * NOTE: Should be actual language strings, NOT language keys. 1427 * @since 3.1.0-RC5 1428 * @changed 3.1.6-RC1 remove submit and error from event Submit and Error are checked previously prior to running event 1429 */ 1430 $vars = array( 1431 'post_data', 1432 'poll', 1433 'data', 1434 'mode', 1435 'page_title', 1436 'post_id', 1437 'topic_id', 1438 'forum_id', 1439 'post_author_name', 1440 'update_message', 1441 'update_subject', 1442 'redirect_url', 1443 ); 1444 extract($phpbb_dispatcher->trigger_event('core.posting_modify_submit_post_after', compact($vars))); 1445 1446 if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === true) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote')) 1447 { 1448 $captcha->reset(); 1449 } 1450 1451 // Handle delete mode... 1452 if ($request->is_set_post('delete') || $request->is_set_post('delete_permanent')) 1453 { 1454 $delete_reason = $request->variable('delete_reason', '', true); 1455 phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, !$request->is_set_post('delete_permanent'), $delete_reason); 1456 return; 1457 } 1458 1459 // Check the permissions for post approval. 1460 // Moderators must go through post approval like ordinary users. 1461 if ((!$auth->acl_get('f_noapprove', $data['forum_id']) && empty($data['force_approved_state'])) || (isset($data['force_approved_state']) && !$data['force_approved_state'])) 1462 { 1463 meta_refresh(10, $redirect_url); 1464 $message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD']; 1465 $message .= (($user->data['user_id'] == ANONYMOUS) ? '' : ' '. $user->lang['POST_APPROVAL_NOTIFY']); 1466 $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $data['forum_id']) . '">', '</a>'); 1467 trigger_error($message); 1468 } 1469 1470 redirect($redirect_url); 1471 } 1472 } 1473 } 1474 1475 // Preview 1476 if (!sizeof($error) && $preview) 1477 { 1478 $post_data['post_time'] = ($mode == 'edit') ? $post_data['post_time'] : $current_time; 1479 1480 $preview_message = $message_parser->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies'], false); 1481 1482 $preview_signature = ($mode == 'edit') ? $post_data['user_sig'] : $user->data['user_sig']; 1483 $preview_signature_uid = ($mode == 'edit') ? $post_data['user_sig_bbcode_uid'] : $user->data['user_sig_bbcode_uid']; 1484 $preview_signature_bitfield = ($mode == 'edit') ? $post_data['user_sig_bbcode_bitfield'] : $user->data['user_sig_bbcode_bitfield']; 1485 1486 // Signature 1487 if ($post_data['enable_sig'] && $config['allow_sig'] && $preview_signature && $auth->acl_get('f_sigs', $forum_id)) 1488 { 1489 $parse_sig = new parse_message($preview_signature); 1490 $parse_sig->bbcode_uid = $preview_signature_uid; 1491 $parse_sig->bbcode_bitfield = $preview_signature_bitfield; 1492 1493 // Not sure about parameters for bbcode/smilies/urls... in signatures 1494 $parse_sig->format_display($config['allow_sig_bbcode'], $config['allow_sig_links'], $config['allow_sig_smilies']); 1495 $preview_signature = $parse_sig->message; 1496 unset($parse_sig); 1497 } 1498 else 1499 { 1500 $preview_signature = ''; 1501 } 1502 1503 $preview_subject = censor_text($post_data['post_subject']); 1504 1505 // Poll Preview 1506 if (!$poll_delete && ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/)) 1507 && $auth->acl_get('f_poll', $forum_id)) 1508 { 1509 $parse_poll = new parse_message($post_data['poll_title']); 1510 $parse_poll->bbcode_uid = $message_parser->bbcode_uid; 1511 $parse_poll->bbcode_bitfield = $message_parser->bbcode_bitfield; 1512 1513 $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']); 1514 1515 if ($post_data['poll_length']) 1516 { 1517 $poll_end = ($post_data['poll_length'] * 86400) + (($post_data['poll_start']) ? $post_data['poll_start'] : time()); 1518 } 1519 1520 $template->assign_vars(array( 1521 'S_HAS_POLL_OPTIONS' => (sizeof($post_data['poll_options'])), 1522 'S_IS_MULTI_CHOICE' => ($post_data['poll_max_options'] > 1) ? true : false, 1523 1524 'POLL_QUESTION' => $parse_poll->message, 1525 1526 'L_POLL_LENGTH' => ($post_data['poll_length']) ? sprintf($user->lang['POLL_RUN_TILL'], $user->format_date($poll_end)) : '', 1527 'L_MAX_VOTES' => $user->lang('MAX_OPTIONS_SELECT', (int) $post_data['poll_max_options']), 1528 )); 1529 1530 $preview_poll_options = array(); 1531 foreach ($post_data['poll_options'] as $poll_option) 1532 { 1533 $parse_poll->message = $poll_option; 1534 $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']); 1535 $preview_poll_options[] = $parse_poll->message; 1536 } 1537 unset($parse_poll); 1538 1539 foreach ($preview_poll_options as $key => $option) 1540 { 1541 $template->assign_block_vars('poll_option', array( 1542 'POLL_OPTION_CAPTION' => $option, 1543 'POLL_OPTION_ID' => $key + 1) 1544 ); 1545 } 1546 unset($preview_poll_options); 1547 } 1548 1549 // Attachment Preview 1550 if (sizeof($message_parser->attachment_data)) 1551 { 1552 $template->assign_var('S_HAS_ATTACHMENTS', true); 1553 1554 $update_count = array(); 1555 $attachment_data = $message_parser->attachment_data; 1556 1557 parse_attachments($forum_id, $preview_message, $attachment_data, $update_count, true); 1558 1559 foreach ($attachment_data as $i => $attachment) 1560 { 1561 $template->assign_block_vars('attachment', array( 1562 'DISPLAY_ATTACHMENT' => $attachment) 1563 ); 1564 } 1565 unset($attachment_data); 1566 } 1567 1568 if (!sizeof($error)) 1569 { 1570 $template->assign_vars(array( 1571 'PREVIEW_SUBJECT' => $preview_subject, 1572 'PREVIEW_MESSAGE' => $preview_message, 1573 'PREVIEW_SIGNATURE' => $preview_signature, 1574 1575 'S_DISPLAY_PREVIEW' => !empty($preview_message), 1576 )); 1577 } 1578 } 1579 1580 // Remove quotes that would become nested too deep before decoding the text 1581 $generate_quote = ($mode == 'quote' && !$submit && !$preview && !$refresh); 1582 if ($generate_quote && $config['max_quote_depth'] > 0) 1583 { 1584 $tmp_bbcode_uid = $message_parser->bbcode_uid; 1585 $message_parser->bbcode_uid = $post_data['bbcode_uid']; 1586 $message_parser->remove_nested_quotes($config['max_quote_depth'] - 1); 1587 $message_parser->bbcode_uid = $tmp_bbcode_uid; 1588 } 1589 1590 // Decode text for message display 1591 $post_data['bbcode_uid'] = ($mode == 'quote' && !$preview && !$refresh && !sizeof($error)) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid; 1592 $message_parser->decode_message($post_data['bbcode_uid']); 1593 1594 if ($generate_quote) 1595 { 1596 // Remove attachment bbcode tags from the quoted message to avoid mixing with the new post attachments if any 1597 $message_parser->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#uis', '\\2', $message_parser->message); 1598 1599 if ($config['allow_bbcode']) 1600 { 1601 $message_parser->message = '[quote="' . $post_data['quote_username'] . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n"; 1602 } 1603 else 1604 { 1605 $offset = 0; 1606 $quote_string = "> "; 1607 $message = censor_text(trim($message_parser->message)); 1608 // see if we are nesting. It's easily tricked but should work for one level of nesting 1609 if (strpos($message, ">") !== false) 1610 { 1611 $offset = 10; 1612 } 1613 $message = utf8_wordwrap($message, 75 + $offset, "\n"); 1614 1615 $message = $quote_string . $message; 1616 $message = str_replace("\n", "\n" . $quote_string, $message); 1617 $message_parser->message = $post_data['quote_username'] . " " . $user->lang['WROTE'] . ":\n" . $message . "\n"; 1618 } 1619 } 1620 1621 if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh) 1622 { 1623 $post_data['post_subject'] = ((strpos($post_data['post_subject'], 'Re: ') !== 0) ? 'Re: ' : '') . censor_text($post_data['post_subject']); 1624 } 1625 1626 $attachment_data = $message_parser->attachment_data; 1627 $filename_data = $message_parser->filename_data; 1628 $post_data['post_text'] = $message_parser->message; 1629 1630 if (sizeof($post_data['poll_options']) || !empty($post_data['poll_title'])) 1631 { 1632 $message_parser->message = $post_data['poll_title']; 1633 $message_parser->bbcode_uid = $post_data['bbcode_uid']; 1634 1635 $message_parser->decode_message(); 1636 $post_data['poll_title'] = $message_parser->message; 1637 1638 $message_parser->message = implode("\n", $post_data['poll_options']); 1639 $message_parser->decode_message(); 1640 $post_data['poll_options'] = explode("\n", $message_parser->message); 1641 } 1642 1643 // MAIN POSTING PAGE BEGINS HERE 1644 1645 // Forum moderators? 1646 $moderators = array(); 1647 if ($config['load_moderators']) 1648 { 1649 get_moderators($moderators, $forum_id); 1650 } 1651 1652 // Generate smiley listing 1653 generate_smilies('inline', $forum_id); 1654 1655 // Generate inline attachment select box 1656 posting_gen_inline_attachments($attachment_data); 1657 1658 // Do show topic type selection only in first post. 1659 $topic_type_toggle = false; 1660 1661 if ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id'])) 1662 { 1663 $topic_type_toggle = posting_gen_topic_types($forum_id, $post_data['topic_type']); 1664 } 1665 1666 $s_topic_icons = false; 1667 if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id)) 1668 { 1669 $s_topic_icons = posting_gen_topic_icons($mode, $post_data['icon_id']); 1670 } 1671 1672 $bbcode_checked = (isset($post_data['enable_bbcode'])) ? !$post_data['enable_bbcode'] : (($config['allow_bbcode']) ? !$user->optionget('bbcode') : 1); 1673 $smilies_checked = (isset($post_data['enable_smilies'])) ? !$post_data['enable_smilies'] : (($config['allow_smilies']) ? !$user->optionget('smilies') : 1); 1674 $urls_checked = (isset($post_data['enable_urls'])) ? !$post_data['enable_urls'] : 0; 1675 $sig_checked = $post_data['enable_sig']; 1676 $lock_topic_checked = (isset($topic_lock) && $topic_lock) ? $topic_lock : (($post_data['topic_status'] == ITEM_LOCKED) ? 1 : 0); 1677 $lock_post_checked = (isset($post_lock)) ? $post_lock : $post_data['post_edit_locked']; 1678 1679 // If the user is replying or posting and not already watching this topic but set to always being notified we need to overwrite this setting 1680 $notify_set = ($mode != 'edit' && $config['allow_topic_notify'] && $user->data['is_registered'] && !$post_data['notify_set']) ? $user->data['user_notify'] : $post_data['notify_set']; 1681 $notify_checked = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set); 1682 1683 // Page title & action URL 1684 $s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode&f=$forum_id"); 1685 $s_action .= ($topic_id) ? "&t=$topic_id" : ''; 1686 $s_action .= ($post_id) ? "&p=$post_id" : ''; 1687 1688 switch ($mode) 1689 { 1690 case 'post': 1691 $page_title = $user->lang['POST_TOPIC']; 1692 break; 1693 1694 case 'quote': 1695 case 'reply': 1696 $page_title = $user->lang['POST_REPLY']; 1697 break; 1698 1699 case 'delete': 1700 case 'edit': 1701 $page_title = $user->lang['EDIT_POST']; 1702 break; 1703 } 1704 1705 // Build Navigation Links 1706 generate_forum_nav($post_data); 1707 1708 // Build Forum Rules 1709 generate_forum_rules($post_data); 1710 1711 // Posting uses is_solved for legacy reasons. Plugins have to use is_solved to force themselves to be displayed. 1712 if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === false) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote')) 1713 { 1714 1715 $template->assign_vars(array( 1716 'S_CONFIRM_CODE' => true, 1717 'CAPTCHA_TEMPLATE' => $captcha->get_template(), 1718 )); 1719 } 1720 1721 $s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $post_data['topic_last_post_id'] . '" />' : ''; 1722 $s_hidden_fields .= '<input type="hidden" name="lastclick" value="' . $current_time . '" />'; 1723 $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . request_var('draft_loaded', $draft_id) . '" />' : ''; 1724 1725 if ($mode == 'edit') 1726 { 1727 $s_hidden_fields .= build_hidden_fields(array( 1728 'edit_post_message_checksum' => $post_data['post_checksum'], 1729 'edit_post_subject_checksum' => $post_data['post_subject_md5'], 1730 )); 1731 } 1732 1733 // Add the confirm id/code pair to the hidden fields, else an error is displayed on next submit/preview 1734 if (isset($captcha) && $captcha->is_solved() !== false) 1735 { 1736 $s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields()); 1737 } 1738 1739 $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_attachments'] || !$auth->acl_get('u_attach') || !$auth->acl_get('f_attach', $forum_id)) ? '' : ' enctype="multipart/form-data"'; 1740 add_form_key('posting'); 1741 1742 1743 // Build array of variables for main posting page 1744 $page_data = array( 1745 'L_POST_A' => $page_title, 1746 'L_ICON' => ($mode == 'reply' || $mode == 'quote' || ($mode == 'edit' && $post_id != $post_data['topic_first_post_id'])) ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'], 1747 'L_MESSAGE_BODY_EXPLAIN' => $user->lang('MESSAGE_BODY_EXPLAIN', (int) $config['max_post_chars']), 1748 'L_DELETE_POST_PERMANENTLY' => $user->lang('DELETE_POST_PERMANENTLY', 1), 1749 1750 'FORUM_NAME' => $post_data['forum_name'], 1751 'FORUM_DESC' => ($post_data['forum_desc']) ? generate_text_for_display($post_data['forum_desc'], $post_data['forum_desc_uid'], $post_data['forum_desc_bitfield'], $post_data['forum_desc_options']) : '', 1752 'TOPIC_TITLE' => censor_text($post_data['topic_title']), 1753 'MODERATORS' => (sizeof($moderators)) ? implode($user->lang['COMMA_SEPARATOR'], $moderators[$forum_id]) : '', 1754 'USERNAME' => ((!$preview && $mode != 'quote') || $preview) ? $post_data['username'] : '', 1755 'SUBJECT' => $post_data['post_subject'], 1756 'MESSAGE' => $post_data['post_text'], 1757 'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'), 1758 'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 1759 'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], 1760 'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], 1761 'URL_STATUS' => ($bbcode_status && $url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'], 1762 'MAX_FONT_SIZE' => (int) $config['max_post_font_size'], 1763 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['POST']), 1764 'POST_DATE' => ($post_data['post_time']) ? $user->format_date($post_data['post_time']) : '', 1765 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', 1766 'TOPIC_TIME_LIMIT' => (int) $post_data['topic_time_limit'], 1767 'EDIT_REASON' => $request->variable('edit_reason', '', true), 1768 'SHOW_PANEL' => $request->variable('show_panel', ''), 1769 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"), 1770 'U_VIEW_TOPIC' => ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id") : '', 1771 'U_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup"), 1772 'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup")), 1773 1774 'S_PRIVMSGS' => false, 1775 'S_CLOSE_PROGRESS_WINDOW' => (isset($_POST['add_file'])) ? true : false, 1776 'S_EDIT_POST' => ($mode == 'edit') ? true : false, 1777 'S_EDIT_REASON' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false, 1778 'S_DISPLAY_USERNAME' => (!$user->data['is_registered'] || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS)) ? true : false, 1779 'S_SHOW_TOPIC_ICONS' => $s_topic_icons, 1780 'S_DELETE_ALLOWED' => ($mode == 'edit' && (($post_id == $post_data['topic_last_post_id'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])) || $auth->acl_get('m_delete', $forum_id))) ? true : false, 1781 'S_BBCODE_ALLOWED' => ($bbcode_status) ? 1 : 0, 1782 'S_BBCODE_CHECKED' => ($bbcode_checked) ? ' checked="checked"' : '', 1783 'S_SMILIES_ALLOWED' => $smilies_status, 1784 'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '', 1785 'S_SIG_ALLOWED' => ($auth->acl_get('f_sigs', $forum_id) && $config['allow_sig'] && $user->data['is_registered']) ? true : false, 1786 'S_SIGNATURE_CHECKED' => ($sig_checked) ? ' checked="checked"' : '', 1787 'S_NOTIFY_ALLOWED' => (!$user->data['is_registered'] || ($mode == 'edit' && $user->data['user_id'] != $post_data['poster_id']) || !$config['allow_topic_notify'] || !$config['email_enable']) ? false : true, 1788 'S_NOTIFY_CHECKED' => ($notify_checked) ? ' checked="checked"' : '', 1789 'S_LOCK_TOPIC_ALLOWED' => (($mode == 'edit' || $mode == 'reply' || $mode == 'quote' || $mode == 'post') && ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED))) ? true : false, 1790 'S_LOCK_TOPIC_CHECKED' => ($lock_topic_checked) ? ' checked="checked"' : '', 1791 'S_LOCK_POST_ALLOWED' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false, 1792 'S_LOCK_POST_CHECKED' => ($lock_post_checked) ? ' checked="checked"' : '', 1793 'S_SOFTDELETE_CHECKED' => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? ' checked="checked"' : '', 1794 'S_SOFTDELETE_ALLOWED' => ($mode == 'edit' && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $lock_post_checked)) ? true : false, 1795 'S_RESTORE_ALLOWED' => $auth->acl_get('m_approve', $forum_id), 1796 'S_IS_DELETED' => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? true : false, 1797 'S_LINKS_ALLOWED' => $url_status, 1798 'S_MAGIC_URL_CHECKED' => ($urls_checked) ? ' checked="checked"' : '', 1799 'S_TYPE_TOGGLE' => $topic_type_toggle, 1800 'S_SAVE_ALLOWED' => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $mode != 'edit') ? true : false, 1801 'S_HAS_DRAFTS' => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $post_data['drafts']) ? true : false, 1802 'S_FORM_ENCTYPE' => $form_enctype, 1803 1804 'S_BBCODE_IMG' => $img_status, 1805 'S_BBCODE_URL' => $url_status, 1806 'S_BBCODE_FLASH' => $flash_status, 1807 'S_BBCODE_QUOTE' => $quote_status, 1808 1809 'S_POST_ACTION' => $s_action, 1810 'S_HIDDEN_FIELDS' => $s_hidden_fields, 1811 'S_ATTACH_DATA' => json_encode($message_parser->attachment_data), 1812 'S_IN_POSTING' => true, 1813 ); 1814 1815 // Build custom bbcodes array 1816 display_custom_bbcodes(); 1817 1818 // Poll entry 1819 if (($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/)) 1820 && $auth->acl_get('f_poll', $forum_id)) 1821 { 1822 $page_data = array_merge($page_data, array( 1823 'S_SHOW_POLL_BOX' => true, 1824 'S_POLL_VOTE_CHANGE' => ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id)), 1825 'S_POLL_DELETE' => ($mode == 'edit' && sizeof($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))), 1826 'S_POLL_DELETE_CHECKED' => (!empty($poll_delete)) ? true : false, 1827 1828 'L_POLL_OPTIONS_EXPLAIN' => $user->lang('POLL_OPTIONS_' . (($mode == 'edit') ? 'EDIT_' : '') . 'EXPLAIN', (int) $config['max_poll_options']), 1829 1830 'VOTE_CHANGE_CHECKED' => (!empty($post_data['poll_vote_change'])) ? ' checked="checked"' : '', 1831 'POLL_TITLE' => (isset($post_data['poll_title'])) ? $post_data['poll_title'] : '', 1832 'POLL_OPTIONS' => (!empty($post_data['poll_options'])) ? implode("\n", $post_data['poll_options']) : '', 1833 'POLL_MAX_OPTIONS' => (isset($post_data['poll_max_options'])) ? (int) $post_data['poll_max_options'] : 1, 1834 'POLL_LENGTH' => $post_data['poll_length'], 1835 ) 1836 ); 1837 } 1838 1839 /** 1840 * This event allows you to modify template variables for the posting screen 1841 * 1842 * @event core.posting_modify_template_vars 1843 * @var array post_data Array with post data 1844 * @var array moderators Array with forum moderators 1845 * @var string mode What action to take if the form is submitted 1846 * post|reply|quote|edit|delete|bump|smilies|popup 1847 * @var string page_title Title of the mode page 1848 * @var bool s_topic_icons Whether or not to show the topic icons 1849 * @var string form_enctype If attachments are allowed for this form 1850 * "multipart/form-data" or empty string 1851 * @var string s_action The URL to submit the POST data to 1852 * @var string s_hidden_fields Concatenated hidden input tags of posting form 1853 * @var int post_id ID of the post 1854 * @var int topic_id ID of the topic 1855 * @var int forum_id ID of the forum 1856 * @var int draft_id ID of the draft 1857 * @var bool submit Whether or not the form has been submitted 1858 * @var bool preview Whether or not the post is being previewed 1859 * @var bool save Whether or not a draft is being saved 1860 * @var bool load Whether or not a draft is being loaded 1861 * @var bool cancel Whether or not to cancel the form (returns to 1862 * viewtopic or viewforum depending on if the user 1863 * is posting a new topic or editing a post) 1864 * @var array error Any error strings; a non-empty array aborts 1865 * form submission. 1866 * NOTE: Should be actual language strings, NOT 1867 * language keys. 1868 * @var bool refresh Whether or not to retain previously submitted data 1869 * @var array page_data Posting page data that should be passed to the 1870 * posting page via $template->assign_vars() 1871 * @var object message_parser The message parser object 1872 * @since 3.1.0-a1 1873 * @changed 3.1.0-b3 Added vars post_data, moderators, mode, page_title, 1874 * s_topic_icons, form_enctype, s_action, s_hidden_fields, 1875 * post_id, topic_id, forum_id, submit, preview, save, load, 1876 * delete, cancel, refresh, error, page_data, message_parser 1877 * @changed 3.1.2-RC1 Removed 'delete' var as it does not exist 1878 * @changed 3.1.5-RC1 Added poll variables to the page_data array 1879 * @changed 3.1.6-RC1 Added 'draft_id' var 1880 */ 1881 $vars = array( 1882 'post_data', 1883 'moderators', 1884 'mode', 1885 'page_title', 1886 's_topic_icons', 1887 'form_enctype', 1888 's_action', 1889 's_hidden_fields', 1890 'post_id', 1891 'topic_id', 1892 'forum_id', 1893 'draft_id', 1894 'submit', 1895 'preview', 1896 'save', 1897 'load', 1898 'cancel', 1899 'refresh', 1900 'error', 1901 'page_data', 1902 'message_parser', 1903 ); 1904 extract($phpbb_dispatcher->trigger_event('core.posting_modify_template_vars', compact($vars))); 1905 1906 // Start assigning vars for main posting page ... 1907 $template->assign_vars($page_data); 1908 1909 // Show attachment box for adding attachments if true 1910 $allowed = ($auth->acl_get('f_attach', $forum_id) && $auth->acl_get('u_attach') && $config['allow_attachments'] && $form_enctype); 1911 1912 if ($allowed) 1913 { 1914 $max_files = ($auth->acl_get('a_') || $auth->acl_get('m_', $forum_id)) ? 0 : (int) $config['max_attachments']; 1915 $plupload->configure($cache, $template, $s_action, $forum_id, $max_files); 1916 } 1917 1918 // Attachment entry 1919 posting_gen_attachment_entry($attachment_data, $filename_data, $allowed); 1920 1921 // Output page ... 1922 page_header($page_title); 1923 1924 $template->set_filenames(array( 1925 'body' => 'posting_body.html') 1926 ); 1927 1928 make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx")); 1929 1930 // Topic review 1931 if ($mode == 'reply' || $mode == 'quote') 1932 { 1933 if (topic_review($topic_id, $forum_id)) 1934 { 1935 $template->assign_var('S_DISPLAY_REVIEW', true); 1936 } 1937 } 1938 1939 page_footer();
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Thu Jan 11 00:25:41 2018 | Cross-referenced by PHPXref 0.7.1 |