219 lines
9.3 KiB
PHP
219 lines
9.3 KiB
PHP
<?php
|
|
/***********************************************************************
|
|
|
|
Copyright (C) 2002, 2003 Rickard Andersson (punbb@telia.com)
|
|
|
|
This file is part of PunBB.
|
|
|
|
PunBB is free software; you can redistribute it and/or modify it
|
|
under the terms of the GNU General Public License as published
|
|
by the Free Software Foundation; either version 2 of the License,
|
|
or (at your option) any later version.
|
|
|
|
PunBB is distributed in the hope that it will be useful, but
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; if not, write to the Free Software
|
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
|
MA 02111-1307 USA
|
|
|
|
************************************************************************/
|
|
|
|
|
|
require 'config.php';
|
|
require 'include/common.php';
|
|
|
|
|
|
if ($cookie['is_guest'])
|
|
message($lang_common['No permission']);
|
|
|
|
|
|
$id = intval($_GET['id']);
|
|
if (empty($id))
|
|
message($lang_common['Bad request']);
|
|
|
|
// Load the edit.php language file
|
|
require 'lang/'.$language.'/'.$language.'_edit.php';
|
|
|
|
// Fetch some info from the post we are editing
|
|
$result = $db->query('SELECT poster, poster_id, message, smilies, topic_id FROM '.$db->prefix.'posts WHERE id='.$id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
|
|
if (!$db->num_rows($result))
|
|
message($lang_common['Bad request']);
|
|
|
|
$cur_post = $db->fetch_assoc($result);
|
|
|
|
// Determine whether this post is the "topic post" or not
|
|
$result = $db->query('SELECT id FROM '.$db->prefix.'posts WHERE topic_id='.$cur_post['topic_id'].' ORDER BY posted LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
|
|
$topicpost_id = $db->result($result, 0);
|
|
|
|
$is_topicpost = ($id == $topicpost_id) ? true : false;
|
|
|
|
// Fetch some info from the topic in which the post is located
|
|
$result = $db->query('SELECT subject, closed, forum_id FROM '.$db->prefix.'topics WHERE id='.$cur_post['topic_id']) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
|
|
list($subject, $topic_closed, $forum_id) = $db->fetch_row($result);
|
|
|
|
$forum_closed = '0';
|
|
$is_admmod = is_admmod($forum_id, $forum_closed, $admmod_only);
|
|
|
|
// If the current user isn't an administrator or a moderator of this forum
|
|
if (!$is_admmod)
|
|
{
|
|
if ($admmod_only == '1' && $cur_user['status'] < 1 ||
|
|
$topic_closed == '1' ||
|
|
$forum_closed == '1' ||
|
|
$permissions['users_edit_post'] == '0' && $cur_user['status'] < 1 ||
|
|
$cur_post['poster_id'] != $cur_user['id'])
|
|
message($lang_common['No permission']);
|
|
}
|
|
|
|
|
|
if (isset($_POST['form_sent']))
|
|
{
|
|
if ($is_admmod)
|
|
confirm_referer('edit.php');
|
|
|
|
$smilies = $_POST['smilies'];
|
|
|
|
// If it is a topic it must contain a subject
|
|
if ($is_topicpost && $is_admmod)
|
|
{
|
|
$subject = trim(un_escape($_POST['req_subject']));
|
|
|
|
if ($subject == '')
|
|
message($lang_edit['No subject']);
|
|
else if (strlen($subject) > 70)
|
|
message($lang_edit['Too long subject']);
|
|
else if ($permissions['subject_all_caps'] == '0' && !preg_match('/[[:lower:]]/', $subject) && $cur_user['status'] < 1)
|
|
message($lang_edit['No caps subject']);
|
|
}
|
|
|
|
// Make sure all newlines are \n and not \r\n or \r
|
|
$message = str_replace("\r", "\n", str_replace("\r\n", "\n", trim(un_escape($_POST['req_message']))));
|
|
|
|
if ($message == '')
|
|
message($lang_edit['No message']);
|
|
else if (strlen($message) > 65535)
|
|
message($lang_edit['Too long message']);
|
|
else if ($permissions['message_all_caps'] === '0' && !preg_match("/[[:lower:]]/", $message) && $cur_user['status'] < 1)
|
|
message($lang_edit['No caps message']);
|
|
|
|
|
|
// Validate BBCode syntax
|
|
if ($permissions['message_bbcode'] == '1' && strpos($message, '[') !== false && strpos($message, ']') !== false)
|
|
{
|
|
// Change all BBCodes to lower case (this way a lot of regex searches can be case sensitive)
|
|
$a = array('[B]', '[I]', '[U]', '[/B]', '[/I]', '[/U]');
|
|
$b = array('[b]', '[i]', '[u]', '[/b]', '[/i]', '[/u]');
|
|
$message = str_replace($a, $b, $message);
|
|
|
|
$a = array("#\[quote\]#i", "#\[/quote\]#i", "#\[code\]#i", "#\[/code\]#i", "#\[colou?r=([a-zA-Z]*|\#?[0-9a-fA-F]{6})\]#i", "#\[/colou?r\]#i", "#\[img\]#i", "#\[/img\]#i", "#\[email\]#i", "#\[email=#i", "#\[/email\]#i", "#\[url\]#i", "#\[url=#i", "#\[/url\]#i");
|
|
$b = array('[quote]', '[/quote]', '[code]', '[/code]', "[color=\\1]", '[/color]', '[img]', '[/img]', '[email]', '[email=', '[/email]', '[url]', '[url=', '[/url]');
|
|
$message = preg_replace($a, $b, $message);
|
|
|
|
require 'include/parser.php';
|
|
if ($overflow = check_tag_order($message))
|
|
// The quote depth level was too high, so we strip out the inner most quote(s)
|
|
$message = substr($message, 0, $overflow[0]).substr($message, $overflow[1], (strlen($message) - $overflow[0]));
|
|
}
|
|
|
|
|
|
require 'include/searchidx.php';
|
|
|
|
if ($smilies != '1') $smilies = '0';
|
|
|
|
if (!isset($_POST['silent']) || !$is_admmod)
|
|
$edited_sql = ', edited='.time().', edited_by=\''.addslashes($cur_user['username']).'\'';
|
|
|
|
if ($is_topicpost && $is_admmod)
|
|
{
|
|
// Update the topic
|
|
$db->query('UPDATE '.$db->prefix.'topics SET subject=\''.addslashes($subject).'\' WHERE id='.$cur_post['topic_id']) or error('Unable to update topic', __FILE__, __LINE__, $db->error());
|
|
|
|
// Update any redirect topics as well
|
|
$db->query('UPDATE '.$db->prefix.'topics SET subject=\''.addslashes($subject).'\' WHERE moved_to='.$cur_post['topic_id']) or error('Unable to update redirect topic', __FILE__, __LINE__, $db->error());
|
|
|
|
// We changed the subject, so we need to take that into account when we update the search words
|
|
update_search_index('edit', $id, $message, $subject);
|
|
}
|
|
else
|
|
update_search_index('edit', $id, $message);
|
|
|
|
// Update the post
|
|
$db->query('UPDATE '.$db->prefix.'posts SET message=\''.addslashes($message).'\', smilies=\''.$smilies.'\''.isset($edited_sql).' WHERE id='.$id) or error('Unable to update post', __FILE__, __LINE__, $db->error());
|
|
|
|
redirect('viewtopic.php?pid='.$id.'#'.$id, $lang_edit['Edit redirect']);
|
|
}
|
|
|
|
|
|
else
|
|
{
|
|
if ($options['smilies'] == '1')
|
|
{
|
|
if ($cur_post['smilies'] == '1')
|
|
$checkboxes[] = '<input type="checkbox" name="smilies" value="1" checked> '.$lang_edit['Show smilies'];
|
|
else
|
|
$checkboxes[] = '<input type="checkbox" name="smilies" value="1"> '.$lang_edit['Show smilies'];
|
|
}
|
|
|
|
if ($is_admmod)
|
|
$checkboxes[] = '<input type="checkbox" name="silent" value="1" checked> '.$lang_edit['Silent edit'];
|
|
|
|
if (isset($checkboxes))
|
|
$checkboxes = implode('<br>'."\n\t\t\t\t", $checkboxes);
|
|
|
|
|
|
$page_title = htmlspecialchars($options['board_title']).' / '.$lang_edit['Edit message'];
|
|
$validate_form = true;
|
|
$form_name = 'edit';
|
|
$focus_element = 'req_message';
|
|
require 'header.php';
|
|
|
|
?>
|
|
<table class="punplain" cellspacing="1" cellpadding="4"><tr><td> </td></tr></table>
|
|
|
|
<form method="post" action="edit.php?id=<?php print $id ?>&action=edit" id="edit" onsubmit="return process_form(this)">
|
|
<input type="hidden" name="form_sent" value="1">
|
|
<table class="punmain" cellspacing="1" cellpadding="4">
|
|
<tr class="punhead">
|
|
<td class="punhead" colspan="2"><?php print $lang_edit['Edit message'] ?></td>
|
|
</tr>
|
|
<tr>
|
|
<td class="puncon1right" style="width: 140px; white-space: nowrap"><b><?php print $lang_common['Author'] ?></b> </td>
|
|
<td class="puncon2"> <?php print htmlspecialchars($cur_post['poster']) ?></td>
|
|
</tr>
|
|
<?php if ($is_topicpost && $is_admmod): ?> <tr>
|
|
<td class="puncon1right" style="width: 140px; white-space: nowrap"><b><?php print $lang_edit['Subject'] ?></b> </td>
|
|
<td class="puncon2"> <input type="text" name="req_subject" size="80" maxlength="70" value="<?php print htmlspecialchars($subject) ?>"></td>
|
|
</tr>
|
|
<?php endif; ?> <tr>
|
|
<td class="puncon1right" style="width: 140px; white-space: nowrap">
|
|
<b><?php print $lang_common['Message'] ?></b> <br><br>
|
|
HTML: <?php print ($permissions['message_html'] == '1') ? $lang_common['on'] : $lang_common['off']; ?> <br>
|
|
<a href="help.php" target="_blank">BBCode</a>: <?php print ($permissions['message_bbcode'] == '1') ? $lang_common['on'] : $lang_common['off']; ?> <br>
|
|
<a href="help.php" target="_blank">[img] tag</a>: <?php print ($permissions['message_img_tag'] == '1') ? $lang_common['on'] : $lang_common['off']; ?> <br>
|
|
<a href="help.php" target="_blank">Smilies</a>: <?php print ($options['smilies'] == '1') ? $lang_common['on'] : $lang_common['off']; ?>
|
|
</td>
|
|
<td class="puncon2"> <textarea name="req_message" rows="20" cols="95"><?php print htmlspecialchars($cur_post['message']) ?></textarea></td>
|
|
</tr>
|
|
<?php if (isset($checkboxes)): ?> <tr>
|
|
<td class="puncon1right" style="width: 140px; white-space: nowrap"><?php print $lang_common['Options'] ?> </td>
|
|
<td class="puncon2">
|
|
<?php print $checkboxes."\n" ?>
|
|
</td>
|
|
</tr>
|
|
<?php endif; ?> <tr>
|
|
<td class="puncon1right" style="width: 140px; white-space: nowrap"><?php print $lang_common['Actions'] ?> </td>
|
|
<td class="puncon2"><br> <input type="submit" name="submit" value="<?php print $lang_common['Submit'] ?>" accesskey="s"> <a href="javascript:history.go(-1)"><?php print $lang_common['Go back'] ?></a><br><br></td>
|
|
</tr>
|
|
</table>
|
|
</form>
|
|
|
|
<table class="punplain" cellspacing="1" cellpadding="4"><tr><td> </td></tr></table>
|
|
<?php
|
|
|
|
require 'footer.php';
|
|
}
|