| [ Index ] |
PHP Cross Reference of MyBB 1.6.5 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id: post.php 5625 2011-10-02 19:16:35Z ralgith $ 10 */ 11 12 // Disallow direct access to this file for security reasons 13 if(!defined("IN_MYBB")) 14 { 15 die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined."); 16 } 17 18 /* 19 EXAMPLE USE: 20 21 $post = get from POST data 22 $thread = get from DB using POST data id 23 24 $postHandler = new postDataHandler(); 25 if($postHandler->validate_post($post)) 26 { 27 $postHandler->insert_post($post); 28 } 29 30 */ 31 32 /** 33 * Post handling class, provides common structure to handle post data. 34 * 35 */ 36 class PostDataHandler extends DataHandler 37 { 38 /** 39 * The language file used in the data handler. 40 * 41 * @var string 42 */ 43 public $language_file = 'datahandler_post'; 44 45 /** 46 * The prefix for the language variables used in the data handler. 47 * 48 * @var string 49 */ 50 public $language_prefix = 'postdata'; 51 52 /** 53 * What are we performing? 54 * post = New post 55 * thread = New thread 56 * edit = Editing a thread or post 57 */ 58 public $action; 59 60 /** 61 * Array of data inserted in to a post. 62 * 63 * @var array 64 */ 65 public $post_insert_data = array(); 66 67 /** 68 * Array of data used to update a post. 69 * 70 * @var array 71 */ 72 public $post_update_data = array(); 73 74 /** 75 * Post ID currently being manipulated by the datahandlers. 76 * 77 * @var int 78 */ 79 public $pid = 0; 80 81 /** 82 * Array of data inserted in to a thread. 83 * 84 * @var array 85 */ 86 public $thread_insert_data = array(); 87 88 /** 89 * Array of data used to update a thread. 90 * 91 * @var array 92 */ 93 public $thread_update_data = array(); 94 95 /** 96 * Thread ID currently being manipulated by the datahandlers. 97 * 98 * @var int 99 */ 100 public $tid = 0; 101 102 /** 103 * Verifies the author of a post and fetches the username if necessary. 104 * 105 * @return boolean True if the author information is valid, false if invalid. 106 */ 107 function verify_author() 108 { 109 global $mybb; 110 111 $post = &$this->data; 112 113 // Don't have a user ID at all - not good (note, a user id of 0 will still work). 114 if(!isset($post['uid'])) 115 { 116 $this->set_error("invalid_user_id"); 117 return false; 118 } 119 // If we have a user id but no username then fetch the username. 120 else if($post['uid'] > 0 && $post['username'] == '') 121 { 122 $user = get_user($post['uid']); 123 $post['username'] = $user['username']; 124 } 125 126 // After all of this, if we still don't have a username, force the username as "Guest" (Note, this is not translatable as it is always a fallback) 127 if(!$post['username']) 128 { 129 $post['username'] = "Guest"; 130 } 131 132 // Sanitize the username 133 $post['username'] = htmlspecialchars_uni($post['username']); 134 return true; 135 } 136 137 /** 138 * Verifies a post subject. 139 * 140 * @param string True if the subject is valid, false if invalid. 141 * @return boolean True when valid, false when not valid. 142 */ 143 function verify_subject() 144 { 145 global $db; 146 $post = &$this->data; 147 $subject = &$post['subject']; 148 149 // Are we editing an existing thread or post? 150 if($this->method == "update" && $post['pid']) 151 { 152 if(!$post['tid']) 153 { 154 $query = $db->simple_select("posts", "tid", "pid='".intval($post['pid'])."'"); 155 $post['tid'] = $db->fetch_field($query, "tid"); 156 } 157 // Here we determine if we're editing the first post of a thread or not. 158 $options = array( 159 "limit" => 1, 160 "limit_start" => 0, 161 "order_by" => "dateline", 162 "order_dir" => "asc" 163 ); 164 $query = $db->simple_select("posts", "pid", "tid='".$post['tid']."'", $options); 165 $first_check = $db->fetch_array($query); 166 if($first_check['pid'] == $post['pid']) 167 { 168 $first_post = true; 169 } 170 else 171 { 172 $first_post = false; 173 } 174 175 // If this is the first post there needs to be a subject, else make it the default one. 176 if(my_strlen(trim_blank_chrs($subject)) == 0 && $first_post) 177 { 178 $this->set_error("firstpost_no_subject"); 179 return false; 180 } 181 elseif(my_strlen($subject) == 0) 182 { 183 $thread = get_thread($post['tid']); 184 $subject = "RE: ".$thread['subject']; 185 } 186 } 187 188 // This is a new post 189 else if($this->action == "post") 190 { 191 if(my_strlen(trim_blank_chrs($subject)) == 0) 192 { 193 $thread = get_thread($post['tid']); 194 $subject = "RE: ".$thread['subject']; 195 } 196 } 197 198 // This is a new thread and we require that a subject is present. 199 else 200 { 201 if(my_strlen(trim_blank_chrs($subject)) == 0) 202 { 203 $this->set_error("missing_subject"); 204 return false; 205 } 206 } 207 208 // Subject is valid - return true. 209 return true; 210 } 211 212 /** 213 * Verifies a post message. 214 * 215 * @param string The message content. 216 */ 217 function verify_message() 218 { 219 global $mybb; 220 221 $post = &$this->data; 222 223 // Do we even have a message at all? 224 if(my_strlen(trim_blank_chrs($post['message'])) == 0) 225 { 226 $this->set_error("missing_message"); 227 return false; 228 } 229 230 // If this board has a maximum message length check if we're over it. Use strlen because SQL limits are in bytes 231 else if(strlen($post['message']) > $mybb->settings['maxmessagelength'] && $mybb->settings['maxmessagelength'] > 0 && !is_moderator($post['fid'], "", $post['uid'])) 232 { 233 $this->set_error("message_too_long", array($mybb->settings['maxmessagelength'], strlen($post['message']))); 234 return false; 235 } 236 237 // And if we've got a minimum message length do we meet that requirement too? 238 else if(my_strlen($post['message']) < $mybb->settings['minmessagelength'] && $mybb->settings['minmessagelength'] > 0 && !is_moderator($post['fid'], "", $post['uid'])) 239 { 240 $this->set_error("message_too_short", array($mybb->settings['minmessagelength'])); 241 return false; 242 } 243 return true; 244 } 245 246 /** 247 * Verifies the specified post options are correct. 248 * 249 * @return boolean True 250 */ 251 function verify_options() 252 { 253 $options = &$this->data['options']; 254 255 // Verify yes/no options. 256 $this->verify_yesno_option($options, 'signature', 0); 257 $this->verify_yesno_option($options, 'disablesmilies', 0); 258 259 return true; 260 } 261 262 /** 263 * Verify that the user is not flooding the system. 264 * 265 * @return boolean True 266 */ 267 function verify_post_flooding() 268 { 269 global $mybb; 270 271 $post = &$this->data; 272 273 // Check if post flooding is enabled within MyBB or if the admin override option is specified. 274 if($mybb->settings['postfloodcheck'] == 1 && $post['uid'] != 0 && $this->admin_override == false) 275 { 276 if($this->verify_post_merge(true) !== true) 277 { 278 return true; 279 } 280 281 // Fetch the user information for this post - used to check their last post date. 282 $user = get_user($post['uid']); 283 284 // A little bit of calculation magic and moderator status checking. 285 if(TIME_NOW-$user['lastpost'] <= $mybb->settings['postfloodsecs'] && !is_moderator($post['fid'], "", $user['uid'])) 286 { 287 // Oops, user has been flooding - throw back error message. 288 $time_to_wait = ($mybb->settings['postfloodsecs'] - (TIME_NOW-$user['lastpost'])) + 1; 289 if($time_to_wait == 1) 290 { 291 $this->set_error("post_flooding_one_second"); 292 } 293 else 294 { 295 $this->set_error("post_flooding", array($time_to_wait)); 296 } 297 return false; 298 } 299 } 300 // All is well that ends well - return true. 301 return true; 302 } 303 304 function verify_post_merge($simple_mode=false) 305 { 306 global $mybb, $db, $session; 307 308 $post = &$this->data; 309 310 // Are we starting a new thread? 311 if(!$post['tid']) 312 { 313 return true; 314 } 315 316 // Are we even turned on? 317 if(empty($mybb->settings['postmergemins'])) 318 { 319 return true; 320 } 321 322 // Assign a default separator if none is specified 323 if(trim($mybb->settings['postmergesep']) == "") 324 { 325 $mybb->settings['postmergesep'] = "[hr]"; 326 } 327 328 // Check to see if this person is in a usergroup that is excluded 329 if(trim($mybb->settings['postmergeuignore']) != "") 330 { 331 $gids = explode(',', $mybb->settings['postmergeuignore']); 332 $gids = array_map('intval', $gids); 333 334 335 $user_usergroups = explode(',', $mybb->user['usergroup'].",".$mybb->user['additionalgroups']); 336 if(count(array_intersect($user_usergroups, $gids)) > 0) 337 { 338 return true; 339 } 340 } 341 342 // Select the lastpost and fid information for this thread 343 $query = $db->simple_select("threads", "lastpost,fid", "lastposteruid='".$post['uid']."' AND tid='".$post['tid']."'", array('limit' => '1')); 344 $thread = $db->fetch_array($query); 345 346 // Check to see if the same author has posted within the merge post time limit 347 if((intval($mybb->settings['postmergemins']) != 0 && trim($mybb->settings['postmergemins']) != "") && (TIME_NOW-$thread['lastpost']) > (intval($mybb->settings['postmergemins'])*60)) 348 { 349 return true; 350 } 351 352 if(strstr($mybb->settings['postmergefignore'], ',')) 353 { 354 $fids = explode(',', $mybb->settings['postmergefignore']); 355 foreach($fids as $key => $forumid) 356 { 357 $fid[] = intval($forumid); 358 } 359 360 if(in_array($thread['fid'], $fid)) 361 { 362 return true; 363 } 364 365 } 366 else if(trim($mybb->settings['postmergefignore']) != "" && $thread['fid'] == intval($mybb->settings['postmergefignore'])) 367 { 368 return true; 369 } 370 371 if($simple_mode == true) 372 { 373 return false; 374 } 375 376 if($post['uid']) 377 { 378 $user_check = "uid='".$post['uid']."'"; 379 } 380 else 381 { 382 $user_check = "ipaddress='".$db->escape_string($session->ipaddress)."'"; 383 } 384 385 $query = $db->simple_select("posts", "pid,message,visible,posthash", "{$user_check} AND tid='".$post['tid']."' AND dateline='".$thread['lastpost']."'", array('order_by' => 'pid', 'order_dir' => 'DESC', 'limit' => 1)); 386 return $db->fetch_array($query); 387 } 388 389 /** 390 * Verifies the image count. 391 * 392 * @return boolean True when valid, false when not valid. 393 */ 394 function verify_image_count() 395 { 396 global $mybb, $db; 397 398 $post = &$this->data; 399 400 // Get the permissions of the user who is making this post or thread 401 $permissions = user_permissions($post['uid']); 402 403 // Fetch the forum this post is being made in 404 if(!$post['fid']) 405 { 406 $query = $db->simple_select('posts', 'fid', "pid = '{$post['pid']}'"); 407 $post['fid'] = $db->fetch_field($query, 'fid'); 408 } 409 $forum = get_forum($post['fid']); 410 411 // Check if this post contains more images than the forum allows 412 if($post['savedraft'] != 1 && $mybb->settings['maxpostimages'] != 0 && $permissions['cancp'] != 1) 413 { 414 require_once MYBB_ROOT."inc/class_parser.php"; 415 $parser = new postParser; 416 417 // Parse the message. 418 $parser_options = array( 419 "allow_html" => $forum['allowhtml'], 420 "allow_mycode" => $forum['allowmycode'], 421 "allow_imgcode" => $forum['allowimgcode'], 422 "allow_videocode" => $forum['allowvideocode'], 423 "filter_badwords" => 1 424 ); 425 426 if($post['options']['disablesmilies'] != 1) 427 { 428 $parser_options['allow_smilies'] = $forum['allowsmilies']; 429 } 430 else 431 { 432 $parser_options['allow_smilies'] = 0; 433 } 434 435 $image_check = $parser->parse_message($post['message'], $parser_options); 436 437 // And count the number of image tags in the message. 438 $image_count = substr_count($image_check, "<img"); 439 if($image_count > $mybb->settings['maxpostimages']) 440 { 441 // Throw back a message if over the count with the number of images as well as the maximum number of images per post. 442 $this->set_error("too_many_images", array(1 => $image_count, 2 => $mybb->settings['maxpostimages'])); 443 return false; 444 } 445 } 446 } 447 448 /** 449 * Verifies the video count. 450 * 451 * @return boolean True when valid, false when not valid. 452 */ 453 function verify_video_count() 454 { 455 global $mybb, $db; 456 457 $post = &$this->data; 458 459 // Get the permissions of the user who is making this post or thread 460 $permissions = user_permissions($post['uid']); 461 462 // Check if this post contains more videos than the forum allows 463 if($post['savedraft'] != 1 && $mybb->settings['maxpostvideos'] != 0 && $permissions['cancp'] != 1) 464 { 465 // And count the number of video tags in the message. 466 $video_count = substr_count($post['message'], "[video]"); 467 if($video_count > $mybb->settings['maxpostvideos']) 468 { 469 // Throw back a message if over the count with the number of images as well as the maximum number of images per post. 470 $this->set_error("too_many_videos", array(1 => $video_count, 2 => $mybb->settings['maxpostvideos'])); 471 return false; 472 } 473 } 474 } 475 476 /** 477 * Verify the reply-to post. 478 * 479 * @return boolean True when valid, false when not valid. 480 */ 481 function verify_reply_to() 482 { 483 global $db; 484 $post = &$this->data; 485 486 // Check if the post being replied to actually exists in this thread. 487 if($post['replyto']) 488 { 489 $query = $db->simple_select("posts", "pid", "pid='".intval($post['replyto'])."'"); 490 $valid_post = $db->fetch_array($query); 491 if(!$valid_post['pid']) 492 { 493 $post['replyto'] = 0; 494 } 495 else 496 { 497 return true; 498 } 499 } 500 501 // If this post isn't a reply to a specific post, attach it to the first post. 502 if(!$post['replyto']) 503 { 504 $options = array( 505 "limit_start" => 0, 506 "limit" => 1, 507 "order_by" => "dateline", 508 "order_dir" => "asc" 509 ); 510 $query = $db->simple_select("posts", "pid", "tid='{$post['tid']}'", $options); 511 $reply_to = $db->fetch_array($query); 512 $post['replyto'] = $reply_to['pid']; 513 } 514 515 return true; 516 } 517 518 /** 519 * Verify the post icon. 520 * 521 * @return boolean True when valid, false when not valid. 522 */ 523 function verify_post_icon() 524 { 525 global $cache; 526 527 $post = &$this->data; 528 529 // If we don't assign it as 0. 530 if(!$post['icon'] || $post['icon'] < 0) 531 { 532 $post['icon'] = 0; 533 } 534 return true; 535 } 536 537 /** 538 * Verify the dateline. 539 * 540 * @return boolean True when valid, false when not valid. 541 */ 542 function verify_dateline() 543 { 544 $dateline = &$this->data['dateline']; 545 546 // The date has to be numeric and > 0. 547 if($dateline < 0 || is_numeric($dateline) == false) 548 { 549 $dateline = TIME_NOW; 550 } 551 } 552 553 /** 554 * Verify thread prefix. 555 * 556 * @return boolean True when valid, false when not valid. 557 */ 558 function verify_prefix() 559 { 560 $prefix = &$this->data['prefix']; 561 562 // If a valid prefix isn't supplied, don't assign one. 563 if(!$prefix || $prefix < 1) 564 { 565 $prefix = 0; 566 } 567 568 return true; 569 } 570 571 /** 572 * Validate a post. 573 * 574 * @return boolean True when valid, false when invalid. 575 */ 576 function validate_post() 577 { 578 global $mybb, $db, $plugins; 579 580 $post = &$this->data; 581 $time = TIME_NOW; 582 583 $this->action = "post"; 584 585 if($this->method != "update" && !$post['savedraft']) 586 { 587 $this->verify_post_flooding(); 588 } 589 590 // Verify all post assets. 591 592 if($this->method == "insert" || array_key_exists('uid', $post)) 593 { 594 $this->verify_author(); 595 } 596 597 if($this->method == "insert" || array_key_exists('subject', $post)) 598 { 599 $this->verify_subject(); 600 } 601 602 if($this->method == "insert" || array_key_exists('message', $post)) 603 { 604 $this->verify_message(); 605 $this->verify_image_count(); 606 $this->verify_video_count(); 607 } 608 609 if($this->method == "insert" || array_key_exists('dateline', $post)) 610 { 611 $this->verify_dateline(); 612 } 613 614 if($this->method == "insert" || array_key_exists('replyto', $post)) 615 { 616 $this->verify_reply_to(); 617 } 618 619 if($this->method == "insert" || array_key_exists('icon', $post)) 620 { 621 $this->verify_post_icon(); 622 } 623 624 if($this->method == "insert" || array_key_exists('options', $post)) 625 { 626 $this->verify_options(); 627 } 628 629 $plugins->run_hooks_by_ref("datahandler_post_validate_post", $this); 630 631 // We are done validating, return. 632 $this->set_validated(true); 633 if(count($this->get_errors()) > 0) 634 { 635 return false; 636 } 637 else 638 { 639 return true; 640 } 641 } 642 643 644 /** 645 * Insert a post into the database. 646 * 647 * @return array Array of new post details, pid and visibility. 648 */ 649 function insert_post() 650 { 651 global $db, $mybb, $plugins, $cache, $lang; 652 653 $post = &$this->data; 654 655 // Yes, validating is required. 656 if(!$this->get_validated()) 657 { 658 die("The post needs to be validated before inserting it into the DB."); 659 } 660 if(count($this->get_errors()) > 0) 661 { 662 die("The post is not valid."); 663 } 664 665 // Fetch the thread 666 $thread = get_thread($post['tid']); 667 668 // This post is being saved as a draft. 669 if($post['savedraft']) 670 { 671 $visible = -2; 672 } 673 674 // Otherwise this post is being made now and we have a bit to do. 675 else 676 { 677 // Automatic subscription to the thread 678 if($post['options']['subscriptionmethod'] != "" && $post['uid'] > 0) 679 { 680 switch($post['options']['subscriptionmethod']) 681 { 682 case "instant": 683 $notification = 1; 684 break; 685 default: 686 $notification = 0; 687 } 688 689 require_once MYBB_ROOT."inc/functions_user.php"; 690 add_subscribed_thread($post['tid'], $notification, $post['uid']); 691 } 692 693 // Perform any selected moderation tools. 694 if(is_moderator($post['fid'], "", $post['uid'])) 695 { 696 $lang->load($this->language_file, true); 697 698 $modoptions = $post['modoptions']; 699 $modlogdata['fid'] = $thread['fid']; 700 $modlogdata['tid'] = $thread['tid']; 701 702 // Close the thread. 703 if($modoptions['closethread'] == 1 && $thread['closed'] != 1) 704 { 705 $newclosed = "closed=1"; 706 log_moderator_action($modlogdata, $lang->thread_closed); 707 } 708 709 // Open the thread. 710 if($modoptions['closethread'] != 1 && $thread['closed'] == 1) 711 { 712 $newclosed = "closed=0"; 713 log_moderator_action($modlogdata, $lang->thread_opened); 714 } 715 716 // Stick the thread. 717 if($modoptions['stickthread'] == 1 && $thread['sticky'] != 1) 718 { 719 $newstick = "sticky='1'"; 720 log_moderator_action($modlogdata, $lang->thread_stuck); 721 } 722 723 // Unstick the thread. 724 if($modoptions['stickthread'] != 1 && $thread['sticky']) 725 { 726 $newstick = "sticky='0'"; 727 log_moderator_action($modlogdata, $lang->thread_unstuck); 728 } 729 730 // Execute moderation options. 731 if($newstick && $newclosed) 732 { 733 $sep = ","; 734 } 735 if($newstick || $newclosed) 736 { 737 $db->write_query(" 738 UPDATE ".TABLE_PREFIX."threads 739 SET {$newclosed}{$sep}{$newstick} 740 WHERE tid='{$thread['tid']}' 741 "); 742 } 743 } 744 745 // Fetch the forum this post is being made in 746 $forum = get_forum($post['fid']); 747 748 // Decide on the visibility of this post. 749 if($forum['modposts'] == 1 && !is_moderator($thread['fid'], "", $post['uid'])) 750 { 751 $visible = 0; 752 } 753 else 754 { 755 $visible = 1; 756 } 757 758 // Are posts from this user being moderated? Change visibility 759 if($mybb->user['uid'] == $post['uid'] && $mybb->user['moderateposts'] == 1) 760 { 761 $visible = 0; 762 } 763 } 764 765 $post['pid'] = intval($post['pid']); 766 $post['uid'] = intval($post['uid']); 767 768 if($post['pid'] > 0) 769 { 770 $query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'"); 771 $draft_check = $db->fetch_field($query, "tid"); 772 } 773 else 774 { 775 $draft_check = false; 776 } 777 778 if($this->method != "update" && $visible == 1) 779 { 780 $double_post = $this->verify_post_merge(); 781 782 // Only combine if they are both invisible (mod queue'd forum) or both visible 783 if($double_post !== true && $double_post['visible'] == $visible) 784 { 785 $this->pid = $double_post['pid']; 786 787 $post['message'] = $double_post['message'] .= $mybb->settings['postmergesep']."\n".$post['message']; 788 $update_query = array( 789 "message" => $db->escape_string($double_post['message']) 790 ); 791 $update_query['edituid'] = intval($post['uid']); 792 $update_query['edittime'] = TIME_NOW; 793 $query = $db->update_query("posts", $update_query, "pid='".$double_post['pid']."'"); 794 795 if($draft_check) 796 { 797 $db->delete_query("posts", "pid='".$post['pid']."'"); 798 } 799 800 // Assign any uploaded attachments with the specific posthash to the merged post. 801 if($double_post['posthash']) 802 { 803 $post['posthash'] = $db->escape_string($post['posthash']); 804 $double_post['posthash'] = $db->escape_string($double_post['posthash']); 805 806 $query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='0' AND visible='1' AND posthash='{$post['posthash']}'"); 807 $attachmentcount = $db->fetch_field($query, "attachmentcount"); 808 809 if($attachmentcount > 0) 810 { 811 // Update forum count 812 update_thread_counters($post['tid'], array('attachmentcount' => "+{$attachmentcount}")); 813 } 814 815 $attachmentassign = array( 816 "pid" => $double_post['pid'], 817 "posthash" => $double_post['posthash'], 818 ); 819 $db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}'"); 820 821 $post['posthash'] = $double_post['posthash']; 822 } 823 824 // Return the post's pid and whether or not it is visible. 825 return array( 826 "pid" => $double_post['pid'], 827 "visible" => $visible 828 ); 829 } 830 } 831 832 if($visible == 1 && $thread['visible'] == 1) 833 { 834 $now = TIME_NOW; 835 836 // Yes, the value to the lastpost key in this array has single quotes within double quotes. It's not a bug. 837 $update_array = array( 838 'lastpost' => "'{$now}'" 839 ); 840 if($forum['usepostcounts'] != 0) 841 { 842 $update_array['postnum'] = 'postnum+1'; 843 } 844 845 $db->update_query("users", $update_array, "uid='{$post['uid']}'", 1, true); 846 } 847 848 // Are we updating a post which is already a draft? Perhaps changing it into a visible post? 849 if($draft_check) 850 { 851 // Update a post that is a draft 852 $this->post_update_data = array( 853 "subject" => $db->escape_string($post['subject']), 854 "icon" => intval($post['icon']), 855 "uid" => $post['uid'], 856 "username" => $db->escape_string($post['username']), 857 "dateline" => intval($post['dateline']), 858 "message" => $db->escape_string($post['message']), 859 "ipaddress" => $db->escape_string($post['ipaddress']), 860 "longipaddress" => intval(my_ip2long($post['ipaddress'])), 861 "includesig" => $post['options']['signature'], 862 "smilieoff" => $post['options']['disablesmilies'], 863 "visible" => $visible, 864 "posthash" => $db->escape_string($post['posthash']) 865 ); 866 867 $plugins->run_hooks_by_ref("datahandler_post_insert_post", $this); 868 869 $db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'"); 870 $this->pid = $post['pid']; 871 } 872 else 873 { 874 // Insert the post. 875 $this->post_insert_data = array( 876 "tid" => intval($post['tid']), 877 "replyto" => intval($post['replyto']), 878 "fid" => intval($post['fid']), 879 "subject" => $db->escape_string($post['subject']), 880 "icon" => intval($post['icon']), 881 "uid" => $post['uid'], 882 "username" => $db->escape_string($post['username']), 883 "dateline" => $post['dateline'], 884 "message" => $db->escape_string($post['message']), 885 "ipaddress" => $db->escape_string($post['ipaddress']), 886 "longipaddress" => intval(my_ip2long($post['ipaddress'])), 887 "includesig" => $post['options']['signature'], 888 "smilieoff" => $post['options']['disablesmilies'], 889 "visible" => $visible, 890 "posthash" => $db->escape_string($post['posthash']) 891 ); 892 893 $plugins->run_hooks_by_ref("datahandler_post_insert_post", $this); 894 895 $this->pid = $db->insert_query("posts", $this->post_insert_data); 896 } 897 898 // Assign any uploaded attachments with the specific posthash to the newly created post. 899 if($post['posthash']) 900 { 901 $post['posthash'] = $db->escape_string($post['posthash']); 902 $attachmentassign = array( 903 "pid" => $this->pid 904 ); 905 $db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}'"); 906 } 907 908 if($visible == 1 && $thread['visible'] == 1) 909 { 910 $thread = get_thread($post['tid']); 911 require_once MYBB_ROOT.'inc/class_parser.php'; 912 $parser = new Postparser; 913 914 $done_users = array(); 915 916 $subject = $parser->parse_badwords($thread['subject']); 917 $excerpt = $parser->text_parse_message($post['message'], array('me_username' => $post['username'], 'filter_badwords' => 1, 'safe_html' => 1)); 918 $excerpt = my_substr($excerpt, 0, $mybb->settings['subscribeexcerpt']).$lang->emailbit_viewthread; 919 920 // Fetch any users subscribed to this thread receiving instant notification and queue up their subscription notices 921 $query = $db->query(" 922 SELECT u.username, u.email, u.uid, u.language, u.loginkey, u.salt, u.regdate, s.subscriptionkey 923 FROM ".TABLE_PREFIX."threadsubscriptions s 924 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=s.uid) 925 WHERE s.notification='1' AND s.tid='{$post['tid']}' 926 AND s.uid != '{$post['uid']}' 927 AND u.lastactive>'{$thread['lastpost']}' 928 "); 929 while($subscribedmember = $db->fetch_array($query)) 930 { 931 if($done_users[$subscribedmember['uid']]) 932 { 933 continue; 934 } 935 $done_users[$subscribedmember['uid']] = 1; 936 937 $forumpermissions = forum_permissions($thread['fid'], $subscribedmember['uid']); 938 if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) 939 { 940 continue; 941 } 942 943 if($thread['uid'] != $subscribedmember['uid'] && $forumpermissions['canonlyviewownthread'] == 1 && !is_moderator($thread['fid'], "", $subscribedmember['uid'])) 944 { 945 // User isn't a moderator or the author of the thread... 946 continue; 947 } 948 949 if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language'])) 950 { 951 $uselang = $subscribedmember['language']; 952 } 953 elseif($mybb->settings['orig_bblanguage']) 954 { 955 $uselang = $mybb->settings['orig_bblanguage']; 956 } 957 else 958 { 959 $uselang = "english"; 960 } 961 962 if($uselang == $mybb->settings['bblanguage']) 963 { 964 $emailsubject = $lang->emailsubject_subscription; 965 $emailmessage = $lang->email_subscription; 966 } 967 else 968 { 969 if(!isset($langcache[$uselang]['emailsubject_subscription'])) 970 { 971 $userlang = new MyLanguage; 972 $userlang->set_path(MYBB_ROOT."inc/languages"); 973 $userlang->set_language($uselang); 974 $userlang->load("messages"); 975 $langcache[$uselang]['emailsubject_subscription'] = $userlang->emailsubject_subscription; 976 $langcache[$uselang]['email_subscription'] = $userlang->email_subscription; 977 unset($userlang); 978 } 979 $emailsubject = $langcache[$uselang]['emailsubject_subscription']; 980 $emailmessage = $langcache[$uselang]['email_subscription']; 981 } 982 $emailsubject = $lang->sprintf($emailsubject, $subject); 983 984 $post_code = md5($subscribedmember['loginkey'].$subscribedmember['salt'].$subscribedmember['regdate']); 985 $emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $post['username'], $mybb->settings['bbname'], $subject, $excerpt, $mybb->settings['bburl'], str_replace("&", "&", get_thread_link($thread['tid'], 0, "newpost")), $thread['tid'], $subscribedmember['subscriptionkey'], $post_code); 986 $new_email = array( 987 "mailto" => $db->escape_string($subscribedmember['email']), 988 "mailfrom" => '', 989 "subject" => $db->escape_string($emailsubject), 990 "message" => $db->escape_string($emailmessage), 991 "headers" => '' 992 ); 993 $db->insert_query("mailqueue", $new_email); 994 unset($userlang); 995 $queued_email = 1; 996 } 997 // Have one or more emails been queued? Update the queue count 998 if($queued_email == 1) 999 { 1000 $cache->update_mailqueue(); 1001 } 1002 $thread_update['replies'] = "+1"; 1003 1004 // Update forum count 1005 update_thread_counters($post['tid'], $thread_update); 1006 update_forum_counters($post['fid'], array("posts" => "+1")); 1007 } 1008 // Post is stuck in moderation queue 1009 else if($visible == 0) 1010 { 1011 // Update the unapproved posts count for the current thread and current forum 1012 update_thread_counters($post['tid'], array("unapprovedposts" => "+1")); 1013 update_forum_counters($post['fid'], array("unapprovedposts" => "+1")); 1014 } 1015 else if($thread['visible'] == 0) 1016 { 1017 // Update the unapproved posts count for the current forum 1018 update_thread_counters($post['tid'], array("replies" => "+1")); 1019 update_forum_counters($post['fid'], array("unapprovedposts" => "+1")); 1020 } 1021 1022 // Return the post's pid and whether or not it is visible. 1023 return array( 1024 "pid" => $this->pid, 1025 "visible" => $visible 1026 ); 1027 } 1028 1029 /** 1030 * Validate a thread. 1031 * 1032 * @return boolean True when valid, false when invalid. 1033 */ 1034 function validate_thread() 1035 { 1036 global $mybb, $db, $plugins; 1037 1038 $thread = &$this->data; 1039 1040 // Validate all thread assets. 1041 1042 if(!$thread['savedraft']) 1043 { 1044 $this->verify_post_flooding(); 1045 } 1046 1047 if($this->method == "insert" || array_key_exists('uid', $thread)) 1048 { 1049 $this->verify_author(); 1050 } 1051 1052 if($this->method == "insert" || array_key_exists('prefix', $thread)) 1053 { 1054 $this->verify_prefix(); 1055 } 1056 1057 if($this->method == "insert" || array_key_exists('subject', $thread)) 1058 { 1059 $this->verify_subject(); 1060 } 1061 1062 if($this->method == "insert" || array_key_exists('message', $thread)) 1063 { 1064 $this->verify_message(); 1065 $this->verify_image_count(); 1066 $this->verify_video_count(); 1067 } 1068 1069 if($this->method == "insert" || array_key_exists('dateline', $thread)) 1070 { 1071 $this->verify_dateline(); 1072 } 1073 1074 if($this->method == "insert" || array_key_exists('icon', $thread)) 1075 { 1076 $this->verify_post_icon(); 1077 } 1078 1079 if($this->method == "insert" || array_key_exists('options', $thread)) 1080 { 1081 $this->verify_options(); 1082 } 1083 1084 $plugins->run_hooks_by_ref("datahandler_post_validate_thread", $this); 1085 1086 // We are done validating, return. 1087 $this->set_validated(true); 1088 if(count($this->get_errors()) > 0) 1089 { 1090 return false; 1091 } 1092 else 1093 { 1094 return true; 1095 } 1096 } 1097 1098 /** 1099 * Insert a thread into the database. 1100 * 1101 * @return array Array of new thread details, tid and visibility. 1102 */ 1103 function insert_thread() 1104 { 1105 global $db, $mybb, $plugins, $cache, $lang; 1106 1107 // Yes, validating is required. 1108 if(!$this->get_validated()) 1109 { 1110 die("The thread needs to be validated before inserting it into the DB."); 1111 } 1112 if(count($this->get_errors()) > 0) 1113 { 1114 die("The thread is not valid."); 1115 } 1116 1117 $thread = &$this->data; 1118 1119 // Fetch the forum this thread is being made in 1120 $forum = get_forum($thread['fid']); 1121 1122 // This thread is being saved as a draft. 1123 if($thread['savedraft']) 1124 { 1125 $visible = -2; 1126 } 1127 1128 // Thread is being made now and we have a bit to do. 1129 else 1130 { 1131 1132 // Decide on the visibility of this post. 1133 if(($forum['modthreads'] == 1 || $forum['modposts'] == 1) && !is_moderator($thread['fid'], "", $thread['uid'])) 1134 { 1135 $visible = 0; 1136 } 1137 else 1138 { 1139 $visible = 1; 1140 } 1141 1142 // Are posts from this user being moderated? Change visibility 1143 if($mybb->user['uid'] == $thread['uid'] && $mybb->user['moderateposts'] == 1) 1144 { 1145 $visible = 0; 1146 } 1147 } 1148 1149 // Have a post ID but not a thread ID - fetch thread ID 1150 if($thread['pid'] && !$thread['tid']) 1151 { 1152 $query = $db->simple_select("posts", "tid", "pid='{$thread['pid']}"); 1153 $thread['tid'] = $db->fetch_field($query, "tid"); 1154 } 1155 1156 if($thread['pid'] > 0) 1157 { 1158 $query = $db->simple_select("posts", "pid", "pid='{$thread['pid']}' AND uid='{$thread['uid']}' AND visible='-2'"); 1159 $draft_check = $db->fetch_field($query, "pid"); 1160 } 1161 else 1162 { 1163 $draft_check = false; 1164 } 1165 1166 // Are we updating a post which is already a draft? Perhaps changing it into a visible post? 1167 if($draft_check) 1168 { 1169 $this->thread_insert_data = array( 1170 "subject" => $db->escape_string($thread['subject']), 1171 "icon" => intval($thread['icon']), 1172 "username" => $db->escape_string($thread['username']), 1173 "dateline" => intval($thread['dateline']), 1174 "lastpost" => intval($thread['dateline']), 1175 "lastposter" => $db->escape_string($thread['username']), 1176 "visible" => $visible 1177 ); 1178 1179 $plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this); 1180 1181 $db->update_query("threads", $this->thread_insert_data, "tid='{$thread['tid']}'"); 1182 1183 $this->post_insert_data = array( 1184 "subject" => $db->escape_string($thread['subject']), 1185 "icon" => intval($thread['icon']), 1186 "username" => $db->escape_string($thread['username']), 1187 "dateline" => intval($thread['dateline']), 1188 "message" => $db->escape_string($thread['message']), 1189 "ipaddress" => $db->escape_string(get_ip()), 1190 "includesig" => $thread['options']['signature'], 1191 "smilieoff" => $thread['options']['disablesmilies'], 1192 "visible" => $visible, 1193 "posthash" => $db->escape_string($thread['posthash']) 1194 ); 1195 $plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this); 1196 1197 $db->update_query("posts", $this->post_insert_data, "pid='{$thread['pid']}'"); 1198 $this->tid = $thread['tid']; 1199 $this->pid = $thread['pid']; 1200 } 1201 1202 // Inserting a new thread into the database. 1203 else 1204 { 1205 $this->thread_insert_data = array( 1206 "fid" => $thread['fid'], 1207 "subject" => $db->escape_string($thread['subject']), 1208 "prefix" => intval($thread['prefix']), 1209 "icon" => intval($thread['icon']), 1210 "uid" => $thread['uid'], 1211 "username" => $db->escape_string($thread['username']), 1212 "dateline" => intval($thread['dateline']), 1213 "lastpost" => intval($thread['dateline']), 1214 "lastposter" => $db->escape_string($thread['username']), 1215 "views" => 0, 1216 "replies" => 0, 1217 "visible" => $visible, 1218 "notes" => '' 1219 ); 1220 1221 $plugins->run_hooks_by_ref("datahandler_post_insert_thread", $this); 1222 1223 $this->tid = $db->insert_query("threads", $this->thread_insert_data); 1224 1225 $this->post_insert_data = array( 1226 "tid" => $this->tid, 1227 "fid" => $thread['fid'], 1228 "subject" => $db->escape_string($thread['subject']), 1229 "icon" => intval($thread['icon']), 1230 "uid" => $thread['uid'], 1231 "username" => $db->escape_string($thread['username']), 1232 "dateline" => intval($thread['dateline']), 1233 "message" => $db->escape_string($thread['message']), 1234 "ipaddress" => $db->escape_string(get_ip()), 1235 "longipaddress" => intval(my_ip2long(get_ip())), 1236 "includesig" => $thread['options']['signature'], 1237 "smilieoff" => $thread['options']['disablesmilies'], 1238 "visible" => $visible, 1239 "posthash" => $db->escape_string($thread['posthash']) 1240 ); 1241 $plugins->run_hooks_by_ref("datahandler_post_insert_thread_post", $this); 1242 1243 $this->pid = $db->insert_query("posts", $this->post_insert_data); 1244 1245 // Now that we have the post id for this first post, update the threads table. 1246 $firstpostup = array("firstpost" => $this->pid); 1247 $db->update_query("threads", $firstpostup, "tid='{$this->tid}'"); 1248 } 1249 1250 // If we're not saving a draft there are some things we need to check now 1251 if(!$thread['savedraft']) 1252 { 1253 if($thread['options']['subscriptionmethod'] != "" && $thread['uid'] > 0) 1254 { 1255 switch($thread['options']['subscriptionmethod']) 1256 { 1257 case "instant": 1258 $notification = 1; 1259 break; 1260 default: 1261 $notification = 0; 1262 } 1263 1264 require_once MYBB_ROOT."inc/functions_user.php"; 1265 add_subscribed_thread($this->tid, $notification, $thread['uid']); 1266 } 1267 1268 // Perform any selected moderation tools. 1269 if(is_moderator($thread['fid'], "", $thread['uid']) && is_array($thread['modoptions'])) 1270 { 1271 $lang->load($this->language_file, true); 1272 1273 $modoptions = $thread['modoptions']; 1274 $modlogdata['fid'] = $this->tid; 1275 $modlogdata['tid'] = $thread['tid']; 1276 1277 // Close the thread. 1278 if($modoptions['closethread'] == 1) 1279 { 1280 $newclosed = "closed=1"; 1281 log_moderator_action($modlogdata, $lang->thread_closed); 1282 } 1283 1284 // Stick the thread. 1285 if($modoptions['stickthread'] == 1) 1286 { 1287 $newstick = "sticky='1'"; 1288 log_moderator_action($modlogdata, $lang->thread_stuck); 1289 } 1290 1291 // Execute moderation options. 1292 if($newstick && $newclosed) 1293 { 1294 $sep = ","; 1295 } 1296 if($newstick || $newclosed) 1297 { 1298 $db->write_query(" 1299 UPDATE ".TABLE_PREFIX."threads 1300 SET $newclosed$sep$newstick 1301 WHERE tid='{$this->tid}' 1302 "); 1303 } 1304 } 1305 if($visible == 1) 1306 { 1307 // If we have a registered user then update their post count and last post times. 1308 if($thread['uid'] > 0) 1309 { 1310 $user = get_user($thread['uid']); 1311 $update_query = array(); 1312 // Only update the lastpost column of the user if the date of the thread is newer than their last post. 1313 if($thread['dateline'] > $user['lastpost']) 1314 { 1315 // Yes this has a single quote within a double quote. It's not a bug. 1316 $update_query['lastpost'] = "'{$thread['dateline']}'"; 1317 } 1318 // Update the post count if this forum allows post counts to be tracked 1319 if($forum['usepostcounts'] != 0) 1320 { 1321 $update_query['postnum'] = "postnum+1"; 1322 } 1323 1324 // Only update the table if we need to. 1325 if(!empty($update_query)) 1326 { 1327 $db->update_query("users", $update_query, "uid='{$thread['uid']}'", 1, true); 1328 } 1329 } 1330 1331 if(!$forum['lastpost']) 1332 { 1333 $forum['lastpost'] = 0; 1334 } 1335 1336 $done_users = array(); 1337 1338 // Queue up any forum subscription notices to users who are subscribed to this forum. 1339 $excerpt = my_substr($thread['message'], 0, $mybb->settings['subscribeexcerpt']).$lang->emailbit_viewthread; 1340 1341 // Parse badwords 1342 require_once MYBB_ROOT."inc/class_parser.php"; 1343 $parser = new postParser; 1344 $excerpt = $parser->parse_badwords($excerpt); 1345 1346 $query = $db->query(" 1347 SELECT u.username, u.email, u.uid, u.language, u.loginkey, u.salt, u.regdate 1348 FROM ".TABLE_PREFIX."forumsubscriptions fs 1349 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=fs.uid) 1350 LEFT JOIN ".TABLE_PREFIX."usergroups g ON (g.gid=u.usergroup) 1351 WHERE fs.fid='".intval($thread['fid'])."' 1352 AND fs.uid != '".intval($thread['uid'])."' 1353 AND u.lastactive > '{$forum['lastpost']}' 1354 AND g.isbannedgroup != 1 1355 "); 1356 while($subscribedmember = $db->fetch_array($query)) 1357 { 1358 if($done_users[$subscribedmember['uid']]) 1359 { 1360 continue; 1361 } 1362 $done_users[$subscribedmember['uid']] = 1; 1363 1364 $forumpermissions = forum_permissions($thread['fid'], $subscribedmember['uid']); 1365 if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) 1366 { 1367 continue; 1368 } 1369 1370 if(!is_moderator($thread['fid'], "", $subscribedmember['uid']) && $forumpermissions['canonlyviewownthreads'] == 1) 1371 { 1372 // In a 'view own only' forum and not a moderator 1373 continue; 1374 } 1375 1376 // Determine the language pack we'll be using to send this email in and load it if it isn't already. 1377 if($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language'])) 1378 { 1379 $uselang = $subscribedmember['language']; 1380 } 1381 else if($mybb->settings['bblanguage']) 1382 { 1383 $uselang = $mybb->settings['bblanguage']; 1384 } 1385 else 1386 { 1387 $uselang = "english"; 1388 } 1389 1390 if($uselang == $mybb->settings['bblanguage']) 1391 { 1392 $emailsubject = $lang->emailsubject_forumsubscription; 1393 $emailmessage = $lang->email_forumsubscription; 1394 } 1395 else 1396 { 1397 if(!isset($langcache[$uselang]['emailsubject_forumsubscription'])) 1398 { 1399 $userlang = new MyLanguage; 1400 $userlang->set_path(MYBB_ROOT."inc/languages"); 1401 $userlang->set_language($uselang); 1402 $userlang->load("messages"); 1403 $langcache[$uselang]['emailsubject_forumsubscription'] = $userlang->emailsubject_forumsubscription; 1404 $langcache[$uselang]['email_forumsubscription'] = $userlang->email_forumsubscription; 1405 unset($userlang); 1406 } 1407 $emailsubject = $langcache[$uselang]['emailsubject_forumsubscription']; 1408 $emailmessage = $langcache[$uselang]['email_forumsubscription']; 1409 } 1410 $emailsubject = $lang->sprintf($emailsubject, $forum['name']); 1411 1412 $post_code = md5($subscribedmember['loginkey'].$subscribedmember['salt'].$subscribedmember['regdate']); 1413 $emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $thread['username'], $forum['name'], $mybb->settings['bbname'], $thread['subject'], $excerpt, $mybb->settings['bburl'], get_thread_link($this->tid), $thread['fid'], $post_code); 1414 $new_email = array( 1415 "mailto" => $db->escape_string($subscribedmember['email']), 1416 "mailfrom" => '', 1417 "subject" => $db->escape_string($emailsubject), 1418 "message" => $db->escape_string($emailmessage), 1419 "headers" => '' 1420 ); 1421 $db->insert_query("mailqueue", $new_email); 1422 unset($userlang); 1423 $queued_email = 1; 1424 } 1425 // Have one or more emails been queued? Update the queue count 1426 if($queued_email == 1) 1427 { 1428 $cache->update_mailqueue(); 1429 } 1430 } 1431 } 1432 1433 // Assign any uploaded attachments with the specific posthash to the newly created post. 1434 if($thread['posthash']) 1435 { 1436 $thread['posthash'] = $db->escape_string($thread['posthash']); 1437 $attachmentassign = array( 1438 "pid" => $this->pid 1439 ); 1440 $db->update_query("attachments", $attachmentassign, "posthash='{$thread['posthash']}'"); 1441 } 1442 1443 if($visible == 1) 1444 { 1445 update_thread_data($this->tid); 1446 update_forum_counters($thread['fid'], array("threads" => "+1", "posts" => "+1")); 1447 } 1448 else if($visible == 0) 1449 { 1450 update_thread_data($this->tid); 1451 update_thread_counters($this->tid, array("replies" => 0)); 1452 update_forum_counters($thread['fid'], array("unapprovedthreads" => "+1", "unapprovedposts" => "+1")); 1453 } 1454 1455 $query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='{$this->pid}' AND visible='1'"); 1456 $attachmentcount = $db->fetch_field($query, "attachmentcount"); 1457 if($attachmentcount > 0) 1458 { 1459 update_thread_counters($this->tid, array("attachmentcount" => "+{$attachmentcount}")); 1460 } 1461 1462 // Return the post's pid and whether or not it is visible. 1463 return array( 1464 "pid" => $this->pid, 1465 "tid" => $this->tid, 1466 "visible" => $visible 1467 ); 1468 } 1469 1470 /** 1471 * Updates a post that is already in the database. 1472 * 1473 */ 1474 function update_post() 1475 { 1476 global $db, $mybb, $plugins; 1477 1478 // Yes, validating is required. 1479 if($this->get_validated() != true) 1480 { 1481 die("The post needs to be validated before inserting it into the DB."); 1482 } 1483 if(count($this->get_errors()) > 0) 1484 { 1485 die("The post is not valid."); 1486 } 1487 1488 $post = &$this->data; 1489 1490 $post['pid'] = intval($post['pid']); 1491 1492 $existing_post = get_post($post['pid']); 1493 $post['tid'] = $existing_post['tid']; 1494 $post['fid'] = $existing_post['fid']; 1495 1496 $forum = get_forum($post['fid']); 1497 1498 // Decide on the visibility of this post. 1499 if(isset($post['visible']) && $post['visible'] != $existing_post['visible']) 1500 { 1501 if($forum['mod_edit_posts'] == 1 && !is_moderator($post['fid'], "", $post['uid'])) 1502 { 1503 if($existing_post['visible'] == 1) 1504 { 1505 update_thread_data($existing_post['tid']); 1506 update_thread_counters($existing_post['tid'], array('replies' => '-1', 'unapprovedposts' => '+1')); 1507 update_forum_counters($existing_post['fid'], array('unapprovedthreads' => '+1', 'unapprovedposts' => '+1')); 1508 1509 // Subtract from the users post count 1510 // Update the post count if this forum allows post counts to be tracked 1511 if($forum['usepostcounts'] != 0) 1512 { 1513 $db->write_query("UPDATE ".TABLE_PREFIX."users SET postnum=postnum-1 WHERE uid='{$existing_post['uid']}'"); 1514 } 1515 } 1516 $visible = 0; 1517 } 1518 else 1519 { 1520 if($existing_post['visible'] == 0) 1521 { 1522 update_thread_data($existing_post['tid']); 1523 update_thread_counters($existing_post['tid'], array('replies' => '+1', 'unapprovedposts' => '-1')); 1524 update_forum_counters($existing_post['fid'], array('unapprovedthreads' => '-1', 'unapprovedposts' => '-1')); 1525 1526 // Update the post count if this forum allows post counts to be tracked 1527 if($forum['usepostcounts'] != 0) 1528 { 1529 $db->write_query("UPDATE ".TABLE_PREFIX."users SET postnum=postnum+1 WHERE uid='{$existing_post['uid']}'"); 1530 } 1531 } 1532 $visible = 1; 1533 } 1534 } 1535 else 1536 { 1537 $visible = 0; 1538 if($forum['mod_edit_posts'] != 1 || is_moderator($post['fid'], "", $post['uid'])) 1539 { 1540 $visible = 1; 1541 } 1542 } 1543 1544 // Check if this is the first post in a thread. 1545 $options = array( 1546 "order_by" => "dateline", 1547 "order_dir" => "asc", 1548 "limit_start" => 0, 1549 "limit" => 1 1550 ); 1551 $query = $db->simple_select("posts", "pid", "tid='".intval($post['tid'])."'", $options); 1552 $first_post_check = $db->fetch_array($query); 1553 if($first_post_check['pid'] == $post['pid']) 1554 { 1555 $first_post = true; 1556 } 1557 else 1558 { 1559 $first_post = false; 1560 } 1561 1562 if($existing_post['visible'] == 0) 1563 { 1564 $visible = 0; 1565 } 1566 1567 // Update the thread details that might have been changed first. 1568 if($first_post) 1569 { 1570 $this->tid = $post['tid']; 1571 1572 $this->thread_update_data['visible'] = $visible; 1573 1574 if(isset($post['prefix'])) 1575 { 1576 $this->thread_update_data['prefix'] = intval($post['prefix']); 1577 } 1578 1579 if(isset($post['subject'])) 1580 { 1581 $this->thread_update_data['subject'] = $db->escape_string($post['subject']); 1582 } 1583 1584 if(isset($post['icon'])) 1585 { 1586 $this->thread_update_data['icon'] = intval($post['icon']); 1587 } 1588 if(count($this->thread_update_data) > 0) 1589 { 1590 $plugins->run_hooks_by_ref("datahandler_post_update_thread", $this); 1591 1592 $db->update_query("threads", $this->thread_update_data, "tid='".intval($post['tid'])."'"); 1593 } 1594 } 1595 1596 // Prepare array for post updating. 1597 1598 $this->pid = $post['pid']; 1599 1600 if(isset($post['subject'])) 1601 { 1602 $this->post_update_data['subject'] = $db->escape_string($post['subject']); 1603 } 1604 1605 if(isset($post['message'])) 1606 { 1607 $this->post_update_data['message'] = $db->escape_string($post['message']); 1608 } 1609 1610 if(isset($post['icon'])) 1611 { 1612 $this->post_update_data['icon'] = intval($post['icon']); 1613 } 1614 1615 if(isset($post['options'])) 1616 { 1617 if(isset($post['options']['disablesmilies'])) 1618 { 1619 $this->post_update_data['smilieoff'] = $db->escape_string($post['options']['disablesmilies']); 1620 } 1621 if(isset($post['options']['signature'])) 1622 { 1623 $this->post_update_data['includesig'] = $db->escape_string($post['options']['signature']); 1624 } 1625 } 1626 1627 // If we need to show the edited by, let's do so. 1628 if(($mybb->settings['showeditedby'] == 1 && !is_moderator($post['fid'], "caneditposts", $post['edit_uid'])) || ($mybb->settings['showeditedbyadmin'] == 1 && is_moderator($post['fid'], "caneditposts", $post['edit_uid']))) 1629 { 1630 $this->post_update_data['edituid'] = intval($post['edit_uid']); 1631 $this->post_update_data['edittime'] = TIME_NOW; 1632 } 1633 1634 $this->post_update_data['visible'] = $visible; 1635 1636 $plugins->run_hooks_by_ref("datahandler_post_update", $this); 1637 1638 $db->update_query("posts", $this->post_update_data, "pid='".intval($post['pid'])."'"); 1639 1640 // Automatic subscription to the thread 1641 if($post['options']['subscriptionmethod'] != "" && $post['uid'] > 0) 1642 { 1643 switch($post['options']['subscriptionmethod']) 1644 { 1645 case "instant": 1646 $notification = 1; 1647 break; 1648 default: 1649 $notification = 0; 1650 } 1651 require_once MYBB_ROOT."inc/functions_user.php"; 1652 add_subscribed_thread($post['tid'], $notification, $post['uid']); 1653 } 1654 else 1655 { 1656 $db->delete_query("threadsubscriptions", "uid='".intval($post['uid'])."' AND tid='".intval($post['tid'])."'"); 1657 } 1658 1659 update_forum_lastpost($post['fid']); 1660 1661 return array( 1662 'visible' => $visible, 1663 'first_post' => $first_post 1664 ); 1665 } 1666 } 1667 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sun Dec 11 14:16:27 2011 | Cross-referenced by PHPXref 0.7.1 |