edit_post.php

国外非常不错的论坛

<?php

/*
	Copyright (C) 2003-2005 UseBB Team
	http://www.usebb.net
	
	$Header: /cvsroot/usebb/UseBB/sources/edit_post.php,v 1.34 2005/08/13 11:36:09 pc_freak Exp $
	
	This file is part of UseBB.
	
	UseBB is free software; you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation; either version 2 of the License, or
	(at your option) any later version.
	
	UseBB is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.
	
	You should have received a copy of the GNU General Public License
	along with UseBB; if not, write to the Free Software
	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
*/

//
// Die when called directly in browser
//
if ( !defined('INCLUDED') )
	exit();

//
// Edit posts
//
if ( !isset($_GET['act']) ) {
	
	$session->update('editpost:'.$_GET['post']);
	
	//
	// Include the page header
	//
	require(ROOT_PATH.'sources/page_head.php');
	
	//
	// Get info about the post
	//
	$result = $db->query("SELECT p.id, p.poster_id, p.poster_guest, p.content, p.enable_bbcode, p.enable_smilies, p.enable_sig, p.enable_html, u.displayed_name AS poster_name, u.level AS poster_level, u.signature, f.auth, f.id AS forum_id, f.name AS forum_name, t.id AS topic_id, t.topic_title, t.first_post_id FROM ( ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."members u ON p.poster_id = u.id ), ".TABLE_PREFIX."topics t, ".TABLE_PREFIX."forums f WHERE t.id = p.topic_id AND f.id = t.forum_id AND p.id = ".$_GET['post']);
	$postdata = $db->fetch_result($result);
	
	if ( !$postdata['id'] ) {
		
		//
		// This post does not exist
		//
		header($_SERVER['SERVER_PROTOCOL'].' 404 Not Found');
		$template->set_page_title($lang['Error']);
		$template->parse('msgbox', 'global', array(
			'box_title' => $lang['Error'],
			'content' => sprintf($lang['NoSuchPost'], 'ID '.$_GET['post'])
		));
		
	} else {
		
		//
		// Only if the user can edit posts
		//
		if ( $session->sess_info['user_id'] && ( $postdata['poster_id'] == $session->sess_info['user_id'] || $functions->auth($postdata['auth'], 'edit', $postdata['forum_id']) ) && $postdata['poster_level'] <= $session->sess_info['user_info']['level'] ) {
			
			$_POST['poster_guest'] = ( !empty($_POST['poster_guest']) ) ? preg_replace('#\s+#', '_', $_POST['poster_guest']) : '';
			if ( ( $postdata['poster_id'] || ( !empty($_POST['poster_guest']) && preg_match(USER_PREG, $_POST['poster_guest']) && strlen($_POST['poster_guest']) <= $functions->get_config('username_max_length') ) ) && ( $postdata['first_post_id'] != $_GET['post'] || !empty($_POST['topic_title']) ) && !empty($_POST['content']) && empty($_POST['preview']) ) {
				
				$update_poster_guest = ( !$postdata['poster_id'] ) ? ", poster_guest = '".$_POST['poster_guest']."'" : '';
				$enable_bbcode = ( !empty($_POST['enable_bbcode']) ) ? 1 : 0;
				$enable_smilies = ( !empty($_POST['enable_smilies']) ) ? 1 : 0;
				$enable_sig = ( $postdata['poster_id'] && !empty($postdata['signature']) && !empty($_POST['enable_sig']) ) ? 1 : 0;
				$enable_html = ( $functions->auth($postdata['auth'], 'html', $postdata['forum_id']) && !empty($_POST['enable_html']) ) ? 1 : 0;
				
				$result = $db->query("UPDATE ".TABLE_PREFIX."posts SET content = '".$_POST['content']."'".$update_poster_guest.", enable_bbcode = ".$enable_bbcode.", enable_smilies = ".$enable_smilies.", enable_sig = ".$enable_sig.", enable_html = ".$enable_html.", post_edit_time = ".time().", post_edit_by = ".$session->sess_info['user_id']." WHERE id = ".$_GET['post']);
				
				if ( $postdata['first_post_id'] == $_GET['post'] ) {
					
					$result = $db->query("UPDATE ".TABLE_PREFIX."topics SET topic_title = '".$_POST['topic_title']."' WHERE id = ".$postdata['topic_id']);
					
				}
				
				$functions->redirect('topic.php', array('post' => $_GET['post']), 'post'.$_GET['post']);
				
			} else {
				
				$template->set_page_title('<a href="'.$functions->make_url('forum.php', array('id' => $postdata['forum_id'])).'">'.unhtml(stripslashes($postdata['forum_name'])).'</a>'.$template->get_config('locationbar_item_delimiter').'<a href="'.$functions->make_url('topic.php', array('post' => $_GET['post'])).'#post'.$_GET['post'].'">'.unhtml($functions->replace_badwords(stripslashes($postdata['topic_title']))).'</a>'.$template->get_config('locationbar_item_delimiter').$lang['EditPost']);
				
				if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
					
					$poster_guest = ( !empty($_POST['poster_guest']) && preg_match(USER_PREG, $_POST['poster_guest']) ) ? $_POST['poster_guest'] : '';
					$topic_title = ( !empty($_POST['topic_title']) ) ? unhtml(stripslashes($_POST['topic_title'])) : '';
					$content = ( !empty($_POST['content']) ) ? unhtml(stripslashes($_POST['content'])) : '';
					$enable_bbcode_checked = ( !empty($_POST['enable_bbcode']) ) ? ' checked="checked"' : '';
					$enable_smilies_checked = ( !empty($_POST['enable_smilies']) ) ? ' checked="checked"' : '';
					$enable_sig_checked = ( !empty($_POST['enable_sig']) ) ? ' checked="checked"' : '';
					$enable_html_checked = ( !empty($_POST['enable_html']) ) ? ' checked="checked"' : '';
					
					$errors = array();
					if ( ( !$postdata['poster_id'] ) && ( empty($_POST['poster_guest']) || !preg_match(USER_PREG, $_POST['poster_guest']) || strlen($_POST['poster_guest']) > $functions->get_config('username_max_length') ) )
						$errors[] = $lang['Username'];
					if ( $postdata['first_post_id'] == $_GET['post'] && empty($_POST['topic_title']) )
						$errors[] = $lang['Subject'];
					if ( empty($_POST['content']) )
						$errors[] = $lang['Content'];
					
					if ( count($errors) ) {
						
						$template->parse('msgbox', 'global', array(
							'box_title' => $lang['Error'],
							'content' => sprintf($lang['MissingFields'], join(', ', $errors))
						));
						
					} elseif ( !empty($_POST['preview']) ) {
						
						$template->parse('preview', 'various', array(
							'post_content' => $functions->markup(stripslashes($_POST['content']), $enable_bbcode_checked, $enable_smilies_checked, $enable_html_checked)
						));
						
					}
					
				} else {
					
					$poster_guest = $postdata['poster_guest'];
					$topic_title = unhtml(stripslashes($postdata['topic_title']));
					$content = unhtml(stripslashes($postdata['content']));
					$enable_bbcode_checked = ( $postdata['enable_bbcode'] ) ? ' checked="checked"' : '';
					$enable_smilies_checked = ( $postdata['enable_smilies'] ) ? ' checked="checked"' : '';
					$enable_sig_checked = ( $postdata['enable_sig'] ) ? ' checked="checked"' : '';
					$enable_html_checked = ( $postdata['enable_html'] ) ? ' checked="checked"' : '';
					
					$template->set_js_onload("set_focus('tags-txtarea')");
					
				}
				
				$options_input = array();
				$options_input[] = '<input type="checkbox" name="enable_bbcode" id="enable_bbcode" value="1"'.$enable_bbcode_checked.' /><label for="enable_bbcode"> '.$lang['EnableBBCode'].'</label>';
				$options_input[] = '<input type="checkbox" name="enable_smilies" id="enable_smilies" value="1"'.$enable_smilies_checked.' /><label for="enable_smilies"> '.$lang['EnableSmilies'].'</label>';
				if ( $postdata['poster_id'] && !empty($postdata['signature']) )
					$options_input[] = '<input type="checkbox" name="enable_sig" id="enable_sig" value="1"'.$enable_sig_checked.' /><label for="enable_sig"> '.$lang['EnableSig'].'</label>';
				if ( $functions->auth($postdata['auth'], 'html', $postdata['forum_id']) )
					$options_input[] = '<input type="checkbox" name="enable_html" id="enable_html" value="1"'.$enable_html_checked.' /><label for="enable_html"> '.$lang['EnableHTML'].'</label>';
				$options_input = join('<br />', $options_input);
				
				$template->parse('post_form', 'various', array(
					'form_begin' => '<form action="'.$functions->make_url('edit.php', array('post' => $_GET['post'])).'" method="post">',
					'post_title' => $lang['EditPost'],
					'username_input' => ( $postdata['poster_id'] ) ? '<a href="'.$functions->make_url('profile.php', array('id' => $postdata['poster_id'])).'">'.unhtml(stripslashes($postdata['poster_name'])).'</a>' : '<input type="text" size="25" maxlength="'.$functions->get_config('username_max_length').'" name="poster_guest" value="'.unhtml(stripslashes($poster_guest)).'" />',
					'subject_input' => ( $postdata['first_post_id'] != $_GET['post'] ) ? '<a href="'.$functions->make_url('topic.php', array('id' => $postdata['topic_id'])).'">'.unhtml(stripslashes($postdata['topic_title'])).'</a>' : '<input type="text" name="topic_title" size="50" value="'.$topic_title.'" />',
					'content_input' => '<textarea rows="'.$template->get_config('textarea_rows').'" cols="'.$template->get_config('textarea_cols').'" name="content" id="tags-txtarea">'.$content.'</textarea>',
					'bbcode_controls' => $functions->get_bbcode_controls(),
					'smiley_controls' => $functions->get_smiley_controls(),
					'options_input' => $options_input,
					'submit_button' => '<input type="submit" name="submit" value="'.$lang['OK'].'" />',
					'preview_button' => '<input type="submit" name="preview" value="'.$lang['Preview'].'" />',
					'reset_button' => '<input type="reset" value="'.$lang['Reset'].'" />',
					'form_end' => '</form>'
				));
				
			}
			
		} else {
			
			$functions->redir_to_login();
			
		}
		
	}
	
	//
	// Include the page footer
	//
	require(ROOT_PATH.'sources/page_foot.php');
	
} elseif ( $_GET['act'] == 'delete' ) {
	
	$session->update('deletepost:'.$_GET['post']);
	
	//
	// Include the page header
	//
	require(ROOT_PATH.'sources/page_head.php');