515 lines
12 KiB
PHP
515 lines
12 KiB
PHP
|
<?php
|
|||
|
if(!defined('DATALIFEENGINE'))
|
|||
|
{
|
|||
|
die("Hacking attempt!");
|
|||
|
}
|
|||
|
$code = !empty($_POST['code']) ? $_POST['code'] : $_GET['code'];
|
|||
|
|
|||
|
$subaction = $_REQUEST['subaction'];
|
|||
|
|
|||
|
$selected_id = $_REQUEST['selected_id'];
|
|||
|
|
|||
|
switch ($code)
|
|||
|
{
|
|||
|
// ********************************************************************************
|
|||
|
// ADD POST
|
|||
|
// ********************************************************************************
|
|||
|
case "add":
|
|||
|
|
|||
|
$forum_id = intval($_POST['forum_id']);
|
|||
|
|
|||
|
$topic_id = intval($_POST['topic_id']);
|
|||
|
|
|||
|
$page = intval($_REQUEST['page']);
|
|||
|
|
|||
|
$post_id = $db->safesql($_POST['post_id']);
|
|||
|
|
|||
|
$topic_title = $_POST['topic_ti'];
|
|||
|
|
|||
|
$post_text = $_POST['post_text'];
|
|||
|
|
|||
|
$name = $_POST['name'];
|
|||
|
$mail = $_POST['mail'];
|
|||
|
|
|||
|
$check_write = check_access($forums_array[$forum_id]['access_write']);
|
|||
|
|
|||
|
if ($check_write)
|
|||
|
{
|
|||
|
require_once SYSTEM_DIR.'/forum/action/addpost.php';
|
|||
|
}
|
|||
|
|
|||
|
else
|
|||
|
{
|
|||
|
$group_name = $user_group[$member_id['user_group']]['group_name'];
|
|||
|
|
|||
|
forum_msg($f_lang['all_info'], $f_lang['topic_write'], 'user_group', $group_name);
|
|||
|
}
|
|||
|
|
|||
|
break;
|
|||
|
|
|||
|
// ********************************************************************************
|
|||
|
// EDIT POST
|
|||
|
// ********************************************************************************
|
|||
|
case "02":
|
|||
|
|
|||
|
$pid = intval($_REQUEST['pid']);
|
|||
|
|
|||
|
$page = intval($_REQUEST['p']);
|
|||
|
|
|||
|
$post_n = intval($_REQUEST['pn']);
|
|||
|
|
|||
|
if ($pid)
|
|||
|
{
|
|||
|
if (is_moderation(0, 0, $pid, 'forum_post_edit'))
|
|||
|
{
|
|||
|
include_once SYSTEM_DIR.'/classes/parse.class.php';
|
|||
|
|
|||
|
$parse = new ParseFilter(Array(), Array(), 1, 1);
|
|||
|
|
|||
|
$row = $db->super_query("SELECT * FROM " . PREFIX . "_forum_posts WHERE `pid` = '$pid'");
|
|||
|
|
|||
|
$post_text = $parse->decodeBBCodes($row['post_text'], false);
|
|||
|
|
|||
|
$topic_id = $row['topic_id'];
|
|||
|
|
|||
|
$fid = $db->super_query("SELECT forum_id FROM " . PREFIX . "_forum_topics WHERE tid = '$topic_id'");
|
|||
|
|
|||
|
$forum_id = $fid['forum_id'];
|
|||
|
|
|||
|
$access_upload = check_access($forums_array[$forum_id]['access_upload']);
|
|||
|
|
|||
|
$upload_var = array('area'=>"post", 'forum_id'=>$forum_id, 'topic_id'=>$topic_id, 'post_id'=>$pid);
|
|||
|
|
|||
|
if ($row['pid'])
|
|||
|
{
|
|||
|
$edit_post_action = $a_forum_url."act=post&code=03&pid=$pid&topic_id=$topic_id&p=$page&pn=$post_n";
|
|||
|
|
|||
|
$tpl->load_template($tpl_dir.'addpost.tpl');
|
|||
|
|
|||
|
$tpl->set('{title}', $f_lang['app_post_edit']);
|
|||
|
|
|||
|
$tpl->set('[not-wysywyg]', "");
|
|||
|
|
|||
|
$tpl->set('{wysiwyg}','');
|
|||
|
|
|||
|
$tpl->set('[/not-wysywyg]',"");
|
|||
|
|
|||
|
include_once SYSTEM_DIR.'/forum/sources/components/bbcode.php';
|
|||
|
|
|||
|
if (!$is_logged)
|
|||
|
{
|
|||
|
$tpl->set('[not-logged]','');
|
|||
|
$tpl->set('[/not-logged]','');
|
|||
|
}
|
|||
|
|
|||
|
else
|
|||
|
{
|
|||
|
$tpl->set_block("'\\[not-logged\\](.*?)\\[/not-logged\\]'si","");
|
|||
|
}
|
|||
|
|
|||
|
$tpl->set_block("'\\[sec_code\\](.*?)\\[/sec_code\\]'si","");
|
|||
|
|
|||
|
$tpl->set('{bbcode}',$bb_code);
|
|||
|
$tpl->set('{text}',$post_text);
|
|||
|
|
|||
|
$tpl->copy_template = "<form method=\"post\" name=\"forum-post-form\" id=\"forum-post-form\" action=\"{$edit_post_action}\">".$tpl->copy_template."</form><div id=\"uploads-form\"></div>";
|
|||
|
|
|||
|
$tpl->compile('dle_forum');
|
|||
|
$tpl->clear();
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
else
|
|||
|
{
|
|||
|
forum_msg($f_lang['f_msg'], $f_lang['f_404']);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
else
|
|||
|
{
|
|||
|
forum_msg($f_lang['f_msg'], $f_lang['f_404']);
|
|||
|
}
|
|||
|
|
|||
|
break;
|
|||
|
|
|||
|
// ********************************************************************************
|
|||
|
// SAVE POST
|
|||
|
// ********************************************************************************
|
|||
|
case "03":
|
|||
|
|
|||
|
$pid = intval($_REQUEST['pid']);
|
|||
|
|
|||
|
$topic_id = intval($_REQUEST['topic_id']);
|
|||
|
|
|||
|
$page = intval($_REQUEST['p']);
|
|||
|
|
|||
|
$post_n = intval($_REQUEST['pn']);
|
|||
|
|
|||
|
if (is_moderation(0, 0, $pid, 'forum_post_edit'))
|
|||
|
{
|
|||
|
include_once SYSTEM_DIR.'/classes/parse.class.php';
|
|||
|
|
|||
|
$parse = new ParseFilter(Array(), Array(), 1, 1);
|
|||
|
|
|||
|
$post_text = $parse->process($_POST['post_text']);
|
|||
|
|
|||
|
$post_text = $db->safesql($parse->BB_Parse($post_text, FALSE));
|
|||
|
|
|||
|
$post_text = auto_wrap ($post_text);
|
|||
|
|
|||
|
if (strlen($post_text) > $forum_config['post_maxlen'])
|
|||
|
{
|
|||
|
$post_maxlen = true;
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
$post_maxlen = false;
|
|||
|
}
|
|||
|
|
|||
|
if ($post_text and !$post_maxlen)
|
|||
|
{
|
|||
|
$_TIME = time()+($config['date_adjust']*60);
|
|||
|
|
|||
|
$edit_info = ", edit_user = '{$member_id[name]}', edit_time = '{$_TIME}'";
|
|||
|
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_posts SET post_text = '$post_text' {$edit_info} WHERE pid = '$pid'");
|
|||
|
|
|||
|
check_attachment($pid, $post_text);
|
|||
|
|
|||
|
if ($forum_config['mod_rewrite'])
|
|||
|
{
|
|||
|
$topic_location = $forum_url."/topic_{$topic_id}/$page#post-$post_n";
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
$topic_location = $forum_url."showtopic=$topic_id&cstart=$page#post-$post_n";
|
|||
|
}
|
|||
|
|
|||
|
header("Location: $topic_location");
|
|||
|
}
|
|||
|
|
|||
|
else
|
|||
|
{
|
|||
|
if ($post_maxlen)
|
|||
|
{
|
|||
|
forum_msg($f_lang['f_msg'], $f_lang['maxlen_stop']);
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
forum_msg($f_lang['f_msg'], $f_lang['topic_add_stop'], 'stop', '');
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
else
|
|||
|
{
|
|||
|
forum_msg($f_lang['f_msg'], $f_lang['f_404']);
|
|||
|
}
|
|||
|
|
|||
|
break;
|
|||
|
|
|||
|
// ********************************************************************************
|
|||
|
// DEL POST
|
|||
|
// ********************************************************************************
|
|||
|
case "04":
|
|||
|
|
|||
|
if (is_moderation(0, 0, $selected_id, 'forum_post_del'))
|
|||
|
{
|
|||
|
$selected_id = explode(",", $selected_id);
|
|||
|
|
|||
|
foreach ($selected_id as $post_id)
|
|||
|
{
|
|||
|
$db->query("DELETE FROM " . PREFIX . "_forum_posts WHERE pid = '$post_id'");
|
|||
|
|
|||
|
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
|
|||
|
$result = $db->query("SELECT * FROM " . PREFIX . "_forum_files WHERE post_id = '" . $post_id . "'");
|
|||
|
|
|||
|
while ($row = $db->get_row($result)) {
|
|||
|
|
|||
|
if ($row['file_type'] == "file") {
|
|||
|
|
|||
|
unlink(UPLOAD_DIR."files/" . $row['onserver']);
|
|||
|
|
|||
|
} elseif ($row['file_type'] == "thumb") {
|
|||
|
|
|||
|
unlink(UPLOAD_DIR."thumbs/" . $row['onserver']);
|
|||
|
|
|||
|
unlink(UPLOAD_DIR."images/" . $row['onserver']);
|
|||
|
|
|||
|
} else {
|
|||
|
|
|||
|
unlink(UPLOAD_DIR."images/" . $row['onserver']);
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
$db->query("DELETE FROM " . PREFIX . "_forum_files WHERE post_id = '" . $post_id . "'");
|
|||
|
|
|||
|
// <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
|
|||
|
$update_id[] = $post_id;
|
|||
|
|
|||
|
$del_count++;
|
|||
|
}
|
|||
|
|
|||
|
if ($update_id)
|
|||
|
{
|
|||
|
$update_list = implode(',', $update_id);
|
|||
|
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_files SET file_attach = '0' WHERE post_id IN ({$update_list})");
|
|||
|
}
|
|||
|
|
|||
|
if ($is_mod['topic_id'] and $del_count)
|
|||
|
{
|
|||
|
calk_topic_del ($is_mod['topic_id'], $del_count);
|
|||
|
}
|
|||
|
|
|||
|
if ($forum_config['mod_rewrite']) $topic_location = $forum_url."/topic_".$is_mod['topic_id'];
|
|||
|
|
|||
|
else $topic_location = $forum_url."showtopic=".$is_mod['topic_id'];
|
|||
|
|
|||
|
header("Location: $topic_location");
|
|||
|
}
|
|||
|
|
|||
|
else break;
|
|||
|
|
|||
|
break;
|
|||
|
|
|||
|
// ********************************************************************************
|
|||
|
// UN HIDDEN POST
|
|||
|
// ********************************************************************************
|
|||
|
case "05":
|
|||
|
|
|||
|
if ($selected_id and is_moderation(0, 0, $selected_id))
|
|||
|
{
|
|||
|
$selected_id = explode(",", $selected_id);
|
|||
|
|
|||
|
foreach ($selected_id as $post_id)
|
|||
|
{
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_posts SET hidden = '0' WHERE pid = '$post_id'");
|
|||
|
}
|
|||
|
|
|||
|
header("Location: $_SERVER[HTTP_REFERER]");
|
|||
|
}
|
|||
|
|
|||
|
else break;
|
|||
|
|
|||
|
break;
|
|||
|
|
|||
|
// ********************************************************************************
|
|||
|
// HIDDEN POST
|
|||
|
// ********************************************************************************
|
|||
|
case "06":
|
|||
|
|
|||
|
if ($selected_id and is_moderation(0, 0, $selected_id))
|
|||
|
{
|
|||
|
$selected_id = explode(",", $selected_id);
|
|||
|
|
|||
|
foreach ($selected_id as $post_id)
|
|||
|
{
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_posts SET hidden = '1' WHERE pid = '$post_id'");
|
|||
|
}
|
|||
|
|
|||
|
header("Location: $_SERVER[HTTP_REFERER]");
|
|||
|
}
|
|||
|
|
|||
|
else break;
|
|||
|
|
|||
|
break;
|
|||
|
|
|||
|
// ********************************************************************************
|
|||
|
// Combining POST
|
|||
|
// ********************************************************************************
|
|||
|
case "07":
|
|||
|
|
|||
|
if ($selected_id and is_moderation(0, 0, $selected_id, 'combining_post'))
|
|||
|
{
|
|||
|
$pid_list = $db->safesql($selected_id);
|
|||
|
|
|||
|
$db->query("SELECT * FROM " . PREFIX . "_forum_posts WHERE pid IN ($pid_list)");
|
|||
|
|
|||
|
$join_posts_error = false;
|
|||
|
|
|||
|
$post_author = array();
|
|||
|
|
|||
|
$posts_text = array();
|
|||
|
|
|||
|
$selected_id = array();
|
|||
|
|
|||
|
$topic_id = 0;
|
|||
|
|
|||
|
while ($row = $db->get_row())
|
|||
|
{
|
|||
|
$count++;
|
|||
|
|
|||
|
$selected_id[] = $row['pid'];
|
|||
|
|
|||
|
if ($count == 1)
|
|||
|
{
|
|||
|
$topic_id = $row['topic_id'];
|
|||
|
}
|
|||
|
|
|||
|
if (!in_array($row['post_author'], $post_author))
|
|||
|
{
|
|||
|
$post_author[] = $row['post_author'];
|
|||
|
}
|
|||
|
|
|||
|
if ($row['topic_id'] !== $topic_id)
|
|||
|
{
|
|||
|
$join_posts_error = true;
|
|||
|
}
|
|||
|
|
|||
|
$posts_text[] = $row['post_text'];
|
|||
|
}
|
|||
|
|
|||
|
if ($count > 1 and !$join_posts_error)
|
|||
|
{
|
|||
|
$new_post = implode("<br /><br />", $posts_text);
|
|||
|
|
|||
|
$new_post = $db->safesql($new_post);
|
|||
|
|
|||
|
foreach ($selected_id as $key => $value_pid)
|
|||
|
{
|
|||
|
$pid_count++;
|
|||
|
|
|||
|
if ($pid_count == 1)
|
|||
|
{
|
|||
|
$edit_info = ", edit_user = '{$member_id[name]}', edit_time = '{$_TIME}'";
|
|||
|
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_posts SET post_text = '$new_post' {$edit_info} WHERE pid = '$value_pid'");
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
$db->query("DELETE FROM " . PREFIX . "_forum_posts WHERE pid = '$value_pid'");
|
|||
|
|
|||
|
$del_count++;
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
$del_count = $del_count + 1;
|
|||
|
|
|||
|
calk_topic_del ($topic_id, $del_count);
|
|||
|
|
|||
|
if ($forum_config['mod_rewrite']) $topic_location = $forum_url . "/topic_" . $topic_id;
|
|||
|
|
|||
|
else $topic_location = $forum_url . "showtopic=" . $topic_id;
|
|||
|
|
|||
|
header("Location: $topic_location");
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
break;
|
|||
|
|
|||
|
// ********************************************************************************
|
|||
|
// Move POST
|
|||
|
// ********************************************************************************
|
|||
|
case "08":
|
|||
|
|
|||
|
$new_topic = $_REQUEST['new_topic'];
|
|||
|
|
|||
|
$new_topic_id = 0;
|
|||
|
|
|||
|
if (intval($new_topic) != 0)
|
|||
|
{
|
|||
|
$new_topic_id = intval ($new_topic);
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
preg_match_all("#topic_([0-9]{1,10})#", $new_topic, $matches);
|
|||
|
|
|||
|
$new_topic_id = intval ($matches[1][0]);
|
|||
|
|
|||
|
if (!$new_topic_id)
|
|||
|
{
|
|||
|
preg_match_all("#showtopic=([0-9]{1,10})#", $new_topic, $matches);
|
|||
|
|
|||
|
$new_topic_id = intval ($matches[1][0]);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
if ($selected_id and is_moderation(0, 0, $selected_id, 'move_post'))
|
|||
|
{
|
|||
|
if (!$subaction)
|
|||
|
{
|
|||
|
$action_moveposts = $a_forum_url."act=post&code=08&subaction=move&selected_id={$selected_id}";
|
|||
|
|
|||
|
$tpl->load_template($tpl_dir.'moveposts.tpl');
|
|||
|
|
|||
|
$tpl->copy_template = "<form method=\"post\" action=\"{$action_moveposts}\">".$tpl->copy_template."</form>";
|
|||
|
|
|||
|
$tpl->compile('dle_forum');
|
|||
|
$tpl->clear();
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
if ($new_topic_id)
|
|||
|
{
|
|||
|
$row = $db->super_query("SELECT * FROM " . PREFIX . "_forum_topics WHERE tid = $new_topic_id");
|
|||
|
|
|||
|
$new_forum_id = $row['forum_id'];
|
|||
|
|
|||
|
if ($row['tid'])
|
|||
|
{
|
|||
|
// get info //
|
|||
|
$post_id = intval($selected_id);
|
|||
|
$row_post = $db->super_query("SELECT * FROM " . PREFIX . "_forum_posts WHERE pid = $post_id");
|
|||
|
$old_topic_id = $row_post['topic_id'];
|
|||
|
|
|||
|
$row2 = $db->super_query("SELECT * FROM " . PREFIX . "_forum_topics WHERE tid = $old_topic_id");
|
|||
|
$old_forum_id = $row2['forum_id'];
|
|||
|
// - //
|
|||
|
|
|||
|
if ($old_topic_id == $new_topic_id)
|
|||
|
{
|
|||
|
die("error");
|
|||
|
}
|
|||
|
|
|||
|
$in_post_id = array();
|
|||
|
|
|||
|
$selected_id = explode(",", $selected_id);
|
|||
|
|
|||
|
foreach ($selected_id as $post_id)
|
|||
|
{
|
|||
|
$post_count++;
|
|||
|
|
|||
|
$in_post_id[] = $post_id;
|
|||
|
}
|
|||
|
|
|||
|
$post_id_list = implode(',', $in_post_id);
|
|||
|
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_posts SET topic_id = $new_topic_id WHERE pid IN ({$post_id_list})");
|
|||
|
|
|||
|
if ($old_forum_id == $new_forum_id)
|
|||
|
{
|
|||
|
unset ($post_count);
|
|||
|
}
|
|||
|
|
|||
|
calk_topic_del ($new_topic_id, $post_count, '+');
|
|||
|
|
|||
|
calk_topic_del ($old_topic_id, $post_count, '-');
|
|||
|
|
|||
|
if ($forum_config['mod_rewrite']) $topic_location = $forum_url . "/topic_" . $new_topic_id;
|
|||
|
|
|||
|
else $topic_location = $forum_url . "showtopic=" . $new_topic_id;
|
|||
|
|
|||
|
header("Location: $topic_location");
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
break;
|
|||
|
|
|||
|
// ********************************************************************************
|
|||
|
// ERROR
|
|||
|
// ********************************************************************************
|
|||
|
default:
|
|||
|
|
|||
|
forum_msg($f_lang['f_msg'], $f_lang['f_404']);
|
|||
|
|
|||
|
break;
|
|||
|
}
|
|||
|
?>
|