Home Explore Help
Register Sign In
biotorrents
/
Gazelle
forked from Oppaitime/Gazelle
Watch 2
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
BioTorrents.de’s version of Gazelle
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1065 Commits
2 Branches
Tree: b4fb8c0c52
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b4fb8c0c52'
${ noResults }
Gazelle/sections/forums/takeedit.php

takeedit.php 4.1KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128 
  1. <?

  2. authorize();

  3. 

  4. /*********************************************************************\

  5. //--------------Take Post--------------------------------------------//

  6. 

  7. The page that handles the backend of the 'edit post' function.

  8. 

  9. $_GET['action'] must be "takeedit" for this page to work.

  10. 

  11. It will be accompanied with:

  12.   $_POST['post'] - the ID of the post

  13.   $_POST['body']

  14. 

  15. 

  16. \*********************************************************************/

  17. 

  18. // Quick SQL injection check

  19. if (!$_POST['post'] || !is_number($_POST['post']) || !is_number($_POST['key'])) {

  20.   error(0, true);

  21. }

  22. // End injection check

  23. 

  24. if ($LoggedUser['DisablePosting']) {

  25.   error('Your posting privileges have been removed.');

  26. }

  27. 

  28. // Variables for database input

  29. $UserID = $LoggedUser['ID'];

  30. $Body = $_POST['body']; //Don't URL Decode

  31. $PostID = $_POST['post'];

  32. $Key = $_POST['key'];

  33. $SQLTime = sqltime();

  34. $DoPM = isset($_POST['pm']) ? $_POST['pm'] : 0;

  35. 

  36. // Mainly

  37. $DB->query("

  38.   SELECT

  39.     p.Body,

  40.     p.AuthorID,

  41.     p.TopicID,

  42.     t.IsLocked,

  43.     t.ForumID,

  44.     f.MinClassWrite,

  45.     CEIL((

  46.       SELECT COUNT(p2.ID)

  47.       FROM forums_posts AS p2

  48.       WHERE p2.TopicID = p.TopicID

  49.         AND p2.ID <= '$PostID'

  50.       ) / ".POSTS_PER_PAGE."

  51.     ) AS Page

  52.   FROM forums_posts AS p

  53.     JOIN forums_topics AS t ON p.TopicID = t.ID

  54.     JOIN forums AS f ON t.ForumID = f.ID

  55.   WHERE p.ID = '$PostID'");

  56. list($OldBody, $AuthorID, $TopicID, $IsLocked, $ForumID, $MinClassWrite, $Page) = $DB->next_record();

  57. 

  58. 

  59. // Make sure they aren't trying to edit posts they shouldn't

  60. if (!Forums::check_forumperm($ForumID, 'Write') || ($IsLocked && !check_perms('site_moderate_forums'))) {

  61.   error('Either the thread is locked, or you lack the permission to edit this post.', true);

  62. }

  63. if ($UserID != $AuthorID && !check_perms('site_moderate_forums')) {

  64.   error(403,true);

  65. }

  66. if ($LoggedUser['DisablePosting']) {

  67.   error('Your posting privileges have been removed.', true);

  68. }

  69. if (!$DB->has_results()) {

  70.   error(404, true);

  71. }

  72. 

  73. // Send a PM to the user to notify them of the edit

  74. if ($UserID != $AuthorID && $DoPM) {

  75.   $PMSubject = "Your post #$PostID has been edited";

  76.   $PMurl = site_url()."forums.php?action=viewthread&postid=$PostID#post$PostID";

  77.   $ProfLink = '[url='.site_url()."user.php?id=$UserID]".$LoggedUser['Username'].'[/url]';

  78.   $PMBody = "One of your posts has been edited by $ProfLink: [url]{$PMurl}[/url]";

  79.   Misc::send_pm($AuthorID, 0, $PMSubject, $PMBody);

  80. }

  81. 

  82. // Perform the update

  83. $DB->query("

  84.   UPDATE forums_posts

  85.   SET

  86.     Body = '" . db_string($Body) . "',

  87.     EditedUserID = '$UserID',

  88.     EditedTime = '$SQLTime'

  89.   WHERE ID = '$PostID'");

  90. 

  91. $CatalogueID = floor((POSTS_PER_PAGE * $Page - POSTS_PER_PAGE) / THREAD_CATALOGUE);

  92. $Cache->begin_transaction("thread_$TopicID"."_catalogue_$CatalogueID");

  93. if ($Cache->MemcacheDBArray[$Key]['ID'] != $PostID) {

  94.   $Cache->cancel_transaction();

  95.   $Cache->delete_value("thread_$TopicID"."_catalogue_$CatalogueID"); //just clear the cache for would be cache-screwer-uppers

  96. } else {

  97.   $Cache->update_row($Key, array(

  98.       'ID'=>$Cache->MemcacheDBArray[$Key]['ID'],

  99.       'AuthorID'=>$Cache->MemcacheDBArray[$Key]['AuthorID'],

  100.       'AddedTime'=>$Cache->MemcacheDBArray[$Key]['AddedTime'],

  101.       'Body'=>$Body, //Don't url decode.

  102.       'EditedUserID'=>$LoggedUser['ID'],

  103.       'EditedTime'=>$SQLTime,

  104.       'Username'=>$LoggedUser['Username']

  105.       ));

  106.   $Cache->commit_transaction(3600 * 24 * 5);

  107. }

  108. $ThreadInfo = Forums::get_thread_info($TopicID);

  109. if ($ThreadInfo === null) {

  110.   error(404);

  111. }

  112. if ($ThreadInfo['StickyPostID'] == $PostID) {

  113.   $ThreadInfo['StickyPost']['Body'] = $Body;

  114.   $ThreadInfo['StickyPost']['EditedUserID'] = $LoggedUser['ID'];

  115.   $ThreadInfo['StickyPost']['EditedTime'] = $SQLTime;

  116.   $Cache->cache_value("thread_$TopicID".'_info', $ThreadInfo, 0);

  117. }

  118. 

  119. $DB->query("

  120.   INSERT INTO comments_edits

  121.     (Page, PostID, EditUser, EditTime, Body)

  122.   VALUES

  123.     ('forums', $PostID, $UserID, '$SQLTime', '".db_string($OldBody)."')");

  124. $Cache->delete_value("forums_edits_$PostID");

  125. // This gets sent to the browser, which echoes it in place of the old body

  126. echo Text::full_format($Body);

  127. ?>

  128. <br /><br /><div class="last_edited">Last edited by <a href="user.php?id=<?=$LoggedUser['ID']?>"><?=$LoggedUser['Username']?></a> Just now</div>