Home Explore Help
Register Sign In
biotorrents
/
Gazelle
forked from Oppaitime/Gazelle
Watch 2
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
BioTorrents.de’s version of Gazelle
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1092 Commits
2 Branches
Tree: dd0c25cf67
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'dd0c25cf67'
${ noResults }
Gazelle/sections/staffpm/get_post.php

get_post.php 1.1KB
History Raw

123456789101112131415161718192021222324252627282930313233343536 
  1. <?php

  2. // todo: Make this use the cache version of the thread, save the db query

  3. 

  4. /*********************************************************************\

  5. //--------------Get Post--------------------------------------------//

  6. 

  7. This gets the raw BBCode of a post. It's used for editing and

  8. quoting posts.

  9. 

  10. It gets called if $_GET['action'] == 'get_post'. It requires

  11. $_GET['post'], which is the ID of the post.

  12. 

  13. \*********************************************************************/

  14. 

  15. // Quick SQL injection check

  16. if (!$_GET['post'] || !is_number($_GET['post'])) {

  17.     error(0);

  18. }

  19. 

  20. // Variables for database input

  21. $PostID = $_GET['post'];

  22. 

  23. // Message is selected providing the user quoting is the guy who opened the PM or has the right level

  24. $DB->query("

  25.   SELECT m.Message, c.Level, c.UserID

  26.   FROM staff_pm_messages AS m

  27.     JOIN staff_pm_conversations AS c ON m.ConvID = c.ID

  28.   WHERE m.ID = '$PostID'");

  29. list($Message, $Level, $UserID) = $DB->next_record(MYSQLI_NUM);

  30. 

  31. if (($LoggedUser['ID'] === $UserID) || ($IsFLS && $LoggedUser['Class'] >= $Level)) {

  32.     // This gets sent to the browser, which echoes it wherever

  33.     echo trim($Message);

  34. } else {

  35.     error(403);

  36. }