diff --git a/phpBB/adm/admin_attachments.php b/phpBB/adm/admin_attachments.php index 667a40ee2e..07dbc6df3e 100644 --- a/phpBB/adm/admin_attachments.php +++ b/phpBB/adm/admin_attachments.php @@ -1329,31 +1329,4 @@ function get_supported_image_types() return ($types); } -function filelist($rootdir, $dir = '', $type = 'gif|jpg|png') -{ - static $images = array(); - - $dh = opendir($rootdir . $dir); - - while ($fname = readdir($dh)) - { - if (is_file($rootdir . $dir . '/' . $fname) && - preg_match('#\.' . $type . '$#i', $fname) && - filesize($rootdir . $dir . '/' . $fname)) - { - $images[] = array('path' => $dir, 'file' => $fname); - } - else if ($fname != '.' && $fname != '..' && - !is_file($rootdir . $dir . '/' . $fname) && - !is_link($rootdir . $dir . '/' . $fname)) - { - filelist($rootdir, $dir . '/'. $fname, $type); - } - } - - closedir($dh); - - return $images; -} - ?> \ No newline at end of file diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index c9a69b1349..46ea43254e 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -337,4 +337,201 @@ function display_forums($root_data = '', $display_moderators = TRUE) ); } +// Display Attachments +function display_attachments($attachment_data, &$update_count, $force_physical = false) +{ + global $extensions, $template; + global $config, $user, $phpbb_root_path, $phpEx, $SID; + + if (empty($extensions) || !is_array($extensions)) + { + obtain_attach_extensions($extensions); + } + + $update_count = array(); + + foreach ($attachment_data as $attachment) + { + // Some basics... + $attachment['extension'] = strtolower(trim($attachment['extension'])); + $filename = $config['upload_dir'] . '/' . $attachment['physical_filename']; + $thumbnail_filename = $config['upload_dir'] . '/thumbs/t_' . $attachment['physical_filename']; + + $upload_image = ''; + + if ($user->img('icon_attach', '') != '' && $extensions[$attachment['extension']]['upload_icon'] == '') + { + $upload_image = $user->img('icon_attach', ''); + } + else if ($extensions[$attachment['extension']]['upload_icon'] != '') + { + $upload_image = ''; + } + + $filesize = $attachment['filesize']; + $size_lang = ($filesize >= 1048576) ? $user->lang['MB'] : ( ($filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] ); + + if ($filesize >= 1048576) + { + $filesize = (round((round($filesize / 1048576 * 100) / 100), 2)); + } + else if ($filesize >= 1024) + { + $filesize = (round((round($filesize / 1024 * 100) / 100), 2)); + } + + $display_name = $attachment['real_filename']; + $comment = stripslashes(trim(str_replace("\n", '
', $attachment['comment']))); + + $denied = false; + + if (!in_array($attachment['extension'], $extensions['_allowed_'])) + { + $denied = true; + + $template->assign_block_vars('postrow.attachment', array( + 'IS_DENIED' => true, + + 'L_DENIED' => sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension'])) + ); + } + + if (!$denied) + { + $l_downloaded_viewed = ''; + $download_link = ''; + $additional_array = array(); + + $display_cat = $extensions[$attachment['extension']]['display_cat']; + + if ($display_cat == IMAGE_CAT) + { + if ($attachment['thumbnail']) + { + $display_cat = THUMB_CAT; + } + else + { + if ($config['img_display_inlined']) + { + if ($config['img_link_width'] || $config['img_link_height']) + { + list($width, $height) = image_getdimension($filename); + + $display_cat = (!$width && !$height) ? IMAGE_CAT : (($width <= $config['img_link_width'] && $height <= $config['img_link_height']) ? IMAGE_CAT : NONE_CAT); + } + } + else + { + $display_cat = NONE_CAT; + } + } + } + + switch ($display_cat) + { + // Images + case IMAGE_CAT: + if (!empty($config['ftp_upload']) && trim($config['upload_dir']) == '' && !$force_physical) + { + $img_source = $phpbb_root_path . "download.$phpEx$SID&id=" . $attachment['attach_id']; + } + else + { + $img_source = $filename; + $update_count[] = $attachment['attach_id']; + } + + $l_downloaded_viewed = $user->lang['VIEWED']; + $download_link = $img_source; + break; + + // Images, but display Thumbnail + case THUMB_CAT: + if (!empty($config['use_ftp_upload']) && trim($config['upload_dir']) == '' && !$force_physical) + { + $thumb_source = $phpbb_root_path . "download.$phpEx$SID&id=" . $attachment['attach_id'] . '&thumb=1'; + } + else + { + $thumb_source = $thumbnail_filename; + } + + $l_downloaded_viewed = $user->lang['VIEWED']; + $download_link = (!$force_physical) ? $phpbb_root_path . "download.$phpEx$SID&id=" . $attachment['attach_id'] : $filename; + + $additional_array = array( + 'THUMB_IMG' => $thumb_source + ); + break; + + // Windows Media Streams + case WM_CAT: + $l_downloaded_viewed = $user->lang['VIEWED']; + $download_link = $filename; + + // Viewed/Heared File ... update the download count (download.php is not called here) + $update_count[] = $attachment['attach_id']; + break; + + // Real Media Streams + case RM_CAT: + $l_downloaded_viewed = $user->lang['VIEWED']; + $download_link = $filename; + + $additional_array = array( + 'U_FORUM' => generate_board_url(), + 'ATTACH_ID' => $attachment['attach_id'] + ); + + // Viewed/Heared File ... update the download count (download.php is not called here) + $update_count[] = $attachment['attach_id']; + break; +/* + // Macromedia Flash Files + case SWF_CAT: + list($width, $height) = swf_getdimension($filename); + + $l_downloaded_viewed = $user->lang['VIEWED']; + $download_link = $filename; + + $additional_array = array( + 'WIDTH' => $width, + 'HEIGHT' => $height + ); + + // Viewed/Heared File ... update the download count (download.php is not called here) + $update_count[] = $attachment['attach_id']; + break; +*/ + default: + $l_downloaded_viewed = $user->lang['DOWNLOADED']; + $download_link = (!$force_physical) ? $phpbb_root_path . "download.$phpEx$SID&id=" . $attachment['attach_id'] : $filename; + break; + } + + $template_array = array_merge($additional_array, array( +// 'IS_FLASH' => ($display_cat == SWF_CAT) ? true : false, + 'IS_WM_STREAM' => ($display_cat == WM_CAT) ? true : false, + 'IS_RM_STREAM' => ($display_cat == RM_CAT) ? true : false, + 'IS_THUMBNAIL' => ($display_cat == THUMB_CAT) ? true : false, + 'IS_IMAGE' => ($display_cat == IMAGE_CAT) ? true : false, + 'DOWNLOAD_NAME' => $display_name, + 'FILESIZE' => $filesize, + 'SIZE_VAR' => $size_lang, + 'COMMENT' => $comment, + + 'U_DOWNLOAD_LINK' => $download_link, + + 'UPLOAD_IMG' => $upload_image, + + 'L_DOWNLOADED_VIEWED' => $l_downloaded_viewed, + 'L_DOWNLOAD_COUNT' => sprintf($user->lang['DOWNLOAD_NUMBER'], $attachment['download_count'])) + ); + + $template->assign_block_vars('postrow.attachment', $template_array); + } + } +} + ?> \ No newline at end of file diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 7e28baf2a2..aa4376a960 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -1023,7 +1023,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_ $sql = "UPDATE " . POLL_OPTIONS_TABLE . " SET poll_option_text = '" . $db->sql_escape($poll['poll_options'][$i]) . "' WHERE poll_option_id = " . $cur_poll_options[$i]['poll_option_id'] . " - AND topic_id = $topic_id"; + AND topic_id = " . $post_data['topic_id']; $db->sql_query($sql); } } diff --git a/phpBB/language/en/lang_main.php b/phpBB/language/en/lang_main.php index 45be7c2893..e2991854de 100644 --- a/phpBB/language/en/lang_main.php +++ b/phpBB/language/en/lang_main.php @@ -634,18 +634,19 @@ $lang = array( 'TOO_MANY_POLL_OPTIONS' => 'You have tried to enter too many poll options', 'NO_DELETE_POLL_OPTIONS'=> 'You cannot delete existing poll options', - 'GENERAL_UPLOAD_ERROR' => 'Could not upload Attachment to %s', - 'TOO_MANY_ATTACHMENTS' => 'Cannot add another attacment, %d is the maxmimum.', - 'INVALID_FILENAME' => '%s is an invalid filename', - 'DISALLOWED_EXTENSION' => 'The Extension %s is not allowed', - 'ALLOWED' => 'Allowed', - 'ATTACHMENT_PHP_SIZE_NA' => 'The attachment is too big.
Could not get determine the maximum size defined by PHP in php.ini.', - 'ATTACHMENT_PHP_SIZE_OVERRUN' => 'The attachment is too big, maximum upload size is %d MB.
Please note this is set in php.ini and cannot be overriden.', - 'ATTACHMENT_TOO_BIG' => 'The attachment is too big, maximum size is %1d %2s', - 'ATTACH_QUOTA_REACHED' => 'Sorry, the board attachment quota has been reached.', - 'BYTES' => 'Bytes', - 'KB' => 'KB', - 'MB' => 'MB', + 'GENERAL_UPLOAD_ERROR' => 'Could not upload Attachment to %s', + 'TOO_MANY_ATTACHMENTS' => 'Cannot add another attacment, %d is the maxmimum.', + 'INVALID_FILENAME' => '%s is an invalid filename', + 'DISALLOWED_EXTENSION' => 'The Extension %s is not allowed', + 'ALLOWED' => 'Allowed', + 'ATTACHMENT_PHP_SIZE_NA' => 'The attachment is too big.
Could not get determine the maximum size defined by PHP in php.ini.', + 'ATTACHMENT_PHP_SIZE_OVERRUN'=> 'The attachment is too big, maximum upload size is %d MB.
Please note this is set in php.ini and cannot be overriden.', + 'ATTACHMENT_TOO_BIG' => 'The attachment is too big, maximum size is %1d %2s', + 'ATTACH_QUOTA_REACHED' => 'Sorry, the board attachment quota has been reached.', + 'BYTES' => 'Bytes', + 'KB' => 'KB', + 'MB' => 'MB', + 'DOWNLOAD_NOTICE' => 'You do not have the required permissions to view the files attached to this post.', // Differate the case more? 'EXTENSION_DISABLED_AFTER_POSTING' => 'The extension %s has been deactivated and can no longer be displayed.', // used in Posts and PM's, replace %s with extension 'DESCRIPTION' => 'Description', diff --git a/phpBB/posting.php b/phpBB/posting.php index af582ee03a..176d1b3868 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -41,22 +41,22 @@ $auth->acl($user->data); $user->setup(); // Grab only parameters needed here -$mode = (!empty($_REQUEST['mode'])) ? strval($_REQUEST['mode']) : ''; -$post_id = (!empty($_REQUEST['p'])) ? intval($_REQUEST['p']) : false; -$topic_id = (!empty($_REQUEST['t'])) ? intval($_REQUEST['t']) : false; -$forum_id = (!empty($_REQUEST['f'])) ? intval($_REQUEST['f']) : false; -$lastclick = (isset($_POST['lastclick'])) ? intval($_POST['lastclick']) : 0; +$mode = (!empty($_REQUEST['mode'])) ? strval($_REQUEST['mode']) : ''; +$post_id = (!empty($_REQUEST['p'])) ? intval($_REQUEST['p']) : false; +$topic_id = (!empty($_REQUEST['t'])) ? intval($_REQUEST['t']) : false; +$forum_id = (!empty($_REQUEST['f'])) ? intval($_REQUEST['f']) : false; +$lastclick = (isset($_POST['lastclick'])) ? intval($_POST['lastclick']) : 0; -$submit = (isset($_POST['post'])) ? true : false; -$preview = (isset($_POST['preview'])) ? true : false; -$save = (isset($_POST['save'])) ? true : false; -$cancel = (isset($_POST['cancel'])) ? true : false; -$confirm = (isset($_POST['confirm'])) ? true : false; -$delete = (isset($_POST['delete'])) ? true : false; +$submit = (isset($_POST['post'])) ? true : false; +$preview = (isset($_POST['preview'])) ? true : false; +$save = (isset($_POST['save'])) ? true : false; +$cancel = (isset($_POST['cancel'])) ? true : false; +$confirm = (isset($_POST['confirm'])) ? true : false; +$delete = (isset($_POST['delete'])) ? true : false; -$refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['edit_comment']); +$refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['edit_comment']); -if (($delete) && (!$preview) && (!$refresh) && ($submit)) +if ($delete && !$preview && !$refresh && $submit) { $mode = 'delete'; } @@ -64,7 +64,7 @@ if (($delete) && (!$preview) && (!$refresh) && ($submit)) // Was cancel pressed? If so then redirect to the appropriate page if ($cancel || time() - $lastclick < 2) { - $redirect = ($post_id) ? "viewtopic.$phpEx$SID&p=" . $post_id . "#" . $post_id : (($topic_id) ? "viewtopic.$phpEx$SID&t=" . $topic_id : (($forum_id) ? "viewforum.$phpEx$SID&f=" . $forum_id : "index.$phpEx$SID")); + $redirect = ($post_id) ? "viewtopic.$phpEx$SID&p=$post_id#$post_id" : (($topic_id) ? "viewtopic.$phpEx$SID&t=$topic_id" : (($forum_id) ? "viewforum.$phpEx$SID&f=$forum_id" : "index.$phpEx$SID")); redirect($redirect); } @@ -73,11 +73,9 @@ if ($cancel || time() - $lastclick < 2) $forum_validate = $topic_validate = $post_validate = false; // Easier validation -$forum_fields = array('forum_name' => 's', 'parent_id' => 'i', 'forum_parents' => 's', 'forum_status' => 'i', 'forum_type' => 'i', 'enable_icons' => 'i'); - -$topic_fields = array('topic_status' => 'i', 'topic_first_post_id' => 'i', 'topic_last_post_id' => 'i', 'topic_type' => 'i', 'topic_title' => 's', 'poll_last_vote' => 'i', 'poll_start' => 'i', 'poll_title' => 's', 'poll_max_options' => 'i', 'poll_length' => 'i'); - -$post_fields = array('post_time' => 'i', 'poster_id' => 'i', 'post_username' => 's', 'post_text' => 's', 'post_subject' => 's', 'post_checksum' => 's', 'post_attachment' => 'i', 'bbcode_uid' => 's', 'enable_magic_url' => 'i', 'enable_sig' => 'i', 'enable_smilies' => 'i', 'enable_bbcode' => 'i', 'post_edit_locked' => 'i'); +$forum_fields = array('forum_name' => 's', 'parent_id' => 'i', 'forum_parents' => 's', 'forum_status' => 'i', 'forum_type' => 'i', 'enable_icons' => 'i'); +$topic_fields = array('topic_status' => 'i', 'topic_first_post_id' => 'i', 'topic_last_post_id' => 'i', 'topic_type' => 'i', 'topic_title' => 's', 'poll_last_vote' => 'i', 'poll_start' => 'i', 'poll_title' => 's', 'poll_max_options' => 'i', 'poll_length' => 'i'); +$post_fields = array('post_time' => 'i', 'poster_id' => 'i', 'post_username' => 's', 'post_text' => 's', 'post_subject' => 's', 'post_checksum' => 's', 'post_attachment' => 'i', 'bbcode_uid' => 's', 'enable_magic_url' => 'i', 'enable_sig' => 'i', 'enable_smilies' => 'i', 'enable_bbcode' => 'i', 'post_edit_locked' => 'i'); $sql = ''; switch ($mode) @@ -88,9 +86,9 @@ switch ($mode) trigger_error($user->lang['NO_FORUM']); } - $sql = "SELECT * - FROM " . FORUMS_TABLE . " - WHERE forum_id = " . $forum_id; + $sql = 'SELECT * + FROM ' . FORUMS_TABLE . " + WHERE forum_id = $forum_id"; $forum_validate = true; break; @@ -101,9 +99,9 @@ switch ($mode) trigger_error($user->lang['NO_TOPIC']); } - $sql = "SELECT t.*, f.* - FROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f - WHERE t.topic_id = " . $topic_id . " + $sql = 'SELECT t.*, f.* + FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f + WHERE t.topic_id = $topic_id AND f.forum_id = t.forum_id"; $forum_validate = $topic_validate = true; @@ -117,12 +115,13 @@ switch ($mode) trigger_error($user->lang['NO_POST']); } - $sql = "SELECT p.*, t.*, f.*, u.username - FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f, " . USERS_TABLE . " u - WHERE p.post_id = " . $post_id . " + $sql = 'SELECT p.*, t.*, f.*, u.username + FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u + WHERE p.post_id = $post_id AND t.topic_id = p.topic_id AND u.user_id = p.poster_id AND f.forum_id = t.forum_id"; + $forum_validate = $topic_validate = $post_validate = true; break; @@ -211,6 +210,7 @@ if ($sql != '') $$var = ''; } } + $post_subject = ($post_validate) ? $post_subject : $topic_title; $poll_length = ($poll_length) ? $poll_length/3600 : $poll_length; @@ -219,9 +219,9 @@ if ($sql != '') // Get Poll Data if ($poll_start) { - $sql = "SELECT poll_option_text - FROM " . POLL_OPTIONS_TABLE . " - WHERE topic_id = " . $topic_id . " + $sql = 'SELECT poll_option_text + FROM ' . POLL_OPTIONS_TABLE . " + WHERE topic_id = $topic_id ORDER BY poll_option_id"; $result = $db->sql_query($sql); @@ -241,10 +241,10 @@ if ($sql != '') if ($post_attachment && !$submit && !$refresh && !$preview && $mode == 'edit') { $sql = 'SELECT d.* - FROM ' . ATTACHMENTS_TABLE . ' a, ' . ATTACHMENTS_DESC_TABLE . ' d - WHERE a.post_id = ' . $post_id . ' + FROM ' . ATTACHMENTS_TABLE . ' a, ' . ATTACHMENTS_DESC_TABLE . " d + WHERE a.post_id = $post_id AND a.attach_id = d.attach_id - ORDER BY d.filetime ' . ((!$config['display_order']) ? 'DESC' : 'ASC'); + ORDER BY d.filetime " . ((!$config['display_order']) ? 'DESC' : 'ASC'); $result = $db->sql_query($sql); $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result)); @@ -265,10 +265,10 @@ if ($sql != '') if (!$post_validate) { - $enable_sig = (intval($config['allow_sig']) && $user->data['user_attachsig']) ? true : false; - $enable_smilies = (intval($config['allow_smilies']) && $user->data['user_allowsmile']) ? true : false; - $enable_bbcode = (intval($config['allow_bbcode']) && $user->data['user_allowbbcode']) ? true : false; - $enable_urls = true; + $enable_sig = (intval($config['allow_sig']) && $user->data['user_attachsig']) ? true : false; + $enable_smilies = (intval($config['allow_smilies']) && $user->data['user_allowsmile']) ? true : false; + $enable_bbcode = (intval($config['allow_bbcode']) && $user->data['user_allowbbcode']) ? true : false; + $enable_urls = true; } $enable_magic_url = false; @@ -277,10 +277,10 @@ if ($sql != '') // Notify user checkbox if ($mode != 'post' && $user->data['user_id'] != ANONYMOUS) { - $sql = "SELECT topic_id - FROM " . TOPICS_WATCH_TABLE . " - WHERE topic_id = " . $topic_id . " - AND user_id = " . $user->data['user_id']; + $sql = 'SELECT topic_id + FROM ' . TOPICS_WATCH_TABLE . ' + WHERE topic_id = ' . $topic_id . ' + AND user_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $notify_set = ($db->sql_fetchrow($result)) ? 1 : 0; @@ -291,43 +291,26 @@ else $notify_set = -1; } -// Collect general Permissions to be used within the complete page -$perm = array( - 'm_lock' => $auth->acl_get('m_lock', $forum_id), - 'm_edit' => $auth->acl_get('m_edit', $forum_id), - 'm_delete' => $auth->acl_get('m_delete', $forum_id), - - 'u_delete' => $auth->acl_get('f_delete', $forum_id), - - 'f_attach' => $auth->acl_get('f_attach', $forum_id), - 'f_news' => $auth->acl_get('f_news', $forum_id), - 'f_announce' => $auth->acl_get('f_announce', $forum_id), - 'f_sticky' => $auth->acl_get('f_sticky', $forum_id), - 'f_ignoreflood' => $auth->acl_get('f_ignoreflood', $forum_id), - 'f_sigs' => $auth->acl_get('f_sigs', $forum_id), - 'f_save' => $auth->acl_get('f_save', $forum_id) -); - if (!$auth->acl_get('f_' . $mode, $forum_id) && $forum_type == FORUM_POST) { trigger_error($user->lang['USER_CANNOT_' . strtoupper($mode)]); } // Forum/Topic locked? -if (($forum_status == ITEM_LOCKED || $topic_status == ITEM_LOCKED) && !$perm['m_edit']) +if (($forum_status == ITEM_LOCKED || $topic_status == ITEM_LOCKED) && !$auth->acl_get('m_edit', $forum_id)) { $message = ($forum_status == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED'; trigger_error($user->lang[$message]); } // Can we edit this post? -if (($mode == 'edit' || $mode == 'delete') && !$perm['m_edit'] && $config['edit_time'] && $post_time < time() - $config['edit_time']) +if (($mode == 'edit' || $mode == 'delete') && !$auth->acl_get('m_edit', $forum_id) && $config['edit_time'] && $post_time < time() - $config['edit_time']) { trigger_error($user->lang['CANNOT_EDIT_TIME']); } // Do we want to edit our post ? -if ($mode == 'edit' && !$perm['m_edit'] && $user->data['user_id'] != $poster_id) +if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id) && $user->data['user_id'] != $poster_id) { trigger_error($user->lang['USER_CANNOT_EDIT']); } @@ -344,15 +327,15 @@ if ($mode == 'edit') } // Delete triggered ? -if ($mode == 'delete' && (($poster_id == $user->data['user_id'] && $user->data['user_id'] != ANONYMOUS && $perm['u_delete'] && $post_id == $topic_last_post_id) || $perm['m_delete'])) +if ($mode == 'delete' && (($poster_id == $user->data['user_id'] && $user->data['user_id'] != ANONYMOUS && $auth->acl_get('f_delete', $forum_id) && $post_id == $topic_last_post_id) || $auth->acl_get('m_delete', $forum_id))) { // Do we need to confirm ? if ($confirm) { $post_data = array( - 'topic_first_post_id' => $topic_first_post_id, - 'topic_last_post_id' => $topic_last_post_id, - 'user_id' => $poster_id + 'topic_first_post_id' => $topic_first_post_id, + 'topic_last_post_id' => $topic_last_post_id, + 'user_id' => $poster_id ); $search = new fulltext_search(); @@ -388,11 +371,11 @@ if ($mode == 'delete' && (($poster_id == $user->data['user_id'] && $user->data[' } $sql = 'SELECT p.post_id, p.poster_id, p.post_username, u.username - FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u - WHERE p.topic_id = ' . $topic_id . ' + FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u + WHERE p.topic_id = $topic_id AND p.poster_id = u.user_id AND p.post_approved = 1 - ORDER BY p.post_time DESC'; + ORDER BY p.post_time DESC"; $result = $db->sql_query_limit($sql, 1); $row = $db->sql_fetchrow($result); @@ -412,9 +395,9 @@ if ($mode == 'delete' && (($poster_id == $user->data['user_id'] && $user->data[' // Update Forum, Topic and User with the gathered Informations if ($forum_update_sql != '') { - $sql = 'UPDATE ' . FORUMS_TABLE . ' - SET ' . $forum_update_sql . ' - WHERE forum_id = ' . $forum_id; + $sql = "UPDATE " . FORUMS_TABLE . " + SET $forum_update_sql + WHERE forum_id = $forum_id"; $db->sql_query($sql); } @@ -480,12 +463,12 @@ if ($mode == 'delete' && (($poster_id == $user->data['user_id'] && $user->data[' } } -if ($mode == 'delete' && $poster_id != $user->data['user_id'] && !$perm['u_delete']) +if ($mode == 'delete' && $poster_id != $user->data['user_id'] && !$auth->acl_get('f_delete', $forum_id)) { trigger_error($user->lang['DELETE_OWN_POSTS']); } -if ($mode == 'delete' && $poster_id == $user->data['user_id'] && $perm['u_delete'] && $post_id != $topic_last_post_id) +if ($mode == 'delete' && $poster_id == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && $post_id != $topic_last_post_id) { trigger_error($user->lang['CANNOT_DELETE_REPLIED']); } @@ -496,11 +479,11 @@ if ($mode == 'delete') } // HTML, BBCode, Smilies, Images and Flash status -$html_status = (intval($config['allow_html']) && $auth->acl_get('f_html', $forum_id)) ? true : false; -$bbcode_status = (intval($config['allow_bbcode']) && $auth->acl_get('f_bbcode', $forum_id)) ? true : false; -$smilies_status = (intval($config['allow_smilies']) && $auth->acl_get('f_smilies', $forum_id)) ? true : false; -$img_status = (intval($config['allow_img']) && $auth->acl_get('f_img', $forum_id)) ? true : false; -$flash_status = (intval($config['allow_flash']) && $auth->acl_get('f_flash', $forum_id)) ? true : false; +$html_status = (intval($config['allow_html']) && $auth->acl_get('f_html', $forum_id)) ? true : false; +$bbcode_status = (intval($config['allow_bbcode']) && $auth->acl_get('f_bbcode', $forum_id)) ? true : false; +$smilies_status = (intval($config['allow_smilies']) && $auth->acl_get('f_smilies', $forum_id)) ? true : false; +$img_status = (intval($config['allow_img']) && $auth->acl_get('f_img', $forum_id)) ? true : false; +$flash_status = (intval($config['allow_flash']) && $auth->acl_get('f_flash', $forum_id)) ? true : false; if ($submit || $preview || $refresh) { @@ -531,18 +514,18 @@ if ($submit || $preview || $refresh) $poll_delete = (isset($_POST['poll_delete'])) ? true : false; // Faster than crc32 - $check_value = (($enable_html+1) << 16) + (($enable_bbcode+1) << 8) + (($enable_smilies+1) << 4) + (($enable_urls+1) << 2) + (($enable_sig+1) << 1); - $status_switch = (isset($_POST['status_switch']) && intval($_POST['status_switch']) != $check_value) ? true : false; + $check_value = (($enable_html+1) << 16) + (($enable_bbcode+1) << 8) + (($enable_smilies+1) << 4) + (($enable_urls+1) << 2) + (($enable_sig+1) << 1); + $status_switch = (isset($_POST['status_switch']) && intval($_POST['status_switch']) != $check_value) ? true : false; - if ($poll_delete && (($mode == 'edit' && !empty($poll_options) && empty($poll_last_vote) && $poster_id == $user->data['user_id'] && $perm['u_delete']) || $perm['m_delete'])) + if ($poll_delete && (($mode == 'edit' && !empty($poll_options) && empty($poll_last_vote) && $poster_id == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))) { // Delete Poll - $sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . ' - WHERE topic_id = ' . $topic_id; + $sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . " + WHERE topic_id = $topic_id"; $db->sql_query($sql); - $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . ' - WHERE topic_id = ' . $topic_id; + $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . " + WHERE topic_id = $topic_id"; $db->sql_query($sql); $topic_sql = array( @@ -554,8 +537,8 @@ if ($submit || $preview || $refresh) ); $sql = 'UPDATE ' . TOPICS_TABLE . ' - SET ' . $db->sql_build_array('UPDATE', $topic_sql) . ' - WHERE topic_id = ' . $topic_id; + SET ' . $db->sql_build_array('UPDATE', $topic_sql) . " + WHERE topic_id = $topic_id"; $db->sql_query($sql); $poll_title = $poll_length = $poll_option_text = $poll_max_options = ''; @@ -563,9 +546,9 @@ if ($submit || $preview || $refresh) else { $poll_title = (!empty($_POST['poll_title'])) ? trim($_POST['poll_title']) : ''; - $poll_length = (!empty($_POST['poll_length'])) ? $_POST['poll_length'] : ''; - $poll_option_text = (!empty($_POST['poll_option_text'])) ? $_POST['poll_option_text'] : ''; - $poll_max_options = (!empty($_POST['poll_max_options'])) ? $_POST['poll_max_options'] : 1; + $poll_length = (!empty($_POST['poll_length'])) ? intval($_POST['poll_length']) : 0; + $poll_option_text = (!empty($_POST['poll_option_text'])) ? trim($_POST['poll_option_text']) : ''; + $poll_max_options = (!empty($_POST['poll_max_options'])) ? intval($_POST['poll_max_options']) : 1; } $err_msg = ''; @@ -589,12 +572,12 @@ if ($submit || $preview || $refresh) // Go ahead and pull all data for the remaining posts $sql = 'SELECT u.username, u.user_id, p.* - FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u - WHERE p.topic_id = ' . $topic_id . ' + FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u + WHERE p.topic_id = $topic_id AND p.poster_id = u.user_id - AND p.post_id > ' . $topic_cur_post_id . ' + AND p.post_id > $topic_cur_post_id AND p.post_approved = 1 - ORDER BY p.post_time DESC'; + ORDER BY p.post_time DESC"; $result = $db->sql_query_limit($sql, $config['posts_per_page']); if ($row = $db->sql_fetchrow($result)) @@ -613,10 +596,7 @@ if ($submit || $preview || $refresh) } $post_subject = ($row['post_subject'] != '') ? $row['post_subject'] : ''; - - $message = $row['post_text']; - - $message = (empty($row['enable_smilies']) || empty($config['allow_smilies'])) ? preg_replace('##', '\1', $row['post_text']) : str_replace('' : '') . implode('
', $result); } - if ($mode != 'edit' && !$preview && !$refresh && !$perm['f_ignoreflood']) + if ($mode != 'edit' && !$preview && !$refresh && !$auth->acl_get('f_ignoreflood', $forum_id)) { // Flood check $sql = 'SELECT MAX(post_time) AS last_post_time @@ -685,6 +665,7 @@ if ($submit || $preview || $refresh) include($phpbb_root_path . 'includes/functions_user.' . $phpEx); $ucp = new ucp(); $username = strip_tags(htmlspecialchars($username)); + if (($result = $ucp->validate_username($username)) != false) { $err_msg .= ((!empty($err_msg)) ? '
' : '') . $result; @@ -737,7 +718,7 @@ if ($submit || $preview || $refresh) break; } - if (!$perm['f_' . $auth_option]) + if (!$auth->acl_get('f_' . $auth_option, $forum_id)) { $err_msg .= ((!empty($err_msg)) ? '
' : '') . $user->lang['CANNOT_POST_' . strtoupper($auth_option)]; } @@ -749,11 +730,11 @@ if ($submit || $preview || $refresh) // Lock/Unlock Topic $change_topic_status = $topic_status; - if ($topic_status == ITEM_LOCKED && !$topic_lock && $perm['m_lock']) + if ($topic_status == ITEM_LOCKED && !$topic_lock && $auth->acl_get('m_lock', $forum_id)) { $change_topic_status = ITEM_UNLOCKED; } - else if ($topic_status == ITEM_UNLOCKED && $topic_lock && $perm['m_lock']) + else if ($topic_status == ITEM_UNLOCKED && $topic_lock && $auth->acl_get('m_lock', $forum_id)) { $change_topic_status = ITEM_LOCKED; } @@ -772,11 +753,11 @@ if ($submit || $preview || $refresh) } // Lock/Unlock Post Edit - if ($mode == 'edit' && $post_edit_locked == ITEM_LOCKED && !$post_lock && $perm['m_edit']) + if ($mode == 'edit' && $post_edit_locked == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id)) { $post_edit_locked = ITEM_UNLOCKED; } - else if ($mode == 'edit' && $post_edit_locked == ITEM_UNLOCKED && $post_lock && $perm['m_edit']) + else if ($mode == 'edit' && $post_edit_locked == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id)) { $post_edit_locked = ITEM_LOCKED; } @@ -809,6 +790,7 @@ if ($submit || $preview || $refresh) $post_subject = $topic_title = stripslashes($subject); } +// Preview if (!$err_msg && $preview) { if (empty($censors)) @@ -823,7 +805,6 @@ if (!$err_msg && $preview) $bbcode = new bbcode($message_parser->bbcode_bitfield); $preview_message = format_display($message_parser->message, $enable_html, $enable_bbcode, $message_parser->bbcode_uid, $enable_urls, $enable_smilies, $enable_sig); - $preview_subject = (sizeof($censors)) ? preg_replace($censors['match'], $censors['replace'], $subject) : $subject; // Poll Preview @@ -840,10 +821,23 @@ if (!$err_msg && $preview) foreach ($poll_options as $option) { $template->assign_block_vars('poll_option', array( - 'POLL_OPTION_CAPTION' => format_display(stripslashes($option), $enable_html, $enable_bbcode, $message_parser->bbcode_uid, $enable_urls, $enable_smilies, false, false)) + 'POLL_OPTION_CAPTION' => format_display(stripslashes($option), $enable_html, $enable_bbcode, $message_parser->bbcode_uid, $enable_urls, $enable_smilies, false, false)) ); } } + + // Attachment Preview + if (sizeof($message_parser->attachment_data)) + { + include($phpbb_root_path . 'includes/functions_display.' . $phpEx); + $extensions = $update_count = array(); + + $template->assign_block_vars('postrow', array( + 'S_HAS_ATTACHMENTS' => true) + ); + + display_attachments($message_parser->attachment_data, $update_count, true); + } } // Decode text for message display @@ -863,14 +857,14 @@ if (count($poll_options)) $poll_options = explode("\n", $poll_options_tmp); } -if (($mode == 'quote') && (!$preview) && (!$refresh)) +if ($mode == 'quote' && !$preview && !$refresh) { $post_text = '[quote="' . $quote_username . '"]' . trim($post_text) . "[/quote]\n"; } -if ( (($mode == 'reply') || ($mode == 'quote')) && (!$preview) && (!$refresh)) +if (($mode == 'reply' || $mode == 'quote') && !$preview && !$refresh) { - $post_subject = ( ( !preg_match('/^Re:/', $post_subject) ) ? 'Re: ' : '' ) . $post_subject; + $post_subject = ((!preg_match('/^Re:/', $post_subject)) ? 'Re: ' : '') . $post_subject; } // MAIN POSTING PAGE BEGINS HERE @@ -912,7 +906,7 @@ if ($enable_icons) // Topic type selection ... only for first post in topic. $topic_type_toggle = ''; -if ( ($mode == 'post') || (($mode == 'edit') && ($post_id == $topic_first_post_id)) ) +if ($mode == 'post' || ($mode == 'edit' && $post_id == $topic_first_post_id)) { $topic_types = array( 'sticky' => array('const' => POST_STICKY, 'lang' => 'POST_STICKY'), @@ -922,7 +916,7 @@ if ( ($mode == 'post') || (($mode == 'edit') && ($post_id == $topic_first_post_i foreach ($topic_types as $auth_key => $topic_value) { - if ($perm['f_' . $auth_key]) + if ($auth->acl_get('f_' . $auth_key, $forum_id)) { $topic_type_toggle .= 'data['user_allowhtml'] : 1); -$bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : ((intval($config['allow_bbcode'])) ? !$user->data['user_allowbbcode'] : 1); -$smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : ((intval($config['allow_smilies'])) ? !$user->data['user_allowsmile'] : 1); -$urls_checked = (isset($enable_urls)) ? !$enable_urls : 0; -$sig_checked = $enable_sig; -$notify_checked = (isset($notify)) ? $notify : (($notify_set == -1) ? (($user->data['user_id'] != ANONYMOUS) ? $user->data['user_notify'] : 0) : $notify_set); -$lock_topic_checked = (isset($topic_lock)) ? $topic_lock : (($topic_status == ITEM_LOCKED) ? 1 : 0); -$lock_post_checked = (isset($post_lock)) ? $post_lock : $post_edit_locked; +$html_checked = (isset($enable_html)) ? !$enable_html : ((intval($config['allow_html'])) ? !$user->data['user_allowhtml'] : 1); +$bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : ((intval($config['allow_bbcode'])) ? !$user->data['user_allowbbcode'] : 1); +$smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : ((intval($config['allow_smilies'])) ? !$user->data['user_allowsmile'] : 1); +$urls_checked = (isset($enable_urls)) ? !$enable_urls : 0; +$sig_checked = $enable_sig; +$notify_checked = (isset($notify)) ? $notify : (($notify_set == -1) ? (($user->data['user_id'] != ANONYMOUS) ? $user->data['user_notify'] : 0) : $notify_set); +$lock_topic_checked = (isset($topic_lock)) ? $topic_lock : (($topic_status == ITEM_LOCKED) ? 1 : 0); +$lock_post_checked = (isset($post_lock)) ? $post_lock : $post_edit_locked; // Page title & action URL, include session_id for security purpose -$s_action = "posting.$phpEx?sid=" . $user->session_id . "&mode=$mode&f=" . $forum_id; -$s_action .= ($topic_id) ? '&t=' . $topic_id : ''; -$s_action .= ($post_id) ? '&p=' . $post_id : ''; +$s_action = "posting.$phpEx?sid=" . $user->session_id . "&mode=$mode&f=$forum_id"; +$s_action .= ($topic_id) ? "&t=$topic_id" : ''; +$s_action .= ($post_id) ? "&p=$post_id" : ''; switch ($mode) { @@ -971,11 +965,11 @@ switch ($mode) // Build navigation links $forum_data = array( - 'parent_id' => $parent_id, - 'forum_parents' => $forum_parents, - 'forum_name' => $forum_name, - 'forum_id' => $forum_id, - 'forum_desc' => '' + 'parent_id' => $parent_id, + 'forum_parents' => $forum_parents, + 'forum_name' => $forum_name, + 'forum_id' => $forum_id, + 'forum_desc' => '' ); generate_forum_nav($forum_data); @@ -983,7 +977,7 @@ $s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? ''; $s_hidden_fields .= (isset($check_value)) ? '' : ''; -$form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || @ini_get('file_uploads') == '0' || !$config['allow_attachments'] || !$perm['f_attach']) ? '' : 'enctype="multipart/form-data"'; +$form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || @ini_get('file_uploads') == '0' || !$config['allow_attachments'] || !$auth->acl_get('f_attach', $forum_id)) ? '' : 'enctype="multipart/form-data"'; // Start assigning vars for main posting page ... $template->assign_vars(array( @@ -1010,31 +1004,31 @@ $template->assign_vars(array( 'ERROR_MESSAGE' => $err_msg, 'U_VIEW_FORUM' => "viewforum.$phpEx$SID&f=" . $forum_id, - 'U_VIEWTOPIC' => ($mode != 'post') ? "viewtopic.$phpEx$SID&" . $forum_id . "&t=" . $topic_id : '', - 'U_REVIEW_TOPIC' => ($mode != 'post') ? "posting.$phpEx$SID&mode=topicreview&f=" . $forum_id . "&t=" . $topic_id : '', + 'U_VIEWTOPIC' => ($mode != 'post') ? "viewtopic.$phpEx$SID&$forum_id&t=$topic_id" : '', + 'U_REVIEW_TOPIC' => ($mode != 'post') ? "posting.$phpEx$SID&mode=topicreview&f=$forum_id&t=$topic_id" : '', 'S_DISPLAY_PREVIEW' => ($preview && !$err_msg), 'S_DISPLAY_REVIEW' => ($mode == 'reply' || $mode == 'quote') ? true : false, 'S_DISPLAY_USERNAME' => ($user->data['user_id'] == ANONYMOUS || ($mode == 'edit' && $post_username)) ? true : false, 'S_SHOW_TOPIC_ICONS' => $s_topic_icons, - 'S_DELETE_ALLOWED' => ($mode == 'edit' && ( ($post_id == $topic_last_post_id && $poster_id == $user->data['user_id'] && $perm['u_delete']) || ($perm['m_delete']))) ? true : false, + 'S_DELETE_ALLOWED' => ($mode == 'edit' && (($post_id == $topic_last_post_id && $poster_id == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))) ? true : false, 'S_HTML_ALLOWED' => $html_status, 'S_HTML_CHECKED' => ($html_checked) ? 'checked="checked"' : '', 'S_BBCODE_ALLOWED' => $bbcode_status, 'S_BBCODE_CHECKED' => ($bbcode_checked) ? 'checked="checked"' : '', 'S_SMILIES_ALLOWED' => $smilies_status, 'S_SMILIES_CHECKED' => ($smilies_checked) ? 'checked="checked"' : '', - 'S_SIG_ALLOWED' => ( ($perm['f_sigs']) && ($config['allow_sig']) ) ? true : false, + 'S_SIG_ALLOWED' => ($auth->acl_get('f_sigs', $forum_id) && $config['allow_sig']) ? true : false, 'S_SIGNATURE_CHECKED' => ($sig_checked) ? 'checked="checked"' : '', 'S_NOTIFY_ALLOWED' => ($user->data['user_id'] != ANONYMOUS) ? true : false, 'S_NOTIFY_CHECKED' => ($notify_checked) ? 'checked="checked"' : '', - 'S_LOCK_TOPIC_ALLOWED' => ( ($mode == 'edit' || $mode == 'reply' || $mode == 'quote') && ($perm['m_lock']) ) ? true : false, + 'S_LOCK_TOPIC_ALLOWED' => (($mode == 'edit' || $mode == 'reply' || $mode == 'quote') && $auth->acl_get('m_lock', $forum_id)) ? true : false, 'S_LOCK_TOPIC_CHECKED' => ($lock_topic_checked) ? 'checked="checked"' : '', - 'S_LOCK_POST_ALLOWED' => (($mode == 'edit') && ($perm['m_edit'])) ? true : false, + 'S_LOCK_POST_ALLOWED' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false, 'S_LOCK_POST_CHECKED' => ($lock_post_checked) ? 'checked="checked"' : '', 'S_MAGIC_URL_CHECKED' => ($urls_checked) ? 'checked="checked"' : '', 'S_TYPE_TOGGLE' => $topic_type_toggle, - 'S_SAVE_ALLOWED' => ($perm['f_save']) ? true : false, + 'S_SAVE_ALLOWED' => ($auth->acl_get('f_save', $forum_id)) ? true : false, 'S_FORM_ENCTYPE' => $form_enctype, 'S_POST_ACTION' => $s_action, @@ -1042,32 +1036,32 @@ $template->assign_vars(array( ); // Poll entry -if ( ( ($mode == 'post') || ( ($mode == 'edit') && ($post_id == $topic_first_post_id) && (empty($poll_last_vote)) )) && ( ($auth->acl_get('f_poll', $forum_id)) || ($perm['m_edit']) )) +if (($mode == 'post' || ($mode == 'edit' && $post_id == $topic_first_post_id && empty($poll_last_vote))) && ($auth->acl_get('f_poll', $forum_id) || $auth->acl_get('m_edit', $forum_id))) { $template->assign_vars(array( - 'S_SHOW_POLL_BOX' => true, - 'S_POLL_DELETE' => ($mode == 'edit' && !empty($poll_options) && ((empty($poll_last_vote) && $poster_id == $user->data['user_id'] && $perm['u_delete']) || $perm['m_delete'])) ? true : false, + 'S_SHOW_POLL_BOX' => true, + 'S_POLL_DELETE' => ($mode == 'edit' && !empty($poll_options) && ((empty($poll_last_vote) && $poster_id == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))) ? true : false, 'L_POLL_OPTIONS_EXPLAIN'=> sprintf($user->lang['POLL_OPTIONS_EXPLAIN'], $config['max_poll_options']), - 'POLL_TITLE' => $poll_title, - 'POLL_OPTIONS' => (!empty($poll_options)) ? implode("\n", $poll_options) : '', - 'POLL_MAX_OPTIONS' => (!empty($poll_max_options)) ? $poll_max_options : 1, - 'POLL_LENGTH' => $poll_length) + 'POLL_TITLE' => $poll_title, + 'POLL_OPTIONS' => (!empty($poll_options)) ? implode("\n", $poll_options) : '', + 'POLL_MAX_OPTIONS' => (!empty($poll_max_options)) ? $poll_max_options : 1, + 'POLL_LENGTH' => $poll_length) ); } // Attachment entry -if (($perm['f_attach']) || ($perm['m_edit'])) +if ($auth->acl_get('f_attach', $forum_id) || $auth->acl_get('m_edit', $forum_id)) { $template->assign_vars(array( - 'S_SHOW_ATTACH_BOX' => true) + 'S_SHOW_ATTACH_BOX' => true) ); if (count($message_parser->attachment_data)) { $template->assign_vars(array( - 'S_HAS_ATTACHMENTS' => true) + 'S_HAS_ATTACHMENTS' => true) ); $count = 0; @@ -1081,17 +1075,17 @@ if (($perm['f_attach']) || ($perm['m_edit'])) $hidden .= ''; } - $download_link = ($attach_row['attach_id'] == '-1') ? $config['upload_dir'] . '/' . $attach_row['physical_filename'] : $phpbb_root_path . 'download.' . $phpEx . $SID . '&id=' . intval($attach_row['attach_id']); + $download_link = ($attach_row['attach_id'] == '-1') ? $config['upload_dir'] . '/' . $attach_row['physical_filename'] : $phpbb_root_path . "download.$phpEx$SID&id=" . intval($attach_row['attach_id']); $template->assign_block_vars('attach_row', array( - 'FILENAME' => $attach_row['real_filename'], - 'ATTACH_FILENAME' => $attach_row['physical_filename'], - 'FILE_COMMENT' => stripslashes(htmlspecialchars($attach_row['comment'])), - 'ATTACH_ID' => $attach_row['attach_id'], - 'ASSOC_INDEX' => $count, + 'FILENAME' => $attach_row['real_filename'], + 'ATTACH_FILENAME' => $attach_row['physical_filename'], + 'FILE_COMMENT' => stripslashes(htmlspecialchars($attach_row['comment'])), + 'ATTACH_ID' => $attach_row['attach_id'], + 'ASSOC_INDEX' => $count, 'U_VIEW_ATTACHMENT' => $download_link, - 'S_HIDDEN' => $hidden) + 'S_HIDDEN' => $hidden) ); $count++; @@ -1099,9 +1093,9 @@ if (($perm['f_attach']) || ($perm['m_edit'])) } $template->assign_vars(array( - 'FILE_COMMENT' => stripslashes(htmlspecialchars($message_parser->filename_data['filecomment'])), - 'FILESIZE' => $config['max_filesize'], - 'FILENAME' => $message_parser->filename_data['filename']) + 'FILE_COMMENT' => stripslashes(htmlspecialchars($message_parser->filename_data['filecomment'])), + 'FILESIZE' => $config['max_filesize'], + 'FILENAME' => $message_parser->filename_data['filename']) ); } @@ -1149,8 +1143,8 @@ function topic_review($topic_id, $is_inline_review = false) } // Get topic info ... - $sql = "SELECT t.topic_title, f.forum_id - FROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f + $sql = 'SELECT t.topic_title, f.forum_id + FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f WHERE t.topic_id = $topic_id AND f.forum_id = t.forum_id"; $result = $db->sql_query($sql); @@ -1220,10 +1214,7 @@ function topic_review($topic_id, $is_inline_review = false) } $post_subject = ($row['post_subject'] != '') ? $row['post_subject'] : ''; - - $message = $row['post_text']; - - $message = (empty($row['enable_smilies']) || empty($config['allow_smilies'])) ? preg_replace('##', '\1', $row['post_text']) : str_replace(' {PREVIEW_MESSAGE} + + + diff --git a/phpBB/templates/subSilver/viewtopic_attach_body.html b/phpBB/templates/subSilver/viewtopic_attach_body.html index c2c8ec0298..505c0f393f 100644 --- a/phpBB/templates/subSilver/viewtopic_attach_body.html +++ b/phpBB/templates/subSilver/viewtopic_attach_body.html @@ -23,12 +23,12 @@ {postrow.attachment.COMMENT}
- + - +
diff --git a/phpBB/templates/subSilver/viewtopic_body.html b/phpBB/templates/subSilver/viewtopic_body.html index 5632c4c658..457226481d 100644 --- a/phpBB/templates/subSilver/viewtopic_body.html +++ b/phpBB/templates/subSilver/viewtopic_body.html @@ -149,6 +149,7 @@ {postrow.MESSAGE} +

{L_DOWNLOAD_NOTICE}
_________________
{postrow.SIGNATURE} {postrow.EDITED_MESSAGE} diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index f9b25b6e8c..67912fbe91 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -635,6 +635,7 @@ if (!$row = $db->sql_fetchrow($result)) // and the global bbcode_bitfield are built do { + $display_notice = FALSE; $poster_id = $row['poster_id']; $poster = ($poster_id == ANONYMOUS) ? ((!empty($row['post_username'])) ? $row['post_username'] : $user->lang['GUEST']) : $row['username']; @@ -649,6 +650,24 @@ do continue; } + // Does post have an attachment? If so, add it to the list + if ($row['post_attachment'] && $config['allow_attachments']) + { + if ($auth->acl_get('f_download', $forum_id)) + { + $attach_list[] = $row['post_id']; + + if ($row['post_approved']) + { + $has_attachments = TRUE; + } + } + else + { + $display_notice = TRUE; + } + } + $rowset[] = array( 'post_id' => $row['post_id'], 'post_time' => $row['post_time'], @@ -668,21 +687,11 @@ do 'bbcode_bitfield' => $row['bbcode_bitfield'], 'enable_html' => $row['enable_html'], 'enable_smilies' => $row['enable_smilies'], - 'enable_sig' => $row['enable_sig'] + 'enable_sig' => $row['enable_sig'], + 'display_notice' => $display_notice ); - // Does post have an attachment? If so, add it to the list - if ($row['post_attachment'] && $config['allow_attachments'] && $auth->acl_get('f_download', $forum_id)) - { - $attach_list[] = $row['post_id']; - - if ($row['post_approved']) - { - $has_attachments = TRUE; - } - } - - + // Define the global bbcode bitfield, will be used to load bbcodes $bbcode_bitfield |= $row['bbcode_bitfield']; @@ -815,6 +824,8 @@ $db->sql_freeresult($result); // Pull attachment data if (count($attach_list)) { + include($phpbb_root_path . 'includes/functions_display.' . $phpEx); + $sql = 'SELECT a.post_id, d.* FROM ' . ATTACHMENTS_TABLE . ' a, ' . ATTACHMENTS_DESC_TABLE . ' d WHERE a.post_id IN (' . implode(', ', $attach_list) . ') @@ -1045,200 +1056,14 @@ foreach ($rowset as $key => $row) 'S_ROW_COUNT' => $i++, 'S_HAS_ATTACHMENTS' => (!empty($attachments[$row['post_id']])) ? TRUE : FALSE, 'S_POST_UNAPPROVED' => ($row['post_approved']) ? FALSE : TRUE, - 'S_POST_REPORTED' => ($row['post_reported'] && $auth->acl_get('m_', $forum_id)) ? TRUE : FALSE) + 'S_POST_REPORTED' => ($row['post_reported'] && $auth->acl_get('m_', $forum_id)) ? TRUE : FALSE, + 'S_DISPLAY_NOTICE' => $row['display_notice']) ); // Process Attachments for this post if (sizeof($attachments[$row['post_id']])) { - foreach ($attachments[$row['post_id']] as $attachment) - { - // Some basics... - $attachment['extension'] = strtolower(trim($attachment['extension'])); - $filename = $config['upload_dir'] . '/' . $attachment['physical_filename']; - $thumbnail_filename = $config['upload_dir'] . '/thumbs/t_' . $attachment['physical_filename']; - - $upload_image = ''; - - if (($user->img('icon_attach', '') != '') && (trim($extensions[$attachment['extension']]['upload_icon']) == '')) - { - $upload_image = $user->img('icon_attach', ''); - } - else if (trim($extensions[$attachment['extension']]['upload_icon']) != '') - { - $upload_image = ''; - } - - $filesize = $attachment['filesize']; - $size_lang = ($filesize >= 1048576) ? $user->lang['MB'] : ( ($filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] ); - - if ($filesize >= 1048576) - { - $filesize = (round((round($filesize / 1048576 * 100) / 100), 2)); - } - else if ($filesize >= 1024) - { - $filesize = (round((round($filesize / 1024 * 100) / 100), 2)); - } - - $display_name = $attachment['real_filename']; - $comment = stripslashes(trim(str_replace("\n", '
', $attachment['comment']))); - - $denied = false; - - if ((!in_array($attachment['extension'], $extensions['_allowed_']))) - { - $denied = true; - - $template->assign_block_vars('postrow.attachment', array( - 'IS_DENIED' => true, - - 'L_DENIED' => sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension'])) - ); - } - - if (!$denied) - { - $l_downloaded_viewed = ''; - $download_link = ''; - $additional_array = array(); - - $display_cat = $extensions[$attachment['extension']]['display_cat']; - - if ($display_cat == IMAGE_CAT) - { - if ($attachment['thumbnail']) - { - $display_cat = THUMB_CAT; - } - else - { - $display_cat = NONE_CAT; - - if ($config['img_display_inlined']) - { - if ($config['img_link_width'] || $config['img_link_height']) - { - list($width, $height) = image_getdimension($filename); - - $display_cat = (!$width && !$height) ? IMAGE_CAT : (($width <= $config['img_link_width'] && $height <=$config['img_link_height']) ? IMAGE_CAT : NONE_CAT); - } - } - else - { - $display_cat = IMAGE_CAT; - } - } - } - - switch ($display_cat) - { - case IMAGE_CAT: - // Images - // NOTE: If you want to use the download.php everytime an image is displayed inlined, use this line: - // $img_source = $phpbb_root_path . 'download.' . $phpEx . $SID . '&id=' . $attachment['attach_id']; - if (!empty($config['ftp_upload']) && trim($config['upload_dir']) == '') - { - $img_source = $phpbb_root_path . "download.$phpEx$SID&id=" . $attachment['attach_id']; - } - else - { - $img_source = $filename; - $update_count[] = $attachment['attach_id']; - } - - $l_downloaded_viewed = $user->lang['VIEWED']; - $download_link = $img_source; - break; - - case THUMB_CAT: - // Images, but display Thumbnail - // NOTE: If you want to use the download.php everytime an thumnmail is displayed inlined, use this line: - // $thumb_source = $phpbb_root_path . 'download.' . $phpEx . $SID . '&id=' . $attachment['attach_id'] . '&thumb=1'; - if (!empty($config['use_ftp_upload']) && trim($config['upload_dir']) == '') - { - $thumb_source = $phpbb_root_path . "download.$phpEx$SID&id=" . $attachment['attach_id'] . '&thumb=1'; - } - else - { - $thumb_source = $thumbnail_filename; - } - - $l_downloaded_viewed = $user->lang['VIEWED']; - $download_link = $phpbb_root_path . "download.$phpEx$SID&id=" . $attachment['attach_id']; - - $additional_array = array( - 'THUMB_IMG' => $thumb_source - ); - break; - - case WM_CAT: - // Windows Media Streams - $l_downloaded_viewed = $user->lang['VIEWED']; - $download_link = $filename; - - // Viewed/Heared File ... update the download count (download.php is not called here) - $update_count[] = $attachment['attach_id']; - break; - - case RM_CAT: - // Real Media Streams - $l_downloaded_viewed = $user->lang['VIEWED']; - $download_link = $filename; - - $additional_array = array( - 'FORUM_URL' => generate_board_url(), // should be U_FORUM or similar - 'ATTACH_ID' => $attachment['attach_id'] - ); - - // Viewed/Heared File ... update the download count (download.php is not called here) - $update_count[] = $attachment['attach_id']; - break; -/* - case SWF_CAT: - // Macromedia Flash Files - list($width, $height) = swf_getdimension($filename); - - $l_downloaded_viewed = $user->lang['VIEWED']; - $download_link = $filename; - - $additional_array = array( - 'WIDTH' => $width, - 'HEIGHT' => $height - ); - - // Viewed/Heared File ... update the download count (download.php is not called here) - $update_count[] = $attachment['attach_id']; - break; -*/ - default: - $l_downloaded_viewed = $user->lang['DOWNLOADED']; - $download_link = $phpbb_root_path . 'download.' . $phpEx . $SID . '&id=' . $attachment['attach_id']; - break; - } - - $template_array = array_merge($additional_array, array( -// 'IS_FLASH' => ($display_cat == SWF_CAT) ? true : false, - 'IS_WM_STREAM' => ($display_cat == WM_CAT) ? true : false, - 'IS_RM_STREAM' => ($display_cat == RM_CAT) ? true : false, - 'IS_THUMBNAIL' => ($display_cat == THUMB_CAT) ? true : false, - 'IS_IMAGE' => ($display_cat == IMAGE_CAT) ? true : false, - 'DOWNLOAD_NAME' => $display_name, - 'FILESIZE' => $filesize, - 'SIZE_VAR' => $size_lang, - 'COMMENT' => $comment, - - 'U_DOWNLOAD_LINK' => $download_link, - - 'UPLOAD_IMG' => $upload_image, - - 'L_DOWNLOADED_VIEWED' => $l_downloaded_viewed, - 'L_DOWNLOAD_COUNT' => sprintf($user->lang['DOWNLOAD_NUMBER'], $attachment['download_count'])) - ); - - $template->assign_block_vars('postrow.attachment', $template_array); - } - } + display_attachments($attachments[$row['post_id']], $update_count); } unset($rowset[$key]);