diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index b1a6a794cc..b7c1028db4 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -440,6 +440,38 @@ function make_clickable($text) return($ret); } +/** + * Nathan Codding - Feb 6, 2001 + * Reverses the effects of make_clickable(), for use in editpost. + * - Does not distinguish between "www.xxxx.yyyy" and "http://aaaa.bbbb" type URLs. + * + */ + +function undo_make_clickable($text) { + + $text = preg_replace("#.*?#i", "\\1", $text); + $text = preg_replace("#.*?#i", "\\1", $text); + + return $text; + +} + + + +/** + * Nathan Codding - August 24, 2000. + * Takes a string, and does the reverse of the PHP standard function + * htmlspecialchars(). + */ +function undo_htmlspecialchars($input) { + $input = preg_replace("/>/i", ">", $input); + $input = preg_replace("/</i", "<", $input); + $input = preg_replace("/"/i", "\"", $input); + $input = preg_replace("/&/i", "&", $input); + + return $input; +} + /** diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 0957ed8d9e..3f0e70e4ba 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -68,6 +68,7 @@ define(LOGIN_FAILED, 7); define(POST_TOPIC_URL, 't'); define(POST_FORUM_URL, 'f'); define(POST_USERS_URL, 'u'); +define(POST_POST_URL, 'p'); // Session parameters define(SESSION_METHOD_COOKIE, 100); diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 9106c2c5ec..08cc9ed8f2 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -271,6 +271,14 @@ function create_date($format, $gmepoch, $tz) return (gmdate($format, $gmepoch + (3600 * $tz))); } +// +// Create a GMT timestamp +// +function get_gmt_ts() +{ + return(gmmktime(gmdate("H, i, s, m, d, Y"))); +} + // // Pagination routine, generates // page number sequence diff --git a/phpBB/language/lang_english.php b/phpBB/language/lang_english.php index 50bac6ca26..09dcb0cf29 100755 --- a/phpBB/language/lang_english.php +++ b/phpBB/language/lang_english.php @@ -146,7 +146,7 @@ $l_viewingprofile = "Viewing profile of "; $l_hidden = "hidden"; $l_boardtemplate = "Select Template"; $l_date_format = "Date format"; -$l_date_format_explanation = "Only change this if you know what you are doing!"; +$l_date_format_explanation = "Only change this if you know what you are doing! (Sintax is identical to PHP date() function)"; $l_password_if_changed = "You only need to supply a password if you want to change it."; $l_password_confirm_if_changed = "You only need to confirm your password if you changed it above."; @@ -300,9 +300,9 @@ $l_editprefs = "Edit Your $l_preferences"; $l_themecookie = "NOTE: In order to use themes you MUST have cookies enabled."; $l_alwayssig = "Always attach my signature"; $l_alwaysdisable= "Always disable"; // Only used for next three strings -$l_alwayssmile = "Always allow $l_smilies"; -$l_alwayshtml = "Always allow $l_html"; -$l_alwaysbbcode = "Always allow $l_bbcode"; +$l_alwayssmile = "Always disable $l_smilies"; +$l_alwayshtml = "Always disable $l_html"; +$l_alwaysbbcode = "Always disable $l_bbcode"; $l_boardtheme = "Board Theme"; $l_boardlang = "Board Language"; $l_nothemes = "No Themes In database"; @@ -337,6 +337,8 @@ $l_viewing_faq = "Viewing the board FAQ"; // Editpost +$l_editpost = "Edit Post"; +$l_editpostin = "Editing post in:"; $l_notedit = "You can't edit a post that isn't yours."; $l_permdeny = "You did not supply the correct $l_password or do not have permission to edit this post. $l_tryagain"; $l_editedby = "This $l_message was edited by:"; @@ -359,6 +361,7 @@ $l_notify = "Notify by email when replies are posted"; $l_postnew = "Post New Topic"; $l_postnewin = "Post New Topic in:"; $l_emptymsg = "You must type a $l_message to post. You cannot post an empty $l_message."; +$l_emptysubj = "You must enter a $l_subject to post a new topic. You cannot post a new topic without a subject."; $l_aboutpost = "About Posting"; $l_regusers = "All Registered users"; $l_anonusers = "Anonymous users"; @@ -369,6 +372,7 @@ $l_attachsig = "Show signature (This can be altered or added in your profile)"; $l_cancelpost = "Cancel Post"; $l_preview = "Preview Post"; // Reply +$l_postreplyto = "Post reply in:"; $l_nopostlock = "You cannot post a reply to this topic, it has been locked."; $l_topicreview = "Topic Review"; $l_notifysubj = "A reply to your topic has been posted."; diff --git a/phpBB/posting.php b/phpBB/posting.php index 811a75aedc..a74783ed08 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -85,11 +85,27 @@ function prepare_message($message, $html_on, $bbocde_on, $smile_on, $bbcode_uid // Put AUTH code here // +$error = FALSE; -switch($mode) +// +// Prepare our message and subject on a 'submit' +// +if(isset($HTTP_POST_VARS['submit'])) { - case 'newtopic': - if(isset($HTTP_POST_VARS['submit'])) + $subject = trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['subject']))); + if($mode == 'newtopic' && empty($subject)) + { + $error = TRUE; + if(isset($error_msg)) + { + $error_msg .= "
"; + } + $error_msg .= $l_emptysubj; + } + + if(!empty($HTTP_POST_VARS['message'])) + { + if(!$error) { if(isset($HTTP_POST_VARS['disable_html']) || !$board_config['allow_html']) { @@ -109,7 +125,7 @@ switch($mode) $uid = make_bbcode_uid(); $bbocde_on = TRUE; } - + if(isset($HTTP_POST_VARS['disable_smile'])) { $smile_on = FALSE; @@ -120,13 +136,38 @@ switch($mode) } $message = prepare_message($HTTP_POST_VARS['message'], $html_on, $bbocde_on, $smile_on, $uid); - + if(isset($HTTP_POST_VARS['attach_sig']) && !empty($userdata['user_sig'])) { $message .= "[addsig]"; } - $subject = trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['subject']))); - $topic_time = gmmktime(gmdate("h, i, s, m, d, Y")); + } + else + { + // do stripslashes incase magic_quotes is on. + $message = stripslashes($HTTP_POST_VARS['message']); + } + } + else + { + $error = TRUE; + if(isset($error_msg)) + { + $error_msg .= "
"; + } + $error_msg .= $l_emptymsg; + } +} + +switch($mode) +{ + case 'newtopic': + $page_title = " $l_postnew"; + $section_title = $l_postnewin; + + if(isset($HTTP_POST_VARS['submit']) && !$error) + { + $topic_time = get_gmt_ts(); $topic_notify = ($HTTP_POST_VARS['notify']) ? $HTTP_POST_VARS['notify'] : 0; $sql = "INSERT INTO ".TOPICS_TABLE." (topic_title, topic_poster, topic_time, forum_id, topic_notify, topic_status) VALUES ('$subject', ".$userdata['user_id'].", ".$topic_time.", $forum_id, $topic_notify, ".UNLOCKED.")"; @@ -149,6 +190,12 @@ switch($mode) $sql = "UPDATE ".FORUMS_TABLE." SET forum_last_post_id = $new_post_id, forum_posts = forum_posts + 1, forum_topics = forum_topics + 1 WHERE forum_id = $forum_id"; if($db->sql_query($sql)) { + if($userdata['user_id'] != ANONYMOUS) + { + $sql = "UPDATE ".USERS_TABLE." SET user_posts = user_posts + 1 WHERE user_id = ".$userdata['user_id']; + $db->sql_query($sql); + } + include('includes/page_header.'.$phpEx); // If we get here the post has been inserted successfully. $msg = "$l_stored
$l_click $l_here @@ -220,23 +267,216 @@ switch($mode) error_die(QUERY_ERROR); } } - - - } else if(isset($HTTP_POST_VARS['preview'])) { } + + break; + case 'reply': + $page_title = " $l_reply"; + $section_title = $l_postreplyto; + + if(isset($HTTP_POST_VARS['submit']) && !$error) + { + $new_topic_id = $HTTP_POST_VARS[POST_TOPIC_URL]; + $topic_time = get_gmt_ts(); + + $sql = "INSERT INTO ".POSTS_TABLE." (topic_id, forum_id, poster_id, post_time, poster_ip, bbcode_uid) + VALUES ($new_topic_id, $forum_id, ".$userdata['user_id'].", $topic_time, '".encode_ip($user_ip)."', '$uid')"; + + if($db->sql_query($sql)) + { + $new_post_id = $db->sql_nextid(); + $sql = "INSERT INTO ".POSTS_TEXT_TABLE." VALUES ($new_post_id, '".$message."')"; + if($db->sql_query($sql)) + { + $sql = "UPDATE ".TOPICS_TABLE." SET topic_last_post_id = $new_post_id, topic_replies = topic_replies + 1 WHERE topic_id = $new_topic_id"; + if($db->sql_query($sql)) + { + $sql = "UPDATE ".FORUMS_TABLE." SET forum_last_post_id = $new_post_id, forum_posts = forum_posts + 1 WHERE forum_id = $forum_id"; + if($db->sql_query($sql)) + { + if($userdata['user_id'] != ANONYMOUS) + { + + $sql = "UPDATE ".USERS_TABLE." SET user_posts = user_posts + 1 WHERE user_id = ".$userdata['user_id']; + $db->sql_query($sql); + } + include('includes/page_header.'.$phpEx); + // If we get here the post has been inserted successfully. + $msg = "$l_stored
$l_click $l_here + $l_viewmsg
$l_click $l_here $l_returntopic"; + + $template->set_filenames(array( + "reg_header" => "error_body.tpl" + )); + $template->assign_vars(array( + "ERROR_MESSAGE" => $msg + )); + $template->pparse("reg_header"); + + include('includes/page_tail.'.$phpEx); + } + else + { + error_die(QUERY_ERROR); + } + } + else + { + if(DEBUG) + { + $error = $db->sql_error(); + error_die(QUERY_ERROR, "Error updating topics table.
Reason: ".$error['message']."
Query: $sql", __LINE__, __FILE__); + } + else + { + error_die(QUERY_ERROR); + } + } + } + else + { + if(DEBUG) + { + $error = $db->sql_error(); + error_die(QUERY_ERROR, "Error inserting data into posts text table.
Reason: ".$error['message']."
Query: $sql", __LINE__, __FILE__); + } + else + { + error_die(QUERY_ERROR); + } + } + } + else + { + if(DEBUG) + { + $error = $db->sql_error(); + error_die(QUERY_ERROR, "Error inserting data into posts table.
Reason: ".$error['message']."
Query: $sql", __LINE__, __FILE__); + } + else + { + error_die(QUERY_ERROR); + } + } + } + break; + case 'editpost': + $page_title = " $l_editpost"; + $section_title = $l_editpostin; + if(isset($HTTP_POST_VARS['submit']) && !$error) + { + if(isset($HTTP_POST_VARS['delete_post'])) + { + + + } + else + { + + + + } + } + else + { + $post_id = ($HTTP_GET_VARS[POST_POST_URL]) ? $HTTP_GET_VARS[POST_POST_URL] : $HTTP_POST_VARS[POST_POST_URL]; + if(!empty($post_id)) + { + + $sql = "SELECT p.*, pt.post_text, u.username, u.user_id, u.user_sig, t.topic_title, t.topic_notify + FROM ".POSTS_TABLE." p, ".USERS_TABLE." u, ".TOPICS_TABLE." t, ".POSTS_TEXT_TABLE." pt + WHERE (p.post_id = '$post_id') + AND pt.post_id = p.post_id + AND (p.topic_id = t.topic_id) + AND (p.poster_id = u.user_id)"; + + if($result = $db->sql_query($sql)) + { + $postrow = $db->sql_fetchrowset($result); + $message = stripslashes($postrow[0]['post_text']); + $message = eregi_replace("\[addsig]$", "\n_________________\n" . stripslashes($postrow[0]['user_sig']), $message); + $message = str_replace("
", "\n", $message); + + // These have not been implemented yet! + /* + $message = bbdecode($message); + $message = desmile($message); + */ + + $message = undo_htmlspecialchars($message); + + // Special handling for tags in the message, which can break the editing form.. + $message = preg_replace('##si', '</TEXTAREA>', $message); + + // is_first_post needs functionality! + if($postrow[0]['topic_notify'] && $is_first_post) + { + $notify = TRUE; + } + + if($is_first_post) + { + $subject = stripslashes($postrow[0]['topic_title']); + } + } + else + { + if(DEBUG) + { + $error = $db->error(); + error_die(QUERY_ERROR, "Error get post information.
Reason: ".$error['message']."
Query: $sql", __LINE__, __FILE__); + } + else + { + error_die(QUERY_ERROR); + } + } + } + else + { + error_die(GENERAL_ERROR, "Sorry, no there is no such post"); + } + } + break; +} // end switch + + + + + +include('includes/page_header.'.$phpEx); + +// +// Start: Error handling +// +if($error) +{ + $template->set_filenames(array( + "reg_header" => "error_body.tpl" + )); + $template->assign_vars(array( + "ERROR_MESSAGE" => $error_msg + )); + $template->pparse("reg_header"); +} +// +// End: error handling +// + +// +// Show the same form for each mode. +// if(!isset($HTTP_GET_VARS[POST_FORUM_URL]) && !isset($HTTP_POST_VARS[POST_FORUM_URL])) { error_die(GENERAL_ERROR, "Sorry, no there is no such forum"); } - $pagetype = "newtopic"; - $page_title = " $l_postnew"; - + $sql = "SELECT forum_name, forum_access FROM ".FORUMS_TABLE." WHERE forum_id = $forum_id"; @@ -261,8 +501,6 @@ switch($mode) $about_posting = "$l_modusers $l_inthisforum"; } - include('includes/page_header.'.$phpEx); - $template->set_filenames(array( "body" => "posting_body.tpl", "jumpbox" => "jumpbox.tpl") @@ -273,14 +511,17 @@ switch($mode) "SELECT_NAME" => POST_FORUM_URL) ); $template->assign_var_from_handle("JUMPBOX", "jumpbox"); + + $template->assign_vars(array( - "L_POSTNEWIN" => $l_postnewin, + "L_POSTNEWIN" => $section_title, "FORUM_ID" => $forum_id, "FORUM_NAME" => $forum_name, "U_VIEW_FORUM" => append_sid("viewforum.$phpEx?".POST_FORUM_URL."=$forum_id")) ); + if($userdata['session_logged_in']) { $username_input = $userdata["username"]; @@ -301,7 +542,7 @@ switch($mode) { $html_status = $l_htmlis . " " . $l_on; $html_toggle = '"; + if($mode == 'reply' || $mode == 'editpost') + { + $topic_id = ($HTTP_GET_VARS[POST_TOPIC_URL]) ? $HTTP_GET_VARS[POST_TOPIC_URL] : $HTTP_POST_VARS[POST_TOPIC_URL]; + } + $hidden_form_fields = ""; $template->assign_vars(array( "L_ABOUT_POST" => $l_aboutpost, @@ -376,14 +627,4 @@ switch($mode) ); $template->pparse("body"); include('includes/page_tail.'.$phpEx); - break; - case 'reply': - - break; - case 'editpost': - - break; -} - - -?> +?> \ No newline at end of file diff --git a/phpBB/templates/Default/viewtopic_body.tpl b/phpBB/templates/Default/viewtopic_body.tpl index b75965fc6e..a4739c459c 100644 --- a/phpBB/templates/Default/viewtopic_body.tpl +++ b/phpBB/templates/Default/viewtopic_body.tpl @@ -63,7 +63,8 @@ - + + {postrow.POSTER_NAME}
{postrow.POSTER_RANK}
{postrow.RANK_IMAGE}
@@ -72,7 +73,7 @@ {L_JOINED}: {postrow.POSTER_JOINED}
{L_POSTS}: {postrow.POSTER_POSTS}
{postrow.POSTER_FROM} - {postrow.L_POSTED}: {postrow.POST_DATE}
+ {L_POSTED}: {postrow.POST_DATE}
{postrow.MESSAGE}
{postrow.PROFILE_IMG} {postrow.EMAIL_IMG} {postrow.WWW_IMG} {postrow.ICQ_STATUS_IMG} {postrow.ICQ_ADD_IMG} {postrow.AIM_IMG} {postrow.YIM_IMG} {postrow.MSN_IMG}  {postrow.EDIT_IMG} {postrow.QUOTE_IMG} {postrow.PMSG_IMG}  {postrow.IP_IMG} {postrow.DELPOST_IMG} diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index 2e68fc30ff..b8cd3ea7f4 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -172,7 +172,7 @@ $sql = "SELECT t.*, u.username, u.user_id, u2.username as user2, u2.user_id as i AND p.post_id = t.topic_last_post_id AND p.poster_id = u2.user_id $limit_posts_time - ORDER BY topic_time DESC + ORDER BY p.post_time DESC LIMIT $start, ".$board_config['topics_per_page']; if(!$t_result = $db->sql_query($sql)) { diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index ed03bc4820..3818e2d6b0 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -183,7 +183,16 @@ for($x = 0; $x < $total_rows; $x++) // Set the body template // $template->set_filenames(array( - "body" => "viewtopic_body.tpl")); + "body" => "viewtopic_body.tpl", + "jumpbox" => "jumpbox.tpl") +); +$jumpbox = make_jumpbox(); +$template->assign_vars(array( + "JUMPBOX_LIST" => $jumpbox, + "S_JUMPBOX_ACTION" => append_sid("viewforum.".$phpEx), + "SELECT_NAME" => POST_FORUM_URL) +); +$template->assign_var_from_handle("JUMPBOX", "jumpbox"); $total_replies = $forum_row[0]['topic_replies'] + 1; @@ -222,11 +231,12 @@ $ranksrow = $db->sql_fetchrowset($ranksresult); // templating vars // $new_topic_url = append_sid("posting.".$phpEx."?mode=newtopic&".POST_FORUM_URL."=$forum_id"); -$reply_topic_url = append_sid("posting.".$phpEx."?mode=reply&".POST_TOPIC_URL."=$topic_id"); +$reply_topic_url = append_sid("posting.".$phpEx."?mode=reply&".POST_TOPIC_URL."=$topic_id&".POST_FORUM_URL."=$forum_id"); $view_forum_url = append_sid("viewforum.".$phpEx."?".POST_FORUM_URL."=$forum_id"); $view_older_topic_url = append_sid("viewtopic.".$phpEx."?".POST_TOPIC_URL."=".$topic_id."&".POST_FORUM_URL."=$forum_id&view=newer"); $view_newer_topic_url = append_sid("viewtopic.".$phpEx."?".POST_TOPIC_URL."=".$topic_id."&".POST_FORUM_URL."=$forum_id&view=older"); $template->assign_vars(array( + "L_POSTED" => $l_posted, "U_POST_NEW_TOPIC" => $new_topic_url, "FORUM_NAME" => $forum_name, "TOPIC_TITLE" => $topic_title, @@ -301,7 +311,7 @@ for($x = 0; $x < $total_posts; $x++) $msn_img = ($postrow[$x]['user_msnm']) ? "" : ""; $yim_img = ($postrow[$x]['user_yim']) ? "" : ""; - $edit_img = "\"$l_editdelete\""; + $edit_img = "\"$l_editdelete\""; $quote_img = "\"$l_replyquote\""; $pmsg_img = "\"$l_sendpmsg\""; @@ -369,8 +379,7 @@ for($x = 0; $x < $total_posts; $x++) "PMSG_IMG" => $pmsg_img, "IP_IMG" => $ip_img, "DELPOST_IMG" => $delpost_img, - - "U_POST_ID" => "#".$postrow[$x]['post_id'])); + "U_POST_ID" => $postrow[$x]['post_id'])); } if($total_replies > $board_config['posts_per_page'])