search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Reduced the gfh2 background image contrast a bit since it was hard to read text with it.
[specialops2.git] / post.php
blob9ead0bb6339065653084b1e1001d49750eda0ef6
1 <?php
2 // $Id$
3
4 $prefetch = array('`points`', '`sig`');
5 require 'con.php';
6 $page->title = 'Post Message';
7
8 define('MSG_MIN_LENGTH', 1);
9 define('MSG_MAX_LENGTH', 10000);
10 define('TOPIC_MIN_LENGTH', 3);
11 define('TOPIC_MAX_LENGTH', 60);
12
13 if ( isset($_GET['message']) ) {
14 $messageid = intval($_GET['message']);
15 $q = $DB->query('SELECT `topicid` FROM `messages` WHERE `messageid` = '.$messageid)->fetch_row();
16
17 if ( !is_array($q) )
18 $page->errorfooter('messageid');
19
20 $topicid = $q[0];
21 $topic = $DB->query('SELECT `topic_title`, `boardid` FROM `topics` WHERE `topicid` = '.$topicid)->fetch_row();
22
23 if ( !is_array($topic) )
24 $page->errorfooter('topicid');
25
26 $boardid = $topic[1];
27 } elseif ( isset($_GET['topic']) ) {
28 $topicid = intval($_GET['topic']);
29 $topic = $DB->query('SELECT `topic_title`, `boardid` FROM `topics` WHERE `topicid` = '.$topicid)->fetch_row();
30
31 if ( !is_array($topic) )
32 $page->errorfooter('topicid');
33
34 $boardid = $topic[1];
35 } else
36 $boardid = intval($_GET['board']);
37
38 $board = $DB->query('SELECT `board_name`, `restrict` FROM `boards` WHERE `boardid` = '.$boardid)->fetch_row();
39
40 // This board doesn't exist
41 if ( !is_array($board) )
42 $page->errorfooter('boardid');
43
44 // Board view restriction is on
45 if ( $board[1] >= 3 && !defined('DEVELOPER') )
46 $page->errorfooter('level', $board[2]);
47
48 // If they get this far they're probably allowed to view these pages too
49 $page->nav['Topic List: '.$board[0]] = 'topiclist?'.$boardid;
50 if ( isset($topicid) )
51 $page->nav['Message List: '.$topic[0]] = 'messagelist?'.$topicid;
52
53 // Check whether they can post at all
54 if ( $board[1] >= 2 && !defined('DEVELOPER') )
55 $page->errorfooter('level', $board[1]);
56 // Then check whether they're allowed to post a topic
57 if ( isset($_GET['board']) && $board[1] >= 1 && !defined('DEVELOPER') )
58 $page->errorfooter('level', $board[1]);
59
60
61 /* Form submit code */
62 if ( isset($_POST['post']) || isset($_POST['preview']) ) {
63
64 if ( 'none' === $_POST['html'] )
65 $html_type = message::M_HTML_NONE;
66 elseif ( $user->has_priv('html') && 'all' === $_POST['html'] )
67 $html_type = message::M_HTML_ALL;
68 else
69 $html_type = message::M_HTML_FILTERED;
70
71 if ( isset($_POST['nobr']) )
72 $html_type |= message::M_NO_NEWLINES;
73
74 try {
75 $message = new message($_POST['message_text'], $html_type);
76 if ( !isset($topic) )
77 $topic_title = trim(htmlspecialchars($_POST['topic_title']));
78
79 if ( ($m = strlen(trim(strip_tags($message->output)))) < MSG_MIN_LENGTH )
80 throw new LengthException('Your message is %d character(s) too short.', MSG_MIN_LENGTH - $m);
81 if ( ($m = strlen($message->output)) > MSG_MAX_LENGTH )
82 throw new LengthException('Your message is %d character(s) too long.', $m - MSG_MAX_LENGTH);
83
84 if ( !isset($topic) ) {
85 $t = strlen($topic_title);
86 if ( $t < TOPIC_MIN_LENGTH )
87 throw new LengthException('Your topic title is %d character(s) too short.', TOPIC_MIN_LENGTH - $t);
88 if ( $t > TOPIC_MAX_LENGTH )
89 throw new LengthException('Your topic title is %d character(s) too long.', $t - TOPIC_MAX_LENGTH);
90 if ( $DB->query('SELECT COUNT(*) AS `c` FROM `topics`
91 WHERE `topic_title` = '.$DB->string($topic_title).'
92 AND `boardid` = '.$boardid)->fetch_object()->c )
93 throw new InvalidInputException('A topic with that name already exists.');
94 }
95
96 if ( isset($_POST['post']) ) {
97 if ( ! ($user instanceof authuser) )
98 throw new Exception('Log in first!');
99
100 $DB->autocommit(false);
101
102 if ( !isset($topic) ) {
103 $DB->query('INSERT INTO `topics` (`topic_title`, `boardid`, `userid`)
104 VALUES( '.$DB->string($topic_title).',
105 '.$boardid.',
106 @userid )');
107 $topicid = $DB->insert_id;
108 $user->points += 2;
109 }
110 else
111 $user->points++;
112
113 if ( !isset($messageid) )
114 $messageid = 'NULL';
115
116 $DB->query('INSERT INTO `messages` (`topicid`, `userid`, `mtime`, `replyto`, `origin_ip`)
117 VALUES( '.$topicid.',
118 @userid,
119 UNIX_TIMESTAMP(),
120 '.$messageid.',
121 INET_ATON(\''.$_SERVER['REMOTE_ADDR'].'\') )');
122 $DB->query('UPDATE `topics` SET `lastpost` = LAST_INSERT_ID() WHERE `topicid` = '.$topicid);
123 $DB->query('INSERT INTO `message-data` (`messageid`, `mtext`)
124 VALUES( LAST_INSERT_ID(),
125 '.$DB->string($message->output).' )');
126
127 $DB->commit();
128
129 $r = 'topiclist?'.$boardid;
130 if ( isset($topicid) )
131 $r = 'messagelist?'.$topicid;
132
133 header('Location: http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['REQUEST_URI']).'/'.$r);
134 exit;
135
136 } elseif ( isset($_POST['preview']) ) {
137 $user->userheader();
138 echo '<fieldset><legend>Message Preview</legend>',"\n",
139 ( isset($topic_title) ? '<h2>'.$topic_title."</h2>\n" : '' ),
140 ' <div class="info">From: ',$user->alias,' at ',$user->fdate(time()),"</div>\n",
141 ' <div class="content">',$message->output,"</div>\n",
142 '</fieldset>',"\n";
143 }
144 } catch ( LengthException $e ) {
145 $user->userheader();
146 echo '<p class="error">',sprintf($e->getMessage(), $e->getCode()),"</p>\n";
147 } catch ( InvalidMessageException $e ) {
148 $user->userheader();
149 echo '<p class="error">Your message contains one or more formatting errors (the first error is shown):</p>',"\n",
150 '<p class="error">',$e->getMessage(),' at line ',$e->getXMLLine(),"</p>\n";
151 } catch ( Exception $e ) {
152 $user->userheader();
153 echo '<p class="error">',$e->getMessage(),"</p>\n";
154 }
155 } else
156 $user->userheader();
157
158
159 $message = '';
160 if ( !empty($_POST['message_text']) )
161 $message = htmlspecialchars($_POST['message_text']);
162 elseif ( $user->sig )
163 $message = "\n".htmlspecialchars($user->sig);
164
165 if ( isset($messageid) )
166 echo '<form action="post?message=',$messageid,'" method="post">';
167 elseif ( isset($topic) )
168 echo '<form action="post?topic=',$topicid,'" method="post">';
169 else
170 echo '<form action="post?board=',$boardid,'" method="post">',"\n",
171 ' <fieldset><legend>Topic <small>(Max. ',TOPIC_MAX_LENGTH,' chars)</small></legend>',"\n",
172 ' <input type="text" name="topic_title" maxlength="',TOPIC_MAX_LENGTH,'" size="80"',
173 ( !empty($topic_title) ? ' value="'.$topic_title.'"' : '' ),"/>\n",
174 " </fieldset>\n";
175
176 if ( empty($_POST['html']) )
177 $_POST['html'] = '';
178
179 $html = new form_select('html', 3, $_POST['html']);
180 if ( $user->has_priv('html') )
181 $html->add_item('all', 'All');
182 $html->add_item('normal', 'Normal');
183 $html->add_item('none', 'Plaintext');
184 ?>
185 <fieldset><legend>Message <small>(Max. <?php echo MSG_MAX_LENGTH; ?> chars)</small></legend>
186 <textarea rows="15" cols="80" name="message_text" id="messagebox"><?php echo $message; ?></textarea>
187 <fieldset class="content">
188 <button type="submit" name="post" value="post" accesskey="p">Post (P)</button>
189 <button type="submit" name="preview" value="preview" accesskey="r">Preview (R)</button>
190 </fieldset>
191 <fieldset class="content"><legend>Options</legend>
192 <p><label>HTML
193 <?php echo $html->display(); ?></label></p>
194 <p><label>Disable automatic linebreaks
195 <input type="checkbox" name="nobr" id="nobr"<?php if (isset($_POST['nobr'])) echo ' checked="checked"'; ?>/></label></p>
196 </fieldset>
197 <?php if (! ($user instanceof authuser)) { ?>
198 <fieldset class="content"><legend>Login</legend>
199 <p class="notice">You need to be logged in to post.</p>
200 <p><label>Username: <input type="text" name="u"/></label></p>
201 <p><label>Password: <input type="password" name="p"/></label></p>
202 <input type="hidden" name="login" value="post"/>
203 </fieldset>
204 <?php } ?>
205 </fieldset>
206 </form>
207
208 <dl>
209 <dt>Allowed HTML tags <?php if (defined('message::NO_ATTRIBS_YET_SRY')) echo ' <small>(Attributes not supported)</small>'; ?></dt>
210 <dd><?php echo implode(', ', message::$allowed_html); ?></dd>
211 </dl>
212
213 <?php
214 $page->pagefooter();
215 ?>
Special Ops source code from the bad old days, 2nd generation