search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Database rewrite, first half
[specialops2.git] / post.php
blobd975fb4c5dbd288a8d193328395976fcc38b83c3
1 <?php
2 // $Id$
3
4 require 'con.php';
5 $page->title = _('Post Message');
6
7 define('MSG_MIN_LENGTH', 3);
8 define('MSG_MAX_LENGTH', 10000);
9 define('TOPIC_MIN_LENGTH', 3);
10 define('TOPIC_MAX_LENGTH', 60);
11
12 if ( isset($_GET['message']) ) {
13 $messageid = intval($_GET['message']);
14 $q = $DB->query('SELECT `m_topic` FROM `messages` WHERE `messageid` = '.$messageid)->fetch_row();
15
16 if ( !is_array($q) )
17 $page->errorfooter('messageid');
18
19 $topicid = $q[0];
20 $topic = $DB->query('SELECT `t_name`, `t_board` FROM `topics` WHERE `topicid` = '.$topicid)->fetch_row();
21
22 if ( !is_array($topic) )
23 $page->errorfooter('topicid');
24
25 $boardid = $topic[1];
26 } elseif ( isset($_GET['topic']) ) {
27 $topicid = intval($_GET['topic']);
28 $topic = $DB->query('SELECT `t_name`, `t_board` FROM `topics` WHERE `topicid` = '.$topicid)->fetch_row();
29
30 if ( !is_array($topic) )
31 $page->errorfooter('topicid');
32
33 $boardid = $topic[1];
34 } else
35 $boardid = intval($_GET['board']);
36
37 $board = $DB->query('SELECT `b_name`, `b_topic_level`, `b_view_level`, `b_view_points` FROM `boards` WHERE `boardid` = '.$boardid)->fetch_row();
38
39 // Nonexistent board id
40 if ( !is_array($board) ) {
41 $page->errorfooter('boardid');
42 }
43
44 // Access control
45 if ( $board[2] > $user->u_level || $board[3] > $user->u_points ) {
46 $page->errorfooter('levelpoints', $board[2], $board[3]);
47 }
48
49 // If this is a real board and they're allowed in add the links
50 $page->nav[_('Topic List').': '.$board[0]] = 'topiclist?board='.$boardid;
51 if ( isset($topicid) )
52 $page->nav[_('Message List').': '.$topic[0]] = 'messagelist?topic='.$topicid;
53
54 $user->userheader();
55
56 // Topic post level
57 if ( isset($_GET['board']) && $board[1] > $user->u_level )
58 $page->errorfooter('level', $board[1]);
59
60 // Waste their time even more
61 if ( ! ($user instanceof authuser) )
62 $page->errorfooter('login');
63
64 /* Form submit handler */
65 if ( isset($_POST['post']) || isset($_POST['preview']) ) {
66
67 if ( 'none' === $_POST['html'] )
68 $html_type = message::M_HTML_NONE;
69 elseif ( LVL_VIP <= $user->u_level && 'all' === $_POST['html'] )
70 $html_type = message::M_HTML_ALL;
71 else
72 $html_type = message::M_HTML_FILTERED;
73 if ( isset($_POST['nobr']) )
74 $html_type |= message::M_NO_NEWLINES;
75
76 try {
77 $message = new message($_POST['message_text'], $html_type);
78 if ( !isset($topic) )
79 $topic_title = trim(htmlspecialchars($_POST['topic_title']));
80
81 if ( ($m = strlen(trim(strip_tags($message->output)))) < MSG_MIN_LENGTH )
82 throw new LengthException(ngettext('Your message is %d character too short.',
83 'Your message is %d characters too short.', MSG_MIN_LENGTH - $m), MSG_MIN_LENGTH - $m);
84 if ( ($m = strlen($message->output)) > MSG_MAX_LENGTH )
85 throw new LengthException(ngettext('Your message is %d character too long.',
86 'Your message is %d characters too long.', $m - MSG_MAX_LENGTH), $m - MSG_MAX_LENGTH);
87
88 if ( !isset($topic) ) {
89 $t = strlen($topic_title);
90 if ( $t < TOPIC_MIN_LENGTH )
91 throw new LengthException(ngettext('Your topic title is %d character too short.',
92 'Your topic title is %d characters too short.', TOPIC_MIN_LENGTH - $t), TOPIC_MIN_LENGTH - $t);
93 if ( $t > TOPIC_MAX_LENGTH )
94 throw new LengthException(ngettext('Your topic title is %d character too long.',
95 'Your topic title is %d characters too long.', $t - TOPIC_MAX_LENGTH), $t - TOPIC_MAX_LENGTH);
96 if ( $DB->query('SELECT COUNT(*) AS `c` FROM `topics`
97 WHERE `t_name` = \''.$DB->escape_string($topic_title).'\' AND `t_board` = '.$boardid)->fetch_object()->c )
98 throw new InvalidInputException(_('A topic with that name already exists.'));
99 }
100
101 if ( isset($_POST['post']) ) {
102 $DB->query('START TRANSACTION');
103
104 if ( !isset($topic) ) {
105 $DB->query('INSERT INTO `topics` (`t_name`, `t_board`, `t_poster`) VALUES (
106 \''.$DB->escape_string($topic_title).'\', '.$boardid.', '.$user->userid.')');
107 $topicid = $DB->insert_id;
108 $user->u_points++;
109 }
110
111 if ( !isset($messageid) )
112 $messageid = 'NULL';
113
114 $DB->query('INSERT INTO `messages` (`m_topic`, `m_poster`, `m_time`, `m_replyto`, `m_ip`) VALUES
115 ('.$topicid.', '.$user->userid.', UNIX_TIMESTAMP(), '.$messageid.', INET_ATON(\''.$_SERVER['REMOTE_ADDR'].'\'))');
116 $DB->query('INSERT INTO `message-data` (`m_id`, `m_text`) VALUES (LAST_INSERT_ID(), \''.$DB->escape_string($message->output).'\')');
117 $DB->commit();
118 $user->u_points++;
119
120 $r = 'topiclist?board='.$boardid;
121 if ( isset($topicid) )
122 $r = 'messagelist?topic='.$topicid;
123
124 $page->footer('<div class="notice">'._(sprintf('Message Posted. Return to from which you <a href="%s">came</a>.', $r)).'</div>');
125
126 } elseif ( isset($_POST['preview']) ) {
127 echo
128 '<fieldset><legend>',_('Message Preview'),"</legend>\n",
129 ( isset($topic_title) ? '<h2>'.$topic_title."</h2>\n" : '' ),
130 '<div class="info">',_('From: '),$user->u_name,_(' at '),$user->fdate(time()),"</div>\n",
131 '<div class="content">',$message->output,"</div>\n",
132 '</fieldset>',"\n";
133 }
134 } catch ( InvalidInputException $e ) {
135 echo '<div class="error">',$e->getMessage(),"</div>\n";
136 } catch ( LengthException $e ) {
137 echo '<div class="error">',sprintf($e->getMessage(), $e->getCode()),"</div>\n";
138 } catch ( InvalidMessageException $e ) {
139 echo
140 '<div class="error">',_('Your message contains formatting errors (only the first error is shown):'),"</div>\n",
141 '<div class="error">',$e->getMessage(),_(' at line '),$e->getXMLLine(),"</div>\n";
142 }
143 } //Form submit
144
145 $message = '';
146 if ( !empty($_POST['message_text']) )
147 $message = htmlspecialchars($_POST['message_text']);
148 elseif ( $user->u_sig )
149 $message = "\n".htmlspecialchars($user->u_sig);
150
151 if ( isset($messageid) )
152 echo '<form action="post?message=',$messageid,'" method="post">';
153 elseif ( isset($topic) )
154 echo '<form action="post?topic=',$topicid,'" method="post">';
155 else
156 echo
157 '<form action="post?board=',$boardid,'" method="post">
158 <fieldset class="content"><legend>',_('Topic'),'</legend>
159 <input type="text" name="topic_title" id="topicbox" maxlength="',TOPIC_MAX_LENGTH,'" size="80"',
160 ( !empty($topic_title) ? ' value="'.$topic_title.'"' : '' ),"/>\n",
161 "</fieldset>\n";
162
163 if ( empty($_POST['html']) )
164 $_POST['html'] = '';
165
166 $html = new form_select('html', 3, $_POST['html']);
167 if ( $user->u_level >= LVL_VIP )
168 $html->add_item('all', _('All HTML'));
169 $html->add_item('normal', _('Safe HTML'));
170 $html->add_item('none', _('Plaintext'));
171 ?>
172 <fieldset class="content"><legend><?php echo _('Message'); ?></legend>
173 <textarea rows="15" cols="80" name="message_text" id="messagebox"><?php echo $message ?></textarea>
174 <button type="submit" name="post" value="post" accesskey="p"><?php echo _('Post'); ?> (P)</button>
175 <button type="submit" name="preview" value="preview" accesskey="r"><?php echo _('Preview'); ?> (R)</button>
176 <fieldset>
177 <legend><?php echo _('Options'); ?></legend>
178 <label for="html"><?php echo _('HTML'); ?></label>
179 <?php echo $html->display(); ?><br/>
180 <label for="nobr"><?php echo _('Disable automatic linebreaks'); ?></label>
181 <input type="checkbox" name="nobr" id="nobr"<?php if ( isset($_POST['nobr']) ) echo ' checked="checked"' ?>/>
182 </fieldset>
183 </fieldset>
184 </form>
185
186 <div class="info"><?php
187 $tags = implode(', ', message::$allowed_html);
188 echo _('Default HTML tags allowed'),': ',$tags; //Strip off trailing comma
189 ?></div>
190
191 <?php
192 $page->pagefooter();
193 ?>
Special Ops source code from the bad old days, 2nd generation