3 * Message/Topic posting page
5 * @author Anthony Parsons (xmpp:ant@specialops.ath.cx)
6 * @license file://COPYING
10 $prefetch = array('`points`', '`sig`');
13 $page->title
= 'Post Message';
15 define('MSG_MIN_LENGTH', 2);
16 define('TOPIC_MIN_LENGTH', 3);
17 define('TOPIC_MAX_LENGTH', 60);
19 if ( isset($_GET['message']) ) {
20 $messageid = intval($_GET['message']);
21 $q = $DB->query('SELECT `topicid` FROM `messages` WHERE `messageid` = '.$messageid)->fetch_row();
23 if ( !is_array($q) ) {
24 $page->errorfooter('messageid');
28 $topic = $DB->query('SELECT `topic_title`, `boardid` FROM `topics` WHERE `topicid` = '.$topicid)->fetch_row();
30 if ( !is_array($topic) ) {
31 $page->errorfooter('topicid');
36 $boardid = intval($_GET['board']);
39 $board = $DB->query('SELECT `board_name`, `view_restrict`, `post_restrict` FROM `boards` WHERE `boardid` = '.$boardid)->fetch_row();
41 if ( !is_array($board) ) { // This board doesn't exist
42 $page->errorfooter('boardid');
44 if ( ! $user->has_priv('viewboard', $board[1]) ) { // Not allowed to view board
45 $page->errorfooter('level', $board[2]);
48 // Can view board, so link to it
49 $page->nav
['Topic List: '.$board[0]] = 'topiclist?'.$boardid;
50 if ( isset($topicid) ) {
51 $page->nav
['Message List: '.$topic[0]] = 'messagelist?'.$topicid;
54 if ( isset($_GET['board']) && ! $user->has_priv('posttopic', $board[2]) ) { // Not allowed to post topics here
55 $page->errorfooter('level', $board[1]);
57 if ( ! $user->has_priv('postmessage', $board[2]) ) { // Not allowed to reply either
58 $page->errorfooter('level', $board[1]);
63 * Selectbox for HTML formatting
65 $html_options = new HTML_Select('html', 3);
66 $html_options->add_item('Message_PCRE', 'Default');
67 $html_options->add_item('Message_Plaintext', 'Plaintext');
68 if ( $user->has_priv('html') ) {
69 $html_options->add_item('Message_XML', 'Full XHTML');
71 $html_options->set_default('Message_PCRE');
73 switch ( $user->msglist_style
) {
74 case Messagestyle_Frozenoven
::ID
:
75 $mo = new Messagestyle_Frozenoven
; break;
76 case Messagestyle_IRC
::ID
:
77 $mo = new Messagestyle_IRC
; break;
78 case Messagestyle_Plain
::ID
:
80 $mo = new Messagestyle_Plain
;
82 define('HERE', $_SERVER['REQUEST_URI']);
84 /* Form submit code */
85 if ( isset($_POST['post']) ||
isset($_POST['preview']) ) {
87 if ( isset($_POST['html']) ) {
88 $html_options->check_value($_POST['html']);
89 $html_options->set_default($_POST['html']);
93 if ( !isset($topic) ) {
94 $topic_title = trim(htmlspecialchars($_POST['topic_title']));
97 $message = new $html_options->default($_POST['message_text']);
100 if ( strlen($message->getOutput()) < MSG_MIN_LENGTH
) {
101 throw new LengthException('Your message is %d character(s) too short.', MSG_MIN_LENGTH
- strlen($message->getOutput()));
104 if ( !isset($topic) ) {
105 $t = strlen($topic_title);
106 if ( $t < TOPIC_MIN_LENGTH
) {
107 throw new LengthException('Your topic title is %d character(s) too short.', TOPIC_MIN_LENGTH
- $t);
109 if ( $t > TOPIC_MAX_LENGTH
) {
110 throw new LengthException('Your topic title is %d character(s) too long.', $t - TOPIC_MAX_LENGTH
);
112 if ( $DB->query('SELECT COUNT(*) AS `c` FROM `topics`
113 WHERE `topic_title` = '.$DB->string($topic_title).'
114 AND `boardid` = '.$boardid)->fetch_object()->c
) {
115 throw new RateLimitException('A topic with that name already exists.');
119 if ( isset($_POST['post']) ) {
120 if ( ! ($user instanceof User_Authenticated
) ) {
121 throw new Exception('¬_¬');
124 $DB->autocommit(false);
126 if ( !isset($topic) ) {
127 $DB->query('INSERT INTO `topics` (`topic_title`, `boardid`, `userid`)
128 VALUES ('.$DB->string($topic_title).', '.$boardid.', @userid )');
129 $topicid = $DB->insert_id
;
135 if ( !isset($messageid) ) {
139 $DB->query('INSERT INTO `messages` (`topicid`, `replyto`, `userid`, `mtime`, `origin_ip`)
140 VALUES ('.$topicid.', '.$messageid.',
141 @userid, UNIX_TIMESTAMP(), INET_ATON("'.$_SERVER['REMOTE_ADDR'].'") )');
143 $DB->query('UPDATE `topics` SET `lastpost` = LAST_INSERT_ID() WHERE `topicid` = '.$topicid);
144 $DB->query('INSERT INTO `message-data` (`messageid`, `mtext`)
145 VALUES(LAST_INSERT_ID(), '.$DB->string($message->getOutput()).')');
149 $r = 'topiclist?'.$boardid;
150 if ( isset($topicid) ) {
151 $r = 'messagelist?'.$topicid;
154 header('HTTP/1.1 303 See Other');
155 header('Location: http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['REQUEST_URI']).'/'.$r);
156 $page->mtime
= time();
160 } elseif ( isset($_POST['preview']) ) {
162 echo '<fieldset class="',get_class($mo),'"><legend>Message Preview</legend>',"\n",
163 ( isset($topic_title) ?
'<h2>'.$topic_title."</h2>\n" : '' );
165 'userid' => $user->userid
,
166 'alias' => $user->alias
,
168 'mtext' => $message->getOutput(),
173 'ip' => $_SERVER['REMOTE_ADDR']
175 echo "</fieldset>\n";
177 } catch ( LengthException
$e ) {
179 echo '<p class="error">',sprintf($e->getMessage(), $e->getCode()),"</p>\n";
180 } catch ( InvalidInputException
$e ) {
182 echo '<p class="error">Your message contains one or more formatting errors (the first error is shown):</p>',"\n",
183 '<p class="error">',$e->getMessage(),' at line ',$e->getCode(),"</p>\n";
184 } catch ( Exception
$e ) {
186 echo '<p class="error">',$e->getMessage(),"</p>\n";
192 // I have no idea what's going on here
193 $message = strpos($_SERVER['HTTP_USER_AGENT'], 'KHTML') ?
"\n" : '';
194 if ( !empty($_POST['message_text']) ) {
195 $message = htmlspecialchars($_POST['message_text']);
196 } elseif ( $user->sig
) {
197 $message .= "\n".htmlspecialchars($user->sig
);
200 if ( isset($messageid) ) {
201 echo '<fieldset class="',get_class($mo),'"><legend>Replying to:</legend>',"\n";
202 $mo->display($DB->query('SELECT `messages`.`userid`, `alias`, `mtime`, `mtext`, `replyto`,
203 `score`, `marks`, `messages`.`messageid`, INET_NTOA(`origin_ip`) AS `ip`
205 NATURAL LEFT JOIN `messages`
206 NATURAL LEFT JOIN `users`
207 WHERE `messageid` = '.$messageid)->fetch_assoc());
208 echo "</fieldset>\n",
209 '<form action="post?message=',$messageid,'" method="post">';
211 echo '<form action="post?board=',$boardid,'" method="post">',"\n",
212 ' <fieldset><legend>Topic <small>(Max. ',TOPIC_MAX_LENGTH
," chars)</small></legend>\n",
213 ' <input type="text" name="topic_title" maxlength="',TOPIC_MAX_LENGTH
,'" size="80"',
214 ( !empty($topic_title) ?
' value="'.$topic_title.'"' : '' ),' tabindex="1"/>',"\n",
218 <fieldset
><legend
>Message
</legend
>
219 <textarea rows
="15" cols
="60" name
="message_text" id
="messagebox" tabindex
="2"><?php
echo $message; ?
></textarea
>
220 <fieldset
class="content">
221 <?php
if ( ! ($user instanceof User_Authenticated
) ) { ?
>
222 <p
class="notice">You need to be logged in to post
.</p
>
223 <p
><label
>Username
: <input name
="u" tabindex
="3" type
="text"/></label
></p
>
224 <p
><label
>Password
: <input name
="p" tabindex
="4" type
="password"/></label
></p
>
225 <input type
="hidden" name
="login" value
="post"/>
227 <button type
="submit" accesskey
="p" tabindex
="5" name
="post">Post (P
)</button
>
228 <button type
="submit" accesskey
="r" tabindex
="6" name
="preview">Preview (R
)</button
>
229 <p
><label
>HTML Formatting
: <?php
echo $html_options->display(); ?
></label
></p
>