search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Added some class="" to pagelist code
[specialops2.git] / post.php
blobacb3aa26cd56633bbe55bc017f8ebdcd50859c8f
1 <?php
2 /**
3 * Message/Topic posting page
4 *
5 * @author Anthony Parsons (xmpp:ant@specialops.ath.cx)
6 * @license file://COPYING
7 * @version $Id$
8 */
9
10 $prefetch = array('`points`', '`sig`');
11 require 'con.php';
12
13 $page->title = 'Post Message';
14
15 define('MSG_MIN_LENGTH', 2);
16 define('TOPIC_MIN_LENGTH', 3);
17 define('TOPIC_MAX_LENGTH', 60);
18
19 if ( isset($_GET['message']) ) {
20 $messageid = intval($_GET['message']);
21 $q = $DB->query('SELECT `topicid` FROM `messages` WHERE `messageid` = '.$messageid)->fetch_row();
22
23 if ( !is_array($q) ) {
24 $page->errorfooter('messageid');
25 }
26
27 $topicid = $q[0];
28 $topic = $DB->query('SELECT `topic_title`, `boardid` FROM `topics` WHERE `topicid` = '.$topicid)->fetch_row();
29
30 if ( !is_array($topic) ) {
31 $page->errorfooter('topicid');
32 }
33
34 $boardid = $topic[1];
35 } else {
36 $boardid = intval($_GET['board']);
37 }
38
39 $board = $DB->query('SELECT `board_name`, `view_restrict`, `post_restrict` FROM `boards` WHERE `boardid` = '.$boardid)->fetch_row();
40
41 if ( !is_array($board) ) { // This board doesn't exist
42 $page->errorfooter('boardid');
43 }
44 if ( ! $user->has_priv('viewboard', $board[1]) ) { // Not allowed to view board
45 $page->errorfooter('level', $board[2]);
46 }
47
48 // Can view board, so link to it
49 $page->nav['Topic List: '.$board[0]] = 'topiclist?'.$boardid;
50 if ( isset($topicid) ) {
51 $page->nav['Message List: '.$topic[0]] = 'messagelist?'.$topicid;
52 }
53
54 if ( isset($_GET['board']) && ! $user->has_priv('posttopic', $board[2]) ) { // Not allowed to post topics here
55 $page->errorfooter('level', $board[1]);
56 }
57 if ( ! $user->has_priv('postmessage', $board[2]) ) { // Not allowed to reply either
58 $page->errorfooter('level', $board[1]);
59 }
60
61
62 /**
63 * Selectbox for HTML formatting
64 */
65 $html_options = new HTML_Select('html', 3);
66 $html_options->add_item('Message_PCRE', 'Default');
67 $html_options->add_item('Message_Plaintext', 'Plaintext');
68 if ( $user->has_priv('html') ) {
69 $html_options->add_item('Message_XML', 'Full XHTML');
70 }
71 $html_options->set_default('Message_PCRE');
72
73
74 /* Form submit code */
75 if ( isset($_POST['post']) || isset($_POST['preview']) ) {
76
77 $html_options->check_value($_POST['html']);
78 $html_options->set_default($_POST['html']);
79
80 try {
81 if ( !isset($topic) ) {
82 $topic_title = trim(htmlspecialchars($_POST['topic_title']));
83 }
84
85 $message = new $_POST['html']($_POST['message_text']);
86 $message->validate();
87
88 if ( strlen($message->getOutput()) < MSG_MIN_LENGTH ) {
89 throw new LengthException('Your message is %d character(s) too short.', MSG_MIN_LENGTH - strlen($message->getOutput()));
90 }
91
92 if ( !isset($topic) ) {
93 $t = strlen($topic_title);
94 if ( $t < TOPIC_MIN_LENGTH ) {
95 throw new LengthException('Your topic title is %d character(s) too short.', TOPIC_MIN_LENGTH - $t);
96 }
97 if ( $t > TOPIC_MAX_LENGTH ) {
98 throw new LengthException('Your topic title is %d character(s) too long.', $t - TOPIC_MAX_LENGTH);
99 }
100 if ( $DB->query('SELECT COUNT(*) AS `c` FROM `topics`
101 WHERE `topic_title` = '.$DB->string($topic_title).'
102 AND `boardid` = '.$boardid)->fetch_object()->c ) {
103 throw new RateLimitException('A topic with that name already exists.');
104 }
105 }
106
107 if ( isset($_POST['post']) ) {
108 if ( ! ($user instanceof User_Authenticated) ) {
109 throw new Exception('¬_¬');
110 }
111
112 $DB->autocommit(false);
113
114 if ( !isset($topic) ) {
115 $DB->query('INSERT INTO `topics` (`topic_title`, `boardid`, `userid`)
116 VALUES ('.$DB->string($topic_title).', '.$boardid.', @userid )');
117 $topicid = $DB->insert_id;
118 $user->points += 2;
119 } else {
120 $user->points++;
121 }
122
123 if ( !isset($messageid) ) {
124 $messageid = 'NULL';
125 }
126
127 $DB->query('INSERT INTO `messages` (`topicid`, `replyto`, `userid`, `mtime`, `origin_ip`)
128 VALUES ('.$topicid.', '.$messageid.',
129 @userid, UNIX_TIMESTAMP(), INET_ATON("'.$_SERVER['REMOTE_ADDR'].'") )');
130
131 $DB->query('UPDATE `topics` SET `lastpost` = LAST_INSERT_ID() WHERE `topicid` = '.$topicid);
132 $DB->query('INSERT INTO `message-data` (`messageid`, `mtext`)
133 VALUES(LAST_INSERT_ID(), '.$DB->string($message->getOutput()).')');
134
135 $DB->commit();
136
137 $r = 'topiclist?'.$boardid;
138 if ( isset($topicid) ) {
139 $r = 'messagelist?'.$topicid;
140 }
141
142 header('HTTP/1.1 303 See Other');
143 header('Location: http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['REQUEST_URI']).'/'.$r);
144 $page->mtime = time();
145 $page->pageheader();
146 exit;
147
148 } elseif ( isset($_POST['preview']) ) {
149 $user->userheader();
150 echo
151 '<fieldset><legend>Message Preview</legend>',"\n",
152 ( isset($topic_title) ? '<h2>'.$topic_title."</h2>\n" : '' ),
153 ' <div class="info">From: ',$user,' at ',$user->fdate(time()),"</div>\n",
154 ' <div class="content">',$message->getOutput(),"</div>\n",
155 '</fieldset>',"\n";
156 }
157 } catch ( LengthException $e ) {
158 $user->userheader();
159 echo '<p class="error">',sprintf($e->getMessage(), $e->getCode()),"</p>\n";
160 } catch ( InvalidInputException $e ) {
161 $user->userheader();
162 echo '<p class="error">Your message contains one or more formatting errors (the first error is shown):</p>',"\n",
163 '<p class="error">',$e->getMessage(),' at line ',$e->getCode(),"</p>\n";
164 } catch ( Exception $e ) {
165 $user->userheader();
166 echo '<p class="error">',$e->getMessage(),"</p>\n";
167 }
168 } else {
169 $user->userheader();
170 }
171
172 // I have no idea what's going on here
173 $message = strpos($_SERVER['HTTP_USER_AGENT'], 'KHTML') ? "\n" : '';
174 if ( !empty($_POST['message_text']) ) {
175 $message = htmlspecialchars($_POST['message_text']);
176 } elseif ( $user->sig ) {
177 $message .= "\n".htmlspecialchars($user->sig);
178 }
179
180 if ( isset($messageid) ) {
181 define('HERE', $_SERVER['REQUEST_URI']);
182 switch ( $user->msglist_style ) {
183 case Messagestyle_Frozenoven::ID:
184 $mo = new Messagestyle_Frozenoven; break;
185 case Messagestyle_IRC::ID:
186 $mo = new Messagestyle_IRC; break;
187 case Messagestyle_Plain::ID:
188 default:
189 $mo = new Messagestyle_Plain;
190 }
191 echo '<fieldset class="',get_class($mo),'"><legend>Replying to</legend>',"\n";
192 $mo->display($DB->query('SELECT `messages`.`userid`, `alias`, `mtime`, `mtext`, `replyto`,
193 `score`, `marks`, `messages`.`messageid`, INET_NTOA(`origin_ip`) AS `ip`
194 FROM `message-data`
195 NATURAL LEFT JOIN `messages`
196 NATURAL LEFT JOIN `users`
197 WHERE `messageid` = '.$messageid)->fetch_assoc());
198 echo "</fieldset>\n",
199 '<form action="post?message=',$messageid,'" method="post">';
200 } else {
201 echo '<form action="post?board=',$boardid,'" method="post">',"\n",
202 ' <fieldset><legend>Topic <small>(Max. ',TOPIC_MAX_LENGTH," chars)</small></legend>\n",
203 ' <input type="text" name="topic_title" maxlength="',TOPIC_MAX_LENGTH,'" size="80"',
204 ( !empty($topic_title) ? ' value="'.$topic_title.'"' : '' ),' tabindex="1"/>',"\n",
205 " </fieldset>\n";
206 }
207 ?>
208 <fieldset><legend>Message</legend>
209 <textarea rows="15" cols="60" name="message_text" id="messagebox" tabindex="2"><?php echo $message; ?></textarea>
210 <fieldset class="content">
211 <?php if ( ! ($user instanceof User_Authenticated) ) { ?>
212 <p class="notice">You need to be logged in to post.</p>
213 <p><label>Username: <input name="u" tabindex="3" type="text"/></label></p>
214 <p><label>Password: <input name="p" tabindex="4" type="password"/></label></p>
215 <input type="hidden" name="login" value="post"/>
216 <?php } ?>
217 <button type="submit" accesskey="p" tabindex="5" name="post">Post (P)</button>
218 <button type="submit" accesskey="r" tabindex="6" name="preview">Preview (R)</button>
219 <p><label>HTML Formatting: <?php echo $html_options->display(); ?></label></p>
220 </fieldset>
221 </fieldset>
222 </form>
223
224 <?php
225 $page->pagefooter();
226 ?>
Special Ops source code from the bad old days, 2nd generation