3 * Message/Topic posting page
5 * @author Anthony Parsons (xmpp:ant@specialops.ath.cx)
6 * @license file://COPYING
10 $prefetch = array('`points`', '`sig`');
13 $page->title
= 'Post Message';
15 define('MSG_MIN_LENGTH', 2);
16 define('TOPIC_MIN_LENGTH', 3);
17 define('TOPIC_MAX_LENGTH', 60);
19 if ( isset($_GET['message']) ) {
20 $messageid = intval($_GET['message']);
21 $q = $DB->query('SELECT `topicid` FROM `messages` WHERE `messageid` = '.$messageid)->fetch_row();
23 if ( !is_array($q) ) {
24 $page->errorfooter('messageid');
28 $topic = $DB->query('SELECT `topic_title`, `boardid` FROM `topics` WHERE `topicid` = '.$topicid)->fetch_row();
30 if ( !is_array($topic) ) {
31 $page->errorfooter('topicid');
36 $boardid = intval($_GET['board']);
39 $board = $DB->query('SELECT `board_name`, `view_restrict`, `post_restrict` FROM `boards` WHERE `boardid` = '.$boardid)->fetch_row();
41 if ( !is_array($board) ) { // This board doesn't exist
42 $page->errorfooter('boardid');
44 if ( ! $user->has_priv('viewboard', $board[1]) ) { // Not allowed to view board
45 $page->errorfooter('level', $board[2]);
48 // Can view board, so link to it
49 $page->nav
['Topic List: '.$board[0]] = 'topiclist?'.$boardid;
50 if ( isset($topicid) ) {
51 $page->nav
['Message List: '.$topic[0]] = 'messagelist?'.$topicid;
54 if ( isset($_GET['board']) && ! $user->has_priv('posttopic', $board[2]) ) { // Not allowed to post topics here
55 $page->errorfooter('level', $board[1]);
57 if ( ! $user->has_priv('postmessage', $board[2]) ) { // Not allowed to reply either
58 $page->errorfooter('level', $board[1]);
63 * Selectbox for HTML formatting
65 $html_options = new HTML_Select('html', 3);
66 $html_options->add_item('Message_PCRE', 'Default');
67 $html_options->add_item('Message_Plaintext', 'Plaintext');
68 if ( $user->has_priv('html') ) {
69 $html_options->add_item('Message_XML', 'Full XHTML');
71 $html_options->set_default('Message_PCRE');
74 /* Form submit code */
75 if ( isset($_POST['post']) ||
isset($_POST['preview']) ) {
77 $html_options->check_value($_POST['html']);
78 $html_options->set_default($_POST['html']);
81 if ( !isset($topic) ) {
82 $topic_title = trim(htmlspecialchars($_POST['topic_title']));
85 $message = new $_POST['html']($_POST['message_text']);
88 if ( strlen($message->getOutput()) < MSG_MIN_LENGTH
) {
89 throw new LengthException('Your message is %d character(s) too short.', MSG_MIN_LENGTH
- strlen($message->getOutput()));
92 if ( !isset($topic) ) {
93 $t = strlen($topic_title);
94 if ( $t < TOPIC_MIN_LENGTH
) {
95 throw new LengthException('Your topic title is %d character(s) too short.', TOPIC_MIN_LENGTH
- $t);
97 if ( $t > TOPIC_MAX_LENGTH
) {
98 throw new LengthException('Your topic title is %d character(s) too long.', $t - TOPIC_MAX_LENGTH
);
100 if ( $DB->query('SELECT COUNT(*) AS `c` FROM `topics`
101 WHERE `topic_title` = '.$DB->string($topic_title).'
102 AND `boardid` = '.$boardid)->fetch_object()->c
) {
103 throw new RateLimitException('A topic with that name already exists.');
107 if ( isset($_POST['post']) ) {
108 if ( ! ($user instanceof User_Authenticated
) ) {
109 throw new Exception('¬_¬');
112 $DB->autocommit(false);
114 if ( !isset($topic) ) {
115 $DB->query('INSERT INTO `topics` (`topic_title`, `boardid`, `userid`)
116 VALUES ('.$DB->string($topic_title).', '.$boardid.', @userid )');
117 $topicid = $DB->insert_id
;
123 if ( !isset($messageid) ) {
127 $DB->query('INSERT INTO `messages` (`topicid`, `replyto`, `userid`, `mtime`, `origin_ip`)
128 VALUES ('.$topicid.', '.$messageid.',
129 @userid, UNIX_TIMESTAMP(), INET_ATON("'.$_SERVER['REMOTE_ADDR'].'") )');
131 $DB->query('UPDATE `topics` SET `lastpost` = LAST_INSERT_ID() WHERE `topicid` = '.$topicid);
132 $DB->query('INSERT INTO `message-data` (`messageid`, `mtext`)
133 VALUES(LAST_INSERT_ID(), '.$DB->string($message->getOutput()).')');
137 $r = 'topiclist?'.$boardid;
138 if ( isset($topicid) ) {
139 $r = 'messagelist?'.$topicid;
142 header('HTTP/1.1 303 See Other');
143 header('Location: http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['REQUEST_URI']).'/'.$r);
144 $page->mtime
= time();
148 } elseif ( isset($_POST['preview']) ) {
151 '<fieldset><legend>Message Preview</legend>',"\n",
152 ( isset($topic_title) ?
'<h2>'.$topic_title."</h2>\n" : '' ),
153 ' <div class="info">From: ',$user,' at ',$user->fdate(time()),"</div>\n",
154 ' <div class="content">',$message->getOutput(),"</div>\n",
157 } catch ( LengthException
$e ) {
159 echo '<p class="error">',sprintf($e->getMessage(), $e->getCode()),"</p>\n";
160 } catch ( InvalidInputException
$e ) {
162 echo '<p class="error">Your message contains one or more formatting errors (the first error is shown):</p>',"\n",
163 '<p class="error">',$e->getMessage(),' at line ',$e->getCode(),"</p>\n";
164 } catch ( Exception
$e ) {
166 echo '<p class="error">',$e->getMessage(),"</p>\n";
172 // I have no idea what's going on here
173 $message = strpos($_SERVER['HTTP_USER_AGENT'], 'KHTML') ?
"\n" : '';
174 if ( !empty($_POST['message_text']) ) {
175 $message = htmlspecialchars($_POST['message_text']);
176 } elseif ( $user->sig
) {
177 $message .= "\n".htmlspecialchars($user->sig
);
180 if ( isset($messageid) ) {
181 define('HERE', $_SERVER['REQUEST_URI']);
182 switch ( $user->msglist_style
) {
183 case Messagestyle_Frozenoven
::ID
:
184 $mo = new Messagestyle_Frozenoven
; break;
185 case Messagestyle_IRC
::ID
:
186 $mo = new Messagestyle_IRC
; break;
187 case Messagestyle_Plain
::ID
:
189 $mo = new Messagestyle_Plain
;
191 echo '<fieldset class="',get_class($mo),'"><legend>Replying to</legend>',"\n";
192 $mo->display($DB->query('SELECT `messages`.`userid`, `alias`, `mtime`, `mtext`, `replyto`,
193 `score`, `marks`, `messages`.`messageid`, INET_NTOA(`origin_ip`) AS `ip`
195 NATURAL LEFT JOIN `messages`
196 NATURAL LEFT JOIN `users`
197 WHERE `messageid` = '.$messageid)->fetch_assoc());
198 echo "</fieldset>\n",
199 '<form action="post?message=',$messageid,'" method="post">';
201 echo '<form action="post?board=',$boardid,'" method="post">',"\n",
202 ' <fieldset><legend>Topic <small>(Max. ',TOPIC_MAX_LENGTH
," chars)</small></legend>\n",
203 ' <input type="text" name="topic_title" maxlength="',TOPIC_MAX_LENGTH
,'" size="80"',
204 ( !empty($topic_title) ?
' value="'.$topic_title.'"' : '' ),' tabindex="1"/>',"\n",
208 <fieldset
><legend
>Message
</legend
>
209 <textarea rows
="15" cols
="60" name
="message_text" id
="messagebox" tabindex
="2"><?php
echo $message; ?
></textarea
>
210 <fieldset
class="content">
211 <?php
if ( ! ($user instanceof User_Authenticated
) ) { ?
>
212 <p
class="notice">You need to be logged in to post
.</p
>
213 <p
><label
>Username
: <input name
="u" tabindex
="3" type
="text"/></label
></p
>
214 <p
><label
>Password
: <input name
="p" tabindex
="4" type
="password"/></label
></p
>
215 <input type
="hidden" name
="login" value
="post"/>
217 <button type
="submit" accesskey
="p" tabindex
="5" name
="post">Post (P
)</button
>
218 <button type
="submit" accesskey
="r" tabindex
="6" name
="preview">Preview (R
)</button
>
219 <p
><label
>HTML Formatting
: <?php
echo $html_options->display(); ?
></label
></p
>