| [ Index ] |
|
Code source de Phorum 5.1.25 |
1 <?php 2 3 //////////////////////////////////////////////////////////////////////////////// 4 // // 5 // Copyright (C) 2006 Phorum Development Team // 6 // http://www.phorum.org // 7 // // 8 // This program is free software. You can redistribute it and/or modify // 9 // it under the terms of either the current Phorum License (viewable at // 10 // phorum.org) or the Phorum License that was distributed with this file // 11 // // 12 // This program is distributed in the hope that it will be useful, // 13 // but WITHOUT ANY WARRANTY, without even the implied warranty of // 14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. // 15 // // 16 // You should have received a copy of the Phorum License // 17 // along with this program. // 18 //////////////////////////////////////////////////////////////////////////////// 19 20 if(!defined("PHORUM")) return; 21 22 // Check if the user is allowed to post a new message or a reply. 23 if( ($mode == "post" && !phorum_user_access_allowed(PHORUM_USER_ALLOW_NEW_TOPIC)) || 24 ($mode == "reply" && !phorum_user_access_allowed(PHORUM_USER_ALLOW_REPLY)) ) { if ($PHORUM["DATA"]["LOGGEDIN"]) { 25 // If users are logged in and can't post, they don't have rights to do so. 26 $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["NoPost"]; 27 } else { 28 // Check if they could post if logged in. If so, let them know to log in. 29 if( ($mode == "reply" && $PHORUM["reg_perms"] & PHORUM_USER_ALLOW_REPLY) || 30 ($mode == "post" && $PHORUM["reg_perms"] & PHORUM_USER_ALLOW_NEW_TOPIC) ) { 31 $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["PleaseLoginPost"]; 32 } else { 33 $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["NoPost"]; 34 } 35 } 36 $PHORUM["posting_template"] = "message"; 37 $error_flag = true; 38 return; 39 40 // Check that they are logged in according to the security settings in 41 // the admin. If they aren't then either set a message with a login link 42 // (when running as include) or redirect to the login page. 43 } elseif($PHORUM["DATA"]["LOGGEDIN"] && !$PHORUM["DATA"]["FULLY_LOGGEDIN"]){ 44 45 if (isset($PHORUM["postingargs"]["as_include"])) { 46 47 // Generate the URL to return to after logging in. 48 $args = array(PHORUM_REPLY_URL, $PHORUM["args"][1]); 49 if (isset($PHORUM["args"][2])) $args[] = $PHORUM["args"][2]; 50 if (isset($PHORUM["args"]["quote"])) $args[] = "quote=1"; 51 $redir = urlencode(call_user_func_array('phorum_get_url', $args)); 52 $url = phorum_get_url(PHORUM_LOGIN_URL, "redir=$redir"); 53 54 $PHORUM["DATA"]["URL"]["REDIRECT"] = $url; 55 $PHORUM["DATA"]["BACKMSG"] = $PHORUM["DATA"]["LANG"]["LogIn"]; 56 $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["PeriodicLogin"]; 57 $error_flag = true; 58 return; 59 60 } else { 61 62 // Generate the URL to return to after logging in. 63 $args = array(PHORUM_POSTING_URL); 64 if (isset($PHORUM["args"][1])) $args[] = $PHORUM["args"][1]; 65 if (isset($PHORUM["args"][2])) $args[] = $PHORUM["args"][2]; 66 if (isset($PHORUM["args"]["quote"])) $args[] = "quote=1"; 67 $redir = urlencode(call_user_func_array('phorum_get_url', $args)); 68 69 phorum_redirect_by_url(phorum_get_url(PHORUM_LOGIN_URL,"redir=$redir")); 70 exit(); 71 72 } 73 } 74 75 // Put read-only user info in the message. 76 if ($mode == "post" || $mode == "reply") 77 { 78 if ($PHORUM["DATA"]["LOGGEDIN"]){ 79 $message["user_id"] = $PHORUM["user"]["user_id"]; 80 // If the author field is read only or not filled, then 81 // use the user's username as the author. 82 if ($PHORUM["post_fields"]["author"][pf_READONLY] || 83 $message["author"] == '') { 84 $message["author"] = $PHORUM["user"]["username"]; 85 } 86 } else { 87 $message["user_id"] = 0; 88 } 89 } 90 91 // On finishing up, find the original message data in case we're 92 // editing or replying. Put read-only data in the message to prevent 93 // data tampering. 94 if ($finish && ($mode == 'edit' || $mode == 'reply')) 95 { 96 $id = $mode == "edit" ? "message_id" : "parent_id"; 97 $origmessage = phorum_db_get_message($message[$id]); 98 if (! $origmessage) { 99 phorum_redirect_by_url(phorum_get_url(PHORUM_INDEX_URL)); 100 exit(); 101 } 102 103 // Copy read-only information for editing messages. 104 if ($mode == "edit") { 105 $message = phorum_posting_merge_db2form($message, $origmessage, READONLYFIELDS); 106 // Copy read-only information for replying to messages. 107 } else { 108 $message["parent_id"] = $origmessage["message_id"]; 109 $message["thread"] = $origmessage["thread"]; 110 } 111 } 112 113 // We never store the email address in the message in case it 114 // was posted by a registered user. 115 if ($message["user_id"]) { 116 $message["email"] = ""; 117 } 118 119 // Find the startmessage for the thread. 120 if ($mode == "reply" || $mode == "edit") { 121 $top_parent = phorum_db_get_message($message["thread"]); 122 } 123 124 // Do permission checks for replying to messages. 125 if ($mode == "reply") 126 { 127 // Find the direct parent for this message. 128 if ($message["thread"] != $message["parent_id"]) { 129 $parent = phorum_db_get_message($message["parent_id"]); 130 } else { 131 $parent = $top_parent; 132 } 133 134 // If this thread is unapproved, then get out. 135 $unapproved = 136 empty($top_parent) || 137 empty($parent) || 138 $top_parent["closed"] || 139 $top_parent["status"] != PHORUM_STATUS_APPROVED || 140 $parent["status"] != PHORUM_STATUS_APPROVED; 141 142 if ($unapproved) 143 { 144 // In case we run the editor included in the read page, 145 // we should not redirect to the listpage for moderators. 146 // Else a moderator can never read an unapproved message. 147 if (isset($PHORUM["postingargs"]["as_include"])) { 148 if ($PHORUM["DATA"]["MODERATOR"]) { 149 $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["UnapprovedMessage"]; 150 $error_flag = true; 151 return; 152 } 153 } 154 155 // In other cases, redirect users that are replying to 156 // unapproved messages to the message list. 157 phorum_redirect_by_url(phorum_get_url(PHORUM_LIST_URL)); 158 exit; 159 } 160 161 } 162 163 // Do permission checks for editing messages. 164 if ($mode == "edit") 165 { 166 // Check if the user is allowed to edit this post. 167 $timelim = $PHORUM["user_edit_timelimit"]; 168 $useredit = 169 $message["user_id"] == $PHORUM["user"]["user_id"] && 170 phorum_user_access_allowed(PHORUM_USER_ALLOW_EDIT) && 171 ! empty($top_parent) && 172 ! $top_parent["closed"] && 173 (! $timelim || $message["datestamp"] + ($timelim * 60) >= time()); 174 175 // Moderators are allowed to edit message, but not messages from 176 // announcement threads. Announcements may only be edited by users 177 // for which the option "announcement" is set as allowed. 178 $moderatoredit = 179 $PHORUM["DATA"]["MODERATOR"] && 180 $message["forum_id"] == $PHORUM["forum_id"] && 181 ($message["special"] != "announcement" || 182 $PHORUM["DATA"]["OPTION_ALLOWED"]["announcement"]); 183 184 if (!$useredit && !$moderatoredit) { 185 $PHORUM["DATA"]["MESSAGE"] = 186 $PHORUM["DATA"]["LANG"]["EditPostForbidden"]; 187 $error_flag = true; 188 return; 189 } 190 } 191 192 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Thu Nov 29 12:22:27 2007 | par Balluche grâce à PHPXref 0.7 |
|
|