Location: PHPKode > projects > DantoBB > DantoBB_1-0/sources/edit_post.php
<?php

/*
	Copyright (C) 2009 DantoBB Team
	http://www.dantobb.com
*/

/**
 * Edit post interface
 *
 * Interface to editing posts.
 *
 * @author	DantoBB Team
 * @link	http://www.dantobb.com
 * @license	GPL-2
 * @version	$Revision: 1.0 $
 * @copyright	Copyright (C) 2009 DantoBB Team
 * @package	DantoBB
 */

//
// Die when called directly in browser
//
if ( !defined('INCLUDED') )
	exit();

//
// Edit posts
//
if ( !isset($_GET['act']) ) {
	
	$session->update('editpost:'.$_GET['post']);
	
	//
	// Include the page header
	//
	require(ROOT_PATH.'sources/page_head.php');
	
	//
	// Get info about the post
	//
	$result = $db->query("SELECT p.id, p.poster_id, p.post_time, p.poster_guest, p.content, p.enable_bbcode, p.enable_smilies, p.enable_sig, p.enable_html, u.displayed_name AS poster_name, u.level AS poster_level, u.signature, f.auth, f.id AS forum_id, f.name AS forum_name, t.id AS topic_id, t.topic_title, t.first_post_id FROM ( ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."members u ON p.poster_id = u.id ), ".TABLE_PREFIX."topics t, ".TABLE_PREFIX."forums f WHERE t.id = p.topic_id AND f.id = t.forum_id AND p.id = ".$_GET['post']);
	$postdata = $db->fetch_result($result);
	
	if ( !$postdata['id'] ) {
		
		//
		// This post does not exist
		//
		header(HEADER_404);
		$template->set_page_title($lang['Error']);
		$template->parse('msgbox', 'global', array(
			'box_title' => $lang['Error'],
			'content' => sprintf($lang['NoSuchPost'], 'ID '.$_GET['post'])
		));
		
	} else {
		
		//
		// Only if the user can edit posts
		//
		if ( ( ( $session->sess_info['user_id'] && $postdata['poster_id'] == $session->sess_info['user_id'] && ( time() - $functions->get_config('edit_post_timeout') ) <= $postdata['post_time'] ) || $functions->auth($postdata['auth'], 'edit', $postdata['forum_id']) ) && $postdata['poster_level'] <= $session->sess_info['user_info']['level'] ) {
			
			$_POST['poster_guest'] = ( !empty($_POST['poster_guest']) ) ? preg_replace('#\s+#', ' ', $_POST['poster_guest']) : '';
			if ( ( $postdata['poster_id'] || ( !empty($_POST['poster_guest']) && preg_match(USER_PREG, $_POST['poster_guest']) ) ) && ( $postdata['first_post_id'] != $_GET['post'] || !empty($_POST['topic_title']) ) && !$functions->post_empty($_POST['content']) && empty($_POST['preview']) ) {
				
				$update_poster_guest = ( !$postdata['poster_id'] ) ? ", poster_guest = '".$_POST['poster_guest']."'" : '';
				$enable_bbcode = ( !empty($_POST['enable_bbcode']) ) ? 1 : 0;
				$enable_smilies = ( !empty($_POST['enable_smilies']) ) ? 1 : 0;
				$enable_sig = ( $postdata['poster_id'] && !empty($postdata['signature']) && !empty($_POST['enable_sig']) ) ? 1 : 0;
				$enable_html = ( $functions->auth($postdata['auth'], 'html', $postdata['forum_id']) && !empty($_POST['enable_html']) ) ? 1 : 0;
				
				$result = $db->query("UPDATE ".TABLE_PREFIX."posts SET content = '".$_POST['content']."'".$update_poster_guest.", enable_bbcode = ".$enable_bbcode.", enable_smilies = ".$enable_smilies.", enable_sig = ".$enable_sig.", enable_html = ".$enable_html.", post_edit_time = ".time().", post_edit_by = ".$session->sess_info['user_id']." WHERE id = ".$_GET['post']);
				
				if ( $postdata['first_post_id'] == $_GET['post'] ) {
					
					$result = $db->query("UPDATE ".TABLE_PREFIX."topics SET topic_title = '".$_POST['topic_title']."' WHERE id = ".$postdata['topic_id']);
					
				}
				
				$functions->redirect('topic.php', array('post' => $_GET['post']), 'post'.$_GET['post']);
				
			} else {
				
				$template->set_page_title('<a href="'.$functions->make_url('forum.php', array('id' => $postdata['forum_id'])).'">'.unhtml(stripslashes($postdata['forum_name'])).'</a>'.$template->get_config('locationbar_item_delimiter').'<a href="'.$functions->make_url('topic.php', array('post' => $_GET['post'])).'#post'.$_GET['post'].'">'.unhtml($functions->replace_badwords(stripslashes($postdata['topic_title']))).'</a>'.$template->get_config('locationbar_item_delimiter').$lang['EditPost']);
				
				if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
					
					$poster_guest = ( !empty($_POST['poster_guest']) && preg_match(USER_PREG, $_POST['poster_guest']) ) ? $_POST['poster_guest'] : '';
					$topic_title = ( !empty($_POST['topic_title']) ) ? unhtml(stripslashes($_POST['topic_title'])) : '';
					$content = ( !$functions->post_empty($_POST['content']) ) ? unhtml(stripslashes($_POST['content'])) : '';
					$enable_bbcode_checked = ( !empty($_POST['enable_bbcode']) ) ? ' checked="checked"' : '';
					$enable_smilies_checked = ( !empty($_POST['enable_smilies']) ) ? ' checked="checked"' : '';
					$enable_sig_checked = ( !empty($_POST['enable_sig']) ) ? ' checked="checked"' : '';
					$enable_html_checked = ( !empty($_POST['enable_html']) ) ? ' checked="checked"' : '';
					
					$errors = array();
					if ( ( !$postdata['poster_id'] ) && ( empty($_POST['poster_guest']) || !preg_match(USER_PREG, $_POST['poster_guest']) ) )
						$errors[] = $lang['Username'];
					if ( $postdata['first_post_id'] == $_GET['post'] && empty($_POST['topic_title']) )
						$errors[] = $lang['Subject'];
					if ( $functions->post_empty($_POST['content']) )
						$errors[] = $lang['Content'];
					
					if ( count($errors) ) {
						
						$template->parse('msgbox', 'global', array(
							'box_title' => $lang['Error'],
							'content' => sprintf($lang['MissingFields'], join(', ', $errors))
						));
						
					} elseif ( !empty($_POST['preview']) ) {
						
						$template->parse('preview', 'various', array(
							'post_content' => $functions->markup(stripslashes($_POST['content']), $enable_bbcode_checked, $enable_smilies_checked, $enable_html_checked)
						));
						
					}
					
				} else {
					
					$poster_guest = $postdata['poster_guest'];
					$topic_title = unhtml(stripslashes($postdata['topic_title']));
					$content = unhtml(stripslashes($postdata['content']));
					$enable_bbcode_checked = ( $postdata['enable_bbcode'] ) ? ' checked="checked"' : '';
					$enable_smilies_checked = ( $postdata['enable_smilies'] ) ? ' checked="checked"' : '';
					$enable_sig_checked = ( $postdata['enable_sig'] ) ? ' checked="checked"' : '';
					$enable_html_checked = ( $postdata['enable_html'] ) ? ' checked="checked"' : '';
					
					if ( !$postdata['poster_id'] )
						$template->set_js_onload("set_focus('poster_guest')");
					elseif ( $postdata['first_post_id'] == $_GET['post'] )
						$template->set_js_onload("set_focus('topic_title')");
					else
						$template->set_js_onload("set_focus('tags-txtarea')");
					
				}
				
				$options_input = array();
				$options_input[] = '<label><input type="checkbox" name="enable_bbcode" value="1"'.$enable_bbcode_checked.' /> '.$lang['EnableBBCode'].'</label>';
				$options_input[] = '<label><input type="checkbox" name="enable_smilies" value="1"'.$enable_smilies_checked.' /> '.$lang['EnableSmilies'].'</label>';
				if ( $postdata['poster_id'] && !empty($postdata['signature']) )
					$options_input[] = '<label><input type="checkbox" name="enable_sig" value="1"'.$enable_sig_checked.' /> '.$lang['EnableSig'].'</label>';
				if ( $functions->auth($postdata['auth'], 'html', $postdata['forum_id']) )
					$options_input[] = '<label><input type="checkbox" name="enable_html" value="1"'.$enable_html_checked.' /> '.$lang['EnableHTML'].'</label>';
				$options_input = '<div>'.join('</div><div>', $options_input).'</div>';
				
				$template->parse('post_form', 'various', array(
					'form_begin' => '<form action="'.$functions->make_url('edit.php', array('post' => $_GET['post'])).'" method="post">',
					'post_title' => $lang['EditPost'],
					'username_input' => ( $postdata['poster_id'] ) ? '<a href="'.$functions->make_url('profile.php', array('id' => $postdata['poster_id'])).'">'.unhtml(stripslashes($postdata['poster_name'])).'</a>' : '<input type="text" size="25" maxlength="255" name="poster_guest" id="poster_guest" value="'.unhtml(stripslashes($poster_guest)).'" tabindex="1" />',
					'subject_input' => ( $postdata['first_post_id'] != $_GET['post'] ) ? '<a href="'.$functions->make_url('topic.php', array('id' => $postdata['topic_id'])).'">'.unhtml(stripslashes($postdata['topic_title'])).'</a>' : '<input type="text" name="topic_title" id="topic_title" size="50" value="'.$topic_title.'" tabindex="2" />',
					'content_input' => '<textarea rows="'.$template->get_config('textarea_rows').'" cols="'.$template->get_config('textarea_cols').'" name="content" id="tags-txtarea" tabindex="3">'.$content.'</textarea>',
					'bbcode_controls' => $functions->get_bbcode_controls(),
					'smiley_controls' => $functions->get_smiley_controls(),
					'options_input' => $options_input,
					'submit_button' => '<input type="submit" name="submit" value="'.$lang['OK'].'" tabindex="5" accesskey="s" />',
					'preview_button' => '<input type="submit" name="preview" value="'.$lang['Preview'].'" tabindex="4" />',
					'reset_button' => '<input type="reset" value="'.$lang['Reset'].'" />',
					'form_end' => '</form>'
				));
				
			}
			
		} else {
			
			$functions->redir_to_login();
			
		}
		
	}
	
	//
	// Include the page footer
	//
	require(ROOT_PATH.'sources/page_foot.php');
	
} elseif ( $_GET['act'] == 'delete' ) {
	
	$session->update('deletepost:'.$_GET['post']);
	
	//
	// Include the page header
	//
	require(ROOT_PATH.'sources/page_head.php');
	
	//
	// Get info about the post
	//
	$result = $db->query("SELECT p.id, p.poster_id, p.post_time, u.level AS poster_level, f.id AS forum_id, f.auth, f.last_topic_id, f.increase_post_count, t.id AS topic_id, t.count_replies, t.topic_title, t.first_post_id, t.last_post_id FROM ( ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."members u ON p.poster_id = u.id ), ".TABLE_PREFIX."forums f, ".TABLE_PREFIX."topics t WHERE t.id = p.topic_id AND f.id = t.forum_id AND p.id = ".$_GET['post']);
	$postdata = $db->fetch_result($result);
	
	if ( !$postdata['id'] ) {
		
		//
		// This post does not exist
		//
		header(HEADER_404);
		$template->set_page_title($lang['Error']);
		$template->parse('msgbox', 'global', array(
			'box_title' => $lang['Error'],
			'content' => sprintf($lang['NoSuchPost'], 'ID '.$_GET['post'])
		));
		
	} else {
		
		//
		// Only if the user can delete posts
		//
		if ( ( ( $session->sess_info['user_id'] && $postdata['poster_id'] == $session->sess_info['user_id'] && $postdata['last_post_id'] == $_GET['post'] && ( time() - $functions->get_config('edit_post_timeout') ) <= $postdata['post_time'] ) || $functions->auth($postdata['auth'], 'delete', $postdata['forum_id']) ) && $postdata['poster_level'] <= $session->sess_info['user_info']['level'] ) {
			
			if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
				
				if ( !empty($_POST['delete']) ) {
					
					//
					// 1. Delete the post entry (and eventually the topic entry)
					//
					$topic_deleted = false;
					$result = $db->query("DELETE FROM ".TABLE_PREFIX."posts WHERE id = ".$_GET['post']);
					if ( $postdata['count_replies'] < 1 ) {
						
						$result = $db->query("DELETE FROM ".TABLE_PREFIX."topics WHERE id = ".$postdata['topic_id']);
						
						$topic_deleted = true;
						$update_topic_count = ', topics = topics-1';
						
					} else {
						
						$update_topic_count = '';
						
					}
					
					//
					// 2. Adjust the topic's first and last post id if needed
					//
					if ( !$topic_deleted ) {
						
						if ( $postdata['first_post_id'] == $_GET['post'] ) {
							
							$result = $db->query("SELECT p.id FROM ".TABLE_PREFIX."posts p, ".TABLE_PREFIX."topics t WHERE p.topic_id = t.id AND t.id = ".$postdata['topic_id']." ORDER BY p.post_time ASC LIMIT 1");
							$first_post_data = $db->fetch_result($result);
							$update_first_post_id = ', first_post_id = '.$first_post_data['id'];
							
						} else {
							
							$update_first_post_id = '';
							
						}
						
						if ( $postdata['last_post_id'] == $_GET['post'] ) {
							
							$result = $db->query("SELECT p.id FROM ".TABLE_PREFIX."posts p, ".TABLE_PREFIX."topics t WHERE p.topic_id = t.id AND t.id = ".$postdata['topic_id']." ORDER BY p.post_time DESC LIMIT 1");
							$last_post_data = $db->fetch_result($result);
							$update_last_post_id = ', last_post_id = '.$last_post_data['id'];
							
						} else {
							
							$update_last_post_id = '';
							
						}
						
					}
					
					//
					// 3. Adjust the topic's replies count if needed
					//
					if ( !$topic_deleted ) {
						
						$result = $db->query("UPDATE ".TABLE_PREFIX."topics SET count_replies = count_replies-1".$update_first_post_id.$update_last_post_id." WHERE id = ".$postdata['topic_id']);
						
					}
					
					//
					// 4. Adjust latest updated topic of forum if needed
					//
					if ( $postdata['last_topic_id'] == $postdata['topic_id'] ) {
						
						$result = $db->query("SELECT p.topic_id FROM ".TABLE_PREFIX."posts p, ".TABLE_PREFIX."topics t WHERE p.topic_id = t.id AND t.forum_id = ".$postdata['forum_id']." ORDER BY p.post_time DESC LIMIT 1");
						$lasttopicdata = $db->fetch_result($result);
						
						if ( !$lasttopicdata['topic_id'] ) {
							
							$result = $db->query("UPDATE ".TABLE_PREFIX."forums SET topics = 0, posts = 0, last_topic_id = 0 WHERE id = ".$postdata['forum_id']);
							
							$forum_counts_updated = true;
							
						} else {
							
							$update_last_topic_id = ', last_topic_id = '.$lasttopicdata['topic_id'];
							
						}
						
					} else {
						
						$update_last_topic_id = '';
						
					}
					
					//
					// 5. Update the forum's counters
					//
					if ( !isset($forum_counts_updated) ) {
						
						$result = $db->query("UPDATE ".TABLE_PREFIX."forums SET posts = posts-1".$update_topic_count.$update_last_topic_id." WHERE id = ".$postdata['forum_id']);
						
					}
					
					//
					// 6. Adjust user's posts level
					//
					if ( $postdata['poster_id'] > LEVEL_GUEST && $postdata['increase_post_count'] ) {
						
						$result = $db->query("UPDATE ".TABLE_PREFIX."members SET posts = posts-1 WHERE id = ".$postdata['poster_id']);
						
					}
					
					//
					// 7. Adjust stats
					//
					$result = $db->query("UPDATE ".TABLE_PREFIX."stats SET content = content-1 WHERE name = 'posts'");
					
					if ( $topic_deleted ) {
						
						$result = $db->query("UPDATE ".TABLE_PREFIX."stats SET content = content-1 WHERE name = 'topics'");
						
						$functions->redirect('forum.php', array('id' => $postdata['forum_id']));
						
					} else {
						
						$functions->redirect('topic.php', array('id' => $postdata['topic_id']));
						
					}
					
				} else {
					
					$functions->redirect('topic.php', array('post' => $_GET['post']), 'post'.$_GET['post']);
					
				}
				
			} else {
				
				$template->set_page_title($lang['DeletePost']);
				$template->parse('confirm_form', 'global', array(
					'form_begin' => '<form action="'.$functions->make_url('edit.php', array('post' => $_GET['post'], 'act' => 'delete')).'" method="post">',
					'title' => $lang['DeletePost'],
					'content' => sprintf($lang['ConfirmDeletePost'], '<em>'.unhtml(stripslashes($postdata['topic_title'])).'</em>'),
					'submit_button' => '<input type="submit" name="delete" value="'.$lang['Yes'].'" />',
					'cancel_button' => '<input type="submit" value="'.$lang['Cancel'].'" />',
					'form_end' => '</form>'
				));
				
			}
			
		} else {
			
			$functions->redir_to_login();
			
		}
		
	}
	
	//
	// Include the page footer
	//
	require(ROOT_PATH.'sources/page_foot.php');
	
}

?>
Return current item: DantoBB