<?php
defined('WikyBlog') or die("Not an entry point...");
includeFile('search/all.php');
class forumListing extends query{
var $objectType = '_forumpost'; //for saving
var $parent;
var $replyLink;
//for saving with wikyblog's SavePage.php functions
var $keywords = '';
var $flags = '';
var $dbInfo;
var $uniqStorage;
var $file_id;
var $inLinks;
function forumListing(&$parent){
global $wbTables,$page,$jsNum,$wbPluginDir;
$this->parent = $parent;
if( !$this->parent->view_topics ){
message('AREA_RESTRICTED');
return;
}
$page->scripts[] = '/plugins/'.$wbPluginDir.'/include/js/forum.js?'.$jsNum;
$this->file_id = $this->parent->ids['topic'];
$showList = true;
if( !empty($page->userCmd) ){
//before buffer
switch($page->userCmd){
case 'options':
pluginIncludeFile('include/admin/adminPermissions.php');
return;
case 'show':
case 'difference':
case 'compare':
pluginIncludeFile('include/tool/Compare.php');
return;
case 'history':
includeFile('search/History.php');
return;
}
}
$page->formAction = $parent->uniqLink;
if( !empty($page->userCmd) ){
//all in one buffer
ob_start();
switch($page->userCmd){
case 'preview':
$this->preview();
$showList = false;
break;
case 'delete':
$this->delete();
$showList = false;
break;
case 'confdelete':
$this->confDelete();
break;
case 'save':
if( $this->savePost() ){
break;
}
if( $page->ajaxRequest ){
return;
}
case 'reply':
$this->reply();
$showList = false;
break;
case 'update':
if( $this->update() ){
break;
}
if( $page->ajaxRequest ){
return;
}
case 'edit':
if( $this->edit() ){
$showList = false;
}
break;
}
$page->contentB[$parent->uniqLink] = wb::get_clean();
}
if( $showList ){
$this->getList();
}
}
function getList(){
global $wbTables,$page;
pluginIncludeFile('themes/default/template.php');
$this->replyLink = false;
if( $this->parent->new_posts && $this->parent->activeTopic ){
$this->replyLink = wbLinks::local($this->parent->uniqLink.'?cmd=reply','reply',' onclick="WBf.R(\''.$this->parent->uniqId.'\')"');
}
$this->overWrite['cmd'] = false;
$this->overWrite['id'] = false;
$this->rowLimit = $this->parent->posts_per_page;
$this->query = 'SELECT SQL_CALC_FOUND_ROWS '.$wbTables['bb_posts'].'.* ';
$this->query .= ' FROM '.$wbTables['bb_posts'];
$this->query .= ' WHERE ';
$this->query .= $wbTables['bb_posts'].'.`forum_id` = "'.wbDB::escape($this->parent->ids['forum']).'" ';
$this->query .= ' AND '.$wbTables['bb_posts'].'.`file_id` = "'.wbDB::escape($this->file_id).'" ';
$this->query .= ' ORDER BY `id` ASC ';
$this->searchUrl = $this->parent->uniqLink;
$this->browse($this->parent->title);
}
function mysqlFetch(&$result){
return mysql_fetch_assoc($result);
}
function abbrevOutput(&$row,$i){
forumTemplate::postDisplay($row,$i);
}
function displayPre(){
global $langA;
if( !$this->parent->activeTopic ){
echo '<p><b>';
echo $langA['CLOSED_TOPIC'];
echo '</b></p>';
}
}
function displayPost(&$prev,&$pages,&$next){
global $langA;
$more = wbLinks::special('WhatLinksHere?to='.rawurlencode($this->parent->uniqLink),'what_links_here');
if( !$this->parent->activeTopic ){
echo '<p><b>';
echo $langA['CLOSED_TOPIC'];
echo '</b></p>';
}
parent::displayPost($prev,$pages,$next,'',$more);
if( $this->parent->new_posts && $this->parent->activeTopic ){
echo '<div style="display:none" id="REPLY_'.$this->parent->uniqId.'">';
$this->reply(true);
echo '</div>';
}
$this->parent->forumFooter();
}
function isEditable(&$row){
$privs = array();
$privs['edit'] = $privs['delete'] = false;
if( !$this->parent->activeTopic ){
return $privs;
}
if( $this->parent->mod_delete_topics ){
$privs['delete'] = true;
}
if( $_SESSION['userlevel'] >= 4 ){
$privs['edit'] = $privs['delete'] = true;
return $privs;
}
if( $this->parent->mod_edit_topics ){
$privs['edit'] = true;
}
if($_SESSION['user_id'] != $row['poster_id']){
return $privs;
}
if( $this->parent->mod_edit_own ){
$privs['edit'] = true;
}
if( $this->parent->mod_delete_own ){
$privs['delete'] = true;
}
return $privs;
}
function preview(){
global $wbNow,$langA;
globalFromPost('text');
$row = array();
$row['text'] = $_POST['text'];
$row['formatting'] = $_POST['formatting'];
$row['poster_ip'] = $_SERVER['REMOTE_ADDR'];
$row['created'] = $wbNow;
$row['flags'] = '';
$row['poster_id'] = '';
if( !empty($_SESSION['username']) ){
$row['poster_id'] = $_SESSION['user_id'];
}
echo '<h2>'.$langA['preview'].'</h2>';
pluginIncludeFile('themes/default/template.php');
$this->abbrevOutput($row,0);
if( isset($_POST['id']) ){
$this->edit();
}else{
$this->reply(false);
}
}
function reply($inline=false){
global $langA;
if( !$this->parent->new_posts ){
message('AREA_RESTRICTED');
return false;
}
if( !$this->parent->activeTopic ){
message('AREA_RESTRICTED');
return false;
}
echo '<input type="hidden" name="cmd" value="save" />';
$this->editForm($langA['reply'],$_POST,$inline);
}
function savePost(){
global $wbTables,$wbParser,$page;
if( !$this->parent->new_posts ){
message('AREA_RESTRICTED');
return true;
}
if( empty($_POST['text']) ){
message('EMPTY_TEXT');
return false;
}
$this->newPost = true;
//captcha check
pluginIncludeFile('include/tool/Save.php');
$checkCaptcha = false;
if( $this->parent->use_captcha && function_exists('imagecreate') ){
$checkCaptcha = true;
}
if( !bbSave::checkPoster($this->parent->uniqId,$checkCaptcha) ){
return false;
}
$username = '';
$userId = 0;
if( !empty($_SESSION['username']) ){
$username = $_SESSION['username'];
$userId = $_SESSION['user_id'];
}
//bb_posts
$query = ' INSERT INTO '.$wbTables['bb_posts'];
$query .= ' SET ';
$query .= bbSave::postData();
$query .= ' , `forum_id` = "'. wbDB::escape($this->parent->ids['forum']) .'" ';
$query .= ' , `file_id` = "'. wbDB::escape($this->file_id) .'" ';
$query .= ' , `modified` = NOW() ';
$query .= ' , `created` = NOW() ';
$query .= ' , `poster_name` = "'. wbDB::escape($username ) .'" ';
$query .= ' , `poster_id` = "'. wbDB::escape($userId) .'" ';
$query .= ' , `poster_ip` = "'. wbDB::escape($_SERVER['REMOTE_ADDR']) .'" ';
if( !wbDB::runQuery($query) ){
return false;
}
$post_id = mysql_insert_id();
//new
$page->userCmd = false;
includeFile('tool/SavePage.php');
$revisionNum = objectSave::newHistoryRow($this);
$instructions['post'] = $post_id;
$instructions['action'] = 'delpost';
$instructions = serialize($instructions);
if( !objectSave::updateAll($this,$instructions,$revisionNum-1) ){
return false;
}
//update forums
$query = ' UPDATE '.$wbTables['bb_forums'];
$query .= ' SET ';
$query .= $wbTables['bb_forums'].'.`posts` = '.$wbTables['bb_forums'].'.`posts` + 1';
$query .= ' , `last_post_user` = "'. wbDB::escape($username) .'" ';
$query .= ' , `last_post_ip` = "'. wbDB::escape($_SERVER['REMOTE_ADDR']) .'" ';
$query .= ' , `modified` = NOW() ';
$query .= ' WHERE ';
$query .= $wbTables['bb_forums'].'.`id` = "'. wbDB::escape($this->parent->ids['forum']) .'" ';
if( !wbDB::runQuery($query) ){
return false;
}
bbSave::newPost($this->parent->uniqId);
bbSearch::addPost($this->file_id);
bbSave::all_links($post_id);
return true;
}
function toDB(){
global $wbNow,$wbTables;
//prep some variables
$this->dbInfo['dbTable'] = $wbTables['bb_topics'];
$this->uniqStorage = $this->parent->uniqLink;
//Newer
$temp = array();
$temp['summary'] = htmlspecialchars($_POST['summary']);
if( !$this->newPost ){
$temp['modified'] = array($wbTables['bb_topics'].'.`modified`');
return $temp;
}
$temp['last_post_ip'] = $_SERVER['REMOTE_ADDR'];
$temp['last_post_user'] = '';
if( !empty($_SESSION['username']) ){
$temp['last_post_user'] = $_SESSION['username'];
}
$temp['posts'] = array($wbTables['bb_topics'].'.`posts` + 1');
$temp['modified'] = $wbNow;
return $temp;
}
////////////////////////////////////////////////////////////////////////////////////
//
// Editing
//
function checkPost(){
global $wbTables;
$post_id = false;
if( isset($_POST['id']) ){
$post_id = $_POST['id'];
}elseif( isset($_GET['id']) ){
$post_id = $_GET['id'];
}
if( !is_numeric($post_id) ){
message('INVALID_REQUEST');
return false;
}
$query = 'SELECT * FROM '.$wbTables['bb_posts'];
$query .= ' WHERE ';
$query .= ' `forum_id` = "'.wbDB::escape($this->parent->ids['forum']).'" ';
$query .= ' AND `file_id` = "'.wbDB::escape($this->file_id).'" ';
$query .= ' AND `id` = "'.wbDB::escape($post_id).'" ';
$result = wbDB::runQuery($query);
if( mysql_num_rows($result) !== 1){
message('INVALID_REQUEST');
return false;
}
$row = mysql_fetch_assoc($result);
$row['privs'] = $this->isEditable($row);
return $row;
}
function edit(){
global $langA,$wbTables;
if( !isset($_GET['id']) && !isset($_POST['id']) ){
return false;
}
$row = $this->checkPost();
if( !$row ){
return false;
}
if( !$row['privs']['edit'] ){
message('AREA_RESTRICTED');
return false;
}
echo '<input type="hidden" name="cmd" value="update" />';
echo '<input type="hidden" name="id" value="'.$row['id'].'" />';
if( isset($_POST['id']) ){
$this->editForm($langA['edit'],$_POST);
}else{
$this->editForm($langA['edit'],$row);
}
return true;
}
function update(){
global $wbTables;
$row = $this->checkPost();
if( !$row ){
return false;
}
if( !$row['privs']['edit'] ){
message('AREA_RESTRICTED');
return false;
}
$this->newPost = false;
$post_id =& $row['id'];
//new
$page->userCmd = false;
includeFile('tool/SavePage.php');
pluginIncludeFile('include/tool/Save.php');
$revisionNum = objectSave::newHistoryRow($this);
$instructions = array();
$instructions['post'] = $row['id'];
$instructions['action'] = 'edit';
$instructions['text'] = $row['text'];
$instructions = serialize($instructions);
if( !objectSave::updateAll($this,$instructions,$revisionNum-1) ){
return false;
}
//bb_posts
$query = 'UPDATE '.$wbTables['bb_posts'];
$query .= ' SET ';
$query .= bbSave::postData();
$query .= ' , `modified` = `modified` ';
$query .= ' WHERE ';
$query .= ' `forum_id` = "'.wbDB::escape($this->parent->ids['forum']).'" ';
$query .= ' AND `file_id` = "'.wbDB::escape($this->file_id).'" ';
$query .= ' AND `id` = "'.wbDB::escape($post_id).'" ';
$query .= ' LIMIT 1';
if( !wbDB::runQuery($query) ){
message('REQUEST_FAILED');
return false;
}
bbSearch::update($this->file_id);
bbSave::all_links($post_id);
return true;
}
function delete(){
global $langA, $page;
$page->css2 = true;
$row = $this->checkPost();
if( !$row ){
return;
}
if( !$row['privs']['delete'] ){
message('AREA_RESTRICTED');
return false;
}
echo '<input type="hidden" name="id" value="'.$row['id'].'" />';
echo '<table style="margin:2em auto 0 auto" class="WBeditArea1" cellpadding="9">';
echo '<tr><td style="text-align:center">';
echo $langA['DELETE_POST'];
echo '<input type="hidden" name="cmd" value="confdelete" />';
echo '<br/> <br/>';
echo '<input type="submit" name="" value="'.$langA['confirm'].'" />';
echo ' ';
echo '<input type="submit" name="cmd" value="'.$langA['cancel'].'" />';
echo '</td></tr>';
echo '</table>';
}
function confDelete(){
global $wbTables;
$row = $this->checkPost();
if( !$row ){
return;
}
if( !$row['privs']['delete'] ){
message('AREA_RESTRICTED');
return false;
}
//delete from bb_posts
$query = 'DELETE FROM '.$wbTables['bb_posts'];
$query .= 'WHERE ';
$query .= ' `forum_id` = "'.wbDB::escape($this->parent->ids['forum']).'" ';
$query .= ' AND `file_id` = "'.wbDB::escape($this->file_id).'" ';
$query .= ' AND `id` = "'.wbDB::escape($row['id']).'" ';
$query .= ' LIMIT 1 ';
$deletedPosts = wbDB::runQuery($query,true);
if( $deletedPosts === false ){
message('DELETE_FAILED');
return false;
}
if( $deletedPosts === 0){
return false;
}
//syncronize
pluginIncludeFile('include/admin/adminSync.php');
forumSync::syncTopic($this->parent->ids['forum'],$this->file_id);
forumSync::syncForum($this->parent->ids['forum']);
//update all_search
pluginIncludeFile('include/tool/Save.php');
bbSearch::update($this->file_id);
return true;
}
////////////////////////////////////////////////////////////////////////////////////
//
// Misc
//
function editForm($title,&$vars,$inline=false){
global $langA,$page;
$page->css2 = true;
includeFile('tool/EditPage.php');
$formats[] = 'wiki';
$formats[] = 'none';
$vars += array('text'=>'','title'=>'','formatting'=>'','summary'=>'');
echo '<table style="margin:1em auto 0 auto">';
echo '<tr><td>';
echo '<h2>'.$title.'</h2>';
echo '<table cellpadding="5" class="WBeditArea1">';
echo '<tr>';
echo '<th style="text-align:right">';
echo $langA['message'];
echo ':</th>';
echo '<td colspan="2">';
echo getToolbar('text',false);
echo '<textarea rows="20" style="width:40em" name="text" onchange="WBe.set(true)" >';
echo htmlspecialchars($vars['text']);
echo '</textarea>';
echo '</td>';
echo '</tr>';
echo '<tr>';
echo '<th style="text-align:right">';
echo $langA['summary'];
echo ':</th>';
echo '<td>';
echo '<input type="text" style="width:40em" name="summary" value="'.htmlspecialchars($vars['summary']).'" />';
echo '</td>';
echo '</tr>';
echo '<tr>';
echo '<th style="text-align:right">';
echo $langA['formatting'];
echo ':</th>';
echo '<td style="text-align:left">';
echo '<select name="formatting" >';
foreach($formats as $format){
if( $vars['formatting'] == $format ){
echo '<option value="'.$format.'" selected="selected">'.$langA[$format].'</option>';
}else{
echo '<option value="'.$format.'">'.$langA[$format].'</option>';
}
}
echo '</select>';
echo '</td>';
echo '</tr>';
//captcha
if( $this->parent->use_captcha && function_exists('imagecreate') ){
pluginIncludeFile('include/tool/Save.php');
$r = bbSave::captcha($this->parent->uniqId);
echo '<tr>';
echo '<td>';
$path = wbLinks::getDir('/include/tool/captcha.php?r='.$r);
echo '<img src="'.$path.'" alt="captcha" />';
echo '</td>';
echo '<td>';
echo '<input type="text" name="captcha" value="" />';
echo '</td>';
echo '</tr>';
}
echo '</table>';
echo '</td>';
echo '</tr>';
echo '<tr>';
echo '<td style="text-align:center">';
echo '<input type="submit" name="cmd" value="'.$langA['preview'].'" />';
echo ' ';
echo '<input type="submit" name="" value="'.$langA['save'].'" onclick="WBe.set(false)" />';
echo ' ';
echo '<input type="reset" name="cmd" value="'.$langA['reset'].'" onclick="WBe.set(false)" />';
echo ' ';
if( $this->parent->new_posts && $inline ){
echo '<input type="button" value="'.$langA['cancel'].'" onclick="WBf.R(\''.$this->parent->uniqId.'\',\'none\')" />';
}else{
echo '<input type="submit" name="cmd" value="'.$langA['cancel'].'" />';
}
echo '</td>';
echo '</tr>';
echo '</table>';
}
}