Location: PHPKode > projects > PapyrusBB > PapyrusBB-0.6/include/listPosts.php
<?php
defined('WikyBlog') or die("Not an entry point...");

includeFile('search/all.php');

class forumListing extends query{
	var $objectType = '_forumpost'; //for saving
	
	var $parent;
	var $replyLink;
	
	//for saving with wikyblog's SavePage.php functions
	var $keywords = '';
	var $flags = '';
	var $dbInfo;
	var $uniqStorage;
	var $file_id;
	var $inLinks;
	
	
	function forumListing(&$parent){
		global $wbTables,$page,$jsNum,$wbPluginDir;
		$this->parent = $parent;
		
		if( !$this->parent->view_topics ){
			message('AREA_RESTRICTED');
			return;
		}
		$page->scripts[] = '/plugins/'.$wbPluginDir.'/include/js/forum.js?'.$jsNum;

		$this->file_id = $this->parent->ids['topic'];
		
		
		$showList = true;
		if( !empty($page->userCmd) ){
			
			//before buffer
			switch($page->userCmd){
				case 'options':
					pluginIncludeFile('include/admin/adminPermissions.php');
				return;
				
				case 'show':
				case 'difference':
				case 'compare':
					pluginIncludeFile('include/tool/Compare.php');
				return;
				case 'history':
					includeFile('search/History.php');
				return;
			}
		}
		
		$page->formAction = $parent->uniqLink;
		if( !empty($page->userCmd) ){
			
			//all in one buffer
			ob_start();
			switch($page->userCmd){
				case 'preview':
					$this->preview();
					$showList = false;
				break;
				
				case 'delete':
					$this->delete();
					$showList = false;
				break;
				case 'confdelete':
					$this->confDelete();
				break;
				
				case 'save':
					if( $this->savePost() ){
						break;
					}
					if( $page->ajaxRequest ){
						return;
					}					
				case 'reply':
					$this->reply();
					$showList = false;
				break;
				
				case 'update':
					if( $this->update() ){
						break;
					}
					if( $page->ajaxRequest ){
						return;
					}					
				case 'edit':
					if( $this->edit() ){
						$showList = false;
					}
				break;
			}
			$page->contentB[$parent->uniqLink] = wb::get_clean();
		}
			
		if( $showList ){
			$this->getList();
		}
	}
	
	function getList(){
		global $wbTables,$page;
		pluginIncludeFile('themes/default/template.php');
		
		$this->replyLink = false;
		if( $this->parent->new_posts && $this->parent->activeTopic ){
			$this->replyLink = wbLinks::local($this->parent->uniqLink.'?cmd=reply','reply',' onclick="WBf.R(\''.$this->parent->uniqId.'\')"');
		}
		
		$this->overWrite['cmd'] = false;
		$this->overWrite['id'] = false;
		$this->rowLimit = $this->parent->posts_per_page;

		
		$this->query = 'SELECT SQL_CALC_FOUND_ROWS '.$wbTables['bb_posts'].'.* ';
		$this->query .= ' FROM '.$wbTables['bb_posts'];
		$this->query .= ' WHERE ';
		$this->query .= $wbTables['bb_posts'].'.`forum_id` = "'.wbDB::escape($this->parent->ids['forum']).'" ';
		$this->query .= ' AND '.$wbTables['bb_posts'].'.`file_id` = "'.wbDB::escape($this->file_id).'" ';
		$this->query .= ' ORDER BY `id` ASC ';
		
		
		$this->searchUrl = $this->parent->uniqLink;
		$this->browse($this->parent->title);
	}
	function mysqlFetch(&$result){
		return mysql_fetch_assoc($result);
	}
	
	function abbrevOutput(&$row,$i){
		forumTemplate::postDisplay($row,$i);
	}

	
	function displayPre(){
		global $langA;
		if( !$this->parent->activeTopic ){
			echo '<p><b>';
			echo $langA['CLOSED_TOPIC'];
			echo '</b></p>';
		}
	}


	function displayPost(&$prev,&$pages,&$next){
		global $langA;
		
		$more = wbLinks::special('WhatLinksHere?to='.rawurlencode($this->parent->uniqLink),'what_links_here');
		if( !$this->parent->activeTopic ){
			echo '<p><b>';
			echo $langA['CLOSED_TOPIC'];
			echo '</b></p>';
		}
		parent::displayPost($prev,$pages,$next,'',$more);
		if( $this->parent->new_posts && $this->parent->activeTopic ){
			echo '<div style="display:none" id="REPLY_'.$this->parent->uniqId.'">';
				$this->reply(true);
			echo '</div>';
		}
		$this->parent->forumFooter();
	}
	
	function isEditable(&$row){
		$privs = array();
		$privs['edit'] = $privs['delete'] = false;
		
		if( !$this->parent->activeTopic ){
			return $privs;
		}
		
		if( $this->parent->mod_delete_topics ){
			$privs['delete'] = true;
		}
		
		if( $_SESSION['userlevel'] >= 4 ){
			$privs['edit'] = $privs['delete'] = true;
			return $privs;
		}
		
		if( $this->parent->mod_edit_topics ){
			$privs['edit'] = true;
		}
		
		if($_SESSION['user_id'] != $row['poster_id']){
			return $privs;
		}
		if( $this->parent->mod_edit_own ){
			$privs['edit'] = true;
		}
		if( $this->parent->mod_delete_own ){
			$privs['delete'] = true;
		}
		return $privs;
	}
	
	function preview(){
		global $wbNow,$langA;
		globalFromPost('text');
		
		$row = array();
		$row['text'] = $_POST['text'];
		$row['formatting'] = $_POST['formatting'];
		$row['poster_ip'] = $_SERVER['REMOTE_ADDR'];
		$row['created'] = $wbNow;
		$row['flags'] = '';
		$row['poster_id'] = '';
		if( !empty($_SESSION['username']) ){
			$row['poster_id'] = $_SESSION['user_id'];
		}
		
		
		echo '<h2>'.$langA['preview'].'</h2>';
		pluginIncludeFile('themes/default/template.php');
		$this->abbrevOutput($row,0);
		
		if( isset($_POST['id']) ){
			$this->edit();
		}else{
			$this->reply(false);
		}
	}

	
	function reply($inline=false){
		global $langA;
		
		if( !$this->parent->new_posts ){
			message('AREA_RESTRICTED');
			return false;
		}
		if( !$this->parent->activeTopic ){
			message('AREA_RESTRICTED');
			return false;
		}

		echo '<input type="hidden" name="cmd" value="save" />';
		$this->editForm($langA['reply'],$_POST,$inline);
	}
	
	function savePost(){
		global $wbTables,$wbParser,$page;
		
		if( !$this->parent->new_posts ){
			message('AREA_RESTRICTED');
			return true;
		}
		
		if( empty($_POST['text']) ){
			message('EMPTY_TEXT');
			return false;
		}
		$this->newPost = true;
		
		//captcha check
		pluginIncludeFile('include/tool/Save.php');
		$checkCaptcha = false;
		if( $this->parent->use_captcha && function_exists('imagecreate') ){
			$checkCaptcha = true;
		}
		if( !bbSave::checkPoster($this->parent->uniqId,$checkCaptcha) ){
			return false;
		}
		
		
		$username = '';
		$userId = 0;
		if( !empty($_SESSION['username']) ){
			$username = $_SESSION['username'];
			$userId = $_SESSION['user_id'];
		}
		//bb_posts
		$query = ' INSERT INTO '.$wbTables['bb_posts'];
		$query .= ' SET ';
		$query .= bbSave::postData();
		$query .= ' ,  `forum_id` = "'. wbDB::escape($this->parent->ids['forum']) .'" ';
		$query .= ' , `file_id` = "'. wbDB::escape($this->file_id) .'" ';
		$query .= ' , `modified` = NOW() ';
		$query .= ' , `created` = NOW() ';
		$query .= ' , `poster_name` = "'. wbDB::escape($username ) .'" ';
		$query .= ' , `poster_id` = "'. wbDB::escape($userId) .'" ';
		$query .= ' , `poster_ip` = "'. wbDB::escape($_SERVER['REMOTE_ADDR']) .'" ';
		if( !wbDB::runQuery($query) ){
			return false;
		}
		
		$post_id = mysql_insert_id();
		
		//new
		$page->userCmd = false;
		includeFile('tool/SavePage.php');
		$revisionNum = objectSave::newHistoryRow($this);
		$instructions['post'] = $post_id;
		$instructions['action'] = 'delpost';
		$instructions = serialize($instructions);
		if( !objectSave::updateAll($this,$instructions,$revisionNum-1) ){
			return false;
		}

		
		//update forums
		$query = ' UPDATE '.$wbTables['bb_forums'];
		$query .= ' SET ';
		$query .= $wbTables['bb_forums'].'.`posts` = '.$wbTables['bb_forums'].'.`posts` + 1';
		$query .= ' , `last_post_user` = "'. wbDB::escape($username) .'" ';
		$query .= ' , `last_post_ip` = "'. wbDB::escape($_SERVER['REMOTE_ADDR']) .'" ';
		$query .= ' , `modified` = NOW() ';
		
		$query .= ' WHERE ';
		$query .= $wbTables['bb_forums'].'.`id` = "'. wbDB::escape($this->parent->ids['forum']) .'" ';
		if( !wbDB::runQuery($query) ){
			return false;
		}
		
		bbSave::newPost($this->parent->uniqId);
		bbSearch::addPost($this->file_id);
		bbSave::all_links($post_id);
		
		return true;
	}
	
	function toDB(){
		global $wbNow,$wbTables;
		
		
		//prep some variables
		$this->dbInfo['dbTable'] = $wbTables['bb_topics'];
		$this->uniqStorage = $this->parent->uniqLink;

		
		//Newer
		$temp = array();
		$temp['summary'] = htmlspecialchars($_POST['summary']);
		
		if( !$this->newPost ){
			$temp['modified'] = array($wbTables['bb_topics'].'.`modified`');
			return $temp;
		}
			
		$temp['last_post_ip'] = $_SERVER['REMOTE_ADDR'];
		$temp['last_post_user'] = '';
		if( !empty($_SESSION['username']) ){
			$temp['last_post_user'] = $_SESSION['username'];
		}
		
		$temp['posts'] = array($wbTables['bb_topics'].'.`posts` + 1');
		$temp['modified'] = $wbNow;
		
		return $temp;
	}
	
	
	////////////////////////////////////////////////////////////////////////////////////
	//
	//		Editing
	//
	function checkPost(){
		global $wbTables;
		
		$post_id = false;
		if( isset($_POST['id']) ){
			$post_id = $_POST['id'];
		}elseif( isset($_GET['id']) ){
			$post_id = $_GET['id'];
		}
		if( !is_numeric($post_id) ){
			message('INVALID_REQUEST');
			return false;
		}		
		
		$query = 'SELECT * FROM '.$wbTables['bb_posts']; 
		$query .= ' WHERE ';
		$query .= ' `forum_id` = "'.wbDB::escape($this->parent->ids['forum']).'" ';
		$query .= ' AND `file_id` = "'.wbDB::escape($this->file_id).'" ';
		$query .= ' AND `id` = "'.wbDB::escape($post_id).'" ';
		$result = wbDB::runQuery($query);
		if( mysql_num_rows($result) !== 1){
			message('INVALID_REQUEST');
			return false;
		}
		$row = mysql_fetch_assoc($result);
		
		$row['privs'] = $this->isEditable($row);
		return $row;
	}
	
	function edit(){
		global $langA,$wbTables;
		
		if( !isset($_GET['id']) && !isset($_POST['id']) ){
			return false;
		}
		
		$row = $this->checkPost();
		if( !$row ){
			return false;
		}
		if( !$row['privs']['edit'] ){
			message('AREA_RESTRICTED');
			return false;
		}
		
		echo '<input type="hidden" name="cmd" value="update" />';
		echo '<input type="hidden" name="id" value="'.$row['id'].'" />';
		if( isset($_POST['id']) ){
			$this->editForm($langA['edit'],$_POST);
		}else{
			$this->editForm($langA['edit'],$row);
		}
		return true;
	}
	
	function update(){
		global $wbTables;
		
		$row = $this->checkPost();
		if( !$row ){
			return false;
		}
		
		if( !$row['privs']['edit'] ){
			message('AREA_RESTRICTED');
			return false;
		}
		$this->newPost = false;
		
		$post_id =& $row['id'];
		
		//new
		$page->userCmd = false;
		includeFile('tool/SavePage.php');
		pluginIncludeFile('include/tool/Save.php');
		
		
		$revisionNum = objectSave::newHistoryRow($this);
		$instructions = array();
		$instructions['post'] = $row['id'];
		$instructions['action'] = 'edit';
		$instructions['text'] = $row['text'];
		$instructions = serialize($instructions);
		if( !objectSave::updateAll($this,$instructions,$revisionNum-1) ){
			return false;
		}
		
		
	
		//bb_posts
		$query = 'UPDATE '.$wbTables['bb_posts'];
		$query .= ' SET ';
		$query .= bbSave::postData();
		$query .= ' , `modified` = `modified` ';
		$query .= ' WHERE ';
		$query .= ' `forum_id` = "'.wbDB::escape($this->parent->ids['forum']).'" ';
		$query .= ' AND `file_id` = "'.wbDB::escape($this->file_id).'" ';
		$query .= ' AND `id` = "'.wbDB::escape($post_id).'" ';
		$query .= ' LIMIT 1';
		if( !wbDB::runQuery($query) ){
			message('REQUEST_FAILED');
			return false;
		}
		
		bbSearch::update($this->file_id);
		bbSave::all_links($post_id);
		
		return true;
	}
	
	
	
	function delete(){
		global $langA, $page;
		$page->css2 = true;
		
		$row = $this->checkPost();
		if( !$row ){
			return;
		}
		
		if( !$row['privs']['delete'] ){
			message('AREA_RESTRICTED');
			return false;
		}

		echo '<input type="hidden" name="id" value="'.$row['id'].'" />';
		echo '<table style="margin:2em auto 0 auto" class="WBeditArea1" cellpadding="9">';
		echo '<tr><td style="text-align:center">';
		echo $langA['DELETE_POST'];
		echo '<input type="hidden" name="cmd" value="confdelete" />';
		echo '<br/> &nbsp; <br/>';
		echo '<input type="submit" name="" value="'.$langA['confirm'].'" />';
		echo ' &nbsp; ';
		echo '<input type="submit" name="cmd" value="'.$langA['cancel'].'" />';
		echo '</td></tr>';
		echo '</table>';
		
	}
	
	function confDelete(){
		global $wbTables;
		
		$row = $this->checkPost();
		if( !$row ){
			return;
		}
		
		if( !$row['privs']['delete'] ){
			message('AREA_RESTRICTED');
			return false;
		}
		
		//delete from bb_posts
		$query = 'DELETE FROM '.$wbTables['bb_posts'];
		$query .= 'WHERE ';
		$query .= ' `forum_id` = "'.wbDB::escape($this->parent->ids['forum']).'" ';
		$query .= ' AND `file_id` = "'.wbDB::escape($this->file_id).'" ';
		$query .= ' AND `id` = "'.wbDB::escape($row['id']).'" ';
		$query .= ' LIMIT 1 ';
		$deletedPosts = wbDB::runQuery($query,true);
		if( $deletedPosts === false ){
			message('DELETE_FAILED');
			return false;
		}
		if( $deletedPosts === 0){
			return false;
		}
		
		//syncronize
		pluginIncludeFile('include/admin/adminSync.php');
		forumSync::syncTopic($this->parent->ids['forum'],$this->file_id);
		forumSync::syncForum($this->parent->ids['forum']);
		
		//update all_search
		pluginIncludeFile('include/tool/Save.php');
		bbSearch::update($this->file_id);
		
		return true;
	}
	
		
	////////////////////////////////////////////////////////////////////////////////////
	//
	//	Misc
	//
	
	function editForm($title,&$vars,$inline=false){
		global $langA,$page;
		$page->css2 = true;
		includeFile('tool/EditPage.php');
		$formats[] = 'wiki';
		$formats[] = 'none';
		
		$vars += array('text'=>'','title'=>'','formatting'=>'','summary'=>'');

		
		echo '<table style="margin:1em auto 0 auto">';
		echo '<tr><td>';
		
		echo '<h2>'.$title.'</h2>';
		echo '<table cellpadding="5" class="WBeditArea1">';
		echo '<tr>';
			echo '<th style="text-align:right">';
			echo $langA['message'];
			echo ':</th>';
			echo '<td colspan="2">';
			echo getToolbar('text',false);
			echo '<textarea rows="20" style="width:40em" name="text" onchange="WBe.set(true)" >';
			echo htmlspecialchars($vars['text']);
			echo '</textarea>';
			echo '</td>';
			echo '</tr>';
			
		echo '<tr>';
			echo '<th style="text-align:right">';
			echo $langA['summary'];
			echo ':</th>';
			echo '<td>';
			echo '<input type="text" style="width:40em" name="summary" value="'.htmlspecialchars($vars['summary']).'" />';
			echo '</td>';
			echo '</tr>';
						
		echo '<tr>';
			echo '<th style="text-align:right">';
			echo $langA['formatting'];
			echo ':</th>';
			echo '<td style="text-align:left">';
			echo '<select name="formatting" >';
			
			foreach($formats as $format){
				if( $vars['formatting'] == $format ){
					echo '<option value="'.$format.'" selected="selected">'.$langA[$format].'</option>';
				}else{
					echo '<option value="'.$format.'">'.$langA[$format].'</option>';
				}
			}
			
			echo '</select>';
			echo '</td>';
			echo '</tr>';

			
		//captcha
		if( $this->parent->use_captcha && function_exists('imagecreate') ){
			pluginIncludeFile('include/tool/Save.php');
			$r = bbSave::captcha($this->parent->uniqId);
			
			echo '<tr>';
			echo '<td>';
			$path = wbLinks::getDir('/include/tool/captcha.php?r='.$r);
			echo '<img src="'.$path.'" alt="captcha" />';
			echo '</td>';
			echo '<td>';
			
			echo '<input type="text" name="captcha" value="" />';
			echo '</td>';
			echo '</tr>';
		}

		echo '</table>';
		
		echo '</td>';
		echo '</tr>';
		echo '<tr>';
		echo '<td style="text-align:center">';
		
		echo '<input type="submit" name="cmd" value="'.$langA['preview'].'" />';
		echo ' &nbsp; ';
		echo '<input type="submit" name="" value="'.$langA['save'].'" onclick="WBe.set(false)" />';
		echo ' &nbsp; ';
		echo '<input type="reset" name="cmd" value="'.$langA['reset'].'"  onclick="WBe.set(false)" />';
		echo ' &nbsp; ';
		if( $this->parent->new_posts && $inline ){
			echo '<input type="button" value="'.$langA['cancel'].'" onclick="WBf.R(\''.$this->parent->uniqId.'\',\'none\')" />';
		}else{
			echo '<input type="submit" name="cmd" value="'.$langA['cancel'].'" />';
		}		
		echo '</td>';
		echo '</tr>';
		echo '</table>';
		
	}
	
}
Return current item: PapyrusBB