2020-07-06 17:09:56 +00:00
< ? php
require_once '../startup.php' ;
2021-05-05 15:31:51 +00:00
die_ex ( 'Posting has been disabled.' , 200 );
2020-07-06 17:09:56 +00:00
include_once '_category.php' ;
include_once '_user.php' ;
include_once '_topics.php' ;
include_once '_posts.php' ;
if ( ! session_active ()) {
header ( 'Location: /login?m=forbidden' );
return ;
}
$userInfo = user_info ( current_user_id ());
$categoryId = isset ( $_GET [ 'cat' ]) && is_string ( $_GET [ 'cat' ]) && ctype_digit ( $_GET [ 'cat' ]) ? ( int ) $_GET [ 'cat' ] : 0 ;
$topicId = isset ( $_GET [ 'topic' ]) && is_string ( $_GET [ 'topic' ]) && ctype_digit ( $_GET [ 'topic' ]) ? ( int ) $_GET [ 'topic' ] : 0 ;
$postId = isset ( $_GET [ 'post' ]) && is_string ( $_GET [ 'post' ]) && ctype_digit ( $_GET [ 'post' ]) ? ( int ) $_GET [ 'post' ] : 0 ;
if ( $postId > 0 ) {
$postInfo = post_info ( $postId );
if ( empty ( $postInfo ))
die_ex ( 'Post not found.' , 404 );
if ( $postInfo [ 'post_type' ] != FMF_POST_TYPE_MESSAGE )
die_ex ( 'This is not a message.' , 400 );
if ( ! $userInfo [ 'user_moderator' ] && $userInfo [ 'user_id' ] != $postInfo [ 'user_id' ])
die_ex ( 'You aren\'t allowed to edit this post.' , 403 );
$categoryId = $postInfo [ 'cat_id' ] ? ? 0 ;
$topicId = $postInfo [ 'topic_id' ] ? ? 0 ;
$postId = $postInfo [ 'post_id' ] ? ? 0 ;
$postText = $postInfo [ 'post_text' ] ? ? '' ;
} else {
$postId = 0 ;
}
if ( $topicId > 0 ) {
$topicInfo = topic_info ( $topicId );
if ( empty ( $topicInfo ))
die_ex ( 'Topic not found.' , 404 );
$categoryId = $topicInfo [ 'cat_id' ] ? ? 0 ;
$topicId = $topicInfo [ 'topic_id' ] ? ? 0 ;
} else {
$topicId = 0 ;
}
$categoryInfo = category_info ( $categoryId );
if ( empty ( $categoryInfo )) {
die_ex ( 'Category does not exist.' , 404 );
}
if ( $categoryInfo [ 'cat_type' ] != 0 ) {
die_ex ( 'This category cannot hold topics.' );
}
if ( isset ( $topicInfo )) {
if ( ! empty ( $topicInfo [ 'topic_locked' ]) && ! $userInfo [ 'user_moderator' ]) {
die_ex ( 'You may not respond to locked topics.' , 403 );
}
}
$title = isset ( $topicInfo ) ? (( isset ( $postInfo ) ? 'Editing reply to ' : 'Replying to ' ) . $topicInfo [ 'topic_title' ]) : ( 'Creating a topic in ' . $categoryInfo [ 'cat_name' ]);
if ( isset ( $_POST [ 'text' ]) && CSRF :: verify ()) {
$postTitle = isset ( $_POST [ 'title' ]) && is_string ( $_POST [ 'title' ]) ? $_POST [ 'title' ] : '' ;
$postText = trim ( is_string ( $_POST [ 'text' ]) ? $_POST [ 'text' ] : '' );
$postLen = mb_strlen ( $postText );
if ( $postLen < 10 ) {
$error = 'Post content must be longer than 10 characters.' ;
} elseif ( $postLen > 50000 ) {
$error = 'Post content may not be longer than 50000 characters.' ;
} else {
if ( ! isset ( $topicInfo )) {
$titleLen = mb_strlen ( $postTitle );
if ( $titleLen < 5 ) {
$error = 'Topic titles must be longer than 5 characters.' ;
} elseif ( $titleLen > 100 ) {
$error = 'Topic titles may not be longer than 100 characters.' ;
} else {
$topicId = create_topic ( $categoryInfo [ 'cat_id' ], current_user_id (), $postTitle );
if ( $topicId < 1 ) {
$error = 'Failed to create topic.' ;
} else {
$topicInfo = topic_info ( $topicId );
$satoriMsg = " [b]forum.flash.moe[/b]: [url=https://forum.flash.moe/user/ { $userInfo [ 'user_id' ] } ][b] { $userInfo [ 'user_login' ] } [/b][/url] created topic [url=https://forum.flash.moe/topic/ { $topicId } ][b] { $topicInfo [ 'topic_title' ] } [/b][/url] " ;
}
}
}
if ( ! isset ( $error ) && ! isset ( $message )) {
if ( isset ( $postInfo )) {
post_update ( $postInfo [ 'post_id' ], $postText );
} else {
$postId = create_post ( $categoryInfo [ 'cat_id' ], $topicInfo [ 'topic_id' ], current_user_id (), $postText );
topic_bump ( $topicInfo [ 'topic_id' ], $postId , ! empty ( $topicInfo [ 'topic_resolved' ]));
category_bump ( $categoryInfo [ 'cat_id' ], $postId , isset ( $titleLen ));
if ( ! isset ( $satoriMsg ))
$satoriMsg = " [b]forum.flash.moe[/b]: [url=https://forum.flash.moe/user/ { $userInfo [ 'user_id' ] } ][b] { $userInfo [ 'user_login' ] } [/b][/url] replied to [url=https://forum.flash.moe/post/ { $postId } ][b] { $topicInfo [ 'topic_title' ] } [/b][/url] " ;
}
if ( defined ( 'SATORI_SECRET' ) && ! empty ( $satoriMsg )) {
$sock = @ fsockopen ( SATORI_HOST , SATORI_PORT , $errno , $errstr , 2 );
if ( $sock ) {
fwrite ( $sock , chr ( 0xF ) . hash_hmac ( 'sha256' , $satoriMsg , SATORI_SECRET ) . $satoriMsg . chr ( 0xF ));
fflush ( $sock );
fclose ( $sock );
}
}
$postUrl = isset ( $titleLen ) ? " /topic/ { $topicInfo [ 'topic_id' ] } " : " /post/ { $postId } " ;
header ( " Location: { $postUrl } " );
return ;
}
}
}
include FMF_LAYOUT . '/header.php' ;
$breadcrumbs = category_breadcrumbs ( $categoryInfo [ 'cat_id' ], empty ( $topicInfo ));
echo '<a href="/">forum.flash.moe</a> » ' ;
foreach ( $breadcrumbs as $breadcrumb )
printf ( '<a href="/category/%d">%s</a> » ' , $breadcrumb [ 'cat_id' ], $breadcrumb [ 'cat_name' ]);
echo '<h3><a href="' . ( empty ( $topicInfo ) ? ( '/category/' . $categoryInfo [ 'cat_id' ]) : ( '/topic/' . $topicInfo [ 'topic_id' ])) . '">' . ( $topicInfo [ 'topic_title' ] ? ? $categoryInfo [ 'cat_name' ]) . '</a></h3>' ;
?>
< form class = " posting-form " method = " post " action = " " >
< ? = CSRF :: html (); ?>
< ? php if ( isset ( $error ) || isset ( $message )) { ?>
< div class = " posting-message<?php if(isset( $error )) { echo ' posting-message-error'; }?> " >< ? = ( $error ? ? $message ); ?> </div>
< ? php } ?>
< div class = " posting-header " >
< input type = " text " < ? php if ( empty ( $topicInfo )) { ?> value="<?=htmlentities($postTitle ?? '');?>" name="title" class="posting-title" tabindex="1"<?php } else { ?>value="Re: <?=$topicInfo['topic_title'];?>" class="posting-title posting-title-disabled" disabled readonly<?php } ?>/>
< input type = " submit " value = " <?=(empty( $postInfo ) ? (empty( $topicInfo ) ? 'Post' : 'Reply') : 'Edit');?> " class = " posting-submit " tabindex = " 3 " />
</ div >
< textarea name = " text " class = " posting-text " tabindex = " 2 " >< ? = htmlentities ( $postText ? ? '' ); ?> </textarea>
< a href = " https://guides.github.com/features/mastering-markdown/ " style = " font-size: .9em; " target = " _blank " rel = " noopener " > Markdown supported </ a >
</ form >
< ? php
include FMF_LAYOUT . '/footer.php' ;