2022-09-13 13:14:49 +00:00
|
|
|
<?php
|
|
|
|
namespace Misuzu;
|
|
|
|
|
2023-08-28 01:17:34 +00:00
|
|
|
use RuntimeException;
|
|
|
|
|
|
|
|
$forum = $msz->getForum();
|
|
|
|
|
2022-09-13 13:14:49 +00:00
|
|
|
$postId = !empty($_GET['p']) && is_string($_GET['p']) ? (int)$_GET['p'] : 0;
|
|
|
|
$postMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
|
|
|
|
$submissionConfirmed = !empty($_GET['confirm']) && is_string($_GET['confirm']) && $_GET['confirm'] === '1';
|
|
|
|
|
|
|
|
$postRequestVerified = CSRF::validateRequest();
|
|
|
|
|
2023-08-02 22:12:47 +00:00
|
|
|
if(!empty($postMode) && !$msz->isLoggedIn()) {
|
2023-01-02 23:12:23 +00:00
|
|
|
echo render_info('You must be logged in to manage posts.', 401);
|
2022-09-13 13:14:49 +00:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2023-08-02 22:12:47 +00:00
|
|
|
$currentUser = $msz->getActiveUser();
|
|
|
|
$currentUserId = $currentUser === null ? '0' : $currentUser->getId();
|
2022-09-13 13:14:49 +00:00
|
|
|
|
2023-07-26 18:19:46 +00:00
|
|
|
if($postMode !== '' && $msz->hasActiveBan()) {
|
2023-01-02 23:12:23 +00:00
|
|
|
echo render_info('You have been banned, check your profile for more information.', 403);
|
2022-09-13 13:14:49 +00:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2023-08-28 01:17:34 +00:00
|
|
|
try {
|
|
|
|
$postInfo = $forum->getPost(postId: $postId);
|
|
|
|
} catch(RuntimeException $ex) {
|
|
|
|
echo render_error(404);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
$perms = forum_perms_get_user($postInfo->getCategoryId(), $currentUserId)[MSZ_FORUM_PERMS_GENERAL];
|
|
|
|
|
|
|
|
if(!perms_check($perms, MSZ_FORUM_PERM_VIEW_FORUM)) {
|
|
|
|
echo render_error(403);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
$canDeleteAny = perms_check($perms, MSZ_FORUM_PERM_DELETE_ANY_POST);
|
2022-09-13 13:14:49 +00:00
|
|
|
|
|
|
|
switch($postMode) {
|
|
|
|
case 'delete':
|
2023-08-28 01:17:34 +00:00
|
|
|
if($canDeleteAny) {
|
|
|
|
if($postInfo->isDeleted()) {
|
|
|
|
echo render_info('This post has already been marked as deleted.', 404);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
if($postInfo->isDeleted()) {
|
|
|
|
echo render_error(404);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
if(!perms_check($perms, MSZ_FORUM_PERM_DELETE_POST)) {
|
|
|
|
echo render_info('You are not allowed to delete posts.', 403);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
if($postInfo->getUserId() !== $currentUser->getId()) {
|
|
|
|
echo render_info('You can only delete your own posts.', 403);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// posts may only be deleted within a week of creation, this should be a config value
|
|
|
|
$deleteTimeFrame = 60 * 60 * 24 * 7;
|
|
|
|
if($postInfo->getCreatedTime() < time() - $deleteTimeFrame) {
|
|
|
|
echo render_info('This post has existed for too long. Ask a moderator to remove if it absolutely necessary.', 403);
|
|
|
|
return;
|
|
|
|
}
|
2022-09-13 13:14:49 +00:00
|
|
|
}
|
|
|
|
|
2023-08-28 01:17:34 +00:00
|
|
|
$originalPostInfo = $forum->getPost(topicInfo: $postInfo->getTopicId());
|
|
|
|
if($originalPostInfo->getId() === $postInfo->getId()) {
|
|
|
|
echo render_info('This is the opening post of the topic it belongs to, it may not be deleted without deleting the entire topic as well.', 403);
|
|
|
|
return;
|
2022-09-13 13:14:49 +00:00
|
|
|
}
|
|
|
|
|
2023-01-02 23:12:23 +00:00
|
|
|
if($postRequestVerified && !$submissionConfirmed) {
|
|
|
|
url_redirect('forum-post', [
|
2023-08-28 01:17:34 +00:00
|
|
|
'post' => $postInfo->getId(),
|
|
|
|
'post_fragment' => 'p' . $postInfo->getId(),
|
2023-01-02 23:12:23 +00:00
|
|
|
]);
|
|
|
|
break;
|
|
|
|
} elseif(!$postRequestVerified) {
|
|
|
|
Template::render('forum.confirm', [
|
|
|
|
'title' => 'Confirm post deletion',
|
|
|
|
'class' => 'far fa-trash-alt',
|
2023-08-28 01:17:34 +00:00
|
|
|
'message' => sprintf('You are about to delete post #%d. Are you sure about that?', $postInfo->getId()),
|
2023-01-02 23:12:23 +00:00
|
|
|
'params' => [
|
2023-08-28 01:17:34 +00:00
|
|
|
'p' => $postInfo->getId(),
|
2023-01-02 23:12:23 +00:00
|
|
|
'm' => 'delete',
|
|
|
|
],
|
|
|
|
]);
|
|
|
|
break;
|
2022-09-13 13:14:49 +00:00
|
|
|
}
|
|
|
|
|
2023-08-28 01:17:34 +00:00
|
|
|
$forum->deletePost($postInfo);
|
|
|
|
$msz->createAuditLog('FORUM_POST_DELETE', [$postInfo->getId()]);
|
2022-09-13 13:14:49 +00:00
|
|
|
|
2023-08-28 01:17:34 +00:00
|
|
|
url_redirect('forum-topic', ['topic' => $postInfo->getTopicId()]);
|
2022-09-13 13:14:49 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case 'nuke':
|
2023-08-28 01:17:34 +00:00
|
|
|
if(!$canDeleteAny) {
|
2022-09-13 13:14:49 +00:00
|
|
|
echo render_error(403);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2023-01-02 23:12:23 +00:00
|
|
|
if($postRequestVerified && !$submissionConfirmed) {
|
|
|
|
url_redirect('forum-post', [
|
2023-08-28 01:17:34 +00:00
|
|
|
'post' => $postInfo->getId(),
|
|
|
|
'post_fragment' => 'p' . $postInfo->getId(),
|
2023-01-02 23:12:23 +00:00
|
|
|
]);
|
|
|
|
break;
|
|
|
|
} elseif(!$postRequestVerified) {
|
|
|
|
Template::render('forum.confirm', [
|
|
|
|
'title' => 'Confirm post nuke',
|
|
|
|
'class' => 'fas fa-radiation',
|
2023-08-28 01:17:34 +00:00
|
|
|
'message' => sprintf('You are about to PERMANENTLY DELETE post #%d. Are you sure about that?', $postInfo->getId()),
|
2023-01-02 23:12:23 +00:00
|
|
|
'params' => [
|
2023-08-28 01:17:34 +00:00
|
|
|
'p' => $postInfo->getId(),
|
2023-01-02 23:12:23 +00:00
|
|
|
'm' => 'nuke',
|
|
|
|
],
|
|
|
|
]);
|
|
|
|
break;
|
2022-09-13 13:14:49 +00:00
|
|
|
}
|
|
|
|
|
2023-08-28 01:17:34 +00:00
|
|
|
$forum->nukePost($postInfo->getId());
|
|
|
|
$msz->createAuditLog('FORUM_POST_NUKE', [$postInfo->getId()]);
|
2022-09-13 13:14:49 +00:00
|
|
|
|
2023-08-28 01:17:34 +00:00
|
|
|
url_redirect('forum-topic', ['topic' => $postInfo->getTopicId()]);
|
2022-09-13 13:14:49 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case 'restore':
|
2023-08-28 01:17:34 +00:00
|
|
|
if(!$canDeleteAny) {
|
2022-09-13 13:14:49 +00:00
|
|
|
echo render_error(403);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2023-01-02 23:12:23 +00:00
|
|
|
if($postRequestVerified && !$submissionConfirmed) {
|
|
|
|
url_redirect('forum-post', [
|
2023-08-28 01:17:34 +00:00
|
|
|
'post' => $postInfo->getId(),
|
|
|
|
'post_fragment' => 'p' . $postInfo->getId(),
|
2023-01-02 23:12:23 +00:00
|
|
|
]);
|
|
|
|
break;
|
|
|
|
} elseif(!$postRequestVerified) {
|
|
|
|
Template::render('forum.confirm', [
|
|
|
|
'title' => 'Confirm post restore',
|
|
|
|
'class' => 'fas fa-magic',
|
2023-08-28 01:17:34 +00:00
|
|
|
'message' => sprintf('You are about to restore post #%d. Are you sure about that?', $postInfo->getId()),
|
2023-01-02 23:12:23 +00:00
|
|
|
'params' => [
|
2023-08-28 01:17:34 +00:00
|
|
|
'p' => $postInfo->getId(),
|
2023-01-02 23:12:23 +00:00
|
|
|
'm' => 'restore',
|
|
|
|
],
|
|
|
|
]);
|
|
|
|
break;
|
2022-09-13 13:14:49 +00:00
|
|
|
}
|
|
|
|
|
2023-08-28 01:17:34 +00:00
|
|
|
$forum->restorePost($postInfo->getId());
|
|
|
|
$msz->createAuditLog('FORUM_POST_RESTORE', [$postInfo->getId()]);
|
2022-09-13 13:14:49 +00:00
|
|
|
|
2023-08-28 01:17:34 +00:00
|
|
|
url_redirect('forum-topic', ['topic' => $postInfo->getTopicId()]);
|
2022-09-13 13:14:49 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
default: // function as an alt for topic.php?p= by default
|
2023-07-26 18:19:46 +00:00
|
|
|
url_redirect('forum-post', [
|
2023-08-28 01:17:34 +00:00
|
|
|
'post' => $postInfo->getId(),
|
|
|
|
'post_fragment' => 'p' . $postInfo->getId(),
|
2022-09-13 13:14:49 +00:00
|
|
|
]);
|
2023-01-02 23:12:23 +00:00
|
|
|
break;
|
2022-09-13 13:14:49 +00:00
|
|
|
}
|