This repository has been archived on 2024-06-26. You can view files and clone it, but cannot push or open issues or pull requests.
sakura/public/posting.php

350 lines
10 KiB
PHP
Raw Normal View History

2015-05-06 13:42:02 +00:00
<?php
/*
* Sakura Forum Posting
*/
// Declare Namespace
namespace Sakura;
2016-03-20 22:49:42 +00:00
use Sakura\Forum\Forum;
use Sakura\Forum\Post;
use Sakura\Forum\Thread;
2015-12-29 21:52:19 +00:00
use Sakura\Perms\Forum as ForumPerms;
2015-05-06 13:42:02 +00:00
// Include components
2016-03-20 22:49:42 +00:00
require_once '../sakura.php';
2015-07-30 18:51:24 +00:00
// Set location
2015-10-18 16:48:05 +00:00
$topicId = isset($_GET['t']) ?
$_GET['t'] :
2015-09-14 21:41:43 +00:00
(
2015-10-18 16:48:05 +00:00
isset($_GET['p']) ?
2016-03-20 22:49:42 +00:00
(new Post($_GET['p']))->thread :
2015-10-18 16:48:05 +00:00
0
2015-09-14 21:41:43 +00:00
);
2015-10-18 16:48:05 +00:00
// Get the topic
if ($topicId) {
2016-03-20 22:49:42 +00:00
$thread = new Thread($topicId);
}
2015-10-18 16:48:05 +00:00
$forumId = isset($_GET['f']) ?
$_GET['f'] :
$thread->forum;
2015-10-18 16:48:05 +00:00
2015-12-29 21:52:19 +00:00
// Creare forum class
2016-03-20 22:49:42 +00:00
$forum = new Forum($forumId);
2015-12-29 21:52:19 +00:00
// Check if the user has access to the forum
2016-03-24 00:40:59 +00:00
if (!$forum->permission(ForumPerms::VIEW, $currentUser->id)
|| !$forum->permission(ForumPerms::REPLY, $currentUser->id)) {
2015-12-29 21:52:19 +00:00
// Set render data
$renderData['page'] = [
'title' => 'Information',
'message' => 'You do not have access to this forum.',
];
// Set parse variables
2016-02-04 20:56:40 +00:00
Template::vars($renderData);
2015-12-29 21:52:19 +00:00
// Print page contents
2016-02-04 20:56:40 +00:00
echo Template::render('global/information');
2015-12-29 21:52:19 +00:00
exit;
}
2016-01-10 18:24:47 +00:00
// Check if the user has access to the forum
2016-03-24 00:40:59 +00:00
if (!isset($thread)
&& !$forum->permission(ForumPerms::CREATE_THREADS, $currentUser->id)) {
2016-01-10 18:24:47 +00:00
// Set render data
$renderData['page'] = [
'title' => 'Information',
'message' => 'You are not allowed to create threads in this forum.',
];
// Set parse variables
2016-02-04 20:56:40 +00:00
Template::vars($renderData);
2016-01-10 18:24:47 +00:00
// Print page contents
2016-02-04 20:56:40 +00:00
echo Template::render('global/information');
2016-01-10 18:24:47 +00:00
exit;
}
2016-03-20 22:49:42 +00:00
$mode = isset($_GET['f'])
// New thread
? 'f'
: (
isset($_GET['t'])
// Reply to thread
? 't'
: (
isset($_GET['p'])
// Quoting a post
? 'p'
: null
)
);
$emotes = DB::table('emoticons')
->get();
2016-02-18 23:28:44 +00:00
// Include emotes and bbcodes
$posting = [
'emoticons' => $emotes,
];
// Check if we're in reply mode
if ($mode != 'f') {
// Attempt to get the topic
2016-03-20 22:49:42 +00:00
$thread = $thread ? $thread : new Thread($topicId);
// Prompt an error if the topic doesn't exist
if (!$thread->id) {
// Add page specific things
$renderData['page'] = [
'redirect' => (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : Router::route('forums.index')),
'message' => 'The requested post does not exist.',
];
// Set parse variables
2016-02-04 20:56:40 +00:00
Template::vars($renderData);
// Print page contents
2016-02-04 20:56:40 +00:00
echo Template::render('global/information');
exit;
}
2016-01-10 18:24:47 +00:00
// Prompt an error if the topic doesn't exist
2016-03-24 00:40:59 +00:00
if ($thread->status == 1
&& !$forum->permission(ForumPerms::LOCK, $currentUser->id)) {
2016-01-10 18:24:47 +00:00
// Add page specific things
$renderData['page'] = [
'redirect' => (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : Router::route('forums.index')),
2016-01-10 18:24:47 +00:00
'message' => 'The thread you tried to reply to is locked.',
];
// Set parse variables
2016-02-04 20:56:40 +00:00
Template::vars($renderData);
2016-01-10 18:24:47 +00:00
// Print page contents
2016-02-04 20:56:40 +00:00
echo Template::render('global/information');
2016-01-10 18:24:47 +00:00
exit;
}
// Check if we're in quote mode
2016-03-24 00:40:59 +00:00
if ($mode == 'p'
&& isset($_GET['quote'])
&& $_GET['quote'] == $_GET['p']
&& array_key_exists($_GET['p'], $thread->posts())) {
// Reassign post for ease
$post = $thread->posts()[$_GET['p']];
// Add subject to render data
2016-03-20 22:49:42 +00:00
$quotedPost = BBcode::toEditor($post->text);
$posting['text'] = "[quote={$post->poster->username}]{$quotedPost}[/quote]";
// Post editing
2016-03-24 00:40:59 +00:00
} elseif ($mode == 'p'
&& isset($_GET['edit'])
&& $_GET['edit'] == $_GET['p']
&& array_key_exists($_GET['p'], $thread->posts())) {
2016-01-10 18:24:47 +00:00
// Permissions
if (!$currentUser->permission(ForumPerms::EDIT_OWN, Perms::FORUM)) {
// Add page specific things
$renderData['page'] = [
'redirect' => (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : Router::route('forums.index')),
2016-01-10 18:24:47 +00:00
'message' => 'You are not allowed to edit posts!',
];
// Set parse variables
2016-02-04 20:56:40 +00:00
Template::vars($renderData);
2016-01-10 18:24:47 +00:00
// Print page contents
2016-02-04 20:56:40 +00:00
echo Template::render('global/information');
2016-01-10 18:24:47 +00:00
exit;
}
2016-03-24 00:40:59 +00:00
// Checks
2016-03-24 00:40:59 +00:00
if ($thread->posts()[$_GET['p']]->poster->id != $currentUser->id
&& !$forum->permission(ForumPerms::EDIT_ANY, $currentUser->id)) {
// Add page specific things
$renderData['page'] = [
'redirect' => (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : Router::route('forums.index')),
'message' => 'You can only edit your own posts!',
];
// Set parse variables
2016-02-04 20:56:40 +00:00
Template::vars($renderData);
// Print page contents
2016-02-04 20:56:40 +00:00
echo Template::render('global/information');
exit;
}
// Reassign post for ease
$post = $thread->posts()[$_GET['p']];
// Set variables
$posting = array_merge($posting, [
'subject' => $post->subject,
'text' => BBcode::toEditor($post->text),
'id' => $post->id,
]);
// Post deletion
2016-03-24 00:40:59 +00:00
} elseif ($mode == 'p'
&& isset($_GET['delete'])
&& $_GET['delete'] == $_GET['p']
&& array_key_exists($_GET['p'], $thread->posts())) {
2016-01-10 18:24:47 +00:00
// Permissions
if (!$currentUser->permission(ForumPerms::DELETE_OWN, Perms::FORUM)) {
2016-01-09 21:57:54 +00:00
// Add page specific things
$renderData['page'] = [
'redirect' => (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : Router::route('forums.index')),
2016-01-10 18:24:47 +00:00
'message' => 'You are not allowed to delete posts!',
2016-01-09 21:57:54 +00:00
];
// Set parse variables
2016-02-04 20:56:40 +00:00
Template::vars($renderData);
2016-01-09 21:57:54 +00:00
// Print page contents
2016-02-04 20:56:40 +00:00
echo Template::render('global/information');
2016-01-09 21:57:54 +00:00
exit;
}
2016-01-10 18:24:47 +00:00
// Checks
2016-03-24 00:40:59 +00:00
if ($thread->posts()[$_GET['p']]->poster->id != $currentUser->id
&& !$forum->permission(ForumPerms::DELETE_ANY, $currentUser->id)) {
// Add page specific things
$renderData['page'] = [
'redirect' => (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : Router::route('forums.index')),
'message' => 'You can only delete your own posts!',
];
// Set parse variables
2016-02-04 20:56:40 +00:00
Template::vars($renderData);
// Print page contents
2016-02-04 20:56:40 +00:00
echo Template::render('global/information');
exit;
}
// Submit mode
if (isset($_POST['timestamp'], $_POST['sessionid'], $_POST['post_id'])) {
// Post deletion code
if (isset($_POST['yes'])) {
// Delete the post
DB::table('posts')
->where('post_id', $_POST['post_id'])
->delete();
// Reload the topic
2016-03-20 22:49:42 +00:00
$thread = new Thread($topicId);
// If there's no more posts left in the topic delete it as well
if (!$thread->replyCount()) {
DB::table('topics')
->where('topic_id', $thread->id)
->delete();
}
// Add page specific things
$renderData['page'] = [
'redirect' => ($thread->replyCount() ? Router::route('forums.thread', $thread->id) : Router::route('forums.index')),
'message' => 'Your post has been deleted!',
];
// Set parse variables
2016-02-04 20:56:40 +00:00
Template::vars($renderData);
// Print page contents
2016-02-04 20:56:40 +00:00
echo Template::render('global/information');
exit;
// Return to previous page
} else {
2016-03-20 16:37:59 +00:00
header('Location: ' . Router::route('forums.post', $_POST['post_id']));
exit;
}
}
// Form mode
$renderData = array_merge($renderData, [
2016-03-20 22:49:42 +00:00
'message' => "Are you sure you want to delete your reply to {$thread->title}?",
'conditions' => [
'post_id' => $thread->posts()[$_GET['p']]->id,
],
]);
// Set parse variables
2016-02-04 20:56:40 +00:00
Template::vars($renderData);
// Print page contents
2016-02-04 20:56:40 +00:00
echo Template::render('global/confirm');
exit;
}
// Add subject to render data
if (!isset($posting['subject'])) {
2016-03-20 22:49:42 +00:00
$posting['subject'] = "Re: {$thread->title}";
}
}
2015-10-18 16:48:05 +00:00
// Check if a post is being made
if (isset($_POST['post'])) {
2016-01-09 21:57:54 +00:00
// Check if an ID is set
if (isset($_POST['id'])) {
// Attempt to create a post object
2016-03-20 22:49:42 +00:00
$post = new Post($_POST['id']);
2016-01-09 21:57:54 +00:00
// Check if the post israel
if ($post->id == $_POST['id']) {
$post->subject = $_POST['subject'];
$post->text = $_POST['text'];
$post->editTime = time();
$post->editReason = '';
$post->editUser = $currentUser;
2016-01-10 18:24:47 +00:00
$post = $post->update();
2016-01-09 21:57:54 +00:00
} else {
$post = null;
}
} else {
// Attempt to make the post
2016-03-20 22:49:42 +00:00
$post = Post::create($_POST['subject'], $_POST['text'], $currentUser, $topicId, $forumId);
2016-01-09 21:57:54 +00:00
}
2015-10-18 16:48:05 +00:00
// Add page specific things
2016-03-20 22:49:42 +00:00
$renderData['page'] = [ // Why does fail just kind of not redirect to anywhere
2016-03-20 16:37:59 +00:00
'redirect' => $post ? Router::route('forums.post', $post->id) : '',
'message' => $post ? 'Made the post!' : 'Something is wrong with your post!',
'success' => $post ? 1 : 0,
2015-10-18 16:48:05 +00:00
];
// Print page contents or if the AJAX request is set only display the render data
if (isset($_REQUEST['ajax'])) {
echo $renderData['page']['message'] . '|' .
$renderData['page']['success'] . '|' .
$renderData['page']['redirect'];
} else {
// Set parse variables
2016-02-04 20:56:40 +00:00
Template::vars($renderData);
// Print page contents
2016-02-04 20:56:40 +00:00
echo Template::render('global/information');
}
2015-10-18 16:48:05 +00:00
exit;
}
2015-07-30 18:51:24 +00:00
// Set additional render data
$renderData = array_merge($renderData, [
'posting' => $posting,
2015-07-30 18:51:24 +00:00
]);
// Set parse variables
2016-02-04 20:56:40 +00:00
Template::vars($renderData);
// Print page contents
2016-02-04 20:56:40 +00:00
echo Template::render('forum/posting');