Gazelle/sections/forums/take_reply.php

276 lines
8.6 KiB
PHP
Raw Normal View History

2011-03-28 14:21:28 +00:00
<?
authorize();
//TODO: Remove all the stupid queries that could get their information just as easily from the cache
/*********************************************************************\
//--------------Take Post--------------------------------------------//
This page takes a forum post submission, validates it (TODO), and
2013-02-22 08:00:24 +00:00
enters it into the database. The user is then redirected to their
2011-03-28 14:21:28 +00:00
post.
$_POST['action'] is what the user is trying to do. It can be:
'reply' if the user is replying to a thread
It will be accompanied with:
$_POST['thread']
$_POST['body']
\*********************************************************************/
// Quick SQL injection checks
if (isset($LoggedUser['PostsPerPage'])) {
$PerPage = $LoggedUser['PostsPerPage'];
} else {
$PerPage = POSTS_PER_PAGE;
}
2013-05-05 08:00:31 +00:00
if (isset($_POST['thread']) && !is_number($_POST['thread'])) {
2011-03-28 14:21:28 +00:00
error(0);
}
2013-05-05 08:00:31 +00:00
if (isset($_POST['forum']) && !is_number($_POST['forum'])) {
2011-03-28 14:21:28 +00:00
error(0);
}
2013-05-05 08:00:31 +00:00
// If you're not sending anything, go back
if ($_POST['body'] === '' || !isset($_POST['body'])) {
2011-03-28 14:21:28 +00:00
header('Location: '.$_SERVER['HTTP_REFERER']);
die();
}
$Body = $_POST['body'];
2013-05-05 08:00:31 +00:00
if ($LoggedUser['DisablePosting']) {
error('Your posting privileges have been removed');
2011-03-28 14:21:28 +00:00
}
$TopicID = $_POST['thread'];
$ThreadInfo = get_thread_info($TopicID);
2011-03-28 14:21:28 +00:00
$ForumID = $ThreadInfo['ForumID'];
2012-07-23 08:00:17 +00:00
$SQLTime = sqltime();
2011-03-28 14:21:28 +00:00
2013-05-05 08:00:31 +00:00
if (!check_forumperm($ForumID)) {
error(403);
}
if (!check_forumperm($ForumID, 'Write') || $LoggedUser['DisablePosting'] || $ThreadInfo['IsLocked'] == '1' && !check_perms('site_moderate_forums')) {
error(403);
}
2011-03-28 14:21:28 +00:00
2013-05-05 08:00:31 +00:00
if (isset($_POST['subscribe'])) {
$DB->query("
INSERT IGNORE INTO users_subscriptions
VALUES ($LoggedUser[ID], '".db_string($TopicID)."')");
2011-03-28 14:21:28 +00:00
$Cache->delete_value('subscriptions_user_'.$LoggedUser['ID']);
}
//Now lets handle the special case of merging posts, we can skip bumping the thread and all that fun
if ($ThreadInfo['LastPostAuthorID'] == $LoggedUser['ID'] && ((!check_perms('site_forums_double_post') && !in_array($ForumID, $ForumsDoublePost)) || isset($_POST['merge']))) {
2011-03-28 14:21:28 +00:00
//Get the id for this post in the database to append
2013-05-05 08:00:31 +00:00
$DB->query("
SELECT ID, Body
FROM forums_posts
WHERE TopicID='$TopicID'
AND AuthorID='".$LoggedUser['ID']."'
ORDER BY ID DESC
LIMIT 1");
2012-07-23 08:00:17 +00:00
list($PostID, $OldBody) = $DB->next_record(MYSQLI_NUM, false);
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Edit the post
2013-05-05 08:00:31 +00:00
$DB->query("
UPDATE forums_posts
SET
Body = CONCAT(Body,'"."\n\n".db_string($Body)."'),
EditedUserID = '".$LoggedUser['ID']."',
EditedTime = '$SQLTime'
WHERE ID='$PostID'");
2012-07-23 08:00:17 +00:00
//Store edit history
2013-05-05 08:00:31 +00:00
$DB->query("
INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)
VALUES ('forums', $PostID, ".$LoggedUser['ID'].", '$SQLTime', '".db_string($OldBody)."')");
2012-07-23 08:00:17 +00:00
$Cache->delete_value("forums_edits_$PostID");
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Get the catalogue it is in
2013-05-05 08:00:31 +00:00
$CatalogueID = floor((POSTS_PER_PAGE * ceil($ThreadInfo['Posts'] / POSTS_PER_PAGE) - POSTS_PER_PAGE) / THREAD_CATALOGUE);
2011-03-28 14:21:28 +00:00
//Get the catalogue value for the post we're appending to
2013-05-05 08:00:31 +00:00
if ($ThreadInfo['Posts'] % THREAD_CATALOGUE == 0) {
$Key = THREAD_CATALOGUE - 1;
2011-03-28 14:21:28 +00:00
} else {
2013-05-05 08:00:31 +00:00
$Key = ($ThreadInfo['Posts'] % THREAD_CATALOGUE) - 1;
2011-03-28 14:21:28 +00:00
}
2013-05-05 08:00:31 +00:00
if ($ThreadInfo['StickyPostID'] == $PostID) {
2012-07-23 08:00:17 +00:00
$ThreadInfo['StickyPost']['Body'] .= "\n\n$Body";
$ThreadInfo['StickyPost']['EditedUserID'] = $LoggedUser['ID'];
$ThreadInfo['StickyPost']['EditedTime'] = $SQLTime;
$Cache->cache_value('thread_'.$TopicID.'_info', $ThreadInfo, 0);
}
2011-03-28 14:21:28 +00:00
//Edit the post in the cache
$Cache->begin_transaction('thread_'.$TopicID.'_catalogue_'.$CatalogueID);
$Cache->update_row($Key, array(
'Body'=>$Cache->MemcacheDBArray[$Key]['Body']."\n\n".$Body,
'EditedUserID'=>$LoggedUser['ID'],
2012-07-23 08:00:17 +00:00
'EditedTime'=>$SQLTime,
2011-03-28 14:21:28 +00:00
'Username'=>$LoggedUser['Username']
));
$Cache->commit_transaction(0);
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Now we're dealing with a normal post
} else {
//Insert the post into the posts database
2013-05-05 08:00:31 +00:00
$DB->query("
INSERT INTO forums_posts (TopicID, AuthorID, AddedTime, Body)
VALUES ('$TopicID', '".$LoggedUser['ID']."', '$SQLTime', '".db_string($Body)."')");
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
$PostID = $DB->inserted_id();
//This updates the root index
2013-05-05 08:00:31 +00:00
$DB->query("
UPDATE forums
SET
NumPosts = NumPosts+1,
LastPostID = '$PostID',
LastPostAuthorID = '".$LoggedUser['ID']."',
LastPostTopicID = '$TopicID',
LastPostTime = '$SQLTime'
WHERE ID = '$ForumID'");
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Update the topic
2013-05-05 08:00:31 +00:00
$DB->query("
UPDATE forums_topics
SET
NumPosts = NumPosts+1,
LastPostID = '$PostID',
LastPostAuthorID = '".$LoggedUser['ID']."',
LastPostTime = '$SQLTime'
WHERE ID = '$TopicID'");
2011-03-28 14:21:28 +00:00
//if cache exists modify it, if not, then it will be correct when selected next, and we can skip this block
if ($Forum = $Cache->get_value('forums_'.$ForumID)) {
list($Forum,,,$Stickies) = $Forum;
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//if the topic is already on this page
2013-05-05 08:00:31 +00:00
if (array_key_exists($TopicID, $Forum)) {
2011-03-28 14:21:28 +00:00
$Thread = $Forum[$TopicID];
unset($Forum[$TopicID]);
2013-05-05 08:00:31 +00:00
$Thread['NumPosts'] = $Thread['NumPosts'] + 1; //Increment post count
2011-03-28 14:21:28 +00:00
$Thread['LastPostID'] = $PostID; //Set postid for read/unread
2012-07-23 08:00:17 +00:00
$Thread['LastPostTime'] = $SQLTime; //Time of last post
2011-03-28 14:21:28 +00:00
$Thread['LastPostAuthorID'] = $LoggedUser['ID']; //Last poster id
$Part2 = array($TopicID=>$Thread); //Bumped thread
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//if we're bumping from an older page
} else {
//Remove the last thread from the index
if (count($Forum) == TOPICS_PER_PAGE && $Stickies < TOPICS_PER_PAGE) {
array_pop($Forum);
}
//Never know if we get a page full of stickies...
if ($Stickies < TOPICS_PER_PAGE || $ThreadInfo['IsSticky'] == 1) {
//Pull the data for the thread we're bumping
2013-05-05 08:00:31 +00:00
$DB->query("
SELECT
f.AuthorID,
f.IsLocked,
f.IsSticky,
f.NumPosts,
ISNULL(p.TopicID) AS NoPoll
FROM forums_topics AS f
LEFT JOIN forums_polls AS p ON p.TopicID=f.ID
WHERE f.ID ='$TopicID'");
2012-03-28 08:00:20 +00:00
list($AuthorID,$IsLocked,$IsSticky,$NumPosts,$NoPoll) = $DB->next_record();
2011-03-28 14:21:28 +00:00
$Part2 = array($TopicID => array(
'ID' => $TopicID,
'Title' => $ThreadInfo['Title'],
'AuthorID' => $AuthorID,
'IsLocked' => $IsLocked,
'IsSticky' => $IsSticky,
'NumPosts' => $NumPosts,
'LastPostID' => $PostID,
2012-07-23 08:00:17 +00:00
'LastPostTime' => $SQLTime,
2011-03-28 14:21:28 +00:00
'LastPostAuthorID' => $LoggedUser['ID'],
'NoPoll' => $NoPoll
)); //Bumped
} else {
$Part2 = array();
}
}
if ($Stickies > 0) {
2013-05-05 08:00:31 +00:00
$Part1 = array_slice($Forum, 0, $Stickies, true); //Stickies
$Part3 = array_slice($Forum, $Stickies, TOPICS_PER_PAGE - $Stickies - 1, true); //Rest of page
2011-03-28 14:21:28 +00:00
} else {
$Part1 = array();
$Part3 = $Forum;
}
2013-05-05 08:00:31 +00:00
if (is_null($Part1)) {
$Part1 = array();
}
if (is_null($Part3)) {
$Part3 = array();
}
if ($ThreadInfo['IsSticky'] == 1) {
2011-03-28 14:21:28 +00:00
$Forum = $Part2 + $Part1 + $Part3; //Merge it
} else {
$Forum = $Part1 + $Part2 + $Part3; //Merge it
}
$Cache->cache_value('forums_'.$ForumID, array($Forum,'',0,$Stickies), 0);
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Update the forum root
$Cache->begin_transaction('forums_list');
$Cache->update_row($ForumID, array(
2013-02-22 08:00:24 +00:00
'NumPosts'=>'+1',
'LastPostID'=>$PostID,
'LastPostAuthorID'=>$LoggedUser['ID'],
'LastPostTopicID'=>$TopicID,
2012-07-23 08:00:17 +00:00
'LastPostTime'=>$SQLTime,
2011-03-28 14:21:28 +00:00
'Title'=>$ThreadInfo['Title'],
'IsLocked'=>$ThreadInfo['IsLocked'],
'IsSticky'=>$ThreadInfo['IsSticky']
));
$Cache->commit_transaction(0);
} else {
//If there's no cache, we have no data, and if there's no data
$Cache->delete_value('forums_list');
}
//This calculates the block of 500 posts that this one will fall under
2013-05-05 08:00:31 +00:00
$CatalogueID = floor((POSTS_PER_PAGE * ceil($ThreadInfo['Posts'] / POSTS_PER_PAGE) - POSTS_PER_PAGE) / THREAD_CATALOGUE);
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Insert the post into the thread catalogue (block of 500 posts)
$Cache->begin_transaction('thread_'.$TopicID.'_catalogue_'.$CatalogueID);
$Cache->insert('', array(
'ID'=>$PostID,
'AuthorID'=>$LoggedUser['ID'],
2012-07-23 08:00:17 +00:00
'AddedTime'=>$SQLTime,
2011-03-28 14:21:28 +00:00
'Body'=>$Body,
'EditedUserID'=>0,
'EditedTime'=>'0000-00-00 00:00:00',
'Username'=>$LoggedUser['Username'] //TODO: Remove, it's never used?
));
$Cache->commit_transaction(0);
//Update the thread info
$Cache->begin_transaction('thread_'.$TopicID.'_info');
$Cache->update_row(false, array('Posts'=>'+1', 'LastPostAuthorID'=>$LoggedUser['ID']));
$Cache->commit_transaction(0);
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//Increment this now to make sure we redirect to the correct page
$ThreadInfo['Posts']++;
}
$DB->query("SELECT UserID FROM users_subscriptions WHERE TopicID = ".$TopicID);
2013-05-05 08:00:31 +00:00
if ($DB->record_count() > 0) {
2011-03-28 14:21:28 +00:00
$Subscribers = $DB->collect('UserID');
2013-05-05 08:00:31 +00:00
foreach ($Subscribers as $Subscriber) {
2011-03-28 14:21:28 +00:00
$Cache->delete_value('subscriptions_user_new_'.$Subscriber);
}
}
2013-03-25 08:00:21 +00:00
Forums::quote_notify($Body, $PostID, 'forums', $TopicID);
2013-07-05 08:00:39 +00:00
2013-05-05 08:00:31 +00:00
header('Location: forums.php?action=viewthread&threadid='.$TopicID.'&page='.ceil($ThreadInfo['Posts'] / $PerPage));
2011-03-28 14:21:28 +00:00
die();