2011-03-28 14:21:28 +00:00
< ?
enforce_login ();
include ( SERVER_ROOT . '/sections/requests/functions.php' );
2011-08-22 08:00:05 +00:00
$RequestTax = 0.1 ;
2011-03-28 14:21:28 +00:00
2011-06-27 08:00:06 +00:00
// Minimum and default amount of upload to remove from the user when they vote.
// Also change in static/functions/requests.js
2013-04-30 18:18:07 +00:00
$MinimumVote = 20 * 1024 * 1024 ;
2011-06-27 08:00:06 +00:00
2013-04-30 18:18:07 +00:00
if ( ! empty ( $LoggedUser [ 'DisableRequests' ])) {
2011-03-28 14:21:28 +00:00
error ( 'Your request privileges have been removed.' );
}
2013-04-30 18:18:07 +00:00
if ( ! isset ( $_REQUEST [ 'action' ])) {
2011-03-28 14:21:28 +00:00
include ( SERVER_ROOT . '/sections/requests/requests.php' );
} else {
2013-04-30 18:18:07 +00:00
switch ( $_REQUEST [ 'action' ]) {
2011-03-28 14:21:28 +00:00
case 'new' :
case 'edit' :
include ( SERVER_ROOT . '/sections/requests/new_edit.php' );
break ;
case 'takevote' :
include ( SERVER_ROOT . '/sections/requests/takevote.php' );
break ;
case 'takefill' :
include ( SERVER_ROOT . '/sections/requests/takefill.php' );
break ;
case 'takenew' :
case 'takeedit' :
include ( SERVER_ROOT . '/sections/requests/takenew_edit.php' );
break ;
case 'delete' :
case 'unfill' :
include ( SERVER_ROOT . '/sections/requests/interim.php' );
break ;
case 'takeunfill' :
include ( SERVER_ROOT . '/sections/requests/takeunfill.php' );
break ;
case 'takedelete' :
include ( SERVER_ROOT . '/sections/requests/takedelete.php' );
break ;
case 'view' :
case 'viewrequest' :
include ( SERVER_ROOT . '/sections/requests/request.php' );
break ;
case 'reply' :
authorize ();
enforce_login ();
2013-04-30 18:18:07 +00:00
if ( ! isset ( $_POST [ 'requestid' ]) || ! is_number ( $_POST [ 'requestid' ]) || $_POST [ 'body' ] === '' || ! isset ( $_POST [ 'body' ])) {
2011-03-28 14:21:28 +00:00
error ( 0 );
}
2013-04-30 18:18:07 +00:00
if ( $LoggedUser [ 'DisablePosting' ]) {
2011-03-28 14:21:28 +00:00
error ( 'Your posting rights have been removed.' );
}
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
$RequestID = $_POST [ 'requestid' ];
2013-04-30 18:18:07 +00:00
if ( ! $RequestID ) {
error ( 404 );
}
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
$DB -> query ( " SELECT CEIL((SELECT COUNT(ID)+1 FROM requests_comments AS rc WHERE rc.RequestID=' " . $RequestID . " ')/ " . TORRENT_COMMENTS_PER_PAGE . " ) AS Pages " );
list ( $Pages ) = $DB -> next_record ();
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
$DB -> query ( " INSERT INTO requests_comments (RequestID,AuthorID,AddedTime,Body) VALUES (
'".$RequestID."' , '".db_string($LoggedUser[' ID '])."' , '".sqltime()."' , '".db_string($_POST[' body '])."' ) " );
$PostID = $DB -> inserted_id ();
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
$CatalogueID = floor (( TORRENT_COMMENTS_PER_PAGE * $Pages - TORRENT_COMMENTS_PER_PAGE ) / THREAD_CATALOGUE );
$Cache -> begin_transaction ( 'request_comments_' . $RequestID . '_catalogue_' . $CatalogueID );
$Post = array (
'ID' => $PostID ,
'AuthorID' => $LoggedUser [ 'ID' ],
'AddedTime' => sqltime (),
'Body' => $_POST [ 'body' ],
'EditedUserID' => 0 ,
'EditedTime' => '0000-00-00 00:00:00' ,
'Username' => ''
);
$Cache -> insert ( '' , $Post );
$Cache -> commit_transaction ( 0 );
$Cache -> increment ( 'request_comments_' . $RequestID );
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
header ( 'Location: requests.php?action=view&id=' . $RequestID . '&page=' . $Pages );
break ;
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
case 'get_post' :
enforce_login ();
2013-04-30 18:18:07 +00:00
if ( ! $_GET [ 'post' ] || ! is_number ( $_GET [ 'post' ])) {
error ( 0 );
}
2011-03-28 14:21:28 +00:00
$DB -> query ( " SELECT Body FROM requests_comments WHERE ID=' " . db_string ( $_GET [ 'post' ]) . " ' " );
list ( $Body ) = $DB -> next_record ( MYSQLI_NUM );
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
echo trim ( $Body );
break ;
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
case 'takeedit_comment' :
enforce_login ();
authorize ();
include ( SERVER_ROOT . '/classes/class_text.php' ); // Text formatting class
$Text = new TEXT ;
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
// Quick SQL injection check
2013-04-30 18:18:07 +00:00
if ( ! $_POST [ 'post' ] || ! is_number ( $_POST [ 'post' ])) {
error ( 0 );
}
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
// Mainly
$DB -> query ( " SELECT
rc . Body ,
rc . AuthorID ,
rc . RequestID ,
rc . AddedTime
FROM requests_comments AS rc
WHERE rc . ID = '".db_string($_POST[' post '])."' " );
list ( $OldBody , $AuthorID , $RequestID , $AddedTime ) = $DB -> next_record ();
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
$DB -> query ( " SELECT ceil(COUNT(ID) / " . POSTS_PER_PAGE . " ) AS Page FROM requests_comments WHERE RequestID = $RequestID AND ID <= $_POST[post] " );
list ( $Page ) = $DB -> next_record ();
2013-02-22 08:00:24 +00:00
2013-04-30 18:18:07 +00:00
if ( $LoggedUser [ 'ID' ] != $AuthorID && ! check_perms ( 'site_moderate_forums' )) {
error ( 404 );
}
if ( $DB -> record_count () == 0 ) {
error ( 404 );
}
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
// Perform the update
$DB -> query ( " UPDATE requests_comments SET
Body = '".db_string($_POST[' body '])."' ,
EditedUserID = '".db_string($LoggedUser[' ID '])."' ,
EditedTime = '".sqltime()."'
WHERE ID = '".db_string($_POST[' post '])."' " );
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
// Update the cache
$CatalogueID = floor (( TORRENT_COMMENTS_PER_PAGE * $Page - TORRENT_COMMENTS_PER_PAGE ) / THREAD_CATALOGUE );
$Cache -> begin_transaction ( 'request_comments_' . $RequestID . '_catalogue_' . $CatalogueID );
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
$Cache -> update_row ( $_POST [ 'key' ], array (
'ID' => $_POST [ 'post' ],
'AuthorID' => $AuthorID ,
'AddedTime' => $AddedTime ,
'Body' => $_POST [ 'body' ],
'EditedUserID' => db_string ( $LoggedUser [ 'ID' ]),
'EditedTime' => sqltime (),
'Username' => $LoggedUser [ 'Username' ]
));
$Cache -> commit_transaction ( 0 );
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
$DB -> query ( " INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)
VALUES ( 'requests' , " .db_string( $_POST['post'] ). " , " .db_string( $LoggedUser['ID'] ). " , '".sqltime()."' , '".db_string($OldBody)."' ) " );
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
// This gets sent to the browser, which echoes it in place of the old body
echo $Text -> full_format ( $_POST [ 'body' ]);
break ;
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
case 'delete_comment' :
enforce_login ();
authorize ();
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
// Quick SQL injection check
2013-04-30 18:18:07 +00:00
if ( ! $_GET [ 'postid' ] || ! is_number ( $_GET [ 'postid' ])) {
error ( 0 );
}
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
// Make sure they are moderators
2013-04-30 18:18:07 +00:00
if ( ! check_perms ( 'site_moderate_forums' )) {
error ( 403 );
}
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
// Get topicid, forumid, number of pages
$DB -> query ( " SELECT DISTINCT
RequestID ,
2012-05-18 13:35:17 +00:00
CEIL ( COUNT ( rc . ID ) / " .TORRENT_COMMENTS_PER_PAGE. " ) AS Pages ,
CEIL ( SUM ( IF ( rc . ID <= " . $_GET['postid'] . " , 1 , 0 )) / " .TORRENT_COMMENTS_PER_PAGE. " ) AS Page
2011-03-28 14:21:28 +00:00
FROM requests_comments AS rc
WHERE rc . RequestID = ( SELECT RequestID FROM requests_comments WHERE ID = '".db_string($_GET[' postid '])."' ) " );
list ( $RequestID , $Pages , $Page ) = $DB -> next_record ();
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
// $Pages = number of pages in the thread
// $Page = which page the post is on
// These are set for cache clearing.
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
$DB -> query ( " DELETE FROM requests_comments WHERE ID=' " . db_string ( $_GET [ 'postid' ]) . " ' " );
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
//We need to clear all subsequential catalogues as they've all been bumped with the absence of this post
$ThisCatalogue = floor (( TORRENT_COMMENTS_PER_PAGE * $Page - TORRENT_COMMENTS_PER_PAGE ) / THREAD_CATALOGUE );
$LastCatalogue = floor (( TORRENT_COMMENTS_PER_PAGE * $Pages - TORRENT_COMMENTS_PER_PAGE ) / THREAD_CATALOGUE );
2012-04-18 08:00:25 +00:00
for ( $i = $ThisCatalogue ; $i <= $LastCatalogue ; $i ++ ) {
2011-03-28 14:21:28 +00:00
$Cache -> delete ( 'request_comments_' . $RequestID . '_catalogue_' . $i );
}
2013-02-22 08:00:24 +00:00
2011-03-28 14:21:28 +00:00
// Delete thread info cache (eg. number of pages)
$Cache -> delete ( 'request_comments_' . $GroupID );
break ;
2013-02-25 08:00:45 +00:00
case 'warn' :
include ( SERVER_ROOT . '/sections/requests/warn.php' );
break ;
case 'take_warn' :
include ( SERVER_ROOT . '/sections/requests/take_warn.php' );
break ;
2011-03-28 14:21:28 +00:00
default :
error ( 0 );
}
}
?>