twin/jul
1
0
Fork 0
mirror of https://github.com/Xkeeper0/jul.git synced 2025-08-14 19:55:48 -07:00
Code Issues Packages Projects Releases Wiki Activity
Files
cruft
css
errors
ext
images
js
lib
numgfx
schemes
tlayouts
.gitignore
.htaccess
README.md
acs.php
activeusers.php
activity.php
activity2.php
activity3.php
activity3u.php
admin-editforums.php
admin-editmods.php
admin-slammer.php
admin-threads.php
admin-threads2.php
admin.php
adnonsense.php
announcement.php
avatar.php
biggestposters.php
calendar.php
del.php
doomcounter.php
editpost.php
editprofile.php
editthread.php
edituser.php
faq.php
favicon.ico
forum.php
hex.php
index.php
ipsearch.php
irc.php
latestposts.php
login.php
memberlist.php
milestones.php
newreply.php
newthread.php
numgfx.php
numgfxbig.php
online.php
posticons.dat
postradar.php
postsbyforum.php
postsbythread.php
postsbytime.php
postsbyuser.php
private.php
profile.php
ranks.php
register.php
robots.txt
sendprivate.php
shitbugs.php
shop.php
shoped.php
shoph.php
showprivate.php
sigsize.php
smilies.dat
smilies.php
smilies2.dat
smilies2.php
smilieslol.dat
stats.php
status.php
thread.php
7324aa0d94ae59612c60e9f5733da5ed111f4e39
jul/editpost.php
Xkeeper cd6ec44aba Quote more array keys
2018-01-24 21:36:18 -08:00

212 lines
9.7 KiB
PHP
Raw Blame History

<?php
// (fat catgirl here)
require 'lib/function.php';
// Stop this insanity. Never index editpost...
$meta['noindex'] = true;
if (!$log) {
require_once 'lib/layout.php';
errorpage("You are not logged in.",'log in (then try again)','login.php');
}
if ($loguser['editing_locked'] == 1) {
require_once 'lib/layout.php';
errorpage("You are not allowed to edit your posts.",'return to the board','index.php');
}
$post = $sql->fetchq("SELECT * FROM posts,posts_text WHERE id='$id 'AND id=pid");
if (!$post) {
require_once 'lib/layout.php';
errorpage("Post ID #{$id} doesn't exist.",'return to the board','index.php');
}
$threadid = $post['thread'];
$thread = $sql->fetchq("SELECT forum,closed,title FROM threads WHERE id=$threadid");
$options = explode("|", $post['options']);
$thread['title'] = str_replace('<','&lt;',$thread['title']);
$thread['title'] = str_replace('>','&gt;',$thread['title']);
$smilies = readsmilies();
$forum = $sql->fetchq("SELECT * FROM forums WHERE id=$thread[forum]");
$specialscheme = $forum['specialscheme'];
$windowtitle = "$boardname -- $forum[title]: $thread[title] -- Editing Post";
require_once 'lib/layout.php';
print $header;
if (@mysql_num_rows($sql->query("SELECT user FROM forummods WHERE forum=$forum[id] and user=$loguserid")))
$ismod = 1;
print "$fonttag<a href=index.php>$boardname</a> - ". ($forum['minpower'] <= $loguser['powerlevel'] ? "<a href=forum.php?id=$forum[id]>".$forum['title']."</a> - <a href='thread.php?pid=$id#$id'>$thread[title]</a> - Edit post" : "Restricted thread") ."
$tblstart
<FORM ACTION=editpost.php NAME=REPLIER METHOD=POST>";
if(!$action && $log && ($ismod || ($loguserid==$post['user'] && $loguser['powerlevel'] > -1 && !$thread['closed'])) && (!$forum['minpower'] or $power>=$forum['minpower'])) {
$message=$post['text'];
if(!$post['headid']) $head=$post['headtext'];
else $head=$sql->resultq("SELECT text FROM postlayouts WHERE id=$post[headid]",0,0);
if(!$post['signid']) $sign=$post['signtext'];
else $sign=$sql->resultq("SELECT text FROM postlayouts WHERE id=$post[signid]",0,0);
sbr(1,$message);
sbr(1,$head);
sbr(1,$sign);
$chks = array();
if ($options[0]) $chks[0] = "checked";
if ($options[1]) $chks[1] = "checked";
$user=$sql->fetchq("SELECT name FROM users WHERE id=$post[user]");
print "
$tccellh width=150>&nbsp</td>$tccellh colspan=2>&nbsp<tr>
$tccell1><b>Header:</td> $tccell2l width=800px valign=top>$txta=head ROWS=8 COLS=$numcols style=\"width: 100%; max-width: 800px; resize:vertical;\">". htmlspecialchars($head) ."</textarea>
$tccell2l width=* rowspan=3>".moodlist($post['moodid'])."</td><tr>
$tccell1><b>Post:</td> $tccell2l width=800px valign=top>$txta=message ROWS=12 COLS=$numcols style=\"width: 100%; max-width: 800px; resize:vertical;\">". htmlspecialchars($message) ."</textarea><tr>
$tccell1><b>Signature:</td> $tccell2l width=800px valign=top>$txta=sign ROWS=8 COLS=$numcols style=\"width: 100%; max-width: 800px; resize:vertical;\">". htmlspecialchars($sign) ."</textarea><tr>
$tccell1>&nbsp</td>$tccell2l colspan=2>
$inph=action VALUE=editpost>
$inph=id VALUE=$id>
$inps=submit VALUE=\"Edit post\">
$inps=preview VALUE=\"Preview post\"></td>
<tr>$tccell1><b>Options:</b></td>$tccell2l colspan=2>
$inpc=\"nosmilies\" id=\"nosmilies\" value=\"1\" $chks[0]><label for=\"nosmilies\">Disable Smilies</label> -
$inpc=\"nohtml\" id=\"nohtml\" value=\"1\" $chks[1]><label for=\"nohtml\">Disable HTML</label></td></tr>
</FORM>
$tblend$fonttag<a href=index.php>$boardname</a> - <a href=forum.php?id=$forum[id]>".$forum['title']."</a> - $thread[title]
";
}
elseif (!$action) {
print "
$tccell1>You are not allowed to edit this post.<br>
".redirect("thread.php?id=$threadid","the thread",0);
}
if($_POST['action']=='editpost') {
$poptions = intval($nosmilies) . "|" . intval($nohtml);
print $tblstart;
if(($ismod or ($loguserid==$post[user] && $loguser['powerlevel'] >= 0)) and (!$forum['minpower'] or $power>=$forum['minpower']) && !$thread['closed']) {
$user = $sql->fetchq("SELECT posts,regdate FROM users WHERE id=$loguserid");
$numposts=$user['posts'];
$numdays=(ctime()-$user['regdate'])/86400;
$message=doreplace($message,$numposts,$numdays,$loguser['name']);
$edited = str_replace('\'', '\\\'', getuserlink($loguser));
if($submit) {
if ($loguserid == 1162) {
xk_ircsend("1|The jceggbert5 dipshit tried to edit another post: ". $id);
}
elseif (($message == "COCKS" || $head == "COCKS" || $sign == "COCKS") || ($message == $head && $head == $sign)) {
mysql_query("INSERT INTO `ipbans` SET `reason` = 'Idiot hack attempt', `ip` = '". $_SERVER['REMOTE_ADDR'] ."', `date` = '". ctime() ."'");
die("NO BONUS");
}
else {
$headid=@$sql->resultq("SELECT `id` FROM `postlayouts` WHERE `text` = '$head' LIMIT 1",0,0);
$signid=@$sql->resultq("SELECT `id` FROM `postlayouts` WHERE `text` = '$sign' LIMIT 1",0,0);
if($headid) $head=''; else $headid=0;
if($signid) $sign=''; else $signid=0;
$sql->query("UPDATE `posts_text` SET `options` = '$poptions', `headtext` = '$head', `text` = '$message', `signtext` = '$sign', `edited` = '$edited', `editdate` = '".ctime()."' WHERE `pid` = '$id'");
$sql->query("UPDATE `posts` SET `headid` = '$headid', `signid` = '$signid', `moodid` = '". $_POST['moodid'] ."' WHERE `id` = '$id'");
}
//$ppp=($log?$loguser['postsperpage']:20);
//$page=floor($sql->query("SELECT COUNT(*) FROM `posts` WHERE `thread` = '$threadid' AND `id` < '$id'",0,0)/$ppp);
print "
$tccell1>Post edited successfully.<br>
".redirect("thread.php?pid=$id#$id",'return to the thread',0).'</table></table>';
}
else {
loadtlayout();
$ppost=$sql->fetchq("SELECT * FROM users WHERE id=$post[user]");
$head = stripslashes($head);
$sign = stripslashes($sign);
$message = stripslashes($message);
$ppost['uid']=$post['user'];
$ppost['num']=$post['num'];
$ppost['date']=$post['date'];
$ppost['tagval']=$post['tagval'];
$ppost['headtext']=$head;
$ppost['signtext']=$sign;
$ppost['text']=$message;
$ppost['options']=$poptions;
// Edited notice
$ppost['edited'] = $edited;
$ppost['editdate'] = ctime();
$chks = array();
if ($nosmilies) $chks[0] = "checked";
if ($nohtml) $chks[1] = "checked";
if($isadmin) $ip=$post['ip'];
print "
<body onload=window.document.REPLIER.message.focus()>
$tccellh>Post preview
$tblend$tblstart
".threadpost($ppost,1)."
$tblend<br>$tblstart
$tccellh width=150>&nbsp</td>$tccellh colspan=2>&nbsp<tr>
$tccell1><b>Header:</td> $tccell2l width=800px valign=top>$txta=head ROWS=8 COLS=$numcols style=\"width: 100%; max-width: 800px; resize:vertical;\">". htmlspecialchars($head) ."</textarea>
$tccell2l width=* rowspan=3>".moodlist($moodid)."</td><tr>
$tccell1><b>Post:</td> $tccell2l width=800px valign=top>$txta=message ROWS=12 COLS=$numcols style=\"width: 100%; max-width: 800px; resize:vertical;\">". htmlspecialchars($message) ."</textarea><tr>
$tccell1><b>Signature:</td> $tccell2l width=800px valign=top>$txta=sign ROWS=8 COLS=$numcols style=\"width: 100%; max-width: 800px; resize:vertical;\">". htmlspecialchars($sign) ."</textarea><tr>
$tccell1>&nbsp</td>$tccell2l colspan=2>
$inph=action VALUE=editpost>
$inph=id VALUE=$id>
$inps=submit VALUE=\"Edit post\">
$inps=preview VALUE=\"Preview post\"></td>
<tr>$tccell1><b>Options:</b></td>$tccell2l colspan=2>
$inpc=\"nosmilies\" id=\"nosmilies\" value=\"1\" $chks[0]><label for=\"nosmilies\">Disable Smilies</label> -
$inpc=\"nohtml\" id=\"nohtml\" value=\"1\" $chks[1]><label for=\"nohtml\">Disable HTML</label></td></tr>
</FORM>
$tblend$fonttag<a href=index.php>$boardname</a> - <a href=forum.php?id=$forum[id]>".$forum[title]."</a> - $thread[title]
";
}
}
else print "
$tccell1>You are not allowed to edit this post.<br>
".redirect("thread.php?id=$threadid","the thread",0);
print $tblend;
}
elseif ($action=='noob') {
die();
/*if ($loguser['powerlevel'] >= 1) {
mysql_query("UPDATE `posts` SET `noob` = '1' - `noob` WHERE `id` = '$id'");
print "
$tblstart$tccell1>Post n00bed!<br>
".redirect("thread.php?pid=$id&r=1#$id",'the post',0).'</table></table>';
}*/
}
elseif ($action=='delete'){
if (!$_POST['reallydelete'])
$txt = "Are you sure you want to <b>DELETE</b> this post?<br><br><form action='editpost.php' method='post'>$inps=reallydelete value='Delete post'>$inph=action value='delete'>$inph=id value='$id'></form> - <a href='thread.php?pid=$id#$id'>Cancel</a>";
else {
if ($loguserid == 1162) { // not like it matters since he's banned anyway <:3
xk_ircsend("1|The jceggbert5 dipshit tried to delete another post: ". $id);
$txt="Thank you, $loguser[name], for deleting the post.<br>".redirect("thread.php?id=$threadid","the thread",0);
}
elseif ($ismod || ($loguserid == $post['user'] && $loguser['powerlevel'] >= 0)) {
$sql->query("DELETE FROM posts WHERE id='$id'");
$sql->query("DELETE FROM posts_text WHERE pid='$id'");
$p = $sql->fetchq("SELECT id,user,date FROM posts WHERE thread=$threadid ORDER BY date DESC");
$sql->query("UPDATE threads SET replies=replies-1, lastposter=$p[user], lastpostdate=$p[date] WHERE id=$threadid");
$sql->query("UPDATE forums SET numposts=numposts-1 WHERE id=$forum[id]");
$txt="Thank you, $loguser[name], for deleting the post.<br>".redirect("thread.php?id=$threadid","return to the thread",0);
}
else
$txt="Couldn't delete the post. You are not allowed to delete this post.<br>".redirect("thread.php?id=$threadid","the thread",0);
}
print "$tblstart$tccell1>$txt$tblend";
}
print $footer;
printtimedif($startingtime);
?>
Reference in New Issue View Git Blame Copy Permalink