"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "Upload/editpost.php" between
mybb_1819.zip and mybb_1820.zip

About: MyBB is a multilingual, standards-compliant and free forum (discussion board) software.

editpost.php  (mybb_1819):editpost.php  (mybb_1820)
skipping to change at line 74 skipping to change at line 74
} }
$thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subje ct'])); $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subje ct']));
// Get forum info // Get forum info
$fid = $post['fid']; $fid = $post['fid'];
$forum = get_forum($fid); $forum = get_forum($fid);
if($thread['visible'] == 0 && !is_moderator($fid, "canviewunapprove") || $thread ['visible'] == -1 && !is_moderator($fid, "canviewdeleted") || ($thread['visible' ] < -1 && $thread['uid'] != $mybb->user['uid'])) if($thread['visible'] == 0 && !is_moderator($fid, "canviewunapprove") || $thread ['visible'] == -1 && !is_moderator($fid, "canviewdeleted") || ($thread['visible' ] < -1 && $thread['uid'] != $mybb->user['uid']))
{ {
error($lang->error_invalidthread); if($thread['visible'] == 0 && !($mybb->settings['showownunapproved'] && $
thread['uid'] == $mybb->user['uid']))
{
error($lang->error_invalidthread);
}
} }
if(!$forum || $forum['type'] != "f") if(!$forum || $forum['type'] != "f")
{ {
error($lang->error_closedinvalidforum); error($lang->error_closedinvalidforum);
} }
if(($forum['open'] == 0 && !is_moderator($fid, "caneditposts")) || $mybb->user[' suspendposting'] == 1) if(($forum['open'] == 0 && !is_moderator($fid, "caneditposts")) || $mybb->user[' suspendposting'] == 1)
{ {
error_no_permission(); error_no_permission();
} }
skipping to change at line 134 skipping to change at line 137
error($lang->redirect_threadclosed); error($lang->redirect_threadclosed);
} }
if($forumpermissions['candeleteposts'] == 0 && $pid != $thread['f irstpost'] || $forumpermissions['candeletethreads'] == 0 && $pid == $thread['fir stpost']) if($forumpermissions['candeleteposts'] == 0 && $pid != $thread['f irstpost'] || $forumpermissions['candeletethreads'] == 0 && $pid == $thread['fir stpost'])
{ {
error_no_permission(); error_no_permission();
} }
if($mybb->user['uid'] != $post['uid']) if($mybb->user['uid'] != $post['uid'])
{ {
error_no_permission(); error_no_permission();
} }
// User can't delete unapproved post // User can't delete unapproved post unless allowed for own
if($post['visible'] == 0) if($post['visible'] == 0 && !($mybb->settings['showownunapproved'
] && $post['uid'] == $mybb->user['uid']))
{ {
error_no_permission(); error_no_permission();
} }
} }
if($post['visible'] == -1 && $mybb->settings['soft_delete'] == 1) if($post['visible'] == -1 && $mybb->settings['soft_delete'] == 1)
{ {
error($lang->error_already_deleted); error($lang->error_already_deleted);
} }
} }
elseif($mybb->input['action'] == "restorepost" && $mybb->request_method == "post ") elseif($mybb->input['action'] == "restorepost" && $mybb->request_method == "post ")
skipping to change at line 176 skipping to change at line 179
error_no_permission(); error_no_permission();
} }
// Edit time limit // Edit time limit
$time = TIME_NOW; $time = TIME_NOW;
if($mybb->usergroup['edittimelimit'] != 0 && $post['dateline'] < ($time-($mybb->usergroup['edittimelimit']*60))) if($mybb->usergroup['edittimelimit'] != 0 && $post['dateline'] < ($time-($mybb->usergroup['edittimelimit']*60)))
{ {
$lang->edit_time_limit = $lang->sprintf($lang->edit_time_ limit, $mybb->usergroup['edittimelimit']); $lang->edit_time_limit = $lang->sprintf($lang->edit_time_ limit, $mybb->usergroup['edittimelimit']);
error($lang->edit_time_limit); error($lang->edit_time_limit);
} }
// User can't edit unapproved post // User can't edit unapproved post
if($post['visible'] == 0 || $post['visible'] == -1) if(($post['visible'] == 0 && !($mybb->settings['showownunapproved '] && $post['uid'] == $mybb->user['uid'])) || $post['visible'] == -1)
{ {
error_no_permission(); error_no_permission();
} }
} }
} }
// Check if this forum is password protected and we have a valid password // Check if this forum is password protected and we have a valid password
check_forum_password($forum['fid']); check_forum_password($forum['fid']);
if((empty($_POST) && empty($_FILES)) && $mybb->get_input('processed', MyBB::INPU T_INT) == '1') if((empty($_POST) && empty($_FILES)) && $mybb->get_input('processed', MyBB::INPU T_INT) == '1')
skipping to change at line 248 skipping to change at line 251
$update_sql = array("visible" => 1); $update_sql = array("visible" => 1);
$db->update_query("attachments", $update_sql, "aid='{$mybb->input ['attachmentaid']}'"); $db->update_query("attachments", $update_sql, "aid='{$mybb->input ['attachmentaid']}'");
update_thread_counters($post['tid'], array('attachmentcount' => " +1")); update_thread_counters($post['tid'], array('attachmentcount' => " +1"));
} }
elseif($mybb->get_input('attachmentact') == "unapprove" && is_moderator($ fid, 'canapproveunapproveattachs')) elseif($mybb->get_input('attachmentact') == "unapprove" && is_moderator($ fid, 'canapproveunapproveattachs'))
{ {
$update_sql = array("visible" => 0); $update_sql = array("visible" => 0);
$db->update_query("attachments", $update_sql, "aid='{$mybb->input ['attachmentaid']}'"); $db->update_query("attachments", $update_sql, "aid='{$mybb->input ['attachmentaid']}'");
update_thread_counters($post['tid'], array('attachmentcount' => " -1")); update_thread_counters($post['tid'], array('attachmentcount' => " -1"));
} }
if($mybb->get_input('ajax', MyBB::INPUT_INT) == 1)
{
header("Content-type: application/json; charset={$lang->settings[
'charset']}");
echo json_encode(array("success" => true));
exit();
}
if(!isset($mybb->input['submit'])) if(!isset($mybb->input['submit']))
{ {
$mybb->input['action'] = "editpost"; $mybb->input['action'] = "editpost";
} }
} }
if($mybb->input['action'] == "deletepost" && $mybb->request_method == "post") if($mybb->input['action'] == "deletepost" && $mybb->request_method == "post")
{ {
// Verify incoming POST request // Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key')); verify_post_check($mybb->get_input('my_post_key'));
 End of changes. 4 change blocks. 
4 lines changed or deleted 18 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)