/*
# UBB.threads, Version 6
# Official Release Date for UBB.threads Version6: 06/05/2002
# First version of UBB.threads created July 30, 1996 (by Rick Baker).
# This entire program is copyright Groupee, Inc., 2005.
# For more info on UBB.threads and other Groupee Services
# visit http://www.groupee.com/ & http://www.ubbcentral.com/
# Program Author: Rick Baker.
# File Version 6.5.5
# You may not distribute this program in any manner, modified or otherwise,
# without the express, written written consent from Groupee, Inc..
# Note: if you modify ANY code within UBB.threads, we at Groupee, Inc.
# cannot offer you support-- thus modify at your own peril :)
# ---------------------------------------------------------------------------
*/
// Require the library
require ("./includes/main.inc.php");
require ("languages/{$_SESSION['myprefs']['language']}/editpost.php");
// -------------
// Get the input
$Cat = get_input("Cat","get","cat");
$Board = get_input("Board","get","alphanum");
$Number = get_input("Number","get","int");
$page = get_input("page","get","int");
$what = get_input("what","get","alpha");
$vc = get_input("vc","get","int");
// ------------------------
// Predefine some variables
$check = "";
$fpart = "";
$PSelected = "";
$addevent = "";
$selectmonth = "";
$selectday = "";
$selectyear = "";
// -----------------
// Get the user info
$userob = new user;
$user = $userob -> authenticate("U_TextCols, U_TextRows, U_Preview");
$Username = $user['U_Username'];
// If user is a moderator, grab the mod perms
if ($user['U_Status'] == "Moderator") {
$modperms = $userob->get_mod_perms($user['U_Number']);
}
else {
$modperms = array();
}
!empty($user['U_TextCols']) && $TextCols = $user['U_TextCols'];
!empty($user['U_TextCols']) && $TextRows = $user['U_TextRows'];
if (!isset($TextCols)) { $TextCols = $theme['TextCols']; }
if (!isset($TextRows)) { $TextRows = $theme['TextRows']; }
// --------------------
// Authenticate the user
$html = new html;
if (!$user['U_Username']){
$html -> not_right ($ubbt_lang['NO_AUTH'],$Cat);
}
// ---------------------------------------------------------------------------
// For security purposes we need to verify that this is user made this post or
// if they are an admin or a moderator for this board.
$Status = $user['U_Status'];
// -----------------------------------
// Get the post info from the database
$query = "
SELECT B_Posterid,B_Subject,B_Body,B_Approved,B_Kept,B_Status,B_Main,B_Sticky,B_Posted,B_Icon,B_Poll,B_Convert,B_Topic,B_CalDay,B_CalMonth,B_CalYear,B_AddSig,B_Board
FROM {$config['tbprefix']}Posts
WHERE B_Number = '$Number'
";
$sth = $dbh -> do_query($query,__LINE__,__FILE__);
// -------------------------
// Assign the retrieved data
list($Postedby,$Subject,$Body,$Approved,$TKept,$TStatus,$Main,$Sticky,$Posted,$Icon,$Poll,$Convert,$istopic,$calday,$calmonth,$calyear,$addsig,$Board) = $dbh -> fetch_array($sth);
$Board_q = addslashes($Board);
// ---------------------------------
// Grab some info about this board
$Username_q = addslashes($Username);
$query = "
SELECT Bo_SpecialHeader,Bo_StyleSheet
FROM {$config['tbprefix']}Boards
WHERE Bo_Keyword = '$Board_q'
";
$sth = $dbh -> do_query($query,__LINE__,__FILE__);
list($fheader,$fstyle) = $dbh -> fetch_array($sth);
// -------------------------------------
// Let's see if they moderate this board
if ($user['U_Status'] == "Moderator") {
$query = "
SELECT Mod_Uid
FROM {$config['tbprefix']}Moderators
WHERE Mod_Board='$Board_q'
AND Mod_Uid='{$user['U_Number']}'
";
$sth = $dbh -> do_query($query,__LINE__,__FILE__);
list($modcheck) = $dbh -> fetch_array($sth);
if ($modcheck) {
$check = "true";
}
}
if ( (!$check) && ($Status != "Administrator") && ($user['U_Number'] != $Postedby) ) {
$html -> not_right($ubbt_lang['NO_EDIT'],$Cat);
}
// ---------------------------------------------------------------------------
// If this thread is locked and they are not a admin or mod they can't proceed
if ( ($TStatus == "C" || $TStatus == "M") && ($user['U_Status'] != "Administrator") && ($user['U_Status'] != "Moderator") ){
$html -> not_right($ubbt_lang['LOCKED'],$Cat);
}
// -------------------------------------------------
// Here we need to figure out what stylesheet to use
$mystyle = "";
isset($user['U_StyleSheet']) && $mystyle = $user['U_StyleSheet'];
if (!$mystyle) { $mystyle = "usedefault"; }
if ($mystyle == "usedefault") {
$mystyle = $fstyle;
if ($mystyle == "usedefault") {
$mystyle = $theme['stylesheet'];
}
}
// fstyle will now be a global variable to use in send_header
$fstyle = $mystyle;
// ------------------------------------------------
// Make the sure the edittime value has not expired
$expired = $config['edittime'] * 3600;
$current = $html -> get_date();
if ( ($current - $Posted > $expired) && ( ($Status != "Administrator") && (!$check) ) ){
$html -> not_right($ubbt_lang['EDITTIME'],$Cat);
}
// -------------------------------------------------------------------------
// Well everything checked out, doesn't look like a hacker so let's let them
// edit the post.
$html -> send_header($ubbt_lang['PEDIT_HEAD'],$Cat,0,$user);
// --------------------
// Undo the markup code
if ( ($Convert == "markup") || ($Convert == "both") ) {
$Body = $html -> undo_markup($Body);
}
// --------------------------
// Get rid of the line breaks
$Body = str_replace(" ","\n",$Body);
// -----------------
// Change " to "
$Subject = str_replace("\"",""",$Subject);
// -----------------------------------------------------
// Let's find out if they get the default preview or not.
$Preview = "";
isset($user['U_Preview']) && $Preview = $user['U_Preview'];
if (!$Preview) { $Preview = $config['preview']; }
if ( ($Preview == "on") || ($Preview == "1") ) {
$PSelected = "checked=\"checked\"";
}
// -----------------------------
// Signature added to this post?
$addsigcheck = "";
if ($addsig) {
$addsigcheck = "checked = \"checked\"";
}
$iconselect = $html -> icon_select($Icon);
$instant_ubbcode = $html -> instant_ubbcode();
if ( $user['U_Number'] == $Postedby ) {
$markeditselect = "
{$ubbt_lang['MARK_EDIT']}
";
}
else {
$markeditselect = "
";
}
if (($user['U_Status'] == "Administrator" || ( ($check) && $modperms['P_CanApprovePosts'] )) && ($Approved == "no")) {
$approvebutton = "";
}
else {
$approvebutton = " ";
}
$changebutton = "";
if ( ($check) && (!$modperms['P_CanEditPosts']) && ($user['U_Number'] != $Postedby) ) {
$changebutton = " ";
}
$deletebutton = "";
if ( ($check) && (!$modperms['P_CanDeletePosts']) && ($user['U_Number'] != $Postedby) ) {
$deletebutton = " ";
}
// ------------------------------------------------------------------------------
// If this is a main topic they might be able to add/edit a public calendar event
if ($istopic) {
if ( ($config['publicevents'] == 1 && $user['U_Status'] == "Administrator")
|| ($config['publicevents'] == 2 && ($user['U_Status'] == "Administrator" || $user['U_Status'] == "Moderator") )
|| ($config['publicevents'] == 3) ) {
$checked = "";;
if ($calday && $calmonth && $calyear) {
$checked = "checked=\"checked\"";
}
$addevent = "
{$ubbt_lang['ADDEVENT']}
";
$selectmonth = "
";
$selectday = "";
$selectyear = "
";
}
}
// Can they add/edit a file attachment
if ( ($config['attach_on']) && (ini_get('file_uploads') ) ) {
$ubbt_lang['DOPREVIEW'] .= $ubbt_lang['EDIT_FILE'];
}
// ---------------------
// Grab the tablewrapper
list($tbopen,$tbclose) = $html -> table_wrapper();
if (!$debug) {
include("$thispath/templates/$tempstyle/editpost.tmpl");
}
if ( ($user['U_Status'] == "Administrator") || ( ($user['U_Status'] == "Moderator") && $check ) ){
if ($Number != $Main) {
if (!$debug) {
include("$thispath/templates/$tempstyle/editpost_manage_move.tmpl");
}
}
}
$html -> send_footer();
?>