154 lines
6.4 KiB
PHP
154 lines
6.4 KiB
PHP
<?php
|
||
|
||
/**
|
||
* Copyright (C) 2008-2012 FluxBB
|
||
* based on code by Rickard Andersson copyright (C) 2002-2008 PunBB
|
||
* License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
|
||
*/
|
||
|
||
define('PUN_ROOT', dirname(__FILE__).'/');
|
||
require PUN_ROOT.'include/common.php';
|
||
|
||
|
||
if ($pun_user['g_read_board'] == '0')
|
||
message($lang_common['No view'], false, '403 Forbidden');
|
||
|
||
|
||
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
|
||
if ($id < 1)
|
||
message($lang_common['Bad request'], false, '404 Not Found');
|
||
|
||
// Fetch some info about the post, the topic and the forum
|
||
$result = $db->query('SELECT f.id AS fid, f.forum_name, f.moderators, f.redirect_url, f.no_sum_mess, fp.post_replies, fp.post_topics, t.id AS tid, t.subject, t.first_post_id, t.closed, p.posted, p.poster, p.poster_id, p.message, p.hide_smilies FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error()); // not sum - f.no_sum_mess, - Visman
|
||
$cur_post = $db->fetch_assoc($result);
|
||
|
||
if (!$cur_post)
|
||
message($lang_common['Bad request'], false, '404 Not Found');
|
||
|
||
// MOD subforums - Visman
|
||
if (!isset($sf_array_asc[$cur_post['fid']]))
|
||
message($lang_common['Bad request'], false, '404 Not Found');
|
||
|
||
if ($pun_config['o_censoring'] == '1')
|
||
$cur_post['subject'] = censor_words($cur_post['subject']);
|
||
|
||
// Sort out who the moderators are and if we are currently a moderator (or an admin)
|
||
$mods_array = $cur_post['moderators'] != '' ? unserialize($cur_post['moderators']) : array();
|
||
$is_admmod = $pun_user['g_id'] == PUN_ADMIN || ($pun_user['g_moderator'] == '1' && array_key_exists($pun_user['username'], $mods_array)) ? true : false;
|
||
|
||
$is_topic_post = $id == $cur_post['first_post_id'] ? true : false;
|
||
|
||
// Do we have permission to edit this post?
|
||
if (($pun_user['g_delete_posts'] == '0' ||
|
||
($pun_user['g_delete_topics'] == '0' && $is_topic_post) ||
|
||
$cur_post['poster_id'] != $pun_user['id'] ||
|
||
$cur_post['closed'] == '1') &&
|
||
!$is_admmod)
|
||
message($lang_common['No permission'], false, '403 Forbidden');
|
||
|
||
if ($is_admmod && $pun_user['g_id'] != PUN_ADMIN && in_array($cur_post['poster_id'], get_admin_ids()))
|
||
message($lang_common['No permission'], false, '403 Forbidden');
|
||
|
||
// мод ограничения времени редактирвания - Visman
|
||
if (!$is_admmod && $pun_user['g_deledit_interval'] != 0 && (time()-$cur_post['posted']) > $pun_user['g_deledit_interval'])
|
||
message($lang_common['No permission'], false, '403 Forbidden');
|
||
|
||
// Load the delete.php language file
|
||
require PUN_ROOT.'lang/'.$pun_user['language'].'/delete.php';
|
||
|
||
|
||
if (isset($_POST['delete']))
|
||
{
|
||
// Make sure they got here from the site
|
||
confirm_referrer('delete.php');
|
||
|
||
require PUN_ROOT.'include/search_idx.php';
|
||
|
||
if ($is_topic_post)
|
||
{
|
||
// Delete the topic and all of its posts
|
||
delete_topic($cur_post['tid'], $cur_post['no_sum_mess']); // not sum - Visman
|
||
update_forum($cur_post['fid']);
|
||
|
||
redirect('viewforum.php?id='.$cur_post['fid'], $lang_delete['Topic del redirect']);
|
||
}
|
||
else
|
||
{
|
||
// Delete just this one post
|
||
delete_post($id, $cur_post['tid']);
|
||
update_forum($cur_post['fid']);
|
||
|
||
// При удалении одиночного сообщения, уменьшим кол-во сообщений у пользователя - Visman
|
||
// not sum - Visman
|
||
if ($cur_post['no_sum_mess'] == 0 && $cur_post['poster_id'] > 1)
|
||
$db->query('UPDATE '.$db->prefix.'users SET num_posts=num_posts-1 WHERE id='.$cur_post['poster_id']) or error('Unable to update user', __FILE__, __LINE__, $db->error());
|
||
|
||
// Redirect towards the previous post
|
||
$result = $db->query('SELECT MAX(id) FROM '.$db->prefix.'posts WHERE topic_id='.$cur_post['tid'].' AND id < '.$id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
|
||
$post_id = $db->result($result);
|
||
|
||
redirect('viewtopic.php?pid='.$post_id.'#p'.$post_id, $lang_delete['Post del redirect']);
|
||
}
|
||
}
|
||
|
||
|
||
$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_delete['Delete post']);
|
||
define ('PUN_ACTIVE_PAGE', 'index');
|
||
require PUN_ROOT.'header.php';
|
||
|
||
require PUN_ROOT.'include/parser.php';
|
||
$cur_post['message'] = parse_message($cur_post['message'], $cur_post['hide_smilies']);
|
||
|
||
?>
|
||
<div class="linkst">
|
||
<div class="inbox">
|
||
<ul class="crumbs">
|
||
<li><a href="index.php"><?php echo $lang_common['Index'] ?></a></li>
|
||
<li><span>» </span><a href="viewforum.php?id=<?php echo $cur_post['fid'] ?>"><?php echo pun_htmlspecialchars($cur_post['forum_name']) ?></a></li>
|
||
<li><span>» </span><a href="viewtopic.php?pid=<?php echo $id ?>#p<?php echo $id ?>"><?php echo pun_htmlspecialchars($cur_post['subject']) ?></a></li>
|
||
<li><span>» </span><strong><?php echo $lang_delete['Delete post'] ?></strong></li>
|
||
</ul>
|
||
</div>
|
||
</div>
|
||
|
||
<div class="blockform">
|
||
<h2><span><?php echo $lang_delete['Delete post'] ?></span></h2>
|
||
<div class="box">
|
||
<form method="post" action="delete.php?id=<?php echo $id ?>">
|
||
<div class="inform">
|
||
<input type="hidden" name="csrf_hash" value="<?php echo csrf_hash() ?>" />
|
||
<div class="forminfo">
|
||
<h3><span><?php printf($is_topic_post ? $lang_delete['Topic by'] : $lang_delete['Reply by'], '<strong>'.pun_htmlspecialchars($cur_post['poster']).'</strong>', format_time($cur_post['posted'])) ?></span></h3>
|
||
<p><?php echo ($is_topic_post) ? '<strong>'.$lang_delete['Topic warning'].'</strong>' : '<strong>'.$lang_delete['Warning'].'</strong>' ?><br /><?php echo $lang_delete['Delete info'] ?></p>
|
||
</div>
|
||
</div>
|
||
<p class="buttons"><input type="submit" name="delete" value="<?php echo $lang_delete['Delete'] ?>" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
|
||
</form>
|
||
</div>
|
||
</div>
|
||
|
||
<div id="postreview">
|
||
<div class="blockpost">
|
||
<div class="box">
|
||
<div class="inbox">
|
||
<div class="postbody">
|
||
<div class="postleft">
|
||
<dl>
|
||
<dt><strong><?php echo pun_htmlspecialchars($cur_post['poster']) ?></strong></dt>
|
||
<dd><span><?php echo format_time($cur_post['posted']) ?></span></dd>
|
||
</dl>
|
||
</div>
|
||
<div class="postright">
|
||
<div class="postmsg">
|
||
<?php echo $cur_post['message']."\n" ?>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
<div class="clearer"></div>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
<?php
|
||
|
||
require PUN_ROOT.'footer.php';
|