makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-27 21:58:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Posting preview done, ability for anonymous users to post with a username

Browse source 
git-svn-id: file:///svn/phpbb/trunk@463 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
James Atkinson 2001-06-11 00:58:08 +00:00
parent b71e098cdc
commit cb44575d8a
10 changed files with 210 additions and 99 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
phpBB/db/postgres_schema.sql
View file

@ -269,8 +269,8 @@ CREATE TABLE phpbb_privmsgs (
privmsgs_bbcode_uid int4 DEFAULT '0' NOT NULL,
CONSTRAINT phpbb_privmsgs_pkey PRIMARY KEY (privmsgs_id)
);
CREATE INDEX privmsgs_from_groupid_phpbb_privmsgs_index ON phpbb_privmsgs (privmsgs_from_groupid);
CREATE INDEX privmsgs_to_groupid_phpbb_privmsgs_index ON phpbb_privmsgs (privmsgs_to_groupid);
CREATE INDEX privmsgs_from_groupid_index ON phpbb_privmsgs (privmsgs_from_groupid);
CREATE INDEX privmsgs_to_groupid_index ON phpbb_privmsgs (privmsgs_to_groupid);
/* --------------------------------------------------------

73
phpBB/includes/functions.php
View file

@ -67,14 +67,14 @@ function get_db_stat($mode)
}
}
function get_userdata_from_id($userid)
function get_userdata_from_id($userid)
{
global $db;
$sql = "SELECT *
FROM ".USERS_TABLE."
$sql = "SELECT *
FROM ".USERS_TABLE."
WHERE user_id = $userid";
if(!$result = $db->sql_query($sql))
if(!$result = $db->sql_query($sql))
{
$userdata = array("error" => "1");
return ($userdata);
@ -95,9 +95,9 @@ function get_userdata($username) {
global $db;
$sql = "SELECT *
FROM ".USERS_TABLE."
WHERE username = '$username'
$sql = "SELECT *
FROM ".USERS_TABLE."
WHERE username = '$username'
AND user_level != ".DELETED;
if(!$result = $db->sql_query($sql))
{
@ -410,4 +410,63 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add
}
//
// Check to see if the username has been taken, or if it is disallowed.
// Used for registering, changing names, and posting anonymously with a username
//
function validate_username($username)
{
global $db;
switch(SQL_LAYER)
{
// Along with subqueries MySQL also lacks
// a UNION clause which would be very nice here :(
// So we have to use two queries
case 'mysql':
$sql_users = "SELECT username
FROM ".USERS_TABLE."
WHERE LOWER(username) = '".strtolower($username)."'";
$sql_disallow = "SELECT disallow_username
FROM ".DISALLOW_TABLE."
WHERE disallow_username = '$username'";
if($result = $db->sql_query($sql_users))
{
if($db->sql_numrows($result) > 0)
{
return(FALSE);
}
}
if($result = $db->sql_query($sql_disallow))
{
if($db->sql_numrows($result) > 0)
{
return(FALSE);
}
}
break;
default:
$sql = "SELECT disallow_username
FROM ".DISALLOW_TABLE."
WHERE disallow_username = '$username'
UNION
SELECT username
FROM ".USERS_TABLE."
WHERE LOWER(username) = '".strtolower($username)."'";
if($result = $db->sql_query($sql))
{
if($db->sql_numrows($result) > 0)
{
return(FALSE);
}
}
break;
}
return(TRUE);
}
?>

19
phpBB/index.php
View file

@ -136,7 +136,7 @@ if($total_categories)
{
case 'postgresql':
$limit_forums = ($viewcat != -1) ? "AND f.cat_id = $viewcat " : "";
$sql = "SELECT f.*, t.topic_id, t.topic_replies, t.topic_last_post_id, u.username, u.user_id, p.post_time
$sql = "SELECT f.*, t.topic_id, t.topic_replies, t.topic_last_post_id, u.username, u.user_id, p.post_time, p.post_username
FROM ".FORUMS_TABLE." f, ".TOPICS_TABLE." t, ".POSTS_TABLE." p, ".USERS_TABLE." u, ".AUTH_FORUMS_TABLE." af
WHERE f.forum_last_post_id = p.post_id
AND p.post_id = t.topic_last_post_id
@ -144,7 +144,7 @@ if($total_categories)
AND af.forum_id = f.forum_id
$limit_forums
UNION (
SELECT f.*, NULL, NULL, NULL, NULL, NULL, NULL
SELECT f.*, NULL, NULL, NULL, NULL, NULL, NULL, NULL
FROM ".FORUMS_TABLE." f
WHERE NOT EXISTS (
SELECT p.post_time
@ -158,7 +158,7 @@ if($total_categories)
case 'oracle':
$limit_forums = ($viewcat != -1) ? "AND f.cat_id = $viewcat " : "";
$sql = "SELECT f.*, t.topic_id, t.topic_replies, t.topic_last_post_id, u.username, u.user_id, p.post_time
$sql = "SELECT f.*, t.topic_id, t.topic_replies, t.topic_last_post_id, u.username, u.user_id, p.post_time, p.post_username
FROM ".FORUMS_TABLE." f, ".POSTS_TABLE." p, ".TOPICS_TABLE." t, ".USERS_TABLE." u, ".AUTH_FORUMS_TABLE." af
WHERE f.forum_last_post_id = p.post_id(+)
AND p.post_id = t.topic_last_post_id(+)
@ -180,7 +180,7 @@ if($total_categories)
$limit_forums
ORDER BY f.cat_id, f.forum_order";
*/
$sql = "SELECT f.*, t.topic_id, t.topic_replies, t.topic_last_post_id, u.username, u.user_id, p.post_time, af.auth_view, af.auth_read, af.auth_post, af.auth_reply, af.auth_edit, af.auth_delete, af.auth_votecreate, af.auth_vote
$sql = "SELECT f.*, t.topic_id, t.topic_replies, t.topic_last_post_id, u.username, u.user_id, p.post_time, p.post_username, af.auth_view, af.auth_read, af.auth_post, af.auth_reply, af.auth_edit, af.auth_delete, af.auth_votecreate, af.auth_vote
FROM ((( ".FORUMS_TABLE." f
LEFT JOIN ".POSTS_TABLE." p ON f.forum_last_post_id = p.post_id )
LEFT JOIN ".TOPICS_TABLE." t ON p.post_id = t.topic_last_post_id )
@ -282,11 +282,18 @@ if($total_categories)
if($forum_rows[$j]['username'] != "" && $forum_rows[$j]['post_time'] > 0)
{
if($forum_rows[$j]['user_id'] == ANONYMOUS && $forum_rows[$j]['post_username'] != '')
{
$last_poster = $forum_rows[$j]['post_username'];
}
else
{
$last_poster = $forum_rows[$j]['username'];
}
$last_post_time = create_date($board_config['default_dateformat'], $forum_rows[$j]['post_time'], $board_config['default_timezone']);
$last_post = $last_post_time . "<br />by ";
$last_post .= "<a href=\"" . append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=" . $forum_rows[$j]['user_id']) . "\">" . $forum_rows[$j]['username'] . "</a>&nbsp;";
$last_post .= "<a href=\"" . append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=" . $forum_rows[$j]['user_id']) . "\">" . $last_poster . "</a>&nbsp;";
$last_post .= "<a href=\"" . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=" . $forum_rows[$j]['topic_last_post_id']) . "#" . $forum_rows[$j]['topic_last_post_id'] . "\"><img src=\"" . $images['latest_reply'] . "\" width=\"20\" height=\"11\" border=\"0\" alt=\"View Latest Post\"></a>";

2
phpBB/language/lang_english.php
View file

@ -135,6 +135,7 @@ $lang['Sticky'] = "<b>Sticky:</b>";
//
// Viewtopic
//
$lang['Guest'] = 'Guest';
//
// Posting/Replying (Not private
@ -168,6 +169,7 @@ $lang['Date'] = "Date";
$lang['Website'] = "Website";
$lang['From'] = "From";
$lang['Wrong_Profile'] = "You cannot modify a profile that is not your own.";
$lang['Bad_username'] = "The username you choose has been taken or is disallowed by the administrator.";
//
// Memberslist

89
phpBB/posting.php
View file

@ -110,8 +110,7 @@ switch($mode)
}
break;
case 'reply':
$auth_type = AUTH_REPLY;
$auth_type = AUTH_ALL;
$is_auth_type = "auth_reply";
$error_string = "reply to topics";
break;
@ -171,6 +170,8 @@ $attach_sig = (isset($HTTP_POST_VARS['attach_sig'])) ? $HTTP_POST_VARS['attach_s
$notify = (isset($HTTP_POST_VARS['notify'])) ? $HTTP_POST_VARS['notify'] : $userdata["always_notify"];
$annouce = (isset($HTTP_POST_VARS['annouce'])) ? $HTTP_POST_VARS['annouce'] : "";
$sticky = (isset($HTTP_POST_VARS['sticky'])) ? $HTTP_POST_VARS['sticky'] : "";
$preview = (isset($HTTP_POST_VARS['preview'])) ? TRUE : FALSE;
if($annouce)
{
@ -188,12 +189,12 @@ else
//
// Prepare our message and subject on a 'submit'
//
if(isset($HTTP_POST_VARS['submit']))
if(isset($HTTP_POST_VARS['submit']) || $preview)
{
//
// Flood control
//
if($mode != 'editpost')
if($mode != 'editpost' && !$preview)
{
$sql = "SELECT max(post_time) AS last_post_time
FROM ".POSTS_TABLE."
@ -215,6 +216,25 @@ if(isset($HTTP_POST_VARS['submit']))
// End: Flood control
//
// Handle anon posting with usernames
if(isset($HTTP_POST_VARS['username']))
{
$username = trim(strip_tags(htmlspecialchars(stripslashes($HTTP_POST_VARS['username']))));
if(!validate_username($username))
{
$error = TRUE;
if(isset($error_msg))
{
$error_msg .= "<br />";
}
$error_msg .= $lang['Bad_username'];
}
}
else
{
$username = "";
}
$subject = trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['subject'])));
if($mode == 'newtopic' && empty($subject))
{
@ -239,7 +259,7 @@ if(isset($HTTP_POST_VARS['submit']))
if(!empty($HTTP_POST_VARS['message']))
{
if(!$error)
if(!$error && !$preview)
{
if($disable_html)
{
@ -312,8 +332,12 @@ switch($mode)
}
}
if(isset($HTTP_POST_VARS['submit']) && !$error)
if(isset($HTTP_POST_VARS['submit']) && !$error && !$preview)
{
if($username)
{
$username = addslashes($username);
}
$topic_time = get_gmt_ts();
$topic_notify = ($HTTP_POST_VARS['notify']) ? $HTTP_POST_VARS['notify'] : 0;
$sql = "INSERT INTO ".TOPICS_TABLE." (topic_title, topic_poster, topic_time, forum_id, topic_notify, topic_status, topic_type)
@ -322,8 +346,8 @@ switch($mode)
if($db->sql_query($sql))
{
$new_topic_id = $db->sql_nextid();
$sql = "INSERT INTO ".POSTS_TABLE." (topic_id, forum_id, poster_id, post_time, poster_ip, bbcode_uid)
VALUES ($new_topic_id, $forum_id, ".$userdata['user_id'].", $topic_time, '$user_ip', '$uid')";
$sql = "INSERT INTO ".POSTS_TABLE." (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, bbcode_uid)
VALUES ($new_topic_id, $forum_id, ".$userdata['user_id'].", '".$username."', $topic_time, '$user_ip', '$uid')";
if($db->sql_query($sql))
{
@ -504,7 +528,7 @@ switch($mode)
$page_title = " $l_reply";
$section_title = $l_postreplyto;
if(isset($HTTP_POST_VARS['submit']) && !$error)
if(isset($HTTP_POST_VARS['submit']) && !$error && !$preview)
{
if($SQL_LAYER != "mysql")
{
@ -519,11 +543,16 @@ switch($mode)
}
}
if($username)
{
$username = addslashes($username);
}
$new_topic_id = $HTTP_POST_VARS[POST_TOPIC_URL];
$topic_time = get_gmt_ts();
$sql = "INSERT INTO ".POSTS_TABLE." (topic_id, forum_id, poster_id, post_time, poster_ip, bbcode_uid)
VALUES ($new_topic_id, $forum_id, ".$userdata['user_id'].", $topic_time, '$user_ip', '$uid')";
$sql = "INSERT INTO ".POSTS_TABLE." (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, bbcode_uid)
VALUES ($new_topic_id, $forum_id, ".$userdata['user_id'].", '".$username."', $topic_time, '$user_ip', '$uid')";
if($db->sql_query($sql))
{
@ -673,7 +702,7 @@ switch($mode)
case 'editpost':
$page_title = " $l_editpost";
$section_title = $l_editpostin;
if(isset($HTTP_POST_VARS['submit']) && !$error)
if(isset($HTTP_POST_VARS['submit']) && !$error && !$preview)
{
if(isset($HTTP_POST_VARS['delete_post']))
{
@ -724,7 +753,7 @@ switch($mode)
}
}
}
else
else if(!$preview)
{
$post_id = ($HTTP_GET_VARS[POST_POST_URL]) ? $HTTP_GET_VARS[POST_POST_URL] : $HTTP_POST_VARS[POST_POST_URL];
if(!empty($post_id))
@ -832,6 +861,36 @@ if($error)
// End: error handling
//
if(!isset($username))
{
$username = $userdata["username"];
}
//
// Start: Preview Post
//
if($preview)
{
$preview_message = $message;
$uid = make_bbcode_uid();
$preview_message = prepare_message($preview_message, TRUE, TRUE, TRUE, $uid);
$preview_message = bbencode_second_pass($preview_message, $uid);
$preview_message = make_clickable($preview_message);
$template->set_filenames(array("preview" => "posting_preview.tpl"));
$template->assign_vars(array(
"TOPIC_TITLE" => $subject,
"ROW_COLOR" => $theme['td_color1'],
"POSTER_NAME" => $username,
"L_POSTED" => $lang['Posted'],
"POST_DATE" => create_date($board_config['default_dateformat'], time(), $board_config['default_timezone']),
"MESSAGE" => stripslashes(nl2br($preview_message))));
$template->pparse("preview");
}
//
// End: Preview Post
//
//
// Show the same form for each mode.
//
@ -876,10 +935,6 @@ if($error)
}
else
{
if(!isset($username))
{
$username = $userdata["username"];
}
$username_input = '<input type="text" name="username" value="'.$username.'" size="25" maxlength="50">';
$password_input = '<input type="password" name="password" size="25" maxlenght="40">';
}

54
phpBB/profile.php
View file

@ -37,61 +37,7 @@ init_userprefs($userdata);
//
// Page specific functions
//
function validate_username($username)
{
global $db;
switch(SQL_LAYER)
{
// Along with subqueries MySQL also lacks
// a UNION clause which would be very nice here :(
// So we have to use two queries
case 'mysql':
$sql_users = "SELECT username
FROM ".USERS_TABLE."
WHERE LOWER(username) = '".strtolower($username)."'";
$sql_disallow = "SELECT disallow_username
FROM ".DISALLOW_TABLE."
WHERE disallow_username = '$username'";
if($result = $db->sql_query($sql_users))
{
if($db->sql_numrows($result) > 0)
{
return(FALSE);
}
}
if($result = $db->sql_query($sql_disallow))
{
if($db->sql_numrows($result) > 0)
{
return(FALSE);
}
}
break;
default:
$sql = "SELECT disallow_username
FROM ".DISALLOW_TABLE."
WHERE disallow_username = '$username'
UNION
SELECT username
FROM ".USERS_TABLE."
WHERE LOWER(username) = '".strtolower($username)."'";
if($result = $db->sql_query($sql))
{
if($db->sql_numrows($result) > 0)
{
return(FALSE);
}
}
break;
}
return(TRUE);
}
function language_select($default, $dirname="language/")
{
global $phpEx;

14
phpBB/templates/Default/posting_body.tpl
View file

@ -1,11 +1,11 @@
<script language="Javascript">
<!--
function x ()
function x ()
{
return;
}
function addBBcode(bbCode)
function addBBcode(bbCode)
{
document.posting.message.value=document.posting.message.value+bbCode;
document.posting.message.focus();
@ -34,15 +34,11 @@ function addBBcode(bbCode)
<tr>
<td>
<table border="0" width="100%" cellpadding="3" cellspacing="1">
<tr class="tablebody">
<td bgcolor="#DDDDDD" width="15%">{L_ABOUT_POST}</td>
<td bgcolor="#CCCCCC">{ABOUT_POSTING}</td>
</tr>
<tr class="tablebody">
<tr class="tablebody">
<td bgcolor="#DDDDDD">{L_USERNAME}</td>
<td bgcolor="#CCCCCC">{USERNAME_INPUT}</td>
</tr>
<tr class="tablebody">
</tr>
<tr class="tablebody">
<td bgcolor="#DDDDDD">{L_PASSWORD}</td>
<td bgcolor="#CCCCCC">{PASSWORD_INPUT}</td>
</tr>

28
phpBB/templates/Default/posting_preview.tpl Executable file
View file

@ -0,0 +1,28 @@
<tr>
<td>
<table border="0" align="center" width="100%" bgcolor="#000000" cellpadding="0" cellspacing="1">
<tr>
<td>
<table border="0" width="100%" cellpadding="3" cellspacing="1">
<tr class="tableheader">
<td width="15%">Author</td>
<td colspan="2">{TOPIC_TITLE}</td>
</tr>
<tr bgcolor="{ROW_COLOR}" class="tablebody">
<td width="20%" align="left" valign="top" nowrap rowspan="2">
<font style="{font-size: 10pt; font-weight: bold;}">{POSTER_NAME}</font><br>
</td>
<td><i><b>{TOPIC_TITLE}</b></i></td>
<td align="right" width="15%"><img src="images/posticon.gif"><font style="{font-size: 8pt;}">{L_POSTED}: {POST_DATE}</font></td>
</tr>
<tr bgcolor="{ROW_COLOR}" class="tablebody">
<td colspan="3">
{MESSAGE}
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>

14
phpBB/viewforum.php
View file

@ -192,7 +192,7 @@ $select_post_days .= "</select>";
// Grab all the basic data for
// this forum
//
$sql = "SELECT t.*, u.username, u.user_id, u2.username as user2, u2.user_id as id2, p.post_time
$sql = "SELECT t.*, u.username, u.user_id, u2.username as user2, u2.user_id as id2, p.post_time, p.post_username
FROM ".TOPICS_TABLE." t, ".USERS_TABLE." u, ".POSTS_TABLE." p, ".USERS_TABLE." u2
WHERE t.forum_id = $forum_id
AND t.topic_poster = u.user_id
@ -202,6 +202,7 @@ $sql = "SELECT t.*, u.username, u.user_id, u2.username as user2, u2.user_id as i
$limit_posts_time
ORDER BY t.topic_type DESC, p.post_time DESC
LIMIT $start, ".$board_config['topics_per_page'];
if(!$t_result = $db->sql_query($sql))
{
error_die(SQL_QUERY, "Couldn't obtain topic information.", __LINE__, __FILE__);
@ -363,7 +364,16 @@ if($total_topics)
$topic_poster_profile_url = append_sid("profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=".$topic_rowset[$x]['user_id']);
$last_post_time = create_date($board_config['default_dateformat'], $topic_rowset[$x]['post_time'], $board_config['default_timezone']);
$last_post_user = $topic_rowset[$x]['user2'];
if($topic_rowset[$x]['id2'] == ANONYMOUS && $topic_rowset[$x]['post_username'] != '')
{
$last_post_user = $topic_rowset[$x]['post_username'];
}
else
{
$last_post_user = $topic_rowset[$x]['user2'];
}
$last_post_profile_url = append_sid("profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=".$topic_rowset[$x]['id2']);
$views = $topic_rowset[$x]['topic_views'];

12
phpBB/viewtopic.php
View file

@ -315,7 +315,7 @@ $topic_prev_row = $db->sql_fetchrow($result_prev);
//
// Go ahead and pull all data for this topic
//
$sql = "SELECT u.username, u.user_id, u.user_posts, u.user_from, u.user_website, u.user_icq, u.user_aim, u.user_yim, u.user_regdate, u.user_msnm, u.user_viewemail, u.user_rank, u.user_sig, u.user_avatar, p.post_time, p.post_id, p.bbcode_uid, pt.post_text, pt.post_subject
$sql = "SELECT u.username, u.user_id, u.user_posts, u.user_from, u.user_website, u.user_icq, u.user_aim, u.user_yim, u.user_regdate, u.user_msnm, u.user_viewemail, u.user_rank, u.user_sig, u.user_avatar, p.post_time, p.post_id, p.bbcode_uid, pt.post_text, pt.post_subject, p.post_username
FROM ".POSTS_TABLE." p, ".USERS_TABLE." u, ".POSTS_TEXT_TABLE." pt
WHERE p.topic_id = $topic_id
AND p.poster_id = u.user_id
@ -424,7 +424,7 @@ for($x = 0; $x < $total_posts; $x++)
$poster_avatar = ($postrow[$x]['user_avatar'] != "" && $userdata['user_id'] != ANONYMOUS) ? "<img src=\"".$board_config['avatar_path']."/".$postrow[$x]['user_avatar']."\">" : "";
if(!$postrow[$x]['user_rank'])
if($postrow[$x]['user_rank'] == '')
{
for($i = 0; $i < count($ranksrow); $i++)
{
@ -447,6 +447,13 @@ for($x = 0; $x < $total_posts; $x++)
}
}
// Handle anon users posting with usernames
if($poster_id == ANONYMOUS && $postrow[$x]['post_username'] != '')
{
$poster = stripslashes($postrow[$x]['post_username']);
$poster_rank = $lang['Guest'];
}
$profile_img = "<a href=\"".append_sid("profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=$poster_id")."\"><img src=\"".$images['profile']."\" alt=\"$l_profileof $poster\" border=\"0\"></a>";
$email_img = ($postrow[$x]['user_viewemail'] == 1) ? "<a href=\"mailto:".$postrow[$x]['user_email']."\"><img src=\"".$images['email']."\" alt=\"$l_email $poster\" border=\"0\"></a>" : "";
@ -485,6 +492,7 @@ for($x = 0; $x < $total_posts; $x++)
$delpost_img = "<a href=\"".append_sid("topicadmin.$phpEx?mode=delpost&".POST_POST_URL."=".$postrow[$x]['post_id'])."\"><img src=\"".$images['delpost']."\" alt=\"$l_delete\" border=\"0\"></a>";
}
$post_subject = ($postrow[$x]['post_subject'] != "") ? stripslashes($postrow[$x]['post_subject']) : "Re: ".$topic_title;
$bbcode_uid = $postrow[$x]['bbcode_uid'];