github/torrentpier
1
0
Fork 0
mirror of https://github.com/torrentpier/torrentpier synced 2025-08-22 14:23:57 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

r139

Browse source 
ещё не всё... git-svn-id: https://torrentpier2.googlecode.com/svn/trunk@139 a8ac35ab-4ca4-ca47-4c2d-a49a94f06293
This commit is contained in:
nanosimbiot 2011-07-24 15:34:15 +00:00
commit 3c14408d89
1 changed files with 44 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

47
upload/ajax/posts.php
View file

@ -219,9 +219,9 @@ switch($this->request['type'])
WHERE t.topic_id = $topic_id WHERE t.topic_id = $topic_id
AND f.forum_id = t.forum_id AND f.forum_id = t.forum_id
LIMIT 1"); LIMIT 1");
if(!$t_data) bb_die($lang['TOPIC_POST_NOT_EXIST']); if(!$t_data) $this->ajax_die($lang['TOPIC_POST_NOT_EXIST']);
$is_auth = auth(AUTH_ALL, $post['forum_id'], $userdata, $post); $is_auth = auth(AUTH_ALL, $t_data['forum_id'], $userdata, $t_data);
if(bf($userdata['user_opt'], 'user_opt', 'allow_post')) if(bf($userdata['user_opt'], 'user_opt', 'allow_post'))
{ {
$this->ajax_die($lang['RULES_REPLY_CANNOT']); $this->ajax_die($lang['RULES_REPLY_CANNOT']);
@ -231,12 +231,51 @@ switch($this->request['type'])
$this->ajax_die(sprintf($lang['SORRY_AUTH_REPLY'], strip_tags($is_auth['auth_reply_type']))); $this->ajax_die(sprintf($lang['SORRY_AUTH_REPLY'], strip_tags($is_auth['auth_reply_type'])));
} }
// Flood control
$where_sql = (IS_GUEST) ? "p.poster_ip = '". USER_IP ."'" : "p.poster_id = {$userdata['user_id']}";
$sql = "SELECT MAX(p.post_time) AS last_post_time FROM ". BB_POSTS ." p WHERE $where_sql";
if ($row = DB()->fetch_row($sql) AND $row['last_post_time'])
{
if ($userdata['user_level'] == USER)
{
if (TIMENOW - $row['last_post_time'] < $bb_cfg['flood_interval'])
{
$this->ajax_die($lang['FLOOD_ERROR']);
}
}
}
// Double Post Control
if (!empty($row['last_post_time']) && !IS_AM)
{
$sql = "
SELECT pt.post_text
FROM ". BB_POSTS ." p, ". BB_POSTS_TEXT ." pt
WHERE
$where_sql
AND p.post_time = ". (int) $row['last_post_time'] ."
AND pt.post_id = p.post_id
LIMIT 1
";
if ($row = DB()->fetch_row($sql))
{
$last_msg = DB()->escape($row['post_text']);
if ($last_msg == $post_message)
{
$this->ajax_die($lang['DOUBLE_POST_ERROR']);
}
}
}
$message = (string) $this->request['message']; $message = (string) $this->request['message'];
$message = prepare_message($message); $message = prepare_message($message);
if($bb_cfg['max_smilies']) if($bb_cfg['max_smilies'])
{ {
$count_smilies = substr_count(bbcode2html($text), '<img class="smile" src="'. $bb_cfg['smilies_path']); $count_smilies = substr_count(bbcode2html($message), '<img class="smile" src="'. $bb_cfg['smilies_path']);
if($count_smilies > $bb_cfg['max_smilies']) if($count_smilies > $bb_cfg['max_smilies'])
{ {
$this->ajax_die(sprintf($lang['MAX_SMILIES_PER_POST'], $bb_cfg['max_smilies'])); $this->ajax_die(sprintf($lang['MAX_SMILIES_PER_POST'], $bb_cfg['max_smilies']));
@ -247,6 +286,8 @@ switch($this->request['type'])
$post_id = DB()->sql_nextid(); $post_id = DB()->sql_nextid();
DB()->sql_query("INSERT INTO " . BB_POSTS_TEXT . " (post_id, post_text) VALUES ($post_id, '". DB()->escape($message) ."')"); DB()->sql_query("INSERT INTO " . BB_POSTS_TEXT . " (post_id, post_text) VALUES ($post_id, '". DB()->escape($message) ."')");
update_post_stats('', $t_data, $t_data['forum_id'], $topic_id, $post_id, $userdata['user_id']);
add_search_words($post_id, stripslashes($message), stripslashes($t_data['topic_title'])); add_search_words($post_id, stripslashes($message), stripslashes($t_data['topic_title']));
update_post_html(array( update_post_html(array(
'post_id' => $post_id, 'post_id' => $post_id,