Raw HTML editing

This commit is contained in:
Michael Save 2013-01-24 19:16:25 +11:00
parent 85578b7105
commit 85710249b7
5 changed files with 31 additions and 10 deletions

View File

@ -861,6 +861,9 @@
// PM snippet (for ?/inbox) length in characters // PM snippet (for ?/inbox) length in characters
$config['mod']['snippet_length'] = 75; $config['mod']['snippet_length'] = 75;
// Edit raw HTML in posts by default
$config['mod']['raw_html_default'] = false;
// Probably best not to change these: // Probably best not to change these:
if (!defined('JANITOR')) { if (!defined('JANITOR')) {
define('JANITOR', 0, true); define('JANITOR', 0, true);

View File

@ -297,7 +297,7 @@ class Post {
// Edit post // Edit post
if (hasPermission($config['mod']['editpost'], $board['uri'], $this->mod)) if (hasPermission($config['mod']['editpost'], $board['uri'], $this->mod))
$built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>'; $built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit' . ($config['mod']['raw_html_default'] ? '_raw' : '') . '/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>';
if (!empty($built)) if (!empty($built))
$built = '<span class="controls">' . $built . '</span>'; $built = '<span class="controls">' . $built . '</span>';
@ -418,7 +418,7 @@ class Thread {
// Edit post // Edit post
if (hasPermission($config['mod']['editpost'], $board['uri'], $this->mod)) if (hasPermission($config['mod']['editpost'], $board['uri'], $this->mod))
$built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>'; $built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit' . ($config['mod']['raw_html_default'] ? '_raw' : '') . '/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>';
if (!empty($built)) if (!empty($built))
$built = '<span class="controls op">' . $built . '</span>'; $built = '<span class="controls op">' . $built . '</span>';

View File

@ -986,7 +986,7 @@ function mod_ban_post($board, $delete, $post, $token = false) {
mod_page(_('New ban'), 'mod/ban_form.html', $args); mod_page(_('New ban'), 'mod/ban_form.html', $args);
} }
function mod_edit_post($board, $postID) { function mod_edit_post($board, $edit_raw_html, $postID) {
global $config, $mod; global $config, $mod;
if (!openBoard($board)) if (!openBoard($board))
@ -995,7 +995,10 @@ function mod_edit_post($board, $postID) {
if (!hasPermission($config['mod']['editpost'], $board)) if (!hasPermission($config['mod']['editpost'], $board))
error($config['error']['noaccess']); error($config['error']['noaccess']);
$security_token = make_secure_link_token($board . '/edit/' . $postID); if ($edit_raw_html && !hasPermission($config['mod']['rawhtml'], $board))
error($config['error']['noaccess']);
$security_token = make_secure_link_token($board . '/edit' . ($edit_raw_html ? '_raw' : '') . '/' . $postID);
$query = prepare(sprintf('SELECT * FROM `posts_%s` WHERE `id` = :id', $board)); $query = prepare(sprintf('SELECT * FROM `posts_%s` WHERE `id` = :id', $board));
$query->bindValue(':id', $postID); $query->bindValue(':id', $postID);
@ -1005,6 +1008,9 @@ function mod_edit_post($board, $postID) {
error($config['error']['404']); error($config['error']['404']);
if (isset($_POST['name'], $_POST['email'], $_POST['subject'], $_POST['body'])) { if (isset($_POST['name'], $_POST['email'], $_POST['subject'], $_POST['body'])) {
if ($edit_raw_html)
$query = prepare(sprintf('UPDATE `posts_%s` SET `name` = :name, `email` = :email, `subject` = :subject, `body` = :body WHERE `id` = :id', $board));
else
$query = prepare(sprintf('UPDATE `posts_%s` SET `name` = :name, `email` = :email, `subject` = :subject, `body_nomarkup` = :body WHERE `id` = :id', $board)); $query = prepare(sprintf('UPDATE `posts_%s` SET `name` = :name, `email` = :email, `subject` = :subject, `body_nomarkup` = :body WHERE `id` = :id', $board));
$query->bindValue(':id', $postID); $query->bindValue(':id', $postID);
$query->bindValue('name', $_POST['name']); $query->bindValue('name', $_POST['name']);
@ -1013,15 +1019,19 @@ function mod_edit_post($board, $postID) {
$query->bindValue(':body', $_POST['body']); $query->bindValue(':body', $_POST['body']);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if (!$edit_raw_html)
rebuildPost($postID); rebuildPost($postID);
buildIndex(); buildIndex();
header('Location: ?/' . sprintf($config['board_path'], $board) . $config['dir']['res'] . sprintf($config['file_page'], $post['thread'] ? $post['thread'] : $postID) . '#' . $postID, true, $config['redirect_http']); header('Location: ?/' . sprintf($config['board_path'], $board) . $config['dir']['res'] . sprintf($config['file_page'], $post['thread'] ? $post['thread'] : $postID) . '#' . $postID, true, $config['redirect_http']);
} else { } else {
if ($config['minify_html']) if ($config['minify_html']) {
$post['body_nomarkup'] = str_replace("\n", '&#010;', $post['body_nomarkup']); $post['body_nomarkup'] = str_replace("\n", '&#010;', $post['body_nomarkup']);
$post['body'] = str_replace("\n", '&#010;', $post['body']);
}
mod_page(_('Edit post'), 'mod/edit_post_form.html', array('token' => $security_token, 'post' => $post)); mod_page(_('Edit post'), 'mod/edit_post_form.html', array('token' => $security_token, 'board' => $board, 'raw' => $edit_raw_html, 'post' => $post));
} }
} }

View File

@ -61,7 +61,7 @@ $pages = array(
'/ban' => 'secure_POST ban', // new ban '/ban' => 'secure_POST ban', // new ban
'/(\w+)/ban(&delete)?/(\d+)' => 'secure_POST ban_post', // ban poster '/(\w+)/ban(&delete)?/(\d+)' => 'secure_POST ban_post', // ban poster
'/(\w+)/move/(\d+)' => 'secure_POST move', // move thread '/(\w+)/move/(\d+)' => 'secure_POST move', // move thread
'/(\w+)/edit/(\d+)' => 'secure_POST edit_post', // edit post '/(\w+)/edit(_raw)?/(\d+)' => 'secure_POST edit_post', // edit post
'/(\w+)/delete/(\d+)' => 'secure delete', // delete post '/(\w+)/delete/(\d+)' => 'secure delete', // delete post
'/(\w+)/deletefile/(\d+)' => 'secure deletefile', // delete file from post '/(\w+)/deletefile/(\d+)' => 'secure deletefile', // delete file from post
'/(\w+)/deletebyip/(\d+)(/global)?' => 'secure deletebyip', // delete all posts by IP address '/(\w+)/deletebyip/(\d+)(/global)?' => 'secure deletebyip', // delete all posts by IP address

View File

@ -32,8 +32,16 @@
{% trans %}Comment{% endtrans %} {% trans %}Comment{% endtrans %}
</th> </th>
<td> <td>
<textarea name="body" id="body" rows="5" cols="35">{{ post.body_nomarkup }}</textarea> <textarea name="body" id="body" rows="8" cols="35">{% if raw %}{{ post.body | e }}{% else %}{{ post.body_nomarkup }}{% endif %}</textarea>
</td> </td>
</tr> </tr>
</table> </table>
<p style="text-align:center">
{% if raw %}
{% trans %}Currently editing raw HTML.{% endtrans %}
<a href="?/{{ board }}/edit/{{ post.id }}">{% trans %}Edit markup instead?{% endtrans %}</a>
{% else %}
<a href="?/{{ board }}/edit_raw/{{ post.id }}">{% trans %}Edit raw HTML instead?{% endtrans %}</a>
{% endif %}
</p>
</form> </form>