From 9fec3646fa5ef5ec856f0a0b3a7bc9bba03de7fc Mon Sep 17 00:00:00 2001 From: asiekierka Date: Tue, 8 Jan 2013 07:52:13 +0100 Subject: [PATCH] [EDIT] basic edit support --- inc/config.php | 2 +- inc/mod/pages.php | 37 ++++++++++++++++++++++++++++++++----- templates/mod/edit_post_form.html | 35 ++++++++++------------------------- 3 files changed, 43 insertions(+), 31 deletions(-) diff --git a/inc/config.php b/inc/config.php index a1fa088f..a6f78053 100644 --- a/inc/config.php +++ b/inc/config.php @@ -953,7 +953,7 @@ // View whether a thread has been bumplocked ("-1" to allow non-mods to see too) $config['mod']['view_bumplock'] = MOD; // Edit posts (EXPERIMENTAL) - $config['mod']['editpost'] = DISABLED; + $config['mod']['editpost'] = MOD; // "Move" a thread to another board (EXPERIMENTAL; has some known bugs) $config['mod']['move'] = DISABLED; // Bypass "field_disable_*" (forced anonymity, etc.) diff --git a/inc/mod/pages.php b/inc/mod/pages.php index 75f7ffb4..8cabae6d 100644 --- a/inc/mod/pages.php +++ b/inc/mod/pages.php @@ -994,11 +994,38 @@ function mod_edit_post($board, $post) { if (!hasPermission($config['mod']['editpost'], $board)) error($config['error']['noaccess']); - // error("Unimplemented!"); - $args = array( - 'test' => 1 - ); - mod_page(_('Edit post'), 'mod/edit_post_form.html', $args); + $security_token = make_secure_link_token($board . '/ban/' . $post); + + $query = prepare(sprintf('SELECT * FROM `posts_%s` WHERE `id` = :id', $board)); + $query->bindValue(':id', $post); + $query->execute() or error(db_error($query)); + + if (!$_post = $query->fetch(PDO::FETCH_ASSOC)) + error($config['error']['404']); + + if(isset($_POST['mode']) && $_POST['mode'] == "edit") + { + $query = prepare(sprintf("UPDATE `posts_%s` SET `name` = :name,`email` = :email,`subject` = :subject,`body` = :body WHERE `id` = :id",$board)); + $query->bindValue(':id', $post); + $query->bindValue('name', $_POST['name']); + $query->bindValue(':email', $_POST['email']); + $query->bindValue(':subject', $_POST['subject']); + $query->bindValue(':body', $_POST['body']); + $query->execute() or error(db_error($query)); + + header('Location: ?/' . sprintf($config['board_path'], $board) . $config['file_index'], true, $config['redirect_http']); + } else { + $args = array( + 'token' => $security_token, + 'name' => $_post['name'], + 'email' => $_post['email'], + 'subject' => $_post['subject'], + 'body' => $_post['body'], + 'mode' => "edit" + ); + + mod_page(_('Edit post'), 'mod/edit_post_form.html', $args); + } } function mod_delete($board, $post) { diff --git a/templates/mod/edit_post_form.html b/templates/mod/edit_post_form.html index ac7e207f..6748435e 100644 --- a/templates/mod/edit_post_form.html +++ b/templates/mod/edit_post_form.html @@ -1,27 +1,27 @@
- {% if not config.field_disable_name or (mod and post.mod|hasPermission(config.mod.bypass_field_disable, board.uri)) %} + - {% endif %} - {% if not config.field_disable_email or (mod and post.mod|hasPermission(config.mod.bypass_field_disable, board.uri)) %} + + - {% endif %} + @@ -29,27 +29,12 @@ {% trans %}Comment{% endtrans %} - - + +
{% trans %}Name{% endtrans %} - +
{% trans %}Email{% endtrans %} - +
{% trans %}Subject{% endtrans %} - +
- +
- {% trans %}Flags{% endtrans %} - - {% if not id and post.mod|hasPermission(config.mod.sticky, board.uri) %}
- -
-
{% endif %} - {% if not id and post.mod|hasPermission(config.mod.lock, board.uri) %}
-
- -
{% endif %} - {% if post.mod|hasPermission(config.mod.rawhtml, board.uri) %}
-
- -
{% endif %} -