From bceb314ce6f53247a307cf2d452238fd96d24d07 Mon Sep 17 00:00:00 2001 From: Michael Save Date: Thu, 24 Jan 2013 04:16:09 +1100 Subject: [PATCH] Major fixes and clean-up for edit form --- inc/config.php | 4 ++-- inc/mod/pages.php | 36 ++++++++++++++++-------------------- mod.php | 2 +- templates/mod/edit_post_form.html | 17 ++++++++--------- 4 files changed, 27 insertions(+), 32 deletions(-) diff --git a/inc/config.php b/inc/config.php index de09ee45..15deaeae 100644 --- a/inc/config.php +++ b/inc/config.php @@ -920,8 +920,8 @@ $config['mod']['bumplock'] = MOD; // View whether a thread has been bumplocked ("-1" to allow non-mods to see too) $config['mod']['view_bumplock'] = MOD; - // Edit posts (EXPERIMENTAL) - $config['mod']['editpost'] = MOD; + // Edit posts + $config['mod']['editpost'] = ADMIN; // "Move" a thread to another board (EXPERIMENTAL; has some known bugs) $config['mod']['move'] = DISABLED; // Bypass "field_disable_*" (forced anonymity, etc.) diff --git a/inc/mod/pages.php b/inc/mod/pages.php index 4384412b..1a55ec7d 100644 --- a/inc/mod/pages.php +++ b/inc/mod/pages.php @@ -986,7 +986,7 @@ function mod_ban_post($board, $delete, $post, $token = false) { mod_page(_('New ban'), 'mod/ban_form.html', $args); } -function mod_edit_post($board, $post) { +function mod_edit_post($board, $postID) { global $config, $mod; if (!openBoard($board)) @@ -995,37 +995,33 @@ function mod_edit_post($board, $post) { if (!hasPermission($config['mod']['editpost'], $board)) error($config['error']['noaccess']); - $security_token = make_secure_link_token($board . '/ban/' . $post); + $security_token = make_secure_link_token($board . '/edit/' . $postID); $query = prepare(sprintf('SELECT * FROM `posts_%s` WHERE `id` = :id', $board)); - $query->bindValue(':id', $post); + $query->bindValue(':id', $postID); $query->execute() or error(db_error($query)); - if (!$_post = $query->fetch(PDO::FETCH_ASSOC)) + if (!$post = $query->fetch(PDO::FETCH_ASSOC)) error($config['error']['404']); - if(isset($_POST['mode']) && $_POST['mode'] == "edit") - { - $query = prepare(sprintf("UPDATE `posts_%s` SET `name` = :name,`email` = :email,`subject` = :subject,`body` = :body WHERE `id` = :id",$board)); - $query->bindValue(':id', $post); + if (isset($_POST['name'], $_POST['email'], $_POST['subject'], $_POST['body'])) { + $query = prepare(sprintf('UPDATE `posts_%s` SET `name` = :name, `email` = :email, `subject` = :subject, `body_nomarkup` = :body WHERE `id` = :id', $board)); + $query->bindValue(':id', $postID); $query->bindValue('name', $_POST['name']); $query->bindValue(':email', $_POST['email']); $query->bindValue(':subject', $_POST['subject']); $query->bindValue(':body', $_POST['body']); $query->execute() or error(db_error($query)); - - header('Location: ?/' . sprintf($config['board_path'], $board) . $config['file_index'], true, $config['redirect_http']); + + rebuildPost($postID); + buildIndex(); + + header('Location: ?/' . sprintf($config['board_path'], $board) . $config['dir']['res'] . sprintf($config['file_page'], $post['thread'] ? $post['thread'] : $postID) . '#' . $postID, true, $config['redirect_http']); } else { - $args = array( - 'token' => $security_token, - 'name' => $_post['name'], - 'email' => $_post['email'], - 'subject' => $_post['subject'], - 'body' => $_post['body'], - 'mode' => "edit" - ); - - mod_page(_('Edit post'), 'mod/edit_post_form.html', $args); + if ($config['minify_html']) + $post['body_nomarkup'] = str_replace("\n", ' ', $post['body_nomarkup']); + + mod_page(_('Edit post'), 'mod/edit_post_form.html', array('token' => $security_token, 'post' => $post)); } } diff --git a/mod.php b/mod.php index 49010897..7017dd05 100644 --- a/mod.php +++ b/mod.php @@ -61,11 +61,11 @@ $pages = array( '/ban' => 'secure_POST ban', // new ban '/(\w+)/ban(&delete)?/(\d+)' => 'secure_POST ban_post', // ban poster '/(\w+)/move/(\d+)' => 'secure_POST move', // move thread + '/(\w+)/edit/(\d+)' => 'secure_POST edit_post', // edit post '/(\w+)/delete/(\d+)' => 'secure delete', // delete post '/(\w+)/deletefile/(\d+)' => 'secure deletefile', // delete file from post '/(\w+)/deletebyip/(\d+)(/global)?' => 'secure deletebyip', // delete all posts by IP address '/(\w+)/(un)?lock/(\d+)' => 'secure lock', // lock thread - '/(\w+)/edit/(\d+)' => 'secure edit_post', // edit post '/(\w+)/(un)?sticky/(\d+)' => 'secure sticky', // sticky thread '/(\w+)/bump(un)?lock/(\d+)' => 'secure bumplock', // "bumplock" thread diff --git a/templates/mod/edit_post_form.html b/templates/mod/edit_post_form.html index 6748435e..22fa40cb 100644 --- a/templates/mod/edit_post_form.html +++ b/templates/mod/edit_post_form.html @@ -1,11 +1,13 @@ -
+ + + @@ -13,7 +15,7 @@ {% trans %}Email{% endtrans %} @@ -21,7 +23,8 @@ {% trans %}Subject{% endtrans %} @@ -29,12 +32,8 @@ {% trans %}Comment{% endtrans %} - - - -
{% trans %}Name{% endtrans %} - +
- +
- + +
- +