github/Quit.mwForum
2
0
Fork 1
mirror of https://github.com/Quit/mwForum.git synced 2026-04-04 17:40:10 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
Quit.mwForum/script/post_delete.pl
Quit 78f09cc4fe Updated to 2.29.6
2015-01-03 11:43:36 +01:00

98 lines
3.3 KiB
Perl
Executable File
Raw Permalink Blame History

#!/usr/bin/perl
#------------------------------------------------------------------------------
# mwForum - Web-based discussion forum
# Copyright (c) 1999-2015 Markus Wichitill
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#------------------------------------------------------------------------------
use strict;
use warnings;
no warnings qw(uninitialized redefine);
# Imports
use MwfMain;
#------------------------------------------------------------------------------
# Init
my ($m, $cfg, $lng, $user, $userId) = MwfMain->new($_[0]);
# Get CGI parameters
my $postId = $m->paramInt('pid');
my $notify = $m->paramBool('notify');
my $reason = $m->paramStr('reason');
$postId or $m->error('errParamMiss');
# Check request source authentication
$m->checkSourceAuth() or $m->error('errSrcAuth');
# Get post
my $post = $m->fetchHash("
SELECT posts.*,
topics.pollId, topics.subject
FROM posts AS posts
INNER JOIN topics AS topics
ON topics.id = posts.topicId
WHERE posts.id = ?", $postId);
$post or $m->error('errPstNotFnd');
my $boardId = $post->{boardId};
my $topicId = $post->{topicId};
# Get board
my $board = $m->fetchHash("
SELECT * FROM boards WHERE id = ?", $boardId);
# Check if user can see and write to board
my $boardAdmin = $user->{admin} || $m->boardAdmin($userId, $boardId)
|| $board->{topicAdmins} && $m->topicAdmin($userId, $topicId);
$boardAdmin || $m->boardVisible($board) or $m->error('errNoAccess');
$boardAdmin || $m->boardWritable($board, 1) or $m->error('errNoAccess');
# Check if user owns post or is moderator
$userId && $userId == $post->{userId} || $boardAdmin or $m->error('errNoAccess');
# Check editing time limitation
!$cfg->{postEditTime} || $m->{now} < $post->{postTime} + $cfg->{postEditTime}
|| $boardAdmin || $m->boardMember($userId, $boardId)
or $m->error('errPstEdtTme');
# Check if topic or post is locked
!$m->fetchArray("
SELECT locked FROM topics WHERE id = ?", $topicId)
|| $boardAdmin or $m->error('errTpcLocked');
!$post->{locked} || $boardAdmin or $m->error('errPstLocked');
# Check authorization
$m->checkAuthz($user, 'deletePost');
# Delete post
my $trash = $cfg->{trashBoardId} && $cfg->{trashBoardId} != $boardId;
my $topicDeleted = $m->deletePost($postId, $trash);
$m->recalcStats($boardId, $topicId);
# Add notification message
if ($notify && $post->{userId} && $post->{userId} != $userId) {
if ($topicDeleted) {
$m->addNote('tpcDel', $post->{userId}, 'notTpcDel', tpcSbj => $post->{subject}, reason => $reason);
}
else {
my $url = "topic_show$m->{ext}?tid=$topicId";
$m->addNote('pstDel', $post->{userId}, 'notPstDel', tpcUrl => $url, reason => $reason);
}
}
# Log action and finish
$m->logAction(1, 'post', 'delete', $userId, $boardId, $topicId, $postId);
$m->redirect('board_show', bid => $boardId, msg => 'PstTpcDel') if $topicDeleted;
$m->redirect('topic_show', $post->{parentId} ? (pid => $post->{parentId}) : (tid => $topicId),
msg => 'PstDel');
Reference in New Issue View Git Blame Copy Permalink