[Summary view] [Print] [Text view]

   1  <?php
   2  require ( './bb-load.php' );
   3  
   4  if ( bb_is_login_required() )
   5      bb_auth( 'logged_in' );
   6  
   7  bb_check_post_flood();
   8  
   9  if ( !$post_content = trim( $_POST['post_content'] ) )
  10      bb_die( __( 'You need to actually submit some content!' ) );
  11  
  12  $post_author = $post_email = $post_url = '';
  13  
  14  if ( !bb_is_user_logged_in() ) {
  15      if ( bb_is_login_required() ) {
  16          bb_die( __( 'You are not allowed to post.  Are you logged in?' ) );
  17      } else {
  18          if ( !$post_author = sanitize_user( trim( $_POST['author'] ) ) )
  19              bb_die( __( 'You need to submit your name!' ) );
  20          elseif ( !$post_email = sanitize_email( trim( $_POST['email'] ) ) )
  21              bb_die( __( 'You need to submit a valid email address!' ) );
  22  
  23          if ( !empty( $_POST['url'] ) )
  24              $post_url = esc_url( trim( $_POST['url'] ) );
  25      }
  26  }
  27  
  28  
  29  
  30  if ( isset($_POST['topic']) && $forum_id = (int) $_POST['forum_id'] ) {
  31      if ( bb_is_login_required() && ! bb_current_user_can('write_posts') )
  32          bb_die(__('You are not allowed to post.  Are you logged in?'));
  33  
  34      if ( bb_is_login_required() && ! bb_current_user_can( 'write_topic', $forum_id ) )
  35          bb_die(__('You are not allowed to write new topics.'));
  36  
  37      bb_check_admin_referer( 'create-topic' );
  38  
  39      $topic = trim( $_POST['topic'] );
  40      $tags  = trim( $_POST['tags']  );
  41  
  42      if ('' == $topic)
  43          bb_die(__('Please enter a topic title'));
  44  
  45      $args = array();
  46  
  47      if ( isset( $post_author ) )
  48          $args['topic_poster_name'] = $args['topic_last_poster_name'] = $post_author;
  49  
  50      $topic_id = bb_new_topic( $topic, $forum_id, $tags, $args );
  51  
  52  } elseif ( isset($_POST['topic_id'] ) ) {
  53      $topic_id = (int) $_POST['topic_id'];
  54      bb_check_admin_referer( 'create-post_' . $topic_id );
  55  }
  56  
  57  if ( bb_is_login_required() && ! bb_current_user_can( 'write_post', $topic_id ) )
  58      bb_die(__('You are not allowed to post.  Are you logged in?'));
  59  
  60  if ( !topic_is_open( $topic_id ) )
  61      bb_die(__('This topic has been closed'));
  62  
  63  $post_data = array(
  64      'post_text' => stripslashes($_POST['post_content']),
  65      'topic_id' => $topic_id,
  66  );
  67  
  68  foreach( array('post_author', 'post_email', 'post_url') as $field ) {
  69      if ( ! empty( $$field ) ) {
  70          $post_data[$field] = $$field;
  71      }
  72  }
  73  
  74  $post_id = bb_insert_post($post_data);
  75  
  76  $tags  = trim( $_POST['tags']  );
  77  bb_add_topic_tags( $topic_id, $tags );
  78  
  79  $topic = get_topic( $topic_id, false );
  80  $link = get_post_link($post_id);
  81  
  82  if ( $topic->topic_posts )
  83      $link = add_query_arg( 'replies', $topic->topic_posts, $link );
  84  
  85  // This action used to be bb_post.php, changed to avoid conflict in bb_load_template()
  86  do_action( 'bb-post.php', $post_id );
  87  if ($post_id)
  88      wp_redirect( $link );
  89  else
  90      wp_redirect( bb_get_uri(null, null, BB_URI_CONTEXT_HEADER) );
  91  exit;