mirror of
https://github.com/lkddi/nexusphp.git
synced 2026-04-16 05:50:55 +08:00
fix post quote under protected forum
This commit is contained in:
xiaomlove
10
app/Models/ForumMod.php
Normal file
10
app/Models/ForumMod.php
Normal file
@@ -0,0 +1,10 @@
|
||||
<?php
|
||||
|
||||
namespace App\Models;
|
||||
class ForumMod extends NexusModel
|
||||
{
|
||||
protected $table = 'forummods';
|
||||
|
||||
protected $fillable = ['forumid', 'userid'];
|
||||
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
<?php
|
||||
defined('VERSION_NUMBER') || define('VERSION_NUMBER', '1.8.0');
|
||||
defined('RELEASE_DATE') || define('RELEASE_DATE', '2023-04-16');
|
||||
defined('VERSION_NUMBER') || define('VERSION_NUMBER', '1.8.1');
|
||||
defined('RELEASE_DATE') || define('RELEASE_DATE', '2023-04-20');
|
||||
defined('IN_TRACKER') || define('IN_TRACKER', false);
|
||||
defined('PROJECTNAME') || define("PROJECTNAME","NexusPHP");
|
||||
defined('NEXUSPHPURL') || define("NEXUSPHPURL","https://nexusphp.org");
|
||||
|
||||
@@ -6423,4 +6423,54 @@ function username_for_admin(int $id)
|
||||
return new HtmlString(get_username($id, false, true, true, true));
|
||||
}
|
||||
|
||||
function can_view_post($uid, $post)
|
||||
{
|
||||
static $topics = [];
|
||||
static $protectedForumIdArr;
|
||||
static $forumMods;
|
||||
if (!is_array($post)) {
|
||||
$post = \App\Models\Post::query()->findOrFail(intval($post))->toArray();
|
||||
}
|
||||
$topicId = $post['topicid'];
|
||||
if (!isset($topics[$topicId])) {
|
||||
$topics[$topicId] = \App\Models\Topic::query()->findOrFail($topicId);
|
||||
}
|
||||
/** @var \App\Models\Topic $topicInfo */
|
||||
$topicInfo = $topics[$topicId];
|
||||
|
||||
$forumId = $topicInfo->forumid;
|
||||
|
||||
if (is_null($protectedForumIdArr)) {
|
||||
$protectedForumIdArr = [];
|
||||
$protectedForumIds = \Nexus\Database\NexusDB::remember("setting_protected_forum", 600, function () {
|
||||
return \App\Models\Setting::getByName('misc.protected_forum');
|
||||
});
|
||||
$protectedForumIdArr = $protectedForumIds ? preg_split("/[,\s]+/", $protectedForumIds) : [];
|
||||
}
|
||||
if (is_null($forumMods)) {
|
||||
$forumMods = [];
|
||||
$results = \App\Models\ForumMod::query()->get();
|
||||
foreach ($results as $item) {
|
||||
$forumMods[$item->forumid] = $item->userid;
|
||||
}
|
||||
}
|
||||
$isForumMod = isset($forumMods[$forumId]) && $forumMods[$forumId] == $uid;
|
||||
$log = sprintf(
|
||||
"uid: $uid, class: %s, post: {$post['id']}, forumId: $forumId, protectedForumIdArr: %s, forumMods: %s, isForumMod: %s",
|
||||
get_user_class(), json_encode($protectedForumIdArr), json_encode($forumMods), $isForumMod
|
||||
);
|
||||
if (
|
||||
in_array($forumId, $protectedForumIdArr)
|
||||
&& get_user_class() < \App\Models\User::CLASS_ADMINISTRATOR
|
||||
&& $uid != $post['userid']
|
||||
&& $uid != $topicInfo->userid
|
||||
&& !$isForumMod
|
||||
) {
|
||||
do_log("$log, FALSE");
|
||||
return false;
|
||||
}
|
||||
do_log("$log, TRUE");
|
||||
return true;
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
@@ -384,7 +384,7 @@ else // continue an existing session
|
||||
do_log("notSeedBoxMaxSpeedMbps: $notSeedBoxMaxSpeedMbps, upSpeedMbps: $upSpeedMbps");
|
||||
if ($upSpeedMbps > $notSeedBoxMaxSpeedMbps) {
|
||||
(new \App\Repositories\UserRepository())->updateDownloadPrivileges(null, $userid, 'no', 'upload_over_speed');
|
||||
do_log("user: $userid downloading privileges have been disabled! (over speed), notSeedBoxMaxSpeedMbps: $notSeedBoxMaxSpeedMbps > upSpeedMbps: $upSpeedMbps", 'error');
|
||||
do_log("user: $userid downloading privileges have been disabled! (over speed), upSpeedMbps: $upSpeedMbps > notSeedBoxMaxSpeedMbps: $notSeedBoxMaxSpeedMbps", 'error');
|
||||
err("Your downloading privileges have been disabled! (over speed)");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -270,6 +270,9 @@ if ($action == "quotepost")
|
||||
{
|
||||
$postid = intval($_GET["postid"] ?? 0);
|
||||
check_whether_exist($postid, 'post');
|
||||
if (!can_view_post($CURUSER['id'], $postid)) {
|
||||
permissiondenied();
|
||||
}
|
||||
stdhead($lang_forums['head_post_reply']);
|
||||
begin_main_frame();
|
||||
insert_compose_frame($postid, 'quote');
|
||||
@@ -685,15 +688,15 @@ if ($action == "viewtopic")
|
||||
$forumpostad=$Advertisement->get_ad('forumpost');
|
||||
|
||||
//check if privacy protection enabled in this forum
|
||||
$protected_forums = Nexus\Database\NexusDB::remember("setting_protected_forum", 600, function () {
|
||||
return \App\Models\Setting::getByName('misc.protected_forum');
|
||||
});
|
||||
|
||||
if ($protected_forums and in_array(strval($forumid),explode(",",$protected_forums))){
|
||||
$protected_enabled=true;
|
||||
}else{
|
||||
$protected_enabled=false;
|
||||
}
|
||||
// $protected_forums = Nexus\Database\NexusDB::remember("setting_protected_forum", 600, function () {
|
||||
// return \App\Models\Setting::getByName('misc.protected_forum');
|
||||
// });
|
||||
//
|
||||
// if ($protected_forums and in_array(strval($forumid),explode(",",$protected_forums))){
|
||||
// $protected_enabled=true;
|
||||
// }else{
|
||||
// $protected_enabled=false;
|
||||
// }
|
||||
|
||||
foreach ($allPosts as $arr)
|
||||
{
|
||||
@@ -761,15 +764,18 @@ if ($action == "viewtopic")
|
||||
print("</table></div>\n");
|
||||
|
||||
print("<table class=\"main\" width=\"100%\" border=\"1\" cellspacing=\"0\" cellpadding=\"5\">\n");
|
||||
|
||||
|
||||
$body = "<div id=\"pid".$postid."body\">";
|
||||
//hidden content applied to second or higher floor post (for whose user class below Ad , not poster , not mods ,not reply's author)
|
||||
if ($protected_enabled && $pn+$offset>1 && get_user_class()<UC_ADMINISTRATOR && $userid != $base_posterid && $posterid!=$userid && !$is_forummod){
|
||||
//hidden content applied to second or higher floor post (for whose user class below Ad , not poster , not mods ,not reply's author)
|
||||
// if ($protected_enabled && $pn+$offset>1 && get_user_class()<UC_ADMINISTRATOR && $userid != $base_posterid && $posterid!=$userid && !$is_forummod){
|
||||
if ($pn+$offset>1 && !can_view_post($userid, $arr)){
|
||||
//enable content protection
|
||||
$bodyContent = format_comment($lang_forums["text_post_protected"]);
|
||||
$canViewProtected = false;
|
||||
}else{
|
||||
//display normal content
|
||||
$bodyContent = format_comment($arr["body"]);
|
||||
$canViewProtected = true;
|
||||
}
|
||||
if ($highlight){
|
||||
$bodyContent = highlight($highlight,$bodyContent);
|
||||
@@ -795,7 +801,7 @@ if ($action == "viewtopic")
|
||||
|
||||
do_action('post_toolbox', $arr, $allPosts, $CURUSER['id']);
|
||||
|
||||
if ($maypost)
|
||||
if ($maypost && $canViewProtected)
|
||||
print("<a href=\"".htmlspecialchars("?action=quotepost&postid=".$postid)."\"><img class=\"f_quote\" src=\"pic/trans.gif\" alt=\"Quote\" title=\"".$lang_forums['title_reply_with_quote']."\" /></a>");
|
||||
|
||||
if (user_can('postmanage') || $is_forummod)
|
||||
|
||||
Reference in New Issue
Block a user