Added raw posting ability for mods and admins

2010-06-22 02:26:45 -07:00 · 2010-06-22 02:26:45 -07:00 · a1975b4e5e
commit a1975b4e5e
parent 35cdc592b2
3 changed files with 104 additions and 5 deletions
--- a/imgboard.php
+++ b/imgboard.php
@ -74,6 +74,14 @@ if (isset($_POST["message"]) || isset($_POST["file"])) {
 			clearExpiredBans();
 		}
 	}
 	$modpost = false;
 	if (isset($_POST['modpost'])) {
 		list($loggedin, $isadmin) = manageCheckLogIn();
 		if ($loggedin) {
 			$modpost = true;
 		}
 	}
 	$parent = "0";
 	if (isset($_POST["parent"])) {
@ -108,9 +116,19 @@ if (isset($_POST["message"]) || isset($_POST["file"])) {
 	$post['name'] = cleanString(substr($post['name'], 0, 75));
 	$post['email'] = cleanString(str_replace('"', '&quot;', substr($_POST["email"], 0, 75)));
 	$post['subject'] = cleanString(substr($_POST["subject"], 0, 75));
-	$post['message'] = str_replace("\n", "<br>", colorQuote(cleanString(rtrim($_POST["message"]))));
+	if ($modpost) {
 		if ($isadmin) {
 			$modposttext = ' <span style="color: red;">## Admin</span>';
 		} else {
 			$modposttext = ' <span style="color: purple;">## Mod</span>';
 		}
 		$post['message'] = $_POST["message"];
 	} else {
 		$modposttext = '';
 		$post['message'] = str_replace("\n", "<br>", colorQuote(cleanString(rtrim($_POST["message"]))));
 	}
 	if ($_POST['password'] != '') { $post['password'] = md5(md5($_POST['password'])); } else { $post['password'] = ''; }
-	$post['nameblock'] = nameBlock($post['name'], $post['tripcode'], $post['email'], time());
+	$post['nameblock'] = nameBlock($post['name'], $post['tripcode'], $post['email'], time(), $modposttext);
 	if (isset($_FILES['file'])) {
 		if ($_FILES['file']['name'] != "") {
@ -324,6 +342,9 @@ if (isset($_POST["message"]) || isset($_POST["file"])) {
 				$onload = manageOnLoad('moderate');
 				$text .= manageModeratePostForm();
 			}
 		} elseif (isset($_GET["modpost"])) {
 			$onload = manageOnLoad('modpost');
 			$text .= manageModpostForm();
 		} elseif (isset($_GET["logout"])) {
 			$_SESSION['tinyib'] = '';
 			session_destroy();
--- a/inc/functions.php
+++ b/inc/functions.php
@ -105,7 +105,7 @@ function nameAndTripcode($name) {
 	return array($name, "");
 }
-function nameBlock($name, $tripcode, $email, $timestamp) {
+function nameBlock($name, $tripcode, $email, $timestamp, $modposttext) {
 	$output = '<span class="postername">';
 	if ($name == "" && $tripcode == "") {
@ -124,7 +124,7 @@ function nameBlock($name, $tripcode, $email, $timestamp) {
 		$output = '<a href="mailto:' . $email . '">' . $output . '</a>';
 	}
-	return $output . ' ' . date('y/m/d(D)H:i:s', $timestamp);
+	return $output . $modposttext . ' ' . date('y/m/d(D)H:i:s', $timestamp);
 }
 function writePage($filename, $contents) {
--- a/inc/html.php
+++ b/inc/html.php
@ -323,7 +323,7 @@ function adminBar() {
 	if (!$loggedin) { return '[<a href="' . $returnlink . '">Return</a>]'; }
 	$text = '[';
 	$text .= ($isadmin) ? '<a href="?manage&bans">Bans</a>] [' : '';
-	$text .= '<a href="?manage&moderate">Moderate Post</a>] [';
+	$text .= '<a href="?manage&moderate">Moderate Post</a>] [<a href="?manage&modpost">Mod Post</a>] [';
 	$text .= ($isadmin) ? '<a href="?manage&rebuildall">Rebuild All</a>] [' : '';
 	$text .= '<a href="?manage&logout">Log Out</a>] [<a href="' . $returnlink . '">Return</a>]';
 	return $text;
@ -356,6 +356,8 @@ function manageOnLoad($page) {
 			return ' onload="document.tinyib.password.focus();"';
 		case 'moderate':
 			return ' onload="document.tinyib.moderate.focus();"';
 		case 'modpost':
 			return ' onload="document.tinyib.message.focus();"';
 		case 'bans':
 			return ' onload="document.tinyib.ip.focus();"';
 	}
@ -418,6 +420,82 @@ function manageModeratePostForm() {
 EOF;
 }
 function manageModpostForm() {
 	return <<<EOF
 	<div class="postarea">
 		<form id="tinyib" name="tinyib" method="post" action="?" enctype="multipart/form-data">
 		<input type="hidden" name="modpost" value="1">
 		<input type="hidden" name="MAX_FILE_SIZE" value="2097152">
 		<table class="postform">
 			<tbody>
 				<tr>
 					<td class="postblock">
 						Thread No.
 					</td>
 					<td>
 						<input type="text" name="parent" size="28" maxlength="75" value="0" accesskey="t">&nbsp;(0 for new thread)
 					</td>
 				</tr>
 				<tr>
 					<td class="postblock">
 						Name
 					</td>
 					<td>
 						<input type="text" name="name" size="28" maxlength="75" accesskey="n">
 					</td>
 				</tr>
 				<tr>
 					<td class="postblock">
 						E-mail
 					</td>
 					<td>
 						<input type="text" name="email" size="28" maxlength="75" accesskey="e">
 					</td>
 				</tr>
 				<tr>
 					<td class="postblock">
 						Subject
 					</td>
 					<td>
 						<input type="text" name="subject" size="40" maxlength="75" accesskey="s">
 						<input type="submit" value="Submit" accesskey="z">
 					</td>
 				</tr>
 				<tr>
 					<td class="postblock">
 						Message
 					</td>
 					<td>
 						<textarea name="message" cols="48" rows="4" accesskey="m"></textarea>
 					</td>
 				</tr>
 				<tr>
 					<td class="postblock">
 						File
 					</td>
 					<td>
 						<input type="file" name="file" size="35" accesskey="f">
 					</td>
 				</tr>
 				<tr>
 					<td class="postblock">
 						Password
 					</td>
 					<td>
 						<input type="password" name="password" size="8" accesskey="p">&nbsp;(for post and file deletion)
 					</td>
 				</tr>
 			</tbody>
 		</table>
 		</form>
 	</div>
 	<div style="text-align: center;">
 		All text entered in the "Message" field will be posted AS-IS with absolutely no formatting applied.<br>This means for all line-breaks you must enter the text "&lt;br&gt;".
 	</div>
 	<br>
 EOF;
 }
 function manageModeratePost($post) {
 	global $isadmin;
 	$ban = banByIP($post['ip']);