1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
<?php
use mystic\forum\orm\Attachment;
use mystic\forum\orm\PendingEmail;
use mystic\forum\orm\Post;
use mystic\forum\orm\Subscription;
use mystic\forum\orm\User;
use mystic\forum\utils\RequestUtils;
use Symfony\Component\Mime\Address;
/** @var string $formId */
/** @var string $topicId */
/** @var mystic\forum\orm\Topic $topic */
/** @var \mystic\forum\Database $db */
/** @var \mystic\forum\User $currentUser */
if (!$currentUser) {
http_response_code(403);
msg_error("You need to be logged in to add new posts!");
exit;
}
if ($topic->isLocked) {
http_response_code(403);
msg_error("This topic is locked!");
exit;
}
$attachments = reArrayFiles($_FILES["files"]);
if (count($attachments) > MAX_ATTACHMENT_COUNT)
RequestUtils::triggerFormError(__("Too many attachments"), $formId);
// check all attachments before saving one
foreach ($attachments as $att) {
if ($att["size"] > MAX_ATTACHMENT_SIZE) {
RequestUtils::triggerFormError(__("Individual file size exceeded"), $formId);
}
}
$message = trim(RequestUtils::getRequiredField("message", $formId));
if (strlen($message) < 1 || strlen($message) > 0x8000) {
RequestUtils::triggerFormError(__("Message too short or too long!"), $formId);
}
$item = new Post();
$item->id = $db->generateId();
$item->authorId = $currentUser->id;
$item->topicId = $topicId;
$item->content = $message;
$item->postDate = new DateTimeImmutable();
$item->deleted = false;
$item->edited = false;
$db->insert($item);
foreach ($attachments as $att) {
[
"name" => $name,
"type" => $type,
"tmp_name" => $tmpName,
] = $att;
$attachment = new Attachment();
$attachment->id = $db->generateId();
$attachment->name = $name;
$attachment->mimeType = $type;
$attachment->postId = $item->id;
$attachment->contents = file_get_contents($tmpName);
$db->insert($attachment);
}
if (($_POST["subscribe"] ?? null) === "on") {
$subscription = new Subscription;
$subscription->userId = $currentUser->id;
$subscription->topicId = $topic->id;
if (!$db->fetchWhere($subscription, ["user_id", "topic_id"])) {
$subscription->id = $db->generateId();
$db->insert($subscription);
}
}
/** @var Subscription[] $allSubscriptions */
$allSubscriptions = $db->fetchCustom(Subscription::class, "WHERE topic_id = $1 AND user_id <> $2", [ $topicId, $currentUser->id ]);
foreach ($allSubscriptions as $subscription) {
$subUser = new User;
$subUser->id = $subscription->userId;
if (!$db->fetch($subUser))
continue;
$email = new PendingEmail;
$email->id = $db->generateId();
$email->sender = env("MAILER_FROM");
$email->recipient = (new Address($subUser->email, $subUser->displayName))->toString();
$email->subject = __("Someone made a new post in \"%topic%\"", [
"topic" => $topic->title,
]);
$email->plaintextBody = __("Hello %name%,\n" .
"\n" .
"%otherName% has added the following post to \"%topic%\":\n" .
"%content%\n" .
"\n" .
"Click here to view: %link%\n", [
"name" => $subUser->displayName,
"otherName" => $currentUser->displayName,
"topic" => $topic->title,
"content" => quote_message(html_entity_decode(renderPostSummary($message))),
"link" => env("PUBLIC_URL") . "?_action=viewtopic&topic=" . urlencode($topicId) . "#post-" . urlencode($item->id),
]);
$db->insert($email);
}
header("Location: ?_action=viewtopic&topic=" . urlencode($topicId) . "#form");
|