diff options
Diffstat (limited to 'lib/VNWeb/Discussions/Edit.pm')
-rw-r--r-- | lib/VNWeb/Discussions/Edit.pm | 67 |
1 files changed, 36 insertions, 31 deletions
diff --git a/lib/VNWeb/Discussions/Edit.pm b/lib/VNWeb/Discussions/Edit.pm index dddc1ac8..06fb2397 100644 --- a/lib/VNWeb/Discussions/Edit.pm +++ b/lib/VNWeb/Discussions/Edit.pm @@ -5,29 +5,26 @@ use VNWeb::Discussions::Lib; my $FORM = { - tid => { required => 0, vndbid => 't' }, # Thread ID, only when editing a post + tid => { default => undef, vndbid => 't' }, # Thread ID, only when editing a post - title => { required => 0, maxlength => 50 }, - boards => { required => 0, sort_keys => [ 'boardtype', 'iid' ], aoh => { - btype => { enum => \%BOARD_TYPE }, - iid => { required => 0, default => 0, id => 1 }, # - title => { required => 0 }, - } }, - poll => { required => 0, type => 'hash', keys => { - question => { maxlength => 100 }, + title => { default => undef, sl => 1, maxlength => 50 }, + boards => { default => undef, sort_keys => [ 'boardtype', 'iid' ], aoh => $VNWeb::Elm::apis{BoardResult}[0]{aoh} }, + poll => { default => undef, type => 'hash', keys => { + question => { sl => 1, maxlength => 100 }, max_options => { uint => 1, min => 1, max => 20 }, # - options => { type => 'array', values => { maxlength => 100 }, minlength => 2, maxlength => 20 }, + options => { type => 'array', values => { sl => 1, maxlength => 100 }, minlength => 2, maxlength => 20 }, } }, - can_mod => { anybool => 1, _when => 'out' }, - can_private => { anybool => 1, _when => 'out' }, - locked => { anybool => 1 }, # When can_mod - hidden => { anybool => 1 }, # When can_mod - private => { anybool => 1 }, # When can_private - nolastmod => { anybool => 1, _when => 'in' }, # When can_mod - delete => { anybool => 1 }, # When can_mod + can_mod => { anybool => 1, _when => 'out' }, + can_private => { anybool => 1, _when => 'out' }, + locked => { anybool => 1 }, # When can_mod + hidden => { anybool => 1 }, # When can_mod + boards_locked => { anybool => 1 }, # When can_mod + private => { anybool => 1 }, # When can_private + nolastmod => { anybool => 1, _when => 'in' }, # When can_mod + delete => { anybool => 1 }, # When can_mod - msg => { maxlength => 32768 }, + msg => { maxlength => 32768 }, }; my $FORM_OUT = form_compile out => $FORM; @@ -39,7 +36,7 @@ elm_api DiscussionsEdit => $FORM_OUT, $FORM_IN, sub { my $tid = $data->{tid}; my $t = !$tid ? {} : tuwf->dbRowi(' - SELECT t.id, t.poll_question, t.poll_max_options, t.hidden, tp.num, tp.uid AS user_id,', sql_totime('tp.date'), 'AS date + SELECT t.id, t.poll_question, t.poll_max_options, t.boards_locked, t.hidden, tp.num, tp.uid AS user_id,', sql_totime('tp.date'), 'AS date FROM threads t JOIN threads_posts tp ON tp.tid = t.id AND tp.num = 1 WHERE t.id =', \$tid, @@ -47,13 +44,14 @@ elm_api DiscussionsEdit => $FORM_OUT, $FORM_IN, sub { return tuwf->resNotFound if $tid && !$t->{id}; return elm_Unauth if !can_edit t => $t; + tuwf->dbExeci(q{DELETE FROM notifications WHERE iid =}, \$tid) if $tid && auth->permBoardmod && ($data->{delete} || $data->{hidden}); + if($tid && $data->{delete} && auth->permBoardmod) { auth->audit($t->{user_id}, 'post delete', "deleted $tid.1"); tuwf->dbExeci('DELETE FROM threads WHERE id =', \$tid); - tuwf->dbExeci(q{DELETE FROM notifications WHERE iid =}, \$tid); return elm_Redirect '/t'; } - auth->audit($t->{user_id}, 'post edit', "edited $tid.1") if $tid && $t->{user_id} != auth->uid; + auth->audit($t->{user_id}, 'post edit', "edited $tid.1") if $tid && $t->{user_id} ne auth->uid; die "Invalid title" if !length $data->{title}; @@ -78,6 +76,7 @@ elm_api DiscussionsEdit => $FORM_OUT, $FORM_IN, sub { auth->permBoardmod ? ( hidden => $data->{hidden}, locked => $data->{locked}, + boards_locked => $data->{boards_locked}, ) : (), auth->isMod ? ( private => $data->{private} @@ -86,8 +85,10 @@ elm_api DiscussionsEdit => $FORM_OUT, $FORM_IN, sub { tuwf->dbExeci('UPDATE threads SET', $thread, 'WHERE id =', \$tid) if $tid; $tid = tuwf->dbVali('INSERT INTO threads', $thread, 'RETURNING id') if !$tid; - tuwf->dbExeci('DELETE FROM threads_boards WHERE tid =', \$tid); - tuwf->dbExeci('INSERT INTO threads_boards', { tid => $tid, type => $_->{btype}, iid => $_->{iid}//0 }) for $data->{boards}->@*; + if(auth->permBoardmod || !$t->{boards_locked}) { + tuwf->dbExeci('DELETE FROM threads_boards WHERE tid =', \$tid); + tuwf->dbExeci('INSERT INTO threads_boards', { tid => $tid, type => $_->{btype}, iid => $_->{iid} }) for $data->{boards}->@*; + } if($pollchanged) { tuwf->dbExeci('DELETE FROM threads_poll_options WHERE tid =', \$tid); @@ -109,13 +110,17 @@ elm_api DiscussionsEdit => $FORM_OUT, $FORM_IN, sub { TUWF::get qr{(?:/t/(?<board>$BOARD_RE)/new|/$RE{tid}\.1/edit)}, sub { - my($board_type, $board_id) = (tuwf->capture('board')||'') =~ /^([^0-9]+)([0-9]*)$/; + my $board_id = tuwf->capture('board')||''; + my($board_type) = $board_id =~ /^([^0-9]+)/; + $board_id = $board_id =~ /[0-9]$/ ? dbobj $board_id : undef; my $tid = tuwf->capture('id'); + return tuwf->resNotFound if $board_id && !$board_id->{id}; + $board_type = 'ge' if $board_type && $board_type eq 'an' && !auth->permBoardmod; my $t = !$tid ? {} : tuwf->dbRowi(' - SELECT t.id, tp.tid, t.title, t.locked, t.private, t.hidden, t.poll_question, t.poll_max_options, tp.msg, tp.uid AS user_id,', sql_totime('tp.date'), 'AS date + SELECT t.id, tp.tid, t.title, t.locked, t.boards_locked, t.private, t.hidden, t.poll_question, t.poll_max_options, tp.msg, tp.uid AS user_id,', sql_totime('tp.date'), 'AS date FROM threads t JOIN threads_posts tp ON tp.tid = t.id AND tp.num = 1 WHERE t.id =', \$tid, @@ -133,14 +138,13 @@ TUWF::get qr{(?:/t/(?<board>$BOARD_RE)/new|/$RE{tid}\.1/edit)}, sub { } else { $t->{boards} = [ { btype => $board_type, - iid => $board_id||0, - title => !$board_id ? undef : - tuwf->dbVali('SELECT title FROM', sql_boards(), 'x WHERE btype =', \$board_type, 'AND iid =', \$board_id) + iid => $board_id ? $board_id->{id} : undef, + title => $board_id ? $board_id->{title} : undef, } ]; - return tuwf->resNotFound if $board_id && !length $t->{boards}[0]{title}; - push $t->{boards}->@*, { btype => 'u', iid => auth->uid, title => auth->user->{user_name} } - if $board_type eq 'u' && $board_id != auth->uid; + push $t->{boards}->@*, { btype => 'u', iid => auth->uid, title => [undef,auth->user->{user_name}] } + if $board_type eq 'u' && $board_id->{id} ne auth->uid; } + $_->{title} = $_->{title} && $_->{title}[1] for $t->{boards}->@*; $t->{can_mod} = auth->permBoardmod; $t->{can_private} = auth->isMod; @@ -151,6 +155,7 @@ TUWF::get qr{(?:/t/(?<board>$BOARD_RE)/new|/$RE{tid}\.1/edit)}, sub { $t->{tid} //= undef; $t->{private} //= auth->isMod && tuwf->reqGet('priv') ? 1 : 0; $t->{locked} //= 0; + $t->{boards_locked} //= 0; $t->{delete} = 0; framework_ title => $tid ? 'Edit thread' : 'Create new thread', sub { |