From 5df6f85854f25581df787241773b8b39e23e8f00 Mon Sep 17 00:00:00 2001 From: Savetheinternet Date: Mon, 3 Jan 2011 01:23:34 +1100 Subject: [PATCH] Don't allow users to post in locked threads' --- inc/config.php | 3 +++ inc/functions.php | 15 +++++++++++++++ post.php | 3 +++ 3 files changed, 21 insertions(+) diff --git a/inc/config.php b/inc/config.php index 0347846c..26607d25 100644 --- a/inc/config.php +++ b/inc/config.php @@ -66,6 +66,7 @@ define('ERROR_FILEEXT', 'Unsupported image format.', true); define('ERROR_NOBOARD', 'Invalid board!', true); define('ERROR_NONEXISTANT', 'Thread specified does not exist.', true); + define('ERROR_LOCKED', 'Thread locked. You may not reply at this time.', true); define('ERROR_NOPOST', 'You didn\'t make a post.', true); define('ERR_INVALIDIMG','Invalid image.', true); define('ERR_FILESIZE', 'Maximum file size: %maxsz% bytes
Your file\'s size: %filesz% bytes', true); @@ -186,6 +187,8 @@ define('MOD_DELETEBYIP', MOD_BAN, true); // Sticky a thread define('MOD_STICKY', MOD_MOD, true); + // Lock a thread + define('MOD_LOCK', MOD_MOD, true); /* Administration */ // Display the contents of instant-config.php diff --git a/inc/functions.php b/inc/functions.php index e5a8023d..a5ec0093 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -118,6 +118,21 @@ } } + function threadLocked($id) { + global $board; + + $query = prepare(sprintf("SELECT `locked` FROM `posts_%s` WHERE `id` = :id AND `thread` IS NULL LIMIT 1", $board['uri'])); + $query->bindValue(':id', $id, PDO::PARAM_INT); + $query->execute() or error(db_error()); + + if(!$post = $query->fetch()) { + // Non-existant, so it can't be locked... + return false; + } + + return (bool) $post['locked']; + } + function threadExists($id) { global $board; diff --git a/post.php b/post.php index cdc51ffd..452aa054 100644 --- a/post.php +++ b/post.php @@ -70,6 +70,9 @@ if(!$OP && !threadExists($post['thread'])) error(ERROR_NONEXISTANT); + if(!$OP && threadLocked($post['thread'])) + error(ERROR_LOCKED); + // Check for a file if($OP) { if(!isset($_FILES['file']['tmp_name']) || empty($_FILES['file']['tmp_name']))