isLoggedIn()) { echo render_info('You must be logged in to manage posts.', 401); return; } $currentUser = $msz->getActiveUser(); $currentUserId = $currentUser === null ? '0' : $currentUser->getId(); if($postMode !== '' && $msz->hasActiveBan()) { echo render_info('You have been banned, check your profile for more information.', 403); return; } $postInfo = forum_post_get($postId, true); $perms = empty($postInfo) ? 0 : forum_perms_get_user($postInfo['forum_id'], $currentUserId)[MSZ_FORUM_PERMS_GENERAL]; switch($postMode) { case 'delete': $canDelete = forum_post_can_delete($postInfo, $currentUserId); $canDeleteMsg = ''; $responseCode = 200; switch($canDelete) { case MSZ_E_FORUM_POST_DELETE_USER: // i don't think this is ever reached but we may as well have it $responseCode = 401; $canDeleteMsg = 'You must be logged in to delete posts.'; break; case MSZ_E_FORUM_POST_DELETE_POST: $responseCode = 404; $canDeleteMsg = "This post doesn't exist."; break; case MSZ_E_FORUM_POST_DELETE_DELETED: $responseCode = 404; $canDeleteMsg = 'This post has already been marked as deleted.'; break; case MSZ_E_FORUM_POST_DELETE_OWNER: $responseCode = 403; $canDeleteMsg = 'You can only delete your own posts.'; break; case MSZ_E_FORUM_POST_DELETE_OLD: $responseCode = 401; $canDeleteMsg = 'This post has existed for too long. Ask a moderator to remove if it absolutely necessary.'; break; case MSZ_E_FORUM_POST_DELETE_PERM: $responseCode = 401; $canDeleteMsg = 'You are not allowed to delete posts.'; break; case MSZ_E_FORUM_POST_DELETE_OP: $responseCode = 403; $canDeleteMsg = 'This is the opening post of a topic, it may not be deleted without deleting the entire topic as well.'; break; case MSZ_E_FORUM_POST_DELETE_OK: break; default: $responseCode = 500; $canDeleteMsg = sprintf('Unknown error \'%d\'', $canDelete); } if($canDelete !== MSZ_E_FORUM_POST_DELETE_OK) { echo render_info($canDeleteMsg, $responseCode); break; } if($postRequestVerified && !$submissionConfirmed) { url_redirect('forum-post', [ 'post' => $postInfo['post_id'], 'post_fragment' => 'p' . $postInfo['post_id'], ]); break; } elseif(!$postRequestVerified) { Template::render('forum.confirm', [ 'title' => 'Confirm post deletion', 'class' => 'far fa-trash-alt', 'message' => sprintf('You are about to delete post #%d. Are you sure about that?', $postInfo['post_id']), 'params' => [ 'p' => $postInfo['post_id'], 'm' => 'delete', ], ]); break; } $deletePost = forum_post_delete($postInfo['post_id']); if($deletePost) { $msz->createAuditLog('FORUM_POST_DELETE', [$postInfo['post_id']]); } if(!$deletePost) { echo render_error(500); break; } url_redirect('forum-topic', ['topic' => $postInfo['topic_id']]); break; case 'nuke': if(!perms_check($perms, MSZ_FORUM_PERM_DELETE_ANY_POST)) { echo render_error(403); break; } if($postRequestVerified && !$submissionConfirmed) { url_redirect('forum-post', [ 'post' => $postInfo['post_id'], 'post_fragment' => 'p' . $postInfo['post_id'], ]); break; } elseif(!$postRequestVerified) { Template::render('forum.confirm', [ 'title' => 'Confirm post nuke', 'class' => 'fas fa-radiation', 'message' => sprintf('You are about to PERMANENTLY DELETE post #%d. Are you sure about that?', $postInfo['post_id']), 'params' => [ 'p' => $postInfo['post_id'], 'm' => 'nuke', ], ]); break; } $nukePost = forum_post_nuke($postInfo['post_id']); if(!$nukePost) { echo render_error(500); break; } $msz->createAuditLog('FORUM_POST_NUKE', [$postInfo['post_id']]); url_redirect('forum-topic', ['topic' => $postInfo['topic_id']]); break; case 'restore': if(!perms_check($perms, MSZ_FORUM_PERM_DELETE_ANY_POST)) { echo render_error(403); break; } if($postRequestVerified && !$submissionConfirmed) { url_redirect('forum-post', [ 'post' => $postInfo['post_id'], 'post_fragment' => 'p' . $postInfo['post_id'], ]); break; } elseif(!$postRequestVerified) { Template::render('forum.confirm', [ 'title' => 'Confirm post restore', 'class' => 'fas fa-magic', 'message' => sprintf('You are about to restore post #%d. Are you sure about that?', $postInfo['post_id']), 'params' => [ 'p' => $postInfo['post_id'], 'm' => 'restore', ], ]); break; } $restorePost = forum_post_restore($postInfo['post_id']); if(!$restorePost) { echo render_error(500); break; } $msz->createAuditLog('FORUM_POST_RESTORE', [$postInfo['post_id']]); url_redirect('forum-topic', ['topic' => $postInfo['topic_id']]); break; default: // function as an alt for topic.php?p= by default url_redirect('forum-post', [ 'post' => $postInfo['post_id'], 'post_fragment' => 'p' . $postInfo['post_id'], ]); break; }