"Edit Post" hack

This hack is based on a post by Age Manocchia and tested on Phorum 3.3.2a. Posters can edit their own messages. It includes another minor hack enabling Moderators to edit/remove posts in flat view (normally only possible from threaded view). The hack consists of a few changes in read.php and a new file edit.php which is adapted from moderator.php with a little bit out of form.php.

When you a have a clean Phorum install, you can just put read.php and edit.php in your Phorum directory, after you've saved the original files for your own safety.

Regards,

Gertjan de Back

Ah, I posted this one in the Beta forum because it's not tested thoroughly yet, but it works fine in the phorum I run.

Regards,

Gertjan

When I installed this with 3.3.2a, on a phorum that has a mix of login-users ang annon-users, I could edit **anyones** message - not just my own.

I am set as a moderator.. but I logged out and posted under a new name..

Any ideas? I would **die** to be able to actually use this..

[www.noahonline.net]

Matt Runo

Matt Runo wrote:
>
> When I installed this with 3.3.2a, on a phorum that has a mix
> of login-users ang annon-users, I could edit **anyones**
> message - not just my own.

Oops. The board I run does not allow anonymous posts, that may be causing the trouble. I'll look into it but can use suggestions of course.

Regards,

Gertjan

As the hack is based on session_id info from the users database, it does not work for open forums. At least to prevent anonoymous users to edit everbodies posts, change line 516 from:

<?php } else if ( $thissess==$phorum_auth ) { ?>

to:

<?php } else if ( $head_row["userid"]>0 && isset($users[$head_row["userid"]]) && $thissess==$phorum_auth ) { ?>

Regards,

Gertjan

<HTML>nice job! And btw.. i can edit my post in flat view.

</HTML>

....and sure worth to be implemented in one of the next releases.

Its works perfectly with open forums with mixed logged and unregistered users

But: In the flat-view mode there usually (3.3.2b2) links to reply to one of the messages. So if you don´t want to answer the "parent message" but one of the others, you have to change to the the threaded view, because these links vanished.

Elmar

One other thing. After

//////////////////////////
// END NAVIGATION //
//////////////////////////

if($mod == "update") {

in edit.php, you should probably add

if ($subject == '') {$subject='No Subject';}

since there's no subject line checking.

Gertjan wrote:
>
> ...
> change
> line 516 from:
>
> <?php } else if ( $thissess==$phorum_auth ) { ?>
>
> to:
>
> <?php } else if ( $head_row["userid"]>0 &&
> isset($users[$head_row["userid"]]) && $thissess==$phorum_auth
> ) { ?>

I found that anonymous users could still edit registered user's posts, if the registere user has logged off!

It turns out that $sess_id is "" for anonymous users, and the line

$thissess=$user["sess_id"]; // EDIT HACK: store original session id[

produces "" when the registered user is not logged on. Adding the line

if($thissess==""){$thissess="not logged in";}

after the // EDIT HACK: line above seems to fix it

Note that "not logged in" is just so I can remember why I did it, anything that doesn't look like an MD5 checksum will do.

is there anny one who have a set of files WITH "all" the changes that are listet in this thread...... ?

if you got it then please post it as an update here :-))

Sonny wrote:

> is there anny one who have a set of files WITH "all" the
> changes that are listet in this thread...... ?

Yeah, I'll collect the changes and post them again soon.
Thanks for the input people!

Regards,
Gertjan

This is the ticket!
If only...

I just posted a hack request that is similar to this, except that it would allow any user to completly delete his post (and anything under it).

Would you consider adding this feature?

It would make admin on an "I've got a car for sale" type of board easy to admin. Once the car is sold there is no need for the topic to continue to cluter the forum. Why not allow the user to delete it himself?

I just modified the "Edit Post" hack to allow any logged in poster to delete his own posts.

I added this to edit.php:

<?php echo "<a href=\"$forum_url/delbyuser.php?f=$ForumId&i=$rec_id&t=$thread$GetVars\">";?><FONT color='<?php echo $ForumTableBodyFontColor1; ?>' class="PhorumNav">Delete</a>] </font>

Then copied the admin/del.php file to delbyuser.php in the top level phorum directory and edited it to look like this:

<?php
require "/web/htdocs/phorum/common.php";
require "/web/htdocs/phorum/include/delete_message.php";
delete_messages($i);
header("Location: $forum_url");
exit();
?>

This needs some cleaning up, but it seems to work on both top level threads and any other level post.

Thanks guys!

if there is somewhen a final ;-) -version of the changes here it would be fine to have this one mailed to me.
If all contributors agree, then I would feel free to integrate it in the next release (with an on/off-option on a per-forum basis).

This is the second version of the "Edit Post" hack, tested on Phorum 3.3.2a/b. Registered posters can edit and/or delete their own messages. v0.2 fixed a few quirks found by others. It now works fine on boards with mixed registered and unregistered users and it reinitiates the "reply to this message" link which appears to be lost in the first one.

The hack consists of a few changes in read.php and a new file edit.php which is adapted from moderator.php. Near the top of read.php are two configurable boolean values to toggle the "edit" and "delete" links. This is default:

$enable_edit=true; // allow registered users to EDIT their own posts
$enable_delete=false; // allow registered users to DELETE their own posts

When you a have a clean Phorum install, you can just put read.php and edit.php in your Phorum directory, after you've saved the original files for your own safety.

Contributions by Age Manocchia, B Spade and Rob Walls.

Regards,

Gertjan de Back
gertjan@deback.nl

This is the second version of the "Edit Post" hack, tested on Phorum 3.3.2a/b. Registered posters can edit and/or delete their own messages. v0.2 fixed a few quirks found by others. It now works fine on boards with mixed registered and unregistered users and it reinitiates the "reply to this message" link which appears to be lost in the first one.

The hack consists of a few changes in read.php and a new file edit.php which is adapted from moderator.php. Near the top of read.php are two configurable boolean values to toggle the "edit" and "delete" links. This is default:

$enable_edit=true; // allow registered users to EDIT their own posts
$enable_delete=false; // allow registered users to DELETE their own posts

When you a have a clean Phorum install, you can just put read.php and edit.php in your Phorum directory, after you've saved the original files for your own safety.

Contributions by Age Manocchia, B Spade and Rob Walls.

Regards,

Gertjan de Back
gertjan@deback.nl

why do you check against the session-id?
it would require less changes if you check against the userid, or am I wrong?

Gets MY vote!

I'm having problems with this hack but I really want to use it on my forum. Everything works fine until you submit the edit, it then goes to the thread your post was on but the updates fail to show. I'm using 3.3.2a, any help would be much appreciated!

further to the message from Skerla,
the sql statement, in the Edit.php on 'update' does appear to be valid. but the data is not being updated in the database. the edit hack is 0.2

$sSQL="Update ".$PHORUM['ForumTableName']."_bodies set body='$body' where id=$id";
$q->query($DB, $sSQL);