diff -ubBr --exclude=uploads --exclude=images --exclude=images_pcf --exclude=config.php --exclude=languages --exclude=settings.php Upload/editpost.php forum/editpost.php --- Upload/editpost.php 2006-09-03 14:55:50.000000000 +0200 +++ forum/editpost.php 2006-09-06 13:14:05.000000000 +0200 @@ -82,6 +82,11 @@ $mybb->input['action'] = "editpost"; } +// KK: edit_and_delete_only_last_post.mod +$query = $db->simple_select(TABLE_PREFIX."posts", "MAX(pid) as lastpostpid", "tid='$tid'") ; +$lastpost = $db->fetch_array($query); +// KK^ + if($mybb->input['action'] == "deletepost" && $mybb->request_method == "post") { if(is_moderator($fid, "candeleteposts") != "yes") @@ -98,6 +103,12 @@ { error_no_permission(); } + // KK: edit_and_delete_only_last_post.mod + if ($lastpost['lastpostpid'] != $pid) + { + error_no_permission(); + } + // KK^ } } else @@ -116,6 +127,12 @@ { error_no_permission(); } + // KK: edit_and_delete_only_last_post.mod + if ($lastpost['lastpostpid'] != $pid) + { + error_no_permission(); + } + // KK^ // Edit time limit $time = time(); if($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < ($time-($mybb->settings['edittimelimit']*60))) diff -ubBr --exclude=uploads --exclude=images --exclude=images_pcf --exclude=config.php --exclude=languages --exclude=settings.php Upload/inc/functions_post.php forum/inc/functions_post.php --- Upload/inc/functions_post.php 2006-09-03 15:03:47.000000000 +0200 +++ forum/inc/functions_post.php 2006-09-11 15:28:31.000000000 +0200 @@ -321,13 +325,15 @@ $post['editnote'] = sprintf($lang->postbit_edited, $post['editdate'], $post['edittime']); eval("\$post['editedmsg'] = \"".$templates->get("postbit_editedby")."\";"); } - if((is_moderator($fid, "caneditposts") == "yes" || ($forumpermissions['caneditposts'] == 'yes' && $mybb->user['uid'] == $post['uid'])) && $mybb->user['uid'] != 0) +// if((is_moderator($fid, "caneditposts") == "yes" || ($forumpermissions['caneditposts'] == 'yes' && $mybb->user['uid'] == $post['uid'])) && $mybb->user['uid'] != 0) // KK: edit_and_delete_only_last_post.mod + if((is_moderator($fid, "caneditposts") == "yes" || ($forumpermissions['caneditposts'] == 'yes' && $mybb->user['uid'] == $post['uid'] && $post['lastpostpid'] == $post['pid'])) && $mybb->user['uid'] != 0) { eval("\$post['button_edit'] = \"".$templates->get("postbit_edit")."\";"); } // Quick Delete button $can_delete = 'no'; - if($mybb->user['uid'] == $post['uid']) +// if($mybb->user['uid'] == $post['uid']) // KK: edit_and_delete_only_last_post.mod + if($mybb->user['uid'] == $post['uid'] && $post['lastpostpid'] == $post['pid']) { if($forumpermissions['candeletethreads'] == "yes" && $postcounter == 1) { diff -ubBr --exclude=uploads --exclude=images --exclude=images_pcf --exclude=config.php --exclude=languages --exclude=settings.php Upload/showthread.php forum/showthread.php --- Upload/showthread.php 2006-09-03 15:10:03.000000000 +0200 +++ forum/showthread.php 2006-09-11 16:35:55.000000000 +0200 @@ -558,6 +558,11 @@ error($lang->invalidpost); } + // KK: edit_and_delete_only_last_post.mod + $query = $db->simple_select(TABLE_PREFIX."posts", "MAX(pid) as lastpostpid", "tid='$tid'") ; + $showpost['lastpostpid'] = $db->fetch_array($query); + // KK^ + // Get the attachments for this post. $query = $db->simple_select(TABLE_PREFIX."attachments", "*", "pid=".$mybb->input['pid']); while($attachment = $db->fetch_array($query)) @@ -654,6 +698,11 @@ eval("\$threadpages = \"".$templates->get("showthread_multipage")."\";"); } + // KK: edit_and_delete_only_last_post.mod + $query = $db->simple_select(TABLE_PREFIX."posts", "MAX(pid) as lastpostpid", "tid='$tid'") ; + $lastpost = $db->fetch_array($query); + // KK^ + // Lets get the pids of the posts on this page. $pids = ""; $comma = ''; @@ -697,6 +746,7 @@ { $post['visible'] = 0; } + $post['lastpostpid'] = $lastpost['lastpostpid'] ; // KK: edit_and_delete_only_last_post.mod $posts .= build_postbit($post); $post = ''; $pfirst = false; diff -ubBr --exclude=uploads --exclude=images --exclude=images_pcf --exclude=config.php --exclude=languages --exclude=settings.php Upload/xmlhttp.php forum/xmlhttp.php --- Upload/xmlhttp.php 2006-09-03 15:10:30.000000000 +0200 +++ forum/xmlhttp.php 2006-09-17 16:06:13.000000000 +0200 @@ -139,6 +139,7 @@ // This action provides editing of thread/post subjects from within their respective list pages. else if($mybb->input['action'] == "edit_subject" && $mybb->request_method == "post") { + $this_is_lastpost = FALSE ; // KK: edit_and_delete_only_last_post.mod // Editing a post subject. if($mybb->input['pid']) { @@ -153,6 +154,11 @@ // Fetch the thread associated with this post. $thread = get_thread($post['tid']); + + // KK: edit_and_delete_only_last_post.mod + if ($thread['lastpost'] == $post['tid']) + $this_is_lastpost = TRUE ; + // KK^ } // We're editing a thread subject. @@ -168,6 +174,10 @@ ); $query = $db->simple_select(TABLE_PREFIX."posts", "pid,uid,dateline", "tid='".$thread['tid']."'", $query_options); $post = $db->fetch_array($query); + // KK: edit_and_delete_only_last_post.mod + if ($thread['replies'] == 0) + $this_is_lastpost = TRUE ; + // KK^ } // Fetch the specific forum this thread/post is in. $forum = get_forum($thread['fid']); @@ -200,6 +210,12 @@ $lang->edit_time_limit = sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']); xmlhttp_error($lang->edit_time_limit); } + // KK: edit_and_delete_only_last_post.mod + elseif (!$this_is_lastpost) + { + xmlhttp_error($lang->no_permission_edit_subject); + } + // KK^ $ismod = false; } else @@ -291,6 +307,11 @@ xmlhttp_error($lang->thread_doesnt_exist); } + // KK: edit_and_delete_only_last_post.mod + $query = $db->simple_select(TABLE_PREFIX."posts", "MAX(pid) as lastpostpid", "tid='" . $post['tid'] . "'") ; + $lastpost = $db->fetch_array($query); + // KK^ + // Fetch forum permissions. $forumpermissions = forum_permissions($forum['fid']); @@ -313,6 +334,12 @@ $lang->edit_time_limit = sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']); xmlhttp_error($lang->edit_time_limit); } + // KK: edit_and_delete_only_last_post.mod + elseif ($lastpost['lastpostpid'] != $post['pid']) + { + xmlhttp_error($lang->no_permission_edit_post); + } + // KK^ } if($mybb->input['do'] == "get_post") {