'post', 'preview' => 'preview', 'delete' => 'delete', 'poll_delete' => 'poll_delete', 'poll_add' => 'add_poll_option', 'poll_edit' => 'edit_poll_option', 'mode' => 'mode');
while( list($var, $param) = @each($params) )
{
if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) )
{
$$var = ( !empty($HTTP_POST_VARS[$param]) ) ? htmlspecialchars($HTTP_POST_VARS[$param]) : htmlspecialchars($HTTP_GET_VARS[$param]);
}
else
{
$$var = '';
}
}
$confirm = isset($HTTP_POST_VARS['confirm']) ? true : false;
$params = array('forum_id' => POST_FORUM_URL, 'topic_id' => POST_TOPIC_URL, 'post_id' => POST_POST_URL);
while( list($var, $param) = @each($params) )
{
if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) )
{
$$var = ( !empty($HTTP_POST_VARS[$param]) ) ? intval($HTTP_POST_VARS[$param]) : intval($HTTP_GET_VARS[$param]);
}
else
{
$$var = '';
}
}
$post_parent = (($mode == 'quote' || $mode == 'reply') && $post_id) ? $post_id : 0;
$post_parent = ($HTTP_POST_VARS['post_parent']) ? intval($HTTP_POST_VARS['post_parent']) : $post_parent;
$refresh = $preview || $poll_add || $poll_edit || $poll_delete;
if ( $HTTP_POST_VARS['msg_icon'] )
{
$msg_icon_checked = intval($HTTP_POST_VARS['msg_icon']);
$msg_icon = intval($HTTP_POST_VARS['msg_icon']);
}
else
{
$msg_icon_checked = 0;
}
if ( $HTTP_POST_VARS['more_icon'] )
{
$msg_icon = intval($HTTP_POST_VARS['more_icon']);
}
$selected = ' selected="selected"';
if ( $HTTP_POST_VARS['msg_expire'] )
{
$msg_expire_checked = intval($HTTP_POST_VARS['msg_expire']);
$msg_expire = intval($HTTP_POST_VARS['msg_expire']);
}
else
{
$msg_expire_checked = 0;
}
//
// Set topic type
//
$topic_type = ( !empty($HTTP_POST_VARS['topictype']) ) ? intval($HTTP_POST_VARS['topictype']) : POST_NORMAL;
$topic_type = ( in_array($topic_type, array(POST_NORMAL, POST_STICKY, POST_ANNOUNCE, POST_GLOBAL_ANNOUNCE)) ) ? $topic_type : POST_NORMAL;
//
// If the mode is set to topic review then output
// that review ...
//
if ( $mode == 'topicreview' )
{
require($phpbb_root_path . 'includes/topic_review.'.$phpEx);
topic_review($topic_id, false);
exit;
}
else if ( $mode == 'smilies' )
{
generate_smilies('window', PAGE_POSTING);
exit;
}
else if ( $mode == 'icons' )
{
more_icons(PAGE_POSTING);
exit;
}
//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_POSTING);
init_userprefs($userdata);
//
// End session management
//
check_disable_function(PAGE_POSTING);
$is_jr_admin = ($userdata['user_jr']) ? true : false;
if ( $board_config['login_require'] && !$userdata['session_logged_in'] )
{
$message = $lang['login_require'] . '
' . sprintf($lang['login_require_register'], '', '');
message_die(GENERAL_MESSAGE, $message);
}
if ( !(defined('LANG_MODCP')) )
{
include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_modcp.' . $phpEx);
}
//
// Was cancel pressed? If so then redirect to the appropriate
// page, no point in continuing with any further checks
//
if ( isset($HTTP_POST_VARS['cancel']) )
{
if ( $post_id )
{
$redirect = "viewtopic.$phpEx?" . POST_POST_URL . "=$post_id";
$post_append = "#$post_id";
}
else if ( $topic_id )
{
$redirect = "viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id";
$post_append = '';
}
else if ( $forum_id )
{
$redirect = "viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id";
$post_append = '';
}
else
{
$redirect = "index.$phpEx";
$post_append = '';
}
redirect(append_sid($redirect, true) . $post_append);
}
$user_agent = (isset($HTTP_SERVER_VARS['HTTP_USER_AGENT'])) ? htmlspecialchars(trim(addslashes($HTTP_SERVER_VARS['HTTP_USER_AGENT']))) : htmlspecialchars(trim(addslashes(getenv('HTTP_USER_AGENT'))));
if ( strlen($user_agent) > 100 )
{
$user_agent = substr($user_agent, 0, 100) . '...';
}
$user_agent = serialize(user_agent($user_agent));
//
// What auth type do we need to check?
//
$is_auth = array();
switch( $mode )
{
case 'newtopic':
if ( $topic_type == POST_GLOBAL_ANNOUNCE )
{
$is_auth_type = 'auth_globalannounce';
}
else
if ( $topic_type == POST_ANNOUNCE )
{
$is_auth_type = 'auth_announce';
}
else if ( $topic_type == POST_STICKY )
{
$is_auth_type = 'auth_sticky';
}
else
{
$is_auth_type = 'auth_post';
}
break;
case 'reply':
case 'quote':
$is_auth_type = 'auth_reply';
break;
case 'editpost':
$is_auth_type = 'auth_edit';
break;
case 'delete':
case 'poll_delete':
$is_auth_type = 'auth_delete';
break;
case 'vote':
$is_auth_type = 'auth_vote';
break;
case 'topicreview':
$is_auth_type = 'auth_read';
break;
default:
message_die(GENERAL_MESSAGE, $lang['No_post_mode']);
break;
}
//
// Here we do various lookups to find topic_id, forum_id, post_id etc.
// Doing it here prevents spoofing (eg. faking forum_id, topic_id or post_id
//
$error_msg = '';
$post_data = array();
switch ( $mode )
{
case 'newtopic':
if ( empty($forum_id) )
{
message_die(GENERAL_MESSAGE, $lang['Forum_not_exist']);
}
$sql = "SELECT *
FROM " . FORUMS_TABLE . "
WHERE forum_id = $forum_id";
break;
case 'reply':
case 'vote':
if ( empty( $topic_id) )
{
message_die(GENERAL_MESSAGE, $lang['No_topic_id']);
}
$sql = "SELECT f.*, t.topic_status, t.topic_title, t.topic_title_e, t.topic_type, t.topic_first_post_id, t.topic_tree_width
FROM (" . FORUMS_TABLE . " f, " . TOPICS_TABLE . " t)
WHERE t.topic_id = $topic_id
AND f.forum_id = t.forum_id";
break;
case 'quote':
case 'editpost':
case 'delete':
case 'poll_delete':
if ( empty($post_id) )
{
message_die(GENERAL_MESSAGE, $lang['No_post_id']);
}
if ( $userdata['user_level'] != ADMIN && $board_config['not_edit_admin'] && ($mode == 'editpost' || $mode == 'delete' || $mode == 'poll_delete') )
{
$sql = "SELECT u.user_level
FROM (" . POSTS_TABLE . " p, " . USERS_TABLE . " u)
WHERE p.post_id = $post_id
AND p.poster_id = u.user_id
AND u.user_level = " . ADMIN;
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not retrieve post information', '', __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
{
message_die(GENERAL_MESSAGE, $lang['Not_auth_edit_delete_admin']);
}
}
$select_sql = ( !$submit ) ? ", t.topic_title, t.topic_title_e, t.topic_color, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, p.post_time, p.post_approve, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_image, p.user_agent, p.post_icon, p.post_expire" : '';
$from_sql = ( !$submit ) ? ", " . POSTS_TEXT_TABLE . " pt, " . USERS_TABLE . " u" : '';
$where_sql = ( !$submit ) ? "AND pt.post_id = p.post_id AND u.user_id = p.poster_id" : '';
if ( !$board_config['report_disable'] )
{
$select_sql .= ( $mode == 'delete' ) ? ', p.reporter_id' : '';
}
$sql = "SELECT f.*, t.topic_id, t.topic_status, t.topic_type, t.topic_first_post_id, t.topic_last_post_id, t.topic_vote, topic_tree_width, p.post_id, post_time, p.poster_id" . $select_sql . "
FROM (" . POSTS_TABLE . " p, " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f" . $from_sql . ")
WHERE p.post_id = $post_id
AND t.topic_id = p.topic_id
AND f.forum_id = p.forum_id
$where_sql";
break;
default:
message_die(GENERAL_MESSAGE, $lang['No_valid_mode']);
}
if ( $result = $db->sql_query($sql) )
{
$post_info = $db->sql_fetchrow($result);
if ( !$post_info )
{
message_die('GENERAL_MESSAGE', $lang['No_such_post']);
}
$db->sql_freeresult($result);
$forum_id = $post_info['forum_id'];
$forum_name = get_object_lang(POST_FORUM_URL . $forum_id, 'name');
$is_auth = auth(AUTH_ALL, $forum_id, $userdata, $post_info);
// Topic Lock/Unlock
$lock = (isset($HTTP_POST_VARS['lock'])) ? TRUE : FALSE;
$unlock = (isset($HTTP_POST_VARS['unlock'])) ? TRUE : FALSE;
$comment = ((isset($HTTP_GET_VARS['comment']) || isset($HTTP_POST_VARS['comment'])) && $is_auth['auth_mod']) ? true : false;
if ( ($submit || $confirm) && ($lock || $unlock) && ($is_auth['auth_mod']) && ($mode != 'newtopic') && (!$refresh) )
{
$t_id = ( !isset($post_info['topic_id']) ) ? $topic_id : $post_info['topic_id'];
if ( $unlock )
{
$sql = "UPDATE " . TOPICS_TABLE . "
SET topic_status = " . TOPIC_UNLOCKED . "
WHERE topic_id = $t_id
AND topic_moved_id = 0";
log_action('unlock', $t_id, $userdata['user_id'], $userdata['username']);
set_action($t_id, UNLOCKED);
}
else if ( $lock )
{
$sql = "UPDATE " . TOPICS_TABLE . "
SET topic_status = " . TOPIC_LOCKED . "
WHERE topic_id = $t_id
AND topic_moved_id = 0";
log_action('lock', $t_id, $userdata['user_id'], $userdata['username']);
set_action($t_id, LOCKED);
}
if ( $lock || $unlock )
{
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not update topics table', '', __LINE__, __FILE__, $sql);
}
}
}
if ( ($post_info['forum_status'] == FORUM_LOCKED && !$is_auth['auth_mod']) || $post_info['forum_link_internal'] == 1 )
{
message_die(GENERAL_MESSAGE, $lang['Forum_locked']);
}
else if ( $mode != 'newtopic' && $post_info['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod'])
{
message_die(GENERAL_MESSAGE, $lang['Topic_locked']);
}
if ( $mode == 'editpost' && !$is_auth['auth_mod'] && $board_config['edit_time'] != '0' && !$submit)
{
$difference_sec = CR_TIME - $post_info['post_time'] ;
$difference_min = (CR_TIME - $post_info['post_time']) / 60;
if ( $difference_min > $board_config['edit_time'] )
{
$message = sprintf($lang['edit_time_past'],$board_config['edit_time']) . '
' . sprintf($lang['Click_view_message'], '', '') . '
' . sprintf($lang['Click_return_forum'], '', '');
message_die(GENERAL_MESSAGE, $message);
}
}
if ( $mode == 'editpost' || $mode == 'delete' || $mode == 'poll_delete' )
{
$topic_id = $post_info['topic_id'];
$post_data['poster_post'] = ( $post_info['poster_id'] == $userdata['user_id'] ) ? true : false;
$post_data['first_post'] = ( $post_info['topic_first_post_id'] == $post_id ) ? true : false;
$post_data['last_post'] = ( $post_info['topic_last_post_id'] == $post_id ) ? true : false;
$post_data['last_topic'] = ( $post_info['forum_last_post_id'] == $post_id ) ? true : false;
$post_data['has_poll'] = ( $post_info['topic_vote'] ) ? true : false;
$post_data['topic_type'] = $post_info['topic_type'];
$post_data['poster_id'] = $post_info['poster_id'];
$post_data['post_time'] = $post_info['post_time'];
if ( $post_data['first_post'] && $post_data['has_poll'] )
{
$sql = "SELECT *
FROM (" . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr)
WHERE vd.topic_id = $topic_id
AND vr.vote_id = vd.vote_id
ORDER BY vr.vote_option_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql);
}
$poll_options = array();
$poll_results_sum = 0;
if ( $row = $db->sql_fetchrow($result) )
{
$poll_title = $row['vote_text'];
$poll_id = $row['vote_id'];
$poll_length = floor($row['vote_length'] / 86400);
$poll_length_h = ( $row['vote_length'] - ( $poll_length * 86400) ) / 3600;
$max_vote = $row['vote_max'];
$hide_vote = $row['vote_hide'];
$tothide_vote = $row['vote_tothide'];
do
{
$poll_options[$row['vote_option_id']] = $row['vote_option_text'];
$poll_results_sum += $row['vote_result'];
}
while ( $row = $db->sql_fetchrow($result) );
}
$db->sql_freeresult($result);
$post_data['edit_poll'] = ( ( !$poll_results_sum || $is_auth['auth_mod'] ) && $post_data['first_post'] ) ? true : 0;
}
else
{
$post_data['edit_poll'] = ($post_data['first_post'] && $is_auth['auth_pollcreate']) ? true : false;
}
//
// Can this user edit/delete the post/poll?
//
if ( $post_info['poster_id'] != $userdata['user_id'] && !$is_auth['auth_mod'] )
{
$message = ( $delete || $mode == 'delete' ) ? $lang['Delete_own_posts'] : $lang['Edit_own_posts'];
$message .= '
' . sprintf($lang['Click_return_topic'], '', '');
message_die(GENERAL_MESSAGE, $message);
}
else if ( !$post_data['last_post'] && !$is_auth['auth_mod'] && ( $mode == 'delete' || $delete ) )
{
message_die(GENERAL_MESSAGE, $lang['Cannot_delete_replied']);
}
else if ( !$post_data['edit_poll'] && !$is_auth['auth_mod'] && ( $mode == 'poll_delete' || $poll_delete ) )
{
message_die(GENERAL_MESSAGE, $lang['Cannot_delete_poll']);
}
}
else
{
if ( $mode == 'quote' )
{
$topic_id = $post_info['topic_id'];
}
if ( $mode == 'newtopic' )
{
$post_data['topic_type'] = POST_NORMAL;
}
$post_data['first_post'] = ( $mode == 'newtopic' ) ? true : 0;
$post_data['last_post'] = false;
$post_data['has_poll'] = false;
$post_data['edit_poll'] = false;
}
if ( $mode == 'poll_delete' && !isset($poll_id) )
{
message_die(GENERAL_MESSAGE, $lang['No_such_post']);
}
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_such_post']);
}
$topic_color = ($HTTP_POST_VARS['topic_color'] && $board_config['topic_color'] && $userdata['can_topic_color'] && ($board_config['topic_color_all'] || $userdata['user_level'] == ADMIN || ($is_auth['auth_mod'] && $board_config['topic_color_mod']))) ? htmlspecialchars($HTTP_POST_VARS['topic_color']) : '';
$submit_topic_tag = '';
if ( $HTTP_POST_VARS['topic_tag'] && strpos($post_info['topic_tags'], ',') )
{
$topic_tags_ary = @explode(',', $post_info['topic_tags']);
for($i = 0; $i < count($topic_tags_ary); $i++)
{
if ( $topic_tags_ary[$i] == $HTTP_POST_VARS['topic_tag'] )
{
$submit_topic_tag = '[' . $HTTP_POST_VARS['topic_tag'] . ']';
}
}
}
function separe_topic_tag($subject)
{
global $board_config, $post_info;
if ( strpos($post_info['topic_tags'], ',') && strpos($subject, '[') == 0 && eregi('\[', $subject) && strpos($subject, ']') )
{
$tag_end = strpos($subject, ']') - 1;
$topic_tag = substr($subject, 1, $tag_end);
$topic_tags_ary = @explode(',', $post_info['topic_tags']);
for($i = 0; $i < count($topic_tags_ary); $i++)
{
if ( $topic_tag == $topic_tags_ary[$i] )
{
return array($topic_tag, str_replace('[' . $topic_tag . '] ', '', $subject));
}
}
}
return false;
}
//
// The user is not authed, if they're not logged in then redirect
// them, else show them an error message
//
if ( !$is_auth[$is_auth_type] )
{
if ( $userdata['session_logged_in'] )
{
message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_' . $is_auth_type], $is_auth[$is_auth_type . "_type"]));
}
switch( $mode )
{
case 'newtopic':
$redirect = "mode=newtopic&" . POST_FORUM_URL . "=" . $forum_id;
break;
case 'reply':
case 'topicreview':
$redirect = "mode=reply&" . POST_TOPIC_URL . "=" . $topic_id;
break;
case 'quote':
case 'editpost':
$redirect = "mode=quote&" . POST_POST_URL ."=" . $post_id;
break;
}
redirect(append_sid("login.$phpEx?redirect=posting.$phpEx&" . $redirect, true));
}
if ( !$forum_id )
{
$where_sql = ( $post_id ) ? "p.post_id = $post_id AND p.topic_id = t.topic_id" : "t.topic_id = $topic_id";
$sql = "SELECT t.forum_id FROM (" . TOPICS_TABLE . " t, " . POSTS_TABLE . " p)
WHERE $where_sql";
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_MESSAGE, 'Could not retrieve forum id', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$forum_id = $row['forum_id'];
}
if ( $forum_id && $userdata['user_level'] == MOD)
{
$forum_moderators = moderarots_list($forum_id, 'mod');
if ( @in_array($userdata['user_id'], $forum_moderators) )
{
$is_mod_forum = true;
}
}
else
{
$is_mod_forum = false;
}
if ( !$is_mod_forum && $userdata['user_level'] != ADMIN )
{
$cache_name = 'multisqlcache_forum_' . $forum_id;
if ( $check_cache = sql_cache('check', $cache_name) )
{
include($check_cache);
$forum_row = $$cache_name;
$cached = true;
}
else
{
$sql = "SELECT *
FROM " . FORUMS_TABLE . "
WHERE forum_id = $forum_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain forums information', '', __LINE__, __FILE__, $sql);
}
if ( !($forum_row = $db->sql_fetchrow($result)) )
{
message_die(GENERAL_MESSAGE, 'Could not retrieve forum information', '', __LINE__, __FILE__, $sql);
}
sql_cache('write', $cache_name, $forum_row);
}
$redirect = str_replace("&", "&", preg_replace('#.*?([a-z]+?\.' . $phpEx . '.*?)$#i', '\1', htmlspecialchars($_SERVER['REQUEST_URI'])));
$cookie_forum_pass = $unique_cookie_name . '_fpass_' . $forum_id;
if ( $HTTP_POST_VARS['cancel'] )
{
redirect(append_sid("index.$phpEx"));
}
else if ( $HTTP_POST_VARS['submit'] && $HTTP_POST_VARS['password'] )
{
password_check($forum_id, $HTTP_POST_VARS['password'], $redirect);
}
if ( ($forum_row['password'] != '') && ($HTTP_COOKIE_VARS[$cookie_forum_pass] != md5($forum_row['password'])) )
{
password_box($forum_id, $redirect);
}
}
//
// Set toggles for various options
//
if ( $board_config['allow_html'] || ( ($board_config['mod_html'] && $is_mod_forum) || ($board_config['admin_html'] && $userdata['user_level'] == ADMIN) || ($board_config['jr_admin_html'] && $is_jr_admin) ) )
{
$html_on = ($submit || $refresh) ? (( !empty($HTTP_POST_VARS['disable_html'])) ? 0 : TRUE ) : (( $userdata['user_id'] == ANONYMOUS) ? $board_config['allow_html'] : $userdata['user_allowhtml']);
$show_html = true;
}
else
{
$html_on = 0;
$show_html = false;
}
$user_can_use_bbcode = false;
if ( $userdata['session_logged_in'] && $board_config['allow_bbcode'] && $userdata['user_allowbbcode'] )
{
$user_can_use_bbcode = true;
}
if ( $board_config['allow_bbcode'] && (!$userdata['session_logged_in'] && !$board_config['allow_bbcode_quest']) )
{
$user_can_use_bbcode = true;
}
if ( !$user_can_use_bbcode )
{
$bbcode_on = 0;
}
else
{
$bbcode_on = (!empty($HTTP_POST_VARS['disable_bbcode'])) ? 0 : true;
}
if ( !$board_config['allow_smilies'] || ( $board_config['restrict_smilies'] && !$userdata['session_logged_in'] ) )
{
$smilies_on = 0;
}
else
{
$smilies_on = ($submit || $refresh) ? ((!empty($HTTP_POST_VARS['disable_smilies'])) ? 0 : TRUE) : (($userdata['user_id'] == ANONYMOUS) ? $board_config['allow_smilies'] : $userdata['user_allowsmile']);
}
if ( ($submit || $refresh) && $is_auth['auth_read'])
{
$notify_user = ( !empty($HTTP_POST_VARS['notify']) ) ? TRUE : 0;
}
else
{
$userdata['user_notify'] = ($post_info['poster_id'] != $userdata['user_id'] && $mode == 'editpost' ) ? 0 : $userdata['user_notify'];
if ( $mode != 'newtopic' && $userdata['session_logged_in'] && $is_auth['auth_read'] )
{
$sql = "SELECT topic_id
FROM " . TOPICS_WATCH_TABLE . "
WHERE topic_id = $topic_id
AND user_id = " . $userdata['user_id'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain topic watch information', '', __LINE__, __FILE__, $sql);
}
$notify_user = ( $db->sql_fetchrow($result) ) ? TRUE : (($mode == 'editpost') ? 0 : $userdata['user_notify']);
$db->sql_freeresult($result);
}
else
{
$notify_user = ( $userdata['session_logged_in'] && $is_auth['auth_read'] ) ? $userdata['user_notify'] : 0;
}
}
$attach_sig = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['attach_sig']) ) ? TRUE : 0 ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? 0 : $userdata['user_attachsig'] );
if ( defined('ATTACHMENTS_ON') && !$comment )
{
execute_posting_attachment_handling();
}
// --------------------
// What shall we do?
//
if ( ( $delete || $poll_delete || $mode == 'delete' ) && !$confirm )
{
//
// Confirm deletion
//
$s_hidden_fields = '';
$s_hidden_fields .= ( $delete || $mode == "delete" ) ? '' : '';
$l_confirm = ( $delete || $mode == 'delete' ) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll'];
//
// Output confirmation page
//
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
if ( $mode == 'delete' && $post_info['poster_id'] != $userdata['user_id'] && $post_info['poster_id'] != ANONYMOUS && $board_config['del_notify_enable'])
{
$reason_jumpbox = '';
$s_hidden_fields .= '';
$del_choice = ($board_config['del_notify_choice']) ? ' ' . $lang['del_notify_choice'] . '
' : '';
$sql = "SELECT username
FROM " . USERS_TABLE . "
WHERE user_id = " . $post_info['poster_id'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not get username from users table', '', __LINE__, __FILE__, $sql);
}
$rowname = $db->sql_fetchrow($result);
$template->set_filenames(array(
'confirm_body' => 'confirm_body_notify.tpl')
);
$template->assign_vars(array(
'MESSAGE_TITLE' => sprintf($lang['del_notify'], $rowname['username']),
'REASON_JUMPBOX' => $reason_jumpbox,
'L_DEL_NOTIFY_REASON' => $lang['del_notify_reason'],
'L_DEL_NOTIFY_REASON_E' => $lang['del_notify_reason_e'],
'L_DEL_NOTIFY_REASON2' => $lang['del_notify_reason2'],
'L_DEL_NOTIFY_REASON2_E' => $lang['del_notify_reason2_e'],
'L_DEL_NOTIFY' => $lang['del_notify'],
'L_CONFIRM_DELETE' => $del_choice . $lang['Confirm_delete'],
'L_YES' => $lang['Yes'],
'L_NO' => $lang['Cancel'],
'S_CONFIRM_ACTION' => append_sid("posting.$phpEx"),
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
}
else
{
$template->set_filenames(array(
'confirm_body' => 'confirm_body.tpl')
);
$template->assign_vars(array(
'MESSAGE_TITLE' => $lang['Information'],
'MESSAGE_TEXT' => $l_confirm,
'L_YES' => $lang['Yes'],
'L_NO' => $lang['No'],
'S_CONFIRM_ACTION' => append_sid("posting.$phpEx"),
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
}
$template->pparse('confirm_body');
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
}
else if ( $mode == 'vote' )
{
//
// Vote in a poll
//
if ( !empty($HTTP_POST_VARS['vote_id']) )
{
$vote_option_id = intval($HTTP_POST_VARS['vote_id']);
$sql = "SELECT vd.vote_id, vd.vote_max
FROM (" . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr)
WHERE vd.topic_id = $topic_id
AND vr.vote_id = vd.vote_id
AND vr.vote_option_id = $vote_option_id
GROUP BY vd.vote_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql);
}
if ( $vote_info = $db->sql_fetchrow($result) )
{
$max_vote = $vote_info['vote_max'];
}
$max_voting = count($HTTP_POST_VARS['vote_id']);
if ( $max_voting > $max_vote )
{
$message_return .= '
' . sprintf($lang['Click_return_topic'], '', '');
message_die(GENERAL_MESSAGE, sprintf($lang['too_many_voting'], $max_vote, $max_voting) . $message_return);
}
for($i = 0; $i < $max_voting; $i++)
{
$vbn[$i] = $HTTP_POST_VARS['vote_id'][$i];
}
$sql = "SELECT vd.vote_id
FROM (" . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr)
WHERE vd.topic_id = $topic_id
AND vr.vote_id = vd.vote_id
AND vr.vote_option_id = $vote_option_id
GROUP BY vd.vote_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql);
}
if ( $vote_info = $db->sql_fetchrow($result) )
{
$vote_id = $vote_info['vote_id'];
$sql = "SELECT *
FROM " . VOTE_USERS_TABLE . "
WHERE vote_id = $vote_id
AND vote_user_id = " . $userdata['user_id'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user vote data for this topic', '', __LINE__, __FILE__, $sql);
}
if ( !($row = $db->sql_fetchrow($result)) )
{
for($i = 0; $i < $max_voting; $i++)
{
$vote_option_id = intval($vbn[$i]);
$sql = "UPDATE " . VOTE_RESULTS_TABLE . "
SET vote_result = vote_result + 1
WHERE vote_id = $vote_id
AND vote_option_id = $vote_option_id";
if ( !$db->sql_query($sql, BEGIN_TRANSACTION) )
{
message_die(GENERAL_ERROR, 'Could not update poll result', '', __LINE__, __FILE__, $sql);
}
$sql = "INSERT INTO " . VOTE_USERS_TABLE . " (vote_id, vote_user_id, vote_user_ip, vote_cast)
VALUES ($vote_id, " . $userdata['user_id'] . ", '$user_ip', '" . $vbn[$i] . "')";
if ( !$db->sql_query($sql, BEGIN_TRANSACTION) )
{
message_die(GENERAL_ERROR, "Could not insert user_id for poll", "", __LINE__, __FILE__, $sql);
}
}
$sql = "UPDATE " . VOTE_DESC_TABLE . "
SET vote_voted = vote_voted + 1
WHERE vote_id = $vote_id
AND topic_id = $topic_id";
if ( !$db->sql_query($sql, BEGIN_TRANSACTION) )
{
message_die(GENERAL_ERROR, 'Could not update poll voted', '', __LINE__, __FILE__, $sql);
}
$message = $lang['Vote_cast'];
}
else
{
$message = $lang['Already_voted'];
}
$db->sql_freeresult($result2);
}
else
{
$message = $lang['No_vote_option'];
}
$db->sql_freeresult($result);
$template->assign_vars(array(
'META' => '')
);
$message .= '
' . sprintf($lang['Click_view_message'], '', '');
message_die(GENERAL_MESSAGE, $message);
}
else
{
redirect(append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id", true));
}
}
else if ( $submit || $confirm )
{
//
// Submit post/vote (newtopic, edit, reply, etc.)
//
if ( $mode == 'editpost' && $comment )
{
$sql = "SELECT pt.post_text, pt.bbcode_uid, p.enable_bbcode, p.enable_html, p.enable_smilies
FROM (" . POSTS_TEXT_TABLE . " pt, " . POSTS_TABLE . " p)
WHERE p.post_id = $post_id
AND pt.post_id = $post_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain post information', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$buid = $row['bbcode_uid'];
$add_data = create_date($board_config['default_dateformat'], CR_TIME, $board_config['board_timezone'], true);
if ( $user_can_use_bbcode && $bbcode_on && $row['enable_bbcode'] )
{
$separator = " \n\n[size=9:" . $buid . "][ [i:" . $buid . "]" . sprintf($lang['Comment_added'], "[b:" . $buid . "]" . $userdata['username']) . "[/b:" . $buid . "]: " . $add_data . "[/i:" . $buid . "] ][/size:" . $buid . "]\n";
}
else
{
$separator = " \n\n" . sprintf($lang['Comment_added'], $userdata['username']) . ": " . $add_data . "\n";
}
$message = prepare_message($HTTP_POST_VARS['message'], $row['enable_html'], $row['enable_bbcode'], $row['enable_smilies'], $buid, $forum_id);
$last_message = prepare_message(str_replace(array("'", "\\"), array("''", "\\\\"), unprepare_message($row['post_text'])), $row['enable_html'], $row['enable_bbcode'], $row['enable_smilies'], $buid, $forum_id);
$last_message = preg_replace("#\[quote:$buid="(.*?)"\]#si", "[quote:$buid=\"\\1\"]", $last_message);
$splited = $last_message . $separator . str_replace("\'", "''", $message);
if ( strlen($splited) > 65500 )
{
message_die(GENERAL_MESSAGE, 'Your message is too long. It can not be more than 65500 chars.');
}
$sql = "UPDATE " . POSTS_TEXT_TABLE . "
SET post_text = '$splited'
WHERE post_id = $post_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not update splited message', '', __LINE__, __FILE__, $sql);
}
if ( $board_config['search_enable'] )
{
include($phpbb_root_path . 'includes/functions_search.'.$phpEx);
add_search_words(0, $post_id, stripslashes($message));
}
$meta = '';
$return_message = $lang['Stored'] . '
' . sprintf($lang['Click_view_message'], '', '') . '
' . sprintf($lang['Click_return_forum'], '', '');
$template->assign_vars(array(
'META' => $meta . $return_meta)
);
message_die(GENERAL_MESSAGE, $return_message);
}
if ( $mode == 'reply' && $board_config['split_messages'] && $userdata['user_id'] != ANONYMOUS && (!$post_info['topic_tree_width'] || !$post_parent) )
{
$do_split = false;
if ( $userdata['user_level'] == ADMIN )
{
$do_split = (!$board_config['split_messages_admin']) ? false : true;
}
else
{
$do_split = ($is_mod_forum && !$board_config['split_messages_mod']) ? false : true;
}
$do_split = ( $post_info['forum_no_split'] || !$do_split ) ? false : true;
if ( isset($HTTP_POST_VARS['nosplit']) && ($userdata['user_level'] == ADMIN || $is_mod_forum) )
{
$do_split = false;
}
if ( $do_split )
{
$poster_id = $userdata['user_id'];
$sql = "SELECT post_id, poster_id, MAX(post_time) FROM " . POSTS_TABLE . "
WHERE topic_id = $topic_id
AND post_parent = 0
GROUP BY post_time
ORDER BY post_time DESC LIMIT 1";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain post', '', __LINE__, __FILE__, $sql);
}
$post_id_last_row = $db->sql_fetchrow($result);
$post_id = $post_id_last_row['post_id'];
$poster_topic_id = $post_id_last_row['poster_id'];
if ( $post_id_last_row['poster_id'] == $poster_id )
{
$sql = "SELECT pt.post_text, pt.bbcode_uid, p.enable_bbcode, p.enable_html, p.enable_smilies
FROM (" . POSTS_TEXT_TABLE . " pt, " . POSTS_TABLE . " p)
WHERE p.post_id = $post_id
AND pt.post_id = $post_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain post information', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$buid = $row['bbcode_uid'];
$add_data = create_date($board_config['default_dateformat'], CR_TIME, $board_config['board_timezone'], true);
if ( $user_can_use_bbcode && $bbcode_on && $row['enable_bbcode'] )
{
$separator = " \n\n[size=9:" . $buid . "][ [i:" . $buid . "][b:" . $buid . "]" . $lang['added'] . "[/b:" . $buid . "]: " . $add_data . "[/i:" . $buid . "] ][/size:" . $buid . "]\n";
}
else
{
$separator = " \n\n" . $lang['added'] . ": " . $add_data . "\n";
}
$message = prepare_message($HTTP_POST_VARS['message'], $row['enable_html'], $row['enable_bbcode'], $row['enable_smilies'], $buid, $forum_id);
$last_message = prepare_message(str_replace(array("'", "\\"), array("''", "\\\\"), unprepare_message($row['post_text'])), $row['enable_html'], $row['enable_bbcode'], $row['enable_smilies'], $buid, $forum_id);
$last_message = preg_replace("#\[quote:$buid="(.*?)"\]#si", "[quote:$buid=\"\\1\"]", $last_message);
$splited = $last_message . $separator . str_replace("\'", "''", $message);
if ( strlen($splited) > 65500 )
{
message_die(GENERAL_MESSAGE, 'Your message is too long. It can not be more than 65500 chars.');
}
if ( trim(str_replace("''", "\'", $last_message)) == trim(str_replace('\"', '"', $message)) )
{
message_die(GENERAL_ERROR, $lang['that_same_msg']);
}
if ( defined('ATTACHMENTS_ON') && !$comment )
{
$attachment_mod['posting']->insert_attachment($post_id);
}
$sql = "UPDATE " . POSTS_TEXT_TABLE . "
SET post_text = '$splited'
WHERE post_id = $post_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not update splited message', '', __LINE__, __FILE__, $sql);
}
if ( $board_config['search_enable'] )
{
include($phpbb_root_path . 'includes/functions_search.'.$phpEx);
add_search_words(0, $post_id, stripslashes($message));
}
$meta = '';
$return_message = $lang['Stored'] . '
' . sprintf($lang['Click_view_message'], '', '') . '
' . sprintf($lang['Click_return_forum'], '', '');
$template->assign_vars(array(
'META' => $meta . $return_meta)
);
message_die(GENERAL_MESSAGE, $return_message);
}
}
}
$return_message = '';
$return_meta = '';
disallow_forums($userdata, $forum_id);
switch ( $mode )
{
case 'editpost':
$username = ( !empty($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : '';
$subject = ( !empty($HTTP_POST_VARS['subject']) ) ? trim($HTTP_POST_VARS['subject']) : '';
$subject_e = ( !empty($HTTP_POST_VARS['subject_e']) ) ? trim($HTTP_POST_VARS['subject_e']) : '';
$message = ( !empty($HTTP_POST_VARS['message']) ) ? $HTTP_POST_VARS['message'] : '';
$poll_title = ( isset($HTTP_POST_VARS['poll_title']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_title'] : '';
$poll_options = ( isset($HTTP_POST_VARS['poll_option_text']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_option_text'] : '';
$poll_length = ( isset($HTTP_POST_VARS['poll_length']) && $is_auth['auth_pollcreate'] ) ? intval($HTTP_POST_VARS['poll_length']) : '0';
$poll_length_h = ( isset($HTTP_POST_VARS['poll_length_h']) && $is_auth['auth_pollcreate'] ) ? intval($HTTP_POST_VARS['poll_length_h']) : '0';
$poll_length = $poll_length * 24;
$poll_length = $poll_length_h + $poll_length;
$poll_length = ($poll_length) ? max(0, ($poll_length / 24)) : 0;
$max_vote = ( isset($HTTP_POST_VARS['max_vote']) && $is_auth['auth_pollcreate'] ) ? ( ( $HTTP_POST_VARS['max_vote'] == 0 ) ? 1 : $HTTP_POST_VARS['max_vote'] ) : '';
$hide_vote = ( isset($HTTP_POST_VARS['hide_vote']) && $is_auth['auth_pollcreate'] && ($poll_length>0) ) ? 1 : '';
$tothide_vote = ( isset($HTTP_POST_VARS['tothide_vote']) && isset($HTTP_POST_VARS['hide_vote']) && $is_auth['auth_pollcreate'] && ($poll_length > 0) ) ? 1 : '';
$bbcode_uid = '';
if ( strlen($message) > 65500 )
{
message_die(GENERAL_MESSAGE, 'Your message is too long. It can not be more than 65500 chars.');
}
prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $subject_e, $message, $poll_title, $poll_options, $poll_length, $max_vote, $hide_vote, $tothide_vote, $forum_id);
if ( $error_msg == '' )
{
$topic_type = ($topic_type != $post_data['topic_type'] && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] && !$is_auth['auth_globalannounce']) ? $post_data['topic_type'] : $topic_type;
if ( !$userdata['session_logged_in'] && $board_config['not_anonymous_posting'] && empty($HTTP_POST_VARS['username']) )
{
message_die(GENERAL_MESSAGE, $lang['No_to_user']);
}
$post_approve = ($post_info['forum_moderate'] && !$is_auth['auth_mod']) ? 0 : 1;
if ( $submit_topic_tag )
{
$subject = $submit_topic_tag . ' ' . $subject;
}
$sql = "SELECT post_text, bbcode_uid
FROM " . POSTS_TEXT_TABLE . "
WHERE post_id = $post_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain post data information', '', __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
{
$old_post_text = $row['post_text'];
$old_bbcode_uid = $row['bbcode_uid'];
}
else
{
message_die(GENERAL_ERROR, 'Could not obtain post data information', '', __LINE__, __FILE__, $sql);
}
if ( $post_info['forum_tree_grade'] )
{
if ( $is_auth['auth_mod'] && isset($HTTP_POST_VARS['tree_width']) )
{
$post_data['topic_tree_width'] = intval($HTTP_POST_VARS['tree_width']);
}
else if ( $post_info['forum_tree_req'] )
{
$post_data['topic_tree_width'] = $default_tree_width;
}
$post_data['topic_first_post_id'] = $post_info['topic_first_post_id'];
}
$str_replace_username = str_replace("\'", "''", $username);
$str_replace_subject = str_replace("\'", "''", $subject);
$str_replace_subject_e = str_replace("\'", "''", $subject_e);
$str_replace_message = str_replace("\'", "''", $message);
$str_replace_poll_title = str_replace("\'", "''", $poll_title);
$str_replace_user_agent = str_replace("\'", "''", $user_agent);
$str_replace_topic_color = str_replace("\'", "''", $topic_color);
submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, $str_replace_username, $str_replace_subject, $str_replace_subject_e, $str_replace_message, $str_replace_poll_title, $poll_options, $poll_length, $max_vote, $hide_vote, $tothide_vote, $str_replace_user_agent, $msg_icon, $msg_expire, $str_replace_topic_color, $post_approve, $is_mod_forum, $is_jr_admin);
$board_config['ph_days'] = intval($board_config['ph_days']);
if ( ((strlen($old_post_text) - strlen($message)) > ($board_config['ph_len'] - 1) || (strlen($message) - strlen($old_post_text)) > ($board_config['ph_len'] - 1)) && $board_config['ph_days'] )
{
$old_post_text = str_replace(array("'", "\\", $old_bbcode_uid), array("''", "\\\\", "cc9d3da2e0"), $old_post_text);
$sql = "INSERT INTO " . POSTS_HISTORY_TABLE . " (th_post_id, th_post_text, th_user_id, th_time)
VALUES ($post_id, '$old_post_text', " . $userdata['user_id'] . ", " . CR_TIME . ")";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error insert in post history table', '', __LINE__, __FILE__, $sql);
}
$min_time = CR_TIME - ($board_config['ph_days'] * 86400);
$sql = "DELETE FROM " . POSTS_HISTORY_TABLE . "
WHERE th_time < " . $min_time;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not delete old post history entries', '', __LINE__, __FILE__, $sql);
}
}
if ( $userdata['user_level'] == ADMIN || $is_mod_forum )
{
// Log Actions Start
log_action('edit', $post_id, $userdata['user_id'], $userdata['username'], $post_data['poster_id']);
if ( !$post_data['poster_post'] )
{
set_action($post_id, EDITED);
}
else
{
$self_sql = ($post_data['last_post'] && !$board_config['show_action_edited_self_all']) ? ", post_edit_time = '0'" : '';
$sql = "UPDATE " . POSTS_TABLE . "
SET post_edit_by = '0' $self_sql
WHERE post_id = $post_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Error in updating posts table', '', __LINE__, __FILE__, $sql);
}
}
}
$notify_n = 1;
$mode_n = $mode;
$post_data_n = $post_data;
$forum_id_n = $forum_id;
$topic_id_n = $topic_id;
$post_id_n = $post_id;
$notify_user_n = $notify_user;
}
break;
case 'newtopic':
case 'reply':
$username = (!empty($HTTP_POST_VARS['username'])) ? $HTTP_POST_VARS['username'] : '';
$subject = (!empty($HTTP_POST_VARS['subject'])) ? trim($HTTP_POST_VARS['subject']) : '';
$subject_e = (!empty($HTTP_POST_VARS['subject_e'])) ? trim($HTTP_POST_VARS['subject_e']) : '';
$message = (!empty($HTTP_POST_VARS['message'])) ? $HTTP_POST_VARS['message'] : '';
$poll_title = (isset($HTTP_POST_VARS['poll_title']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_title'] : '';
$poll_options = (isset($HTTP_POST_VARS['poll_option_text']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_option_text'] : '';
$poll_length = (isset($HTTP_POST_VARS['poll_length']) && $is_auth['auth_pollcreate'] ) ? intval($HTTP_POST_VARS['poll_length']) : '0';
$poll_length_h = (isset($HTTP_POST_VARS['poll_length_h']) && $is_auth['auth_pollcreate'] ) ? intval($HTTP_POST_VARS['poll_length_h']) : '0';
$poll_length = $poll_length * 24;
$poll_length = $poll_length_h + $poll_length;
$poll_length = ($poll_length) ? max(0, ($poll_length / 24)) : 0;
$max_vote = (isset($HTTP_POST_VARS['max_vote']) && $is_auth['auth_pollcreate'] ) ? ( ( $HTTP_POST_VARS['max_vote'] == 0 ) ? 1 : $HTTP_POST_VARS['max_vote'] ) : '';
$hide_vote = (isset($HTTP_POST_VARS['hide_vote']) && $is_auth['auth_pollcreate'] && ($poll_length > 0) ) ? 1 : '';
$tothide_vote = (isset($HTTP_POST_VARS['tothide_vote']) && isset($HTTP_POST_VARS['hide_vote']) && $is_auth['auth_pollcreate'] && ($poll_length>0) ) ? 1 : '';
$bbcode_uid = '';
if ( strlen($message) > 65500 )
{
message_die(GENERAL_MESSAGE, 'Your message is too long. It can not be more than 65500 chars.');
}
prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $subject_e, $message, $poll_title, $poll_options, $poll_length, $max_vote, $hide_vote, $tothide_vote, $forum_id);
if ( $error_msg == '' )
{
$topic_type = ( $topic_type != $post_data['topic_type'] && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] && !$is_auth['auth_globalannounce'] ) ? $post_data['topic_type'] : $topic_type;
if ( !$userdata['session_logged_in'] && $board_config['not_anonymous_posting'] && empty($HTTP_POST_VARS['username']) )
{
message_die(GENERAL_MESSAGE, $lang['No_to_user']);
}
$post_approve = ($post_info['forum_moderate'] && !$is_auth['auth_mod']) ? 0 : 1;
if ( $submit_topic_tag && $mode == 'newtopic' )
{
$subject = $submit_topic_tag . ' ' . $subject;
}
$str_replace_username = str_replace("\'", "''", $username);
$str_replace_subject = str_replace("\'", "''", $subject);
$str_replace_subject_e = str_replace("\'", "''", $subject_e);
$str_replace_message = str_replace("\'", "''", $message);
$str_replace_poll_title = str_replace("\'", "''", $poll_title);
$str_replace_user_agent = str_replace("\'", "''", $user_agent);
$str_replace_topic_color = str_replace("\'", "''", $topic_color);
if ( $post_info['forum_tree_grade'] )
{
$post_data['post_parent'] = ($post_info['topic_tree_width']) ? $post_parent : 0;
if ( $is_auth['auth_mod'] && isset($HTTP_POST_VARS['tree_width']) )
{
$post_data['topic_tree_width'] = intval($HTTP_POST_VARS['tree_width']);
}
else if ( $post_info['forum_tree_req'] )
{
$post_data['topic_tree_width'] = $default_tree_width;
}
$post_data['topic_first_post_id'] = $post_info['topic_first_post_id'];
}
submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, $str_replace_username, $str_replace_subject, $str_replace_subject_e, $str_replace_message, $str_replace_poll_title, $poll_options, $poll_length, $max_vote, $hide_vote, $tothide_vote, $str_replace_user_agent, $msg_icon, $msg_expire, $str_replace_topic_color, $post_approve, $is_mod_forum, $is_jr_admin);
$notify_n = 1;
$mode_n = $mode;
$post_data_n = $post_data;
$forum_id_n = $forum_id;
$topic_id_n = $topic_id;
$post_id_n = $post_id;
$notify_user_n = $notify_user;
if ( $error_msg == '' && $lock && $mode == 'newtopic' && $is_auth['auth_mod'] )
{
$sql = "UPDATE " . TOPICS_TABLE . "
SET topic_status = " . TOPIC_LOCKED . "
WHERE topic_id = $topic_id
AND topic_moved_id = 0";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not update topics table', '', __LINE__, __FILE__, $sql);
}
}
}
break;
case 'delete':
if ( !$board_config['report_disable'] )
{
$post_data['report'] = !empty($post_info['reporter_id']);
}
case 'poll_delete':
if ( $board_config['del_notify_enable'] && (isset($HTTP_POST_VARS['reason']) || isset($HTTP_POST_VARS['reasons'])) && (!($HTTP_POST_VARS['no_notify'] && $board_config['del_notify_choice'])) )
{
$reason = (!empty($HTTP_POST_VARS['reason'])) ? $HTTP_POST_VARS['reason'] : $HTTP_POST_VARS['reasons'];
notify_delete($post_id, $topic_id, $userdata['user_id'], intval($HTTP_POST_VARS['notify_user']), trim(stripslashes($reason)));
}
include($phpbb_root_path . 'includes/functions_remove.'.$phpEx);
if ( $mode != 'poll_delete' )
{
delete_post($post_id);
}
if ( $mode == 'poll_delete' && $post_data['has_poll'] && $post_data['edit_poll'] )
{
delete_poll_data($topic_id);
}
if ( $mode == 'delete' && $post_data['first_post'] && $post_data['last_post'] )
{
$return_meta = '';
$return_message = $lang['Deleted'];
}
else
{
$return_meta = '';
$return_message = ( ( $mode == 'poll_delete' ) ? $lang['Poll_delete'] : $lang['Deleted'] ) . '
' . sprintf($lang['Click_return_topic'], '', '');
}
$message .= $return_message . '
' . sprintf($lang['Click_return_forum'], '', '');
if ( $userdata['user_level'] == ADMIN || $is_mod_forum )
{
// Log actions MOD Start
log_action('delete', $topic_id, $userdata['user_id'], $userdata['username']);
}
break;
}
if ( $error_msg == '' )
{
if ( $mode != 'editpost')
{
$user_id = ($mode == 'reply' || $mode == 'newtopic') ? $userdata['user_id'] : $post_data['poster_id'];
if ( $mode != 'delete' )
{
update_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $user_id);
}
$sql = "SELECT ug.user_id, g.group_id as g_id, g.group_name , u.user_posts, g.group_count
FROM (" . GROUPS_TABLE . " g, " . USERS_TABLE . " u)
LEFT JOIN " . USER_GROUP_TABLE . " ug ON (g.group_id = ug.group_id AND ug.user_id = $user_id)
WHERE u.user_id = $user_id
AND g.group_single_user = 0
AND g.group_count_enable = 1
AND g.group_moderator <> $user_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error geting users post stat', '', __LINE__, __FILE__, $sql);
}
$clear_cache = false;
while ($group_data = $db->sql_fetchrow($result))
{
$user_already_added = (!empty($group_data['user_id']) || $user_id == ANONYMOUS) ? TRUE : FALSE;
$user_add = ($group_data['group_count'] <= $group_data['user_posts'] && $user_id != ANONYMOUS) ? TRUE : FALSE;
if ( $user_add && !$user_already_added )
{
//user join a autogroup
$sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
VALUES (" . $group_data['g_id'] . ", $user_id, 0)";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error insert users, group count', '', __LINE__, __FILE__, $sql);
}
}
$clear_cache = true;
}
if ( $clear_cache )
{
sql_cache('clear', 'user_groups');
sql_cache('clear', 'groups_data');
sql_cache('clear', 'moderators_list');
}
}
if ( defined('ATTACHMENTS_ON') && !$comment )
{
$attachment_mod['posting']->insert_attachment($post_id);
}
if ( $notify_n )
{
$notification_username = ($userdata['user_level'] == ANONYMOUS) ? $lang['Guest'] : $userdata['username'];
user_notification($mode_n, $post_data_n, $forum_id_n, $topic_id_n, $post_id_n, $notify_user_n, $notification_username);
}
$template->assign_vars(array(
'META' => $return_meta)
);
message_die(GENERAL_MESSAGE, $return_message);
}
}
if ( $refresh || isset($HTTP_POST_VARS['del_poll_option']) || $error_msg != '' )
{
$username = ( !empty($HTTP_POST_VARS['username']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['username']))) : '';
$subject = ( !empty($HTTP_POST_VARS['subject']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['subject']))) : '';
$message = ( !empty($HTTP_POST_VARS['message']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['message']))) : '';
$subject_e = ( !empty($HTTP_POST_VARS['subject_e']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['subject_e']))) : '';
$poll_title = ( !empty($HTTP_POST_VARS['poll_title']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['poll_title']))) : '';
$poll_length = ( isset($HTTP_POST_VARS['poll_length']) ) ? max(0, intval($HTTP_POST_VARS['poll_length'])) : 0;
$max_vote = ( isset($HTTP_POST_VARS['max_vote']) ) ? max(0, intval($HTTP_POST_VARS['max_vote'])) : 0;
$hide_vote = ( isset($HTTP_POST_VARS['hide_vote']) ) ? max(0, intval($HTTP_POST_VARS['hide_vote'])) : 0;
$tothide_vote = ( isset($HTTP_POST_VARS['tothide_vote']) ) ? max(0, intval($HTTP_POST_VARS['tothide_vote'])) : 0;
$poll_options = array();
if ( !empty($HTTP_POST_VARS['poll_option_text']) )
{
while( list($option_id, $option_text) = @each($HTTP_POST_VARS['poll_option_text']) )
{
if( isset($HTTP_POST_VARS['del_poll_option'][$option_id]) )
{
unset($poll_options[$option_id]);
}
else if ( !empty($option_text) )
{
$poll_options[$option_id] = htmlspecialchars(trim(stripslashes($option_text)));
}
}
}
if ( isset($poll_add) && !empty($HTTP_POST_VARS['add_poll_option_text']) )
{
$poll_options[] = htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['add_poll_option_text'])));
}
if ( $mode == 'newtopic' || $mode == 'reply')
{
$user_sig = ($userdata['user_sig'] != '' && $board_config['allow_sig']) ? $userdata['user_sig'] : '';
$user_sig_image = ($userdata['user_sig_image'] != '' && $board_config['allow_sig'] && $board_config['allow_sig_image']) ? $userdata['user_sig_image'] : '';
}
else if ( $mode == 'editpost' )
{
$user_sig = ($post_info['user_sig'] != '' && $board_config['allow_sig']) ? $post_info['user_sig'] : '';
$userdata['user_sig_bbcode_uid'] = $post_info['user_sig_bbcode_uid'];
$user_sig_image = ($post_info['user_sig_image'] != '' && $board_config['allow_sig'] && $board_config['allow_sig_image']) ? $post_info['user_sig_image'] : '';
}
$check0 = ($msg_expire == '0' || $HTTP_POST_VARS['msg_expire'] == '0') ? $selected : '';
$check1 = ($msg_expire == '1' || $HTTP_POST_VARS['msg_expire'] == '1') ? $selected : '';
$check2 = ($msg_expire == '2' || $HTTP_POST_VARS['msg_expire'] == '2') ? $selected : '';
$check3 = ($msg_expire == '3' || $HTTP_POST_VARS['msg_expire'] == '3') ? $selected : '';
$check4 = ($msg_expire == '4' || $HTTP_POST_VARS['msg_expire'] == '4') ? $selected : '';
$check5 = ($msg_expire == '5' || $HTTP_POST_VARS['msg_expire'] == '5') ? $selected : '';
$check6 = ($msg_expire == '6' || $HTTP_POST_VARS['msg_expire'] == '6') ? $selected : '';
$check7 = ($msg_expire == '7' || $HTTP_POST_VARS['msg_expire'] == '7') ? $selected : '';
$check14 = ($msg_expire == '14' || $HTTP_POST_VARS['msg_expire'] == '14') ? $selected : '';
$check30 = ($msg_expire == '30' || $HTTP_POST_VARS['msg_expire'] == '30') ? $selected : '';
$check90 = ($msg_expire == '90' || $HTTP_POST_VARS['msg_expire'] == '90') ? $selected : '';
if ( $preview )
{
$orig_word = array();
$replacement_word = array();
$replacement_word_html = array();
obtain_word_list($orig_word, $replacement_word, $replacement_word_html);
$bbcode_uid = ($bbcode_on) ? make_bbcode_uid() : '';
$preview_message = stripslashes(prepare_message(addslashes(unprepare_message($message)), $html_on, $bbcode_on, $smilies_on, $bbcode_uid, $forum_id));
$preview_subject = $subject;
if ( $submit_topic_tag )
{
$preview_subject = $submit_topic_tag . ' ' . $subject;
$topic_tag = str_replace(array('[', ']'), '', $submit_topic_tag);
}
$preview_subject_e = $subject_e;
$preview_username = $username;
$user_sig = ($userdata['user_allow_signature'] && $userdata['user_allowsig']) ? $user_sig : '';
$user_sig_image = ($userdata['user_allow_sig_image'] && $userdata['user_allowsig']) ? $user_sig_image : '';
//
// Finalise processing as per viewtopic
//
$show_post_html = ($board_config['allow_html'] && $userdata['user_allowhtml']) ? true : false;
if ( (($is_mod_forum && $board_config['mod_html']) || ($board_config['admin_html'] && $userdata['user_level'] == ADMIN) || ($board_config['jr_admin_html'] && $is_jr_admin)) && $userdata['user_allowhtml'] )
{
$show_post_html = true;
}
if ( !$show_post_html || !$html_on || $HTTP_POST_VARS['disable_html'] )
{
$preview_message = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $preview_message);
}
if ( !$show_post_html && $user_sig != '' )
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
$strip_br = ($show_post_html && (strpos($preview_message, '