| [ Index ] |
PHP Cross Reference of Unnamed Project |
[Summary view] [Print] [Text view]
1 <?php 2 /*************************************************************************** 3 * posting.php 4 * ------------------- 5 * begin : Saturday, Feb 13, 2001 6 * copyright : (C) 2001 The phpBB Group 7 * email : support@phpbb.com 8 * 9 * $Id: posting.php 6772 2006-12-16 13:11:28Z acydburn $ 10 * 11 * 12 ***************************************************************************/ 13 14 /*************************************************************************** 15 * 16 * This program is free software; you can redistribute it and/or modify 17 * it under the terms of the GNU General Public License as published by 18 * the Free Software Foundation; either version 2 of the License, or 19 * (at your option) any later version. 20 * 21 ***************************************************************************/ 22 23 define('IN_PHPBB', true); 24 $phpbb_root_path = './'; 25 include ($phpbb_root_path . 'extension.inc'); 26 include($phpbb_root_path . 'common.'.$phpEx); 27 include($phpbb_root_path . 'includes/bbcode.'.$phpEx); 28 include($phpbb_root_path . 'includes/functions_post.'.$phpEx); 29 30 // 31 // Check and set various parameters 32 // 33 $params = array('submit' => 'post', 'preview' => 'preview', 'delete' => 'delete', 'poll_delete' => 'poll_delete', 'poll_add' => 'add_poll_option', 'poll_edit' => 'edit_poll_option', 'mode' => 'mode'); 34 while( list($var, $param) = @each($params) ) 35 { 36 if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) ) 37 { 38 $$var = ( !empty($HTTP_POST_VARS[$param]) ) ? htmlspecialchars($HTTP_POST_VARS[$param]) : htmlspecialchars($HTTP_GET_VARS[$param]); 39 } 40 else 41 { 42 $$var = ''; 43 } 44 } 45 46 $confirm = isset($HTTP_POST_VARS['confirm']) ? true : false; 47 $sid = (isset($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : 0; 48 49 $params = array('forum_id' => POST_FORUM_URL, 'topic_id' => POST_TOPIC_URL, 'post_id' => POST_POST_URL); 50 while( list($var, $param) = @each($params) ) 51 { 52 if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) ) 53 { 54 $$var = ( !empty($HTTP_POST_VARS[$param]) ) ? intval($HTTP_POST_VARS[$param]) : intval($HTTP_GET_VARS[$param]); 55 } 56 else 57 { 58 $$var = ''; 59 } 60 } 61 62 $refresh = $preview || $poll_add || $poll_edit || $poll_delete; 63 $orig_word = $replacement_word = array(); 64 65 // 66 // Set topic type 67 // 68 $topic_type = ( !empty($HTTP_POST_VARS['topictype']) ) ? intval($HTTP_POST_VARS['topictype']) : POST_NORMAL; 69 $topic_type = ( in_array($topic_type, array(POST_NORMAL, POST_STICKY, POST_ANNOUNCE)) ) ? $topic_type : POST_NORMAL; 70 71 // 72 // If the mode is set to topic review then output 73 // that review ... 74 // 75 if ( $mode == 'topicreview' ) 76 { 77 require($phpbb_root_path . 'includes/topic_review.'.$phpEx); 78 79 topic_review($topic_id, false); 80 exit; 81 } 82 else if ( $mode == 'smilies' ) 83 { 84 generate_smilies('window', PAGE_POSTING); 85 exit; 86 } 87 88 // 89 // Start session management 90 // 91 $userdata = session_pagestart($user_ip, PAGE_POSTING); 92 init_userprefs($userdata); 93 // 94 // End session management 95 // 96 97 // 98 // Was cancel pressed? If so then redirect to the appropriate 99 // page, no point in continuing with any further checks 100 // 101 if ( isset($HTTP_POST_VARS['cancel']) ) 102 { 103 if ( $post_id ) 104 { 105 $redirect = "viewtopic.$phpEx?" . POST_POST_URL . "=$post_id"; 106 $post_append = "#$post_id"; 107 } 108 else if ( $topic_id ) 109 { 110 $redirect = "viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id"; 111 $post_append = ''; 112 } 113 else if ( $forum_id ) 114 { 115 $redirect = "viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id"; 116 $post_append = ''; 117 } 118 else 119 { 120 $redirect = "index.$phpEx"; 121 $post_append = ''; 122 } 123 124 redirect(append_sid($redirect, true) . $post_append); 125 } 126 127 // 128 // What auth type do we need to check? 129 // 130 $is_auth = array(); 131 switch( $mode ) 132 { 133 case 'newtopic': 134 if ( $topic_type == POST_ANNOUNCE ) 135 { 136 $is_auth_type = 'auth_announce'; 137 } 138 else if ( $topic_type == POST_STICKY ) 139 { 140 $is_auth_type = 'auth_sticky'; 141 } 142 else 143 { 144 $is_auth_type = 'auth_post'; 145 } 146 break; 147 case 'reply': 148 case 'quote': 149 $is_auth_type = 'auth_reply'; 150 break; 151 case 'editpost': 152 $is_auth_type = 'auth_edit'; 153 break; 154 case 'delete': 155 case 'poll_delete': 156 $is_auth_type = 'auth_delete'; 157 break; 158 case 'vote': 159 $is_auth_type = 'auth_vote'; 160 break; 161 case 'topicreview': 162 $is_auth_type = 'auth_read'; 163 break; 164 default: 165 message_die(GENERAL_MESSAGE, $lang['No_post_mode']); 166 break; 167 } 168 169 // 170 // Here we do various lookups to find topic_id, forum_id, post_id etc. 171 // Doing it here prevents spoofing (eg. faking forum_id, topic_id or post_id 172 // 173 $error_msg = ''; 174 $post_data = array(); 175 switch ( $mode ) 176 { 177 case 'newtopic': 178 if ( empty($forum_id) ) 179 { 180 message_die(GENERAL_MESSAGE, $lang['Forum_not_exist']); 181 } 182 183 $sql = "SELECT * 184 FROM " . FORUMS_TABLE . " 185 WHERE forum_id = $forum_id"; 186 break; 187 188 case 'reply': 189 case 'vote': 190 if ( empty( $topic_id) ) 191 { 192 message_die(GENERAL_MESSAGE, $lang['No_topic_id']); 193 } 194 195 $sql = "SELECT f.*, t.topic_status, t.topic_title, t.topic_type 196 FROM " . FORUMS_TABLE . " f, " . TOPICS_TABLE . " t 197 WHERE t.topic_id = $topic_id 198 AND f.forum_id = t.forum_id"; 199 break; 200 201 case 'quote': 202 case 'editpost': 203 case 'delete': 204 case 'poll_delete': 205 if ( empty($post_id) ) 206 { 207 message_die(GENERAL_MESSAGE, $lang['No_post_id']); 208 } 209 210 $select_sql = (!$submit) ? ', t.topic_title, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig, u.user_sig_bbcode_uid' : ''; 211 $from_sql = ( !$submit ) ? ", " . POSTS_TEXT_TABLE . " pt, " . USERS_TABLE . " u" : ''; 212 $where_sql = ( !$submit ) ? "AND pt.post_id = p.post_id AND u.user_id = p.poster_id" : ''; 213 214 $sql = "SELECT f.*, t.topic_id, t.topic_status, t.topic_type, t.topic_first_post_id, t.topic_last_post_id, t.topic_vote, p.post_id, p.poster_id" . $select_sql . " 215 FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f" . $from_sql . " 216 WHERE p.post_id = $post_id 217 AND t.topic_id = p.topic_id 218 AND f.forum_id = p.forum_id 219 $where_sql"; 220 break; 221 222 default: 223 message_die(GENERAL_MESSAGE, $lang['No_valid_mode']); 224 } 225 226 if ( ($result = $db->sql_query($sql)) && ($post_info = $db->sql_fetchrow($result)) ) 227 { 228 $db->sql_freeresult($result); 229 230 $forum_id = $post_info['forum_id']; 231 $forum_name = $post_info['forum_name']; 232 233 $is_auth = auth(AUTH_ALL, $forum_id, $userdata, $post_info); 234 235 if ( $post_info['forum_status'] == FORUM_LOCKED && !$is_auth['auth_mod']) 236 { 237 message_die(GENERAL_MESSAGE, $lang['Forum_locked']); 238 } 239 else if ( $mode != 'newtopic' && $post_info['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod']) 240 { 241 message_die(GENERAL_MESSAGE, $lang['Topic_locked']); 242 } 243 244 if ( $mode == 'editpost' || $mode == 'delete' || $mode == 'poll_delete' ) 245 { 246 $topic_id = $post_info['topic_id']; 247 248 $post_data['poster_post'] = ( $post_info['poster_id'] == $userdata['user_id'] ) ? true : false; 249 $post_data['first_post'] = ( $post_info['topic_first_post_id'] == $post_id ) ? true : false; 250 $post_data['last_post'] = ( $post_info['topic_last_post_id'] == $post_id ) ? true : false; 251 $post_data['last_topic'] = ( $post_info['forum_last_post_id'] == $post_id ) ? true : false; 252 $post_data['has_poll'] = ( $post_info['topic_vote'] ) ? true : false; 253 $post_data['topic_type'] = $post_info['topic_type']; 254 $post_data['poster_id'] = $post_info['poster_id']; 255 256 if ( $post_data['first_post'] && $post_data['has_poll'] ) 257 { 258 $sql = "SELECT * 259 FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr 260 WHERE vd.topic_id = $topic_id 261 AND vr.vote_id = vd.vote_id 262 ORDER BY vr.vote_option_id"; 263 if ( !($result = $db->sql_query($sql)) ) 264 { 265 message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql); 266 } 267 268 $poll_options = array(); 269 $poll_results_sum = 0; 270 if ( $row = $db->sql_fetchrow($result) ) 271 { 272 $poll_title = $row['vote_text']; 273 $poll_id = $row['vote_id']; 274 $poll_length = $row['vote_length'] / 86400; 275 276 do 277 { 278 $poll_options[$row['vote_option_id']] = $row['vote_option_text']; 279 $poll_results_sum += $row['vote_result']; 280 } 281 while ( $row = $db->sql_fetchrow($result) ); 282 } 283 $db->sql_freeresult($result); 284 285 $post_data['edit_poll'] = ( ( !$poll_results_sum || $is_auth['auth_mod'] ) && $post_data['first_post'] ) ? true : 0; 286 } 287 else 288 { 289 $post_data['edit_poll'] = ($post_data['first_post'] && $is_auth['auth_pollcreate']) ? true : false; 290 } 291 292 // 293 // Can this user edit/delete the post/poll? 294 // 295 if ( $post_info['poster_id'] != $userdata['user_id'] && !$is_auth['auth_mod'] ) 296 { 297 $message = ( $delete || $mode == 'delete' ) ? $lang['Delete_own_posts'] : $lang['Edit_own_posts']; 298 $message .= '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>'); 299 300 message_die(GENERAL_MESSAGE, $message); 301 } 302 else if ( !$post_data['last_post'] && !$is_auth['auth_mod'] && ( $mode == 'delete' || $delete ) ) 303 { 304 message_die(GENERAL_MESSAGE, $lang['Cannot_delete_replied']); 305 } 306 else if ( !$post_data['edit_poll'] && !$is_auth['auth_mod'] && ( $mode == 'poll_delete' || $poll_delete ) ) 307 { 308 message_die(GENERAL_MESSAGE, $lang['Cannot_delete_poll']); 309 } 310 } 311 else 312 { 313 if ( $mode == 'quote' ) 314 { 315 $topic_id = $post_info['topic_id']; 316 } 317 if ( $mode == 'newtopic' ) 318 { 319 $post_data['topic_type'] = POST_NORMAL; 320 } 321 322 $post_data['first_post'] = ( $mode == 'newtopic' ) ? true : 0; 323 $post_data['last_post'] = false; 324 $post_data['has_poll'] = false; 325 $post_data['edit_poll'] = false; 326 } 327 if ( $mode == 'poll_delete' && !isset($poll_id) ) 328 { 329 message_die(GENERAL_MESSAGE, $lang['No_such_post']); 330 } 331 } 332 else 333 { 334 message_die(GENERAL_MESSAGE, $lang['No_such_post']); 335 } 336 337 // 338 // The user is not authed, if they're not logged in then redirect 339 // them, else show them an error message 340 // 341 if ( !$is_auth[$is_auth_type] ) 342 { 343 if ( $userdata['session_logged_in'] ) 344 { 345 message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_' . $is_auth_type], $is_auth[$is_auth_type . "_type"])); 346 } 347 348 switch( $mode ) 349 { 350 case 'newtopic': 351 $redirect = "mode=newtopic&" . POST_FORUM_URL . "=" . $forum_id; 352 break; 353 case 'reply': 354 case 'topicreview': 355 $redirect = "mode=reply&" . POST_TOPIC_URL . "=" . $topic_id; 356 break; 357 case 'quote': 358 case 'editpost': 359 $redirect = "mode=quote&" . POST_POST_URL ."=" . $post_id; 360 break; 361 } 362 363 redirect(append_sid("login.$phpEx?redirect=posting.$phpEx&" . $redirect, true)); 364 } 365 366 // 367 // Set toggles for various options 368 // 369 if ( !$board_config['allow_html'] ) 370 { 371 $html_on = 0; 372 } 373 else 374 { 375 $html_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_html']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_html'] : $userdata['user_allowhtml'] ); 376 } 377 378 if ( !$board_config['allow_bbcode'] ) 379 { 380 $bbcode_on = 0; 381 } 382 else 383 { 384 $bbcode_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_bbcode']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_bbcode'] : $userdata['user_allowbbcode'] ); 385 } 386 387 if ( !$board_config['allow_smilies'] ) 388 { 389 $smilies_on = 0; 390 } 391 else 392 { 393 $smilies_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_smilies']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_smilies'] : $userdata['user_allowsmile'] ); 394 } 395 396 if ( ($submit || $refresh) && $is_auth['auth_read']) 397 { 398 $notify_user = ( !empty($HTTP_POST_VARS['notify']) ) ? TRUE : 0; 399 } 400 else 401 { 402 if ( $mode != 'newtopic' && $userdata['session_logged_in'] && $is_auth['auth_read'] ) 403 { 404 $sql = "SELECT topic_id 405 FROM " . TOPICS_WATCH_TABLE . " 406 WHERE topic_id = $topic_id 407 AND user_id = " . $userdata['user_id']; 408 if ( !($result = $db->sql_query($sql)) ) 409 { 410 message_die(GENERAL_ERROR, 'Could not obtain topic watch information', '', __LINE__, __FILE__, $sql); 411 } 412 413 $notify_user = ( $db->sql_fetchrow($result) ) ? TRUE : $userdata['user_notify']; 414 $db->sql_freeresult($result); 415 } 416 else 417 { 418 $notify_user = ( $userdata['session_logged_in'] && $is_auth['auth_read'] ) ? $userdata['user_notify'] : 0; 419 } 420 } 421 422 $attach_sig = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['attach_sig']) ) ? TRUE : 0 ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? 0 : $userdata['user_attachsig'] ); 423 424 // -------------------- 425 // What shall we do? 426 // 427 if ( ( $delete || $poll_delete || $mode == 'delete' ) && !$confirm ) 428 { 429 // 430 // Confirm deletion 431 // 432 $s_hidden_fields = '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />'; 433 $s_hidden_fields .= ( $delete || $mode == "delete" ) ? '<input type="hidden" name="mode" value="delete" />' : '<input type="hidden" name="mode" value="poll_delete" />'; 434 $s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; 435 436 $l_confirm = ( $delete || $mode == 'delete' ) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll']; 437 438 // 439 // Output confirmation page 440 // 441 include($phpbb_root_path . 'includes/page_header.'.$phpEx); 442 443 $template->set_filenames(array( 444 'confirm_body' => 'confirm_body.tpl') 445 ); 446 447 $template->assign_vars(array( 448 'MESSAGE_TITLE' => $lang['Information'], 449 'MESSAGE_TEXT' => $l_confirm, 450 451 'L_YES' => $lang['Yes'], 452 'L_NO' => $lang['No'], 453 454 'S_CONFIRM_ACTION' => append_sid("posting.$phpEx"), 455 'S_HIDDEN_FIELDS' => $s_hidden_fields) 456 ); 457 458 $template->pparse('confirm_body'); 459 460 include($phpbb_root_path . 'includes/page_tail.'.$phpEx); 461 } 462 else if ( $mode == 'vote' ) 463 { 464 // 465 // Vote in a poll 466 // 467 if ( !empty($HTTP_POST_VARS['vote_id']) ) 468 { 469 $vote_option_id = intval($HTTP_POST_VARS['vote_id']); 470 471 $sql = "SELECT vd.vote_id 472 FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr 473 WHERE vd.topic_id = $topic_id 474 AND vr.vote_id = vd.vote_id 475 AND vr.vote_option_id = $vote_option_id 476 GROUP BY vd.vote_id"; 477 if ( !($result = $db->sql_query($sql)) ) 478 { 479 message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql); 480 } 481 482 if ( $vote_info = $db->sql_fetchrow($result) ) 483 { 484 $vote_id = $vote_info['vote_id']; 485 486 $sql = "SELECT * 487 FROM " . VOTE_USERS_TABLE . " 488 WHERE vote_id = $vote_id 489 AND vote_user_id = " . $userdata['user_id']; 490 if ( !($result2 = $db->sql_query($sql)) ) 491 { 492 message_die(GENERAL_ERROR, 'Could not obtain user vote data for this topic', '', __LINE__, __FILE__, $sql); 493 } 494 495 if ( !($row = $db->sql_fetchrow($result2)) ) 496 { 497 $sql = "UPDATE " . VOTE_RESULTS_TABLE . " 498 SET vote_result = vote_result + 1 499 WHERE vote_id = $vote_id 500 AND vote_option_id = $vote_option_id"; 501 if ( !$db->sql_query($sql, BEGIN_TRANSACTION) ) 502 { 503 message_die(GENERAL_ERROR, 'Could not update poll result', '', __LINE__, __FILE__, $sql); 504 } 505 506 $sql = "INSERT INTO " . VOTE_USERS_TABLE . " (vote_id, vote_user_id, vote_user_ip) 507 VALUES ($vote_id, " . $userdata['user_id'] . ", '$user_ip')"; 508 if ( !$db->sql_query($sql, END_TRANSACTION) ) 509 { 510 message_die(GENERAL_ERROR, "Could not insert user_id for poll", "", __LINE__, __FILE__, $sql); 511 } 512 513 $message = $lang['Vote_cast']; 514 } 515 else 516 { 517 $message = $lang['Already_voted']; 518 } 519 $db->sql_freeresult($result2); 520 } 521 else 522 { 523 $message = $lang['No_vote_option']; 524 } 525 $db->sql_freeresult($result); 526 527 $template->assign_vars(array( 528 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">') 529 ); 530 $message .= '<br /><br />' . sprintf($lang['Click_view_message'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>'); 531 message_die(GENERAL_MESSAGE, $message); 532 } 533 else 534 { 535 redirect(append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id", true)); 536 } 537 } 538 else if ( $submit || $confirm ) 539 { 540 // 541 // Submit post/vote (newtopic, edit, reply, etc.) 542 // 543 $return_message = ''; 544 $return_meta = ''; 545 546 // session id check 547 if ($sid == '' || $sid != $userdata['session_id']) 548 { 549 $error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Session_invalid'] : $lang['Session_invalid']; 550 } 551 552 switch ( $mode ) 553 { 554 case 'editpost': 555 case 'newtopic': 556 case 'reply': 557 $username = ( !empty($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : ''; 558 $subject = ( !empty($HTTP_POST_VARS['subject']) ) ? trim($HTTP_POST_VARS['subject']) : ''; 559 $message = ( !empty($HTTP_POST_VARS['message']) ) ? $HTTP_POST_VARS['message'] : ''; 560 $poll_title = ( isset($HTTP_POST_VARS['poll_title']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_title'] : ''; 561 $poll_options = ( isset($HTTP_POST_VARS['poll_option_text']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_option_text'] : ''; 562 $poll_length = ( isset($HTTP_POST_VARS['poll_length']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_length'] : ''; 563 $bbcode_uid = ''; 564 565 prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $message, $poll_title, $poll_options, $poll_length); 566 567 if ( $error_msg == '' ) 568 { 569 $topic_type = ( $topic_type != $post_data['topic_type'] && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] ) ? $post_data['topic_type'] : $topic_type; 570 571 submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, str_replace("\'", "''", $username), str_replace("\'", "''", $subject), str_replace("\'", "''", $message), str_replace("\'", "''", $poll_title), $poll_options, $poll_length); 572 } 573 break; 574 575 case 'delete': 576 case 'poll_delete': 577 if ($error_msg != '') 578 { 579 message_die(GENERAL_MESSAGE, $error_msg); 580 } 581 582 delete_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id); 583 break; 584 } 585 586 if ( $error_msg == '' ) 587 { 588 if ( $mode != 'editpost' ) 589 { 590 $user_id = ( $mode == 'reply' || $mode == 'newtopic' ) ? $userdata['user_id'] : $post_data['poster_id']; 591 update_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $user_id); 592 } 593 594 if ($error_msg == '' && $mode != 'poll_delete') 595 { 596 user_notification($mode, $post_data, $post_info['topic_title'], $forum_id, $topic_id, $post_id, $notify_user); 597 } 598 599 if ( $mode == 'newtopic' || $mode == 'reply' ) 600 { 601 $tracking_topics = ( !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) : array(); 602 $tracking_forums = ( !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) : array(); 603 604 if ( count($tracking_topics) + count($tracking_forums) == 100 && empty($tracking_topics[$topic_id]) ) 605 { 606 asort($tracking_topics); 607 unset($tracking_topics[key($tracking_topics)]); 608 } 609 610 $tracking_topics[$topic_id] = time(); 611 612 setcookie($board_config['cookie_name'] . '_t', serialize($tracking_topics), 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); 613 } 614 615 $template->assign_vars(array( 616 'META' => $return_meta) 617 ); 618 message_die(GENERAL_MESSAGE, $return_message); 619 } 620 } 621 622 if( $refresh || isset($HTTP_POST_VARS['del_poll_option']) || $error_msg != '' ) 623 { 624 $username = ( !empty($HTTP_POST_VARS['username']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['username']))) : ''; 625 $subject = ( !empty($HTTP_POST_VARS['subject']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['subject']))) : ''; 626 $message = ( !empty($HTTP_POST_VARS['message']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['message']))) : ''; 627 628 $poll_title = ( !empty($HTTP_POST_VARS['poll_title']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['poll_title']))) : ''; 629 $poll_length = ( isset($HTTP_POST_VARS['poll_length']) ) ? max(0, intval($HTTP_POST_VARS['poll_length'])) : 0; 630 631 $poll_options = array(); 632 if ( !empty($HTTP_POST_VARS['poll_option_text']) ) 633 { 634 while( list($option_id, $option_text) = @each($HTTP_POST_VARS['poll_option_text']) ) 635 { 636 if( isset($HTTP_POST_VARS['del_poll_option'][$option_id]) ) 637 { 638 unset($poll_options[$option_id]); 639 } 640 else if ( !empty($option_text) ) 641 { 642 $poll_options[intval($option_id)] = htmlspecialchars(trim(stripslashes($option_text))); 643 } 644 } 645 } 646 647 if ( isset($poll_add) && !empty($HTTP_POST_VARS['add_poll_option_text']) ) 648 { 649 $poll_options[] = htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['add_poll_option_text']))); 650 } 651 652 if ( $mode == 'newtopic' || $mode == 'reply') 653 { 654 $user_sig = ( $userdata['user_sig'] != '' && $board_config['allow_sig'] ) ? $userdata['user_sig'] : ''; 655 } 656 else if ( $mode == 'editpost' ) 657 { 658 $user_sig = ( $post_info['user_sig'] != '' && $board_config['allow_sig'] ) ? $post_info['user_sig'] : ''; 659 $userdata['user_sig_bbcode_uid'] = $post_info['user_sig_bbcode_uid']; 660 } 661 662 if( $preview ) 663 { 664 $orig_word = array(); 665 $replacement_word = array(); 666 obtain_word_list($orig_word, $replacement_word); 667 668 $bbcode_uid = ( $bbcode_on ) ? make_bbcode_uid() : ''; 669 $preview_message = stripslashes(prepare_message(addslashes(unprepare_message($message)), $html_on, $bbcode_on, $smilies_on, $bbcode_uid)); 670 $preview_subject = $subject; 671 $preview_username = $username; 672 673 // 674 // Finalise processing as per viewtopic 675 // 676 if( !$html_on ) 677 { 678 if( $user_sig != '' || !$userdata['user_allowhtml'] ) 679 { 680 $user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', '<\2>', $user_sig); 681 } 682 } 683 684 if( $attach_sig && $user_sig != '' && $userdata['user_sig_bbcode_uid'] ) 685 { 686 $user_sig = bbencode_second_pass($user_sig, $userdata['user_sig_bbcode_uid']); 687 } 688 689 if( $bbcode_on ) 690 { 691 $preview_message = bbencode_second_pass($preview_message, $bbcode_uid); 692 } 693 694 if( !empty($orig_word) ) 695 { 696 $preview_username = ( !empty($username) ) ? preg_replace($orig_word, $replacement_word, $preview_username) : ''; 697 $preview_subject = ( !empty($subject) ) ? preg_replace($orig_word, $replacement_word, $preview_subject) : ''; 698 $preview_message = ( !empty($preview_message) ) ? preg_replace($orig_word, $replacement_word, $preview_message) : ''; 699 } 700 701 if( $user_sig != '' ) 702 { 703 $user_sig = make_clickable($user_sig); 704 } 705 $preview_message = make_clickable($preview_message); 706 707 if( $smilies_on ) 708 { 709 if( $userdata['user_allowsmile'] && $user_sig != '' ) 710 { 711 $user_sig = smilies_pass($user_sig); 712 } 713 714 $preview_message = smilies_pass($preview_message); 715 } 716 717 if( $attach_sig && $user_sig != '' ) 718 { 719 $preview_message = $preview_message . '<br /><br />_________________<br />' . $user_sig; 720 } 721 722 $preview_message = str_replace("\n", '<br />', $preview_message); 723 724 $template->set_filenames(array( 725 'preview' => 'posting_preview.tpl') 726 ); 727 728 $template->assign_vars(array( 729 'TOPIC_TITLE' => $preview_subject, 730 'POST_SUBJECT' => $preview_subject, 731 'POSTER_NAME' => $preview_username, 732 'POST_DATE' => create_date($board_config['default_dateformat'], time(), $board_config['board_timezone']), 733 'MESSAGE' => $preview_message, 734 735 'L_POST_SUBJECT' => $lang['Post_subject'], 736 'L_PREVIEW' => $lang['Preview'], 737 'L_POSTED' => $lang['Posted'], 738 'L_POST' => $lang['Post']) 739 ); 740 $template->assign_var_from_handle('POST_PREVIEW_BOX', 'preview'); 741 } 742 else if( $error_msg != '' ) 743 { 744 $template->set_filenames(array( 745 'reg_header' => 'error_body.tpl') 746 ); 747 $template->assign_vars(array( 748 'ERROR_MESSAGE' => $error_msg) 749 ); 750 $template->assign_var_from_handle('ERROR_BOX', 'reg_header'); 751 } 752 } 753 else 754 { 755 // 756 // User default entry point 757 // 758 if ( $mode == 'newtopic' ) 759 { 760 $user_sig = ( $userdata['user_sig'] != '' ) ? $userdata['user_sig'] : ''; 761 762 $username = ($userdata['session_logged_in']) ? $userdata['username'] : ''; 763 $poll_title = ''; 764 $poll_length = ''; 765 $subject = ''; 766 $message = ''; 767 } 768 else if ( $mode == 'reply' ) 769 { 770 $user_sig = ( $userdata['user_sig'] != '' ) ? $userdata['user_sig'] : ''; 771 772 $username = ( $userdata['session_logged_in'] ) ? $userdata['username'] : ''; 773 $subject = ''; 774 $message = ''; 775 776 } 777 else if ( $mode == 'quote' || $mode == 'editpost' ) 778 { 779 $subject = ( $post_data['first_post'] ) ? $post_info['topic_title'] : $post_info['post_subject']; 780 $message = $post_info['post_text']; 781 782 if ( $mode == 'editpost' ) 783 { 784 $attach_sig = ( $post_info['enable_sig'] && $post_info['user_sig'] != '' ) ? TRUE : 0; 785 $user_sig = $post_info['user_sig']; 786 787 $html_on = ( $post_info['enable_html'] ) ? true : false; 788 $bbcode_on = ( $post_info['enable_bbcode'] ) ? true : false; 789 $smilies_on = ( $post_info['enable_smilies'] ) ? true : false; 790 } 791 else 792 { 793 $attach_sig = ( $userdata['user_attachsig'] ) ? TRUE : 0; 794 $user_sig = $userdata['user_sig']; 795 } 796 797 if ( $post_info['bbcode_uid'] != '' ) 798 { 799 $message = preg_replace('/\:(([a-z0-9]:)?)' . $post_info['bbcode_uid'] . '/s', '', $message); 800 } 801 802 $message = str_replace('<', '<', $message); 803 $message = str_replace('>', '>', $message); 804 $message = str_replace('<br />', "\n", $message); 805 806 if ( $mode == 'quote' ) 807 { 808 $orig_word = array(); 809 $replacement_word = array(); 810 obtain_word_list($orig_word, $replace_word); 811 812 $msg_date = create_date($board_config['default_dateformat'], $postrow['post_time'], $board_config['board_timezone']); 813 814 // Use trim to get rid of spaces placed there by MS-SQL 2000 815 $quote_username = ( trim($post_info['post_username']) != '' ) ? $post_info['post_username'] : $post_info['username']; 816 $message = '[quote="' . $quote_username . '"]' . $message . '[/quote]'; 817 818 if ( !empty($orig_word) ) 819 { 820 $subject = ( !empty($subject) ) ? preg_replace($orig_word, $replace_word, $subject) : ''; 821 $message = ( !empty($message) ) ? preg_replace($orig_word, $replace_word, $message) : ''; 822 } 823 824 if ( !preg_match('/^Re:/', $subject) && strlen($subject) > 0 ) 825 { 826 $subject = 'Re: ' . $subject; 827 } 828 829 $mode = 'reply'; 830 } 831 else 832 { 833 $username = ( $post_info['user_id'] == ANONYMOUS && !empty($post_info['post_username']) ) ? $post_info['post_username'] : ''; 834 } 835 } 836 } 837 838 // 839 // Signature toggle selection 840 // 841 if( $user_sig != '' ) 842 { 843 $template->assign_block_vars('switch_signature_checkbox', array()); 844 } 845 846 // 847 // HTML toggle selection 848 // 849 if ( $board_config['allow_html'] ) 850 { 851 $html_status = $lang['HTML_is_ON']; 852 $template->assign_block_vars('switch_html_checkbox', array()); 853 } 854 else 855 { 856 $html_status = $lang['HTML_is_OFF']; 857 } 858 859 // 860 // BBCode toggle selection 861 // 862 if ( $board_config['allow_bbcode'] ) 863 { 864 $bbcode_status = $lang['BBCode_is_ON']; 865 $template->assign_block_vars('switch_bbcode_checkbox', array()); 866 } 867 else 868 { 869 $bbcode_status = $lang['BBCode_is_OFF']; 870 } 871 872 // 873 // Smilies toggle selection 874 // 875 if ( $board_config['allow_smilies'] ) 876 { 877 $smilies_status = $lang['Smilies_are_ON']; 878 $template->assign_block_vars('switch_smilies_checkbox', array()); 879 } 880 else 881 { 882 $smilies_status = $lang['Smilies_are_OFF']; 883 } 884 885 if( !$userdata['session_logged_in'] || ( $mode == 'editpost' && $post_info['poster_id'] == ANONYMOUS ) ) 886 { 887 $template->assign_block_vars('switch_username_select', array()); 888 } 889 890 // 891 // Notify checkbox - only show if user is logged in 892 // 893 if ( $userdata['session_logged_in'] && $is_auth['auth_read'] ) 894 { 895 if ( $mode != 'editpost' || ( $mode == 'editpost' && $post_info['poster_id'] != ANONYMOUS ) ) 896 { 897 $template->assign_block_vars('switch_notify_checkbox', array()); 898 } 899 } 900 901 // 902 // Delete selection 903 // 904 if ( $mode == 'editpost' && ( ( $is_auth['auth_delete'] && $post_data['last_post'] && ( !$post_data['has_poll'] || $post_data['edit_poll'] ) ) || $is_auth['auth_mod'] ) ) 905 { 906 $template->assign_block_vars('switch_delete_checkbox', array()); 907 } 908 909 // 910 // Topic type selection 911 // 912 $topic_type_toggle = ''; 913 if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] ) ) 914 { 915 $template->assign_block_vars('switch_type_toggle', array()); 916 917 if( $is_auth['auth_sticky'] ) 918 { 919 $topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_STICKY . '"'; 920 if ( $post_data['topic_type'] == POST_STICKY || $topic_type == POST_STICKY ) 921 { 922 $topic_type_toggle .= ' checked="checked"'; 923 } 924 $topic_type_toggle .= ' /> ' . $lang['Post_Sticky'] . ' '; 925 } 926 927 if( $is_auth['auth_announce'] ) 928 { 929 $topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_ANNOUNCE . '"'; 930 if ( $post_data['topic_type'] == POST_ANNOUNCE || $topic_type == POST_ANNOUNCE ) 931 { 932 $topic_type_toggle .= ' checked="checked"'; 933 } 934 $topic_type_toggle .= ' /> ' . $lang['Post_Announcement'] . ' '; 935 } 936 937 if ( $topic_type_toggle != '' ) 938 { 939 $topic_type_toggle = $lang['Post_topic_as'] . ': <input type="radio" name="topictype" value="' . POST_NORMAL .'"' . ( ( $post_data['topic_type'] == POST_NORMAL || $topic_type == POST_NORMAL ) ? ' checked="checked"' : '' ) . ' /> ' . $lang['Post_Normal'] . ' ' . $topic_type_toggle; 940 } 941 } 942 943 $hidden_form_fields = '<input type="hidden" name="mode" value="' . $mode . '" />'; 944 $hidden_form_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; 945 946 switch( $mode ) 947 { 948 case 'newtopic': 949 $page_title = $lang['Post_a_new_topic']; 950 $hidden_form_fields .= '<input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />'; 951 break; 952 953 case 'reply': 954 $page_title = $lang['Post_a_reply']; 955 $hidden_form_fields .= '<input type="hidden" name="' . POST_TOPIC_URL . '" value="' . $topic_id . '" />'; 956 break; 957 958 case 'editpost': 959 $page_title = $lang['Edit_Post']; 960 $hidden_form_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />'; 961 break; 962 } 963 964 // Generate smilies listing for page output 965 generate_smilies('inline', PAGE_POSTING); 966 967 // 968 // Include page header 969 // 970 include($phpbb_root_path . 'includes/page_header.'.$phpEx); 971 972 $template->set_filenames(array( 973 'body' => 'posting_body.tpl', 974 'pollbody' => 'posting_poll_body.tpl', 975 'reviewbody' => 'posting_topic_review.tpl') 976 ); 977 make_jumpbox('viewforum.'.$phpEx); 978 979 $template->assign_vars(array( 980 'FORUM_NAME' => $forum_name, 981 'L_POST_A' => $page_title, 982 'L_POST_SUBJECT' => $lang['Post_subject'], 983 984 'U_VIEW_FORUM' => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id")) 985 ); 986 987 // 988 // This enables the forum/topic title to be output for posting 989 // but not for privmsg (where it makes no sense) 990 // 991 $template->assign_block_vars('switch_not_privmsg', array()); 992 993 // 994 // Output the data to the template 995 // 996 $template->assign_vars(array( 997 'USERNAME' => $username, 998 'SUBJECT' => $subject, 999 'MESSAGE' => $message, 1000 'HTML_STATUS' => $html_status, 1001 'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'), 1002 'SMILIES_STATUS' => $smilies_status, 1003 1004 'L_SUBJECT' => $lang['Subject'], 1005 'L_MESSAGE_BODY' => $lang['Message_body'], 1006 'L_OPTIONS' => $lang['Options'], 1007 'L_PREVIEW' => $lang['Preview'], 1008 'L_SPELLCHECK' => $lang['Spellcheck'], 1009 'L_SUBMIT' => $lang['Submit'], 1010 'L_CANCEL' => $lang['Cancel'], 1011 'L_CONFIRM_DELETE' => $lang['Confirm_delete'], 1012 'L_DISABLE_HTML' => $lang['Disable_HTML_post'], 1013 'L_DISABLE_BBCODE' => $lang['Disable_BBCode_post'], 1014 'L_DISABLE_SMILIES' => $lang['Disable_Smilies_post'], 1015 'L_ATTACH_SIGNATURE' => $lang['Attach_signature'], 1016 'L_NOTIFY_ON_REPLY' => $lang['Notify'], 1017 'L_DELETE_POST' => $lang['Delete_post'], 1018 1019 'L_BBCODE_B_HELP' => $lang['bbcode_b_help'], 1020 'L_BBCODE_I_HELP' => $lang['bbcode_i_help'], 1021 'L_BBCODE_U_HELP' => $lang['bbcode_u_help'], 1022 'L_BBCODE_Q_HELP' => $lang['bbcode_q_help'], 1023 'L_BBCODE_C_HELP' => $lang['bbcode_c_help'], 1024 'L_BBCODE_L_HELP' => $lang['bbcode_l_help'], 1025 'L_BBCODE_O_HELP' => $lang['bbcode_o_help'], 1026 'L_BBCODE_P_HELP' => $lang['bbcode_p_help'], 1027 'L_BBCODE_W_HELP' => $lang['bbcode_w_help'], 1028 'L_BBCODE_A_HELP' => $lang['bbcode_a_help'], 1029 'L_BBCODE_S_HELP' => $lang['bbcode_s_help'], 1030 'L_BBCODE_F_HELP' => $lang['bbcode_f_help'], 1031 'L_EMPTY_MESSAGE' => $lang['Empty_message'], 1032 1033 'L_FONT_COLOR' => $lang['Font_color'], 1034 'L_COLOR_DEFAULT' => $lang['color_default'], 1035 'L_COLOR_DARK_RED' => $lang['color_dark_red'], 1036 'L_COLOR_RED' => $lang['color_red'], 1037 'L_COLOR_ORANGE' => $lang['color_orange'], 1038 'L_COLOR_BROWN' => $lang['color_brown'], 1039 'L_COLOR_YELLOW' => $lang['color_yellow'], 1040 'L_COLOR_GREEN' => $lang['color_green'], 1041 'L_COLOR_OLIVE' => $lang['color_olive'], 1042 'L_COLOR_CYAN' => $lang['color_cyan'], 1043 'L_COLOR_BLUE' => $lang['color_blue'], 1044 'L_COLOR_DARK_BLUE' => $lang['color_dark_blue'], 1045 'L_COLOR_INDIGO' => $lang['color_indigo'], 1046 'L_COLOR_VIOLET' => $lang['color_violet'], 1047 'L_COLOR_WHITE' => $lang['color_white'], 1048 'L_COLOR_BLACK' => $lang['color_black'], 1049 1050 'L_FONT_SIZE' => $lang['Font_size'], 1051 'L_FONT_TINY' => $lang['font_tiny'], 1052 'L_FONT_SMALL' => $lang['font_small'], 1053 'L_FONT_NORMAL' => $lang['font_normal'], 1054 'L_FONT_LARGE' => $lang['font_large'], 1055 'L_FONT_HUGE' => $lang['font_huge'], 1056 1057 'L_BBCODE_CLOSE_TAGS' => $lang['Close_Tags'], 1058 'L_STYLES_TIP' => $lang['Styles_tip'], 1059 1060 'U_VIEWTOPIC' => ( $mode == 'reply' ) ? append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id&postorder=desc") : '', 1061 'U_REVIEW_TOPIC' => ( $mode == 'reply' ) ? append_sid("posting.$phpEx?mode=topicreview&" . POST_TOPIC_URL . "=$topic_id") : '', 1062 1063 'S_HTML_CHECKED' => ( !$html_on ) ? 'checked="checked"' : '', 1064 'S_BBCODE_CHECKED' => ( !$bbcode_on ) ? 'checked="checked"' : '', 1065 'S_SMILIES_CHECKED' => ( !$smilies_on ) ? 'checked="checked"' : '', 1066 'S_SIGNATURE_CHECKED' => ( $attach_sig ) ? 'checked="checked"' : '', 1067 'S_NOTIFY_CHECKED' => ( $notify_user ) ? 'checked="checked"' : '', 1068 'S_TYPE_TOGGLE' => $topic_type_toggle, 1069 'S_TOPIC_ID' => $topic_id, 1070 'S_POST_ACTION' => append_sid("posting.$phpEx"), 1071 'S_HIDDEN_FORM_FIELDS' => $hidden_form_fields) 1072 ); 1073 1074 // 1075 // Poll entry switch/output 1076 // 1077 if( ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['edit_poll']) ) && $is_auth['auth_pollcreate'] ) 1078 { 1079 $template->assign_vars(array( 1080 'L_ADD_A_POLL' => $lang['Add_poll'], 1081 'L_ADD_POLL_EXPLAIN' => $lang['Add_poll_explain'], 1082 'L_POLL_QUESTION' => $lang['Poll_question'], 1083 'L_POLL_OPTION' => $lang['Poll_option'], 1084 'L_ADD_OPTION' => $lang['Add_option'], 1085 'L_UPDATE_OPTION' => $lang['Update'], 1086 'L_DELETE_OPTION' => $lang['Delete'], 1087 'L_POLL_LENGTH' => $lang['Poll_for'], 1088 'L_DAYS' => $lang['Days'], 1089 'L_POLL_LENGTH_EXPLAIN' => $lang['Poll_for_explain'], 1090 'L_POLL_DELETE' => $lang['Delete_poll'], 1091 1092 'POLL_TITLE' => $poll_title, 1093 'POLL_LENGTH' => $poll_length) 1094 ); 1095 1096 if( $mode == 'editpost' && $post_data['edit_poll'] && $post_data['has_poll']) 1097 { 1098 $template->assign_block_vars('switch_poll_delete_toggle', array()); 1099 } 1100 1101 if( !empty($poll_options) ) 1102 { 1103 while( list($option_id, $option_text) = each($poll_options) ) 1104 { 1105 $template->assign_block_vars('poll_option_rows', array( 1106 'POLL_OPTION' => str_replace('"', '"', $option_text), 1107 1108 'S_POLL_OPTION_NUM' => $option_id) 1109 ); 1110 } 1111 } 1112 1113 $template->assign_var_from_handle('POLLBOX', 'pollbody'); 1114 } 1115 1116 // 1117 // Topic review 1118 // 1119 if( $mode == 'reply' && $is_auth['auth_read'] ) 1120 { 1121 require($phpbb_root_path . 'includes/topic_review.'.$phpEx); 1122 topic_review($topic_id, true); 1123 1124 $template->assign_block_vars('switch_inline_mode', array()); 1125 $template->assign_var_from_handle('TOPIC_REVIEW_BOX', 'reviewbody'); 1126 } 1127 1128 $template->pparse('body'); 1129 1130 include($phpbb_root_path . 'includes/page_tail.'.$phpEx); 1131 1132 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon Jan 14 19:21:40 2013 | Cross-referenced by PHPXref 0.7.1 |