| [ Index ] |
PHP Cross Reference of Unnamed Project |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * @package phpBB3 5 * @version $Id$ 6 * @copyright (c) 2005 phpBB Group 7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License 8 * 9 */ 10 11 /** 12 * @ignore 13 */ 14 define('IN_PHPBB', true); 15 $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './'; 16 $phpEx = substr(strrchr(__FILE__, '.'), 1); 17 include($phpbb_root_path . 'common.' . $phpEx); 18 include($phpbb_root_path . 'includes/functions_posting.' . $phpEx); 19 include($phpbb_root_path . 'includes/functions_display.' . $phpEx); 20 include($phpbb_root_path . 'includes/message_parser.' . $phpEx); 21 22 23 // Start session management 24 $user->session_begin(); 25 $auth->acl($user->data); 26 27 28 // Grab only parameters needed here 29 $post_id = request_var('p', 0); 30 $topic_id = request_var('t', 0); 31 $forum_id = request_var('f', 0); 32 $draft_id = request_var('d', 0); 33 $lastclick = request_var('lastclick', 0); 34 35 $submit = (isset($_POST['post'])) ? true : false; 36 $preview = (isset($_POST['preview'])) ? true : false; 37 $save = (isset($_POST['save'])) ? true : false; 38 $load = (isset($_POST['load'])) ? true : false; 39 $delete = (isset($_POST['delete'])) ? true : false; 40 $cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false; 41 42 $refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['full_editor']) || isset($_POST['cancel_unglobalise']) || $save || $load) ? true : false; 43 $mode = ($delete && !$preview && !$refresh && $submit) ? 'delete' : request_var('mode', ''); 44 45 $error = $post_data = array(); 46 $current_time = time(); 47 48 // Was cancel pressed? If so then redirect to the appropriate page 49 if ($cancel || ($current_time - $lastclick < 2 && $submit)) 50 { 51 $f = ($forum_id) ? 'f=' . $forum_id . '&' : ''; 52 $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx"))); 53 redirect($redirect); 54 } 55 56 if (in_array($mode, array('post', 'reply', 'quote', 'edit', 'delete')) && !$forum_id) 57 { 58 trigger_error('NO_FORUM'); 59 } 60 61 // We need to know some basic information in all cases before we do anything. 62 switch ($mode) 63 { 64 case 'post': 65 $sql = 'SELECT * 66 FROM ' . FORUMS_TABLE . " 67 WHERE forum_id = $forum_id"; 68 break; 69 70 case 'bump': 71 case 'reply': 72 if (!$topic_id) 73 { 74 trigger_error('NO_TOPIC'); 75 } 76 77 // Force forum id 78 $sql = 'SELECT forum_id 79 FROM ' . TOPICS_TABLE . ' 80 WHERE topic_id = ' . $topic_id; 81 $result = $db->sql_query($sql); 82 $f_id = (int) $db->sql_fetchfield('forum_id'); 83 $db->sql_freeresult($result); 84 85 $forum_id = (!$f_id) ? $forum_id : $f_id; 86 87 $sql = 'SELECT f.*, t.* 88 FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f 89 WHERE t.topic_id = $topic_id 90 AND (f.forum_id = t.forum_id 91 OR f.forum_id = $forum_id)" . 92 (($auth->acl_get('m_approve', $forum_id)) ? '' : 'AND t.topic_approved = 1'); 93 break; 94 95 case 'quote': 96 case 'edit': 97 case 'delete': 98 if (!$post_id) 99 { 100 $user->setup('posting'); 101 trigger_error('NO_POST'); 102 } 103 104 // Force forum id 105 $sql = 'SELECT forum_id 106 FROM ' . POSTS_TABLE . ' 107 WHERE post_id = ' . $post_id; 108 $result = $db->sql_query($sql); 109 $f_id = (int) $db->sql_fetchfield('forum_id'); 110 $db->sql_freeresult($result); 111 112 $forum_id = (!$f_id) ? $forum_id : $f_id; 113 114 $sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield 115 FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u 116 WHERE p.post_id = $post_id 117 AND t.topic_id = p.topic_id 118 AND u.user_id = p.poster_id 119 AND (f.forum_id = t.forum_id 120 OR f.forum_id = $forum_id)" . 121 (($auth->acl_get('m_approve', $forum_id)) ? '' : 'AND p.post_approved = 1'); 122 break; 123 124 case 'smilies': 125 $sql = ''; 126 generate_smilies('window', $forum_id); 127 break; 128 129 case 'popup': 130 if ($forum_id) 131 { 132 $sql = 'SELECT forum_style 133 FROM ' . FORUMS_TABLE . ' 134 WHERE forum_id = ' . $forum_id; 135 } 136 else 137 { 138 upload_popup(); 139 return; 140 } 141 break; 142 143 default: 144 $sql = ''; 145 break; 146 } 147 148 if (!$sql) 149 { 150 $user->setup('posting'); 151 trigger_error('NO_POST_MODE'); 152 } 153 154 $result = $db->sql_query($sql); 155 $post_data = $db->sql_fetchrow($result); 156 $db->sql_freeresult($result); 157 158 if (!$post_data) 159 { 160 if (!($mode == 'post' || $mode == 'bump' || $mode == 'reply')) 161 { 162 $user->setup('posting'); 163 } 164 trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST'); 165 } 166 167 // Not able to reply to unapproved posts/topics 168 // TODO: add more descriptive language key 169 if ($auth->acl_get('m_approve', $forum_id) && ((($mode == 'reply' || $mode == 'bump') && !$post_data['topic_approved']) || ($mode == 'quote' && !$post_data['post_approved']))) 170 { 171 trigger_error(($mode == 'reply' || $mode == 'bump') ? 'TOPIC_UNAPPROVED' : 'POST_UNAPPROVED'); 172 } 173 174 if ($mode == 'popup') 175 { 176 upload_popup($post_data['forum_style']); 177 return; 178 } 179 180 $user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']); 181 182 if ($config['enable_post_confirm'] && !$user->data['is_registered']) 183 { 184 include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); 185 $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); 186 $captcha->init(CONFIRM_POST); 187 } 188 189 // Use post_row values in favor of submitted ones... 190 $forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id; 191 $topic_id = (!empty($post_data['topic_id'])) ? (int) $post_data['topic_id'] : (int) $topic_id; 192 $post_id = (!empty($post_data['post_id'])) ? (int) $post_data['post_id'] : (int) $post_id; 193 194 // Need to login to passworded forum first? 195 if ($post_data['forum_password']) 196 { 197 login_forum_box(array( 198 'forum_id' => $forum_id, 199 'forum_name' => $post_data['forum_name'], 200 'forum_password' => $post_data['forum_password']) 201 ); 202 } 203 204 // Check permissions 205 if ($user->data['is_bot']) 206 { 207 redirect(append_sid("{$phpbb_root_path}index.$phpEx")); 208 } 209 210 // Is the user able to read within this forum? 211 if (!$auth->acl_get('f_read', $forum_id)) 212 { 213 if ($user->data['user_id'] != ANONYMOUS) 214 { 215 trigger_error('USER_CANNOT_READ'); 216 } 217 218 login_box('', $user->lang['LOGIN_EXPLAIN_POST']); 219 } 220 221 // Permission to do the action asked? 222 $is_authed = false; 223 224 switch ($mode) 225 { 226 case 'post': 227 if ($auth->acl_get('f_post', $forum_id)) 228 { 229 $is_authed = true; 230 } 231 break; 232 233 case 'bump': 234 if ($auth->acl_get('f_bump', $forum_id)) 235 { 236 $is_authed = true; 237 } 238 break; 239 240 case 'quote': 241 242 $post_data['post_edit_locked'] = 0; 243 244 // no break; 245 246 case 'reply': 247 if ($auth->acl_get('f_reply', $forum_id)) 248 { 249 $is_authed = true; 250 } 251 break; 252 253 case 'edit': 254 if ($user->data['is_registered'] && $auth->acl_gets('f_edit', 'm_edit', $forum_id)) 255 { 256 $is_authed = true; 257 } 258 break; 259 260 case 'delete': 261 if ($user->data['is_registered'] && $auth->acl_gets('f_delete', 'm_delete', $forum_id)) 262 { 263 $is_authed = true; 264 } 265 break; 266 } 267 268 if (!$is_authed) 269 { 270 $check_auth = ($mode == 'quote') ? 'reply' : $mode; 271 272 if ($user->data['is_registered']) 273 { 274 trigger_error('USER_CANNOT_' . strtoupper($check_auth)); 275 } 276 277 login_box('', $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]); 278 } 279 280 // Is the user able to post within this forum? 281 if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply'))) 282 { 283 trigger_error('USER_CANNOT_FORUM_POST'); 284 } 285 286 // Forum/Topic locked? 287 if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED)) && !$auth->acl_get('m_edit', $forum_id)) 288 { 289 trigger_error(($post_data['forum_status'] == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED'); 290 } 291 292 // Can we edit this post ... if we're a moderator with rights then always yes 293 // else it depends on editing times, lock status and if we're the correct user 294 if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id)) 295 { 296 if ($user->data['user_id'] != $post_data['poster_id']) 297 { 298 trigger_error('USER_CANNOT_EDIT'); 299 } 300 301 if (!($post_data['post_time'] > time() - ($config['edit_time'] * 60) || !$config['edit_time'])) 302 { 303 trigger_error('CANNOT_EDIT_TIME'); 304 } 305 306 if ($post_data['post_edit_locked']) 307 { 308 trigger_error('CANNOT_EDIT_POST_LOCKED'); 309 } 310 } 311 312 // Handle delete mode... 313 if ($mode == 'delete') 314 { 315 handle_post_delete($forum_id, $topic_id, $post_id, $post_data); 316 return; 317 } 318 319 // Handle bump mode... 320 if ($mode == 'bump') 321 { 322 if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id']) 323 && check_link_hash(request_var('hash', ''), "topic_{$post_data['topic_id']}")) 324 { 325 $meta_url = phpbb_bump_topic($forum_id, $topic_id, $post_data, $current_time); 326 meta_refresh(3, $meta_url); 327 328 $message = $user->lang['TOPIC_BUMPED'] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $meta_url . '">', '</a>'); 329 $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>'); 330 331 trigger_error($message); 332 } 333 334 trigger_error('BUMP_ERROR'); 335 } 336 337 // Subject length limiting to 60 characters if first post... 338 if ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_data['post_id'])) 339 { 340 $template->assign_var('S_NEW_MESSAGE', true); 341 } 342 343 // Determine some vars 344 if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS) 345 { 346 $post_data['quote_username'] = (!empty($post_data['post_username'])) ? $post_data['post_username'] : $user->lang['GUEST']; 347 } 348 else 349 { 350 $post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : ''; 351 } 352 353 $post_data['post_edit_locked'] = (isset($post_data['post_edit_locked'])) ? (int) $post_data['post_edit_locked'] : 0; 354 $post_data['post_subject_md5'] = (isset($post_data['post_subject']) && $mode == 'edit') ? md5($post_data['post_subject']) : ''; 355 $post_data['post_subject'] = (in_array($mode, array('quote', 'edit'))) ? $post_data['post_subject'] : ((isset($post_data['topic_title'])) ? $post_data['topic_title'] : ''); 356 $post_data['topic_time_limit'] = (isset($post_data['topic_time_limit'])) ? (($post_data['topic_time_limit']) ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit']) : 0; 357 $post_data['poll_length'] = (!empty($post_data['poll_length'])) ? (int) $post_data['poll_length'] / 86400 : 0; 358 $post_data['poll_start'] = (!empty($post_data['poll_start'])) ? (int) $post_data['poll_start'] : 0; 359 $post_data['icon_id'] = (!isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply'))) ? 0 : (int) $post_data['icon_id']; 360 $post_data['poll_options'] = array(); 361 362 // Get Poll Data 363 if ($post_data['poll_start']) 364 { 365 $sql = 'SELECT poll_option_text 366 FROM ' . POLL_OPTIONS_TABLE . " 367 WHERE topic_id = $topic_id 368 ORDER BY poll_option_id"; 369 $result = $db->sql_query($sql); 370 371 while ($row = $db->sql_fetchrow($result)) 372 { 373 $post_data['poll_options'][] = trim($row['poll_option_text']); 374 } 375 $db->sql_freeresult($result); 376 } 377 378 if ($mode == 'edit') 379 { 380 $original_poll_data = array( 381 'poll_title' => $post_data['poll_title'], 382 'poll_length' => $post_data['poll_length'], 383 'poll_max_options' => $post_data['poll_max_options'], 384 'poll_option_text' => implode("\n", $post_data['poll_options']), 385 'poll_start' => $post_data['poll_start'], 386 'poll_last_vote' => $post_data['poll_last_vote'], 387 'poll_vote_change' => $post_data['poll_vote_change'], 388 ); 389 } 390 391 $orig_poll_options_size = sizeof($post_data['poll_options']); 392 393 $message_parser = new parse_message(); 394 395 if (isset($post_data['post_text'])) 396 { 397 $message_parser->message = &$post_data['post_text']; 398 unset($post_data['post_text']); 399 } 400 401 // Set some default variables 402 $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0); 403 404 foreach ($uninit as $var_name => $default_value) 405 { 406 if (!isset($post_data[$var_name])) 407 { 408 $post_data[$var_name] = $default_value; 409 } 410 } 411 unset($uninit); 412 413 // Always check if the submitted attachment data is valid and belongs to the user. 414 // Further down (especially in submit_post()) we do not check this again. 415 $message_parser->get_submitted_attachment_data($post_data['poster_id']); 416 417 if ($post_data['post_attachment'] && !$submit && !$refresh && !$preview && $mode == 'edit') 418 { 419 // Do not change to SELECT * 420 $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename 421 FROM ' . ATTACHMENTS_TABLE . " 422 WHERE post_msg_id = $post_id 423 AND in_message = 0 424 AND is_orphan = 0 425 ORDER BY filetime DESC"; 426 $result = $db->sql_query($sql); 427 $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result)); 428 $db->sql_freeresult($result); 429 } 430 431 if ($post_data['poster_id'] == ANONYMOUS) 432 { 433 $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['post_username']) : ''; 434 } 435 else 436 { 437 $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['username']) : ''; 438 } 439 440 $post_data['enable_urls'] = $post_data['enable_magic_url']; 441 442 if ($mode != 'edit') 443 { 444 $post_data['enable_sig'] = ($config['allow_sig'] && $user->optionget('attachsig')) ? true: false; 445 $post_data['enable_smilies'] = ($config['allow_smilies'] && $user->optionget('smilies')) ? true : false; 446 $post_data['enable_bbcode'] = ($config['allow_bbcode'] && $user->optionget('bbcode')) ? true : false; 447 $post_data['enable_urls'] = true; 448 } 449 450 $post_data['enable_magic_url'] = $post_data['drafts'] = false; 451 452 // User own some drafts? 453 if ($user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote')) 454 { 455 $sql = 'SELECT draft_id 456 FROM ' . DRAFTS_TABLE . ' 457 WHERE user_id = ' . $user->data['user_id'] . 458 (($forum_id) ? ' AND forum_id = ' . (int) $forum_id : '') . 459 (($topic_id) ? ' AND topic_id = ' . (int) $topic_id : '') . 460 (($draft_id) ? " AND draft_id <> $draft_id" : ''); 461 $result = $db->sql_query_limit($sql, 1); 462 463 if ($db->sql_fetchrow($result)) 464 { 465 $post_data['drafts'] = true; 466 } 467 $db->sql_freeresult($result); 468 } 469 470 $check_value = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1); 471 472 // Check if user is watching this topic 473 if ($mode != 'post' && $config['allow_topic_notify'] && $user->data['is_registered']) 474 { 475 $sql = 'SELECT topic_id 476 FROM ' . TOPICS_WATCH_TABLE . ' 477 WHERE topic_id = ' . $topic_id . ' 478 AND user_id = ' . $user->data['user_id']; 479 $result = $db->sql_query($sql); 480 $post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id'); 481 $db->sql_freeresult($result); 482 } 483 484 // Do we want to edit our post ? 485 if ($mode == 'edit' && $post_data['bbcode_uid']) 486 { 487 $message_parser->bbcode_uid = $post_data['bbcode_uid']; 488 } 489 490 // HTML, BBCode, Smilies, Images and Flash status 491 $bbcode_status = ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false; 492 $smilies_status = ($config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false; 493 $img_status = ($bbcode_status && $auth->acl_get('f_img', $forum_id)) ? true : false; 494 $url_status = ($config['allow_post_links']) ? true : false; 495 $flash_status = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false; 496 $quote_status = true; 497 498 // Save Draft 499 if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote')) 500 { 501 $subject = utf8_normalize_nfc(request_var('subject', '', true)); 502 $subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject; 503 $message = utf8_normalize_nfc(request_var('message', '', true)); 504 505 if ($subject && $message) 506 { 507 if (confirm_box(true)) 508 { 509 $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array( 510 'user_id' => (int) $user->data['user_id'], 511 'topic_id' => (int) $topic_id, 512 'forum_id' => (int) $forum_id, 513 'save_time' => (int) $current_time, 514 'draft_subject' => (string) $subject, 515 'draft_message' => (string) $message) 516 ); 517 $db->sql_query($sql); 518 519 $meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id"); 520 521 meta_refresh(3, $meta_info); 522 523 $message = $user->lang['DRAFT_SAVED'] . '<br /><br />'; 524 $message .= ($mode != 'post') ? sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>') . '<br /><br />' : ''; 525 $message .= sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>'); 526 527 trigger_error($message); 528 } 529 else 530 { 531 $s_hidden_fields = build_hidden_fields(array( 532 'mode' => $mode, 533 'save' => true, 534 'f' => $forum_id, 535 't' => $topic_id, 536 'subject' => $subject, 537 'message' => $message, 538 'attachment_data' => $message_parser->attachment_data, 539 ) 540 ); 541 542 $hidden_fields = array( 543 'icon_id' => 0, 544 545 'disable_bbcode' => false, 546 'disable_smilies' => false, 547 'disable_magic_url' => false, 548 'attach_sig' => true, 549 'lock_topic' => false, 550 551 'topic_type' => POST_NORMAL, 552 'topic_time_limit' => 0, 553 554 'poll_title' => '', 555 'poll_option_text' => '', 556 'poll_max_options' => 1, 557 'poll_length' => 0, 558 'poll_vote_change' => false, 559 ); 560 561 foreach ($hidden_fields as $name => $default) 562 { 563 if (!isset($_POST[$name])) 564 { 565 // Don't include it, if its not available 566 unset($hidden_fields[$name]); 567 continue; 568 } 569 570 if (is_bool($default)) 571 { 572 // Use the string representation 573 $hidden_fields[$name] = request_var($name, ''); 574 } 575 else 576 { 577 $hidden_fields[$name] = request_var($name, $default); 578 } 579 } 580 581 $s_hidden_fields .= build_hidden_fields($hidden_fields); 582 583 confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields); 584 } 585 } 586 else 587 { 588 if (utf8_clean_string($subject) === '') 589 { 590 $error[] = $user->lang['EMPTY_SUBJECT']; 591 } 592 593 if (utf8_clean_string($message) === '') 594 { 595 $error[] = $user->lang['TOO_FEW_CHARS']; 596 } 597 } 598 unset($subject, $message); 599 } 600 601 // Load requested Draft 602 if ($draft_id && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $user->data['is_registered'] && $auth->acl_get('u_savedrafts')) 603 { 604 $sql = 'SELECT draft_subject, draft_message 605 FROM ' . DRAFTS_TABLE . " 606 WHERE draft_id = $draft_id 607 AND user_id = " . $user->data['user_id']; 608 $result = $db->sql_query_limit($sql, 1); 609 $row = $db->sql_fetchrow($result); 610 $db->sql_freeresult($result); 611 612 if ($row) 613 { 614 $post_data['post_subject'] = $row['draft_subject']; 615 $message_parser->message = $row['draft_message']; 616 617 $template->assign_var('S_DRAFT_LOADED', true); 618 } 619 else 620 { 621 $draft_id = 0; 622 } 623 } 624 625 // Load draft overview 626 if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_data['drafts']) 627 { 628 load_drafts($topic_id, $forum_id); 629 } 630 631 632 if ($submit || $preview || $refresh) 633 { 634 $post_data['topic_cur_post_id'] = request_var('topic_cur_post_id', 0); 635 $post_data['post_subject'] = utf8_normalize_nfc(request_var('subject', '', true)); 636 $message_parser->message = utf8_normalize_nfc(request_var('message', '', true)); 637 638 $post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true)); 639 $post_data['post_edit_reason'] = (!empty($_POST['edit_reason']) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? utf8_normalize_nfc(request_var('edit_reason', '', true)) : ''; 640 641 $post_data['orig_topic_type'] = $post_data['topic_type']; 642 $post_data['topic_type'] = request_var('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL)); 643 $post_data['topic_time_limit'] = request_var('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0)); 644 645 if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id)) 646 { 647 $post_data['icon_id'] = request_var('icon', (int) $post_data['icon_id']); 648 } 649 650 $post_data['enable_bbcode'] = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true; 651 $post_data['enable_smilies'] = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true; 652 $post_data['enable_urls'] = (isset($_POST['disable_magic_url'])) ? 0 : 1; 653 $post_data['enable_sig'] = (!$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig')) ? false : ((isset($_POST['attach_sig']) && $user->data['is_registered']) ? true : false); 654 655 if ($config['allow_topic_notify'] && $user->data['is_registered']) 656 { 657 $notify = (isset($_POST['notify'])) ? true : false; 658 } 659 else 660 { 661 $notify = false; 662 } 663 664 $topic_lock = (isset($_POST['lock_topic'])) ? true : false; 665 $post_lock = (isset($_POST['lock_post'])) ? true : false; 666 $poll_delete = (isset($_POST['poll_delete'])) ? true : false; 667 668 if ($submit) 669 { 670 $status_switch = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1); 671 $status_switch = ($status_switch != $check_value); 672 } 673 else 674 { 675 $status_switch = 1; 676 } 677 678 // Delete Poll 679 if ($poll_delete && $mode == 'edit' && sizeof($post_data['poll_options']) && 680 ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))) 681 { 682 if ($submit && check_form_key('posting')) 683 { 684 $sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . " 685 WHERE topic_id = $topic_id"; 686 $db->sql_query($sql); 687 688 $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . " 689 WHERE topic_id = $topic_id"; 690 $db->sql_query($sql); 691 692 $topic_sql = array( 693 'poll_title' => '', 694 'poll_start' => 0, 695 'poll_length' => 0, 696 'poll_last_vote' => 0, 697 'poll_max_options' => 0, 698 'poll_vote_change' => 0 699 ); 700 701 $sql = 'UPDATE ' . TOPICS_TABLE . ' 702 SET ' . $db->sql_build_array('UPDATE', $topic_sql) . " 703 WHERE topic_id = $topic_id"; 704 $db->sql_query($sql); 705 } 706 707 $post_data['poll_title'] = $post_data['poll_option_text'] = ''; 708 $post_data['poll_vote_change'] = $post_data['poll_max_options'] = $post_data['poll_length'] = 0; 709 } 710 else 711 { 712 $post_data['poll_title'] = utf8_normalize_nfc(request_var('poll_title', '', true)); 713 $post_data['poll_length'] = request_var('poll_length', 0); 714 $post_data['poll_option_text'] = utf8_normalize_nfc(request_var('poll_option_text', '', true)); 715 $post_data['poll_max_options'] = request_var('poll_max_options', 1); 716 $post_data['poll_vote_change'] = ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0; 717 } 718 719 // If replying/quoting and last post id has changed 720 // give user option to continue submit or return to post 721 // notify and show user the post made between his request and the final submit 722 if (($mode == 'reply' || $mode == 'quote') && $post_data['topic_cur_post_id'] && $post_data['topic_cur_post_id'] != $post_data['topic_last_post_id']) 723 { 724 // Only do so if it is allowed forum-wide 725 if ($post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW) 726 { 727 if (topic_review($topic_id, $forum_id, 'post_review', $post_data['topic_cur_post_id'])) 728 { 729 $template->assign_var('S_POST_REVIEW', true); 730 } 731 732 $submit = false; 733 $refresh = true; 734 } 735 } 736 737 // Parse Attachments - before checksum is calculated 738 $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh); 739 740 // Grab md5 'checksum' of new message 741 $message_md5 = md5($message_parser->message); 742 743 // If editing and checksum has changed we know the post was edited while we're editing 744 // Notify and show user the changed post 745 if ($mode == 'edit' && $post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW) 746 { 747 $edit_post_message_checksum = request_var('edit_post_message_checksum', ''); 748 $edit_post_subject_checksum = request_var('edit_post_subject_checksum', ''); 749 750 // $post_data['post_checksum'] is the checksum of the post submitted in the meantime 751 // $message_md5 is the checksum of the post we're about to submit 752 // $edit_post_message_checksum is the checksum of the post we're editing 753 // ... 754 755 // We make sure nobody else made exactly the same change 756 // we're about to submit by also checking $message_md5 != $post_data['post_checksum'] 757 if (($edit_post_message_checksum !== '' && $edit_post_message_checksum != $post_data['post_checksum'] && $message_md5 != $post_data['post_checksum']) 758 || ($edit_post_subject_checksum !== '' && $edit_post_subject_checksum != $post_data['post_subject_md5'] && md5($post_data['post_subject']) != $post_data['post_subject_md5'])) 759 { 760 if (topic_review($topic_id, $forum_id, 'post_review_edit', $post_id)) 761 { 762 $template->assign_vars(array( 763 'S_POST_REVIEW' => true, 764 765 'L_POST_REVIEW' => $user->lang['POST_REVIEW_EDIT'], 766 'L_POST_REVIEW_EXPLAIN' => $user->lang['POST_REVIEW_EDIT_EXPLAIN'], 767 )); 768 } 769 770 $submit = false; 771 $refresh = true; 772 } 773 } 774 775 // Check checksum ... don't re-parse message if the same 776 $update_message = ($mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN) ? true : false; 777 778 // Also check if subject got updated... 779 $update_subject = $mode != 'edit' || ($post_data['post_subject_md5'] && $post_data['post_subject_md5'] != md5($post_data['post_subject'])); 780 781 // Parse message 782 if ($update_message) 783 { 784 if (sizeof($message_parser->warn_msg)) 785 { 786 $error[] = implode('<br />', $message_parser->warn_msg); 787 $message_parser->warn_msg = array(); 788 } 789 790 $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']); 791 792 // On a refresh we do not care about message parsing errors 793 if (sizeof($message_parser->warn_msg) && $refresh) 794 { 795 $message_parser->warn_msg = array(); 796 } 797 } 798 else 799 { 800 $message_parser->bbcode_bitfield = $post_data['bbcode_bitfield']; 801 } 802 803 if ($mode != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$auth->acl_get('f_ignoreflood', $forum_id)) 804 { 805 // Flood check 806 $last_post_time = 0; 807 808 if ($user->data['is_registered']) 809 { 810 $last_post_time = $user->data['user_lastpost_time']; 811 } 812 else 813 { 814 $sql = 'SELECT post_time AS last_post_time 815 FROM ' . POSTS_TABLE . " 816 WHERE poster_ip = '" . $user->ip . "' 817 AND post_time > " . ($current_time - $config['flood_interval']); 818 $result = $db->sql_query_limit($sql, 1); 819 if ($row = $db->sql_fetchrow($result)) 820 { 821 $last_post_time = $row['last_post_time']; 822 } 823 $db->sql_freeresult($result); 824 } 825 826 if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval'])) 827 { 828 $error[] = $user->lang['FLOOD_ERROR']; 829 } 830 } 831 832 // Validate username 833 if (($post_data['username'] && !$user->data['is_registered']) || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username'])) 834 { 835 include($phpbb_root_path . 'includes/functions_user.' . $phpEx); 836 837 $user->add_lang('ucp'); 838 839 if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false) 840 { 841 $error[] = $user->lang[$result . '_USERNAME']; 842 } 843 844 if (($result = validate_string($post_data['username'], false, $config['min_name_chars'], $config['max_name_chars'])) !== false) 845 { 846 $min_max_amount = ($result == 'TOO_SHORT') ? $config['min_name_chars'] : $config['max_name_chars']; 847 $error[] = sprintf($user->lang['FIELD_' . $result], $user->lang['USERNAME'], $min_max_amount); 848 } 849 } 850 851 if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply'))) 852 { 853 $captcha_data = array( 854 'message' => utf8_normalize_nfc(request_var('message', '', true)), 855 'subject' => utf8_normalize_nfc(request_var('subject', '', true)), 856 'username' => utf8_normalize_nfc(request_var('username', '', true)), 857 ); 858 $vc_response = $captcha->validate($captcha_data); 859 if ($vc_response) 860 { 861 $error[] = $vc_response; 862 } 863 } 864 865 // check form 866 if (($submit || $preview) && !check_form_key('posting')) 867 { 868 $error[] = $user->lang['FORM_INVALID']; 869 } 870 871 // Parse subject 872 if (!$preview && !$refresh && utf8_clean_string($post_data['post_subject']) === '' && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id))) 873 { 874 $error[] = $user->lang['EMPTY_SUBJECT']; 875 } 876 877 $post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0; 878 879 if ($post_data['poll_option_text'] && 880 ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/)) 881 && $auth->acl_get('f_poll', $forum_id)) 882 { 883 $poll = array( 884 'poll_title' => $post_data['poll_title'], 885 'poll_length' => $post_data['poll_length'], 886 'poll_max_options' => $post_data['poll_max_options'], 887 'poll_option_text' => $post_data['poll_option_text'], 888 'poll_start' => $post_data['poll_start'], 889 'poll_last_vote' => $post_data['poll_last_vote'], 890 'poll_vote_change' => $post_data['poll_vote_change'], 891 'enable_bbcode' => $post_data['enable_bbcode'], 892 'enable_urls' => $post_data['enable_urls'], 893 'enable_smilies' => $post_data['enable_smilies'], 894 'img_status' => $img_status 895 ); 896 897 $message_parser->parse_poll($poll); 898 899 $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array(); 900 $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : ''; 901 902 /* We reset votes, therefore also allow removing options 903 if ($post_data['poll_last_vote'] && ($poll['poll_options_size'] < $orig_poll_options_size)) 904 { 905 $message_parser->warn_msg[] = $user->lang['NO_DELETE_POLL_OPTIONS']; 906 }*/ 907 } 908 else if ($mode == 'edit' && $post_id == $post_data['topic_first_post_id'] && $auth->acl_get('f_poll', $forum_id)) 909 { 910 // The user removed all poll options, this is equal to deleting the poll. 911 $poll = array( 912 'poll_title' => '', 913 'poll_length' => 0, 914 'poll_max_options' => 0, 915 'poll_option_text' => '', 916 'poll_start' => 0, 917 'poll_last_vote' => 0, 918 'poll_vote_change' => 0, 919 'poll_options' => array(), 920 ); 921 922 $post_data['poll_options'] = array(); 923 $post_data['poll_title'] = ''; 924 $post_data['poll_start'] = $post_data['poll_length'] = $post_data['poll_max_options'] = $post_data['poll_last_vote'] = $post_data['poll_vote_change'] = 0; 925 } 926 else if (!$auth->acl_get('f_poll', $forum_id) && ($mode == 'edit') && ($post_id == $post_data['topic_first_post_id']) && ($original_poll_data['poll_title'] != '')) 927 { 928 // We have a poll but the editing user is not permitted to create/edit it. 929 // So we just keep the original poll-data. 930 $poll = array_merge($original_poll_data, array( 931 'enable_bbcode' => $post_data['enable_bbcode'], 932 'enable_urls' => $post_data['enable_urls'], 933 'enable_smilies' => $post_data['enable_smilies'], 934 'img_status' => $img_status, 935 )); 936 937 $message_parser->parse_poll($poll); 938 939 $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array(); 940 $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : ''; 941 } 942 else 943 { 944 $poll = array(); 945 } 946 947 // Check topic type 948 if ($post_data['topic_type'] != POST_NORMAL && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id))) 949 { 950 switch ($post_data['topic_type']) 951 { 952 case POST_GLOBAL: 953 case POST_ANNOUNCE: 954 $auth_option = 'f_announce'; 955 break; 956 957 case POST_STICKY: 958 $auth_option = 'f_sticky'; 959 break; 960 961 default: 962 $auth_option = ''; 963 break; 964 } 965 966 if (!$auth->acl_get($auth_option, $forum_id)) 967 { 968 // There is a special case where a user edits his post whereby the topic type got changed by an admin/mod. 969 // Another case would be a mod not having sticky permissions for example but edit permissions. 970 if ($mode == 'edit') 971 { 972 // To prevent non-authed users messing around with the topic type we reset it to the original one. 973 $post_data['topic_type'] = $post_data['orig_topic_type']; 974 } 975 else 976 { 977 $error[] = $user->lang['CANNOT_POST_' . str_replace('F_', '', strtoupper($auth_option))]; 978 } 979 } 980 } 981 982 if (sizeof($message_parser->warn_msg)) 983 { 984 $error[] = implode('<br />', $message_parser->warn_msg); 985 } 986 987 // DNSBL check 988 if ($config['check_dnsbl'] && !$refresh) 989 { 990 if (($dnsbl = $user->check_dnsbl('post')) !== false) 991 { 992 $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]); 993 } 994 } 995 996 // Store message, sync counters 997 if (!sizeof($error) && $submit) 998 { 999 // Check if we want to de-globalize the topic... and ask for new forum 1000 if ($post_data['topic_type'] != POST_GLOBAL) 1001 { 1002 $sql = 'SELECT topic_type, forum_id 1003 FROM ' . TOPICS_TABLE . " 1004 WHERE topic_id = $topic_id"; 1005 $result = $db->sql_query($sql); 1006 $row = $db->sql_fetchrow($result); 1007 $db->sql_freeresult($result); 1008 1009 if ($row && !$row['forum_id'] && $row['topic_type'] == POST_GLOBAL) 1010 { 1011 $to_forum_id = request_var('to_forum_id', 0); 1012 1013 if ($to_forum_id) 1014 { 1015 $sql = 'SELECT forum_type 1016 FROM ' . FORUMS_TABLE . ' 1017 WHERE forum_id = ' . $to_forum_id; 1018 $result = $db->sql_query($sql); 1019 $forum_type = (int) $db->sql_fetchfield('forum_type'); 1020 $db->sql_freeresult($result); 1021 1022 if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id) || !$auth->acl_get('f_noapprove', $to_forum_id)) 1023 { 1024 $to_forum_id = 0; 1025 } 1026 } 1027 1028 if (!$to_forum_id) 1029 { 1030 include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx); 1031 1032 $template->assign_vars(array( 1033 'S_FORUM_SELECT' => make_forum_select(false, false, false, true, true, true), 1034 'S_UNGLOBALISE' => true) 1035 ); 1036 1037 $submit = false; 1038 $refresh = true; 1039 } 1040 else 1041 { 1042 if (!$auth->acl_get('f_post', $to_forum_id)) 1043 { 1044 // This will only be triggered if the user tried to trick the forum. 1045 trigger_error('NOT_AUTHORISED'); 1046 } 1047 1048 $forum_id = $to_forum_id; 1049 } 1050 } 1051 } 1052 1053 if ($submit) 1054 { 1055 // Lock/Unlock Topic 1056 $change_topic_status = $post_data['topic_status']; 1057 $perm_lock_unlock = ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED)) ? true : false; 1058 1059 if ($post_data['topic_status'] == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock) 1060 { 1061 $change_topic_status = ITEM_UNLOCKED; 1062 } 1063 else if ($post_data['topic_status'] == ITEM_UNLOCKED && $topic_lock && $perm_lock_unlock) 1064 { 1065 $change_topic_status = ITEM_LOCKED; 1066 } 1067 1068 if ($change_topic_status != $post_data['topic_status']) 1069 { 1070 $sql = 'UPDATE ' . TOPICS_TABLE . " 1071 SET topic_status = $change_topic_status 1072 WHERE topic_id = $topic_id 1073 AND topic_moved_id = 0"; 1074 $db->sql_query($sql); 1075 1076 $user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster']) ? 'USER_' : ''; 1077 1078 add_log('mod', $forum_id, $topic_id, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), $post_data['topic_title']); 1079 } 1080 1081 // Lock/Unlock Post Edit 1082 if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id)) 1083 { 1084 $post_data['post_edit_locked'] = ITEM_UNLOCKED; 1085 } 1086 else if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id)) 1087 { 1088 $post_data['post_edit_locked'] = ITEM_LOCKED; 1089 } 1090 1091 $data = array( 1092 'topic_title' => (empty($post_data['topic_title'])) ? $post_data['post_subject'] : $post_data['topic_title'], 1093 'topic_first_post_id' => (isset($post_data['topic_first_post_id'])) ? (int) $post_data['topic_first_post_id'] : 0, 1094 'topic_last_post_id' => (isset($post_data['topic_last_post_id'])) ? (int) $post_data['topic_last_post_id'] : 0, 1095 'topic_time_limit' => (int) $post_data['topic_time_limit'], 1096 'topic_attachment' => (isset($post_data['topic_attachment'])) ? (int) $post_data['topic_attachment'] : 0, 1097 'post_id' => (int) $post_id, 1098 'topic_id' => (int) $topic_id, 1099 'forum_id' => (int) $forum_id, 1100 'icon_id' => (int) $post_data['icon_id'], 1101 'poster_id' => (int) $post_data['poster_id'], 1102 'enable_sig' => (bool) $post_data['enable_sig'], 1103 'enable_bbcode' => (bool) $post_data['enable_bbcode'], 1104 'enable_smilies' => (bool) $post_data['enable_smilies'], 1105 'enable_urls' => (bool) $post_data['enable_urls'], 1106 'enable_indexing' => (bool) $post_data['enable_indexing'], 1107 'message_md5' => (string) $message_md5, 1108 'post_time' => (isset($post_data['post_time'])) ? (int) $post_data['post_time'] : $current_time, 1109 'post_checksum' => (isset($post_data['post_checksum'])) ? (string) $post_data['post_checksum'] : '', 1110 'post_edit_reason' => $post_data['post_edit_reason'], 1111 'post_edit_user' => ($mode == 'edit') ? $user->data['user_id'] : ((isset($post_data['post_edit_user'])) ? (int) $post_data['post_edit_user'] : 0), 1112 'forum_parents' => $post_data['forum_parents'], 1113 'forum_name' => $post_data['forum_name'], 1114 'notify' => $notify, 1115 'notify_set' => $post_data['notify_set'], 1116 'poster_ip' => (isset($post_data['poster_ip'])) ? $post_data['poster_ip'] : $user->ip, 1117 'post_edit_locked' => (int) $post_data['post_edit_locked'], 1118 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 1119 'bbcode_uid' => $message_parser->bbcode_uid, 1120 'message' => $message_parser->message, 1121 'attachment_data' => $message_parser->attachment_data, 1122 'filename_data' => $message_parser->filename_data, 1123 1124 'topic_approved' => (isset($post_data['topic_approved'])) ? $post_data['topic_approved'] : false, 1125 'post_approved' => (isset($post_data['post_approved'])) ? $post_data['post_approved'] : false, 1126 ); 1127 1128 if ($mode == 'edit') 1129 { 1130 $data['topic_replies_real'] = $post_data['topic_replies_real']; 1131 $data['topic_replies'] = $post_data['topic_replies']; 1132 } 1133 1134 // Only return the username when it is either a guest posting or we are editing a post and 1135 // the username was supplied; otherwise post_data might hold the data of the post that is 1136 // being quoted (which could result in the username being returned being that of the quoted 1137 // post's poster, not the poster of the current post). See: PHPBB3-11769 for more information. 1138 $post_author_name = ((!$user->data['is_registered'] || $mode == 'edit') && $post_data['username'] !== '') ? $post_data['username'] : ''; 1139 1140 // The last parameter tells submit_post if search indexer has to be run 1141 $redirect_url = submit_post($mode, $post_data['post_subject'], $post_author_name, $post_data['topic_type'], $poll, $data, $update_message, ($update_message || $update_subject) ? true : false); 1142 1143 if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === true) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote')) 1144 { 1145 $captcha->reset(); 1146 } 1147 1148 // Check the permissions for post approval. 1149 // Moderators must go through post approval like ordinary users. 1150 if ((!$auth->acl_get('f_noapprove', $data['forum_id']) && empty($data['force_approved_state'])) || (isset($data['force_approved_state']) && !$data['force_approved_state'])) 1151 { 1152 meta_refresh(10, $redirect_url); 1153 $message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD']; 1154 $message .= (($user->data['user_id'] == ANONYMOUS) ? '' : ' '. $user->lang['POST_APPROVAL_NOTIFY']); 1155 } 1156 else 1157 { 1158 meta_refresh(3, $redirect_url); 1159 1160 $message = ($mode == 'edit') ? 'POST_EDITED' : 'POST_STORED'; 1161 $message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $redirect_url . '">', '</a>'); 1162 } 1163 1164 $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $data['forum_id']) . '">', '</a>'); 1165 trigger_error($message); 1166 } 1167 } 1168 } 1169 1170 // Preview 1171 if (!sizeof($error) && $preview) 1172 { 1173 $post_data['post_time'] = ($mode == 'edit') ? $post_data['post_time'] : $current_time; 1174 1175 $preview_message = $message_parser->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies'], false); 1176 1177 $preview_signature = ($mode == 'edit') ? $post_data['user_sig'] : $user->data['user_sig']; 1178 $preview_signature_uid = ($mode == 'edit') ? $post_data['user_sig_bbcode_uid'] : $user->data['user_sig_bbcode_uid']; 1179 $preview_signature_bitfield = ($mode == 'edit') ? $post_data['user_sig_bbcode_bitfield'] : $user->data['user_sig_bbcode_bitfield']; 1180 1181 // Signature 1182 if ($post_data['enable_sig'] && $config['allow_sig'] && $preview_signature && $auth->acl_get('f_sigs', $forum_id)) 1183 { 1184 $parse_sig = new parse_message($preview_signature); 1185 $parse_sig->bbcode_uid = $preview_signature_uid; 1186 $parse_sig->bbcode_bitfield = $preview_signature_bitfield; 1187 1188 // Not sure about parameters for bbcode/smilies/urls... in signatures 1189 $parse_sig->format_display($config['allow_sig_bbcode'], $config['allow_sig_links'], $config['allow_sig_smilies']); 1190 $preview_signature = $parse_sig->message; 1191 unset($parse_sig); 1192 } 1193 else 1194 { 1195 $preview_signature = ''; 1196 } 1197 1198 $preview_subject = censor_text($post_data['post_subject']); 1199 1200 // Poll Preview 1201 if (!$poll_delete && ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/)) 1202 && $auth->acl_get('f_poll', $forum_id)) 1203 { 1204 $parse_poll = new parse_message($post_data['poll_title']); 1205 $parse_poll->bbcode_uid = $message_parser->bbcode_uid; 1206 $parse_poll->bbcode_bitfield = $message_parser->bbcode_bitfield; 1207 1208 $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']); 1209 1210 if ($post_data['poll_length']) 1211 { 1212 $poll_end = ($post_data['poll_length'] * 86400) + (($post_data['poll_start']) ? $post_data['poll_start'] : time()); 1213 } 1214 1215 $template->assign_vars(array( 1216 'S_HAS_POLL_OPTIONS' => (sizeof($post_data['poll_options'])), 1217 'S_IS_MULTI_CHOICE' => ($post_data['poll_max_options'] > 1) ? true : false, 1218 1219 'POLL_QUESTION' => $parse_poll->message, 1220 1221 'L_POLL_LENGTH' => ($post_data['poll_length']) ? sprintf($user->lang['POLL_RUN_TILL'], $user->format_date($poll_end)) : '', 1222 'L_MAX_VOTES' => ($post_data['poll_max_options'] == 1) ? $user->lang['MAX_OPTION_SELECT'] : sprintf($user->lang['MAX_OPTIONS_SELECT'], $post_data['poll_max_options'])) 1223 ); 1224 1225 $parse_poll->message = implode("\n", $post_data['poll_options']); 1226 $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']); 1227 $preview_poll_options = explode('<br />', $parse_poll->message); 1228 unset($parse_poll); 1229 1230 foreach ($preview_poll_options as $key => $option) 1231 { 1232 $template->assign_block_vars('poll_option', array( 1233 'POLL_OPTION_CAPTION' => $option, 1234 'POLL_OPTION_ID' => $key + 1) 1235 ); 1236 } 1237 unset($preview_poll_options); 1238 } 1239 1240 // Attachment Preview 1241 if (sizeof($message_parser->attachment_data)) 1242 { 1243 $template->assign_var('S_HAS_ATTACHMENTS', true); 1244 1245 $update_count = array(); 1246 $attachment_data = $message_parser->attachment_data; 1247 1248 parse_attachments($forum_id, $preview_message, $attachment_data, $update_count, true); 1249 1250 foreach ($attachment_data as $i => $attachment) 1251 { 1252 $template->assign_block_vars('attachment', array( 1253 'DISPLAY_ATTACHMENT' => $attachment) 1254 ); 1255 } 1256 unset($attachment_data); 1257 } 1258 1259 if (!sizeof($error)) 1260 { 1261 $template->assign_vars(array( 1262 'PREVIEW_SUBJECT' => $preview_subject, 1263 'PREVIEW_MESSAGE' => $preview_message, 1264 'PREVIEW_SIGNATURE' => $preview_signature, 1265 1266 'S_DISPLAY_PREVIEW' => true) 1267 ); 1268 } 1269 } 1270 1271 // Decode text for message display 1272 $post_data['bbcode_uid'] = ($mode == 'quote' && !$preview && !$refresh && !sizeof($error)) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid; 1273 $message_parser->decode_message($post_data['bbcode_uid']); 1274 1275 if ($mode == 'quote' && !$submit && !$preview && !$refresh) 1276 { 1277 if ($config['allow_bbcode']) 1278 { 1279 $message_parser->message = '[quote="' . $post_data['quote_username'] . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n"; 1280 } 1281 else 1282 { 1283 $offset = 0; 1284 $quote_string = "> "; 1285 $message = censor_text(trim($message_parser->message)); 1286 // see if we are nesting. It's easily tricked but should work for one level of nesting 1287 if (strpos($message, ">") !== false) 1288 { 1289 $offset = 10; 1290 } 1291 $message = utf8_wordwrap($message, 75 + $offset, "\n"); 1292 1293 $message = $quote_string . $message; 1294 $message = str_replace("\n", "\n" . $quote_string, $message); 1295 $message_parser->message = $post_data['quote_username'] . " " . $user->lang['WROTE'] . ":\n" . $message . "\n"; 1296 } 1297 } 1298 1299 if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh) 1300 { 1301 $post_data['post_subject'] = ((strpos($post_data['post_subject'], 'Re: ') !== 0) ? 'Re: ' : '') . censor_text($post_data['post_subject']); 1302 } 1303 1304 $attachment_data = $message_parser->attachment_data; 1305 $filename_data = $message_parser->filename_data; 1306 $post_data['post_text'] = $message_parser->message; 1307 1308 if (sizeof($post_data['poll_options']) || !empty($post_data['poll_title'])) 1309 { 1310 $message_parser->message = $post_data['poll_title']; 1311 $message_parser->bbcode_uid = $post_data['bbcode_uid']; 1312 1313 $message_parser->decode_message(); 1314 $post_data['poll_title'] = $message_parser->message; 1315 1316 $message_parser->message = implode("\n", $post_data['poll_options']); 1317 $message_parser->decode_message(); 1318 $post_data['poll_options'] = explode("\n", $message_parser->message); 1319 } 1320 1321 // MAIN POSTING PAGE BEGINS HERE 1322 1323 // Forum moderators? 1324 $moderators = array(); 1325 if ($config['load_moderators']) 1326 { 1327 get_moderators($moderators, $forum_id); 1328 } 1329 1330 // Generate smiley listing 1331 generate_smilies('inline', $forum_id); 1332 1333 // Generate inline attachment select box 1334 posting_gen_inline_attachments($attachment_data); 1335 1336 // Do show topic type selection only in first post. 1337 $topic_type_toggle = false; 1338 1339 if ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id'])) 1340 { 1341 $topic_type_toggle = posting_gen_topic_types($forum_id, $post_data['topic_type']); 1342 } 1343 1344 $s_topic_icons = false; 1345 if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id)) 1346 { 1347 $s_topic_icons = posting_gen_topic_icons($mode, $post_data['icon_id']); 1348 } 1349 1350 $bbcode_checked = (isset($post_data['enable_bbcode'])) ? !$post_data['enable_bbcode'] : (($config['allow_bbcode']) ? !$user->optionget('bbcode') : 1); 1351 $smilies_checked = (isset($post_data['enable_smilies'])) ? !$post_data['enable_smilies'] : (($config['allow_smilies']) ? !$user->optionget('smilies') : 1); 1352 $urls_checked = (isset($post_data['enable_urls'])) ? !$post_data['enable_urls'] : 0; 1353 $sig_checked = $post_data['enable_sig']; 1354 $lock_topic_checked = (isset($topic_lock) && $topic_lock) ? $topic_lock : (($post_data['topic_status'] == ITEM_LOCKED) ? 1 : 0); 1355 $lock_post_checked = (isset($post_lock)) ? $post_lock : $post_data['post_edit_locked']; 1356 1357 // If the user is replying or posting and not already watching this topic but set to always being notified we need to overwrite this setting 1358 $notify_set = ($mode != 'edit' && $config['allow_topic_notify'] && $user->data['is_registered'] && !$post_data['notify_set']) ? $user->data['user_notify'] : $post_data['notify_set']; 1359 $notify_checked = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set); 1360 1361 // Page title & action URL 1362 $s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode&f=$forum_id"); 1363 $s_action .= ($topic_id) ? "&t=$topic_id" : ''; 1364 $s_action .= ($post_id) ? "&p=$post_id" : ''; 1365 1366 switch ($mode) 1367 { 1368 case 'post': 1369 $page_title = $user->lang['POST_TOPIC']; 1370 break; 1371 1372 case 'quote': 1373 case 'reply': 1374 $page_title = $user->lang['POST_REPLY']; 1375 break; 1376 1377 case 'delete': 1378 case 'edit': 1379 $page_title = $user->lang['EDIT_POST']; 1380 break; 1381 } 1382 1383 // Build Navigation Links 1384 generate_forum_nav($post_data); 1385 1386 // Build Forum Rules 1387 generate_forum_rules($post_data); 1388 1389 // Posting uses is_solved for legacy reasons. Plugins have to use is_solved to force themselves to be displayed. 1390 if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === false) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote')) 1391 { 1392 1393 $template->assign_vars(array( 1394 'S_CONFIRM_CODE' => true, 1395 'CAPTCHA_TEMPLATE' => $captcha->get_template(), 1396 )); 1397 } 1398 1399 $s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $post_data['topic_last_post_id'] . '" />' : ''; 1400 $s_hidden_fields .= '<input type="hidden" name="lastclick" value="' . $current_time . '" />'; 1401 $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . request_var('draft_loaded', $draft_id) . '" />' : ''; 1402 1403 if ($mode == 'edit') 1404 { 1405 $s_hidden_fields .= build_hidden_fields(array( 1406 'edit_post_message_checksum' => $post_data['post_checksum'], 1407 'edit_post_subject_checksum' => $post_data['post_subject_md5'], 1408 )); 1409 } 1410 1411 // Add the confirm id/code pair to the hidden fields, else an error is displayed on next submit/preview 1412 if (isset($captcha) && $captcha->is_solved() !== false) 1413 { 1414 $s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields()); 1415 } 1416 1417 $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_attachments'] || !$auth->acl_get('u_attach') || !$auth->acl_get('f_attach', $forum_id)) ? '' : ' enctype="multipart/form-data"'; 1418 add_form_key('posting'); 1419 1420 1421 // Start assigning vars for main posting page ... 1422 $template->assign_vars(array( 1423 'L_POST_A' => $page_title, 1424 'L_ICON' => ($mode == 'reply' || $mode == 'quote' || ($mode == 'edit' && $post_id != $post_data['topic_first_post_id'])) ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'], 1425 'L_MESSAGE_BODY_EXPLAIN' => (intval($config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '', 1426 1427 'FORUM_NAME' => $post_data['forum_name'], 1428 'FORUM_DESC' => ($post_data['forum_desc']) ? generate_text_for_display($post_data['forum_desc'], $post_data['forum_desc_uid'], $post_data['forum_desc_bitfield'], $post_data['forum_desc_options']) : '', 1429 'TOPIC_TITLE' => censor_text($post_data['topic_title']), 1430 'MODERATORS' => (sizeof($moderators)) ? implode(', ', $moderators[$forum_id]) : '', 1431 'USERNAME' => ((!$preview && $mode != 'quote') || $preview) ? $post_data['username'] : '', 1432 'SUBJECT' => $post_data['post_subject'], 1433 'MESSAGE' => $post_data['post_text'], 1434 'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'), 1435 'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 1436 'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], 1437 'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], 1438 'URL_STATUS' => ($bbcode_status && $url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'], 1439 'MAX_FONT_SIZE' => (int) $config['max_post_font_size'], 1440 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['POST']), 1441 'POST_DATE' => ($post_data['post_time']) ? $user->format_date($post_data['post_time']) : '', 1442 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', 1443 'TOPIC_TIME_LIMIT' => (int) $post_data['topic_time_limit'], 1444 'EDIT_REASON' => $post_data['post_edit_reason'], 1445 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"), 1446 'U_VIEW_TOPIC' => ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id") : '', 1447 'U_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup"), 1448 'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup")), 1449 1450 'S_PRIVMSGS' => false, 1451 'S_CLOSE_PROGRESS_WINDOW' => (isset($_POST['add_file'])) ? true : false, 1452 'S_EDIT_POST' => ($mode == 'edit') ? true : false, 1453 'S_EDIT_REASON' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false, 1454 'S_DISPLAY_USERNAME' => (!$user->data['is_registered'] || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS)) ? true : false, 1455 'S_SHOW_TOPIC_ICONS' => $s_topic_icons, 1456 'S_DELETE_ALLOWED' => ($mode == 'edit' && (($post_id == $post_data['topic_last_post_id'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])) || $auth->acl_get('m_delete', $forum_id))) ? true : false, 1457 'S_BBCODE_ALLOWED' => ($bbcode_status) ? 1 : 0, 1458 'S_BBCODE_CHECKED' => ($bbcode_checked) ? ' checked="checked"' : '', 1459 'S_SMILIES_ALLOWED' => $smilies_status, 1460 'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '', 1461 'S_SIG_ALLOWED' => ($auth->acl_get('f_sigs', $forum_id) && $config['allow_sig'] && $user->data['is_registered']) ? true : false, 1462 'S_SIGNATURE_CHECKED' => ($sig_checked) ? ' checked="checked"' : '', 1463 'S_NOTIFY_ALLOWED' => (!$user->data['is_registered'] || ($mode == 'edit' && $user->data['user_id'] != $post_data['poster_id']) || !$config['allow_topic_notify'] || !$config['email_enable']) ? false : true, 1464 'S_NOTIFY_CHECKED' => ($notify_checked) ? ' checked="checked"' : '', 1465 'S_LOCK_TOPIC_ALLOWED' => (($mode == 'edit' || $mode == 'reply' || $mode == 'quote') && ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED))) ? true : false, 1466 'S_LOCK_TOPIC_CHECKED' => ($lock_topic_checked) ? ' checked="checked"' : '', 1467 'S_LOCK_POST_ALLOWED' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false, 1468 'S_LOCK_POST_CHECKED' => ($lock_post_checked) ? ' checked="checked"' : '', 1469 'S_LINKS_ALLOWED' => $url_status, 1470 'S_MAGIC_URL_CHECKED' => ($urls_checked) ? ' checked="checked"' : '', 1471 'S_TYPE_TOGGLE' => $topic_type_toggle, 1472 'S_SAVE_ALLOWED' => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $mode != 'edit') ? true : false, 1473 'S_HAS_DRAFTS' => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $post_data['drafts']) ? true : false, 1474 'S_FORM_ENCTYPE' => $form_enctype, 1475 1476 'S_BBCODE_IMG' => $img_status, 1477 'S_BBCODE_URL' => $url_status, 1478 'S_BBCODE_FLASH' => $flash_status, 1479 'S_BBCODE_QUOTE' => $quote_status, 1480 1481 'S_POST_ACTION' => $s_action, 1482 'S_HIDDEN_FIELDS' => $s_hidden_fields) 1483 ); 1484 1485 // Build custom bbcodes array 1486 display_custom_bbcodes(); 1487 1488 // Poll entry 1489 if (($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/)) 1490 && $auth->acl_get('f_poll', $forum_id)) 1491 { 1492 $template->assign_vars(array( 1493 'S_SHOW_POLL_BOX' => true, 1494 'S_POLL_VOTE_CHANGE' => ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id)), 1495 'S_POLL_DELETE' => ($mode == 'edit' && sizeof($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))), 1496 'S_POLL_DELETE_CHECKED' => (!empty($poll_delete)) ? true : false, 1497 1498 'L_POLL_OPTIONS_EXPLAIN' => sprintf($user->lang['POLL_OPTIONS_' . (($mode == 'edit') ? 'EDIT_' : '') . 'EXPLAIN'], $config['max_poll_options']), 1499 1500 'VOTE_CHANGE_CHECKED' => (!empty($post_data['poll_vote_change'])) ? ' checked="checked"' : '', 1501 'POLL_TITLE' => (isset($post_data['poll_title'])) ? $post_data['poll_title'] : '', 1502 'POLL_OPTIONS' => (!empty($post_data['poll_options'])) ? implode("\n", $post_data['poll_options']) : '', 1503 'POLL_MAX_OPTIONS' => (isset($post_data['poll_max_options'])) ? (int) $post_data['poll_max_options'] : 1, 1504 'POLL_LENGTH' => $post_data['poll_length']) 1505 ); 1506 } 1507 1508 // Show attachment box for adding attachments if true 1509 $allowed = ($auth->acl_get('f_attach', $forum_id) && $auth->acl_get('u_attach') && $config['allow_attachments'] && $form_enctype); 1510 1511 // Attachment entry 1512 posting_gen_attachment_entry($attachment_data, $filename_data, $allowed); 1513 1514 // Output page ... 1515 page_header($page_title, false); 1516 1517 $template->set_filenames(array( 1518 'body' => 'posting_body.html') 1519 ); 1520 1521 make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx")); 1522 1523 // Topic review 1524 if ($mode == 'reply' || $mode == 'quote') 1525 { 1526 if (topic_review($topic_id, $forum_id)) 1527 { 1528 $template->assign_var('S_DISPLAY_REVIEW', true); 1529 } 1530 } 1531 1532 page_footer(); 1533 1534 /** 1535 * Show upload popup (progress bar) 1536 */ 1537 function upload_popup($forum_style = 0) 1538 { 1539 global $template, $user; 1540 1541 ($forum_style) ? $user->setup('posting', $forum_style) : $user->setup('posting'); 1542 1543 page_header($user->lang['PROGRESS_BAR'], false); 1544 1545 $template->set_filenames(array( 1546 'popup' => 'posting_progress_bar.html') 1547 ); 1548 1549 $template->assign_vars(array( 1550 'PROGRESS_BAR' => $user->img('upload_bar', $user->lang['UPLOAD_IN_PROGRESS'])) 1551 ); 1552 1553 $template->display('popup'); 1554 1555 garbage_collection(); 1556 exit_handler(); 1557 } 1558 1559 /** 1560 * Do the various checks required for removing posts as well as removing it 1561 */ 1562 function handle_post_delete($forum_id, $topic_id, $post_id, &$post_data) 1563 { 1564 global $user, $db, $auth, $config; 1565 global $phpbb_root_path, $phpEx; 1566 1567 // If moderator removing post or user itself removing post, present a confirmation screen 1568 if ($auth->acl_get('m_delete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get('f_delete', $forum_id) && $post_id == $post_data['topic_last_post_id'] && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time']))) 1569 { 1570 $s_hidden_fields = build_hidden_fields(array( 1571 'p' => $post_id, 1572 'f' => $forum_id, 1573 'mode' => 'delete') 1574 ); 1575 1576 if (confirm_box(true)) 1577 { 1578 $data = array( 1579 'topic_first_post_id' => $post_data['topic_first_post_id'], 1580 'topic_last_post_id' => $post_data['topic_last_post_id'], 1581 'topic_replies_real' => $post_data['topic_replies_real'], 1582 'topic_approved' => $post_data['topic_approved'], 1583 'topic_type' => $post_data['topic_type'], 1584 'post_approved' => $post_data['post_approved'], 1585 'post_reported' => $post_data['post_reported'], 1586 'post_time' => $post_data['post_time'], 1587 'poster_id' => $post_data['poster_id'], 1588 'post_postcount' => $post_data['post_postcount'] 1589 ); 1590 1591 $next_post_id = delete_post($forum_id, $topic_id, $post_id, $data); 1592 $post_username = ($post_data['poster_id'] == ANONYMOUS && !empty($post_data['post_username'])) ? $post_data['post_username'] : $post_data['username']; 1593 1594 if ($next_post_id === false) 1595 { 1596 add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_TOPIC', $post_data['topic_title'], $post_username); 1597 1598 $meta_info = append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"); 1599 $message = $user->lang['POST_DELETED']; 1600 } 1601 else 1602 { 1603 add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_POST', $post_data['post_subject'], $post_username); 1604 1605 $meta_info = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id&p=$next_post_id") . "#p$next_post_id"; 1606 $message = $user->lang['POST_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>'); 1607 } 1608 1609 meta_refresh(3, $meta_info); 1610 $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>'); 1611 trigger_error($message); 1612 } 1613 else 1614 { 1615 confirm_box(false, 'DELETE_POST', $s_hidden_fields); 1616 } 1617 } 1618 1619 // If we are here the user is not able to delete - present the correct error message 1620 if ($post_data['poster_id'] != $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) 1621 { 1622 trigger_error('DELETE_OWN_POSTS'); 1623 } 1624 1625 if ($post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && $post_id != $post_data['topic_last_post_id']) 1626 { 1627 trigger_error('CANNOT_DELETE_REPLIED'); 1628 } 1629 1630 trigger_error('USER_CANNOT_DELETE'); 1631 } 1632 1633 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Oct 2 15:03:47 2013 | Cross-referenced by PHPXref 0.7.1 |