1 rizwank 1.1 <?php
2 /***************************************************************************
3 * posting.php
4 * -------------------
5 * begin : Saturday, Feb 13, 2001
6 * copyright : (C) 2001 The phpBB Group
7 * email : support@phpbb.com
8 *
9 * $Id: posting.php,v 1.159.2.15 2002/12/03 17:43:59 psotfx Exp $
10 *
11 *
12 ***************************************************************************/
13
14 /***************************************************************************
15 *
16 * This program is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License as published by
18 * the Free Software Foundation; either version 2 of the License, or
19 * (at your option) any later version.
20 *
21 ***************************************************************************/
22 rizwank 1.1
23 define('IN_PHPBB', true);
24 $phpbb_root_path = './';
25 include($phpbb_root_path . 'extension.inc');
26 include($phpbb_root_path . 'common.'.$phpEx);
27 include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
28 include($phpbb_root_path . 'includes/functions_post.'.$phpEx);
29
30 //
31 // Check and set various parameters
32 //
33 $params = array('submit' => 'post', 'confirm' => 'confirm', 'preview' => 'preview', 'delete' => 'delete', 'poll_delete' => 'poll_delete', 'poll_add' => 'add_poll_option', 'poll_edit' => 'edit_poll_option', 'mode' => 'mode');
34 while( list($var, $param) = @each($params) )
35 {
36 if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) )
37 {
38 $$var = ( !empty($HTTP_POST_VARS[$param]) ) ? $HTTP_POST_VARS[$param] : $HTTP_GET_VARS[$param];
39 }
40 else
41 {
42 $$var = '';
43 rizwank 1.1 }
44 }
45
46 $params = array('forum_id' => POST_FORUM_URL, 'topic_id' => POST_TOPIC_URL, 'post_id' => POST_POST_URL);
47 while( list($var, $param) = @each($params) )
48 {
49 if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) )
50 {
51 $$var = ( !empty($HTTP_POST_VARS[$param]) ) ? intval($HTTP_POST_VARS[$param]) : intval($HTTP_GET_VARS[$param]);
52 }
53 else
54 {
55 $$var = '';
56 }
57 }
58
59 $refresh = $preview || $poll_add || $poll_edit || $poll_delete;
60
61 //
62 // Set topic type
63 //
64 rizwank 1.1 $topic_type = ( !empty($HTTP_POST_VARS['topictype']) ) ? intval($HTTP_POST_VARS['topictype']) : POST_NORMAL;
65
66 //
67 // If the mode is set to topic review then output
68 // that review ...
69 //
70 if ( $mode == 'topicreview' )
71 {
72 require($phpbb_root_path . 'includes/topic_review.'.$phpEx);
73
74 topic_review($topic_id, false);
75 exit;
76 }
77 else if ( $mode == 'smilies' )
78 {
79 generate_smilies('window', PAGE_POSTING);
80 exit;
81 }
82
83 //
84 // Start session management
85 rizwank 1.1 //
86 $userdata = session_pagestart($user_ip, PAGE_POSTING);
87 init_userprefs($userdata);
88 //
89 // End session management
90 //
91
92 //
93 // Was cancel pressed? If so then redirect to the appropriate
94 // page, no point in continuing with any further checks
95 //
96 if ( isset($HTTP_POST_VARS['cancel']) )
97 {
98 if ( $post_id )
99 {
100 $redirect = "viewtopic.$phpEx?" . POST_POST_URL . "=$post_id";
101 $post_append = "#$post_id";
102 }
103 else if ( $topic_id )
104 {
105 $redirect = "viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id";
106 rizwank 1.1 $post_append = '';
107 }
108 else if ( $forum_id )
109 {
110 $redirect = "viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id";
111 $post_append = '';
112 }
113 else
114 {
115 $redirect = "index.$phpEx";
116 $post_append = '';
117 }
118
119 redirect(append_sid($redirect, true) . $post_append);
120 }
121
122 //
123 // Compare sid ... if sids don't match
124 // output message ... note that AOL'ers may
125 // obtain this error until the session code
126 // is modified to change the 6 to 4 in the IP
127 rizwank 1.1 // comparison checks ... or if a user takes
128 // longer than session time to submit the form
129 // both can be easily altered by the admin
130 //
131 if ( $submit || $refresh )
132 {
133 if (!isset($HTTP_POST_VARS['sid']) || $HTTP_POST_VARS['sid'] != $userdata['session_id'])
134 {
135 // I've not added this to the language set at this time ... re-releasing
136 // every single language to include this for the once in a blue moon
137 // time it will be output is just not worthwhile at present.
138 message_die(GENERAL_MESSAGE, 'Invalid_session');
139 }
140 }
141
142 //
143 // What auth type do we need to check?
144 //
145 $is_auth = array();
146 switch( $mode )
147 {
148 rizwank 1.1 case 'newtopic':
149 if ( $topic_type == POST_ANNOUNCE )
150 {
151 $is_auth_type = 'auth_announce';
152 }
153 else if ( $topic_type == POST_STICKY )
154 {
155 $is_auth_type = 'auth_sticky';
156 }
157 else
158 {
159 $is_auth_type = 'auth_post';
160 }
161 break;
162 case 'reply':
163 case 'quote':
164 $is_auth_type = 'auth_reply';
165 break;
166 case 'editpost':
167 $is_auth_type = 'auth_edit';
168 break;
169 rizwank 1.1 case 'delete':
170 case 'poll_delete':
171 $is_auth_type = 'auth_delete';
172 break;
173 case 'vote':
174 $is_auth_type = 'auth_vote';
175 break;
176 case 'topicreview':
177 $is_auth_type = 'auth_read';
178 break;
179 default:
180 message_die(GENERAL_MESSAGE, $lang['No_post_mode']);
181 break;
182 }
183
184 //
185 // Here we do various lookups to find topic_id, forum_id, post_id etc.
186 // Doing it here prevents spoofing (eg. faking forum_id, topic_id or post_id
187 //
188 $error_msg = '';
189 $post_data = array();
190 rizwank 1.1 switch ( $mode )
191 {
192 case 'newtopic':
193 if ( empty($forum_id) )
194 {
195 message_die(GENERAL_MESSAGE, $lang['Forum_not_exist']);
196 }
197
198 $sql = "SELECT *
199 FROM " . FORUMS_TABLE . "
200 WHERE forum_id = $forum_id";
201 break;
202
203 case 'reply':
204 case 'vote':
205 if ( empty( $topic_id) )
206 {
207 message_die(GENERAL_MESSAGE, $lang['No_topic_id']);
208 }
209
210 $sql = "SELECT f.*, t.topic_status, t.topic_title
211 rizwank 1.1 FROM " . FORUMS_TABLE . " f, " . TOPICS_TABLE . " t
212 WHERE t.topic_id = $topic_id
213 AND f.forum_id = t.forum_id";
214 break;
215
216 case 'quote':
217 case 'editpost':
218 case 'delete':
219 case 'poll_delete':
220 if ( empty($post_id) )
221 {
222 message_die(GENERAL_MESSAGE, $lang['No_post_id']);
223 }
224
225 $select_sql = ( !$submit ) ? ", t.topic_title, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig" : '';
226 $from_sql = ( !$submit ) ? ", " . POSTS_TEXT_TABLE . " pt, " . USERS_TABLE . " u" : '';
227 $where_sql = ( !$submit ) ? "AND pt.post_id = p.post_id AND u.user_id = p.poster_id" : '';
228
229 $sql = "SELECT f.*, t.topic_id, t.topic_status, t.topic_type, t.topic_first_post_id, t.topic_last_post_id, t.topic_vote, p.post_id, p.poster_id" . $select_sql . "
230 FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f" . $from_sql . "
231 WHERE p.post_id = $post_id
232 rizwank 1.1 AND t.topic_id = p.topic_id
233 AND f.forum_id = p.forum_id
234 $where_sql";
235 break;
236
237 default:
238 message_die(GENERAL_MESSAGE, $lang['No_valid_mode']);
239 }
240
241 if ( $result = $db->sql_query($sql) )
242 {
243 $post_info = $db->sql_fetchrow($result);
244
245 $forum_id = $post_info['forum_id'];
246 $forum_name = $post_info['forum_name'];
247
248 $is_auth = auth(AUTH_ALL, $forum_id, $userdata, $post_info);
249
250 if ( $post_info['forum_status'] == FORUM_LOCKED && !$is_auth['auth_mod'])
251 {
252 message_die(GENERAL_MESSAGE, $lang['Forum_locked']);
253 rizwank 1.1 }
254 else if ( $mode != 'newtopic' && $post_info['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod'])
255 {
256 message_die(GENERAL_MESSAGE, $lang['Topic_locked']);
257 }
258
259 if ( $mode == 'editpost' || $mode == 'delete' || $mode == 'poll_delete' )
260 {
261 $topic_id = $post_info['topic_id'];
262
263 $post_data['poster_post'] = ( $post_info['poster_id'] == $userdata['user_id'] ) ? true : false;
264 $post_data['first_post'] = ( $post_info['topic_first_post_id'] == $post_id ) ? true : false;
265 $post_data['last_post'] = ( $post_info['topic_last_post_id'] == $post_id ) ? true : false;
266 $post_data['last_topic'] = ( $post_info['forum_last_post_id'] == $post_id ) ? true : false;
267 $post_data['has_poll'] = ( $post_info['topic_vote'] ) ? true : false;
268 $post_data['topic_type'] = $post_info['topic_type'];
269 $post_data['poster_id'] = $post_info['poster_id'];
270
271 if ( $post_data['first_post'] && $post_data['has_poll'] )
272 {
273 $sql = "SELECT *
274 rizwank 1.1 FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr
275 WHERE vd.topic_id = $topic_id
276 AND vr.vote_id = vd.vote_id
277 ORDER BY vr.vote_option_id";
278 if ( !($result = $db->sql_query($sql)) )
279 {
280 message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql);
281 }
282
283 $poll_options = array();
284 $poll_results_sum = 0;
285 if ( $row = $db->sql_fetchrow($result) )
286 {
287 $poll_title = $row['vote_text'];
288 $poll_id = $row['vote_id'];
289 $poll_length = $row['vote_length'] / 86400;
290
291 do
292 {
293 $poll_options[$row['vote_option_id']] = $row['vote_option_text'];
294 $poll_results_sum += $row['vote_result'];
295 rizwank 1.1 }
296 while ( $row = $db->sql_fetchrow($result) );
297 }
298
299 $post_data['edit_poll'] = ( ( !$poll_results_sum || $is_auth['auth_mod'] ) && $post_data['first_post'] ) ? true : 0;
300 }
301 else
302 {
303 $post_data['edit_poll'] = ($post_data['first_post'] && $is_auth['auth_pollcreate']) ? true : false;
304 }
305
306 //
307 // Can this user edit/delete the post/poll?
308 //
309 if ( $post_info['poster_id'] != $userdata['user_id'] && !$is_auth['auth_mod'] )
310 {
311 $message = ( $delete || $mode == 'delete' ) ? $lang['Delete_own_posts'] : $lang['Edit_own_posts'];
312 $message .= '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>');
313
314 message_die(GENERAL_MESSAGE, $message);
315 }
316 rizwank 1.1 else if ( !$post_data['last_post'] && !$is_auth['auth_mod'] && ( $mode == 'delete' || $delete ) )
317 {
318 message_die(GENERAL_MESSAGE, $lang['Cannot_delete_replied']);
319 }
320 else if ( !$post_data['edit_poll'] && !$is_auth['auth_mod'] && ( $mode == 'poll_delete' || $poll_delete ) )
321 {
322 message_die(GENERAL_MESSAGE, $lang['Cannot_delete_poll']);
323 }
324 }
325 else
326 {
327 if ( $mode == 'quote' )
328 {
329 $topic_id = $post_info['topic_id'];
330 }
331
332 $post_data['first_post'] = ( $mode == 'newtopic' ) ? true : 0;
333 $post_data['last_post'] = false;
334 $post_data['has_poll'] = false;
335 $post_data['edit_poll'] = false;
336 }
337 rizwank 1.1 }
338 else
339 {
340 message_die(GENERAL_MESSAGE, $lang['No_such_post']);
341 }
342
343 //
344 // The user is not authed, if they're not logged in then redirect
345 // them, else show them an error message
346 //
347 if ( !$is_auth[$is_auth_type] )
348 {
349 if ( $userdata['session_logged_in'] )
350 {
351 message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_' . $is_auth_type], $is_auth[$is_auth_type . "_type"]));
352 }
353
354 switch( $mode )
355 {
356 case 'newtopic':
357 $redirect = "mode=newtopic&" . POST_FORUM_URL . "=" . $forum_id;
358 rizwank 1.1 break;
359 case 'reply':
360 case 'topicreview':
361 $redirect = "mode=reply&" . POST_TOPIC_URL . "=" . $topic_id;
362 break;
363 case 'quote':
364 case 'editpost':
365 $redirect = "mode=quote&" . POST_POST_URL ."=" . $post_id;
366 break;
367 }
368
369 redirect(append_sid("login.$phpEx?redirect=posting.$phpEx&" . $redirect, true));
370 }
371
372 //
373 // Set toggles for various options
374 //
375 if ( !$board_config['allow_html'] )
376 {
377 $html_on = 0;
378 }
379 rizwank 1.1 else
380 {
381 $html_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_html']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_html'] : $userdata['user_allowhtml'] );
382 }
383
384 if ( !$board_config['allow_bbcode'] )
385 {
386 $bbcode_on = 0;
387 }
388 else
389 {
390 $bbcode_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_bbcode']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_bbcode'] : $userdata['user_allowbbcode'] );
391 }
392
393 if ( !$board_config['allow_smilies'] )
394 {
395 $smilies_on = 0;
396 }
397 else
398 {
399 $smilies_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_smilies']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_smilies'] : $userdata['user_allowsmile'] );
400 rizwank 1.1 }
401
402 if ( ($submit || $refresh) && $is_auth['auth_read'])
403 {
404 $notify_user = ( !empty($HTTP_POST_VARS['notify']) ) ? TRUE : 0;
405 }
406 else
407 {
408 if ( $mode != 'newtopic' && $userdata['session_logged_in'] && $is_auth['auth_read'] )
409 {
410 $sql = "SELECT topic_id
411 FROM " . TOPICS_WATCH_TABLE . "
412 WHERE topic_id = $topic_id
413 AND user_id = " . $userdata['user_id'];
414 if ( !($result = $db->sql_query($sql)) )
415 {
416 message_die(GENERAL_ERROR, 'Could not obtain topic watch information', '', __LINE__, __FILE__, $sql);
417 }
418
419 $notify_user = ( $db->sql_fetchrow($result) ) ? TRUE : $userdata['user_notify'];
420 }
421 rizwank 1.1 else
422 {
423 $notify_user = ( $userdata['session_logged_in'] && $is_auth['auth_read'] ) ? $userdata['user_notify'] : 0;
424 }
425 }
426
427 $attach_sig = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['attach_sig']) ) ? TRUE : 0 ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? 0 : $userdata['user_attachsig'] );
428
429 // --------------------
430 // What shall we do?
431 //
432 if ( ( $delete || $poll_delete || $mode == 'delete' ) && !$confirm )
433 {
434 //
435 // Confirm deletion
436 //
437 $s_hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" /><input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';
438 $s_hidden_fields .= ( $delete || $mode == "delete" ) ? '<input type="hidden" name="mode" value="delete" />' : '<input type="hidden" name="mode" value="poll_delete" />';
439
440 $l_confirm = ( $delete || $mode == 'delete' ) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll'];
441
442 rizwank 1.1 //
443 // Output confirmation page
444 //
445 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
446
447 $template->set_filenames(array(
448 'confirm_body' => 'confirm_body.tpl')
449 );
450
451 $template->assign_vars(array(
452 'MESSAGE_TITLE' => $lang['Information'],
453 'MESSAGE_TEXT' => $l_confirm,
454
455 'L_YES' => $lang['Yes'],
456 'L_NO' => $lang['No'],
457
458 'S_CONFIRM_ACTION' => append_sid("posting.$phpEx"),
459 'S_HIDDEN_FIELDS' => $s_hidden_fields)
460 );
461
462 $template->pparse('confirm_body');
463 rizwank 1.1
464 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
465 }
466 else if ( $mode == 'vote' )
467 {
468 //
469 // Vote in a poll
470 //
471 if ( !empty($HTTP_POST_VARS['vote_id']) )
472 {
473 $vote_option_id = intval($HTTP_POST_VARS['vote_id']);
474
475 $sql = "SELECT vd.vote_id
476 FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr
477 WHERE vd.topic_id = $topic_id
478 AND vr.vote_id = vd.vote_id
479 AND vr.vote_option_id = $vote_option_id
480 GROUP BY vd.vote_id";
481 if ( !($result = $db->sql_query($sql)) )
482 {
483 message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql);
484 rizwank 1.1 }
485
486 if ( $vote_info = $db->sql_fetchrow($result) )
487 {
488 $vote_id = $vote_info['vote_id'];
489
490 $sql = "SELECT *
491 FROM " . VOTE_USERS_TABLE . "
492 WHERE vote_id = $vote_id
493 AND vote_user_id = " . $userdata['user_id'];
494 if ( !($result = $db->sql_query($sql)) )
495 {
496 message_die(GENERAL_ERROR, 'Could not obtain user vote data for this topic', '', __LINE__, __FILE__, $sql);
497 }
498
499 if ( !($row = $db->sql_fetchrow($result)) )
500 {
501 $sql = "UPDATE " . VOTE_RESULTS_TABLE . "
502 SET vote_result = vote_result + 1
503 WHERE vote_id = $vote_id
504 AND vote_option_id = $vote_option_id";
505 rizwank 1.1 if ( !$db->sql_query($sql, BEGIN_TRANSACTION) )
506 {
507 message_die(GENERAL_ERROR, 'Could not update poll result', '', __LINE__, __FILE__, $sql);
508 }
509
510 $sql = "INSERT INTO " . VOTE_USERS_TABLE . " (vote_id, vote_user_id, vote_user_ip)
511 VALUES ($vote_id, " . $userdata['user_id'] . ", '$user_ip')";
512 if ( !$db->sql_query($sql, END_TRANSACTION) )
513 {
514 message_die(GENERAL_ERROR, "Could not insert user_id for poll", "", __LINE__, __FILE__, $sql);
515 }
516
517 $message = $lang['Vote_cast'];
518 }
519 else
520 {
521 $message = $lang['Already_voted'];
522 }
523 }
524 else
525 {
526 rizwank 1.1 $message = $lang['No_vote_option'];
527 }
528
529 $template->assign_vars(array(
530 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">')
531 );
532 $message .= '<br /><br />' . sprintf($lang['Click_view_message'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>');
533 message_die(GENERAL_MESSAGE, $message);
534 }
535 }
536 else if ( $submit || $confirm )
537 {
538 //
539 // Submit post/vote (newtopic, edit, reply, etc.)
540 //
541 $return_message = '';
542 $return_meta = '';
543
544 switch ( $mode )
545 {
546 case 'editpost':
547 rizwank 1.1 case 'newtopic':
548 case 'reply':
549 $username = ( !empty($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : '';
550 $subject = ( !empty($HTTP_POST_VARS['subject']) ) ? trim($HTTP_POST_VARS['subject']) : '';
551 $message = ( !empty($HTTP_POST_VARS['message']) ) ? $HTTP_POST_VARS['message'] : '';
552 $poll_title = ( isset($HTTP_POST_VARS['poll_title']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_title'] : '';
553 $poll_options = ( isset($HTTP_POST_VARS['poll_option_text']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_option_text'] : '';
554 $poll_length = ( isset($HTTP_POST_VARS['poll_length']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_length'] : '';
555 $bbcode_uid = '';
556
557 prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $message, $poll_title, $poll_options, $poll_length);
558
559 if ( $error_msg == '' )
560 {
561 $topic_type = ( $topic_type != $post_data['topic_type'] && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] ) ? $post_data['topic_type'] : $topic_type;
562
563 submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, str_replace("\'", "''", $username), str_replace("\'", "''", $subject), str_replace("\'", "''", $message), str_replace("\'", "''", $poll_title), $poll_options, $poll_length);
564 }
565 break;
566
567 case 'delete':
568 rizwank 1.1 case 'poll_delete':
569 delete_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id);
570 break;
571 }
572
573 if ( $error_msg == '' )
574 {
575 if ( $mode != 'editpost' )
576 {
577 $user_id = ( $mode == 'reply' || $mode == 'newtopic' ) ? $userdata['user_id'] : $post_data['poster_id'];
578 update_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $user_id);
579 }
580
581 if ($error_msg == '' && $mode != 'poll_delete')
582 {
583 user_notification($mode, $post_data, $post_info['topic_title'], $forum_id, $topic_id, $post_id, $notify_user);
584 }
585
586 if ( $mode == 'newtopic' || $mode == 'reply' )
587 {
588 $tracking_topics = ( !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) : array();
589 rizwank 1.1 $tracking_forums = ( !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) : array();
590
591 if ( count($tracking_topics) + count($tracking_forums) == 100 && empty($tracking_topics[$topic_id]) )
592 {
593 asort($tracking_topics);
594 unset($tracking_topics[key($tracking_topics)]);
595 }
596
597 $tracking_topics[$topic_id] = time();
598
599 setcookie($board_config['cookie_name'] . '_t', serialize($tracking_topics), 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
600 }
601
602 $template->assign_vars(array(
603 'META' => $return_meta)
604 );
605 message_die(GENERAL_MESSAGE, $return_message);
606 }
607 }
608
609 if( $refresh || isset($HTTP_POST_VARS['del_poll_option']) || $error_msg != '' )
610 rizwank 1.1 {
611 $username = ( !empty($HTTP_POST_VARS['username']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['username']))) : '';
612 $subject = ( !empty($HTTP_POST_VARS['subject']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['subject']))) : '';
613 $message = ( !empty($HTTP_POST_VARS['message']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['message']))) : '';
614
615 $poll_title = ( !empty($HTTP_POST_VARS['poll_title']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['poll_title']))) : '';
616 $poll_length = ( isset($HTTP_POST_VARS['poll_length']) ) ? max(0, intval($HTTP_POST_VARS['poll_length'])) : 0;
617
618 $poll_options = array();
619 if ( !empty($HTTP_POST_VARS['poll_option_text']) )
620 {
621 while( list($option_id, $option_text) = @each($HTTP_POST_VARS['poll_option_text']) )
622 {
623 if( isset($HTTP_POST_VARS['del_poll_option'][$option_id]) )
624 {
625 unset($poll_options[$option_id]);
626 }
627 else if ( !empty($option_text) )
628 {
629 $poll_options[$option_id] = htmlspecialchars(trim(stripslashes($option_text)));
630 }
631 rizwank 1.1 }
632 }
633
634 if ( isset($poll_add) && !empty($HTTP_POST_VARS['add_poll_option_text']) )
635 {
636 $poll_options[] = htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['add_poll_option_text'])));
637 }
638
639 if ( $mode == 'newtopic' || $mode == 'reply')
640 {
641 $user_sig = ( $userdata['user_sig'] != '' && $board_config['allow_sig'] ) ? $userdata['user_sig'] : '';
642 }
643 else if ( $mode == 'editpost' )
644 {
645 $user_sig = ( $post_info['user_sig'] != '' && $board_config['allow_sig'] ) ? $post_info['user_sig'] : '';
646 }
647
648 if( $preview )
649 {
650 $orig_word = array();
651 $replacement_word = array();
652 rizwank 1.1 obtain_word_list($orig_word, $replacement_word);
653
654 $bbcode_uid = ( $bbcode_on ) ? make_bbcode_uid() : '';
655 $preview_message = stripslashes(prepare_message(addslashes(unprepare_message($message)), $html_on, $bbcode_on, $smilies_on, $bbcode_uid));
656 $preview_subject = $subject;
657 $preview_username = $username;
658
659 //
660 // Finalise processing as per viewtopic
661 //
662 if( !$html_on )
663 {
664 if( $user_sig != '' || !$userdata['user_allowhtml'] )
665 {
666 $user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', '<\2>', $user_sig);
667 }
668 }
669
670 if( $attach_sig && $user_sig != '' && $userdata['user_sig_bbcode_uid'] )
671 {
672 $user_sig = bbencode_second_pass($user_sig, $userdata['user_sig_bbcode_uid']);
673 rizwank 1.1 }
674
675 if( $bbcode_on )
676 {
677 $preview_message = bbencode_second_pass($preview_message, $bbcode_uid);
678 }
679
680 if( !empty($orig_word) )
681 {
682 $preview_username = ( !empty($username) ) ? preg_replace($orig_word, $replacement_word, $preview_username) : '';
683 $preview_subject = ( !empty($subject) ) ? preg_replace($orig_word, $replacement_word, $preview_subject) : '';
684 $preview_message = ( !empty($preview_message) ) ? preg_replace($orig_word, $replacement_word, $preview_message) : '';
685 }
686
687 if( $user_sig != '' )
688 {
689 $user_sig = make_clickable($user_sig);
690 }
691 $preview_message = make_clickable($preview_message);
692
693 if( $smilies_on )
694 rizwank 1.1 {
695 if( $userdata['user_allowsmile'] && $user_sig != '' )
696 {
697 $user_sig = smilies_pass($user_sig);
698 }
699
700 $preview_message = smilies_pass($preview_message);
701 }
702
703 if( $attach_sig && $user_sig != '' )
704 {
705 $preview_message = $preview_message . '<br /><br />_________________<br />' . $user_sig;
706 }
707
708 $preview_message = str_replace("\n", '<br />', $preview_message);
709
710 $template->set_filenames(array(
711 'preview' => 'posting_preview.tpl')
712 );
713
714 $template->assign_vars(array(
715 rizwank 1.1 'TOPIC_TITLE' => $preview_subject,
716 'POST_SUBJECT' => $preview_subject,
717 'POSTER_NAME' => $preview_username,
718 'POST_DATE' => create_date($board_config['default_dateformat'], time(), $board_config['board_timezone']),
719 'MESSAGE' => $preview_message,
720
721 'L_POST_SUBJECT' => $lang['Post_subject'],
722 'L_PREVIEW' => $lang['Preview'],
723 'L_POSTED' => $lang['Posted'],
724 'L_POST' => $lang['Post'])
725 );
726 $template->assign_var_from_handle('POST_PREVIEW_BOX', 'preview');
727 }
728 else if( $error_msg != '' )
729 {
730 $template->set_filenames(array(
731 'reg_header' => 'error_body.tpl')
732 );
733 $template->assign_vars(array(
734 'ERROR_MESSAGE' => $error_msg)
735 );
736 rizwank 1.1 $template->assign_var_from_handle('ERROR_BOX', 'reg_header');
737 }
738 }
739 else
740 {
741 //
742 // User default entry point
743 //
744 if ( $mode == 'newtopic' )
745 {
746 $user_sig = ( $userdata['user_sig'] != '' ) ? $userdata['user_sig'] : '';
747
748 $username = ($userdata['session_logged_in']) ? $userdata['username'] : '';
749 $poll_title = '';
750 $poll_length = '';
751 $subject = '';
752 $message = '';
753 }
754 else if ( $mode == 'reply' )
755 {
756 $user_sig = ( $userdata['user_sig'] != '' ) ? $userdata['user_sig'] : '';
757 rizwank 1.1
758 $username = ( $userdata['session_logged_in'] ) ? $userdata['username'] : '';
759 $subject = '';
760 $message = '';
761
762 }
763 else if ( $mode == 'quote' || $mode == 'editpost' )
764 {
765 $subject = ( $post_data['first_post'] ) ? $post_info['topic_title'] : $post_info['post_subject'];
766 $message = $post_info['post_text'];
767
768 if ( $mode == 'editpost' )
769 {
770 $attach_sig = ( $post_info['enable_sig'] && $post_info['user_sig'] != '' ) ? TRUE : 0;
771 $user_sig = $post_info['user_sig'];
772
773 $html_on = ( $post_info['enable_html'] ) ? true : false;
774 $bbcode_on = ( $post_info['enable_bbcode'] ) ? true : false;
775 $smilies_on = ( $post_info['enable_smilies'] ) ? true : false;
776 }
777 else
778 rizwank 1.1 {
779 $attach_sig = ( $userdata['user_attachsig'] ) ? TRUE : 0;
780 $user_sig = $userdata['user_sig'];
781 }
782
783 if ( $post_info['bbcode_uid'] != '' )
784 {
785 $message = preg_replace('/\:(([a-z0-9]:)?)' . $post_info['bbcode_uid'] . '/s', '', $message);
786 }
787
788 $message = str_replace('<', '<', $message);
789 $message = str_replace('>', '>', $message);
790 $message = str_replace('<br />', "\n", $message);
791
792 if ( $mode == 'quote' )
793 {
794 $orig_word = array();
795 $replacement_word = array();
796 obtain_word_list($orig_word, $replace_word);
797
798 $msg_date = create_date($board_config['default_dateformat'], $postrow['post_time'], $board_config['board_timezone']);
799 rizwank 1.1
800 // Use trim to get rid of spaces placed there by MS-SQL 2000
801 $quote_username = ( trim($post_info['post_username']) != '' ) ? $post_info['post_username'] : $post_info['username'];
802 $message = '[quote="' . $quote_username . '"]' . $message . '[/quote]';
803
804 if ( !empty($orig_word) )
805 {
806 $subject = ( !empty($subject) ) ? preg_replace($orig_word, $replace_word, $subject) : '';
807 $message = ( !empty($message) ) ? preg_replace($orig_word, $replace_word, $message) : '';
808 }
809
810 if ( !preg_match('/^Re:/', $subject) && strlen($subject) > 0 )
811 {
812 $subject = 'Re: ' . $subject;
813 }
814
815 $mode = 'reply';
816 }
817 else
818 {
819 $username = ( $post_info['user_id'] == ANONYMOUS && !empty($post_info['post_username']) ) ? $post_info['post_username'] : '';
820 rizwank 1.1 }
821 }
822 }
823
824 //
825 // Signature toggle selection
826 //
827 if( $user_sig != '' )
828 {
829 $template->assign_block_vars('switch_signature_checkbox', array());
830 }
831
832 //
833 // HTML toggle selection
834 //
835 if ( $board_config['allow_html'] )
836 {
837 $html_status = $lang['HTML_is_ON'];
838 $template->assign_block_vars('switch_html_checkbox', array());
839 }
840 else
841 rizwank 1.1 {
842 $html_status = $lang['HTML_is_OFF'];
843 }
844
845 //
846 // BBCode toggle selection
847 //
848 if ( $board_config['allow_bbcode'] )
849 {
850 $bbcode_status = $lang['BBCode_is_ON'];
851 $template->assign_block_vars('switch_bbcode_checkbox', array());
852 }
853 else
854 {
855 $bbcode_status = $lang['BBCode_is_OFF'];
856 }
857
858 //
859 // Smilies toggle selection
860 //
861 if ( $board_config['allow_smilies'] )
862 rizwank 1.1 {
863 $smilies_status = $lang['Smilies_are_ON'];
864 $template->assign_block_vars('switch_smilies_checkbox', array());
865 }
866 else
867 {
868 $smilies_status = $lang['Smilies_are_OFF'];
869 }
870
871 if( !$userdata['session_logged_in'] || ( $mode == 'editpost' && $post_info['poster_id'] == ANONYMOUS ) )
872 {
873 $template->assign_block_vars('switch_username_select', array());
874 }
875
876 //
877 // Notify checkbox - only show if user is logged in
878 //
879 if ( $userdata['session_logged_in'] && $is_auth['auth_read'] )
880 {
881 if ( $mode != 'editpost' || ( $mode == 'editpost' && $post_info['poster_id'] != ANONYMOUS ) )
882 {
883 rizwank 1.1 $template->assign_block_vars('switch_notify_checkbox', array());
884 }
885 }
886
887 //
888 // Delete selection
889 //
890 if ( $mode == 'editpost' && ( ( $is_auth['auth_delete'] && $post_data['last_post'] && ( !$post_data['has_poll'] || $post_data['edit_poll'] ) ) || $is_auth['auth_mod'] ) )
891 {
892 $template->assign_block_vars('switch_delete_checkbox', array());
893 }
894
895 //
896 // Topic type selection
897 //
898 $topic_type_toggle = '';
899 if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] ) )
900 {
901 $template->assign_block_vars('switch_type_toggle', array());
902
903 if( $is_auth['auth_sticky'] )
904 rizwank 1.1 {
905 $topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_STICKY . '"';
906 if ( $post_data['topic_type'] == POST_STICKY || $topic_type == POST_STICKY )
907 {
908 $topic_type_toggle .= ' checked="checked"';
909 }
910 $topic_type_toggle .= ' /> ' . $lang['Post_Sticky'] . ' ';
911 }
912
913 if( $is_auth['auth_announce'] )
914 {
915 $topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_ANNOUNCE . '"';
916 if ( $post_data['topic_type'] == POST_ANNOUNCE || $topic_type == POST_ANNOUNCE )
917 {
918 $topic_type_toggle .= ' checked="checked"';
919 }
920 $topic_type_toggle .= ' /> ' . $lang['Post_Announcement'] . ' ';
921 }
922
923 if ( $topic_type_toggle != '' )
924 {
925 rizwank 1.1 $topic_type_toggle = $lang['Post_topic_as'] . ': <input type="radio" name="topictype" value="' . POST_NORMAL .'"' . ( ( $post_data['topic_type'] == POST_NORMAL || $topic_type == POST_NORMAL ) ? ' checked="checked"' : '' ) . ' /> ' . $lang['Post_Normal'] . ' ' . $topic_type_toggle;
926 }
927 }
928
929 $hidden_form_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" /><input type="hidden" name="mode" value="' . $mode . '" />';
930
931 switch( $mode )
932 {
933 case 'newtopic':
934 $page_title = $lang['Post_a_new_topic'];
935 $hidden_form_fields .= '<input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />';
936 break;
937
938 case 'reply':
939 $page_title = $lang['Post_a_reply'];
940 $hidden_form_fields .= '<input type="hidden" name="' . POST_TOPIC_URL . '" value="' . $topic_id . '" />';
941 break;
942
943 case 'editpost':
944 $page_title = $lang['Edit_Post'];
945 $hidden_form_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';
946 rizwank 1.1 break;
947 }
948
949 // Generate smilies listing for page output
950 generate_smilies('inline', PAGE_POSTING);
951
952 //
953 // Include page header
954 //
955 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
956
957 $template->set_filenames(array(
958 'body' => 'posting_body.tpl',
959 'pollbody' => 'posting_poll_body.tpl',
960 'reviewbody' => 'posting_topic_review.tpl')
961 );
962 make_jumpbox('viewforum.'.$phpEx);
963
964 $template->assign_vars(array(
965 'FORUM_NAME' => $forum_name,
966 'L_POST_A' => $page_title,
967 rizwank 1.1 'L_POST_SUBJECT' => $lang['Post_subject'],
968
969 'U_VIEW_FORUM' => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id"))
970 );
971
972 //
973 // This enables the forum/topic title to be output for posting
974 // but not for privmsg (where it makes no sense)
975 //
976 $template->assign_block_vars('switch_not_privmsg', array());
977
978 //
979 // Output the data to the template
980 //
981 $template->assign_vars(array(
982 'USERNAME' => $username,
983 'SUBJECT' => $subject,
984 'MESSAGE' => $message,
985 'HTML_STATUS' => $html_status,
986 'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'),
987 'SMILIES_STATUS' => $smilies_status,
988 rizwank 1.1
989 'L_SUBJECT' => $lang['Subject'],
990 'L_MESSAGE_BODY' => $lang['Message_body'],
991 'L_OPTIONS' => $lang['Options'],
992 'L_PREVIEW' => $lang['Preview'],
993 'L_SPELLCHECK' => $lang['Spellcheck'],
994 'L_SUBMIT' => $lang['Submit'],
995 'L_CANCEL' => $lang['Cancel'],
996 'L_CONFIRM_DELETE' => $lang['Confirm_delete'],
997 'L_DISABLE_HTML' => $lang['Disable_HTML_post'],
998 'L_DISABLE_BBCODE' => $lang['Disable_BBCode_post'],
999 'L_DISABLE_SMILIES' => $lang['Disable_Smilies_post'],
1000 'L_ATTACH_SIGNATURE' => $lang['Attach_signature'],
1001 'L_NOTIFY_ON_REPLY' => $lang['Notify'],
1002 'L_DELETE_POST' => $lang['Delete_post'],
1003
1004 'L_BBCODE_B_HELP' => $lang['bbcode_b_help'],
1005 'L_BBCODE_I_HELP' => $lang['bbcode_i_help'],
1006 'L_BBCODE_U_HELP' => $lang['bbcode_u_help'],
1007 'L_BBCODE_Q_HELP' => $lang['bbcode_q_help'],
1008 'L_BBCODE_C_HELP' => $lang['bbcode_c_help'],
1009 rizwank 1.1 'L_BBCODE_L_HELP' => $lang['bbcode_l_help'],
1010 'L_BBCODE_O_HELP' => $lang['bbcode_o_help'],
1011 'L_BBCODE_P_HELP' => $lang['bbcode_p_help'],
1012 'L_BBCODE_W_HELP' => $lang['bbcode_w_help'],
1013 'L_BBCODE_A_HELP' => $lang['bbcode_a_help'],
1014 'L_BBCODE_S_HELP' => $lang['bbcode_s_help'],
1015 'L_BBCODE_F_HELP' => $lang['bbcode_f_help'],
1016 'L_EMPTY_MESSAGE' => $lang['Empty_message'],
1017
1018 'L_FONT_COLOR' => $lang['Font_color'],
1019 'L_COLOR_DEFAULT' => $lang['color_default'],
1020 'L_COLOR_DARK_RED' => $lang['color_dark_red'],
1021 'L_COLOR_RED' => $lang['color_red'],
1022 'L_COLOR_ORANGE' => $lang['color_orange'],
1023 'L_COLOR_BROWN' => $lang['color_brown'],
1024 'L_COLOR_YELLOW' => $lang['color_yellow'],
1025 'L_COLOR_GREEN' => $lang['color_green'],
1026 'L_COLOR_OLIVE' => $lang['color_olive'],
1027 'L_COLOR_CYAN' => $lang['color_cyan'],
1028 'L_COLOR_BLUE' => $lang['color_blue'],
1029 'L_COLOR_DARK_BLUE' => $lang['color_dark_blue'],
1030 rizwank 1.1 'L_COLOR_INDIGO' => $lang['color_indigo'],
1031 'L_COLOR_VIOLET' => $lang['color_violet'],
1032 'L_COLOR_WHITE' => $lang['color_white'],
1033 'L_COLOR_BLACK' => $lang['color_black'],
1034
1035 'L_FONT_SIZE' => $lang['Font_size'],
1036 'L_FONT_TINY' => $lang['font_tiny'],
1037 'L_FONT_SMALL' => $lang['font_small'],
1038 'L_FONT_NORMAL' => $lang['font_normal'],
1039 'L_FONT_LARGE' => $lang['font_large'],
1040 'L_FONT_HUGE' => $lang['font_huge'],
1041
1042 'L_BBCODE_CLOSE_TAGS' => $lang['Close_Tags'],
1043 'L_STYLES_TIP' => $lang['Styles_tip'],
1044
1045 'U_VIEWTOPIC' => ( $mode == 'reply' ) ? append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id&postorder=desc") : '',
1046 'U_REVIEW_TOPIC' => ( $mode == 'reply' ) ? append_sid("posting.$phpEx?mode=topicreview&" . POST_TOPIC_URL . "=$topic_id") : '',
1047
1048 'S_HTML_CHECKED' => ( !$html_on ) ? 'checked="checked"' : '',
1049 'S_BBCODE_CHECKED' => ( !$bbcode_on ) ? 'checked="checked"' : '',
1050 'S_SMILIES_CHECKED' => ( !$smilies_on ) ? 'checked="checked"' : '',
1051 rizwank 1.1 'S_SIGNATURE_CHECKED' => ( $attach_sig ) ? 'checked="checked"' : '',
1052 'S_NOTIFY_CHECKED' => ( $notify_user ) ? 'checked="checked"' : '',
1053 'S_TYPE_TOGGLE' => $topic_type_toggle,
1054 'S_TOPIC_ID' => $topic_id,
1055 'S_POST_ACTION' => append_sid("posting.$phpEx"),
1056 'S_HIDDEN_FORM_FIELDS' => $hidden_form_fields)
1057 );
1058
1059 //
1060 // Poll entry switch/output
1061 //
1062 if( ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['edit_poll']) ) && $is_auth['auth_pollcreate'] )
1063 {
1064 $template->assign_vars(array(
1065 'L_ADD_A_POLL' => $lang['Add_poll'],
1066 'L_ADD_POLL_EXPLAIN' => $lang['Add_poll_explain'],
1067 'L_POLL_QUESTION' => $lang['Poll_question'],
1068 'L_POLL_OPTION' => $lang['Poll_option'],
1069 'L_ADD_OPTION' => $lang['Add_option'],
1070 'L_UPDATE_OPTION' => $lang['Update'],
1071 'L_DELETE_OPTION' => $lang['Delete'],
1072 rizwank 1.1 'L_POLL_LENGTH' => $lang['Poll_for'],
1073 'L_DAYS' => $lang['Days'],
1074 'L_POLL_LENGTH_EXPLAIN' => $lang['Poll_for_explain'],
1075 'L_POLL_DELETE' => $lang['Delete_poll'],
1076
1077 'POLL_TITLE' => $poll_title,
1078 'POLL_LENGTH' => $poll_length)
1079 );
1080
1081 if( $mode == 'editpost' && $post_data['edit_poll'] )
1082 {
1083 $template->assign_block_vars('switch_poll_delete_toggle', array());
1084 }
1085
1086 if( !empty($poll_options) )
1087 {
1088 while( list($option_id, $option_text) = each($poll_options) )
1089 {
1090 $template->assign_block_vars('poll_option_rows', array(
1091 'POLL_OPTION' => str_replace('"', '"', $option_text),
1092
1093 rizwank 1.1 'S_POLL_OPTION_NUM' => $option_id)
1094 );
1095 }
1096 }
1097
1098 $template->assign_var_from_handle('POLLBOX', 'pollbody');
1099 }
1100
1101 //
1102 // Topic review
1103 //
1104 if( $mode == 'reply' && $is_auth['auth_read'] )
1105 {
1106 require($phpbb_root_path . 'includes/topic_review.'.$phpEx);
1107 topic_review($topic_id, true);
1108
1109 $template->assign_block_vars('switch_inline_mode', array());
1110 $template->assign_var_from_handle('TOPIC_REVIEW_BOX', 'reviewbody');
1111 }
1112
1113 $template->pparse('body');
1114 rizwank 1.1
1115 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
1116
1117 ?>
|
Return to
posting.php
CVS log
Up to [RizwankCVS] / geekymedia_web / phpBB2