Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Blame
Revision Log

source: www/forum/posting.php@ 1

Last change on this file since 1 was 1, checked in by george, 17 years ago
Prvotní import všeho
Property svn:executable set to ``*
File size: 33.6 KB

Line
1	<?php
2	/***************************************************************************
3	* posting.php
4	* -------------------
5	* begin : Saturday, Feb 13, 2001
6	* copyright : (C) 2001 The phpBB Group
7	* email : support@phpbb.com
8	*
9	* $Id: posting.php,v 1.159.2.23 2005/05/06 20:50:10 acydburn Exp $
10	*
11	*
12	***************************************************************************/
13
14	/***************************************************************************
15	*
16	* This program is free software; you can redistribute it and/or modify
17	* it under the terms of the GNU General Public License as published by
18	* the Free Software Foundation; either version 2 of the License, or
19	* (at your option) any later version.
20	*
21	***************************************************************************/
22
23	define('IN_PHPBB', true);
24	$phpbb_root_path = './';
25	include($phpbb_root_path . 'extension.inc');
26	include($phpbb_root_path . 'common.'.$phpEx);
27	include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
28	include($phpbb_root_path . 'includes/functions_post.'.$phpEx);
29
30	//
31	// Check and set various parameters
32	//
33	$params = array('submit' => 'post', 'preview' => 'preview', 'delete' => 'delete', 'poll_delete' => 'poll_delete', 'poll_add' => 'add_poll_option', 'poll_edit' => 'edit_poll_option', 'mode' => 'mode');
34	while( list($var, $param) = @each($params) )
35	{
36	if ( !empty($HTTP_POST_VARS[$param]) \|\| !empty($HTTP_GET_VARS[$param]) )
37	{
38	$$var = ( !empty($HTTP_POST_VARS[$param]) ) ? htmlspecialchars($HTTP_POST_VARS[$param]) : htmlspecialchars($HTTP_GET_VARS[$param]);
39	}
40	else
41	{
42	$$var = '';
43	}
44	}
45
46	$confirm = isset($HTTP_POST_VARS['confirm']) ? true : false;
47
48	$params = array('forum_id' => POST_FORUM_URL, 'topic_id' => POST_TOPIC_URL, 'post_id' => POST_POST_URL);
49	while( list($var, $param) = @each($params) )
50	{
51	if ( !empty($HTTP_POST_VARS[$param]) \|\| !empty($HTTP_GET_VARS[$param]) )
52	{
53	$$var = ( !empty($HTTP_POST_VARS[$param]) ) ? intval($HTTP_POST_VARS[$param]) : intval($HTTP_GET_VARS[$param]);
54	}
55	else
56	{
57	$$var = '';
58	}
59	}
60
61	$refresh = $preview \|\| $poll_add \|\| $poll_edit \|\| $poll_delete;
62
63	//
64	// Set topic type
65	//
66	$topic_type = ( !empty($HTTP_POST_VARS['topictype']) ) ? intval($HTTP_POST_VARS['topictype']) : POST_NORMAL;
67
68	//
69	// If the mode is set to topic review then output
70	// that review ...
71	//
72	if ( $mode == 'topicreview' )
73	{
74	require($phpbb_root_path . 'includes/topic_review.'.$phpEx);
75
76	topic_review($topic_id, false);
77	exit;
78	}
79	else if ( $mode == 'smilies' )
80	{
81	generate_smilies('window', PAGE_POSTING);
82	exit;
83	}
84
85	//
86	// Start session management
87	//
88	$userdata = session_pagestart($user_ip, PAGE_POSTING);
89	init_userprefs($userdata);
90	//
91	// End session management
92	//
93
94	//
95	// Was cancel pressed? If so then redirect to the appropriate
96	// page, no point in continuing with any further checks
97	//
98	if ( isset($HTTP_POST_VARS['cancel']) )
99	{
100	if ( $post_id )
101	{
102	$redirect = "viewtopic.$phpEx?" . POST_POST_URL . "=$post_id";
103	$post_append = "#$post_id";
104	}
105	else if ( $topic_id )
106	{
107	$redirect = "viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id";
108	$post_append = '';
109	}
110	else if ( $forum_id )
111	{
112	$redirect = "viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id";
113	$post_append = '';
114	}
115	else
116	{
117	$redirect = "index.$phpEx";
118	$post_append = '';
119	}
120
121	redirect(append_sid($redirect, true) . $post_append);
122	}
123
124	//
125	// What auth type do we need to check?
126	//
127	$is_auth = array();
128	switch( $mode )
129	{
130	case 'newtopic':
131	if ( $topic_type == POST_ANNOUNCE )
132	{
133	$is_auth_type = 'auth_announce';
134	}
135	else if ( $topic_type == POST_STICKY )
136	{
137	$is_auth_type = 'auth_sticky';
138	}
139	else
140	{
141	$is_auth_type = 'auth_post';
142	}
143	break;
144	case 'reply':
145	case 'quote':
146	$is_auth_type = 'auth_reply';
147	break;
148	case 'editpost':
149	$is_auth_type = 'auth_edit';
150	break;
151	case 'delete':
152	case 'poll_delete':
153	$is_auth_type = 'auth_delete';
154	break;
155	case 'vote':
156	$is_auth_type = 'auth_vote';
157	break;
158	case 'topicreview':
159	$is_auth_type = 'auth_read';
160	break;
161	default:
162	message_die(GENERAL_MESSAGE, $lang['No_post_mode']);
163	break;
164	}
165
166	//
167	// Here we do various lookups to find topic_id, forum_id, post_id etc.
168	// Doing it here prevents spoofing (eg. faking forum_id, topic_id or post_id
169	//
170	$error_msg = '';
171	$post_data = array();
172	switch ( $mode )
173	{
174	case 'newtopic':
175	if ( empty($forum_id) )
176	{
177	message_die(GENERAL_MESSAGE, $lang['Forum_not_exist']);
178	}
179
180	$sql = "SELECT *
181	FROM " . FORUMS_TABLE . "
182	WHERE forum_id = $forum_id";
183	break;
184
185	case 'reply':
186	case 'vote':
187	if ( empty( $topic_id) )
188	{
189	message_die(GENERAL_MESSAGE, $lang['No_topic_id']);
190	}
191
192	$sql = "SELECT f.*, t.topic_status, t.topic_title
193	FROM " . FORUMS_TABLE . " f, " . TOPICS_TABLE . " t
194	WHERE t.topic_id = $topic_id
195	AND f.forum_id = t.forum_id";
196	break;
197
198	case 'quote':
199	case 'editpost':
200	case 'delete':
201	case 'poll_delete':
202	if ( empty($post_id) )
203	{
204	message_die(GENERAL_MESSAGE, $lang['No_post_id']);
205	}
206
207	$select_sql = ( !$submit ) ? ", t.topic_title, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig" : '';
208	$from_sql = ( !$submit ) ? ", " . POSTS_TEXT_TABLE . " pt, " . USERS_TABLE . " u" : '';
209	$where_sql = ( !$submit ) ? "AND pt.post_id = p.post_id AND u.user_id = p.poster_id" : '';
210
211	$sql = "SELECT f.*, t.topic_id, t.topic_status, t.topic_type, t.topic_first_post_id, t.topic_last_post_id, t.topic_vote, p.post_id, p.poster_id" . $select_sql . "
212	FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f" . $from_sql . "
213	WHERE p.post_id = $post_id
214	AND t.topic_id = p.topic_id
215	AND f.forum_id = p.forum_id
216	$where_sql";
217	break;
218
219	default:
220	message_die(GENERAL_MESSAGE, $lang['No_valid_mode']);
221	}
222
223	if ( $result = $db->sql_query($sql) )
224	{
225	$post_info = $db->sql_fetchrow($result);
226	$db->sql_freeresult($result);
227
228	$forum_id = $post_info['forum_id'];
229	$forum_name = $post_info['forum_name'];
230
231	$is_auth = auth(AUTH_ALL, $forum_id, $userdata, $post_info);
232
233	if ( $post_info['forum_status'] == FORUM_LOCKED && !$is_auth['auth_mod'])
234	{
235	message_die(GENERAL_MESSAGE, $lang['Forum_locked']);
236	}
237	else if ( $mode != 'newtopic' && $post_info['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod'])
238	{
239	message_die(GENERAL_MESSAGE, $lang['Topic_locked']);
240	}
241
242	if ( $mode == 'editpost' \|\| $mode == 'delete' \|\| $mode == 'poll_delete' )
243	{
244	$topic_id = $post_info['topic_id'];
245
246	$post_data['poster_post'] = ( $post_info['poster_id'] == $userdata['user_id'] ) ? true : false;
247	$post_data['first_post'] = ( $post_info['topic_first_post_id'] == $post_id ) ? true : false;
248	$post_data['last_post'] = ( $post_info['topic_last_post_id'] == $post_id ) ? true : false;
249	$post_data['last_topic'] = ( $post_info['forum_last_post_id'] == $post_id ) ? true : false;
250	$post_data['has_poll'] = ( $post_info['topic_vote'] ) ? true : false;
251	$post_data['topic_type'] = $post_info['topic_type'];
252	$post_data['poster_id'] = $post_info['poster_id'];
253
254	if ( $post_data['first_post'] && $post_data['has_poll'] )
255	{
256	$sql = "SELECT *
257	FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr
258	WHERE vd.topic_id = $topic_id
259	AND vr.vote_id = vd.vote_id
260	ORDER BY vr.vote_option_id";
261	if ( !($result = $db->sql_query($sql)) )
262	{
263	message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql);
264	}
265
266	$poll_options = array();
267	$poll_results_sum = 0;
268	if ( $row = $db->sql_fetchrow($result) )
269	{
270	$poll_title = $row['vote_text'];
271	$poll_id = $row['vote_id'];
272	$poll_length = $row['vote_length'] / 86400;
273
274	do
275	{
276	$poll_options[$row['vote_option_id']] = $row['vote_option_text'];
277	$poll_results_sum += $row['vote_result'];
278	}
279	while ( $row = $db->sql_fetchrow($result) );
280	}
281	$db->sql_freeresult($result);
282
283	$post_data['edit_poll'] = ( ( !$poll_results_sum \|\| $is_auth['auth_mod'] ) && $post_data['first_post'] ) ? true : 0;
284	}
285	else
286	{
287	$post_data['edit_poll'] = ($post_data['first_post'] && $is_auth['auth_pollcreate']) ? true : false;
288	}
289
290	//
291	// Can this user edit/delete the post/poll?
292	//
293	if ( $post_info['poster_id'] != $userdata['user_id'] && !$is_auth['auth_mod'] )
294	{
295	$message = ( $delete \|\| $mode == 'delete' ) ? $lang['Delete_own_posts'] : $lang['Edit_own_posts'];
296	$message .= '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>');
297
298	message_die(GENERAL_MESSAGE, $message);
299	}
300	else if ( !$post_data['last_post'] && !$is_auth['auth_mod'] && ( $mode == 'delete' \|\| $delete ) )
301	{
302	message_die(GENERAL_MESSAGE, $lang['Cannot_delete_replied']);
303	}
304	else if ( !$post_data['edit_poll'] && !$is_auth['auth_mod'] && ( $mode == 'poll_delete' \|\| $poll_delete ) )
305	{
306	message_die(GENERAL_MESSAGE, $lang['Cannot_delete_poll']);
307	}
308	}
309	else
310	{
311	if ( $mode == 'quote' )
312	{
313	$topic_id = $post_info['topic_id'];
314	}
315
316	$post_data['first_post'] = ( $mode == 'newtopic' ) ? true : 0;
317	$post_data['last_post'] = false;
318	$post_data['has_poll'] = false;
319	$post_data['edit_poll'] = false;
320	}
321	}
322	else
323	{
324	message_die(GENERAL_MESSAGE, $lang['No_such_post']);
325	}
326
327	//
328	// The user is not authed, if they're not logged in then redirect
329	// them, else show them an error message
330	//
331	if ( !$is_auth[$is_auth_type] )
332	{
333	if ( $userdata['session_logged_in'] )
334	{
335	message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_' . $is_auth_type], $is_auth[$is_auth_type . "_type"]));
336	}
337
338	switch( $mode )
339	{
340	case 'newtopic':
341	$redirect = "mode=newtopic&" . POST_FORUM_URL . "=" . $forum_id;
342	break;
343	case 'reply':
344	case 'topicreview':
345	$redirect = "mode=reply&" . POST_TOPIC_URL . "=" . $topic_id;
346	break;
347	case 'quote':
348	case 'editpost':
349	$redirect = "mode=quote&" . POST_POST_URL ."=" . $post_id;
350	break;
351	}
352
353	redirect(append_sid("login.$phpEx?redirect=posting.$phpEx&" . $redirect, true));
354	}
355
356	//
357	// Set toggles for various options
358	//
359	if ( !$board_config['allow_html'] )
360	{
361	$html_on = 0;
362	}
363	else
364	{
365	$html_on = ( $submit \|\| $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_html']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_html'] : $userdata['user_allowhtml'] );
366	}
367
368	if ( !$board_config['allow_bbcode'] )
369	{
370	$bbcode_on = 0;
371	}
372	else
373	{
374	$bbcode_on = ( $submit \|\| $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_bbcode']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_bbcode'] : $userdata['user_allowbbcode'] );
375	}
376
377	if ( !$board_config['allow_smilies'] )
378	{
379	$smilies_on = 0;
380	}
381	else
382	{
383	$smilies_on = ( $submit \|\| $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_smilies']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_smilies'] : $userdata['user_allowsmile'] );
384	}
385
386	if ( ($submit \|\| $refresh) && $is_auth['auth_read'])
387	{
388	$notify_user = ( !empty($HTTP_POST_VARS['notify']) ) ? TRUE : 0;
389	}
390	else
391	{
392	if ( $mode != 'newtopic' && $userdata['session_logged_in'] && $is_auth['auth_read'] )
393	{
394	$sql = "SELECT topic_id
395	FROM " . TOPICS_WATCH_TABLE . "
396	WHERE topic_id = $topic_id
397	AND user_id = " . $userdata['user_id'];
398	if ( !($result = $db->sql_query($sql)) )
399	{
400	message_die(GENERAL_ERROR, 'Could not obtain topic watch information', '', __LINE__, __FILE__, $sql);
401	}
402
403	$notify_user = ( $db->sql_fetchrow($result) ) ? TRUE : $userdata['user_notify'];
404	$db->sql_freeresult($result);
405	}
406	else
407	{
408	$notify_user = ( $userdata['session_logged_in'] && $is_auth['auth_read'] ) ? $userdata['user_notify'] : 0;
409	}
410	}
411
412	$attach_sig = ( $submit \|\| $refresh ) ? ( ( !empty($HTTP_POST_VARS['attach_sig']) ) ? TRUE : 0 ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? 0 : $userdata['user_attachsig'] );
413
414	// --------------------
415	// What shall we do?
416	//
417	if ( ( $delete \|\| $poll_delete \|\| $mode == 'delete' ) && !$confirm )
418	{
419	//
420	// Confirm deletion
421	//
422	$s_hidden_fields = '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';
423	$s_hidden_fields .= ( $delete \|\| $mode == "delete" ) ? '<input type="hidden" name="mode" value="delete" />' : '<input type="hidden" name="mode" value="poll_delete" />';
424
425	$l_confirm = ( $delete \|\| $mode == 'delete' ) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll'];
426
427	//
428	// Output confirmation page
429	//
430	include($phpbb_root_path . 'includes/page_header.'.$phpEx);
431
432	$template->set_filenames(array(
433	'confirm_body' => 'confirm_body.tpl')
434	);
435
436	$template->assign_vars(array(
437	'MESSAGE_TITLE' => $lang['Information'],
438	'MESSAGE_TEXT' => $l_confirm,
439
440	'L_YES' => $lang['Yes'],
441	'L_NO' => $lang['No'],
442
443	'S_CONFIRM_ACTION' => append_sid("posting.$phpEx"),
444	'S_HIDDEN_FIELDS' => $s_hidden_fields)
445	);
446
447	$template->pparse('confirm_body');
448
449	include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
450	}
451	else if ( $mode == 'vote' )
452	{
453	//
454	// Vote in a poll
455	//
456	if ( !empty($HTTP_POST_VARS['vote_id']) )
457	{
458	$vote_option_id = intval($HTTP_POST_VARS['vote_id']);
459
460	$sql = "SELECT vd.vote_id
461	FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr
462	WHERE vd.topic_id = $topic_id
463	AND vr.vote_id = vd.vote_id
464	AND vr.vote_option_id = $vote_option_id
465	GROUP BY vd.vote_id";
466	if ( !($result = $db->sql_query($sql)) )
467	{
468	message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql);
469	}
470
471	if ( $vote_info = $db->sql_fetchrow($result) )
472	{
473	$vote_id = $vote_info['vote_id'];
474
475	$sql = "SELECT *
476	FROM " . VOTE_USERS_TABLE . "
477	WHERE vote_id = $vote_id
478	AND vote_user_id = " . $userdata['user_id'];
479	if ( !($result2 = $db->sql_query($sql)) )
480	{
481	message_die(GENERAL_ERROR, 'Could not obtain user vote data for this topic', '', __LINE__, __FILE__, $sql);
482	}
483
484	if ( !($row = $db->sql_fetchrow($result2)) )
485	{
486	$sql = "UPDATE " . VOTE_RESULTS_TABLE . "
487	SET vote_result = vote_result + 1
488	WHERE vote_id = $vote_id
489	AND vote_option_id = $vote_option_id";
490	if ( !$db->sql_query($sql, BEGIN_TRANSACTION) )
491	{
492	message_die(GENERAL_ERROR, 'Could not update poll result', '', __LINE__, __FILE__, $sql);
493	}
494
495	$sql = "INSERT INTO " . VOTE_USERS_TABLE . " (vote_id, vote_user_id, vote_user_ip)
496	VALUES ($vote_id, " . $userdata['user_id'] . ", '$user_ip')";
497	if ( !$db->sql_query($sql, END_TRANSACTION) )
498	{
499	message_die(GENERAL_ERROR, "Could not insert user_id for poll", "", __LINE__, __FILE__, $sql);
500	}
501
502	$message = $lang['Vote_cast'];
503	}
504	else
505	{
506	$message = $lang['Already_voted'];
507	}
508	$db->sql_freeresult($result2);
509	}
510	else
511	{
512	$message = $lang['No_vote_option'];
513	}
514	$db->sql_freeresult($result);
515
516	$template->assign_vars(array(
517	'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">')
518	);
519	$message .= '<br /><br />' . sprintf($lang['Click_view_message'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>');
520	message_die(GENERAL_MESSAGE, $message);
521	}
522	else
523	{
524	redirect(append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id", true));
525	}
526	}
527	else if ( $submit \|\| $confirm )
528	{
529	//
530	// Submit post/vote (newtopic, edit, reply, etc.)
531	//
532	$return_message = '';
533	$return_meta = '';
534
535	switch ( $mode )
536	{
537	case 'editpost':
538	case 'newtopic':
539	case 'reply':
540	$username = ( !empty($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : '';
541	$subject = ( !empty($HTTP_POST_VARS['subject']) ) ? trim($HTTP_POST_VARS['subject']) : '';
542	$message = ( !empty($HTTP_POST_VARS['message']) ) ? $HTTP_POST_VARS['message'] : '';
543	$poll_title = ( isset($HTTP_POST_VARS['poll_title']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_title'] : '';
544	$poll_options = ( isset($HTTP_POST_VARS['poll_option_text']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_option_text'] : '';
545	$poll_length = ( isset($HTTP_POST_VARS['poll_length']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_length'] : '';
546	$bbcode_uid = '';
547
548	prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $message, $poll_title, $poll_options, $poll_length);
549
550	if ( $error_msg == '' )
551	{
552	$topic_type = ( $topic_type != $post_data['topic_type'] && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] ) ? $post_data['topic_type'] : $topic_type;
553
554	submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, str_replace("\'", "''", $username), str_replace("\'", "''", $subject), str_replace("\'", "''", $message), str_replace("\'", "''", $poll_title), $poll_options, $poll_length);
555	}
556	break;
557
558	case 'delete':
559	case 'poll_delete':
560	delete_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id);
561	break;
562	}
563
564	if ( $error_msg == '' )
565	{
566	if ( $mode != 'editpost' )
567	{
568	$user_id = ( $mode == 'reply' \|\| $mode == 'newtopic' ) ? $userdata['user_id'] : $post_data['poster_id'];
569	update_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $user_id);
570	}
571
572	if ($error_msg == '' && $mode != 'poll_delete')
573	{
574	user_notification($mode, $post_data, $post_info['topic_title'], $forum_id, $topic_id, $post_id, $notify_user);
575	}
576
577	if ( $mode == 'newtopic' \|\| $mode == 'reply' )
578	{
579	$tracking_topics = ( !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) : array();
580	$tracking_forums = ( !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) : array();
581
582	if ( count($tracking_topics) + count($tracking_forums) == 100 && empty($tracking_topics[$topic_id]) )
583	{
584	asort($tracking_topics);
585	unset($tracking_topics[key($tracking_topics)]);
586	}
587
588	$tracking_topics[$topic_id] = time();
589
590	setcookie($board_config['cookie_name'] . '_t', serialize($tracking_topics), 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
591	}
592
593	$template->assign_vars(array(
594	'META' => $return_meta)
595	);
596	message_die(GENERAL_MESSAGE, $return_message);
597	}
598	}
599
600	if( $refresh \|\| isset($HTTP_POST_VARS['del_poll_option']) \|\| $error_msg != '' )
601	{
602	$username = ( !empty($HTTP_POST_VARS['username']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['username']))) : '';
603	$subject = ( !empty($HTTP_POST_VARS['subject']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['subject']))) : '';
604	$message = ( !empty($HTTP_POST_VARS['message']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['message']))) : '';
605
606	$poll_title = ( !empty($HTTP_POST_VARS['poll_title']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['poll_title']))) : '';
607	$poll_length = ( isset($HTTP_POST_VARS['poll_length']) ) ? max(0, intval($HTTP_POST_VARS['poll_length'])) : 0;
608
609	$poll_options = array();
610	if ( !empty($HTTP_POST_VARS['poll_option_text']) )
611	{
612	while( list($option_id, $option_text) = @each($HTTP_POST_VARS['poll_option_text']) )
613	{
614	if( isset($HTTP_POST_VARS['del_poll_option'][$option_id]) )
615	{
616	unset($poll_options[$option_id]);
617	}
618	else if ( !empty($option_text) )
619	{
620	$poll_options[$option_id] = htmlspecialchars(trim(stripslashes($option_text)));
621	}
622	}
623	}
624
625	if ( isset($poll_add) && !empty($HTTP_POST_VARS['add_poll_option_text']) )
626	{
627	$poll_options[] = htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['add_poll_option_text'])));
628	}
629
630	if ( $mode == 'newtopic' \|\| $mode == 'reply')
631	{
632	$user_sig = ( $userdata['user_sig'] != '' && $board_config['allow_sig'] ) ? $userdata['user_sig'] : '';
633	}
634	else if ( $mode == 'editpost' )
635	{
636	$user_sig = ( $post_info['user_sig'] != '' && $board_config['allow_sig'] ) ? $post_info['user_sig'] : '';
637	}
638
639	if( $preview )
640	{
641	$orig_word = array();
642	$replacement_word = array();
643	obtain_word_list($orig_word, $replacement_word);
644
645	$bbcode_uid = ( $bbcode_on ) ? make_bbcode_uid() : '';
646	$preview_message = stripslashes(prepare_message(addslashes(unprepare_message($message)), $html_on, $bbcode_on, $smilies_on, $bbcode_uid));
647	$preview_subject = $subject;
648	$preview_username = $username;
649
650	//
651	// Finalise processing as per viewtopic
652	//
653	if( !$html_on )
654	{
655	if( $user_sig != '' \|\| !$userdata['user_allowhtml'] )
656	{
657	$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', '<\2>', $user_sig);
658	}
659	}
660
661	if( $attach_sig && $user_sig != '' && $userdata['user_sig_bbcode_uid'] )
662	{
663	$user_sig = bbencode_second_pass($user_sig, $userdata['user_sig_bbcode_uid']);
664	}
665
666	if( $bbcode_on )
667	{
668	$preview_message = bbencode_second_pass($preview_message, $bbcode_uid);
669	}
670
671	if( !empty($orig_word) )
672	{
673	$preview_username = ( !empty($username) ) ? preg_replace($orig_word, $replacement_word, $preview_username) : '';
674	$preview_subject = ( !empty($subject) ) ? preg_replace($orig_word, $replacement_word, $preview_subject) : '';
675	$preview_message = ( !empty($preview_message) ) ? preg_replace($orig_word, $replacement_word, $preview_message) : '';
676	}
677
678	if( $user_sig != '' )
679	{
680	$user_sig = make_clickable($user_sig);
681	}
682	$preview_message = make_clickable($preview_message);
683
684	if( $smilies_on )
685	{
686	if( $userdata['user_allowsmile'] && $user_sig != '' )
687	{
688	$user_sig = smilies_pass($user_sig);
689	}
690
691	$preview_message = smilies_pass($preview_message);
692	}
693
694	if( $attach_sig && $user_sig != '' )
695	{
696	$preview_message = $preview_message . '<br /><br />_________________<br />' . $user_sig;
697	}
698
699	$preview_message = str_replace("\n", '<br />', $preview_message);
700
701	$template->set_filenames(array(
702	'preview' => 'posting_preview.tpl')
703	);
704
705	$template->assign_vars(array(
706	'TOPIC_TITLE' => $preview_subject,
707	'POST_SUBJECT' => $preview_subject,
708	'POSTER_NAME' => $preview_username,
709	'POST_DATE' => create_date($board_config['default_dateformat'], time(), $board_config['board_timezone']),
710	'MESSAGE' => $preview_message,
711
712	'L_POST_SUBJECT' => $lang['Post_subject'],
713	'L_PREVIEW' => $lang['Preview'],
714	'L_POSTED' => $lang['Posted'],
715	'L_POST' => $lang['Post'])
716	);
717	$template->assign_var_from_handle('POST_PREVIEW_BOX', 'preview');
718	}
719	else if( $error_msg != '' )
720	{
721	$template->set_filenames(array(
722	'reg_header' => 'error_body.tpl')
723	);
724	$template->assign_vars(array(
725	'ERROR_MESSAGE' => $error_msg)
726	);
727	$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
728	}
729	}
730	else
731	{
732	//
733	// User default entry point
734	//
735	if ( $mode == 'newtopic' )
736	{
737	$user_sig = ( $userdata['user_sig'] != '' ) ? $userdata['user_sig'] : '';
738
739	$username = ($userdata['session_logged_in']) ? $userdata['username'] : '';
740	$poll_title = '';
741	$poll_length = '';
742	$subject = '';
743	$message = '';
744	}
745	else if ( $mode == 'reply' )
746	{
747	$user_sig = ( $userdata['user_sig'] != '' ) ? $userdata['user_sig'] : '';
748
749	$username = ( $userdata['session_logged_in'] ) ? $userdata['username'] : '';
750	$subject = '';
751	$message = '';
752
753	}
754	else if ( $mode == 'quote' \|\| $mode == 'editpost' )
755	{
756	$subject = ( $post_data['first_post'] ) ? $post_info['topic_title'] : $post_info['post_subject'];
757	$message = $post_info['post_text'];
758
759	if ( $mode == 'editpost' )
760	{
761	$attach_sig = ( $post_info['enable_sig'] && $post_info['user_sig'] != '' ) ? TRUE : 0;
762	$user_sig = $post_info['user_sig'];
763
764	$html_on = ( $post_info['enable_html'] ) ? true : false;
765	$bbcode_on = ( $post_info['enable_bbcode'] ) ? true : false;
766	$smilies_on = ( $post_info['enable_smilies'] ) ? true : false;
767	}
768	else
769	{
770	$attach_sig = ( $userdata['user_attachsig'] ) ? TRUE : 0;
771	$user_sig = $userdata['user_sig'];
772	}
773
774	if ( $post_info['bbcode_uid'] != '' )
775	{
776	$message = preg_replace('/\:(([a-z0-9]:)?)' . $post_info['bbcode_uid'] . '/s', '', $message);
777	}
778
779	$message = str_replace('<', '<', $message);
780	$message = str_replace('>', '>', $message);
781	$message = str_replace('<br />', "\n", $message);
782
783	if ( $mode == 'quote' )
784	{
785	$orig_word = array();
786	$replacement_word = array();
787	obtain_word_list($orig_word, $replace_word);
788
789	$msg_date = create_date($board_config['default_dateformat'], $postrow['post_time'], $board_config['board_timezone']);
790
791	// Use trim to get rid of spaces placed there by MS-SQL 2000
792	$quote_username = ( trim($post_info['post_username']) != '' ) ? $post_info['post_username'] : $post_info['username'];
793	$message = '[quote="' . $quote_username . '"]' . $message . '[/quote]';
794
795	if ( !empty($orig_word) )
796	{
797	$subject = ( !empty($subject) ) ? preg_replace($orig_word, $replace_word, $subject) : '';
798	$message = ( !empty($message) ) ? preg_replace($orig_word, $replace_word, $message) : '';
799	}
800
801	if ( !preg_match('/^Re:/', $subject) && strlen($subject) > 0 )
802	{
803	$subject = 'Re: ' . $subject;
804	}
805
806	$mode = 'reply';
807	}
808	else
809	{
810	$username = ( $post_info['user_id'] == ANONYMOUS && !empty($post_info['post_username']) ) ? $post_info['post_username'] : '';
811	}
812	}
813	}
814
815	//
816	// Signature toggle selection
817	//
818	if( $user_sig != '' )
819	{
820	$template->assign_block_vars('switch_signature_checkbox', array());
821	}
822
823	//
824	// HTML toggle selection
825	//
826	if ( $board_config['allow_html'] )
827	{
828	$html_status = $lang['HTML_is_ON'];
829	$template->assign_block_vars('switch_html_checkbox', array());
830	}
831	else
832	{
833	$html_status = $lang['HTML_is_OFF'];
834	}
835
836	//
837	// BBCode toggle selection
838	//
839	if ( $board_config['allow_bbcode'] )
840	{
841	$bbcode_status = $lang['BBCode_is_ON'];
842	$template->assign_block_vars('switch_bbcode_checkbox', array());
843	}
844	else
845	{
846	$bbcode_status = $lang['BBCode_is_OFF'];
847	}
848
849	//
850	// Smilies toggle selection
851	//
852	if ( $board_config['allow_smilies'] )
853	{
854	$smilies_status = $lang['Smilies_are_ON'];
855	$template->assign_block_vars('switch_smilies_checkbox', array());
856	}
857	else
858	{
859	$smilies_status = $lang['Smilies_are_OFF'];
860	}
861
862	if( !$userdata['session_logged_in'] \|\| ( $mode == 'editpost' && $post_info['poster_id'] == ANONYMOUS ) )
863	{
864	$template->assign_block_vars('switch_username_select', array());
865	}
866
867	//
868	// Notify checkbox - only show if user is logged in
869	//
870	if ( $userdata['session_logged_in'] && $is_auth['auth_read'] )
871	{
872	if ( $mode != 'editpost' \|\| ( $mode == 'editpost' && $post_info['poster_id'] != ANONYMOUS ) )
873	{
874	$template->assign_block_vars('switch_notify_checkbox', array());
875	}
876	}
877
878	//
879	// Delete selection
880	//
881	if ( $mode == 'editpost' && ( ( $is_auth['auth_delete'] && $post_data['last_post'] && ( !$post_data['has_poll'] \|\| $post_data['edit_poll'] ) ) \|\| $is_auth['auth_mod'] ) )
882	{
883	$template->assign_block_vars('switch_delete_checkbox', array());
884	}
885
886	//
887	// Topic type selection
888	//
889	$topic_type_toggle = '';
890	if ( $mode == 'newtopic' \|\| ( $mode == 'editpost' && $post_data['first_post'] ) )
891	{
892	$template->assign_block_vars('switch_type_toggle', array());
893
894	if( $is_auth['auth_sticky'] )
895	{
896	$topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_STICKY . '"';
897	if ( $post_data['topic_type'] == POST_STICKY \|\| $topic_type == POST_STICKY )
898	{
899	$topic_type_toggle .= ' checked="checked"';
900	}
901	$topic_type_toggle .= ' /> ' . $lang['Post_Sticky'] . '  ';
902	}
903
904	if( $is_auth['auth_announce'] )
905	{
906	$topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_ANNOUNCE . '"';
907	if ( $post_data['topic_type'] == POST_ANNOUNCE \|\| $topic_type == POST_ANNOUNCE )
908	{
909	$topic_type_toggle .= ' checked="checked"';
910	}
911	$topic_type_toggle .= ' /> ' . $lang['Post_Announcement'] . '  ';
912	}
913
914	if ( $topic_type_toggle != '' )
915	{
916	$topic_type_toggle = $lang['Post_topic_as'] . ': <input type="radio" name="topictype" value="' . POST_NORMAL .'"' . ( ( $post_data['topic_type'] == POST_NORMAL \|\| $topic_type == POST_NORMAL ) ? ' checked="checked"' : '' ) . ' /> ' . $lang['Post_Normal'] . '  ' . $topic_type_toggle;
917	}
918	}
919
920	$hidden_form_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
921
922	switch( $mode )
923	{
924	case 'newtopic':
925	$page_title = $lang['Post_a_new_topic'];
926	$hidden_form_fields .= '<input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />';
927	break;
928
929	case 'reply':
930	$page_title = $lang['Post_a_reply'];
931	$hidden_form_fields .= '<input type="hidden" name="' . POST_TOPIC_URL . '" value="' . $topic_id . '" />';
932	break;
933
934	case 'editpost':
935	$page_title = $lang['Edit_Post'];
936	$hidden_form_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';
937	break;
938	}
939
940	// Generate smilies listing for page output
941	generate_smilies('inline', PAGE_POSTING);
942
943	//
944	// Include page header
945	//
946	include($phpbb_root_path . 'includes/page_header.'.$phpEx);
947
948	$template->set_filenames(array(
949	'body' => 'posting_body.tpl',
950	'pollbody' => 'posting_poll_body.tpl',
951	'reviewbody' => 'posting_topic_review.tpl')
952	);
953	make_jumpbox('viewforum.'.$phpEx);
954
955	$template->assign_vars(array(
956	'FORUM_NAME' => $forum_name,
957	'L_POST_A' => $page_title,
958	'L_POST_SUBJECT' => $lang['Post_subject'],
959
960	'U_VIEW_FORUM' => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id"))
961	);
962
963	//
964	// This enables the forum/topic title to be output for posting
965	// but not for privmsg (where it makes no sense)
966	//
967	$template->assign_block_vars('switch_not_privmsg', array());
968
969	//
970	// Output the data to the template
971	//
972	$template->assign_vars(array(
973	'USERNAME' => $username,
974	'SUBJECT' => $subject,
975	'MESSAGE' => $message,
976	'HTML_STATUS' => $html_status,
977	'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'),
978	'SMILIES_STATUS' => $smilies_status,
979
980	'L_SUBJECT' => $lang['Subject'],
981	'L_MESSAGE_BODY' => $lang['Message_body'],
982	'L_OPTIONS' => $lang['Options'],
983	'L_PREVIEW' => $lang['Preview'],
984	'L_SPELLCHECK' => $lang['Spellcheck'],
985	'L_SUBMIT' => $lang['Submit'],
986	'L_CANCEL' => $lang['Cancel'],
987	'L_CONFIRM_DELETE' => $lang['Confirm_delete'],
988	'L_DISABLE_HTML' => $lang['Disable_HTML_post'],
989	'L_DISABLE_BBCODE' => $lang['Disable_BBCode_post'],
990	'L_DISABLE_SMILIES' => $lang['Disable_Smilies_post'],
991	'L_ATTACH_SIGNATURE' => $lang['Attach_signature'],
992	'L_NOTIFY_ON_REPLY' => $lang['Notify'],
993	'L_DELETE_POST' => $lang['Delete_post'],
994
995	'L_BBCODE_B_HELP' => $lang['bbcode_b_help'],
996	'L_BBCODE_I_HELP' => $lang['bbcode_i_help'],
997	'L_BBCODE_U_HELP' => $lang['bbcode_u_help'],
998	'L_BBCODE_Q_HELP' => $lang['bbcode_q_help'],
999	'L_BBCODE_C_HELP' => $lang['bbcode_c_help'],
1000	'L_BBCODE_L_HELP' => $lang['bbcode_l_help'],
1001	'L_BBCODE_O_HELP' => $lang['bbcode_o_help'],
1002	'L_BBCODE_P_HELP' => $lang['bbcode_p_help'],
1003	'L_BBCODE_W_HELP' => $lang['bbcode_w_help'],
1004	'L_BBCODE_A_HELP' => $lang['bbcode_a_help'],
1005	'L_BBCODE_S_HELP' => $lang['bbcode_s_help'],
1006	'L_BBCODE_F_HELP' => $lang['bbcode_f_help'],
1007	'L_EMPTY_MESSAGE' => $lang['Empty_message'],
1008
1009	'L_FONT_COLOR' => $lang['Font_color'],
1010	'L_COLOR_DEFAULT' => $lang['color_default'],
1011	'L_COLOR_DARK_RED' => $lang['color_dark_red'],
1012	'L_COLOR_RED' => $lang['color_red'],
1013	'L_COLOR_ORANGE' => $lang['color_orange'],
1014	'L_COLOR_BROWN' => $lang['color_brown'],
1015	'L_COLOR_YELLOW' => $lang['color_yellow'],
1016	'L_COLOR_GREEN' => $lang['color_green'],
1017	'L_COLOR_OLIVE' => $lang['color_olive'],
1018	'L_COLOR_CYAN' => $lang['color_cyan'],
1019	'L_COLOR_BLUE' => $lang['color_blue'],
1020	'L_COLOR_DARK_BLUE' => $lang['color_dark_blue'],
1021	'L_COLOR_INDIGO' => $lang['color_indigo'],
1022	'L_COLOR_VIOLET' => $lang['color_violet'],
1023	'L_COLOR_WHITE' => $lang['color_white'],
1024	'L_COLOR_BLACK' => $lang['color_black'],
1025
1026	'L_FONT_SIZE' => $lang['Font_size'],
1027	'L_FONT_TINY' => $lang['font_tiny'],
1028	'L_FONT_SMALL' => $lang['font_small'],
1029	'L_FONT_NORMAL' => $lang['font_normal'],
1030	'L_FONT_LARGE' => $lang['font_large'],
1031	'L_FONT_HUGE' => $lang['font_huge'],
1032
1033	'L_BBCODE_CLOSE_TAGS' => $lang['Close_Tags'],
1034	'L_STYLES_TIP' => $lang['Styles_tip'],
1035
1036	'U_VIEWTOPIC' => ( $mode == 'reply' ) ? append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id&postorder=desc") : '',
1037	'U_REVIEW_TOPIC' => ( $mode == 'reply' ) ? append_sid("posting.$phpEx?mode=topicreview&" . POST_TOPIC_URL . "=$topic_id") : '',
1038
1039	'S_HTML_CHECKED' => ( !$html_on ) ? 'checked="checked"' : '',
1040	'S_BBCODE_CHECKED' => ( !$bbcode_on ) ? 'checked="checked"' : '',
1041	'S_SMILIES_CHECKED' => ( !$smilies_on ) ? 'checked="checked"' : '',
1042	'S_SIGNATURE_CHECKED' => ( $attach_sig ) ? 'checked="checked"' : '',
1043	'S_NOTIFY_CHECKED' => ( $notify_user ) ? 'checked="checked"' : '',
1044	'S_TYPE_TOGGLE' => $topic_type_toggle,
1045	'S_TOPIC_ID' => $topic_id,
1046	'S_POST_ACTION' => append_sid("posting.$phpEx"),
1047	'S_HIDDEN_FORM_FIELDS' => $hidden_form_fields)
1048	);
1049
1050	//
1051	// Poll entry switch/output
1052	//
1053	if( ( $mode == 'newtopic' \|\| ( $mode == 'editpost' && $post_data['edit_poll']) ) && $is_auth['auth_pollcreate'] )
1054	{
1055	$template->assign_vars(array(
1056	'L_ADD_A_POLL' => $lang['Add_poll'],
1057	'L_ADD_POLL_EXPLAIN' => $lang['Add_poll_explain'],
1058	'L_POLL_QUESTION' => $lang['Poll_question'],
1059	'L_POLL_OPTION' => $lang['Poll_option'],
1060	'L_ADD_OPTION' => $lang['Add_option'],
1061	'L_UPDATE_OPTION' => $lang['Update'],
1062	'L_DELETE_OPTION' => $lang['Delete'],
1063	'L_POLL_LENGTH' => $lang['Poll_for'],
1064	'L_DAYS' => $lang['Days'],
1065	'L_POLL_LENGTH_EXPLAIN' => $lang['Poll_for_explain'],
1066	'L_POLL_DELETE' => $lang['Delete_poll'],
1067
1068	'POLL_TITLE' => $poll_title,
1069	'POLL_LENGTH' => $poll_length)
1070	);
1071
1072	if( $mode == 'editpost' && $post_data['edit_poll'] && $post_data['has_poll'])
1073	{
1074	$template->assign_block_vars('switch_poll_delete_toggle', array());
1075	}
1076
1077	if( !empty($poll_options) )
1078	{
1079	while( list($option_id, $option_text) = each($poll_options) )
1080	{
1081	$template->assign_block_vars('poll_option_rows', array(
1082	'POLL_OPTION' => str_replace('"', '"', $option_text),
1083
1084	'S_POLL_OPTION_NUM' => $option_id)
1085	);
1086	}
1087	}
1088
1089	$template->assign_var_from_handle('POLLBOX', 'pollbody');
1090	}
1091
1092	//
1093	// Topic review
1094	//
1095	if( $mode == 'reply' && $is_auth['auth_read'] )
1096	{
1097	require($phpbb_root_path . 'includes/topic_review.'.$phpEx);
1098	topic_review($topic_id, true);
1099
1100	$template->assign_block_vars('switch_inline_mode', array());
1101	$template->assign_var_from_handle('TOPIC_REVIEW_BOX', 'reviewbody');
1102	}
1103
1104	$template->pparse('body');
1105
1106	include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
1107
1108	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: