source: trunk/forum/posting.php

Last change on this file was 702, checked in by george, 15 years ago
  • Upraveno: Aktualizace fóra.
File size: 58.2 KB
Line 
1<?php
2/**
3*
4* @package phpBB3
5* @version $Id$
6* @copyright (c) 2005 phpBB Group
7* @license http://opensource.org/licenses/gpl-license.php GNU Public License
8*
9*/
10
11/**
12* @ignore
13*/
14define('IN_PHPBB', true);
15$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
16$phpEx = substr(strrchr(__FILE__, '.'), 1);
17include($phpbb_root_path . 'common.' . $phpEx);
18include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
19include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
20include($phpbb_root_path . 'includes/message_parser.' . $phpEx);
21
22
23// Start session management
24$user->session_begin();
25$auth->acl($user->data);
26
27
28// Grab only parameters needed here
29$post_id = request_var('p', 0);
30$topic_id = request_var('t', 0);
31$forum_id = request_var('f', 0);
32$draft_id = request_var('d', 0);
33$lastclick = request_var('lastclick', 0);
34
35$submit = (isset($_POST['post'])) ? true : false;
36$preview = (isset($_POST['preview'])) ? true : false;
37$save = (isset($_POST['save'])) ? true : false;
38$load = (isset($_POST['load'])) ? true : false;
39$delete = (isset($_POST['delete'])) ? true : false;
40$cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false;
41
42$refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['full_editor']) || isset($_POST['cancel_unglobalise']) || $save || $load) ? true : false;
43$mode = ($delete && !$preview && !$refresh && $submit) ? 'delete' : request_var('mode', '');
44
45$error = $post_data = array();
46$current_time = time();
47
48// Was cancel pressed? If so then redirect to the appropriate page
49if ($cancel || ($current_time - $lastclick < 2 && $submit))
50{
51 $f = ($forum_id) ? 'f=' . $forum_id . '&amp;' : '';
52 $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx")));
53 redirect($redirect);
54}
55
56if (in_array($mode, array('post', 'reply', 'quote', 'edit', 'delete')) && !$forum_id)
57{
58 trigger_error('NO_FORUM');
59}
60
61// We need to know some basic information in all cases before we do anything.
62switch ($mode)
63{
64 case 'post':
65 $sql = 'SELECT *
66 FROM ' . FORUMS_TABLE . "
67 WHERE forum_id = $forum_id";
68 break;
69
70 case 'bump':
71 case 'reply':
72 if (!$topic_id)
73 {
74 trigger_error('NO_TOPIC');
75 }
76
77 // Force forum id
78 $sql = 'SELECT forum_id
79 FROM ' . TOPICS_TABLE . '
80 WHERE topic_id = ' . $topic_id;
81 $result = $db->sql_query($sql);
82 $f_id = (int) $db->sql_fetchfield('forum_id');
83 $db->sql_freeresult($result);
84
85 $forum_id = (!$f_id) ? $forum_id : $f_id;
86
87 $sql = 'SELECT f.*, t.*
88 FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
89 WHERE t.topic_id = $topic_id
90 AND (f.forum_id = t.forum_id
91 OR f.forum_id = $forum_id)" .
92 (($auth->acl_get('m_approve', $forum_id)) ? '' : 'AND t.topic_approved = 1');
93 break;
94
95 case 'quote':
96 case 'edit':
97 case 'delete':
98 if (!$post_id)
99 {
100 $user->setup('posting');
101 trigger_error('NO_POST');
102 }
103
104 // Force forum id
105 $sql = 'SELECT forum_id
106 FROM ' . POSTS_TABLE . '
107 WHERE post_id = ' . $post_id;
108 $result = $db->sql_query($sql);
109 $f_id = (int) $db->sql_fetchfield('forum_id');
110 $db->sql_freeresult($result);
111
112 $forum_id = (!$f_id) ? $forum_id : $f_id;
113
114 $sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield
115 FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u
116 WHERE p.post_id = $post_id
117 AND t.topic_id = p.topic_id
118 AND u.user_id = p.poster_id
119 AND (f.forum_id = t.forum_id
120 OR f.forum_id = $forum_id)" .
121 (($auth->acl_get('m_approve', $forum_id)) ? '' : 'AND p.post_approved = 1');
122 break;
123
124 case 'smilies':
125 $sql = '';
126 generate_smilies('window', $forum_id);
127 break;
128
129 case 'popup':
130 if ($forum_id)
131 {
132 $sql = 'SELECT forum_style
133 FROM ' . FORUMS_TABLE . '
134 WHERE forum_id = ' . $forum_id;
135 }
136 else
137 {
138 upload_popup();
139 return;
140 }
141 break;
142
143 default:
144 $sql = '';
145 break;
146}
147
148if (!$sql)
149{
150 $user->setup('posting');
151 trigger_error('NO_POST_MODE');
152}
153
154$result = $db->sql_query($sql);
155$post_data = $db->sql_fetchrow($result);
156$db->sql_freeresult($result);
157
158if (!$post_data)
159{
160 if (!($mode == 'post' || $mode == 'bump' || $mode == 'reply'))
161 {
162 $user->setup('posting');
163 }
164 trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST');
165}
166
167// Not able to reply to unapproved posts/topics
168// TODO: add more descriptive language key
169if ($auth->acl_get('m_approve', $forum_id) && ((($mode == 'reply' || $mode == 'bump') && !$post_data['topic_approved']) || ($mode == 'quote' && !$post_data['post_approved'])))
170{
171 trigger_error(($mode == 'reply' || $mode == 'bump') ? 'TOPIC_UNAPPROVED' : 'POST_UNAPPROVED');
172}
173
174if ($mode == 'popup')
175{
176 upload_popup($post_data['forum_style']);
177 return;
178}
179
180$user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
181
182if ($config['enable_post_confirm'] && !$user->data['is_registered'])
183{
184 include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx);
185 $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']);
186 $captcha->init(CONFIRM_POST);
187}
188
189// Use post_row values in favor of submitted ones...
190$forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id;
191$topic_id = (!empty($post_data['topic_id'])) ? (int) $post_data['topic_id'] : (int) $topic_id;
192$post_id = (!empty($post_data['post_id'])) ? (int) $post_data['post_id'] : (int) $post_id;
193
194// Need to login to passworded forum first?
195if ($post_data['forum_password'])
196{
197 login_forum_box(array(
198 'forum_id' => $forum_id,
199 'forum_password' => $post_data['forum_password'])
200 );
201}
202
203// Check permissions
204if ($user->data['is_bot'])
205{
206 redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
207}
208
209// Is the user able to read within this forum?
210if (!$auth->acl_get('f_read', $forum_id))
211{
212 if ($user->data['user_id'] != ANONYMOUS)
213 {
214 trigger_error('USER_CANNOT_READ');
215 }
216
217 login_box('', $user->lang['LOGIN_EXPLAIN_POST']);
218}
219
220// Permission to do the action asked?
221$is_authed = false;
222
223switch ($mode)
224{
225 case 'post':
226 if ($auth->acl_get('f_post', $forum_id))
227 {
228 $is_authed = true;
229 }
230 break;
231
232 case 'bump':
233 if ($auth->acl_get('f_bump', $forum_id))
234 {
235 $is_authed = true;
236 }
237 break;
238
239 case 'quote':
240
241 $post_data['post_edit_locked'] = 0;
242
243 // no break;
244
245 case 'reply':
246 if ($auth->acl_get('f_reply', $forum_id))
247 {
248 $is_authed = true;
249 }
250 break;
251
252 case 'edit':
253 if ($user->data['is_registered'] && $auth->acl_gets('f_edit', 'm_edit', $forum_id))
254 {
255 $is_authed = true;
256 }
257 break;
258
259 case 'delete':
260 if ($user->data['is_registered'] && $auth->acl_gets('f_delete', 'm_delete', $forum_id))
261 {
262 $is_authed = true;
263 }
264 break;
265}
266
267if (!$is_authed)
268{
269 $check_auth = ($mode == 'quote') ? 'reply' : $mode;
270
271 if ($user->data['is_registered'])
272 {
273 trigger_error('USER_CANNOT_' . strtoupper($check_auth));
274 }
275
276 login_box('', $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]);
277}
278
279// Is the user able to post within this forum?
280if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply')))
281{
282 trigger_error('USER_CANNOT_FORUM_POST');
283}
284
285// Forum/Topic locked?
286if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED)) && !$auth->acl_get('m_edit', $forum_id))
287{
288 trigger_error(($post_data['forum_status'] == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED');
289}
290
291// Can we edit this post ... if we're a moderator with rights then always yes
292// else it depends on editing times, lock status and if we're the correct user
293if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id))
294{
295 if ($user->data['user_id'] != $post_data['poster_id'])
296 {
297 trigger_error('USER_CANNOT_EDIT');
298 }
299
300 if (!($post_data['post_time'] > time() - ($config['edit_time'] * 60) || !$config['edit_time']))
301 {
302 trigger_error('CANNOT_EDIT_TIME');
303 }
304
305 if ($post_data['post_edit_locked'])
306 {
307 trigger_error('CANNOT_EDIT_POST_LOCKED');
308 }
309}
310
311// Handle delete mode...
312if ($mode == 'delete')
313{
314 handle_post_delete($forum_id, $topic_id, $post_id, $post_data);
315 return;
316}
317
318// Handle bump mode...
319if ($mode == 'bump')
320{
321 if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id'])
322 && check_link_hash(request_var('hash', ''), "topic_{$post_data['topic_id']}"))
323 {
324 $db->sql_transaction('begin');
325
326 $sql = 'UPDATE ' . POSTS_TABLE . "
327 SET post_time = $current_time
328 WHERE post_id = {$post_data['topic_last_post_id']}
329 AND topic_id = $topic_id";
330 $db->sql_query($sql);
331
332 $sql = 'UPDATE ' . TOPICS_TABLE . "
333 SET topic_last_post_time = $current_time,
334 topic_bumped = 1,
335 topic_bumper = " . $user->data['user_id'] . "
336 WHERE topic_id = $topic_id";
337 $db->sql_query($sql);
338
339 update_post_information('forum', $forum_id);
340
341 $sql = 'UPDATE ' . USERS_TABLE . "
342 SET user_lastpost_time = $current_time
343 WHERE user_id = " . $user->data['user_id'];
344 $db->sql_query($sql);
345
346 $db->sql_transaction('commit');
347
348 markread('post', $forum_id, $topic_id, $current_time);
349
350 add_log('mod', $forum_id, $topic_id, 'LOG_BUMP_TOPIC', $post_data['topic_title']);
351
352 $meta_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=$topic_id&amp;p={$post_data['topic_last_post_id']}") . "#p{$post_data['topic_last_post_id']}";
353 meta_refresh(3, $meta_url);
354
355 $message = $user->lang['TOPIC_BUMPED'] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $meta_url . '">', '</a>');
356 $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
357
358 trigger_error($message);
359 }
360
361 trigger_error('BUMP_ERROR');
362}
363
364// Subject length limiting to 60 characters if first post...
365if ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_data['post_id']))
366{
367 $template->assign_var('S_NEW_MESSAGE', true);
368}
369
370// Determine some vars
371if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS)
372{
373 $post_data['quote_username'] = (!empty($post_data['post_username'])) ? $post_data['post_username'] : $user->lang['GUEST'];
374}
375else
376{
377 $post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : '';
378}
379
380$post_data['post_edit_locked'] = (isset($post_data['post_edit_locked'])) ? (int) $post_data['post_edit_locked'] : 0;
381$post_data['post_subject_md5'] = (isset($post_data['post_subject']) && $mode == 'edit') ? md5($post_data['post_subject']) : '';
382$post_data['post_subject'] = (in_array($mode, array('quote', 'edit'))) ? $post_data['post_subject'] : ((isset($post_data['topic_title'])) ? $post_data['topic_title'] : '');
383$post_data['topic_time_limit'] = (isset($post_data['topic_time_limit'])) ? (($post_data['topic_time_limit']) ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit']) : 0;
384$post_data['poll_length'] = (!empty($post_data['poll_length'])) ? (int) $post_data['poll_length'] / 86400 : 0;
385$post_data['poll_start'] = (!empty($post_data['poll_start'])) ? (int) $post_data['poll_start'] : 0;
386$post_data['icon_id'] = (!isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply'))) ? 0 : (int) $post_data['icon_id'];
387$post_data['poll_options'] = array();
388
389// Get Poll Data
390if ($post_data['poll_start'])
391{
392 $sql = 'SELECT poll_option_text
393 FROM ' . POLL_OPTIONS_TABLE . "
394 WHERE topic_id = $topic_id
395 ORDER BY poll_option_id";
396 $result = $db->sql_query($sql);
397
398 while ($row = $db->sql_fetchrow($result))
399 {
400 $post_data['poll_options'][] = trim($row['poll_option_text']);
401 }
402 $db->sql_freeresult($result);
403}
404
405$orig_poll_options_size = sizeof($post_data['poll_options']);
406
407$message_parser = new parse_message();
408
409if (isset($post_data['post_text']))
410{
411 $message_parser->message = &$post_data['post_text'];
412 unset($post_data['post_text']);
413}
414
415// Set some default variables
416$uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0);
417
418foreach ($uninit as $var_name => $default_value)
419{
420 if (!isset($post_data[$var_name]))
421 {
422 $post_data[$var_name] = $default_value;
423 }
424}
425unset($uninit);
426
427// Always check if the submitted attachment data is valid and belongs to the user.
428// Further down (especially in submit_post()) we do not check this again.
429$message_parser->get_submitted_attachment_data($post_data['poster_id']);
430
431if ($post_data['post_attachment'] && !$submit && !$refresh && !$preview && $mode == 'edit')
432{
433 // Do not change to SELECT *
434 $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename
435 FROM ' . ATTACHMENTS_TABLE . "
436 WHERE post_msg_id = $post_id
437 AND in_message = 0
438 AND is_orphan = 0
439 ORDER BY filetime DESC";
440 $result = $db->sql_query($sql);
441 $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));
442 $db->sql_freeresult($result);
443}
444
445if ($post_data['poster_id'] == ANONYMOUS)
446{
447 $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['post_username']) : '';
448}
449else
450{
451 $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['username']) : '';
452}
453
454$post_data['enable_urls'] = $post_data['enable_magic_url'];
455
456if ($mode != 'edit')
457{
458 $post_data['enable_sig'] = ($config['allow_sig'] && $user->optionget('attachsig')) ? true: false;
459 $post_data['enable_smilies'] = ($config['allow_smilies'] && $user->optionget('smilies')) ? true : false;
460 $post_data['enable_bbcode'] = ($config['allow_bbcode'] && $user->optionget('bbcode')) ? true : false;
461 $post_data['enable_urls'] = true;
462}
463
464$post_data['enable_magic_url'] = $post_data['drafts'] = false;
465
466// User own some drafts?
467if ($user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
468{
469 $sql = 'SELECT draft_id
470 FROM ' . DRAFTS_TABLE . '
471 WHERE user_id = ' . $user->data['user_id'] .
472 (($forum_id) ? ' AND forum_id = ' . (int) $forum_id : '') .
473 (($topic_id) ? ' AND topic_id = ' . (int) $topic_id : '') .
474 (($draft_id) ? " AND draft_id <> $draft_id" : '');
475 $result = $db->sql_query_limit($sql, 1);
476
477 if ($db->sql_fetchrow($result))
478 {
479 $post_data['drafts'] = true;
480 }
481 $db->sql_freeresult($result);
482}
483
484$check_value = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
485
486// Check if user is watching this topic
487if ($mode != 'post' && $config['allow_topic_notify'] && $user->data['is_registered'])
488{
489 $sql = 'SELECT topic_id
490 FROM ' . TOPICS_WATCH_TABLE . '
491 WHERE topic_id = ' . $topic_id . '
492 AND user_id = ' . $user->data['user_id'];
493 $result = $db->sql_query($sql);
494 $post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id');
495 $db->sql_freeresult($result);
496}
497
498// Do we want to edit our post ?
499if ($mode == 'edit' && $post_data['bbcode_uid'])
500{
501 $message_parser->bbcode_uid = $post_data['bbcode_uid'];
502}
503
504// HTML, BBCode, Smilies, Images and Flash status
505$bbcode_status = ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false;
506$smilies_status = ($config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false;
507$img_status = ($bbcode_status && $auth->acl_get('f_img', $forum_id)) ? true : false;
508$url_status = ($config['allow_post_links']) ? true : false;
509$flash_status = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false;
510$quote_status = true;
511
512// Save Draft
513if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
514{
515 $subject = utf8_normalize_nfc(request_var('subject', '', true));
516 $subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject;
517 $message = utf8_normalize_nfc(request_var('message', '', true));
518
519 if ($subject && $message)
520 {
521 if (confirm_box(true))
522 {
523 $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
524 'user_id' => (int) $user->data['user_id'],
525 'topic_id' => (int) $topic_id,
526 'forum_id' => (int) $forum_id,
527 'save_time' => (int) $current_time,
528 'draft_subject' => (string) $subject,
529 'draft_message' => (string) $message)
530 );
531 $db->sql_query($sql);
532
533 $meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=$topic_id");
534
535 meta_refresh(3, $meta_info);
536
537 $message = $user->lang['DRAFT_SAVED'] . '<br /><br />';
538 $message .= ($mode != 'post') ? sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>') . '<br /><br />' : '';
539 $message .= sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
540
541 trigger_error($message);
542 }
543 else
544 {
545 $s_hidden_fields = build_hidden_fields(array(
546 'mode' => $mode,
547 'save' => true,
548 'f' => $forum_id,
549 't' => $topic_id,
550 'subject' => $subject,
551 'message' => $message,
552 'attachment_data' => $message_parser->attachment_data,
553 )
554 );
555
556 $hidden_fields = array(
557 'icon_id' => 0,
558
559 'disable_bbcode' => false,
560 'disable_smilies' => false,
561 'disable_magic_url' => false,
562 'attach_sig' => true,
563 'lock_topic' => false,
564
565 'topic_type' => POST_NORMAL,
566 'topic_time_limit' => 0,
567
568 'poll_title' => '',
569 'poll_option_text' => '',
570 'poll_max_options' => 1,
571 'poll_length' => 0,
572 'poll_vote_change' => false,
573 );
574
575 foreach ($hidden_fields as $name => $default)
576 {
577 if (!isset($_POST[$name]))
578 {
579 // Don't include it, if its not available
580 unset($hidden_fields[$name]);
581 continue;
582 }
583
584 if (is_bool($default))
585 {
586 // Use the string representation
587 $hidden_fields[$name] = request_var($name, '');
588 }
589 else
590 {
591 $hidden_fields[$name] = request_var($name, $default);
592 }
593 }
594
595 $s_hidden_fields .= build_hidden_fields($hidden_fields);
596
597 confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields);
598 }
599 }
600 else
601 {
602 if (utf8_clean_string($subject) === '')
603 {
604 $error[] = $user->lang['EMPTY_SUBJECT'];
605 }
606
607 if (utf8_clean_string($message) === '')
608 {
609 $error[] = $user->lang['TOO_FEW_CHARS'];
610 }
611 }
612 unset($subject, $message);
613}
614
615// Load requested Draft
616if ($draft_id && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $user->data['is_registered'] && $auth->acl_get('u_savedrafts'))
617{
618 $sql = 'SELECT draft_subject, draft_message
619 FROM ' . DRAFTS_TABLE . "
620 WHERE draft_id = $draft_id
621 AND user_id = " . $user->data['user_id'];
622 $result = $db->sql_query_limit($sql, 1);
623 $row = $db->sql_fetchrow($result);
624 $db->sql_freeresult($result);
625
626 if ($row)
627 {
628 $post_data['post_subject'] = $row['draft_subject'];
629 $message_parser->message = $row['draft_message'];
630
631 $template->assign_var('S_DRAFT_LOADED', true);
632 }
633 else
634 {
635 $draft_id = 0;
636 }
637}
638
639// Load draft overview
640if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_data['drafts'])
641{
642 load_drafts($topic_id, $forum_id);
643}
644
645
646if ($submit || $preview || $refresh)
647{
648 $post_data['topic_cur_post_id'] = request_var('topic_cur_post_id', 0);
649 $post_data['post_subject'] = utf8_normalize_nfc(request_var('subject', '', true));
650 $message_parser->message = utf8_normalize_nfc(request_var('message', '', true));
651
652 $post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true));
653 $post_data['post_edit_reason'] = (!empty($_POST['edit_reason']) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? utf8_normalize_nfc(request_var('edit_reason', '', true)) : '';
654
655 $post_data['orig_topic_type'] = $post_data['topic_type'];
656 $post_data['topic_type'] = request_var('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL));
657 $post_data['topic_time_limit'] = request_var('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0));
658
659 if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id))
660 {
661 $post_data['icon_id'] = request_var('icon', (int) $post_data['icon_id']);
662 }
663
664 $post_data['enable_bbcode'] = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true;
665 $post_data['enable_smilies'] = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true;
666 $post_data['enable_urls'] = (isset($_POST['disable_magic_url'])) ? 0 : 1;
667 $post_data['enable_sig'] = (!$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig')) ? false : ((isset($_POST['attach_sig']) && $user->data['is_registered']) ? true : false);
668
669 if ($config['allow_topic_notify'] && $user->data['is_registered'])
670 {
671 $notify = (isset($_POST['notify'])) ? true : false;
672 }
673 else
674 {
675 $notify = false;
676 }
677
678 $topic_lock = (isset($_POST['lock_topic'])) ? true : false;
679 $post_lock = (isset($_POST['lock_post'])) ? true : false;
680 $poll_delete = (isset($_POST['poll_delete'])) ? true : false;
681
682 if ($submit)
683 {
684 $status_switch = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
685 $status_switch = ($status_switch != $check_value);
686 }
687 else
688 {
689 $status_switch = 1;
690 }
691
692 // Delete Poll
693 if ($poll_delete && $mode == 'edit' && sizeof($post_data['poll_options']) &&
694 ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id)))
695 {
696 if ($submit && check_form_key('posting'))
697 {
698 $sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . "
699 WHERE topic_id = $topic_id";
700 $db->sql_query($sql);
701
702 $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . "
703 WHERE topic_id = $topic_id";
704 $db->sql_query($sql);
705
706 $topic_sql = array(
707 'poll_title' => '',
708 'poll_start' => 0,
709 'poll_length' => 0,
710 'poll_last_vote' => 0,
711 'poll_max_options' => 0,
712 'poll_vote_change' => 0
713 );
714
715 $sql = 'UPDATE ' . TOPICS_TABLE . '
716 SET ' . $db->sql_build_array('UPDATE', $topic_sql) . "
717 WHERE topic_id = $topic_id";
718 $db->sql_query($sql);
719 }
720
721 $post_data['poll_title'] = $post_data['poll_option_text'] = '';
722 $post_data['poll_vote_change'] = $post_data['poll_max_options'] = $post_data['poll_length'] = 0;
723 }
724 else
725 {
726 $post_data['poll_title'] = utf8_normalize_nfc(request_var('poll_title', '', true));
727 $post_data['poll_length'] = request_var('poll_length', 0);
728 $post_data['poll_option_text'] = utf8_normalize_nfc(request_var('poll_option_text', '', true));
729 $post_data['poll_max_options'] = request_var('poll_max_options', 1);
730 $post_data['poll_vote_change'] = ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0;
731 }
732
733 // If replying/quoting and last post id has changed
734 // give user option to continue submit or return to post
735 // notify and show user the post made between his request and the final submit
736 if (($mode == 'reply' || $mode == 'quote') && $post_data['topic_cur_post_id'] && $post_data['topic_cur_post_id'] != $post_data['topic_last_post_id'])
737 {
738 // Only do so if it is allowed forum-wide
739 if ($post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
740 {
741 if (topic_review($topic_id, $forum_id, 'post_review', $post_data['topic_cur_post_id']))
742 {
743 $template->assign_var('S_POST_REVIEW', true);
744 }
745
746 $submit = false;
747 $refresh = true;
748 }
749 }
750
751 // Parse Attachments - before checksum is calculated
752 $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh);
753
754 // Grab md5 'checksum' of new message
755 $message_md5 = md5($message_parser->message);
756
757 // If editing and checksum has changed we know the post was edited while we're editing
758 // Notify and show user the changed post
759 if ($mode == 'edit' && $post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
760 {
761 $edit_post_message_checksum = request_var('edit_post_message_checksum', '');
762 $edit_post_subject_checksum = request_var('edit_post_subject_checksum', '');
763
764 // $post_data['post_checksum'] is the checksum of the post submitted in the meantime
765 // $message_md5 is the checksum of the post we're about to submit
766 // $edit_post_message_checksum is the checksum of the post we're editing
767 // ...
768
769 // We make sure nobody else made exactly the same change
770 // we're about to submit by also checking $message_md5 != $post_data['post_checksum']
771 if (($edit_post_message_checksum !== '' && $edit_post_message_checksum != $post_data['post_checksum'] && $message_md5 != $post_data['post_checksum'])
772 || ($edit_post_subject_checksum !== '' && $edit_post_subject_checksum != $post_data['post_subject_md5'] && md5($post_data['post_subject']) != $post_data['post_subject_md5']))
773 {
774 if (topic_review($topic_id, $forum_id, 'post_review_edit', $post_id))
775 {
776 $template->assign_vars(array(
777 'S_POST_REVIEW' => true,
778
779 'L_POST_REVIEW' => $user->lang['POST_REVIEW_EDIT'],
780 'L_POST_REVIEW_EXPLAIN' => $user->lang['POST_REVIEW_EDIT_EXPLAIN'],
781 ));
782 }
783
784 $submit = false;
785 $refresh = true;
786 }
787 }
788
789 // Check checksum ... don't re-parse message if the same
790 $update_message = ($mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN) ? true : false;
791
792 // Also check if subject got updated...
793 $update_subject = $mode != 'edit' || ($post_data['post_subject_md5'] && $post_data['post_subject_md5'] != md5($post_data['post_subject']));
794
795 // Parse message
796 if ($update_message)
797 {
798 if (sizeof($message_parser->warn_msg))
799 {
800 $error[] = implode('<br />', $message_parser->warn_msg);
801 $message_parser->warn_msg = array();
802 }
803
804 $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
805
806 // On a refresh we do not care about message parsing errors
807 if (sizeof($message_parser->warn_msg) && $refresh)
808 {
809 $message_parser->warn_msg = array();
810 }
811 }
812 else
813 {
814 $message_parser->bbcode_bitfield = $post_data['bbcode_bitfield'];
815 }
816
817 if ($mode != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$auth->acl_get('f_ignoreflood', $forum_id))
818 {
819 // Flood check
820 $last_post_time = 0;
821
822 if ($user->data['is_registered'])
823 {
824 $last_post_time = $user->data['user_lastpost_time'];
825 }
826 else
827 {
828 $sql = 'SELECT post_time AS last_post_time
829 FROM ' . POSTS_TABLE . "
830 WHERE poster_ip = '" . $user->ip . "'
831 AND post_time > " . ($current_time - $config['flood_interval']);
832 $result = $db->sql_query_limit($sql, 1);
833 if ($row = $db->sql_fetchrow($result))
834 {
835 $last_post_time = $row['last_post_time'];
836 }
837 $db->sql_freeresult($result);
838 }
839
840 if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval']))
841 {
842 $error[] = $user->lang['FLOOD_ERROR'];
843 }
844 }
845
846 // Validate username
847 if (($post_data['username'] && !$user->data['is_registered']) || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username']))
848 {
849 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
850
851 if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false)
852 {
853 $user->add_lang('ucp');
854 $error[] = $user->lang[$result . '_USERNAME'];
855 }
856 }
857
858 if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply')))
859 {
860 $captcha_data = array(
861 'message' => utf8_normalize_nfc(request_var('message', '', true)),
862 'subject' => utf8_normalize_nfc(request_var('subject', '', true)),
863 'username' => utf8_normalize_nfc(request_var('username', '', true)),
864 );
865 $vc_response = $captcha->validate($captcha_data);
866 if ($vc_response)
867 {
868 $error[] = $vc_response;
869 }
870 }
871
872 // check form
873 if (($submit || $preview) && !check_form_key('posting'))
874 {
875 $error[] = $user->lang['FORM_INVALID'];
876 }
877
878 // Parse subject
879 if (!$preview && !$refresh && utf8_clean_string($post_data['post_subject']) === '' && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
880 {
881 $error[] = $user->lang['EMPTY_SUBJECT'];
882 }
883
884 $post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0;
885
886 if ($post_data['poll_option_text'] &&
887 ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
888 && $auth->acl_get('f_poll', $forum_id))
889 {
890 $poll = array(
891 'poll_title' => $post_data['poll_title'],
892 'poll_length' => $post_data['poll_length'],
893 'poll_max_options' => $post_data['poll_max_options'],
894 'poll_option_text' => $post_data['poll_option_text'],
895 'poll_start' => $post_data['poll_start'],
896 'poll_last_vote' => $post_data['poll_last_vote'],
897 'poll_vote_change' => $post_data['poll_vote_change'],
898 'enable_bbcode' => $post_data['enable_bbcode'],
899 'enable_urls' => $post_data['enable_urls'],
900 'enable_smilies' => $post_data['enable_smilies'],
901 'img_status' => $img_status
902 );
903
904 $message_parser->parse_poll($poll);
905
906 $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : '';
907 $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
908
909 /* We reset votes, therefore also allow removing options
910 if ($post_data['poll_last_vote'] && ($poll['poll_options_size'] < $orig_poll_options_size))
911 {
912 $message_parser->warn_msg[] = $user->lang['NO_DELETE_POLL_OPTIONS'];
913 }*/
914 }
915 else
916 {
917 $poll = array();
918 }
919
920 // Check topic type
921 if ($post_data['topic_type'] != POST_NORMAL && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
922 {
923 switch ($post_data['topic_type'])
924 {
925 case POST_GLOBAL:
926 case POST_ANNOUNCE:
927 $auth_option = 'f_announce';
928 break;
929
930 case POST_STICKY:
931 $auth_option = 'f_sticky';
932 break;
933
934 default:
935 $auth_option = '';
936 break;
937 }
938
939 if (!$auth->acl_get($auth_option, $forum_id))
940 {
941 // There is a special case where a user edits his post whereby the topic type got changed by an admin/mod.
942 // Another case would be a mod not having sticky permissions for example but edit permissions.
943 if ($mode == 'edit')
944 {
945 // To prevent non-authed users messing around with the topic type we reset it to the original one.
946 $post_data['topic_type'] = $post_data['orig_topic_type'];
947 }
948 else
949 {
950 $error[] = $user->lang['CANNOT_POST_' . str_replace('F_', '', strtoupper($auth_option))];
951 }
952 }
953 }
954
955 if (sizeof($message_parser->warn_msg))
956 {
957 $error[] = implode('<br />', $message_parser->warn_msg);
958 }
959
960 // DNSBL check
961 if ($config['check_dnsbl'] && !$refresh)
962 {
963 if (($dnsbl = $user->check_dnsbl('post')) !== false)
964 {
965 $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
966 }
967 }
968
969 // Store message, sync counters
970 if (!sizeof($error) && $submit)
971 {
972 // Check if we want to de-globalize the topic... and ask for new forum
973 if ($post_data['topic_type'] != POST_GLOBAL)
974 {
975 $sql = 'SELECT topic_type, forum_id
976 FROM ' . TOPICS_TABLE . "
977 WHERE topic_id = $topic_id";
978 $result = $db->sql_query($sql);
979 $row = $db->sql_fetchrow($result);
980 $db->sql_freeresult($result);
981
982 if ($row && !$row['forum_id'] && $row['topic_type'] == POST_GLOBAL)
983 {
984 $to_forum_id = request_var('to_forum_id', 0);
985
986 if ($to_forum_id)
987 {
988 $sql = 'SELECT forum_type
989 FROM ' . FORUMS_TABLE . '
990 WHERE forum_id = ' . $to_forum_id;
991 $result = $db->sql_query($sql);
992 $forum_type = (int) $db->sql_fetchfield('forum_type');
993 $db->sql_freeresult($result);
994
995 if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id) || (!$auth->acl_get('m_approve', $to_forum_id) && !$auth->acl_get('f_noapprove', $to_forum_id)))
996 {
997 $to_forum_id = 0;
998 }
999 }
1000
1001 if (!$to_forum_id)
1002 {
1003 include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
1004
1005 $template->assign_vars(array(
1006 'S_FORUM_SELECT' => make_forum_select(false, false, false, true, true, true),
1007 'S_UNGLOBALISE' => true)
1008 );
1009
1010 $submit = false;
1011 $refresh = true;
1012 }
1013 else
1014 {
1015 if (!$auth->acl_get('f_post', $to_forum_id))
1016 {
1017 // This will only be triggered if the user tried to trick the forum.
1018 trigger_error('NOT_AUTHORISED');
1019 }
1020
1021 $forum_id = $to_forum_id;
1022 }
1023 }
1024 }
1025
1026 if ($submit)
1027 {
1028 // Lock/Unlock Topic
1029 $change_topic_status = $post_data['topic_status'];
1030 $perm_lock_unlock = ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED)) ? true : false;
1031
1032 if ($post_data['topic_status'] == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock)
1033 {
1034 $change_topic_status = ITEM_UNLOCKED;
1035 }
1036 else if ($post_data['topic_status'] == ITEM_UNLOCKED && $topic_lock && $perm_lock_unlock)
1037 {
1038 $change_topic_status = ITEM_LOCKED;
1039 }
1040
1041 if ($change_topic_status != $post_data['topic_status'])
1042 {
1043 $sql = 'UPDATE ' . TOPICS_TABLE . "
1044 SET topic_status = $change_topic_status
1045 WHERE topic_id = $topic_id
1046 AND topic_moved_id = 0";
1047 $db->sql_query($sql);
1048
1049 $user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster']) ? 'USER_' : '';
1050
1051 add_log('mod', $forum_id, $topic_id, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), $post_data['topic_title']);
1052 }
1053
1054 // Lock/Unlock Post Edit
1055 if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id))
1056 {
1057 $post_data['post_edit_locked'] = ITEM_UNLOCKED;
1058 }
1059 else if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id))
1060 {
1061 $post_data['post_edit_locked'] = ITEM_LOCKED;
1062 }
1063
1064 $data = array(
1065 'topic_title' => (empty($post_data['topic_title'])) ? $post_data['post_subject'] : $post_data['topic_title'],
1066 'topic_first_post_id' => (isset($post_data['topic_first_post_id'])) ? (int) $post_data['topic_first_post_id'] : 0,
1067 'topic_last_post_id' => (isset($post_data['topic_last_post_id'])) ? (int) $post_data['topic_last_post_id'] : 0,
1068 'topic_time_limit' => (int) $post_data['topic_time_limit'],
1069 'topic_attachment' => (isset($post_data['topic_attachment'])) ? (int) $post_data['topic_attachment'] : 0,
1070 'post_id' => (int) $post_id,
1071 'topic_id' => (int) $topic_id,
1072 'forum_id' => (int) $forum_id,
1073 'icon_id' => (int) $post_data['icon_id'],
1074 'poster_id' => (int) $post_data['poster_id'],
1075 'enable_sig' => (bool) $post_data['enable_sig'],
1076 'enable_bbcode' => (bool) $post_data['enable_bbcode'],
1077 'enable_smilies' => (bool) $post_data['enable_smilies'],
1078 'enable_urls' => (bool) $post_data['enable_urls'],
1079 'enable_indexing' => (bool) $post_data['enable_indexing'],
1080 'message_md5' => (string) $message_md5,
1081 'post_time' => (isset($post_data['post_time'])) ? (int) $post_data['post_time'] : $current_time,
1082 'post_checksum' => (isset($post_data['post_checksum'])) ? (string) $post_data['post_checksum'] : '',
1083 'post_edit_reason' => $post_data['post_edit_reason'],
1084 'post_edit_user' => ($mode == 'edit') ? $user->data['user_id'] : ((isset($post_data['post_edit_user'])) ? (int) $post_data['post_edit_user'] : 0),
1085 'forum_parents' => $post_data['forum_parents'],
1086 'forum_name' => $post_data['forum_name'],
1087 'notify' => $notify,
1088 'notify_set' => $post_data['notify_set'],
1089 'poster_ip' => (isset($post_data['poster_ip'])) ? $post_data['poster_ip'] : $user->ip,
1090 'post_edit_locked' => (int) $post_data['post_edit_locked'],
1091 'bbcode_bitfield' => $message_parser->bbcode_bitfield,
1092 'bbcode_uid' => $message_parser->bbcode_uid,
1093 'message' => $message_parser->message,
1094 'attachment_data' => $message_parser->attachment_data,
1095 'filename_data' => $message_parser->filename_data,
1096
1097 'topic_approved' => (isset($post_data['topic_approved'])) ? $post_data['topic_approved'] : false,
1098 'post_approved' => (isset($post_data['post_approved'])) ? $post_data['post_approved'] : false,
1099 );
1100
1101 if ($mode == 'edit')
1102 {
1103 $data['topic_replies_real'] = $post_data['topic_replies_real'];
1104 $data['topic_replies'] = $post_data['topic_replies'];
1105 }
1106
1107 // The last parameter tells submit_post if search indexer has to be run
1108 $redirect_url = submit_post($mode, $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message, ($update_message || $update_subject) ? true : false);
1109
1110 if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === true) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
1111 {
1112 $captcha->reset();
1113 }
1114
1115 // Check the permissions for post approval. Moderators are not affected.
1116 if ((!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id']) && empty($data['force_approved_state'])) || (isset($data['force_approved_state']) && !$data['force_approved_state']))
1117 {
1118 meta_refresh(10, $redirect_url);
1119 $message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD'];
1120 $message .= (($user->data['user_id'] == ANONYMOUS) ? '' : ' '. $user->lang['POST_APPROVAL_NOTIFY']);
1121 }
1122 else
1123 {
1124 meta_refresh(3, $redirect_url);
1125
1126 $message = ($mode == 'edit') ? 'POST_EDITED' : 'POST_STORED';
1127 $message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $redirect_url . '">', '</a>');
1128 }
1129
1130 $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $data['forum_id']) . '">', '</a>');
1131 trigger_error($message);
1132 }
1133 }
1134}
1135
1136// Preview
1137if (!sizeof($error) && $preview)
1138{
1139 $post_data['post_time'] = ($mode == 'edit') ? $post_data['post_time'] : $current_time;
1140
1141 $preview_message = $message_parser->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies'], false);
1142
1143 $preview_signature = ($mode == 'edit') ? $post_data['user_sig'] : $user->data['user_sig'];
1144 $preview_signature_uid = ($mode == 'edit') ? $post_data['user_sig_bbcode_uid'] : $user->data['user_sig_bbcode_uid'];
1145 $preview_signature_bitfield = ($mode == 'edit') ? $post_data['user_sig_bbcode_bitfield'] : $user->data['user_sig_bbcode_bitfield'];
1146
1147 // Signature
1148 if ($post_data['enable_sig'] && $config['allow_sig'] && $preview_signature && $auth->acl_get('f_sigs', $forum_id))
1149 {
1150 $parse_sig = new parse_message($preview_signature);
1151 $parse_sig->bbcode_uid = $preview_signature_uid;
1152 $parse_sig->bbcode_bitfield = $preview_signature_bitfield;
1153
1154 // Not sure about parameters for bbcode/smilies/urls... in signatures
1155 $parse_sig->format_display($config['allow_sig_bbcode'], true, $config['allow_sig_smilies']);
1156 $preview_signature = $parse_sig->message;
1157 unset($parse_sig);
1158 }
1159 else
1160 {
1161 $preview_signature = '';
1162 }
1163
1164 $preview_subject = censor_text($post_data['post_subject']);
1165
1166 // Poll Preview
1167 if (!$poll_delete && ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1168 && $auth->acl_get('f_poll', $forum_id))
1169 {
1170 $parse_poll = new parse_message($post_data['poll_title']);
1171 $parse_poll->bbcode_uid = $message_parser->bbcode_uid;
1172 $parse_poll->bbcode_bitfield = $message_parser->bbcode_bitfield;
1173
1174 $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
1175
1176 if ($post_data['poll_length'])
1177 {
1178 $poll_end = ($post_data['poll_length'] * 86400) + (($post_data['poll_start']) ? $post_data['poll_start'] : time());
1179 }
1180
1181 $template->assign_vars(array(
1182 'S_HAS_POLL_OPTIONS' => (sizeof($post_data['poll_options'])),
1183 'S_IS_MULTI_CHOICE' => ($post_data['poll_max_options'] > 1) ? true : false,
1184
1185 'POLL_QUESTION' => $parse_poll->message,
1186
1187 'L_POLL_LENGTH' => ($post_data['poll_length']) ? sprintf($user->lang['POLL_RUN_TILL'], $user->format_date($poll_end)) : '',
1188 'L_MAX_VOTES' => ($post_data['poll_max_options'] == 1) ? $user->lang['MAX_OPTION_SELECT'] : sprintf($user->lang['MAX_OPTIONS_SELECT'], $post_data['poll_max_options']))
1189 );
1190
1191 $parse_poll->message = implode("\n", $post_data['poll_options']);
1192 $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
1193 $preview_poll_options = explode('<br />', $parse_poll->message);
1194 unset($parse_poll);
1195
1196 foreach ($preview_poll_options as $key => $option)
1197 {
1198 $template->assign_block_vars('poll_option', array(
1199 'POLL_OPTION_CAPTION' => $option,
1200 'POLL_OPTION_ID' => $key + 1)
1201 );
1202 }
1203 unset($preview_poll_options);
1204 }
1205
1206 // Attachment Preview
1207 if (sizeof($message_parser->attachment_data))
1208 {
1209 $template->assign_var('S_HAS_ATTACHMENTS', true);
1210
1211 $update_count = array();
1212 $attachment_data = $message_parser->attachment_data;
1213
1214 parse_attachments($forum_id, $preview_message, $attachment_data, $update_count, true);
1215
1216 foreach ($attachment_data as $i => $attachment)
1217 {
1218 $template->assign_block_vars('attachment', array(
1219 'DISPLAY_ATTACHMENT' => $attachment)
1220 );
1221 }
1222 unset($attachment_data);
1223 }
1224
1225 if (!sizeof($error))
1226 {
1227 $template->assign_vars(array(
1228 'PREVIEW_SUBJECT' => $preview_subject,
1229 'PREVIEW_MESSAGE' => $preview_message,
1230 'PREVIEW_SIGNATURE' => $preview_signature,
1231
1232 'S_DISPLAY_PREVIEW' => true)
1233 );
1234 }
1235}
1236
1237// Decode text for message display
1238$post_data['bbcode_uid'] = ($mode == 'quote' && !$preview && !$refresh && !sizeof($error)) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid;
1239$message_parser->decode_message($post_data['bbcode_uid']);
1240
1241if ($mode == 'quote' && !$submit && !$preview && !$refresh)
1242{
1243 if ($config['allow_bbcode'])
1244 {
1245 $message_parser->message = '[quote=&quot;' . $post_data['quote_username'] . '&quot;]' . censor_text(trim($message_parser->message)) . "[/quote]\n";
1246 }
1247 else
1248 {
1249 $offset = 0;
1250 $quote_string = "&gt; ";
1251 $message = censor_text(trim($message_parser->message));
1252 // see if we are nesting. It's easily tricked but should work for one level of nesting
1253 if (strpos($message, "&gt;") !== false)
1254 {
1255 $offset = 10;
1256 }
1257 $message = utf8_wordwrap($message, 75 + $offset, "\n");
1258
1259 $message = $quote_string . $message;
1260 $message = str_replace("\n", "\n" . $quote_string, $message);
1261 $message_parser->message = $post_data['quote_username'] . " " . $user->lang['WROTE'] . " :\n" . $message . "\n";
1262 }
1263}
1264
1265if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh)
1266{
1267 $post_data['post_subject'] = ((strpos($post_data['post_subject'], 'Re: ') !== 0) ? 'Re: ' : '') . censor_text($post_data['post_subject']);
1268}
1269
1270$attachment_data = $message_parser->attachment_data;
1271$filename_data = $message_parser->filename_data;
1272$post_data['post_text'] = $message_parser->message;
1273
1274if (sizeof($post_data['poll_options']) && $post_data['poll_title'])
1275{
1276 $message_parser->message = $post_data['poll_title'];
1277 $message_parser->bbcode_uid = $post_data['bbcode_uid'];
1278
1279 $message_parser->decode_message();
1280 $post_data['poll_title'] = $message_parser->message;
1281
1282 $message_parser->message = implode("\n", $post_data['poll_options']);
1283 $message_parser->decode_message();
1284 $post_data['poll_options'] = explode("\n", $message_parser->message);
1285}
1286
1287// MAIN POSTING PAGE BEGINS HERE
1288
1289// Forum moderators?
1290$moderators = array();
1291if ($config['load_moderators'])
1292{
1293 get_moderators($moderators, $forum_id);
1294}
1295
1296// Generate smiley listing
1297generate_smilies('inline', $forum_id);
1298
1299// Generate inline attachment select box
1300posting_gen_inline_attachments($attachment_data);
1301
1302// Do show topic type selection only in first post.
1303$topic_type_toggle = false;
1304
1305if ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']))
1306{
1307 $topic_type_toggle = posting_gen_topic_types($forum_id, $post_data['topic_type']);
1308}
1309
1310$s_topic_icons = false;
1311if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id))
1312{
1313 $s_topic_icons = posting_gen_topic_icons($mode, $post_data['icon_id']);
1314}
1315
1316$bbcode_checked = (isset($post_data['enable_bbcode'])) ? !$post_data['enable_bbcode'] : (($config['allow_bbcode']) ? !$user->optionget('bbcode') : 1);
1317$smilies_checked = (isset($post_data['enable_smilies'])) ? !$post_data['enable_smilies'] : (($config['allow_smilies']) ? !$user->optionget('smilies') : 1);
1318$urls_checked = (isset($post_data['enable_urls'])) ? !$post_data['enable_urls'] : 0;
1319$sig_checked = $post_data['enable_sig'];
1320$lock_topic_checked = (isset($topic_lock) && $topic_lock) ? $topic_lock : (($post_data['topic_status'] == ITEM_LOCKED) ? 1 : 0);
1321$lock_post_checked = (isset($post_lock)) ? $post_lock : $post_data['post_edit_locked'];
1322
1323// If the user is replying or posting and not already watching this topic but set to always being notified we need to overwrite this setting
1324$notify_set = ($mode != 'edit' && $config['allow_topic_notify'] && $user->data['is_registered'] && !$post_data['notify_set']) ? $user->data['user_notify'] : $post_data['notify_set'];
1325$notify_checked = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);
1326
1327// Page title & action URL, include session_id for security purpose
1328$s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode&amp;f=$forum_id", true, $user->session_id);
1329$s_action .= ($topic_id) ? "&amp;t=$topic_id" : '';
1330$s_action .= ($post_id) ? "&amp;p=$post_id" : '';
1331
1332switch ($mode)
1333{
1334 case 'post':
1335 $page_title = $user->lang['POST_TOPIC'];
1336 break;
1337
1338 case 'quote':
1339 case 'reply':
1340 $page_title = $user->lang['POST_REPLY'];
1341 break;
1342
1343 case 'delete':
1344 case 'edit':
1345 $page_title = $user->lang['EDIT_POST'];
1346 break;
1347}
1348
1349// Build Navigation Links
1350generate_forum_nav($post_data);
1351
1352// Build Forum Rules
1353generate_forum_rules($post_data);
1354
1355// Posting uses is_solved for legacy reasons. Plugins have to use is_solved to force themselves to be displayed.
1356if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === false) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
1357{
1358
1359 $template->assign_vars(array(
1360 'S_CONFIRM_CODE' => true,
1361 'CAPTCHA_TEMPLATE' => $captcha->get_template(),
1362 ));
1363}
1364
1365$s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $post_data['topic_last_post_id'] . '" />' : '';
1366$s_hidden_fields .= '<input type="hidden" name="lastclick" value="' . $current_time . '" />';
1367$s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . request_var('draft_loaded', $draft_id) . '" />' : '';
1368
1369if ($mode == 'edit')
1370{
1371 $s_hidden_fields .= build_hidden_fields(array(
1372 'edit_post_message_checksum' => $post_data['post_checksum'],
1373 'edit_post_subject_checksum' => $post_data['post_subject_md5'],
1374 ));
1375}
1376
1377// Add the confirm id/code pair to the hidden fields, else an error is displayed on next submit/preview
1378if (isset($captcha) && $captcha->is_solved() !== false)
1379{
1380 $s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields());
1381}
1382
1383$form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_attachments'] || !$auth->acl_get('u_attach') || !$auth->acl_get('f_attach', $forum_id)) ? '' : ' enctype="multipart/form-data"';
1384add_form_key('posting');
1385
1386
1387// Start assigning vars for main posting page ...
1388$template->assign_vars(array(
1389 'L_POST_A' => $page_title,
1390 'L_ICON' => ($mode == 'reply' || $mode == 'quote' || ($mode == 'edit' && $post_id != $post_data['topic_first_post_id'])) ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'],
1391 'L_MESSAGE_BODY_EXPLAIN' => (intval($config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '',
1392
1393 'FORUM_NAME' => $post_data['forum_name'],
1394 'FORUM_DESC' => ($post_data['forum_desc']) ? generate_text_for_display($post_data['forum_desc'], $post_data['forum_desc_uid'], $post_data['forum_desc_bitfield'], $post_data['forum_desc_options']) : '',
1395 'TOPIC_TITLE' => censor_text($post_data['topic_title']),
1396 'MODERATORS' => (sizeof($moderators)) ? implode(', ', $moderators[$forum_id]) : '',
1397 'USERNAME' => ((!$preview && $mode != 'quote') || $preview) ? $post_data['username'] : '',
1398 'SUBJECT' => $post_data['post_subject'],
1399 'MESSAGE' => $post_data['post_text'],
1400 'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'),
1401 'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
1402 'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
1403 'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
1404 'URL_STATUS' => ($bbcode_status && $url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
1405 'MAX_FONT_SIZE' => (int) $config['max_post_font_size'],
1406 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['POST']),
1407 'POST_DATE' => ($post_data['post_time']) ? $user->format_date($post_data['post_time']) : '',
1408 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
1409 'TOPIC_TIME_LIMIT' => (int) $post_data['topic_time_limit'],
1410 'EDIT_REASON' => $post_data['post_edit_reason'],
1411 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"),
1412 'U_VIEW_TOPIC' => ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=$topic_id") : '',
1413 'U_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&amp;mode=popup"),
1414 'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&amp;mode=popup")),
1415
1416 'S_PRIVMSGS' => false,
1417 'S_CLOSE_PROGRESS_WINDOW' => (isset($_POST['add_file'])) ? true : false,
1418 'S_EDIT_POST' => ($mode == 'edit') ? true : false,
1419 'S_EDIT_REASON' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
1420 'S_DISPLAY_USERNAME' => (!$user->data['is_registered'] || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS)) ? true : false,
1421 'S_SHOW_TOPIC_ICONS' => $s_topic_icons,
1422 'S_DELETE_ALLOWED' => ($mode == 'edit' && (($post_id == $post_data['topic_last_post_id'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])) || $auth->acl_get('m_delete', $forum_id))) ? true : false,
1423 'S_BBCODE_ALLOWED' => $bbcode_status,
1424 'S_BBCODE_CHECKED' => ($bbcode_checked) ? ' checked="checked"' : '',
1425 'S_SMILIES_ALLOWED' => $smilies_status,
1426 'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '',
1427 'S_SIG_ALLOWED' => ($auth->acl_get('f_sigs', $forum_id) && $config['allow_sig'] && $user->data['is_registered']) ? true : false,
1428 'S_SIGNATURE_CHECKED' => ($sig_checked) ? ' checked="checked"' : '',
1429 'S_NOTIFY_ALLOWED' => (!$user->data['is_registered'] || ($mode == 'edit' && $user->data['user_id'] != $post_data['poster_id']) || !$config['allow_topic_notify'] || !$config['email_enable']) ? false : true,
1430 'S_NOTIFY_CHECKED' => ($notify_checked) ? ' checked="checked"' : '',
1431 'S_LOCK_TOPIC_ALLOWED' => (($mode == 'edit' || $mode == 'reply' || $mode == 'quote') && ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED))) ? true : false,
1432 'S_LOCK_TOPIC_CHECKED' => ($lock_topic_checked) ? ' checked="checked"' : '',
1433 'S_LOCK_POST_ALLOWED' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
1434 'S_LOCK_POST_CHECKED' => ($lock_post_checked) ? ' checked="checked"' : '',
1435 'S_LINKS_ALLOWED' => $url_status,
1436 'S_MAGIC_URL_CHECKED' => ($urls_checked) ? ' checked="checked"' : '',
1437 'S_TYPE_TOGGLE' => $topic_type_toggle,
1438 'S_SAVE_ALLOWED' => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $mode != 'edit') ? true : false,
1439 'S_HAS_DRAFTS' => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $post_data['drafts']) ? true : false,
1440 'S_FORM_ENCTYPE' => $form_enctype,
1441
1442 'S_BBCODE_IMG' => $img_status,
1443 'S_BBCODE_URL' => $url_status,
1444 'S_BBCODE_FLASH' => $flash_status,
1445 'S_BBCODE_QUOTE' => $quote_status,
1446
1447 'S_POST_ACTION' => $s_action,
1448 'S_HIDDEN_FIELDS' => $s_hidden_fields)
1449);
1450
1451// Build custom bbcodes array
1452display_custom_bbcodes();
1453
1454// Poll entry
1455if (($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1456 && $auth->acl_get('f_poll', $forum_id))
1457{
1458 $template->assign_vars(array(
1459 'S_SHOW_POLL_BOX' => true,
1460 'S_POLL_VOTE_CHANGE' => ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id)),
1461 'S_POLL_DELETE' => ($mode == 'edit' && sizeof($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))),
1462 'S_POLL_DELETE_CHECKED' => (!empty($poll_delete)) ? true : false,
1463
1464 'L_POLL_OPTIONS_EXPLAIN' => sprintf($user->lang['POLL_OPTIONS_' . (($mode == 'edit') ? 'EDIT_' : '') . 'EXPLAIN'], $config['max_poll_options']),
1465
1466 'VOTE_CHANGE_CHECKED' => (!empty($post_data['poll_vote_change'])) ? ' checked="checked"' : '',
1467 'POLL_TITLE' => (isset($post_data['poll_title'])) ? $post_data['poll_title'] : '',
1468 'POLL_OPTIONS' => (!empty($post_data['poll_options'])) ? implode("\n", $post_data['poll_options']) : '',
1469 'POLL_MAX_OPTIONS' => (isset($post_data['poll_max_options'])) ? (int) $post_data['poll_max_options'] : 1,
1470 'POLL_LENGTH' => $post_data['poll_length'])
1471 );
1472}
1473
1474// Show attachment box for adding attachments if true
1475$allowed = ($auth->acl_get('f_attach', $forum_id) && $auth->acl_get('u_attach') && $config['allow_attachments'] && $form_enctype);
1476
1477// Attachment entry
1478posting_gen_attachment_entry($attachment_data, $filename_data, $allowed);
1479
1480// Output page ...
1481page_header($page_title, false);
1482
1483$template->set_filenames(array(
1484 'body' => 'posting_body.html')
1485);
1486
1487make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx"));
1488
1489// Topic review
1490if ($mode == 'reply' || $mode == 'quote')
1491{
1492 if (topic_review($topic_id, $forum_id))
1493 {
1494 $template->assign_var('S_DISPLAY_REVIEW', true);
1495 }
1496}
1497
1498page_footer();
1499
1500/**
1501* Show upload popup (progress bar)
1502*/
1503function upload_popup($forum_style = 0)
1504{
1505 global $template, $user;
1506
1507 ($forum_style) ? $user->setup('posting', $forum_style) : $user->setup('posting');
1508
1509 page_header($user->lang['PROGRESS_BAR'], false);
1510
1511 $template->set_filenames(array(
1512 'popup' => 'posting_progress_bar.html')
1513 );
1514
1515 $template->assign_vars(array(
1516 'PROGRESS_BAR' => $user->img('upload_bar', $user->lang['UPLOAD_IN_PROGRESS']))
1517 );
1518
1519 $template->display('popup');
1520
1521 garbage_collection();
1522 exit_handler();
1523}
1524
1525/**
1526* Do the various checks required for removing posts as well as removing it
1527*/
1528function handle_post_delete($forum_id, $topic_id, $post_id, &$post_data)
1529{
1530 global $user, $db, $auth, $config;
1531 global $phpbb_root_path, $phpEx;
1532
1533 // If moderator removing post or user itself removing post, present a confirmation screen
1534 if ($auth->acl_get('m_delete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get('f_delete', $forum_id) && $post_id == $post_data['topic_last_post_id'] && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])))
1535 {
1536 $s_hidden_fields = build_hidden_fields(array(
1537 'p' => $post_id,
1538 'f' => $forum_id,
1539 'mode' => 'delete')
1540 );
1541
1542 if (confirm_box(true))
1543 {
1544 $data = array(
1545 'topic_first_post_id' => $post_data['topic_first_post_id'],
1546 'topic_last_post_id' => $post_data['topic_last_post_id'],
1547 'topic_replies_real' => $post_data['topic_replies_real'],
1548 'topic_approved' => $post_data['topic_approved'],
1549 'topic_type' => $post_data['topic_type'],
1550 'post_approved' => $post_data['post_approved'],
1551 'post_reported' => $post_data['post_reported'],
1552 'post_time' => $post_data['post_time'],
1553 'poster_id' => $post_data['poster_id'],
1554 'post_postcount' => $post_data['post_postcount']
1555 );
1556
1557 $next_post_id = delete_post($forum_id, $topic_id, $post_id, $data);
1558 $post_username = ($post_data['poster_id'] == ANONYMOUS && !empty($post_data['post_username'])) ? $post_data['post_username'] : $post_data['username'];
1559
1560 if ($next_post_id === false)
1561 {
1562 add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_TOPIC', $post_data['topic_title'], $post_username);
1563
1564 $meta_info = append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id");
1565 $message = $user->lang['POST_DELETED'];
1566 }
1567 else
1568 {
1569 add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_POST', $post_data['post_subject'], $post_username);
1570
1571 $meta_info = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=$topic_id&amp;p=$next_post_id") . "#p$next_post_id";
1572 $message = $user->lang['POST_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>');
1573 }
1574
1575 meta_refresh(3, $meta_info);
1576 $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
1577 trigger_error($message);
1578 }
1579 else
1580 {
1581 confirm_box(false, 'DELETE_POST', $s_hidden_fields);
1582 }
1583 }
1584
1585 // If we are here the user is not able to delete - present the correct error message
1586 if ($post_data['poster_id'] != $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id))
1587 {
1588 trigger_error('DELETE_OWN_POSTS');
1589 }
1590
1591 if ($post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && $post_id != $post_data['topic_last_post_id'])
1592 {
1593 trigger_error('CANNOT_DELETE_REPLIED');
1594 }
1595
1596 trigger_error('USER_CANNOT_DELETE');
1597}
1598
1599?>
Note: See TracBrowser for help on using the repository browser.