/posting.php

Large files files are truncated, but you can click here to view the full file

<?php
/**
*
* @package Icy Phoenix
* @version $Id$
* @copyright (c) 2008 Icy Phoenix
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/

/**
*
* @Icy Phoenix is based on phpBB
* @copyright (c) 2008 phpBB Group
*
*/

define('IN_POSTING', true);
// MG Cash MOD For IP - BEGIN
define('IN_CASHMOD', true);
define('CM_POSTING', true);
// MG Cash MOD For IP - END
// Added to optimize memory for attachments
define('ATTACH_DISPLAY', true);
define('ATTACH_POSTING', true);
define('CT_SECLEVEL', 'MEDIUM');
$ct_ignorepvar = array('helpbox');
define('IN_ICYPHOENIX', true);
if (!defined('IP_ROOT_PATH')) define('IP_ROOT_PATH', './');
if (!defined('PHP_EXT')) define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1));
include(IP_ROOT_PATH . 'common.' . PHP_EXT);
include_once(IP_ROOT_PATH . 'includes/bbcode.' . PHP_EXT);
include_once(IP_ROOT_PATH . 'includes/functions_post.' . PHP_EXT);
include_once(IP_ROOT_PATH . 'includes/functions_topics.' . PHP_EXT);
include_once(IP_ROOT_PATH . 'includes/functions_calendar.' . PHP_EXT);
// Event Registration - BEGIN
include_once(IP_ROOT_PATH . 'includes/functions_events_reg.' . PHP_EXT);
// Event Registration - END

@include_once(IP_ROOT_PATH . 'includes/class_topics.' . PHP_EXT);
$class_topics = new class_topics();

$use_jquery_tags = (!empty($config['use_jquery_tags']) && empty($user->data['mobile_style'])) ? true : false;
//$use_jquery_tags = false;
$config['jquery_ui'] = true;
if (!empty($use_jquery_tags))
{
	$config['jquery_tags'] = true;
}

// Init common vars: forum_id, topic_id, post_id, etc.
$class_topics->var_init(true);

// Check and set various parameters
$sid = request_var('sid', '');

$mode = request_var('mode', '');
$submit = request_var('post', '');
$news_category = request_var('news_category', '');
$preview = request_var('preview', '');
$draft = request_var('draft', '');
$draft_mode = request_var('draft_mode', '');
$delete = request_var('delete', '');
$poll_delete = request_var('poll_delete', '');
$poll_add = request_var('add_poll_option', '');
$poll_edit = request_var('edit_poll_option', '');
// UPI2DB - BEGIN
$mark_edit = request_var('mark_edit', '');
// UPI2DB - END

$start = request_var('start', 0);
$start = ($start < 0) ? 0 : $start;

$confirm = isset($_POST['confirm']) ? true : false;
$draft_confirm = !empty($_POST['draft_confirm']) ? true : false;
$draft = (!empty($draft) || $draft_confirm) ? true : false;

$lock_subject = request_var('lock_subject', 0);

$draft_subject = '';
$draft_message = '';
if ($config['allow_drafts'] && ($draft_mode == 'draft_load') && ($draft_id > 0))
{
	$sql = "SELECT d.*
		FROM " . DRAFTS_TABLE . " d
		WHERE d.draft_id = " . $draft_id . "
		LIMIT 1";
	$result = $db->sql_query($sql);

	if ($draft_row = $db->sql_fetchrow($result))
	{
		$db->sql_freeresult($result);
		if ($draft_row['forum_id'] > 0)
		{
			$forum_id = $draft_row['forum_id'];
			if ($draft_row['topic_id'] > 0)
			{
				$topic_id = $draft_row['topic_id'];
			}
			else
			{
				$topic_id = '';
			}
			$draft_subject = $draft_row['draft_subject'];
			$draft_message = htmlspecialchars_decode($draft_row['draft_message'], ENT_COMPAT);
			$preview = true;
		}
		else
		{
			$draft_subject = $draft_row['draft_subject'];
			$draft_message = $draft_row['draft_message'];
			$preview = true;
		}
	}
}

$forum_id_append = (!empty($forum_id) ? (POST_FORUM_URL . '=' . $forum_id) : '');
$topic_id_append = (!empty($topic_id) ? (POST_TOPIC_URL . '=' . $topic_id) : '');
$post_id_append = (!empty($post_id) ? (POST_POST_URL . '=' . $post_id) : '');

// . (!empty($forum_id_append) ? ($forum_id_append . '&amp;') : '') . (!empty($topic_id_append) ? ($topic_id_append . '&amp;') : '') . $post_id_append

$s_hidden_fields = '';
$hidden_form_fields = '';
$refresh = !empty($preview) || $poll_add || $poll_edit || $poll_delete || ($draft && !$draft_confirm);

// Set topic type
//echo $topic_type;
//$topic_type = (in_array($topic_type, array(0, 1, 2, 3, 4))) ? $topic_type : POST_NORMAL;
$topic_show_portal = (!empty($_POST['topic_show_portal'])) ? true : false;
$topic_type = request_var('topictype', POST_NORMAL);
if (!$topic_type)
{
	$topic_type = POST_NORMAL;
}

// Maybe better do not replace these $_POST with request_var, or we may have further problems later
$year = request_post_var('topic_calendar_year', 0);
$month = request_post_var('topic_calendar_month', 0);
$day = request_post_var('topic_calendar_day', 0);
$hour = request_post_var('topic_calendar_hour', 0);
$min = request_post_var('topic_calendar_min', 0);
$d_day = request_post_var('topic_calendar_duration_day', 0);
$d_hour = request_post_var('topic_calendar_duration_hour', 0);
$d_min = request_post_var('topic_calendar_duration_min', 0);

// this array will hold the plugin-specific variables
$extra_vars = array();
/**
* @event posting.post_vars.
* @description Allows to read POST data to be used later.
* @since 3.0
* @var int topic_type The topic type.
* @var array extra_vars The extra variables that'll be carried throughout this file.
*/
$vars = array(
	'topic_type',
	'extra_vars',
);
extract($class_plugins->trigger('posting.post_vars', compact($vars)));

if (empty($year) || empty($month) || empty($day))
{
	$year = '';
	$month = '';
	$day = '';
	$hour = '';
	$min = '';
	$d_day = '';
	$d_hour = '';
	$d_min = '';
}
if (empty($hour) && empty($min))
{
	$hour = '';
	$min = '';
	$d_hour = '';
	$d_min = '';
}

// start event
$topic_calendar_time = 0;
if (!empty($year))
{
	$topic_calendar_time = gmmktime(intval($hour), intval($min), 0, intval($month), intval($day), intval($year));
}

// duration
$topic_calendar_duration = 0;
$d_dur = $d_day . $d_hour . $d_min;
if (!empty($topic_calendar_time) && !empty($d_dur))
{
	$topic_calendar_duration = intval($d_day) * 86400 + intval($d_hour) * 3600 + intval($d_min) * 60;
	if ($topic_calendar_duration < 0)
	{
		$topic_calendar_duration = 0;
	}
}

// If the mode is set to topic review then output that review...
if ($mode == 'topicreview')
{
	require(IP_ROOT_PATH . 'includes/topic_review.' . PHP_EXT);
	topic_review($forum_id, $topic_id, false);
	exit;
}
elseif ($mode == 'smilies')
{
	generate_smilies('window');
	exit;
}

// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup();
// End session management

// DNSBL CHECK - BEGIN
if (!empty($config['check_dnsbl_posting']) && in_array($mode, array('newtopic', 'reply', 'editpost')) && !empty($submit))
{
	if (($dnsbl = $user->check_dnsbl('post')) !== false)
	{
		$error[] = sprintf($lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1], $dnsbl[1]);
	}

	if (!empty($error))
	{
		$message = implode('<br />', $error);
		message_die(GENERAL_MESSAGE, $message);
	}
}
// DNSBL CHECK - END

// Was cancel pressed? If so then redirect to the appropriate page, no point in continuing with any further checks
if (isset($_POST['cancel']))
{
	if ($postreport)
	{
		$redirect = CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . (!empty($topic_id_append) ? ($topic_id_append . '&') : '') . POST_POST_URL . '=' . $postreport;
		$post_append = '';
	}
	elseif ($post_id)
	{
		$redirect = CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . (!empty($topic_id_append) ? ($topic_id_append . '&') : '') . $post_id_append;
		$post_append = '#p' . $post_id;
	}
	elseif ($topic_id)
	{
		$redirect = CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . $topic_id_append;
		$post_append = '';
	}
	elseif ($forum_id)
	{
		$redirect = CMS_PAGE_VIEWFORUM . '?' . $forum_id_append;
		$post_append = '';
	}
	else
	{
		$redirect = CMS_PAGE_FORUM;
		$post_append = '';
	}
	redirect(append_sid($redirect, true) . $post_append);
}

// What auth type do we need to check?
$is_auth = array();
$is_auth_type = '';
$is_auth_type_cal = '';
$read_only_write_auth_required = false;
switch($mode)
{
	case 'newtopic':
		// TODO: these also need to be checked if ($mode == 'editpost' && $post_data['first_post'])
		$read_only_write_auth_required = true;
		if ($topic_type == POST_GLOBAL_ANNOUNCE)
		{
			$is_auth_type = 'auth_globalannounce';
		}
		elseif ($topic_type == POST_ANNOUNCE)
		{
			$is_auth_type = 'auth_announce';
		}
		elseif ($topic_type == POST_STICKY)
		{
			$is_auth_type = 'auth_sticky';
		}
		else
		{
			$is_auth_type = 'auth_post';
		}
		if (!empty($topic_calendar_time))
		{
			$is_auth_type_cal = 'auth_cal';
		}
		break;
	case 'reply':
	case 'quote':
		$read_only_write_auth_required = true;
		$is_auth_type = 'auth_reply';
		break;
	case 'editpost':
		$read_only_write_auth_required = true;
		$is_auth_type = 'auth_edit';
		break;
	case 'delete':
	case 'poll_delete':
		$read_only_write_auth_required = true;
		$is_auth_type = 'auth_delete';
		break;
	case 'vote':
		$is_auth_type = 'auth_vote';
		break;
	// Event Registration - BEGIN
	case 'register':
		$is_auth_type = 'auth_vote';
		break;
	// Event Registration - END
	case 'topicreview':
		$is_auth_type = 'auth_read';
		break;
	default:
		message_die(GENERAL_MESSAGE, $lang['No_post_mode']);
		break;
}

//if ($read_only_write_auth_required && $config['read_only_forum'])
if ($read_only_write_auth_required && $config['read_only_forum'] && ($user->data['user_level'] != ADMIN))
{
	message_die(GENERAL_MESSAGE, $lang['READ_ONLY_FORUM']);
}

//
// Here we do various lookups to find topic_id, forum_id, post_id etc.
// Doing it here prevents spoofing (eg. faking forum_id, topic_id or post_id
//
$error_msg = '';
$post_data = array();
switch ($mode)
{
	case 'newtopic':
		if (empty($forum_id))
		{
			if (!defined('STATUS_404')) define('STATUS_404', true);
			message_die(GENERAL_MESSAGE, 'NO_FORUM');
		}

		$sql = "SELECT f.*
			FROM " . FORUMS_TABLE . " f
			WHERE f.forum_id = " . $forum_id . "
			LIMIT 1";
		break;
	case 'reply':
	case 'vote':
	// Event Registration - BEGIN
	case 'register':
	// Event Registration - END
		if (empty($topic_id))
		{
			message_die(GENERAL_MESSAGE, $lang['No_topic_id']);
		}

		$sql = "SELECT f.*, t.*
			FROM " . FORUMS_TABLE . " f, " . TOPICS_TABLE . " t
			WHERE t.topic_id = " . $topic_id . "
				AND f.forum_id = t.forum_id
			LIMIT 1";
		break;

	case 'quote':
	case 'editpost':
	case 'delete':
	case 'poll_delete':
		if (empty($post_id))
		{
			message_die(GENERAL_MESSAGE, $lang['No_post_id']);
		}

		// MG Cash MOD For IP - BEGIN
		if (!empty($config['plugins']['cash']['enabled']))
		{
			$temp = $submit;
			$submit = !(!$submit || (isset($config['cash_disable']) && !$config['cash_disable'] && (($mode == 'editpost') || ($mode == 'delete'))));
		}
		// MG Cash MOD For IP - END

		$query = array(
			'SELECT' => array('f.*', 't.*', 'p.*'),
			'FROM' => array(
				POSTS_TABLE => 'p',
				TOPICS_TABLE => 't',
				FORUMS_TABLE => 'f',
			),
			'WHERE' => array(
				'p.post_id = ' . $post_id,
				't.topic_id = p.topic_id',
				'f.forum_id = p.forum_id',
			),
			'LIMIT' => 1,
		);
		if (!$submit)
		{
			$query['SELECT'] = array_merge($query['SELECT'], array('u.username', 'u.user_id', 'u.user_sig', 'u.user_level', 'u.user_active', 'u.user_color'));
			$query['FROM'][USERS_TABLE] = 'u';
			$query['WHERE'][] = 'u.user_id = p.poster_id';
		}

		/**
		* @event posting.before_select.
		* @description Allows to edit the query to look up the forum / topic / post data.
		* @since 3.0
		* @var array query The SQL query parts.
		*/
		extract($class_plugins->trigger('posting.before_select', compact('query')));

		$sql = $db->sql_build_query('SELECT', $query);

		// MG Cash MOD For IP - BEGIN
		if (!empty($config['plugins']['cash']['enabled']))
		{
			$submit = $temp;
			unset($temp);
		}
		// MG Cash MOD For IP - END
		break;

	default:
		message_die(GENERAL_MESSAGE, $lang['No_valid_mode']);
}

$result = $db->sql_query($sql);
$post_info = $db->sql_fetchrow($result);
if ($result && $post_info)
{
	$db->sql_freeresult($result);

	$forum_id = $post_info['forum_id'];
	if (!empty($post_info['topic_calendar_duration']))
	{
		$post_info['topic_calendar_duration']++;
	}
	$forum_name = get_object_lang(POST_FORUM_URL . $post_info['forum_id'], 'name');

	$is_auth = auth(AUTH_ALL, $forum_id, $user->data, $post_info);

	// Topic Lock/Unlock
	$lock = (isset($_POST['lock'])) ? true : false;
	$unlock = (isset($_POST['unlock'])) ? true : false;

	if (($submit || $confirm) && ($lock || $unlock) && $is_auth['auth_mod'] && ($mode != 'newtopic') && (!$refresh))
	{
		$t_id = (!isset($post_info['topic_id'])) ? $topic_id : $post_info['topic_id'];
		if ($lock || $unlock)
		{
			$sql = "UPDATE " . TOPICS_TABLE . "
			SET topic_status = " . ($lock ? TOPIC_LOCKED : TOPIC_UNLOCKED) . "
			WHERE topic_id = " . $t_id . "
			AND topic_moved_id = 0";
			$result = $db->sql_query($sql);
		}
	}

	if (($post_info['forum_status'] == FORUM_LOCKED) && !$is_auth['auth_mod'])
	{
		message_die(GENERAL_MESSAGE, $lang['Forum_locked']);
	}
	elseif (($mode != 'newtopic') && ($post_info['topic_status'] == TOPIC_LOCKED) && !$is_auth['auth_mod'])
	{
		message_die(GENERAL_MESSAGE, $lang['Topic_locked']);
	}

	// LIMIT POST EDIT TIME - BEGIN
	$is_global_limit_edit_enabled = ($post_info['forum_limit_edit_time'] && (intval($config['forum_limit_edit_time_interval']) > 0)) ? true : false;
	$is_spam_limit_edit_enabled = ((intval($config['spam_posts_number']) > 0) && ($user->data['user_posts'] < (int) $config['spam_posts_number']) && (intval($config['spam_post_edit_interval']) > 0)) ? true : false;
	if (($mode == 'editpost') && ($user->data['user_level'] != ADMIN) && !$is_auth['auth_mod'] && !$submit && ($is_global_limit_edit_enabled || $is_spam_limit_edit_enabled))
	{
		if (($is_global_limit_edit_enabled && (intval($config['forum_limit_edit_time_interval']) < ((time() - $post_info['post_time']) / 60))) || ($is_spam_limit_edit_enabled && (intval($config['spam_post_edit_interval']) < ((time() - $post_info['post_time']) / 60))))
		{
			$message = sprintf($lang['LIMIT_EDIT_TIME_WARN'], intval($config['forum_limit_edit_time_interval'])) . '<br /><br />' . sprintf($lang['Click_view_message'], '<a href="' . append_sid(CMS_PAGE_VIEWTOPIC . '?' . POST_POST_URL . '=' . $post_id) . '#' . $post_id . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid(CMS_PAGE_VIEWFORUM . '?' . POST_FORUM_URL . '=' . $forum_id) . '">', '</a>');
			message_die(GENERAL_MESSAGE, $message);
		}
	}
	// LIMIT POST EDIT TIME - END

	if ($mode == 'editpost')
	{
		if ($is_auth['auth_mod'] || ($user->data['user_level'] == ADMIN))
		{
			$template->assign_block_vars('switch_lock_post', array());
			$template->assign_var('S_POST_LOCKED', $post_info['post_locked'] ? ' checked="checked"' : '');
		}
		elseif ($post_info['post_locked'])
		{
			message_die(GENERAL_MESSAGE, 'POST_LOCKED');
		}
	}

	if (($mode == 'editpost') || ($mode == 'delete') || ($mode == 'poll_delete'))
	{
		$topic_id = $post_info['topic_id'];
		$topic_id_append = (!empty($topic_id) ? (POST_TOPIC_URL . '=' . $topic_id) : '');
		// MG Cash MOD For IP - BEGIN
		if (!empty($config['plugins']['cash']['enabled']))
		{
			$post_data['post_text'] = (($mode == 'editpost') || ($mode == 'delete')) ? $post_info['post_text'] : '';
		}
		// MG Cash MOD For IP - END
		$post_data['poster_post'] = ($post_info['poster_id'] == $user->data['user_id']) ? true : false;
		$post_data['first_post'] = ($post_info['topic_first_post_id'] == $post_id) ? true : false;
		$post_data['last_post'] = ($post_info['topic_last_post_id'] == $post_id) ? true : false;
		$post_data['last_topic'] = ($post_info['forum_last_post_id'] == $post_id) ? true : false;
		$post_data['has_poll'] = (!empty($post_info['poll_start']) ? true : false);
		$post_data['poll_start'] = !empty($post_info['poll_start']) ? $post_info['poll_start'] : 0;
		// Event Registration - BEGIN
		$post_data['has_reg'] = ($post_info['topic_reg']) ? true : false;
		// Event Registration - END
		$post_data['topic_type'] = $post_info['topic_type'];
		$topic_show_portal = ($topic_show_portal || $post_info['topic_show_portal']) ? true : false;
		$post_data['topic_show_portal'] = $topic_show_portal;
		$post_data['topic_calendar_time'] = $post_info['topic_calendar_time'];
		$post_data['topic_calendar_duration'] = $post_info['topic_calendar_duration'];
		$post_data['poster_id'] = $post_info['poster_id'];
		$post_data['post_images'] = $post_info['post_images'];

		/**
		* @event posting.post_data.
		* @description Sets up the post_data from the post_info.
		* @since 3.0
		* @var array query The SQL query parts
		*/
		$vars = array(
			'post_data',
			'post_info',
		);
		extract($class_plugins->trigger('posting.post_data', compact($vars)));

		if (($config['allow_mods_edit_admin_posts'] == false) && ($post_info['user_level'] == ADMIN) && ($user->data['user_level'] != ADMIN))
		{
			message_die(GENERAL_ERROR, $lang['CannotEditAdminsPosts']);
		}

		if ($post_data['first_post'] && $post_data['has_poll'])
		{
			$sql = "SELECT *
				FROM " . POLL_OPTIONS_TABLE . " o
				WHERE o.topic_id = " . $topic_id . "
				ORDER BY o.poll_option_id";
			$result = $db->sql_query($sql);

			$poll_options = array();
			$poll_results_sum = 0;
			if ($row = $db->sql_fetchrow($result))
			{
				$poll_title = $post_info['poll_title'];
				$poll_start = $post_info['poll_start'];
				$poll_length = $post_info['poll_length'] / 86400;
				$poll_max_options = $post_info['poll_max_options'];
				$poll_change = $post_info['poll_change'];
				$poll_data = array(
					'title' => $poll_title,
					'start' => $poll_start,
					'length' => $poll_length,
					'max_options' => $poll_max_options,
					'change' => $poll_change
				);

				do
				{
					$poll_options[$row['poll_option_id']] = $row['poll_option_text'];
					$poll_results_sum += $row['poll_option_total'];
				}
				while ($row = $db->sql_fetchrow($result));
			}
			$db->sql_freeresult($result);

			$post_data['edit_poll'] = ((!$poll_results_sum || $is_auth['auth_mod']) && $post_data['first_post']) ? true : 0;
		}
		else
		{
			$post_data['edit_poll'] = ($post_data['first_post'] && $is_auth['auth_pollcreate']) ? true : false;
		}

		// Can this user edit/delete the post/poll?
		if (($post_info['poster_id'] != $user->data['user_id']) && !$is_auth['auth_mod'])
		{
			$message = ($delete || ($mode == 'delete')) ? $lang['Delete_own_posts'] : $lang['Edit_own_posts'];
			$message .= '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid(CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&amp;') : '') . $topic_id_append) . '">', '</a>');

			message_die(GENERAL_MESSAGE, $message);
		}
		elseif (!$post_data['last_post'] && !$is_auth['auth_mod'] && (($mode == 'delete') || $delete))
		{
			message_die(GENERAL_MESSAGE, $lang['Cannot_delete_replied']);
		}
		elseif (!$post_data['edit_poll'] && !$is_auth['auth_mod'] && (($mode == 'poll_delete') || $poll_delete))
		{
			message_die(GENERAL_MESSAGE, $lang['Cannot_delete_poll']);
		}

		// Event Registration - BEGIN
		if ($post_data['first_post'] && $post_data['has_reg'])
		{
			$sql = "SELECT *
				FROM " . REGISTRATION_DESC_TABLE . " rd
				WHERE rd.topic_id = $topic_id";
			$result = $db->sql_query($sql);

			if ($row = $db->sql_fetchrow($result))
			{
				$reg_active = ($row['reg_active'] == 1) ? 'checked="checked"' : '';
				$reg_max_option1 = (!empty($row['reg_max_option1'])) ? $row['reg_max_option1'] : '';
				$reg_max_option2 = (!empty($row['reg_max_option2'])) ? $row['reg_max_option2'] : '';
				$reg_max_option3 = (!empty($row['reg_max_option3'])) ? $row['reg_max_option3'] : '';

				$reg_length = (!empty($row['reg_length'])) ? ($row['reg_length']/86400) : '';
			}
			$db->sql_freeresult($result);
		}
		// Event Registration - END
	}
	else
	{
		if ($mode == 'quote')
		{
			$topic_id = $post_info['topic_id'];
			$topic_id_append = (!empty($topic_id) ? (POST_TOPIC_URL . '=' . $topic_id) : '');
		}

		if ($mode == 'newtopic')
		{
			$post_data['topic_type'] = POST_NORMAL;
		}
		elseif ($mode == 'reply')
		{
			$post_data['topic_type'] = $post_info['topic_type'];
		}

		// MG Cash MOD For IP - BEGIN
		if (!empty($config['plugins']['cash']['enabled']))
		{
			$post_data['topic_poster'] = ($mode == 'reply') ? $post_info['topic_poster'] : 0;
		}
		// MG Cash MOD For IP - END
		$post_data['first_post'] = ($mode == 'newtopic') ? true : 0;
		$post_data['last_post'] = false;
		$post_data['has_poll'] = false;
		$post_data['poll_start'] = 0;
		$post_data['edit_poll'] = false;
	}

	if ($mode == 'poll_delete')
	{
		$meta = '';
		$message = '';
		if (!class_exists('class_mcp')) include(IP_ROOT_PATH . 'includes/class_mcp.' . PHP_EXT);
		if (empty($class_mcp)) $class_mcp = new class_mcp();
		$class_mcp->post_delete($mode, $post_data, $message, $meta, $forum_id, $topic_id, $post_id);

		$redirect_url = append_sid(CMS_PAGE_VIEWTOPIC . '?' . POST_TOPIC_URL . '=' . $topic_id);
		meta_refresh(3, $redirect_url);

		message_die(GENERAL_MESSAGE, $message);
	}

	// BEGIN cmx_slash_news_mod
	// If you want to allow moderators to change news category when editing post you can decomment this...
	//if($config['allow_news'] && $post_data['first_post'] && $is_auth['auth_post'] && ($is_auth['auth_news'] || ($is_auth['auth_mod'] && ($mode == 'editpost'))))
	if($config['allow_news'] && $post_data['first_post'] && $is_auth['auth_post'] && $is_auth['auth_news'])
	{
		if($mode == 'editpost')
		{
			$post_data['news_id'] = $post_info['news_id'];
		}
		else
		{
			$post_data['news_id'] = 0;
		}
		$post_data['disp_news'] = true;
	}
	else
	{
		if($config['allow_news'] && $post_data['first_post'] && $is_auth['auth_post'] && !$is_auth['auth_news'] && ($mode == 'editpost'))
		{
			$post_data['news_id'] = $post_info['news_id'];
		}
		else
		{
			$post_data['news_id'] = 0;
		}
		$post_data['news_id'] = !empty($_POST['news_category']) ? intval($_POST['news_category']) : (!empty($post_data['news_id']) ? intval($post_data['news_id']) : 0);
		$hidden_form_fields .= '<input type="hidden" name="news_category" value="' . $post_data['news_id'] . '" />';
		$post_data['disp_news'] = false;
	}
// END cmx_slash_news_mod

}
else
{
	message_die(GENERAL_MESSAGE, $lang['No_such_post']);
}

// The user is not authed, if they're not logged in then redirect them, else show them an error message
if (!$is_auth[$is_auth_type] || (!empty($is_auth_type_cal) && !$is_auth[$is_auth_type_cal]))
{
	// Event Registration - BEGIN
	$reg_number_clicked = request_var('register', 0);
	$reg_user_id = request_var(POST_USERS_URL, 0);
	$reg_user_id = ($reg_user_id < 2) ? ANONYMOUS : $reg_user_id;
	// Event Registration - END
	if ($user->data['session_logged_in'])
	{
		if (!empty($is_auth_type_cal) && !$is_auth[$is_auth_type_cal])
		{
			message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_' . $is_auth_type_cal], $is_auth[$is_auth_type_cal . '_type']));
		}
		message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_' . $is_auth_type], $is_auth[$is_auth_type . '_type']));
	}

	switch($mode)
	{
		case 'newtopic':
			$redirect = 'mode=newtopic&' . $forum_id_append;
			break;
		case 'reply':
		case 'topicreview':
			$redirect = 'mode=reply&' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . $topic_id_append;
			break;
		case 'quote':
		case 'editpost':
			$redirect = 'mode=quote&' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . (!empty($topic_id_append) ? ($topic_id_append . '&') : '') . $post_id_append;
			break;
		// Event Registration - BEGIN
		case 'register':
			$redirect = 'mode=register&register=' . $reg_number_clicked . '&' . POST_USERS_URL . '=' . $reg_user_id . '&' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . $topic_id_append;
			break;
		// Event Registration - END
	}
	$redirect .= ($post_reportid) ? '&post_reportid=' . $post_reportid : '';
	redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=posting.' . PHP_EXT . '?' . $redirect, true));
}
// Self AUTH - BEGIN
elseif (intval($is_auth[$is_auth_type]) == AUTH_SELF)
{
	//self auth mod
	switch($mode)
	{
		case 'quote':
		case 'reply':
			$sql = "SELECT t.topic_id
				FROM " . TOPICS_TABLE . " t, " . USERS_TABLE. " u
				WHERE t.topic_id = " . $topic_id . "
					AND t.topic_poster = u.user_id
					AND u.user_id = " . $user->data['user_id'];
			break;
	}
	$result = $db->sql_query($sql);
	$self_auth = $db->sql_fetchrow($result);
	if (empty($self_auth))
	{
		message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_' . $is_auth_type], $is_auth[$is_auth_type . '_type']));
	}
}
// Self AUTH - END

// Set toggles for various options
if (!$config['allow_html'])
{
	$html_on = 0;
}
else
{
	$html_on = ($submit || $refresh) ? ((!empty($_POST['disable_html'])) ? 0 : 1) : (($user->data['user_id'] == ANONYMOUS) ? $config['allow_html'] : $user->data['user_allowhtml']);
}

$html_on = (!empty($_POST['disable_html']) ? 0 : ((($user->data['user_level'] == ADMIN) && $config['allow_html_only_for_admins']) ? 1 : $html_on));

$acro_auto_on = ($submit || $refresh) ? ((!empty($_POST['disable_acro_auto'])) ? 0 : 1) : 1;

if (!$config['allow_bbcode'])
{
	$bbcode_on = 0;
}
else
{
	$bbcode_on = ($submit || $refresh) ? ((!empty($_POST['disable_bbcode'])) ? 0 : 1) : (($user->data['user_id'] == ANONYMOUS) ? $config['allow_bbcode'] : $user->data['user_allowbbcode']);
}

if (!$config['allow_smilies'])
{
	$smilies_on = 0;
}
else
{
	$smilies_on = ($submit || $refresh) ? ((!empty($_POST['disable_smilies'])) ? 0 : 1) : (($user->data['user_id'] == ANONYMOUS) ? $config['allow_smilies'] : $user->data['user_allowsmile']);
}

if($is_auth['auth_news'])
{
	$topic_show_portal = ($submit || $refresh) ? (!empty($_POST['topic_show_portal']) ? 1 : 0) : 0;
}
else
{
	$topic_show_portal = ($submit || $refresh || ($mode == 'editpost')) ? (!empty($post_data['topic_show_portal']) ? 1 : 0) : 0;
}

if (($submit || $refresh) && $is_auth['auth_read'])
{
	$notify_user = (!empty($_POST['notify'])) ? 1 : 0;
}
else
{
	if (($mode != 'newtopic') && $user->data['session_logged_in'] && $is_auth['auth_read'])
	{
		$sql = "SELECT topic_id
			FROM " . TOPICS_WATCH_TABLE . "
			WHERE topic_id = " . $topic_id . "
				AND user_id = " . $user->data['user_id'];
		$result = $db->sql_query($sql);
		$notify_user = ($db->sql_fetchrow($result)) ? true : $user->data['user_notify'];
		$db->sql_freeresult($result);
	}
	else
	{
		$notify_user = ($user->data['session_logged_in'] && $is_auth['auth_read']) ? $user->data['user_notify'] : 0;
	}
}

$attach_sig = ($submit || $refresh) ? ((!empty($_POST['attach_sig'])) ? 1 : 0) : (($user->data['user_id'] == ANONYMOUS) ? 0 : $user->data['user_attachsig']);
$setbm = ($submit || $refresh) ? ((!empty($_POST['setbm'])) ? 1 : 0) : (($user->data['user_id'] == ANONYMOUS) ? 0 : $user->data['user_setbm']);
execute_posting_attachment_handling();

// What shall we do?

// BEGIN cmx_slash_news_mod
// Get News Categories.
if($user->data['session_logged_in'] && $post_data['disp_news'])
{
	if (($mode == 'editpost') && empty($post_id))
	{
		message_die(GENERAL_MESSAGE, $lang['No_post_id']);
	}

	$sql = 'SELECT * FROM ' . NEWS_TABLE . ' ORDER BY news_category';
	$result = $db->sql_query($sql, 0, 'news_cats_');
	$news_sel = array();
	$news_cat = array();
	while ($row = $db->sql_fetchrow($result))
	{
		if((($news_category > 0) && ($news_category == $row['news_id'])) || (($post_data['news_id'] > 0) && ($post_data['news_id'] == $row['news_id'])))
		{
			$news_sel = $row;
		}

		if($post_data['news_id'] != 0 && $post_data['news_id'] == $row['news_id'])
		{
			$news_sel = $row;
		}
		$news_cat[] = $row;
	}

	if(($post_data['news_id'] == 0) && ($news_category == 0))
	{
		$boxstring = '<option value="0">' . $lang['Regular_Post'] . '</option>';
	}
	else
	{
		$boxstring = '<option value="' . $news_sel['news_id'] . '">' . $news_sel['news_category'] . ' (' . $lang['Current_Selection'] . ')</option>';
		$boxstring .= '<option value="0">' . $lang['Regular_Post'] . '</option>';
	}

	if(sizeof($news_cat) > 0)
	{
		for($i = 0; $i < sizeof($news_cat); $i++)
		{
			if($news_cat[$i]['news_id'] != $post_data['news_id'])
			{
				$boxstring .= '<option value="' . $news_cat[$i]['news_id'] . '">' . $news_cat[$i]['news_category'] . '</option>';
			}
		}

		$template->assign_block_vars('switch_news_cat', array(
			'L_NEWS_CATEGORY' => $lang['Select_News_Category'],
			'S_NAME' => 'news_category',
			'S_CATEGORY_BOX' => $boxstring
			)
		);
	}
}
// END cmx_slash_news_mod

if (($delete || $poll_delete || ($mode == 'delete')) && !$confirm)
{
	// Confirm deletion
	$s_hidden_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';
	$s_hidden_fields .= ($delete || $mode == 'delete') ? '<input type="hidden" name="mode" value="delete" />' : '<input type="hidden" name="mode" value="poll_delete" />';
	$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $user->data['session_id'] . '" />';

	$l_confirm = ($delete || ($mode == 'delete')) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll'];

	$template->assign_vars(array(
		'MESSAGE_TITLE' => $lang['Information'],
		'MESSAGE_TEXT' => $l_confirm,

		'L_YES' => $lang['Yes'],
		'L_NO' => $lang['No'],

		'S_CONFIRM_ACTION' => append_sid('posting.' . PHP_EXT),
		'S_HIDDEN_FIELDS' => $s_hidden_fields
		)
	);
	full_page_generation('confirm_body.tpl', $lang['Confirm'], '', '');
}
elseif ($mode == 'vote')
{
	// Vote in a poll
	$voted_id = request_var('vote_id', array('' => 0));
	$voted_id = (sizeof($voted_id) > 1) ? array_unique($voted_id) : $voted_id;

	// Does this topic contain a poll?
	if (!empty($post_info['poll_start']))
	{
		$sql = "SELECT o.*
			FROM " . POLL_OPTIONS_TABLE . " o
			WHERE o.topic_id = " . $topic_id . "
			ORDER BY o.poll_option_id";
		$result = $db->sql_query($sql);

		$poll_info = array();
		while ($row = $db->sql_fetchrow($result))
		{
			$poll_info[] = $row;
		}
		$db->sql_freeresult($result);

		$cur_voted_id = array();
		if ($user->data['session_logged_in'] && ($user->data['bot_id'] === false))
		{
			$sql = "SELECT poll_option_id
				FROM " . POLL_VOTES_TABLE . "
				WHERE topic_id = " . $topic_id . "
					AND vote_user_id = " . $user->data['user_id'];
			$result = $db->sql_query($sql);

			while ($row = $db->sql_fetchrow($result))
			{
				$cur_voted_id[] = $row['poll_option_id'];
			}
			$db->sql_freeresult($result);
		}
		else
		{
			// Currently disable guests posting...
			$message = $lang['POLL_NO_GUESTS'] . '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . $redirect_url . '">', '</a>');
			message_die(GENERAL_MESSAGE, $message);

			// Cookie based guest tracking... I don't like this but hum ho... it's oft requested. This relies on "nice" users who don't feel the need to delete cookies to mess with results.
			if (isset($_COOKIE[$config['cookie_name'] . '_poll_' . $topic_id]))
			{
				$cur_voted_id = explode(',', $_COOKIE[$config['cookie_name'] . '_poll_' . $topic_id]);
				$cur_voted_id = array_map('intval', $cur_voted_id);
			}
		}

		if (!sizeof($voted_id) || (sizeof($voted_id) > $post_info['poll_max_options']) || in_array(VOTE_CONVERTED, $cur_voted_id))
		{
			if (!sizeof($voted_id))
			{
				$message = $lang['NO_VOTE_OPTION'];
			}
			elseif (sizeof($voted_id) > $post_info['poll_max_options'])
			{
				$message = $lang['TOO_MANY_VOTE_OPTIONS'];
			}
			elseif (in_array(VOTE_CONVERTED, $cur_voted_id))
			{
				$message = $lang['VOTE_CONVERTED'];
			}
			else
			{
				$message = $lang['FORM_INVALID'];
			}

			$redirect_url = append_sid(CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&amp;') : '') . $topic_id_append . '&amp;start=' . $start);
			meta_refresh(3, $redirect_url);

			$message .= '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . $redirect_url . '">', '</a>');
			message_die(GENERAL_MESSAGE, $message);
		}

		foreach ($voted_id as $option)
		{
			if (in_array($option, $cur_voted_id))
			{
				continue;
			}

			$sql = "UPDATE " . POLL_OPTIONS_TABLE . "
				SET poll_option_total = poll_option_total + 1
				WHERE poll_option_id = " . (int) $option . "
					AND topic_id = " . (int) $topic_id;
			$db->sql_query($sql);

			if ($user->data['session_logged_in'] && ($user->data['bot_id'] === false))
			{
				$sql_ary = array(
					'topic_id' => (int) $topic_id,
					'poll_option_id' => (int) $option,
					'vote_user_id' => (int) $user->data['user_id'],
					'vote_user_ip' => (string) $user->data['session_ip'],
				);

				$sql = "INSERT INTO " . POLL_VOTES_TABLE . " " . $db->sql_build_array('INSERT', $sql_ary);
				$db->sql_query($sql);
			}
		}

		foreach ($cur_voted_id as $option)
		{
			if (!in_array($option, $voted_id))
			{
				$sql = "UPDATE " . POLL_OPTIONS_TABLE . "
					SET poll_option_total = poll_option_total - 1
					WHERE poll_option_id = " . (int) $option . "
						AND topic_id = " . (int) $topic_id;
				$db->sql_query($sql);

				if ($user->data['session_logged_in'] && ($user->data['bot_id'] === false))
				{
					$sql = "DELETE FROM " . POLL_VOTES_TABLE . "
						WHERE topic_id = " . (int) $topic_id . "
							AND poll_option_id = " . (int) $option . "
							AND vote_user_id = " . (int) $user->data['user_id'];
					$db->sql_query($sql);
				}
			}
		}

		if ($user->data['session_logged_in'] && ($user->data['bot_id'] === false))
		{
			if (function_exists('set_cookie'))
			{
				set_cookie('poll_' . $topic_id, implode(',', $voted_id), time() + 31536000);
			}
		}

		$sql = "UPDATE " . TOPICS_TABLE . "
			SET poll_last_vote = " . time() . "
			WHERE topic_id = " . $topic_id;
		$db->sql_query($sql);

		$redirect_url = append_sid(CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&amp;') : '') . $topic_id_append . '&amp;start=' . $start);
		meta_refresh(3, $redirect_url);

		$message = $lang['VOTE_SUBMITTED'] . '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . $redirect_url . '">', '</a>');
		message_die(GENERAL_MESSAGE, $message);
	}
	else
	{
		redirect(append_sid(CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . $topic_id_append, true));
	}
}
// Event Registration - BEGIN
elseif ($mode == 'register')
{
	// Register for an event
	$register_value = request_var('register', 0);
	$register_value = in_array($register_value, array(REG_OPTION1, REG_OPTION2, REG_OPTION3, REG_UNREGISTER)) ? $register_value : 0;
	if (!empty($register_value))
	{
		$user_id = $user->data['user_id'];
		if ($user->data['user_level'] == ADMIN)
		{
			$target_user_id = request_var(POST_USERS_URL, 0);
			$target_user_id = ($target_user_id < 2) ? ANONYMOUS : $target_user_id;
			$target_username = request_var('username', '', true);
			if (!empty($target_user_id) && ($target_user_id != ANONYMOUS))
			{
				$target_userdata = get_userdata($target_user_id);
			}
			else
			{
				$target_userdata = get_userdata($target_username, true);
			}
			if (!empty($target_userdata))
			{
				$user_id = $target_userdata['user_id'];
			}
		}
		$zeit = time();

		$sql = "SELECT registration_status FROM " . REGISTRATION_TABLE . "
						WHERE topic_id = $topic_id AND registration_user_id = $user_id";
		$result = $db->sql_query($sql);

		if ($reg_info = $db->sql_fetchrow($result))
		{
			if ($register_value == REG_UNREGISTER) // cancel registration
			{
				$sql = "DELETE FROM " . REGISTRATION_TABLE . "
				WHERE topic_id = $topic_id
					AND registration_user_id = $user_id";
				$db->sql_query($sql);
				$message = $lang['Reg_Unregister'];
			}
			else
			{
				$old_regstate = $reg_info['registration_status'];

				if (($user->data['user_level'] != ADMIN) && (check_max_registration($topic_id, $register_value) === false))
				{
					$message = $lang['Reg_Max_Registrations'];
				}
				else
				{
					$sql = "UPDATE " . REGISTRATION_TABLE . "
						SET registration_user_ip = '$user_ip', registration_time = $zeit, registration_status = $register_value
						WHERE topic_id = $topic_id
							AND registration_user_id = $user_id";
					$db->sql_query($sql);
					$message = $lang['Reg_Change'];
				}
			}
		}
		else
		{
			if (($user->data['user_level'] != ADMIN) && (check_max_registration($topic_id, $register_value) === false))
			{
				$message = sprintf($lang['Reg_Max_Registrations'], $num_max_reg);
			}
			else
			{
				$sql = "INSERT INTO " . REGISTRATION_TABLE . " (topic_id, registration_user_id, registration_user_ip, registration_time, registration_status)
					VALUES ($topic_id, $user_id, '$user_ip', $zeit, $register_value)";
				$db->sql_query($sql);
				$message = $lang['Reg_Insert'];
			}
		}

		$redirect_url = append_sid(CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&amp;') : '') . $topic_id_append);
		meta_refresh(3, $redirect_url);

		$message .= '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . $redirect_url . '">', '</a>');
		message_die(GENERAL_MESSAGE, $message);
	}
	else
	{
		message_die(GENERAL_ERROR, 'Missing information for registration', '', __LINE__, __FILE__);
	}
}
// Event Registration - END
elseif ($submit || $confirm || ($draft && $draft_confirm))
{
	// Submit post/vote (newtopic, edit, reply, etc.)
	$return_message = '';
	$return_meta = '';
	// session id check
	if (($sid == '') || ($sid != $user->data['session_id']))
	{
		$error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Session_invalid'] : $lang['Session_invalid'];
	}

	switch ($mode)
	{
		case 'editpost':
		case 'newtopic':
		case 'reply':
			// CrackerTracker v5.x
			if (($config['ctracker_vconfirm_guest'] == 1) && !$user->data['session_logged_in'])
			{
				define('CRACKER_TRACKER_VCONFIRM', true);
				define('POST_CONFIRM_CHECK', true);
				include_once(IP_ROOT_PATH . 'includes/ctracker/engines/ct_visual_confirm.' . PHP_EXT);
			}
			// CrackerTracker v5.x

			$username = htmlspecialchars_decode(request_post_var('username', '', true), ENT_COMPAT);
			$subject = !empty($draft_subject) ? $draft_subject : request_post_var('subject', '', true);
			$topic_desc = request_post_var('topic_desc', '', true);
			$message = !empty($draft_message) ? $draft_message : htmlspecialchars_decode(request_post_var('message', '', true), ENT_COMPAT);
			$notes = htmlspecialchars_decode(request_post_var('notes', '', true), ENT_COMPAT);
			$notes_mod = '';
			if (($user->data['user_level'] == ADMIN) || $is_auth['auth_mod'])
			{
				$notes_mod = htmlspecialchars_decode(request_post_var('notes_mod', '', true), ENT_COMPAT);
			}
			$post_images = request_post_var('post_images', '', true);
			if (!empty($post_images) && (substr($post_images, 0, 4) == 'http'))
			{
				if (!function_exists('get_full_image_info'))
				{
					require(IP_ROOT_PATH . 'includes/class_image.' . PHP_EXT);
				}
				$pic_size = get_full_image_info($post_images);
				if(empty($pic_size))
				{
					$post_images = '';
				}
			}
			else
			{
				$post_images = '';
			}
			$post_data['post_images'] = $post_images;

			$poll_title = (isset($_POST['poll_title']) && $is_auth['auth_pollcreate']) ? request_post_var('poll_title', '', true) : '';
			$poll_options = (isset($_POST['poll_option_text']) && $is_auth['auth_pollcreate']) ? request_post_var('poll_option_text', array(0 => ''), true) : array();
			$poll_start = time();
			$poll_length = (isset($_POST['poll_length']) && $is_auth['auth_pollcreate']) ? request_post_var('poll_length', 0) : 0;
			$poll_length = max(0, $poll_length * 86400);
			$poll_max_options = (isset($_POST['poll_max_options']) && $is_auth['auth_pollcreate']) ? request_post_var('poll_max_options', 1) : 1;
			$poll_max_options = max(1, $poll_max_options);
			$poll_change = (isset($_POST['poll_change']) && $is_auth['auth_pollcreate']) ? 1 : 0;
			$poll_data = array(
				'title' => $poll_title,
				'start' => $poll_start,
				'length' => $poll_length,
				'max_options' => $poll_max_options,
				'change' => $poll_change
			);

			$topic_calendar_time = ($topic_calendar_time != $post_data['topic_calendar_time'] && !$is_auth['auth_cal']) ? $post_data['topic_calendar_time'] : $topic_calendar_time;
			if (empty($topic_calendar_time)) $topic_calendar_time = 0;
			$topic_calendar_duration = ($topic_calendar_duration != $post_data['topic_calendar_duration'] && !$is_auth['auth_cal']) ? $post_data['topic_calendar_duration'] : $topic_calendar_duration;
			if (!empty($topic_calendar_duration))
			{
				$topic_calendar_duration--;
			}
			if (empty($topic_calendar_time) || empty($topic_calendar_duration))
			{
				$topic_calendar_duration = 0;
			}

			// Event Registration - BEGIN
			$reg_active = (isset($_POST['start_registration']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['start_registration'] : '';
			$reg_reset = (isset($_POST['reset_registration']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['reset_registration'] : '';
			$reg_max_option1 = (!empty($_POST['reg_max_option1']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['reg_max_option1'] : '';
			$reg_max_option2 = (!empty($_POST['reg_max_option2']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['reg_max_option2'] : '';
			$reg_max_option3 = (!empty($_POST['reg_max_option3']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['reg_max_option3'] : '';
			$reg_length = (isset($_POST['reg_length']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['reg_length'] : '';
			// Event Registration - END

			prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $subject, $message, $poll_title, $poll_options, $poll_data, $reg_active, $reg_reset, $reg_max_option1, $reg_max_option2, $reg_max_option3, $reg_length, $topic_desc, $topic_calendar_time, $topic_calendar_duration);

			// MG Drafts - BEGIN
			if (($config['allow_drafts'] == true) && $draft && $draft_confirm && $user->data['session_logged_in'] && (($mode == 'reply') || ($mode == 'newtopic')))
			{
				save_draft($draft_id, $user->data['user_id'], $forum_id, $topic_id, strip_tags($subject), $message);
				//save_draft($draft_id, $user->data['user_id'], $forum_id, $topic_id, $db->sql_escape(strip_tags($subject)), $db->sql_escape($message));
				$output_message = $lang['Drafts_Saved'];
				$output_message .= '<br /><br />' . sprintf($lang['Click_return_drafts'], '<a href="' . append_sid(CMS_PAGE_DRAFTS) . '">', '</a>');
				$output_message .= '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid(CMS_PAGE_VIEWFORUM . '?' . POST_FORUM_URL . '=' . $forum_id) . '">', '</a>');

				$redirect_url = append_sid(CMS_PAGE_VIEWFORUM . '?' . POST_FORUM_URL . '=' . $forum_id);
				meta_refresh(3, $redirect_url);

				message_die(GENERAL_MESSAGE, $output_message);
			}
			// MG Drafts - END

			if ($error_msg == '')
			{
				if ($mode == 'reply')
				{
					$topic_type = $post_data['topic_type'];
				}
				else
				{
					$topic_type = (($topic_type != $post_data['topic_type']) && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] && !$is_auth['auth_globalannounce']) ? $post_data['topic_type'] : $topic_type;
				}

				if(($mode == 'editpost') && $config['edit_notes'] && ((strlen($notes) > 2) || (strlen($notes_mod) > 2)))
				{
					$sql = "SELECT edit_notes FROM " . POSTS_TABLE . " WHERE post_id='" . $post_id . "'";
					$result = $db->sql_query($sql);
					$row = $db->sql_fetchrow($result);
					$db->sql_freeresult($result);
					$notes_list = strlen($row['edit_notes']) ? unserialize($row['edit_notes']) : array();

					// Check limit and eventually delete notes
					if(!empty($notes) && (sizeof($notes_list) >= intval($config['edit_notes_n'])))
					{
						$first_edit_note = 0;
						$edit_notes_counter = 0;
						for($i = 0; $i < sizeof($notes_list); $i++)
						{
							if (empty($notes_list[$i]['reserved']))
							{
								$edit_notes_counter++;
								if (empty($first_edit_note))
								{
									$first_edit_note = $i;
								}
							}
						}

						if ($edit_notes_counter > intval($config['edit_notes_n']))
						{
							unset($notes_list[$first_edit_note]);
						}
					}

					if (!empty($notes))
					{
						$notes_list[] = array(
							'poster' => $user->data['user_id'],
							'time' => time(),
							//'text' => htmlspecialchars($notes)
							'text' => $notes,
							'reserved' => false
						);
					}

					if (!empty($notes_mod))
					{
						$notes_list[] = array(
							'poster' => $user->data['user_id'],
							'time' => time(),
							//'text' => htmlspecialchars($notes_mod)
							'text' => $notes_mod,
							'reserved' => true
						);
					}

					empty_cache_folders(POSTS_CACHE_FOLDER);
					$sql = "UPDATE " . POSTS_TABLE . " SET edit_notes = '" . $db->sql_escape(serialize($notes_list)) . "' WHERE post_id = '" . $post_id . "'";
					$db->sql_query($sql);

					if (!empty($notes))
					{
						$edit_count_sql = '';
						// We need this, otherwise editing for normal users will be accounted twice... because the same edit will be updated in functions_post.php
						if($user->data['user_level'] == ADMIN)
						{
							$edit_count_sql = ", post_edit_count = (post_edit_count + 1)";
						}
						$edited_sql = "post_edit_time = '" . time() . "'" . $edit_count_sql . ", post_edit_id = '" . $user->data['user_id'] . "'";
						$sql = "UPDATE " . POSTS_TABLE . " SET " . $edited_sql . " WHERE post_id='" . $post_id . "'";
						$db->sql_query($sql);
					}
				}

				if ($lock_subject)
				{
					$url = '[url="' . CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&amp;') : '') . (!empty($topic_id_append) ? ($topic_id_append . '&amp;') : '') . POST_POST_URL . '=' . $lock_subject . '#p' . $lock_subject . '"]';
					$message = sprintf($lang['Link_to_post'], $url, '[/url]') . $message;
				}

				$topic_title_clean = '';
				$topic_tags = '';
				if ($post_data['first_post'])
				{
					$topic_title_clean = request_var('topic_title_clean', $subject, true);
					$topic_title_clean = substr(ip_clean_string($topic_title_clean, $lang['ENCODING']), 0, 254);

					@include_once(IP_ROOT_PATH . 'includes/class_topics_tags.' . PHP_EXT);
					$class_topics_tags = new class_topics_tags();
					if (!empty($use_jquery_tags))
					{
						if(array_key_exists('ttag', $_POST))
						{
							$all_topic_tags = request_var('ttag', array(0 => ''), true);
							$topic_tags = implode(', ', array_filter(array_unique($all_topic_tags)));
						}
					}
					else
					{
						$topic_tags = request_var('topic_tags', '', true);
					}
					if (!empty($topic_tags))
					{
						$topic_tags = trim($topic_tags);
						while(substr($topic_tags, -1) == ',')
						{
							$topic_tags = trim(substr($topic_tags, 0, -1));
						}
						$topic_tags_array = $class_topics_tags->create_tags_array($topic_tags);
						$topic_tags = implode(', ', array_filter(array_unique($topic_tags_array)));
						$topic_tags = substr($topic_tags, 0, 254);
						//die($topic_tags);
					}
					unset($class_topics_tags);
				}

				submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $topic_type, $bbcode_on, $html_on, $acro_auto_on, $smilies_on, $attach_sig, $username, $subject, $topic_title_clean, $topic_tags, $message, $poll_title, $poll_options, $poll_data, $reg_active, $reg_reset, $reg_max_option1, $reg_max_option2, $reg_max_option3, $reg_length, $news_category, $topic_show_portal, $mark_edit, $topic_desc, $topic_calendar_time, $topic_calendar_duration, $extra_vars);
			}
			break;

		case 'delete':
		case 'poll_delete':
			if ($error_msg != '')
			{
				message_die(GENERAL_MESSAGE, $error_msg);
			}
			if (!class_exists('class_mcp')) include(IP_ROOT_PATH . 'includes/class_mcp.' . PHP_EXT);
			if (empty($class_mcp)) $class_mcp = new class_mcp();
			$class_mcp->post_delete($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id);
			break;
	}

	if ($error_msg == '')
	{
		if ($mode != 'editpost')
		{
			$user_id = (($mode == 'reply') || ($mode == 'newtopic')) ? $user->data['user_id'] : $post_data['poster_id'];
			if (!class_exists('class_mcp')) include(IP_ROOT_PATH . 'includes/class_mcp.' . PHP_EXT);
			if (empty($class_mcp)) $class_mcp = new class_mcp();
			$class_mcp->sync_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $user_id);
		}
		$attachment_mod['posting']->insert_attachment($post_id);

		if (($error_msg == '') && ($mode != 'poll_delete'))
		{
			// Forum Notification - BEGIN
			if (!class_exists('class_notifications'))
			{
				include(IP_ROOT_PATH . 'includes/class_notifications.' . PHP_EXT);
				$class_notifications = new class_notifications();
			}
			$post_data['subject'] = $subject;
			$post_data['username'] = ($user->data['user_id'] == ANONYMOUS) ? $username : $user->data['username'];
			$post_data['message'] = $message;
			if ($post_data['first_post'])
			{
				// fetch topic title
				$sql = "SELECT topic_title, topic_id
					FROM " . TOPICS_TABLE . "
					WHERE topic_id = " . $topic_id;
				$result = $db->sql_query($sql);

				if ($topic_info = $db->sql_fetchrow($result))
				{
					$class_notifications->send_notifications('newtopic', $post_data, $topic_info['topic_title'], $forum_id, $topic_id, $post_id, $notify_user);
				}

			}
			else
			{
				if ($setbm)
				{
					set_bookmark($topic_id);
				}
				$class_notifications->send_notifications($mode, $post_data, $post_info['topic_title'], $forum_id, $topic_id, $post_id, $notify_user);
			}
			// Forum Notification - END
		}

		if ($lock_subject)
		{
			$url = '<a href="' . append_sid(CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&amp;') : '') . (!empty($topic_id_append) ? ($topic_id_append . '&amp;') : '') . POST_POST_URL . '=' . $lock_subject . '#p' . $lock_subject) . '">';
			$return_message = $lang['Report_stored'] . '<br /><br />' . sprintf($lang['Send_report'], $url, '</a>');
			$return_meta = str_replace($post_id, $lock_subject, $return_meta);
		}

		if (($error_msg == '') && ($lock) && ($mode == 'newtopic'))
		{
			empty_cache_folders(POSTS_CACHE_FOLDER);
			empty_cache_folders(FORUMS_CACHE_FOLDER);
			$sql = "UPDATE " . TOPICS_TABLE . "
				SET topic_status = " . TOPIC_LOCKED . "
				WHERE topic_id = " . $topic_id . "
					AND topic_mo…