/posting.php
PHP | 2564 lines | 2071 code | 260 blank | 233 comment | 672 complexity | 68a1ad9e1d79eb77c6463c3fac58861f MD5 | raw file
Possible License(s): AGPL-1.0
Large files files are truncated, but you can click here to view the full file
- <?php
- /**
- *
- * @package Icy Phoenix
- * @version $Id$
- * @copyright (c) 2008 Icy Phoenix
- * @license http://opensource.org/licenses/gpl-license.php GNU Public License
- *
- */
- /**
- *
- * @Icy Phoenix is based on phpBB
- * @copyright (c) 2008 phpBB Group
- *
- */
- define('IN_POSTING', true);
- // MG Cash MOD For IP - BEGIN
- define('IN_CASHMOD', true);
- define('CM_POSTING', true);
- // MG Cash MOD For IP - END
- // Added to optimize memory for attachments
- define('ATTACH_DISPLAY', true);
- define('ATTACH_POSTING', true);
- define('CT_SECLEVEL', 'MEDIUM');
- $ct_ignorepvar = array('helpbox');
- define('IN_ICYPHOENIX', true);
- if (!defined('IP_ROOT_PATH')) define('IP_ROOT_PATH', './');
- if (!defined('PHP_EXT')) define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1));
- include(IP_ROOT_PATH . 'common.' . PHP_EXT);
- include_once(IP_ROOT_PATH . 'includes/bbcode.' . PHP_EXT);
- include_once(IP_ROOT_PATH . 'includes/functions_post.' . PHP_EXT);
- include_once(IP_ROOT_PATH . 'includes/functions_topics.' . PHP_EXT);
- include_once(IP_ROOT_PATH . 'includes/functions_calendar.' . PHP_EXT);
- // Event Registration - BEGIN
- include_once(IP_ROOT_PATH . 'includes/functions_events_reg.' . PHP_EXT);
- // Event Registration - END
- @include_once(IP_ROOT_PATH . 'includes/class_topics.' . PHP_EXT);
- $class_topics = new class_topics();
- $use_jquery_tags = (!empty($config['use_jquery_tags']) && empty($user->data['mobile_style'])) ? true : false;
- //$use_jquery_tags = false;
- $config['jquery_ui'] = true;
- if (!empty($use_jquery_tags))
- {
- $config['jquery_tags'] = true;
- }
- // Init common vars: forum_id, topic_id, post_id, etc.
- $class_topics->var_init(true);
- // Check and set various parameters
- $sid = request_var('sid', '');
- $mode = request_var('mode', '');
- $submit = request_var('post', '');
- $news_category = request_var('news_category', '');
- $preview = request_var('preview', '');
- $draft = request_var('draft', '');
- $draft_mode = request_var('draft_mode', '');
- $delete = request_var('delete', '');
- $poll_delete = request_var('poll_delete', '');
- $poll_add = request_var('add_poll_option', '');
- $poll_edit = request_var('edit_poll_option', '');
- // UPI2DB - BEGIN
- $mark_edit = request_var('mark_edit', '');
- // UPI2DB - END
- $start = request_var('start', 0);
- $start = ($start < 0) ? 0 : $start;
- $confirm = isset($_POST['confirm']) ? true : false;
- $draft_confirm = !empty($_POST['draft_confirm']) ? true : false;
- $draft = (!empty($draft) || $draft_confirm) ? true : false;
- $lock_subject = request_var('lock_subject', 0);
- $draft_subject = '';
- $draft_message = '';
- if ($config['allow_drafts'] && ($draft_mode == 'draft_load') && ($draft_id > 0))
- {
- $sql = "SELECT d.*
- FROM " . DRAFTS_TABLE . " d
- WHERE d.draft_id = " . $draft_id . "
- LIMIT 1";
- $result = $db->sql_query($sql);
- if ($draft_row = $db->sql_fetchrow($result))
- {
- $db->sql_freeresult($result);
- if ($draft_row['forum_id'] > 0)
- {
- $forum_id = $draft_row['forum_id'];
- if ($draft_row['topic_id'] > 0)
- {
- $topic_id = $draft_row['topic_id'];
- }
- else
- {
- $topic_id = '';
- }
- $draft_subject = $draft_row['draft_subject'];
- $draft_message = htmlspecialchars_decode($draft_row['draft_message'], ENT_COMPAT);
- $preview = true;
- }
- else
- {
- $draft_subject = $draft_row['draft_subject'];
- $draft_message = $draft_row['draft_message'];
- $preview = true;
- }
- }
- }
- $forum_id_append = (!empty($forum_id) ? (POST_FORUM_URL . '=' . $forum_id) : '');
- $topic_id_append = (!empty($topic_id) ? (POST_TOPIC_URL . '=' . $topic_id) : '');
- $post_id_append = (!empty($post_id) ? (POST_POST_URL . '=' . $post_id) : '');
- // . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . (!empty($topic_id_append) ? ($topic_id_append . '&') : '') . $post_id_append
- $s_hidden_fields = '';
- $hidden_form_fields = '';
- $refresh = !empty($preview) || $poll_add || $poll_edit || $poll_delete || ($draft && !$draft_confirm);
- // Set topic type
- //echo $topic_type;
- //$topic_type = (in_array($topic_type, array(0, 1, 2, 3, 4))) ? $topic_type : POST_NORMAL;
- $topic_show_portal = (!empty($_POST['topic_show_portal'])) ? true : false;
- $topic_type = request_var('topictype', POST_NORMAL);
- if (!$topic_type)
- {
- $topic_type = POST_NORMAL;
- }
- // Maybe better do not replace these $_POST with request_var, or we may have further problems later
- $year = request_post_var('topic_calendar_year', 0);
- $month = request_post_var('topic_calendar_month', 0);
- $day = request_post_var('topic_calendar_day', 0);
- $hour = request_post_var('topic_calendar_hour', 0);
- $min = request_post_var('topic_calendar_min', 0);
- $d_day = request_post_var('topic_calendar_duration_day', 0);
- $d_hour = request_post_var('topic_calendar_duration_hour', 0);
- $d_min = request_post_var('topic_calendar_duration_min', 0);
- // this array will hold the plugin-specific variables
- $extra_vars = array();
- /**
- * @event posting.post_vars.
- * @description Allows to read POST data to be used later.
- * @since 3.0
- * @var int topic_type The topic type.
- * @var array extra_vars The extra variables that'll be carried throughout this file.
- */
- $vars = array(
- 'topic_type',
- 'extra_vars',
- );
- extract($class_plugins->trigger('posting.post_vars', compact($vars)));
- if (empty($year) || empty($month) || empty($day))
- {
- $year = '';
- $month = '';
- $day = '';
- $hour = '';
- $min = '';
- $d_day = '';
- $d_hour = '';
- $d_min = '';
- }
- if (empty($hour) && empty($min))
- {
- $hour = '';
- $min = '';
- $d_hour = '';
- $d_min = '';
- }
- // start event
- $topic_calendar_time = 0;
- if (!empty($year))
- {
- $topic_calendar_time = gmmktime(intval($hour), intval($min), 0, intval($month), intval($day), intval($year));
- }
- // duration
- $topic_calendar_duration = 0;
- $d_dur = $d_day . $d_hour . $d_min;
- if (!empty($topic_calendar_time) && !empty($d_dur))
- {
- $topic_calendar_duration = intval($d_day) * 86400 + intval($d_hour) * 3600 + intval($d_min) * 60;
- if ($topic_calendar_duration < 0)
- {
- $topic_calendar_duration = 0;
- }
- }
- // If the mode is set to topic review then output that review...
- if ($mode == 'topicreview')
- {
- require(IP_ROOT_PATH . 'includes/topic_review.' . PHP_EXT);
- topic_review($forum_id, $topic_id, false);
- exit;
- }
- elseif ($mode == 'smilies')
- {
- generate_smilies('window');
- exit;
- }
- // Start session management
- $user->session_begin();
- $auth->acl($user->data);
- $user->setup();
- // End session management
- // DNSBL CHECK - BEGIN
- if (!empty($config['check_dnsbl_posting']) && in_array($mode, array('newtopic', 'reply', 'editpost')) && !empty($submit))
- {
- if (($dnsbl = $user->check_dnsbl('post')) !== false)
- {
- $error[] = sprintf($lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1], $dnsbl[1]);
- }
- if (!empty($error))
- {
- $message = implode('<br />', $error);
- message_die(GENERAL_MESSAGE, $message);
- }
- }
- // DNSBL CHECK - END
- // Was cancel pressed? If so then redirect to the appropriate page, no point in continuing with any further checks
- if (isset($_POST['cancel']))
- {
- if ($postreport)
- {
- $redirect = CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . (!empty($topic_id_append) ? ($topic_id_append . '&') : '') . POST_POST_URL . '=' . $postreport;
- $post_append = '';
- }
- elseif ($post_id)
- {
- $redirect = CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . (!empty($topic_id_append) ? ($topic_id_append . '&') : '') . $post_id_append;
- $post_append = '#p' . $post_id;
- }
- elseif ($topic_id)
- {
- $redirect = CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . $topic_id_append;
- $post_append = '';
- }
- elseif ($forum_id)
- {
- $redirect = CMS_PAGE_VIEWFORUM . '?' . $forum_id_append;
- $post_append = '';
- }
- else
- {
- $redirect = CMS_PAGE_FORUM;
- $post_append = '';
- }
- redirect(append_sid($redirect, true) . $post_append);
- }
- // What auth type do we need to check?
- $is_auth = array();
- $is_auth_type = '';
- $is_auth_type_cal = '';
- $read_only_write_auth_required = false;
- switch($mode)
- {
- case 'newtopic':
- // TODO: these also need to be checked if ($mode == 'editpost' && $post_data['first_post'])
- $read_only_write_auth_required = true;
- if ($topic_type == POST_GLOBAL_ANNOUNCE)
- {
- $is_auth_type = 'auth_globalannounce';
- }
- elseif ($topic_type == POST_ANNOUNCE)
- {
- $is_auth_type = 'auth_announce';
- }
- elseif ($topic_type == POST_STICKY)
- {
- $is_auth_type = 'auth_sticky';
- }
- else
- {
- $is_auth_type = 'auth_post';
- }
- if (!empty($topic_calendar_time))
- {
- $is_auth_type_cal = 'auth_cal';
- }
- break;
- case 'reply':
- case 'quote':
- $read_only_write_auth_required = true;
- $is_auth_type = 'auth_reply';
- break;
- case 'editpost':
- $read_only_write_auth_required = true;
- $is_auth_type = 'auth_edit';
- break;
- case 'delete':
- case 'poll_delete':
- $read_only_write_auth_required = true;
- $is_auth_type = 'auth_delete';
- break;
- case 'vote':
- $is_auth_type = 'auth_vote';
- break;
- // Event Registration - BEGIN
- case 'register':
- $is_auth_type = 'auth_vote';
- break;
- // Event Registration - END
- case 'topicreview':
- $is_auth_type = 'auth_read';
- break;
- default:
- message_die(GENERAL_MESSAGE, $lang['No_post_mode']);
- break;
- }
- //if ($read_only_write_auth_required && $config['read_only_forum'])
- if ($read_only_write_auth_required && $config['read_only_forum'] && ($user->data['user_level'] != ADMIN))
- {
- message_die(GENERAL_MESSAGE, $lang['READ_ONLY_FORUM']);
- }
- //
- // Here we do various lookups to find topic_id, forum_id, post_id etc.
- // Doing it here prevents spoofing (eg. faking forum_id, topic_id or post_id
- //
- $error_msg = '';
- $post_data = array();
- switch ($mode)
- {
- case 'newtopic':
- if (empty($forum_id))
- {
- if (!defined('STATUS_404')) define('STATUS_404', true);
- message_die(GENERAL_MESSAGE, 'NO_FORUM');
- }
- $sql = "SELECT f.*
- FROM " . FORUMS_TABLE . " f
- WHERE f.forum_id = " . $forum_id . "
- LIMIT 1";
- break;
- case 'reply':
- case 'vote':
- // Event Registration - BEGIN
- case 'register':
- // Event Registration - END
- if (empty($topic_id))
- {
- message_die(GENERAL_MESSAGE, $lang['No_topic_id']);
- }
- $sql = "SELECT f.*, t.*
- FROM " . FORUMS_TABLE . " f, " . TOPICS_TABLE . " t
- WHERE t.topic_id = " . $topic_id . "
- AND f.forum_id = t.forum_id
- LIMIT 1";
- break;
- case 'quote':
- case 'editpost':
- case 'delete':
- case 'poll_delete':
- if (empty($post_id))
- {
- message_die(GENERAL_MESSAGE, $lang['No_post_id']);
- }
- // MG Cash MOD For IP - BEGIN
- if (!empty($config['plugins']['cash']['enabled']))
- {
- $temp = $submit;
- $submit = !(!$submit || (isset($config['cash_disable']) && !$config['cash_disable'] && (($mode == 'editpost') || ($mode == 'delete'))));
- }
- // MG Cash MOD For IP - END
- $query = array(
- 'SELECT' => array('f.*', 't.*', 'p.*'),
- 'FROM' => array(
- POSTS_TABLE => 'p',
- TOPICS_TABLE => 't',
- FORUMS_TABLE => 'f',
- ),
- 'WHERE' => array(
- 'p.post_id = ' . $post_id,
- 't.topic_id = p.topic_id',
- 'f.forum_id = p.forum_id',
- ),
- 'LIMIT' => 1,
- );
- if (!$submit)
- {
- $query['SELECT'] = array_merge($query['SELECT'], array('u.username', 'u.user_id', 'u.user_sig', 'u.user_level', 'u.user_active', 'u.user_color'));
- $query['FROM'][USERS_TABLE] = 'u';
- $query['WHERE'][] = 'u.user_id = p.poster_id';
- }
- /**
- * @event posting.before_select.
- * @description Allows to edit the query to look up the forum / topic / post data.
- * @since 3.0
- * @var array query The SQL query parts.
- */
- extract($class_plugins->trigger('posting.before_select', compact('query')));
- $sql = $db->sql_build_query('SELECT', $query);
- // MG Cash MOD For IP - BEGIN
- if (!empty($config['plugins']['cash']['enabled']))
- {
- $submit = $temp;
- unset($temp);
- }
- // MG Cash MOD For IP - END
- break;
- default:
- message_die(GENERAL_MESSAGE, $lang['No_valid_mode']);
- }
- $result = $db->sql_query($sql);
- $post_info = $db->sql_fetchrow($result);
- if ($result && $post_info)
- {
- $db->sql_freeresult($result);
- $forum_id = $post_info['forum_id'];
- if (!empty($post_info['topic_calendar_duration']))
- {
- $post_info['topic_calendar_duration']++;
- }
- $forum_name = get_object_lang(POST_FORUM_URL . $post_info['forum_id'], 'name');
- $is_auth = auth(AUTH_ALL, $forum_id, $user->data, $post_info);
- // Topic Lock/Unlock
- $lock = (isset($_POST['lock'])) ? true : false;
- $unlock = (isset($_POST['unlock'])) ? true : false;
- if (($submit || $confirm) && ($lock || $unlock) && $is_auth['auth_mod'] && ($mode != 'newtopic') && (!$refresh))
- {
- $t_id = (!isset($post_info['topic_id'])) ? $topic_id : $post_info['topic_id'];
- if ($lock || $unlock)
- {
- $sql = "UPDATE " . TOPICS_TABLE . "
- SET topic_status = " . ($lock ? TOPIC_LOCKED : TOPIC_UNLOCKED) . "
- WHERE topic_id = " . $t_id . "
- AND topic_moved_id = 0";
- $result = $db->sql_query($sql);
- }
- }
- if (($post_info['forum_status'] == FORUM_LOCKED) && !$is_auth['auth_mod'])
- {
- message_die(GENERAL_MESSAGE, $lang['Forum_locked']);
- }
- elseif (($mode != 'newtopic') && ($post_info['topic_status'] == TOPIC_LOCKED) && !$is_auth['auth_mod'])
- {
- message_die(GENERAL_MESSAGE, $lang['Topic_locked']);
- }
- // LIMIT POST EDIT TIME - BEGIN
- $is_global_limit_edit_enabled = ($post_info['forum_limit_edit_time'] && (intval($config['forum_limit_edit_time_interval']) > 0)) ? true : false;
- $is_spam_limit_edit_enabled = ((intval($config['spam_posts_number']) > 0) && ($user->data['user_posts'] < (int) $config['spam_posts_number']) && (intval($config['spam_post_edit_interval']) > 0)) ? true : false;
- if (($mode == 'editpost') && ($user->data['user_level'] != ADMIN) && !$is_auth['auth_mod'] && !$submit && ($is_global_limit_edit_enabled || $is_spam_limit_edit_enabled))
- {
- if (($is_global_limit_edit_enabled && (intval($config['forum_limit_edit_time_interval']) < ((time() - $post_info['post_time']) / 60))) || ($is_spam_limit_edit_enabled && (intval($config['spam_post_edit_interval']) < ((time() - $post_info['post_time']) / 60))))
- {
- $message = sprintf($lang['LIMIT_EDIT_TIME_WARN'], intval($config['forum_limit_edit_time_interval'])) . '<br /><br />' . sprintf($lang['Click_view_message'], '<a href="' . append_sid(CMS_PAGE_VIEWTOPIC . '?' . POST_POST_URL . '=' . $post_id) . '#' . $post_id . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid(CMS_PAGE_VIEWFORUM . '?' . POST_FORUM_URL . '=' . $forum_id) . '">', '</a>');
- message_die(GENERAL_MESSAGE, $message);
- }
- }
- // LIMIT POST EDIT TIME - END
- if ($mode == 'editpost')
- {
- if ($is_auth['auth_mod'] || ($user->data['user_level'] == ADMIN))
- {
- $template->assign_block_vars('switch_lock_post', array());
- $template->assign_var('S_POST_LOCKED', $post_info['post_locked'] ? ' checked="checked"' : '');
- }
- elseif ($post_info['post_locked'])
- {
- message_die(GENERAL_MESSAGE, 'POST_LOCKED');
- }
- }
- if (($mode == 'editpost') || ($mode == 'delete') || ($mode == 'poll_delete'))
- {
- $topic_id = $post_info['topic_id'];
- $topic_id_append = (!empty($topic_id) ? (POST_TOPIC_URL . '=' . $topic_id) : '');
- // MG Cash MOD For IP - BEGIN
- if (!empty($config['plugins']['cash']['enabled']))
- {
- $post_data['post_text'] = (($mode == 'editpost') || ($mode == 'delete')) ? $post_info['post_text'] : '';
- }
- // MG Cash MOD For IP - END
- $post_data['poster_post'] = ($post_info['poster_id'] == $user->data['user_id']) ? true : false;
- $post_data['first_post'] = ($post_info['topic_first_post_id'] == $post_id) ? true : false;
- $post_data['last_post'] = ($post_info['topic_last_post_id'] == $post_id) ? true : false;
- $post_data['last_topic'] = ($post_info['forum_last_post_id'] == $post_id) ? true : false;
- $post_data['has_poll'] = (!empty($post_info['poll_start']) ? true : false);
- $post_data['poll_start'] = !empty($post_info['poll_start']) ? $post_info['poll_start'] : 0;
- // Event Registration - BEGIN
- $post_data['has_reg'] = ($post_info['topic_reg']) ? true : false;
- // Event Registration - END
- $post_data['topic_type'] = $post_info['topic_type'];
- $topic_show_portal = ($topic_show_portal || $post_info['topic_show_portal']) ? true : false;
- $post_data['topic_show_portal'] = $topic_show_portal;
- $post_data['topic_calendar_time'] = $post_info['topic_calendar_time'];
- $post_data['topic_calendar_duration'] = $post_info['topic_calendar_duration'];
- $post_data['poster_id'] = $post_info['poster_id'];
- $post_data['post_images'] = $post_info['post_images'];
- /**
- * @event posting.post_data.
- * @description Sets up the post_data from the post_info.
- * @since 3.0
- * @var array query The SQL query parts
- */
- $vars = array(
- 'post_data',
- 'post_info',
- );
- extract($class_plugins->trigger('posting.post_data', compact($vars)));
- if (($config['allow_mods_edit_admin_posts'] == false) && ($post_info['user_level'] == ADMIN) && ($user->data['user_level'] != ADMIN))
- {
- message_die(GENERAL_ERROR, $lang['CannotEditAdminsPosts']);
- }
- if ($post_data['first_post'] && $post_data['has_poll'])
- {
- $sql = "SELECT *
- FROM " . POLL_OPTIONS_TABLE . " o
- WHERE o.topic_id = " . $topic_id . "
- ORDER BY o.poll_option_id";
- $result = $db->sql_query($sql);
- $poll_options = array();
- $poll_results_sum = 0;
- if ($row = $db->sql_fetchrow($result))
- {
- $poll_title = $post_info['poll_title'];
- $poll_start = $post_info['poll_start'];
- $poll_length = $post_info['poll_length'] / 86400;
- $poll_max_options = $post_info['poll_max_options'];
- $poll_change = $post_info['poll_change'];
- $poll_data = array(
- 'title' => $poll_title,
- 'start' => $poll_start,
- 'length' => $poll_length,
- 'max_options' => $poll_max_options,
- 'change' => $poll_change
- );
- do
- {
- $poll_options[$row['poll_option_id']] = $row['poll_option_text'];
- $poll_results_sum += $row['poll_option_total'];
- }
- while ($row = $db->sql_fetchrow($result));
- }
- $db->sql_freeresult($result);
- $post_data['edit_poll'] = ((!$poll_results_sum || $is_auth['auth_mod']) && $post_data['first_post']) ? true : 0;
- }
- else
- {
- $post_data['edit_poll'] = ($post_data['first_post'] && $is_auth['auth_pollcreate']) ? true : false;
- }
- // Can this user edit/delete the post/poll?
- if (($post_info['poster_id'] != $user->data['user_id']) && !$is_auth['auth_mod'])
- {
- $message = ($delete || ($mode == 'delete')) ? $lang['Delete_own_posts'] : $lang['Edit_own_posts'];
- $message .= '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid(CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . $topic_id_append) . '">', '</a>');
- message_die(GENERAL_MESSAGE, $message);
- }
- elseif (!$post_data['last_post'] && !$is_auth['auth_mod'] && (($mode == 'delete') || $delete))
- {
- message_die(GENERAL_MESSAGE, $lang['Cannot_delete_replied']);
- }
- elseif (!$post_data['edit_poll'] && !$is_auth['auth_mod'] && (($mode == 'poll_delete') || $poll_delete))
- {
- message_die(GENERAL_MESSAGE, $lang['Cannot_delete_poll']);
- }
- // Event Registration - BEGIN
- if ($post_data['first_post'] && $post_data['has_reg'])
- {
- $sql = "SELECT *
- FROM " . REGISTRATION_DESC_TABLE . " rd
- WHERE rd.topic_id = $topic_id";
- $result = $db->sql_query($sql);
- if ($row = $db->sql_fetchrow($result))
- {
- $reg_active = ($row['reg_active'] == 1) ? 'checked="checked"' : '';
- $reg_max_option1 = (!empty($row['reg_max_option1'])) ? $row['reg_max_option1'] : '';
- $reg_max_option2 = (!empty($row['reg_max_option2'])) ? $row['reg_max_option2'] : '';
- $reg_max_option3 = (!empty($row['reg_max_option3'])) ? $row['reg_max_option3'] : '';
- $reg_length = (!empty($row['reg_length'])) ? ($row['reg_length']/86400) : '';
- }
- $db->sql_freeresult($result);
- }
- // Event Registration - END
- }
- else
- {
- if ($mode == 'quote')
- {
- $topic_id = $post_info['topic_id'];
- $topic_id_append = (!empty($topic_id) ? (POST_TOPIC_URL . '=' . $topic_id) : '');
- }
- if ($mode == 'newtopic')
- {
- $post_data['topic_type'] = POST_NORMAL;
- }
- elseif ($mode == 'reply')
- {
- $post_data['topic_type'] = $post_info['topic_type'];
- }
- // MG Cash MOD For IP - BEGIN
- if (!empty($config['plugins']['cash']['enabled']))
- {
- $post_data['topic_poster'] = ($mode == 'reply') ? $post_info['topic_poster'] : 0;
- }
- // MG Cash MOD For IP - END
- $post_data['first_post'] = ($mode == 'newtopic') ? true : 0;
- $post_data['last_post'] = false;
- $post_data['has_poll'] = false;
- $post_data['poll_start'] = 0;
- $post_data['edit_poll'] = false;
- }
- if ($mode == 'poll_delete')
- {
- $meta = '';
- $message = '';
- if (!class_exists('class_mcp')) include(IP_ROOT_PATH . 'includes/class_mcp.' . PHP_EXT);
- if (empty($class_mcp)) $class_mcp = new class_mcp();
- $class_mcp->post_delete($mode, $post_data, $message, $meta, $forum_id, $topic_id, $post_id);
- $redirect_url = append_sid(CMS_PAGE_VIEWTOPIC . '?' . POST_TOPIC_URL . '=' . $topic_id);
- meta_refresh(3, $redirect_url);
- message_die(GENERAL_MESSAGE, $message);
- }
- // BEGIN cmx_slash_news_mod
- // If you want to allow moderators to change news category when editing post you can decomment this...
- //if($config['allow_news'] && $post_data['first_post'] && $is_auth['auth_post'] && ($is_auth['auth_news'] || ($is_auth['auth_mod'] && ($mode == 'editpost'))))
- if($config['allow_news'] && $post_data['first_post'] && $is_auth['auth_post'] && $is_auth['auth_news'])
- {
- if($mode == 'editpost')
- {
- $post_data['news_id'] = $post_info['news_id'];
- }
- else
- {
- $post_data['news_id'] = 0;
- }
- $post_data['disp_news'] = true;
- }
- else
- {
- if($config['allow_news'] && $post_data['first_post'] && $is_auth['auth_post'] && !$is_auth['auth_news'] && ($mode == 'editpost'))
- {
- $post_data['news_id'] = $post_info['news_id'];
- }
- else
- {
- $post_data['news_id'] = 0;
- }
- $post_data['news_id'] = !empty($_POST['news_category']) ? intval($_POST['news_category']) : (!empty($post_data['news_id']) ? intval($post_data['news_id']) : 0);
- $hidden_form_fields .= '<input type="hidden" name="news_category" value="' . $post_data['news_id'] . '" />';
- $post_data['disp_news'] = false;
- }
- // END cmx_slash_news_mod
- }
- else
- {
- message_die(GENERAL_MESSAGE, $lang['No_such_post']);
- }
- // The user is not authed, if they're not logged in then redirect them, else show them an error message
- if (!$is_auth[$is_auth_type] || (!empty($is_auth_type_cal) && !$is_auth[$is_auth_type_cal]))
- {
- // Event Registration - BEGIN
- $reg_number_clicked = request_var('register', 0);
- $reg_user_id = request_var(POST_USERS_URL, 0);
- $reg_user_id = ($reg_user_id < 2) ? ANONYMOUS : $reg_user_id;
- // Event Registration - END
- if ($user->data['session_logged_in'])
- {
- if (!empty($is_auth_type_cal) && !$is_auth[$is_auth_type_cal])
- {
- message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_' . $is_auth_type_cal], $is_auth[$is_auth_type_cal . '_type']));
- }
- message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_' . $is_auth_type], $is_auth[$is_auth_type . '_type']));
- }
- switch($mode)
- {
- case 'newtopic':
- $redirect = 'mode=newtopic&' . $forum_id_append;
- break;
- case 'reply':
- case 'topicreview':
- $redirect = 'mode=reply&' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . $topic_id_append;
- break;
- case 'quote':
- case 'editpost':
- $redirect = 'mode=quote&' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . (!empty($topic_id_append) ? ($topic_id_append . '&') : '') . $post_id_append;
- break;
- // Event Registration - BEGIN
- case 'register':
- $redirect = 'mode=register®ister=' . $reg_number_clicked . '&' . POST_USERS_URL . '=' . $reg_user_id . '&' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . $topic_id_append;
- break;
- // Event Registration - END
- }
- $redirect .= ($post_reportid) ? '&post_reportid=' . $post_reportid : '';
- redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=posting.' . PHP_EXT . '?' . $redirect, true));
- }
- // Self AUTH - BEGIN
- elseif (intval($is_auth[$is_auth_type]) == AUTH_SELF)
- {
- //self auth mod
- switch($mode)
- {
- case 'quote':
- case 'reply':
- $sql = "SELECT t.topic_id
- FROM " . TOPICS_TABLE . " t, " . USERS_TABLE. " u
- WHERE t.topic_id = " . $topic_id . "
- AND t.topic_poster = u.user_id
- AND u.user_id = " . $user->data['user_id'];
- break;
- }
- $result = $db->sql_query($sql);
- $self_auth = $db->sql_fetchrow($result);
- if (empty($self_auth))
- {
- message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_' . $is_auth_type], $is_auth[$is_auth_type . '_type']));
- }
- }
- // Self AUTH - END
- // Set toggles for various options
- if (!$config['allow_html'])
- {
- $html_on = 0;
- }
- else
- {
- $html_on = ($submit || $refresh) ? ((!empty($_POST['disable_html'])) ? 0 : 1) : (($user->data['user_id'] == ANONYMOUS) ? $config['allow_html'] : $user->data['user_allowhtml']);
- }
- $html_on = (!empty($_POST['disable_html']) ? 0 : ((($user->data['user_level'] == ADMIN) && $config['allow_html_only_for_admins']) ? 1 : $html_on));
- $acro_auto_on = ($submit || $refresh) ? ((!empty($_POST['disable_acro_auto'])) ? 0 : 1) : 1;
- if (!$config['allow_bbcode'])
- {
- $bbcode_on = 0;
- }
- else
- {
- $bbcode_on = ($submit || $refresh) ? ((!empty($_POST['disable_bbcode'])) ? 0 : 1) : (($user->data['user_id'] == ANONYMOUS) ? $config['allow_bbcode'] : $user->data['user_allowbbcode']);
- }
- if (!$config['allow_smilies'])
- {
- $smilies_on = 0;
- }
- else
- {
- $smilies_on = ($submit || $refresh) ? ((!empty($_POST['disable_smilies'])) ? 0 : 1) : (($user->data['user_id'] == ANONYMOUS) ? $config['allow_smilies'] : $user->data['user_allowsmile']);
- }
- if($is_auth['auth_news'])
- {
- $topic_show_portal = ($submit || $refresh) ? (!empty($_POST['topic_show_portal']) ? 1 : 0) : 0;
- }
- else
- {
- $topic_show_portal = ($submit || $refresh || ($mode == 'editpost')) ? (!empty($post_data['topic_show_portal']) ? 1 : 0) : 0;
- }
- if (($submit || $refresh) && $is_auth['auth_read'])
- {
- $notify_user = (!empty($_POST['notify'])) ? 1 : 0;
- }
- else
- {
- if (($mode != 'newtopic') && $user->data['session_logged_in'] && $is_auth['auth_read'])
- {
- $sql = "SELECT topic_id
- FROM " . TOPICS_WATCH_TABLE . "
- WHERE topic_id = " . $topic_id . "
- AND user_id = " . $user->data['user_id'];
- $result = $db->sql_query($sql);
- $notify_user = ($db->sql_fetchrow($result)) ? true : $user->data['user_notify'];
- $db->sql_freeresult($result);
- }
- else
- {
- $notify_user = ($user->data['session_logged_in'] && $is_auth['auth_read']) ? $user->data['user_notify'] : 0;
- }
- }
- $attach_sig = ($submit || $refresh) ? ((!empty($_POST['attach_sig'])) ? 1 : 0) : (($user->data['user_id'] == ANONYMOUS) ? 0 : $user->data['user_attachsig']);
- $setbm = ($submit || $refresh) ? ((!empty($_POST['setbm'])) ? 1 : 0) : (($user->data['user_id'] == ANONYMOUS) ? 0 : $user->data['user_setbm']);
- execute_posting_attachment_handling();
- // What shall we do?
- // BEGIN cmx_slash_news_mod
- // Get News Categories.
- if($user->data['session_logged_in'] && $post_data['disp_news'])
- {
- if (($mode == 'editpost') && empty($post_id))
- {
- message_die(GENERAL_MESSAGE, $lang['No_post_id']);
- }
- $sql = 'SELECT * FROM ' . NEWS_TABLE . ' ORDER BY news_category';
- $result = $db->sql_query($sql, 0, 'news_cats_');
- $news_sel = array();
- $news_cat = array();
- while ($row = $db->sql_fetchrow($result))
- {
- if((($news_category > 0) && ($news_category == $row['news_id'])) || (($post_data['news_id'] > 0) && ($post_data['news_id'] == $row['news_id'])))
- {
- $news_sel = $row;
- }
- if($post_data['news_id'] != 0 && $post_data['news_id'] == $row['news_id'])
- {
- $news_sel = $row;
- }
- $news_cat[] = $row;
- }
- if(($post_data['news_id'] == 0) && ($news_category == 0))
- {
- $boxstring = '<option value="0">' . $lang['Regular_Post'] . '</option>';
- }
- else
- {
- $boxstring = '<option value="' . $news_sel['news_id'] . '">' . $news_sel['news_category'] . ' (' . $lang['Current_Selection'] . ')</option>';
- $boxstring .= '<option value="0">' . $lang['Regular_Post'] . '</option>';
- }
- if(sizeof($news_cat) > 0)
- {
- for($i = 0; $i < sizeof($news_cat); $i++)
- {
- if($news_cat[$i]['news_id'] != $post_data['news_id'])
- {
- $boxstring .= '<option value="' . $news_cat[$i]['news_id'] . '">' . $news_cat[$i]['news_category'] . '</option>';
- }
- }
- $template->assign_block_vars('switch_news_cat', array(
- 'L_NEWS_CATEGORY' => $lang['Select_News_Category'],
- 'S_NAME' => 'news_category',
- 'S_CATEGORY_BOX' => $boxstring
- )
- );
- }
- }
- // END cmx_slash_news_mod
- if (($delete || $poll_delete || ($mode == 'delete')) && !$confirm)
- {
- // Confirm deletion
- $s_hidden_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';
- $s_hidden_fields .= ($delete || $mode == 'delete') ? '<input type="hidden" name="mode" value="delete" />' : '<input type="hidden" name="mode" value="poll_delete" />';
- $s_hidden_fields .= '<input type="hidden" name="sid" value="' . $user->data['session_id'] . '" />';
- $l_confirm = ($delete || ($mode == 'delete')) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll'];
- $template->assign_vars(array(
- 'MESSAGE_TITLE' => $lang['Information'],
- 'MESSAGE_TEXT' => $l_confirm,
- 'L_YES' => $lang['Yes'],
- 'L_NO' => $lang['No'],
- 'S_CONFIRM_ACTION' => append_sid('posting.' . PHP_EXT),
- 'S_HIDDEN_FIELDS' => $s_hidden_fields
- )
- );
- full_page_generation('confirm_body.tpl', $lang['Confirm'], '', '');
- }
- elseif ($mode == 'vote')
- {
- // Vote in a poll
- $voted_id = request_var('vote_id', array('' => 0));
- $voted_id = (sizeof($voted_id) > 1) ? array_unique($voted_id) : $voted_id;
- // Does this topic contain a poll?
- if (!empty($post_info['poll_start']))
- {
- $sql = "SELECT o.*
- FROM " . POLL_OPTIONS_TABLE . " o
- WHERE o.topic_id = " . $topic_id . "
- ORDER BY o.poll_option_id";
- $result = $db->sql_query($sql);
- $poll_info = array();
- while ($row = $db->sql_fetchrow($result))
- {
- $poll_info[] = $row;
- }
- $db->sql_freeresult($result);
- $cur_voted_id = array();
- if ($user->data['session_logged_in'] && ($user->data['bot_id'] === false))
- {
- $sql = "SELECT poll_option_id
- FROM " . POLL_VOTES_TABLE . "
- WHERE topic_id = " . $topic_id . "
- AND vote_user_id = " . $user->data['user_id'];
- $result = $db->sql_query($sql);
- while ($row = $db->sql_fetchrow($result))
- {
- $cur_voted_id[] = $row['poll_option_id'];
- }
- $db->sql_freeresult($result);
- }
- else
- {
- // Currently disable guests posting...
- $message = $lang['POLL_NO_GUESTS'] . '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . $redirect_url . '">', '</a>');
- message_die(GENERAL_MESSAGE, $message);
- // Cookie based guest tracking... I don't like this but hum ho... it's oft requested. This relies on "nice" users who don't feel the need to delete cookies to mess with results.
- if (isset($_COOKIE[$config['cookie_name'] . '_poll_' . $topic_id]))
- {
- $cur_voted_id = explode(',', $_COOKIE[$config['cookie_name'] . '_poll_' . $topic_id]);
- $cur_voted_id = array_map('intval', $cur_voted_id);
- }
- }
- if (!sizeof($voted_id) || (sizeof($voted_id) > $post_info['poll_max_options']) || in_array(VOTE_CONVERTED, $cur_voted_id))
- {
- if (!sizeof($voted_id))
- {
- $message = $lang['NO_VOTE_OPTION'];
- }
- elseif (sizeof($voted_id) > $post_info['poll_max_options'])
- {
- $message = $lang['TOO_MANY_VOTE_OPTIONS'];
- }
- elseif (in_array(VOTE_CONVERTED, $cur_voted_id))
- {
- $message = $lang['VOTE_CONVERTED'];
- }
- else
- {
- $message = $lang['FORM_INVALID'];
- }
- $redirect_url = append_sid(CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . $topic_id_append . '&start=' . $start);
- meta_refresh(3, $redirect_url);
- $message .= '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . $redirect_url . '">', '</a>');
- message_die(GENERAL_MESSAGE, $message);
- }
- foreach ($voted_id as $option)
- {
- if (in_array($option, $cur_voted_id))
- {
- continue;
- }
- $sql = "UPDATE " . POLL_OPTIONS_TABLE . "
- SET poll_option_total = poll_option_total + 1
- WHERE poll_option_id = " . (int) $option . "
- AND topic_id = " . (int) $topic_id;
- $db->sql_query($sql);
- if ($user->data['session_logged_in'] && ($user->data['bot_id'] === false))
- {
- $sql_ary = array(
- 'topic_id' => (int) $topic_id,
- 'poll_option_id' => (int) $option,
- 'vote_user_id' => (int) $user->data['user_id'],
- 'vote_user_ip' => (string) $user->data['session_ip'],
- );
- $sql = "INSERT INTO " . POLL_VOTES_TABLE . " " . $db->sql_build_array('INSERT', $sql_ary);
- $db->sql_query($sql);
- }
- }
- foreach ($cur_voted_id as $option)
- {
- if (!in_array($option, $voted_id))
- {
- $sql = "UPDATE " . POLL_OPTIONS_TABLE . "
- SET poll_option_total = poll_option_total - 1
- WHERE poll_option_id = " . (int) $option . "
- AND topic_id = " . (int) $topic_id;
- $db->sql_query($sql);
- if ($user->data['session_logged_in'] && ($user->data['bot_id'] === false))
- {
- $sql = "DELETE FROM " . POLL_VOTES_TABLE . "
- WHERE topic_id = " . (int) $topic_id . "
- AND poll_option_id = " . (int) $option . "
- AND vote_user_id = " . (int) $user->data['user_id'];
- $db->sql_query($sql);
- }
- }
- }
- if ($user->data['session_logged_in'] && ($user->data['bot_id'] === false))
- {
- if (function_exists('set_cookie'))
- {
- set_cookie('poll_' . $topic_id, implode(',', $voted_id), time() + 31536000);
- }
- }
- $sql = "UPDATE " . TOPICS_TABLE . "
- SET poll_last_vote = " . time() . "
- WHERE topic_id = " . $topic_id;
- $db->sql_query($sql);
- $redirect_url = append_sid(CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . $topic_id_append . '&start=' . $start);
- meta_refresh(3, $redirect_url);
- $message = $lang['VOTE_SUBMITTED'] . '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . $redirect_url . '">', '</a>');
- message_die(GENERAL_MESSAGE, $message);
- }
- else
- {
- redirect(append_sid(CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . $topic_id_append, true));
- }
- }
- // Event Registration - BEGIN
- elseif ($mode == 'register')
- {
- // Register for an event
- $register_value = request_var('register', 0);
- $register_value = in_array($register_value, array(REG_OPTION1, REG_OPTION2, REG_OPTION3, REG_UNREGISTER)) ? $register_value : 0;
- if (!empty($register_value))
- {
- $user_id = $user->data['user_id'];
- if ($user->data['user_level'] == ADMIN)
- {
- $target_user_id = request_var(POST_USERS_URL, 0);
- $target_user_id = ($target_user_id < 2) ? ANONYMOUS : $target_user_id;
- $target_username = request_var('username', '', true);
- if (!empty($target_user_id) && ($target_user_id != ANONYMOUS))
- {
- $target_userdata = get_userdata($target_user_id);
- }
- else
- {
- $target_userdata = get_userdata($target_username, true);
- }
- if (!empty($target_userdata))
- {
- $user_id = $target_userdata['user_id'];
- }
- }
- $zeit = time();
- $sql = "SELECT registration_status FROM " . REGISTRATION_TABLE . "
- WHERE topic_id = $topic_id AND registration_user_id = $user_id";
- $result = $db->sql_query($sql);
- if ($reg_info = $db->sql_fetchrow($result))
- {
- if ($register_value == REG_UNREGISTER) // cancel registration
- {
- $sql = "DELETE FROM " . REGISTRATION_TABLE . "
- WHERE topic_id = $topic_id
- AND registration_user_id = $user_id";
- $db->sql_query($sql);
- $message = $lang['Reg_Unregister'];
- }
- else
- {
- $old_regstate = $reg_info['registration_status'];
- if (($user->data['user_level'] != ADMIN) && (check_max_registration($topic_id, $register_value) === false))
- {
- $message = $lang['Reg_Max_Registrations'];
- }
- else
- {
- $sql = "UPDATE " . REGISTRATION_TABLE . "
- SET registration_user_ip = '$user_ip', registration_time = $zeit, registration_status = $register_value
- WHERE topic_id = $topic_id
- AND registration_user_id = $user_id";
- $db->sql_query($sql);
- $message = $lang['Reg_Change'];
- }
- }
- }
- else
- {
- if (($user->data['user_level'] != ADMIN) && (check_max_registration($topic_id, $register_value) === false))
- {
- $message = sprintf($lang['Reg_Max_Registrations'], $num_max_reg);
- }
- else
- {
- $sql = "INSERT INTO " . REGISTRATION_TABLE . " (topic_id, registration_user_id, registration_user_ip, registration_time, registration_status)
- VALUES ($topic_id, $user_id, '$user_ip', $zeit, $register_value)";
- $db->sql_query($sql);
- $message = $lang['Reg_Insert'];
- }
- }
- $redirect_url = append_sid(CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . $topic_id_append);
- meta_refresh(3, $redirect_url);
- $message .= '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . $redirect_url . '">', '</a>');
- message_die(GENERAL_MESSAGE, $message);
- }
- else
- {
- message_die(GENERAL_ERROR, 'Missing information for registration', '', __LINE__, __FILE__);
- }
- }
- // Event Registration - END
- elseif ($submit || $confirm || ($draft && $draft_confirm))
- {
- // Submit post/vote (newtopic, edit, reply, etc.)
- $return_message = '';
- $return_meta = '';
- // session id check
- if (($sid == '') || ($sid != $user->data['session_id']))
- {
- $error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Session_invalid'] : $lang['Session_invalid'];
- }
- switch ($mode)
- {
- case 'editpost':
- case 'newtopic':
- case 'reply':
- // CrackerTracker v5.x
- if (($config['ctracker_vconfirm_guest'] == 1) && !$user->data['session_logged_in'])
- {
- define('CRACKER_TRACKER_VCONFIRM', true);
- define('POST_CONFIRM_CHECK', true);
- include_once(IP_ROOT_PATH . 'includes/ctracker/engines/ct_visual_confirm.' . PHP_EXT);
- }
- // CrackerTracker v5.x
- $username = htmlspecialchars_decode(request_post_var('username', '', true), ENT_COMPAT);
- $subject = !empty($draft_subject) ? $draft_subject : request_post_var('subject', '', true);
- $topic_desc = request_post_var('topic_desc', '', true);
- $message = !empty($draft_message) ? $draft_message : htmlspecialchars_decode(request_post_var('message', '', true), ENT_COMPAT);
- $notes = htmlspecialchars_decode(request_post_var('notes', '', true), ENT_COMPAT);
- $notes_mod = '';
- if (($user->data['user_level'] == ADMIN) || $is_auth['auth_mod'])
- {
- $notes_mod = htmlspecialchars_decode(request_post_var('notes_mod', '', true), ENT_COMPAT);
- }
- $post_images = request_post_var('post_images', '', true);
- if (!empty($post_images) && (substr($post_images, 0, 4) == 'http'))
- {
- if (!function_exists('get_full_image_info'))
- {
- require(IP_ROOT_PATH . 'includes/class_image.' . PHP_EXT);
- }
- $pic_size = get_full_image_info($post_images);
- if(empty($pic_size))
- {
- $post_images = '';
- }
- }
- else
- {
- $post_images = '';
- }
- $post_data['post_images'] = $post_images;
- $poll_title = (isset($_POST['poll_title']) && $is_auth['auth_pollcreate']) ? request_post_var('poll_title', '', true) : '';
- $poll_options = (isset($_POST['poll_option_text']) && $is_auth['auth_pollcreate']) ? request_post_var('poll_option_text', array(0 => ''), true) : array();
- $poll_start = time();
- $poll_length = (isset($_POST['poll_length']) && $is_auth['auth_pollcreate']) ? request_post_var('poll_length', 0) : 0;
- $poll_length = max(0, $poll_length * 86400);
- $poll_max_options = (isset($_POST['poll_max_options']) && $is_auth['auth_pollcreate']) ? request_post_var('poll_max_options', 1) : 1;
- $poll_max_options = max(1, $poll_max_options);
- $poll_change = (isset($_POST['poll_change']) && $is_auth['auth_pollcreate']) ? 1 : 0;
- $poll_data = array(
- 'title' => $poll_title,
- 'start' => $poll_start,
- 'length' => $poll_length,
- 'max_options' => $poll_max_options,
- 'change' => $poll_change
- );
- $topic_calendar_time = ($topic_calendar_time != $post_data['topic_calendar_time'] && !$is_auth['auth_cal']) ? $post_data['topic_calendar_time'] : $topic_calendar_time;
- if (empty($topic_calendar_time)) $topic_calendar_time = 0;
- $topic_calendar_duration = ($topic_calendar_duration != $post_data['topic_calendar_duration'] && !$is_auth['auth_cal']) ? $post_data['topic_calendar_duration'] : $topic_calendar_duration;
- if (!empty($topic_calendar_duration))
- {
- $topic_calendar_duration--;
- }
- if (empty($topic_calendar_time) || empty($topic_calendar_duration))
- {
- $topic_calendar_duration = 0;
- }
- // Event Registration - BEGIN
- $reg_active = (isset($_POST['start_registration']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['start_registration'] : '';
- $reg_reset = (isset($_POST['reset_registration']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['reset_registration'] : '';
- $reg_max_option1 = (!empty($_POST['reg_max_option1']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['reg_max_option1'] : '';
- $reg_max_option2 = (!empty($_POST['reg_max_option2']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['reg_max_option2'] : '';
- $reg_max_option3 = (!empty($_POST['reg_max_option3']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['reg_max_option3'] : '';
- $reg_length = (isset($_POST['reg_length']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['reg_length'] : '';
- // Event Registration - END
- prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $subject, $message, $poll_title, $poll_options, $poll_data, $reg_active, $reg_reset, $reg_max_option1, $reg_max_option2, $reg_max_option3, $reg_length, $topic_desc, $topic_calendar_time, $topic_calendar_duration);
- // MG Drafts - BEGIN
- if (($config['allow_drafts'] == true) && $draft && $draft_confirm && $user->data['session_logged_in'] && (($mode == 'reply') || ($mode == 'newtopic')))
- {
- save_draft($draft_id, $user->data['user_id'], $forum_id, $topic_id, strip_tags($subject), $message);
- //save_draft($draft_id, $user->data['user_id'], $forum_id, $topic_id, $db->sql_escape(strip_tags($subject)), $db->sql_escape($message));
- $output_message = $lang['Drafts_Saved'];
- $output_message .= '<br /><br />' . sprintf($lang['Click_return_drafts'], '<a href="' . append_sid(CMS_PAGE_DRAFTS) . '">', '</a>');
- $output_message .= '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid(CMS_PAGE_VIEWFORUM . '?' . POST_FORUM_URL . '=' . $forum_id) . '">', '</a>');
- $redirect_url = append_sid(CMS_PAGE_VIEWFORUM . '?' . POST_FORUM_URL . '=' . $forum_id);
- meta_refresh(3, $redirect_url);
- message_die(GENERAL_MESSAGE, $output_message);
- }
- // MG Drafts - END
- if ($error_msg == '')
- {
- if ($mode == 'reply')
- {
- $topic_type = $post_data['topic_type'];
- }
- else
- {
- $topic_type = (($topic_type != $post_data['topic_type']) && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] && !$is_auth['auth_globalannounce']) ? $post_data['topic_type'] : $topic_type;
- }
- if(($mode == 'editpost') && $config['edit_notes'] && ((strlen($notes) > 2) || (strlen($notes_mod) > 2)))
- {
- $sql = "SELECT edit_notes FROM " . POSTS_TABLE . " WHERE post_id='" . $post_id . "'";
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- $db->sql_freeresult($result);
- $notes_list = strlen($row['edit_notes']) ? unserialize($row['edit_notes']) : array();
- // Check limit and eventually delete notes
- if(!empty($notes) && (sizeof($notes_list) >= intval($config['edit_notes_n'])))
- {
- $first_edit_note = 0;
- $edit_notes_counter = 0;
- for($i = 0; $i < sizeof($notes_list); $i++)
- {
- if (empty($notes_list[$i]['reserved']))
- {
- $edit_notes_counter++;
- if (empty($first_edit_note))
- {
- $first_edit_note = $i;
- }
- }
- }
- if ($edit_notes_counter > intval($config['edit_notes_n']))
- {
- unset($notes_list[$first_edit_note]);
- }
- }
- if (!empty($notes))
- {
- $notes_list[] = array(
- 'poster' => $user->data['user_id'],
- 'time' => time(),
- //'text' => htmlspecialchars($notes)
- 'text' => $notes,
- 'reserved' => false
- );
- }
- if (!empty($notes_mod))
- {
- $notes_list[] = array(
- 'poster' => $user->data['user_id'],
- 'time' => time(),
- //'text' => htmlspecialchars($notes_mod)
- 'text' => $notes_mod,
- 'reserved' => true
- );
- }
- empty_cache_folders(POSTS_CACHE_FOLDER);
- $sql = "UPDATE " . POSTS_TABLE . " SET edit_notes = '" . $db->sql_escape(serialize($notes_list)) . "' WHERE post_id = '" . $post_id . "'";
- $db->sql_query($sql);
- if (!empty($notes))
- {
- $edit_count_sql = '';
- // We need this, otherwise editing for normal users will be accounted twice... because the same edit will be updated in functions_post.php
- if($user->data['user_level'] == ADMIN)
- {
- $edit_count_sql = ", post_edit_count = (post_edit_count + 1)";
- }
- $edited_sql = "post_edit_time = '" . time() . "'" . $edit_count_sql . ", post_edit_id = '" . $user->data['user_id'] . "'";
- $sql = "UPDATE " . POSTS_TABLE . " SET " . $edited_sql . " WHERE post_id='" . $post_id . "'";
- $db->sql_query($sql);
- }
- }
- if ($lock_subject)
- {
- $url = '[url="' . CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . (!empty($topic_id_append) ? ($topic_id_append . '&') : '') . POST_POST_URL . '=' . $lock_subject . '#p' . $lock_subject . '"]';
- $message = sprintf($lang['Link_to_post'], $url, '[/url]') . $message;
- }
- $topic_title_clean = '';
- $topic_tags = '';
- if ($post_data['first_post'])
- {
- $topic_title_clean = request_var('topic_title_clean', $subject, true);
- $topic_title_clean = substr(ip_clean_string($topic_title_clean, $lang['ENCODING']), 0, 254);
- @include_once(IP_ROOT_PATH . 'includes/class_topics_tags.' . PHP_EXT);
- $class_topics_tags = new class_topics_tags();
- if (!empty($use_jquery_tags))
- {
- if(array_key_exists('ttag', $_POST))
- {
- $all_topic_tags = request_var('ttag', array(0 => ''), true);
- $topic_tags = implode(', ', array_filter(array_unique($all_topic_tags)));
- }
- }
- else
- {
- $topic_tags = request_var('topic_tags', '', true);
- }
- if (!empty($topic_tags))
- {
- $topic_tags = trim($topic_tags);
- while(substr($topic_tags, -1) == ',')
- {
- $topic_tags = trim(substr($topic_tags, 0, -1));
- }
- $topic_tags_array = $class_topics_tags->create_tags_array($topic_tags);
- $topic_tags = implode(', ', array_filter(array_unique($topic_tags_array)));
- $topic_tags = substr($topic_tags, 0, 254);
- //die($topic_tags);
- }
- unset($class_topics_tags);
- }
- submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $topic_type, $bbcode_on, $html_on, $acro_auto_on, $smilies_on, $attach_sig, $username, $subject, $topic_title_clean, $topic_tags, $message, $poll_title, $poll_options, $poll_data, $reg_active, $reg_reset, $reg_max_option1, $reg_max_option2, $reg_max_option3, $reg_length, $news_category, $topic_show_portal, $mark_edit, $topic_desc, $topic_calendar_time, $topic_calendar_duration, $extra_vars);
- }
- break;
- case 'delete':
- case 'poll_delete':
- if ($error_msg != '')
- {
- message_die(GENERAL_MESSAGE, $error_msg);
- }
- if (!class_exists('class_mcp')) include(IP_ROOT_PATH . 'includes/class_mcp.' . PHP_EXT);
- if (empty($class_mcp)) $class_mcp = new class_mcp();
- $class_mcp->post_delete($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id);
- break;
- }
- if ($error_msg == '')
- {
- if ($mode != 'editpost')
- {
- $user_id = (($mode == 'reply') || ($mode == 'newtopic')) ? $user->data['user_id'] : $post_data['poster_id'];
- if (!class_exists('class_mcp')) include(IP_ROOT_PATH . 'includes/class_mcp.' . PHP_EXT);
- if (empty($class_mcp)) $class_mcp = new class_mcp();
- $class_mcp->sync_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $user_id);
- }
- $attachment_mod['posting']->insert_attachment($post_id);
- if (($error_msg == '') && ($mode != 'poll_delete'))
- {
- // Forum Notification - BEGIN
- if (!class_exists('class_notifications'))
- {
- include(IP_ROOT_PATH . 'includes/class_notifications.' . PHP_EXT);
- $class_notifications = new class_notifications();
- }
- $post_data['subject'] = $subject;
- $post_data['username'] = ($user->data['user_id'] == ANONYMOUS) ? $username : $user->data['username'];
- $post_data['message'] = $message;
- if ($post_data['first_post'])
- {
- // fetch topic title
- $sql = "SELECT topic_title, topic_id
- FROM " . TOPICS_TABLE . "
- WHERE topic_id = " . $topic_id;
- $result = $db->sql_query($sql);
- if ($topic_info = $db->sql_fetchrow($result))
- {
- $class_notifications->send_notifications('newtopic', $post_data, $topic_info['topic_title'], $forum_id, $topic_id, $post_id, $notify_user);
- }
- }
- else
- {
- if ($setbm)
- {
- set_bookmark($topic_id);
- }
- $class_notifications->send_notifications($mode, $post_data, $post_info['topic_title'], $forum_id, $topic_id, $post_id, $notify_user);
- }
- // Forum Notification - END
- }
- if ($lock_subject)
- {
- $url = '<a href="' . append_sid(CMS_PAGE_VIEWTOPIC . '?' . (!empty($forum_id_append) ? ($forum_id_append . '&') : '') . (!empty($topic_id_append) ? ($topic_id_append . '&') : '') . POST_POST_URL . '=' . $lock_subject . '#p' . $lock_subject) . '">';
- $return_message = $lang['Report_stored'] . '<br /><br />' . sprintf($lang['Send_report'], $url, '</a>');
- $return_meta = str_replace($post_id, $lock_subject, $return_meta);
- }
- if (($error_msg == '') && ($lock) && ($mode == 'newtopic'))
- {
- empty_cache_folders(POSTS_CACHE_FOLDER);
- empty_cache_folders(FORUMS_CACHE_FOLDER);
- $sql = "UPDATE " . TOPICS_TABLE . "
- SET topic_status = " . TOPIC_LOCKED . "
- WHERE topic_id = " . $topic_id . "
- AND topic_mo…
Large files files are truncated, but you can click here to view the full file