PageRenderTime 52ms CodeModel.GetById 18ms RepoModel.GetById 1ms app.codeStats 0ms

/legacy/includes/forums/topic.php

http://novaboard.googlecode.com/
PHP | 1075 lines | 703 code | 313 blank | 59 comment | 84 complexity | d3756b08a9600cafbaa4017b198ee18e MD5 | raw file
Possible License(s): AGPL-3.0
  1. <?php
  2. /*
  3. +--------------------------------------------------------------------------
  4. | NovaBoard
  5. | ========================================
  6. | By The NovaBoard team
  7. | Released under the Artistic License 2.0
  8. | http://www.novaboard.net
  9. | ========================================
  10. |+--------------------------------------------------------------------------
  11. | topic.php - display a topic
  12. */
  13. if (!defined('NOVA_RUN')){
  14. echo "<h1>ACCESS DENIED</h1>You cannot access this file directly.";
  15. exit();
  16. }
  17. template_hook("forums/topic.template.php", "start");
  18. ?>
  19. <script type="text/javascript">
  20. var addquotebutton = "submit-button img-quote-on";
  21. var removequotebutton = "submit-button button-remove img-quote-off";
  22. </script>
  23. <?php
  24. global $role;
  25. $token_id = md5(microtime());
  26. $token = md5(uniqid(rand(),true));
  27. $topic=$_GET['topic'];
  28. $topic=escape_string($topic);
  29. $token_name = "token_quickreply_$topic$token_id";
  30. $_SESSION[$token_name] = $token;
  31. $limit=$_GET['limit'];
  32. $limit=escape_string($limit);
  33. // if the first post is being moderated, redirect to
  34. // an error page to explain...
  35. if ($can_moderate_members=='0'){
  36. $query2167 = "select APPROVED from {$db_prefix}posts WHERE TOPIC_ID='$topic' AND TITLE!=''" ;
  37. $result2167 = mysql_query($query2167) or die("topic.php - Error in query: $query2167") ;
  38. $approved = mysql_result($result2167, 0);
  39. if ($approved == '0'){
  40. nova_redirect("index.php?page=error&error=35","error/35");
  41. }
  42. }
  43. $query2167 = "select FORUM_ID, TITLE, LOCKED, STICKY, ANNOUNCE, original_topic_id from {$db_prefix}posts WHERE TOPIC_ID='$topic' AND TITLE!=''" ;
  44. $result2167 = mysql_query($query2167) or die("topic.php - Error in query: $query2167") ;
  45. $does_exist = mysql_num_rows($result2167);
  46. if ($does_exist == '0'){
  47. nova_redirect("index.php?page=error&error=24","error/24");
  48. }
  49. while ($results2167 = mysql_fetch_array($result2167)){
  50. $forum_id = $results2167['FORUM_ID'];
  51. $title = $results2167['TITLE'];
  52. $locked = $results2167['LOCKED'];
  53. $sticky = $results2167['STICKY'];
  54. $announce = $results2167['ANNOUNCE'];
  55. $topic_original_topic_id = $results2167['original_topic_id'];
  56. }
  57. # Trashcan forum?
  58. $is_trashcan = ($trashcan_enabled && $forum_id == $trashcan_forum) ? true : false;
  59. // PERMISSIONS!!! Can they view this forum???
  60. $can_view_forum="0";
  61. $can_read_topics="0";
  62. $can_add_topics="0";
  63. $can_reply_topics="0";
  64. $can_download_attachment="0";
  65. $query3 = "select CAN_VIEW_FORUM, CAN_READ_TOPICS, CAN_ADD_TOPICS, CAN_REPLY_TOPICS, CAN_DOWNLOAD_ATTACHMENT from {$db_prefix}permissions WHERE GROUP_ID='$role' AND FORUM_ID='$forum_id'" ;
  66. $result3 = mysql_query($query3) or die("topic.php - Error in query: $query3") ;
  67. while ($results3 = mysql_fetch_array($result3)){
  68. $can_view_forum = $results3['CAN_VIEW_FORUM'];
  69. $can_read_topics = $results3['CAN_READ_TOPICS'];
  70. $can_add_topics = $results3['CAN_ADD_TOPICS'];
  71. $can_reply_topics = $results3['CAN_REPLY_TOPICS'];
  72. $can_download_attachment = $results3['CAN_DOWNLOAD_ATTACHMENT'];
  73. }
  74. $query211 = "select READ_ONLY from {$db_prefix}categories WHERE ID='$forum_id'" ;
  75. $result211 = mysql_query($query211) or die("board.php - Error in query: $query211") ;
  76. $read_only = mysql_result($result211, 0);
  77. if ($can_view_forum=='0'){
  78. nova_redirect("index.php?page=error&error=2","error/2");
  79. }
  80. elseif($can_read_topics=='0'){
  81. nova_redirect("index.php?page=error&error=3","error/3");
  82. }
  83. else{
  84. template_hook("forums/topic.template.php", "1");
  85. global $role;
  86. // Update views...
  87. $topic=$_GET['topic'];
  88. $topic=escape_string($topic);
  89. mysql_query("UPDATE {$db_prefix}posts SET views=views+1 WHERE topic_id = '$topic' AND TITLE!=''");
  90. // Insert posts_read
  91. $read_time=time()+1;
  92. if ($my_id >'0'){
  93. mysql_query("DELETE FROM {$db_prefix}posts_read WHERE member_id='$my_id' AND topic_id='$topic'");
  94. mysql_query("INSERT INTO {$db_prefix}posts_read (member_id, topic_id, read_time) VALUES ('$my_id', '$topic', '$read_time')");
  95. }
  96. // Get page numbers...
  97. $query = "select ID from {$db_prefix}posts WHERE TOPIC_ID='$topic'" ;
  98. $result = mysql_query($query) or die("topic.php - Error in query: $query") ;
  99. $number_of_posts=mysql_num_rows($result);
  100. $limit = (!$_GET['limit'] || $_GET['limit'] < 0 || !is_numeric($_GET['limit'])) ? 0 : escape_string($_GET['limit']) - 1;
  101. $limit = ($limit * $list_posts);
  102. $pages=ceil($number_of_posts/$list_posts);
  103. $pages_end = $pages;
  104. if ($pages <= '1'){
  105. }
  106. else{
  107. $topic_title = topic_title($topic);
  108. template_hook("forums/topic.template.php", "2");
  109. }
  110. $query211 = "select TITLE from {$db_prefix}posts WHERE TOPIC_ID='$topic' AND TITLE!=''" ;
  111. $result211 = mysql_query($query211) or die("topic.php - Error in query: $query211") ;
  112. $title = mysql_result($result211, 0);
  113. $title=strip_slashes($title);
  114. $query_subscribe = "select ROW from {$db_prefix}subscribe WHERE ID='$my_id' AND SUBSCRIBED_TOPIC='$topic'" ;
  115. $result_subscribe = mysql_query($query_subscribe) or die("topic.php - Error in query: $query_subscribe") ;
  116. $subscribed_already=mysql_num_rows($result_subscribe);
  117. template_hook("forums/topic.template.php", "5");
  118. // Does it have a poll?
  119. $query5 = "select TOPIC_ID from {$db_prefix}polls WHERE TOPIC_ID='$topic'" ;
  120. $result5 = mysql_query($query5) or die("topic.php - Error in query: $query5") ;
  121. $has_poll = mysql_num_rows($result5);
  122. if($has_poll=='1'){
  123. $query6 = "select ID, QUESTION, OPTION1, OPTION2, OPTION3, OPTION4, OPTION5, OPTION6, OPTION7, OPTION8, OPTION9, OPTION10, POLL_TYPE from {$db_prefix}polls WHERE TOPIC_ID='$topic'" ;
  124. $result6 = mysql_query($query6) or die("topic.php - Error in query: $query6") ;
  125. while ($results6 = mysql_fetch_array($result6)){
  126. $poll_id = $results6['ID'];
  127. $question = $results6['QUESTION'];
  128. $option1 = $results6['OPTION1'];
  129. $option2 = $results6['OPTION2'];
  130. $option3 = $results6['OPTION3'];
  131. $option4 = $results6['OPTION4'];
  132. $option5 = $results6['OPTION5'];
  133. $option6 = $results6['OPTION6'];
  134. $option7 = $results6['OPTION7'];
  135. $option8 = $results6['OPTION8'];
  136. $option9 = $results6['OPTION9'];
  137. $option10 = $results6['OPTION10'];
  138. $poll_type = $results6['POLL_TYPE'];
  139. }
  140. $question=strip_slashes($question);
  141. $option1=strip_slashes($option1);
  142. $option2=strip_slashes($option2);
  143. $option3=strip_slashes($option3);
  144. $option4=strip_slashes($option4);
  145. $option5=strip_slashes($option5);
  146. $option6=strip_slashes($option6);
  147. $option7=strip_slashes($option7);
  148. $option8=strip_slashes($option8);
  149. $option9=strip_slashes($option9);
  150. $option10=strip_slashes($option10);
  151. if ($poll_type=='1'){
  152. $input = "checkbox";
  153. }
  154. else{
  155. $input = "radio";
  156. }
  157. // Total Votes
  158. $query69 = "select VOTE_ID from {$db_prefix}polls_votes WHERE POLL_ID='$poll_id'" ;
  159. $result69 = mysql_query($query69) or die("topic.php - Error in query: $query69") ;
  160. $total_votes=mysql_num_rows($result69);
  161. $query69 = "select VOTE_ID from {$db_prefix}polls_votes WHERE POLL_ID='$poll_id' GROUP BY USER_ID" ;
  162. $result69 = mysql_query($query69) or die("topic.php - Error in query: $query69") ;
  163. $total_votes_results=mysql_num_rows($result69);
  164. // If they have voted already, or if they are logged out,
  165. // show results instead of options...
  166. $name=$_COOKIE['nova_name'];
  167. $name=escape_string($name);
  168. $password=$_COOKIE['nova_password'];
  169. $password=escape_string($password);
  170. $query7 = "select ID from {$db_prefix}members WHERE NAME='$name' AND PASSWORD='$password'" ;
  171. $result7 = mysql_query($query7) or die("topic.php - Error in query: $query7") ;
  172. $member_id = mysql_result($result7, 0);
  173. $query8 = "select VOTE_ID from {$db_prefix}polls_votes WHERE USER_ID='$member_id' AND POLL_ID='$poll_id'" ;
  174. $result8 = mysql_query($query8) or die("topic.php - Error in query: $query8") ;
  175. $voted=mysql_num_rows($result8);
  176. // If the topic is locked, so must the poll be...
  177. if ($locked=='1'){
  178. $voted="1";
  179. }
  180. if ($can_reply_topics=='0'){
  181. $voted_check="1";
  182. $voted="1";
  183. }
  184. if ($_GET['showresults']!=''){
  185. $voted="1";
  186. $voted_check="0";
  187. }
  188. if ($voted=='0'){
  189. $topic_title = topic_title($topic);
  190. template_hook("forums/topic.template.php", "6");
  191. }
  192. else{
  193. // Show results
  194. template_hook("forums/topic.template.php", "7");
  195. $query8 = "select VOTE_ID from {$db_prefix}polls_votes WHERE POLL_ID='$poll_id' AND VOTE='1'" ;
  196. $result8 = mysql_query($query8) or die("topic.php - Error in query: $query8") ;
  197. $option_votes=mysql_num_rows($result8);
  198. $percentage=number_format(($option_votes/$total_votes)*100);
  199. $px="px";
  200. $width=($percentage*5);
  201. $show_option=$option1;
  202. template_hook("forums/topic.template.php", "8");
  203. $query8 = "select VOTE_ID from {$db_prefix}polls_votes WHERE POLL_ID='$poll_id' AND VOTE='2'" ;
  204. $result8 = mysql_query($query8) or die("topic.php - Error in query: $query8") ;
  205. $option_votes=mysql_num_rows($result8);
  206. $percentage=number_format(($option_votes/$total_votes)*100);
  207. $px="px";
  208. $width=($percentage*5);
  209. $show_option=$option2;
  210. template_hook("forums/topic.template.php", "8");
  211. if ($option3!=''){
  212. $query8 = "select VOTE_ID from {$db_prefix}polls_votes WHERE POLL_ID='$poll_id' AND VOTE='3'" ;
  213. $result8 = mysql_query($query8) or die("topic.php - Error in query: $query8") ;
  214. $option_votes=mysql_num_rows($result8);
  215. $percentage=number_format(($option_votes/$total_votes)*100);
  216. $px="px";
  217. $width=($percentage*5);
  218. $show_option=$option3;
  219. template_hook("forums/topic.template.php", "8");
  220. }
  221. if ($option4!=''){
  222. $query8 = "select VOTE_ID from {$db_prefix}polls_votes WHERE POLL_ID='$poll_id' AND VOTE='4'" ;
  223. $result8 = mysql_query($query8) or die("topic.php - Error in query: $query8") ;
  224. $option_votes=mysql_num_rows($result8);
  225. $percentage=number_format(($option_votes/$total_votes)*100);
  226. $px="px";
  227. $width=($percentage*5);
  228. $show_option=$option4;
  229. template_hook("forums/topic.template.php", "8");
  230. }
  231. if ($option5!=''){
  232. $query8 = "select VOTE_ID from {$db_prefix}polls_votes WHERE POLL_ID='$poll_id' AND VOTE='5'" ;
  233. $result8 = mysql_query($query8) or die("topic.php - Error in query: $query8") ;
  234. $option_votes=mysql_num_rows($result8);
  235. $percentage=number_format(($option_votes/$total_votes)*100);
  236. $px="px";
  237. $width=($percentage*5);
  238. $show_option=$option5;
  239. template_hook("forums/topic.template.php", "8");
  240. }
  241. if ($option6!=''){
  242. $query8 = "select VOTE_ID from {$db_prefix}polls_votes WHERE POLL_ID='$poll_id' AND VOTE='6'" ;
  243. $result8 = mysql_query($query8) or die("topic.php - Error in query: $query8") ;
  244. $option_votes=mysql_num_rows($result8);
  245. $percentage=number_format(($option_votes/$total_votes)*100);
  246. $px="px";
  247. $width=($percentage*5);
  248. $show_option=$option6;
  249. template_hook("forums/topic.template.php", "8");
  250. }
  251. if ($option7!=''){
  252. $query8 = "select VOTE_ID from {$db_prefix}polls_votes WHERE POLL_ID='$poll_id' AND VOTE='7'" ;
  253. $result8 = mysql_query($query8) or die("topic.php - Error in query: $query8") ;
  254. $option_votes=mysql_num_rows($result8);
  255. $percentage=number_format(($option_votes/$total_votes)*100);
  256. $px="px";
  257. $width=($percentage*5);
  258. $show_option=$option7;
  259. template_hook("forums/topic.template.php", "8");
  260. }
  261. if ($option8!=''){
  262. $query8 = "select VOTE_ID from {$db_prefix}polls_votes WHERE POLL_ID='$poll_id' AND VOTE='8'" ;
  263. $result8 = mysql_query($query8) or die("topic.php - Error in query: $query8") ;
  264. $option_votes=mysql_num_rows($result8);
  265. $percentage=number_format(($option_votes/$total_votes)*100);
  266. $px="px";
  267. $width=($percentage*5);
  268. $show_option=$option8;
  269. template_hook("forums/topic.template.php", "8");
  270. }
  271. if ($option9!=''){
  272. $query8 = "select VOTE_ID from {$db_prefix}polls_votes WHERE POLL_ID='$poll_id' AND VOTE='9'" ;
  273. $result8 = mysql_query($query8) or die("topic.php - Error in query: $query8") ;
  274. $option_votes=mysql_num_rows($result8);
  275. $percentage=number_format(($option_votes/$total_votes)*100);
  276. $px="px";
  277. $width=($percentage*5);
  278. $show_option=$option9;
  279. template_hook("forums/topic.template.php", "8");
  280. }
  281. if ($option10!=''){
  282. $query8 = "select VOTE_ID from {$db_prefix}polls_votes WHERE POLL_ID='$poll_id' AND VOTE='10'" ;
  283. $result8 = mysql_query($query8) or die("topic.php - Error in query: $query8") ;
  284. $option_votes=mysql_num_rows($result8);
  285. $percentage=number_format(($option_votes/$total_votes)*100);
  286. $px="px";
  287. $width=($percentage*5);
  288. $show_option=$option10;
  289. template_hook("forums/topic.template.php", "8");
  290. }
  291. template_hook("forums/topic.template.php", "9");
  292. if ($locked=='1'){
  293. $voted_check="1";
  294. }
  295. if ($voted_check=='0'){
  296. $topic_title = topic_title($topic);
  297. template_hook("forums/topic.template.php", "10");
  298. }
  299. template_hook("forums/topic.template.php", "11");
  300. }
  301. }
  302. template_hook("forums/topic.template.php", "12");
  303. if ($can_moderate_members=='1'){
  304. $query211 = "select MEMBER, TIME, FORUM_ID, CONTENT, ID, EDIT_TIME, EDIT_MEMBER, EDIT_REASON, TITLE, DESCRIPTION, STICKY, ANNOUNCE, REPORTED, APPROVED, original_topic_id from {$db_prefix}posts WHERE TOPIC_ID='$topic' ORDER BY TIME asc LIMIT $limit, $list_posts";
  305. }
  306. else{
  307. $query211 = "select MEMBER, TIME, FORUM_ID, CONTENT, ID, EDIT_TIME, EDIT_MEMBER, EDIT_REASON, TITLE, DESCRIPTION, STICKY, ANNOUNCE, REPORTED, APPROVED, original_topic_id from {$db_prefix}posts WHERE TOPIC_ID='$topic' AND APPROVED='1' ORDER BY TIME asc LIMIT $limit, $list_posts";
  308. }
  309. $result211 = mysql_query($query211) or die("topic.php - Error in query: $query211") ;
  310. while ($results211 = mysql_fetch_array($result211)){
  311. $content = $results211['CONTENT']; // strip_slashes removed here
  312. $original_topic_id = $results211['original_topic_id'];
  313. $edit_form_title = strip_slashes($results211['TITLE']);
  314. $edit_form_desc = strip_slashes($results211['DESCRIPTION']);
  315. $edit_form_content = $results211['CONTENT'];
  316. $edit_form_content= strip_slashes($edit_form_content);
  317. $reported = $results211['REPORTED'];
  318. $edit_form_sticky = $results211['STICKY'];
  319. $edit_form_announce = $results211['ANNOUNCE'];
  320. $post_id = $results211['ID'];
  321. $member = $results211['MEMBER'];
  322. $time = $results211['TIME'];
  323. $forum_id = $results211['FORUM_ID'];
  324. $approved = $results211['APPROVED'];
  325. $time = format_date($time);
  326. $edit_time = $results211['EDIT_TIME'];
  327. $edit_reason = $results211['EDIT_REASON'];
  328. $edit_reason = strip_slashes($edit_reason);
  329. $edit_time = format_date($edit_time);
  330. $edit_member = $results211['EDIT_MEMBER'];
  331. $title = $results211['TITLE'];
  332. $title=strip_slashes($title);
  333. if ($approved=='0'){
  334. // get the ID so we can approve
  335. // in the topic view
  336. $query291 = "select ID from {$db_prefix}moderate WHERE POSTID='$post_id'" ;
  337. $result291 = mysql_query($query291) or die("topic.php - Error in query: $query291") ;
  338. $moderate_post = mysql_result($result291, 0);
  339. }
  340. $query291 = "select NAME, ROLE from {$db_prefix}members WHERE ID='$edit_member'" ;
  341. $result291 = mysql_query($query291) or die("topic.php - Error in query: $query291") ;
  342. while ($results291 = mysql_fetch_array($result291)){
  343. $edit_member_name = $results291['NAME'];
  344. $edit_member_name = strip_slashes($edit_member_name);
  345. $edit_role = $results291['ROLE'];
  346. }
  347. $name = '';
  348. $cv_rank = 0;
  349. $query2 = "select ID, NAME, LOCATION, AVATAR, REMOTE_AVATAR, SIGNATURE, NATIONALITY, USERTITLE, WARN_LEVEL, REGISTER_DATE, USER_POSTS, ROLE from {$db_prefix}members WHERE ID='$member'" ;
  350. $result2 = mysql_query($query2) or die("topic.php - Error in query: $query2") ;
  351. while ($results2 = mysql_fetch_array($result2)){
  352. $id = $results2['ID'];
  353. $name = $results2['NAME'];
  354. $name = strip_slashes($name);
  355. $profile_name = $results2['NAME'];
  356. $profile_name = strip_slashes($profile_name);
  357. $location = strip_slashes($results2['LOCATION']);
  358. $avatar = $results2['AVATAR'];
  359. $remote_avatar = $results2['REMOTE_AVATAR'];
  360. if ($remote_avatar =='0'){
  361. $avatar = $nova_domain."/".$avatar;
  362. }
  363. $signature = $results2['SIGNATURE'];
  364. $nationality = $results2['NATIONALITY'];
  365. $usertitle = $results2['USERTITLE'];
  366. $warn_level = $results2['WARN_LEVEL'];
  367. $register_date = $results2['REGISTER_DATE'];
  368. $number_posts = $results2['USER_POSTS'];
  369. $num_posts = number_format($results2['USER_POSTS']);
  370. $member_role = $results2['ROLE'];
  371. $register_date=format_date($register_date, '%d %B %Y');
  372. $usertitle=strip_slashes($usertitle);
  373. $signature=strip_slashes($signature);
  374. }
  375. // Get group color
  376. $query54 = "select CAN_CHANGE_SITE_SETTINGS, CAN_CHANGE_FORUM_SETTINGS, GROUP_ICON, GROUP_NAME, GROUP_COLOR from {$db_prefix}groups WHERE GROUP_ID='$member_role'" ;
  377. $result54 = mysql_query($query54) or die("topic.php - Error in query: $query54") ;
  378. while ($results54 = mysql_fetch_array($result54)){
  379. $user_can_change_site_settings = $results54['CAN_CHANGE_SITE_SETTINGS'];
  380. $user_can_change_forum_settings = $results54['CAN_CHANGE_FORUM_SETTINGS'];
  381. $user_group_icon = $results54['GROUP_ICON'];
  382. $user_group_name = strip_slashes($results54['GROUP_NAME']);
  383. $user_group_color = strip_slashes($results54['GROUP_COLOR']);
  384. }
  385. // Show online/offline icon
  386. $query21 = "select ID from {$db_prefix}sessions WHERE ID='$id'" ;
  387. $result21 = mysql_query($query21) or die("topic.php - Error in query: $query21") ;
  388. $member_online=mysql_num_rows($result21);
  389. // Get avatar...
  390. if ($avatar==''){
  391. $avatar = $default_avatar;
  392. }
  393. else{
  394. $ext = strtolower(strrchr($avatar,"."));
  395. }
  396. // Show graphic...
  397. $level = ($warn_level / $max_warn) * 5;
  398. $graphic_level = floor($level);
  399. $graphic_warn = round($level * 20);
  400. // get title and pips...
  401. $query_rank = "select RANK_TITLE, RANK_PIPS from {$db_prefix}ranks WHERE RANK_POSTS <= '$number_posts' ORDER BY RANK_POSTS desc LIMIT 1" ;
  402. $result_rank = mysql_query($query_rank) or die("topic.php - Error in query: $query_rank") ;
  403. while ($results_rank = mysql_fetch_array($result_rank)){
  404. $rank_title = strip_slashes($results_rank['RANK_TITLE']);
  405. $rank_pips = $results_rank['RANK_PIPS'];
  406. }
  407. if ($usertitle==''){
  408. $usertitle = "$rank_title";
  409. }
  410. $topic_trackback_text = sprintf($lang['topic_trackback_text'], nova_link('index.php?page=findpost&post=' . $post_id, 'findpost/' . $post_id));
  411. /*
  412. Hook after the member's name
  413. */
  414. $username_hook = '';
  415. if ($code = $Plugin->hook('topic', 'after_username'))
  416. {
  417. eval($code);
  418. }
  419. /*
  420. Decide when & how to show the revert link
  421. */
  422. $show_revert = false;
  423. if ($trashcan_enabled && $trashcan_forum == $forum_id)
  424. {
  425. if ($topic_original_topic_id != 0)
  426. {
  427. $show_revert = true;
  428. }
  429. elseif ($original_topic_id == 0 && $title != '')
  430. {
  431. $show_revert = true;
  432. }
  433. else
  434. {
  435. $show_revert = false;
  436. }
  437. }
  438. list($revert_token_id, $revert_token, $revert_token_name) = tokenCreate('topic_post_revert', $post_id);
  439. template_hook("forums/topic.template.php", "14");
  440. $start_pip = "0";
  441. while ($start_pip < $rank_pips){
  442. template_hook("forums/topic.template.php", "36");
  443. $start_pip = $start_pip + 1;
  444. }
  445. template_hook("forums/topic.template.php", "37");
  446. // show group icon
  447. if (isset(${'groups_' . $user_group_icon . '_img'}))
  448. {
  449. $group_img = ${'groups_' . $user_group_icon . '_img'};
  450. }
  451. // BB Parse...
  452. if (file_exists("themes/$theme/scripts/php/parse.php")){
  453. include "themes/$theme/scripts/php/parse.php";
  454. }
  455. else{
  456. include "scripts/php/parse.php";
  457. }
  458. /*
  459. Hook after the user's information.
  460. */
  461. $user_info_hook = '';
  462. if ($code = $Plugin->hook('topic', 'user_info'))
  463. {
  464. eval($code);
  465. }
  466. template_hook("forums/topic.template.php", "17");
  467. $result_custom = mysql_query('
  468. SELECT cf.name, cm.content
  469. FROM ' . $db_prefix . 'custom_fields cf
  470. INNER JOIN ' . $db_prefix . 'custom_members cm
  471. ON cf.id = cm.field_id AND cm.member_id = ' . $id . '
  472. ORDER BY cf.order_field ASC
  473. ');
  474. while ($results_custom = mysql_fetch_assoc($result_custom))
  475. {
  476. $custom_field_name = $results_custom['name'];
  477. $custom_profile_content = $results_custom['content'];
  478. template_hook('forums/topic.template.php', 32);
  479. }
  480. template_hook("forums/topic.template.php", "31");
  481. // Check for attachments...
  482. $query2 = "select ROW from {$db_prefix}attachments WHERE POSTID='$post_id'" ;
  483. $result2 = mysql_query($query2) or die("topic.php - Error in query: $query2") ;
  484. $attachments = mysql_num_rows($result2);
  485. if ($attachments!='0'){
  486. if ($can_download_attachment=='1'){
  487. $query2 = "select ROW, ORIGINAL_FILENAME, FILENAME, FILESIZE, DOWNLOADS, HASH from {$db_prefix}attachments WHERE POSTID='$post_id'" ;
  488. $result2 = mysql_query($query2) or die("topic.php - Error in query: $query2") ;
  489. while ($results2 = mysql_fetch_array($result2)){
  490. $row = $results2['ROW'];
  491. $original_filename = $results2['ORIGINAL_FILENAME'];
  492. $filename = $results2['FILENAME'];
  493. $filesize = $results2['FILESIZE'];
  494. $hash = $results2['HASH'];
  495. $downloads = $results2['DOWNLOADS'];
  496. $downloads=number_format($downloads);
  497. if ($attach_done[$row]!='1'){
  498. if ($filesize=='0' OR $filesize==''){
  499. $filesize = $lang['topic_attach_filesize'];
  500. }
  501. elseif ($filesize < 1024){
  502. $filesize = "$filesize bytes";
  503. }
  504. elseif ($filesize < 1048576){
  505. $filesize = $filesize/1024;
  506. $filesize = round($filesize,2);
  507. $filesize = $filesize."kb";
  508. }
  509. else{
  510. $filesize = $filesize/1048576;
  511. $filesize = round($filesize,2);
  512. $filesize = $filesize."mb";
  513. }
  514. // Check if it's an image...
  515. $parts = explode('.', $filename);
  516. $ext = $parts[count($parts)-1];
  517. $ext = strtolower($ext);
  518. if ($ext=='jpeg'){
  519. $imgSx = imagesx($nova_domain.'/uploads/attachments/'.$filename);
  520. $imgSy = imagesy($nova_domain.'/uploads/attachments/'.$filename);
  521. $filename="t_$filename";
  522. template_hook("forums/topic.template.php", "18");
  523. }
  524. elseif ($ext=='jpg'){
  525. $imgSx = imagesx($nova_domain.'/uploads/attachments/'.$filename);
  526. $imgSy = imagesy($nova_domain.'/uploads/attachments/'.$filename);
  527. $filename="t_$filename";
  528. template_hook("forums/topic.template.php", "18");
  529. }
  530. elseif ($ext=='gif'){
  531. $imgSx = imagesx($nova_domain.'/uploads/attachments/'.$filename);
  532. $imgSy = imagesy($nova_domain.'/uploads/attachments/'.$filename);
  533. $filename="t_$filename";
  534. template_hook("forums/topic.template.php", "18");
  535. }
  536. elseif ($ext=='png'){
  537. $imgSx = imagesx($nova_domain.'/uploads/attachments/'.$filename);
  538. $imgSy = imagesy($nova_domain.'/uploads/attachments/'.$filename);
  539. $filename="t_$filename";
  540. template_hook("forums/topic.template.php", "18");
  541. }
  542. else{
  543. template_hook("forums/topic.template.php", "19");
  544. }
  545. }
  546. }
  547. }
  548. else{
  549. template_hook("forums/topic.template.php", "20");
  550. }
  551. }
  552. template_hook("forums/topic.template.php", "21");
  553. if ($edit_reason!=''){
  554. template_hook("forums/topic.template.php", "22");
  555. }
  556. if ($can_edit_others_posts=='1'){
  557. if($store_post_history=='1'){
  558. $query1211 = "select ROW, CONTENT, MEMBER, DATE, EDIT_REASON from {$db_prefix}posts_edit WHERE POST='$post_id' ORDER BY ROW desc LIMIT 10";
  559. $result1211 = mysql_query($query1211) or die("topic.php - Error in query: $query1211");
  560. $edited_count = mysql_num_rows($result1211);
  561. if ($edited_count!='0'){
  562. template_hook("forums/topic.template.php", "33");
  563. }
  564. while ($results1211 = mysql_fetch_array($result1211)){
  565. $edited_row = $results1211['ROW'];
  566. $edited_content = $results1211['CONTENT'];
  567. $edited_content=strip_slashes($edited_content);
  568. $edited_member = $results1211['MEMBER'];
  569. $edited_date = $results1211['DATE'];
  570. $edited_reason = $results1211['EDIT_REASON'];
  571. $edited_date = format_date($edited_date, '%m/%d/%y %H:%M');
  572. $edited_reason = strip_slashes($edited_reason);
  573. $content=$edited_content;
  574. // spoiler tags screw rest of post, sort it!
  575. $content=str_replace("[spoiler]","[spoiler_edit]",$content);
  576. $content=str_replace("[/spoiler]","[/spoiler_edit]",$content);
  577. if ($edited_reason==''){
  578. $edited_reason = $lang['topic_edited_unknown'];
  579. }
  580. $query_edit = "select NAME, ROLE from {$db_prefix}members WHERE ID = '$edited_member'" ;
  581. $result_edit = mysql_query($query_edit) or die("topic.php - Error in query: $query_edit") ;
  582. while ($results_edit = mysql_fetch_array($result_edit)){
  583. $edited_by_name = $results_edit['NAME'];
  584. $edited_by_name = strip_slashes($edited_by_name);
  585. $edited_member_role = $results_edit['ROLE'];
  586. }
  587. // BB Parse...
  588. if (file_exists("themes/$theme/scripts/php/parse.php")){
  589. include "themes/$theme/scripts/php/parse.php";
  590. }
  591. else{
  592. include "scripts/php/parse.php";
  593. }
  594. if ($edited_count!='0'){
  595. template_hook("forums/topic.template.php", "34");
  596. }
  597. }
  598. if ($edited_count!='0'){
  599. template_hook("forums/topic.template.php", "35");
  600. }
  601. }
  602. }
  603. // Now.. what about that sig huh?...
  604. if ($signature!=''){
  605. $content=$signature;
  606. // BB Parse...
  607. if (file_exists("themes/$theme/scripts/php/parse.php")){
  608. include "themes/$theme/scripts/php/parse.php";
  609. }
  610. else{
  611. include "scripts/php/parse.php";
  612. }
  613. template_hook("forums/topic.template.php", "23");
  614. }
  615. $query2167 = "select ROLE from {$db_prefix}members WHERE ID='$id'" ;
  616. $result2167 = mysql_query($query2167) or die("topic.php - Error in query: $query2167") ;
  617. $users_role = mysql_result($result2167, 0);
  618. // PERMISSIONS! Can the recipient PM???!!!
  619. $query2168 = "select CAN_PM from {$db_prefix}groups WHERE GROUP_ID='$users_role'" ;
  620. $result2168 = mysql_query($query2168) or die("topic.php - Error in query: $query2168") ;
  621. $can_pm_this_member = mysql_result($result2168, 0);
  622. $query29 = "select NAME from {$db_prefix}members WHERE ID='$member'" ;
  623. $result29 = mysql_query($query29) or die("topic.php - Error in query: $query29") ;
  624. $member_name = mysql_result($result29, 0);
  625. $member_name = strip_slashes($member_name);
  626. $token_name_edit = "token_edit_$post_id$token_id";
  627. $_SESSION[$token_name_edit] = $token;
  628. list($delete_token_id, $delete_token, $delete_token_name) = tokenCreate('topic_post_delete', $post_id);
  629. /*
  630. Hook next to the reply, quote, edit, buttons.
  631. */
  632. $post_buttons_hook = '';
  633. if ($code = $Plugin->hook('topic', 'post_buttons'))
  634. {
  635. eval($code);
  636. }
  637. template_hook("forums/topic.template.php", "24");
  638. // now reset everything...
  639. $usertitle="";
  640. $avatar="";
  641. $remote_avatar="";
  642. $id="";
  643. $warn_notes="";
  644. $role="";
  645. $member_role="";
  646. $group_img = "";
  647. $rank_title="";
  648. $rank_pips="";
  649. $member_online="";
  650. $user_group_icon="";
  651. $user_group_name="";
  652. $user_group_color="";
  653. $role_img="";
  654. $num_posts="0";
  655. $register_date="";
  656. $location="";
  657. $custom_field_name="";
  658. $custom_profile_content="";
  659. $signature = "";
  660. }
  661. // Find all online...
  662. $query2 = "select ID from {$db_prefix}sessions WHERE ID<='0' AND LOCATION_TOPIC='$topic'" ;
  663. $result2 = mysql_query($query2) or die("topic.php - Error in query: $query2") ;
  664. $guests=mysql_num_rows($result2);
  665. $query3 = "select ID from {$db_prefix}sessions WHERE ID>'0' AND LOCATION_TOPIC='$topic'" ;
  666. $result3 = mysql_query($query3) or die("topic.php - Error in query: $query3") ;
  667. $members=mysql_num_rows($result3);
  668. $lang['topic_viewing'] = str_replace("<%1>", "<strong>$guests</strong>", $lang['topic_viewing']);
  669. $lang['topic_viewing'] = str_replace("<%2>", "<strong>$members</strong>", $lang['topic_viewing']);
  670. // are there any previous topics?
  671. $query2918 = "select TOPIC_ID from {$db_prefix}posts WHERE TOPIC_ID < '$topic' AND FORUM_ID = '$forum_id'";
  672. $result2918 = mysql_query($query2918) or die("topic.php - Error in query: $query2918") ;
  673. $previous_topic = mysql_num_rows($result2918);
  674. if ($previous_topic!='0'){
  675. $query2918 = "select TOPIC_ID from {$db_prefix}posts WHERE TOPIC_ID < '$topic' AND FORUM_ID = '$forum_id' ORDER BY TOPIC_ID desc LIMIT 1";
  676. $result2918 = mysql_query($query2918) or die("topic.php - Error in query: $query2918") ;
  677. $previous_topic_id = mysql_result($result2918, 0);
  678. }
  679. else{
  680. $previous_topic_id="";
  681. $lang['topic_previous']="";
  682. }
  683. // are there any future topics?
  684. $query2918 = "select TOPIC_ID from {$db_prefix}posts WHERE TOPIC_ID > '$topic' AND FORUM_ID = '$forum_id' ORDER BY TOPIC_ID desc LIMIT 1" ;
  685. $result2918 = mysql_query($query2918) or die("topic.php - Error in query: $query2918") ;
  686. $next_topic = mysql_num_rows($result2918);
  687. if ($next_topic!='0'){
  688. $query2918 = "select TOPIC_ID from {$db_prefix}posts WHERE TOPIC_ID > '$topic' AND FORUM_ID = '$forum_id' ORDER BY TOPIC_ID desc LIMIT 1";
  689. $result2918 = mysql_query($query2918) or die("topic.php - Error in query: $query2918") ;
  690. $next_topic_id = mysql_result($result2918, 0);
  691. }
  692. else{
  693. $next_topic_id="";
  694. $lang['topic_next']="";
  695. }
  696. $previous_title = topic_title($previous_topic_id);
  697. $next_title = topic_title($next_topic_id);
  698. template_hook("forums/topic.template.php", "25");
  699. $count_online_count="1";
  700. $query2 = "select ID, LOCATION_FORUM, LOCATION_TOPIC, LOCATION_PAGE, TIME from {$db_prefix}sessions WHERE ID!='0' AND LOCATION_TOPIC='$topic' ORDER BY TIME desc" ;
  701. $result2 = mysql_query($query2) or die("topic.php - Error in query: $query2") ;
  702. $count_online=mysql_num_rows($result2);
  703. while ($results2 = mysql_fetch_array($result2)){
  704. $id = $results2['ID'];
  705. $time = $results2['TIME'];
  706. $time = format_date($time, '%A, %R');
  707. $location_forum = $results2['LOCATION_FORUM'];
  708. $location_topic = $results2['LOCATION_TOPIC'];
  709. $location_page = $results2['LOCATION_PAGE'];
  710. // Get name...
  711. if ($id > '0'){
  712. $query21 = "select NAME, ROLE, NATIONALITY from {$db_prefix}members WHERE ID='$id'" ;
  713. $result21 = mysql_query($query21) or die("topic.php - Error in query: $query21") ;
  714. while ($results21 = mysql_fetch_array($result21)){
  715. $name = $results21['NAME'];
  716. $name = strip_slashes($name);
  717. $role = $results21['ROLE'];
  718. $nationality = $results21['NATIONALITY'];
  719. }
  720. }
  721. else{
  722. $query21 = "select BOT_NAME from {$db_prefix}bots WHERE BOT_ID='$id'" ;
  723. $result21 = mysql_query($query21) or die("board.php - Error in query: $query21") ;
  724. $name = mysql_result($result21, 0);
  725. $role="3";
  726. }
  727. if ($count_online_count==$count_online){
  728. template_hook("forums/topic.template.php", "26");
  729. }
  730. else{
  731. $count_online_count=$count_online_count+1;
  732. template_hook("forums/topic.template.php", "27");
  733. }
  734. }
  735. template_hook("forums/topic.template.php", "28");
  736. // Get page numbers...
  737. $query = "select ID from {$db_prefix}posts WHERE TOPIC_ID='$topic'" ;
  738. $result = mysql_query($query) or die("topic.php - Error in query: $query") ;
  739. $number_of_posts=mysql_num_rows($result);
  740. if ($_GET['limit']==''){
  741. $limit=0;
  742. }
  743. elseif($_GET['limit']=='0'){
  744. $limit=0;
  745. }
  746. else {
  747. $limit=escape_string($_GET['limit']) - 1;
  748. $limit=($limit*$list_posts);
  749. }
  750. $pages=ceil($number_of_posts/$list_posts);
  751. $pages_end = $pages;
  752. if ($pages <= '1'){
  753. }
  754. else{
  755. template_hook("forums/topic.template.php", "2");
  756. }
  757. template_hook("forums/topic.template.php", "29");
  758. // Can they Post?
  759. template_hook("forums/topic.template.php", "30");
  760. }
  761. template_hook("forums/topic.template.php", "end");
  762. ?>