| [ Index ] |
|
Code source de PHP NUKE 7.9 |
1 <?php 2 /*************************************************************************** 3 * posting.php 4 * ------------------- 5 * begin : Saturday, Feb 13, 2001 6 * copyright : (C) 2001 The phpBB Group 7 * email : support@phpbb.com 8 * 9 * Id: posting.php,v 1.159.2.23 2005/05/06 20:50:10 acydburn Exp 10 * 11 * 12 ***************************************************************************/ 13 14 /*************************************************************************** 15 * 16 * This program is free software; you can redistribute it and/or modify 17 * it under the terms of the GNU General Public License as published by 18 * the Free Software Foundation; either version 2 of the License, or 19 * (at your option) any later version. 20 * 21 ***************************************************************************/ 22 if ( !defined('MODULE_FILE') ) 23 { 24 die("You can't access this file directly..."); 25 } 26 if ($popup != "1"){ 27 $module_name = basename(dirname(__FILE__)); 28 require("modules/".$module_name."/nukebb.php"); 29 } 30 else 31 { 32 $phpbb_root_path = 'modules/Forums/'; 33 } 34 35 define('IN_PHPBB', true); 36 include ($phpbb_root_path . 'extension.inc'); 37 include($phpbb_root_path . 'common.'.$phpEx); 38 include_once ("includes/bbcode.php"); 39 include ("includes/functions_post.php"); 40 41 // 42 // Check and set various parameters 43 // 44 $params = array('submit' => 'post', 'preview' => 'preview', 'delete' => 'delete', 'poll_delete' => 'poll_delete', 'poll_add' => 'add_poll_option', 'poll_edit' => 'edit_poll_option', 'mode' => 'mode'); 45 while( list($var, $param) = @each($params) ) 46 { 47 if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) ) 48 { 49 $$var = ( !empty($HTTP_POST_VARS[$param]) ) ? htmlspecialchars($HTTP_POST_VARS[$param]) : htmlspecialchars($HTTP_GET_VARS[$param]); 50 } 51 else 52 { 53 $$var = ''; 54 } 55 } 56 $confirm = isset($HTTP_POST_VARS['confirm']) ? true : false; 57 $params = array('forum_id' => POST_FORUM_URL, 'topic_id' => POST_TOPIC_URL, 'post_id' => POST_POST_URL); 58 while( list($var, $param) = @each($params) ) 59 { 60 if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) ) 61 { 62 $$var = ( !empty($HTTP_POST_VARS[$param]) ) ? intval($HTTP_POST_VARS[$param]) : intval($HTTP_GET_VARS[$param]); 63 } 64 else 65 { 66 $$var = ''; 67 } 68 } 69 70 $refresh = $preview || $poll_add || $poll_edit || $poll_delete; 71 72 // 73 // Set topic type 74 // 75 $topic_type = ( !empty($HTTP_POST_VARS['topictype']) ) ? intval($HTTP_POST_VARS['topictype']) : POST_NORMAL; 76 77 // 78 // If the mode is set to topic review then output 79 // that review ... 80 // 81 if ( $mode == 'topicreview' ) 82 { 83 require ("includes/topic_review.php"); 84 85 topic_review($topic_id, false); 86 exit; 87 } 88 else if ( $mode == 'smilies' ) 89 { 90 generate_smilies('window', PAGE_POSTING); 91 exit; 92 } 93 94 // 95 // Start session management 96 // 97 $userdata = session_pagestart($user_ip, PAGE_POSTING, $nukeuser); 98 init_userprefs($userdata); 99 // 100 // End session management 101 // 102 103 // 104 // Was cancel pressed? If so then redirect to the appropriate 105 // page, no point in continuing with any further checks 106 // 107 if ( isset($HTTP_POST_VARS['cancel']) ) 108 { 109 if ( $post_id ) 110 { 111 $redirect = "viewtopic.$phpEx?" . POST_POST_URL . "=$post_id"; 112 $post_append = "#$post_id"; 113 } 114 else if ( $topic_id ) 115 { 116 $redirect = "viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id"; 117 $post_append = ''; 118 } 119 else if ( $forum_id ) 120 { 121 $redirect = "viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id"; 122 $post_append = ''; 123 } 124 else 125 { 126 $redirect = "index.$phpEx"; 127 $post_append = ''; 128 } 129 130 $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', $_SERVER['SERVER_SOFTWARE']) ) ? 'Refresh: 0; URL=' : 'Location: '; 131 header($header_location . append_sid($redirect, true) . $post_append); 132 exit; 133 } 134 135 // 136 // What auth type do we need to check? 137 // 138 $is_auth = array(); 139 switch( $mode ) 140 { 141 case 'newtopic': 142 if ( $topic_type == POST_ANNOUNCE ) 143 { 144 $is_auth_type = 'auth_announce'; 145 } 146 else if ( $topic_type == POST_STICKY ) 147 { 148 $is_auth_type = 'auth_sticky'; 149 } 150 else 151 { 152 $is_auth_type = 'auth_post'; 153 } 154 break; 155 case 'reply': 156 case 'quote': 157 $is_auth_type = 'auth_reply'; 158 break; 159 case 'editpost': 160 $is_auth_type = 'auth_edit'; 161 break; 162 case 'delete': 163 case 'poll_delete': 164 $is_auth_type = 'auth_delete'; 165 break; 166 case 'vote': 167 $is_auth_type = 'auth_vote'; 168 break; 169 case 'topicreview': 170 $is_auth_type = 'auth_read'; 171 break; 172 default: 173 message_die(GENERAL_MESSAGE, $lang['No_post_mode']); 174 break; 175 } 176 177 // 178 // Here we do various lookups to find topic_id, forum_id, post_id etc. 179 // Doing it here prevents spoofing (eg. faking forum_id, topic_id or post_id 180 // 181 $error_msg = ''; 182 $post_data = array(); 183 switch ( $mode ) 184 { 185 case 'newtopic': 186 if ( empty($forum_id) ) 187 { 188 message_die(GENERAL_MESSAGE, $lang['Forum_not_exist']); 189 } 190 191 $sql = "SELECT * 192 FROM " . FORUMS_TABLE . " 193 WHERE forum_id = '$forum_id'"; 194 break; 195 196 case 'reply': 197 case 'vote': 198 if ( empty( $topic_id) ) 199 { 200 message_die(GENERAL_MESSAGE, $lang['No_topic_id']); 201 } 202 203 $sql = "SELECT f.*, t.topic_status, t.topic_title 204 FROM " . FORUMS_TABLE . " f, " . TOPICS_TABLE . " t 205 WHERE t.topic_id = '$topic_id' 206 AND f.forum_id = t.forum_id"; 207 break; 208 209 case 'quote': 210 case 'editpost': 211 case 'delete': 212 case 'poll_delete': 213 if ( empty($post_id) ) 214 { 215 message_die(GENERAL_MESSAGE, $lang['No_post_id']); 216 } 217 218 $select_sql = ( !$submit ) ? ", t.topic_title, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig" : ''; 219 $from_sql = ( !$submit ) ? ", " . POSTS_TEXT_TABLE . " pt, " . USERS_TABLE . " u" : ''; 220 $where_sql = ( !$submit ) ? "AND pt.post_id = p.post_id AND u.user_id = p.poster_id" : ''; 221 222 $sql = "SELECT f.*, t.topic_id, t.topic_status, t.topic_type, t.topic_first_post_id, t.topic_last_post_id, t.topic_vote, p.post_id, p.poster_id" . $select_sql . " 223 FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f" . $from_sql . " 224 WHERE p.post_id = '$post_id' 225 AND t.topic_id = p.topic_id 226 AND f.forum_id = p.forum_id 227 $where_sql"; 228 break; 229 230 default: 231 message_die(GENERAL_MESSAGE, $lang['No_valid_mode']); 232 } 233 234 if ( $result = $db->sql_query($sql) ) 235 { 236 $post_info = $db->sql_fetchrow($result); 237 $db->sql_freeresult($result); 238 239 $forum_id = $post_info['forum_id']; 240 $forum_name = $post_info['forum_name']; 241 242 $is_auth = auth(AUTH_ALL, $forum_id, $userdata, $post_info); 243 244 if ( $post_info['forum_status'] == FORUM_LOCKED && !$is_auth['auth_mod']) 245 { 246 message_die(GENERAL_MESSAGE, $lang['Forum_locked']); 247 } 248 else if ( $mode != 'newtopic' && $post_info['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod']) 249 { 250 message_die(GENERAL_MESSAGE, $lang['Topic_locked']); 251 } 252 253 if ( $mode == 'editpost' || $mode == 'delete' || $mode == 'poll_delete' ) 254 { 255 $topic_id = $post_info['topic_id']; 256 257 $post_data['poster_post'] = ( $post_info['poster_id'] == $userdata['user_id'] ) ? true : false; 258 $post_data['first_post'] = ( $post_info['topic_first_post_id'] == $post_id ) ? true : false; 259 $post_data['last_post'] = ( $post_info['topic_last_post_id'] == $post_id ) ? true : false; 260 $post_data['last_topic'] = ( $post_info['forum_last_post_id'] == $post_id ) ? true : false; 261 $post_data['has_poll'] = ( $post_info['topic_vote'] ) ? true : false; 262 $post_data['topic_type'] = $post_info['topic_type']; 263 $post_data['poster_id'] = $post_info['poster_id']; 264 265 if ( $post_data['first_post'] && $post_data['has_poll'] ) 266 { 267 $sql = "SELECT * 268 FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr 269 WHERE vd.topic_id = '$topic_id' 270 AND vr.vote_id = vd.vote_id 271 ORDER BY vr.vote_option_id"; 272 if ( !($result = $db->sql_query($sql)) ) 273 { 274 message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql); 275 } 276 277 $poll_options = array(); 278 $poll_results_sum = 0; 279 if ( $row = $db->sql_fetchrow($result) ) 280 { 281 $poll_title = $row['vote_text']; 282 $poll_id = $row['vote_id']; 283 $poll_length = $row['vote_length'] / 86400; 284 285 do 286 { 287 $poll_options[$row['vote_option_id']] = $row['vote_option_text']; 288 $poll_results_sum += $row['vote_result']; 289 } 290 while ( $row = $db->sql_fetchrow($result) ); 291 } 292 $db->sql_freeresult($result); 293 294 $post_data['edit_poll'] = ( ( !$poll_results_sum || $is_auth['auth_mod'] ) && $post_data['first_post'] ) ? true : 0; 295 } 296 else 297 { 298 $post_data['edit_poll'] = ($post_data['first_post'] && $is_auth['auth_pollcreate']) ? true : false; 299 } 300 301 // 302 // Can this user edit/delete the post/poll? 303 // 304 if ( $post_info['poster_id'] != $userdata['user_id'] && !$is_auth['auth_mod'] ) 305 { 306 $message = ( $delete || $mode == 'delete' ) ? $lang['Delete_own_posts'] : $lang['Edit_own_posts']; 307 $message .= '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>'); 308 309 message_die(GENERAL_MESSAGE, $message); 310 } 311 else if ( !$post_data['last_post'] && !$is_auth['auth_mod'] && ( $mode == 'delete' || $delete ) ) 312 { 313 message_die(GENERAL_MESSAGE, $lang['Cannot_delete_replied']); 314 } 315 else if ( !$post_data['edit_poll'] && !$is_auth['auth_mod'] && ( $mode == 'poll_delete' || $poll_delete ) ) 316 { 317 message_die(GENERAL_MESSAGE, $lang['Cannot_delete_poll']); 318 } 319 } 320 else 321 { 322 if ( $mode == 'quote' ) 323 { 324 $topic_id = $post_info['topic_id']; 325 } 326 327 $post_data['first_post'] = ( $mode == 'newtopic' ) ? true : 0; 328 $post_data['last_post'] = false; 329 $post_data['has_poll'] = false; 330 $post_data['edit_poll'] = false; 331 } 332 } 333 else 334 { 335 message_die(GENERAL_MESSAGE, $lang['No_such_post']); 336 } 337 338 // 339 // The user is not authed, if they're not logged in then redirect 340 // them, else show them an error message 341 // 342 if ( !$is_auth[$is_auth_type] ) 343 { 344 if ( $userdata['session_logged_in'] ) 345 { 346 message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_' . $is_auth_type], $is_auth[$is_auth_type . "_type"])); 347 } 348 349 switch( $mode ) 350 { 351 case 'newtopic': 352 $redirect = "mode=newtopic&" . POST_FORUM_URL . "=" . $forum_id; 353 break; 354 case 'reply': 355 case 'topicreview': 356 $redirect = "mode=reply&" . POST_TOPIC_URL . "=" . $topic_id; 357 break; 358 case 'quote': 359 case 'editpost': 360 $redirect = "mode=quote&" . POST_POST_URL ."=" . $post_id; 361 break; 362 } 363 364 $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', $_SERVER['SERVER_SOFTWARE']) ) ? 'Refresh: 0; URL=' : 'Location: '; 365 header($header_location . append_sid("login.$phpEx?redirect=posting.$phpEx&" . $redirect, true)); 366 exit; 367 } 368 369 // 370 // Set toggles for various options 371 // 372 if ( !$board_config['allow_html'] ) 373 { 374 $html_on = 0; 375 } 376 else 377 { 378 $html_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_html']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_html'] : $userdata['user_allowhtml'] ); 379 } 380 381 if ( !$board_config['allow_bbcode'] ) 382 { 383 $bbcode_on = 0; 384 } 385 else 386 { 387 $bbcode_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_bbcode']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_bbcode'] : $userdata['user_allowbbcode'] ); 388 } 389 390 if ( !$board_config['allow_smilies'] ) 391 { 392 $smilies_on = 0; 393 } 394 else 395 { 396 $smilies_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_smilies']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_smilies'] : $userdata['user_allowsmile'] ); 397 } 398 399 if ( ($submit || $refresh) && $is_auth['auth_read']) 400 { 401 $notify_user = ( !empty($HTTP_POST_VARS['notify']) ) ? TRUE : 0; 402 } 403 else 404 { 405 if ( $mode != 'newtopic' && $userdata['session_logged_in'] && $is_auth['auth_read'] ) 406 { 407 $sql = "SELECT topic_id 408 FROM " . TOPICS_WATCH_TABLE . " 409 WHERE topic_id = '$topic_id' 410 AND user_id = " . $userdata['user_id']; 411 if ( !($result = $db->sql_query($sql)) ) 412 { 413 message_die(GENERAL_ERROR, 'Could not obtain topic watch information', '', __LINE__, __FILE__, $sql); 414 } 415 416 $notify_user = ( $db->sql_fetchrow($result) ) ? TRUE : $userdata['user_notify']; 417 $db->sql_freeresult($result); 418 } 419 else 420 { 421 $notify_user = ( $userdata['session_logged_in'] && $is_auth['auth_read'] ) ? $userdata['user_notify'] : 0; 422 } 423 } 424 425 $attach_sig = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['attach_sig']) ) ? TRUE : 0 ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? 0 : $userdata['user_attachsig'] ); 426 427 // -------------------- 428 // What shall we do? 429 // 430 if ( ( $delete || $poll_delete || $mode == 'delete' ) && !$confirm ) 431 { 432 // 433 // Confirm deletion 434 // 435 $s_hidden_fields = '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />'; 436 $s_hidden_fields .= ( $delete || $mode == "delete" ) ? '<input type="hidden" name="mode" value="delete" />' : '<input type="hidden" name="mode" value="poll_delete" />'; 437 438 $l_confirm = ( $delete || $mode == 'delete' ) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll']; 439 440 // 441 // Output confirmation page 442 // 443 include ("includes/page_header.php"); 444 445 $template->set_filenames(array( 446 'confirm_body' => 'confirm_body.tpl') 447 ); 448 449 $template->assign_vars(array( 450 'MESSAGE_TITLE' => $lang['Information'], 451 'MESSAGE_TEXT' => $l_confirm, 452 453 'L_YES' => $lang['Yes'], 454 'L_NO' => $lang['No'], 455 456 'S_CONFIRM_ACTION' => append_sid("posting.$phpEx"), 457 'S_HIDDEN_FIELDS' => $s_hidden_fields) 458 ); 459 460 $template->pparse('confirm_body'); 461 462 include ("includes/page_tail.php"); 463 } 464 else if ( $mode == 'vote' ) 465 { 466 // 467 // Vote in a poll 468 // 469 if ( !empty($HTTP_POST_VARS['vote_id']) ) 470 { 471 $vote_option_id = intval($HTTP_POST_VARS['vote_id']); 472 473 $sql = "SELECT vd.vote_id 474 FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr 475 WHERE vd.topic_id = '$topic_id' 476 AND vr.vote_id = vd.vote_id 477 AND vr.vote_option_id = '$vote_option_id' 478 GROUP BY vd.vote_id"; 479 if ( !($result = $db->sql_query($sql)) ) 480 { 481 message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql); 482 } 483 484 if ( $vote_info = $db->sql_fetchrow($result) ) 485 { 486 $vote_id = $vote_info['vote_id']; 487 488 $sql = "SELECT * 489 FROM " . VOTE_USERS_TABLE . " 490 WHERE vote_id = '$vote_id' 491 AND vote_user_id = " . $userdata['user_id']; 492 if ( !($result2 = $db->sql_query($sql)) ) 493 { 494 message_die(GENERAL_ERROR, 'Could not obtain user vote data for this topic', '', __LINE__, __FILE__, $sql); 495 } 496 497 if ( !($row = $db->sql_fetchrow($result2)) ) 498 { 499 $sql = "UPDATE " . VOTE_RESULTS_TABLE . " 500 SET vote_result = vote_result + 1 501 WHERE vote_id = '$vote_id' 502 AND vote_option_id = '$vote_option_id'"; 503 if ( !$db->sql_query($sql, BEGIN_TRANSACTION) ) 504 { 505 message_die(GENERAL_ERROR, 'Could not update poll result', '', __LINE__, __FILE__, $sql); 506 } 507 508 $sql = "INSERT INTO " . VOTE_USERS_TABLE . " (vote_id, vote_user_id, vote_user_ip) 509 VALUES ('$vote_id', " . $userdata['user_id'] . ", '$user_ip')"; 510 if ( !$db->sql_query($sql, END_TRANSACTION) ) 511 { 512 message_die(GENERAL_ERROR, "Could not insert user_id for poll", "", __LINE__, __FILE__, $sql); 513 } 514 515 $message = $lang['Vote_cast']; 516 } 517 else 518 { 519 $message = $lang['Already_voted']; 520 } 521 $db->sql_freeresult($result2); 522 } 523 else 524 { 525 $message = $lang['No_vote_option']; 526 } 527 $db->sql_freeresult($result); 528 529 $template->assign_vars(array( 530 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">') 531 ); 532 $message .= '<br /><br />' . sprintf($lang['Click_view_message'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>'); 533 message_die(GENERAL_MESSAGE, $message); 534 } 535 else 536 { 537 redirect(append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id", true)); 538 } 539 } 540 else if ( $submit || $confirm ) 541 { 542 // 543 // Submit post/vote (newtopic, edit, reply, etc.) 544 // 545 $return_message = ''; 546 $return_meta = ''; 547 548 switch ( $mode ) 549 { 550 case 'editpost': 551 case 'newtopic': 552 case 'reply': 553 $username = ( !empty($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : ''; 554 $subject = ( !empty($HTTP_POST_VARS['subject']) ) ? trim($HTTP_POST_VARS['subject']) : ''; 555 $message = ( !empty($HTTP_POST_VARS['message']) ) ? $HTTP_POST_VARS['message'] : ''; 556 $poll_title = ( isset($HTTP_POST_VARS['poll_title']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_title'] : ''; 557 $poll_options = ( isset($HTTP_POST_VARS['poll_option_text']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_option_text'] : ''; 558 $poll_length = ( isset($HTTP_POST_VARS['poll_length']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_length'] : ''; 559 $bbcode_uid = ''; 560 561 prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $message, $poll_title, $poll_options, $poll_length); 562 563 if ( $error_msg == '' ) 564 { 565 $topic_type = ( $topic_type != $post_data['topic_type'] && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] ) ? $post_data['topic_type'] : $topic_type; 566 567 submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, str_replace("\'", "''", $username), str_replace("\'", "''", $subject), str_replace("\'", "''", $message), str_replace("\'", "''", $poll_title), $poll_options, $poll_length); 568 } 569 break; 570 571 case 'delete': 572 case 'poll_delete': 573 delete_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id); 574 break; 575 } 576 577 if ( $error_msg == '' ) 578 { 579 if ( $mode != 'editpost' ) 580 { 581 $user_id = ( $mode == 'reply' || $mode == 'newtopic' ) ? $userdata['user_id'] : $post_data['poster_id']; 582 update_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $user_id); 583 } 584 585 if ($error_msg == '' && $mode != 'poll_delete') 586 { 587 user_notification($mode, $post_data, $post_info['topic_title'], $forum_id, $topic_id, $post_id, $notify_user); 588 } 589 590 if ( $mode == 'newtopic' || $mode == 'reply' ) 591 { 592 $tracking_topics = ( !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) : array(); 593 $tracking_forums = ( !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) : array(); 594 595 if ( count($tracking_topics) + count($tracking_forums) == 100 && empty($tracking_topics[$topic_id]) ) 596 { 597 asort($tracking_topics); 598 unset($tracking_topics[key($tracking_topics)]); 599 } 600 601 $tracking_topics[$topic_id] = time(); 602 603 setcookie($board_config['cookie_name'] . '_t', serialize($tracking_topics), 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); 604 } 605 606 $template->assign_vars(array( 607 'META' => $return_meta) 608 ); 609 message_die(GENERAL_MESSAGE, $return_message); 610 } 611 } 612 613 if( $refresh || isset($HTTP_POST_VARS['del_poll_option']) || $error_msg != '' ) 614 { 615 $username = ( !empty($HTTP_POST_VARS['username']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['username']))) : ''; 616 $subject = ( !empty($HTTP_POST_VARS['subject']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['subject']))) : ''; 617 $message = ( !empty($HTTP_POST_VARS['message']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['message']))) : ''; 618 619 $poll_title = ( !empty($HTTP_POST_VARS['poll_title']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['poll_title']))) : ''; 620 $poll_length = ( isset($HTTP_POST_VARS['poll_length']) ) ? max(0, intval($HTTP_POST_VARS['poll_length'])) : 0; 621 622 $poll_options = array(); 623 if ( !empty($HTTP_POST_VARS['poll_option_text']) ) 624 { 625 while( list($option_id, $option_text) = @each($HTTP_POST_VARS['poll_option_text']) ) 626 { 627 if( isset($HTTP_POST_VARS['del_poll_option'][$option_id]) ) 628 { 629 unset($poll_options[$option_id]); 630 } 631 else if ( !empty($option_text) ) 632 { 633 $poll_options[$option_id] = htmlspecialchars(trim(stripslashes($option_text))); 634 } 635 } 636 } 637 638 if ( isset($poll_add) && !empty($HTTP_POST_VARS['add_poll_option_text']) ) 639 { 640 $poll_options[] = htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['add_poll_option_text']))); 641 } 642 643 if ( $mode == 'newtopic' || $mode == 'reply') 644 { 645 $user_sig = ( $userdata['user_sig'] != '' && $board_config['allow_sig'] ) ? $userdata['user_sig'] : ''; 646 } 647 else if ( $mode == 'editpost' ) 648 { 649 $user_sig = ( $post_info['user_sig'] != '' && $board_config['allow_sig'] ) ? $post_info['user_sig'] : ''; 650 } 651 652 if( $preview ) 653 { 654 $orig_word = array(); 655 $replacement_word = array(); 656 obtain_word_list($orig_word, $replacement_word); 657 658 $bbcode_uid = ( $bbcode_on ) ? make_bbcode_uid() : ''; 659 $preview_message = stripslashes(prepare_message(addslashes(unprepare_message($message)), $html_on, $bbcode_on, $smilies_on, $bbcode_uid)); 660 $preview_subject = $subject; 661 $preview_username = $username; 662 663 // 664 // Finalise processing as per viewtopic 665 // 666 if( !$html_on ) 667 { 668 if( $user_sig != '' || !$userdata['user_allowhtml'] ) 669 { 670 $user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', '<\2>', $user_sig); 671 } 672 } 673 674 if( $attach_sig && $user_sig != '' && $userdata['user_sig_bbcode_uid'] ) 675 { 676 $user_sig = bbencode_second_pass($user_sig, $userdata['user_sig_bbcode_uid']); 677 } 678 679 if( $bbcode_on ) 680 { 681 $preview_message = bbencode_second_pass($preview_message, $bbcode_uid); 682 } 683 684 if( !empty($orig_word) ) 685 { 686 $preview_username = ( !empty($username) ) ? preg_replace($orig_word, $replacement_word, $preview_username) : ''; 687 $preview_subject = ( !empty($subject) ) ? preg_replace($orig_word, $replacement_word, $preview_subject) : ''; 688 $preview_message = ( !empty($preview_message) ) ? preg_replace($orig_word, $replacement_word, $preview_message) : ''; 689 } 690 691 if( $user_sig != '' ) 692 { 693 $user_sig = make_clickable($user_sig); 694 } 695 $preview_message = make_clickable($preview_message); 696 697 if( $smilies_on ) 698 { 699 if( $userdata['user_allowsmile'] && $user_sig != '' ) 700 { 701 $user_sig = smilies_pass($user_sig); 702 } 703 704 $preview_message = smilies_pass($preview_message); 705 } 706 707 if( $attach_sig && $user_sig != '' ) 708 { 709 $preview_message = $preview_message . '<br /><br />_________________<br />' . $user_sig; 710 } 711 712 $preview_message = str_replace("\n", '<br />', $preview_message); 713 714 $template->set_filenames(array( 715 'preview' => 'posting_preview.tpl') 716 ); 717 718 $template->assign_vars(array( 719 'TOPIC_TITLE' => $preview_subject, 720 'POST_SUBJECT' => $preview_subject, 721 'POSTER_NAME' => $preview_username, 722 'POST_DATE' => create_date($board_config['default_dateformat'], time(), $board_config['board_timezone']), 723 'MESSAGE' => $preview_message, 724 725 'L_POST_SUBJECT' => $lang['Post_subject'], 726 'L_PREVIEW' => $lang['Preview'], 727 'L_POSTED' => $lang['Posted'], 728 'L_POST' => $lang['Post']) 729 ); 730 $template->assign_var_from_handle('POST_PREVIEW_BOX', 'preview'); 731 } 732 else if( $error_msg != '' ) 733 { 734 $template->set_filenames(array( 735 'reg_header' => 'error_body.tpl') 736 ); 737 $template->assign_vars(array( 738 'ERROR_MESSAGE' => $error_msg) 739 ); 740 $template->assign_var_from_handle('ERROR_BOX', 'reg_header'); 741 } 742 } 743 else 744 { 745 // 746 // User default entry point 747 // 748 if ( $mode == 'newtopic' ) 749 { 750 $user_sig = ( $userdata['user_sig'] != '' ) ? $userdata['user_sig'] : ''; 751 752 $username = ($userdata['session_logged_in']) ? $userdata['username'] : ''; 753 $poll_title = ''; 754 $poll_length = ''; 755 $subject = ''; 756 $message = ''; 757 } 758 else if ( $mode == 'reply' ) 759 { 760 $user_sig = ( $userdata['user_sig'] != '' ) ? $userdata['user_sig'] : ''; 761 762 $username = ( $userdata['session_logged_in'] ) ? $userdata['username'] : ''; 763 $subject = ''; 764 $message = ''; 765 766 } 767 else if ( $mode == 'quote' || $mode == 'editpost' ) 768 { 769 $subject = ( $post_data['first_post'] ) ? $post_info['topic_title'] : $post_info['post_subject']; 770 $message = $post_info['post_text']; 771 772 if ( $mode == 'editpost' ) 773 { 774 $attach_sig = ( $post_info['enable_sig'] && $post_info['user_sig'] != '' ) ? TRUE : 0; 775 $user_sig = $post_info['user_sig']; 776 777 $html_on = ( $post_info['enable_html'] ) ? true : false; 778 $bbcode_on = ( $post_info['enable_bbcode'] ) ? true : false; 779 $smilies_on = ( $post_info['enable_smilies'] ) ? true : false; 780 } 781 else 782 { 783 $attach_sig = ( $userdata['user_attachsig'] ) ? TRUE : 0; 784 $user_sig = $userdata['user_sig']; 785 } 786 787 if ( $post_info['bbcode_uid'] != '' ) 788 { 789 $message = preg_replace('/\:(([a-z0-9]:)?)' . $post_info['bbcode_uid'] . '/s', '', $message); 790 } 791 792 $message = str_replace('<', '<', $message); 793 $message = str_replace('>', '>', $message); 794 $message = str_replace('<br />', "\n", $message); 795 796 if ( $mode == 'quote' ) 797 { 798 $orig_word = array(); 799 $replacement_word = array(); 800 obtain_word_list($orig_word, $replace_word); 801 802 $msg_date = create_date($board_config['default_dateformat'], $postrow['post_time'], $board_config['board_timezone']); 803 804 // Use trim to get rid of spaces placed there by MS-SQL 2000 805 $quote_username = ( trim($post_info['post_username']) != '' ) ? $post_info['post_username'] : $post_info['username']; 806 $message = '[quote="' . $quote_username . '"]' . $message . '[/quote]'; 807 808 if ( !empty($orig_word) ) 809 { 810 $subject = ( !empty($subject) ) ? preg_replace($orig_word, $replace_word, $subject) : ''; 811 $message = ( !empty($message) ) ? preg_replace($orig_word, $replace_word, $message) : ''; 812 } 813 814 if ( !preg_match('/^Re:/', $subject) && strlen($subject) > 0 ) 815 { 816 $subject = 'Re: ' . $subject; 817 } 818 819 $mode = 'reply'; 820 } 821 else 822 { 823 $username = ( $post_info['user_id'] == ANONYMOUS && !empty($post_info['post_username']) ) ? $post_info['post_username'] : ''; 824 } 825 } 826 } 827 828 // 829 // Signature toggle selection 830 // 831 if( $user_sig != '' ) 832 { 833 $template->assign_block_vars('switch_signature_checkbox', array()); 834 } 835 836 // 837 // HTML toggle selection 838 // 839 if ( $board_config['allow_html'] ) 840 { 841 $html_status = $lang['HTML_is_ON']; 842 $template->assign_block_vars('switch_html_checkbox', array()); 843 } 844 else 845 { 846 $html_status = $lang['HTML_is_OFF']; 847 } 848 849 // 850 // BBCode toggle selection 851 // 852 if ( $board_config['allow_bbcode'] ) 853 { 854 $bbcode_status = $lang['BBCode_is_ON']; 855 $template->assign_block_vars('switch_bbcode_checkbox', array()); 856 } 857 else 858 { 859 $bbcode_status = $lang['BBCode_is_OFF']; 860 } 861 862 // 863 // Smilies toggle selection 864 // 865 if ( $board_config['allow_smilies'] ) 866 { 867 $smilies_status = $lang['Smilies_are_ON']; 868 $template->assign_block_vars('switch_smilies_checkbox', array()); 869 } 870 else 871 { 872 $smilies_status = $lang['Smilies_are_OFF']; 873 } 874 875 if( !$userdata['session_logged_in'] || ( $mode == 'editpost' && $post_info['poster_id'] == ANONYMOUS ) ) 876 { 877 $template->assign_block_vars('switch_username_select', array()); 878 } 879 880 // 881 // Notify checkbox - only show if user is logged in 882 // 883 if ( $userdata['session_logged_in'] && $is_auth['auth_read'] ) 884 { 885 if ( $mode != 'editpost' || ( $mode == 'editpost' && $post_info['poster_id'] != ANONYMOUS ) ) 886 { 887 $template->assign_block_vars('switch_notify_checkbox', array()); 888 } 889 } 890 891 // 892 // Delete selection 893 // 894 if ( $mode == 'editpost' && ( ( $is_auth['auth_delete'] && $post_data['last_post'] && ( !$post_data['has_poll'] || $post_data['edit_poll'] ) ) || $is_auth['auth_mod'] ) ) 895 { 896 $template->assign_block_vars('switch_delete_checkbox', array()); 897 } 898 899 // 900 // Topic type selection 901 // 902 $topic_type_toggle = ''; 903 if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] ) ) 904 { 905 $template->assign_block_vars('switch_type_toggle', array()); 906 907 if( $is_auth['auth_sticky'] ) 908 { 909 $topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_STICKY . '"'; 910 if ( $post_data['topic_type'] == POST_STICKY || $topic_type == POST_STICKY ) 911 { 912 $topic_type_toggle .= ' checked="checked"'; 913 } 914 $topic_type_toggle .= ' /> ' . $lang['Post_Sticky'] . ' '; 915 } 916 917 if( $is_auth['auth_announce'] ) 918 { 919 $topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_ANNOUNCE . '"'; 920 if ( $post_data['topic_type'] == POST_ANNOUNCE || $topic_type == POST_ANNOUNCE ) 921 { 922 $topic_type_toggle .= ' checked="checked"'; 923 } 924 $topic_type_toggle .= ' /> ' . $lang['Post_Announcement'] . ' '; 925 } 926 927 if ( $topic_type_toggle != '' ) 928 { 929 $topic_type_toggle = $lang['Post_topic_as'] . ': <input type="radio" name="topictype" value="' . POST_NORMAL .'"' . ( ( $post_data['topic_type'] == POST_NORMAL || $topic_type == POST_NORMAL ) ? ' checked="checked"' : '' ) . ' /> ' . $lang['Post_Normal'] . ' ' . $topic_type_toggle; 930 } 931 } 932 933 $hidden_form_fields = '<input type="hidden" name="mode" value="' . $mode . '" />'; 934 935 switch( $mode ) 936 { 937 case 'newtopic': 938 $page_title = $lang['Post_a_new_topic']; 939 $hidden_form_fields .= '<input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />'; 940 break; 941 942 case 'reply': 943 $page_title = $lang['Post_a_reply']; 944 $hidden_form_fields .= '<input type="hidden" name="' . POST_TOPIC_URL . '" value="' . $topic_id . '" />'; 945 break; 946 947 case 'editpost': 948 $page_title = $lang['Edit_Post']; 949 $hidden_form_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />'; 950 break; 951 } 952 953 // Generate smilies listing for page output 954 generate_smilies('inline', PAGE_POSTING); 955 956 // 957 // Include page header 958 // 959 include ("includes/page_header.php"); 960 961 $template->set_filenames(array( 962 'body' => 'posting_body.tpl', 963 'pollbody' => 'posting_poll_body.tpl', 964 'reviewbody' => 'posting_topic_review.tpl') 965 ); 966 make_jumpbox('viewforum.'.$phpEx); 967 968 $template->assign_vars(array( 969 'FORUM_NAME' => $forum_name, 970 'L_POST_A' => $page_title, 971 'L_POST_SUBJECT' => $lang['Post_subject'], 972 973 'U_VIEW_FORUM' => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id")) 974 ); 975 976 // 977 // This enables the forum/topic title to be output for posting 978 // but not for privmsg (where it makes no sense) 979 // 980 $template->assign_block_vars('switch_not_privmsg', array()); 981 982 // 983 // Output the data to the template 984 // 985 $template->assign_vars(array( 986 'USERNAME' => $username, 987 'SUBJECT' => $subject, 988 'MESSAGE' => $message, 989 'HTML_STATUS' => $html_status, 990 'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'), 991 'SMILIES_STATUS' => $smilies_status, 992 993 'L_SUBJECT' => $lang['Subject'], 994 'L_MESSAGE_BODY' => $lang['Message_body'], 995 'L_OPTIONS' => $lang['Options'], 996 'L_PREVIEW' => $lang['Preview'], 997 'L_SPELLCHECK' => $lang['Spellcheck'], 998 'L_SUBMIT' => $lang['Submit'], 999 'L_CANCEL' => $lang['Cancel'], 1000 'L_CONFIRM_DELETE' => $lang['Confirm_delete'], 1001 'L_DISABLE_HTML' => $lang['Disable_HTML_post'], 1002 'L_DISABLE_BBCODE' => $lang['Disable_BBCode_post'], 1003 'L_DISABLE_SMILIES' => $lang['Disable_Smilies_post'], 1004 'L_ATTACH_SIGNATURE' => $lang['Attach_signature'], 1005 'L_NOTIFY_ON_REPLY' => $lang['Notify'], 1006 'L_DELETE_POST' => $lang['Delete_post'], 1007 1008 'L_BBCODE_B_HELP' => $lang['bbcode_b_help'], 1009 'L_BBCODE_I_HELP' => $lang['bbcode_i_help'], 1010 'L_BBCODE_U_HELP' => $lang['bbcode_u_help'], 1011 'L_BBCODE_Q_HELP' => $lang['bbcode_q_help'], 1012 'L_BBCODE_C_HELP' => $lang['bbcode_c_help'], 1013 'L_BBCODE_L_HELP' => $lang['bbcode_l_help'], 1014 'L_BBCODE_O_HELP' => $lang['bbcode_o_help'], 1015 'L_BBCODE_P_HELP' => $lang['bbcode_p_help'], 1016 'L_BBCODE_W_HELP' => $lang['bbcode_w_help'], 1017 'L_BBCODE_A_HELP' => $lang['bbcode_a_help'], 1018 'L_BBCODE_S_HELP' => $lang['bbcode_s_help'], 1019 'L_BBCODE_F_HELP' => $lang['bbcode_f_help'], 1020 'L_EMPTY_MESSAGE' => $lang['Empty_message'], 1021 1022 'L_FONT_COLOR' => $lang['Font_color'], 1023 'L_COLOR_DEFAULT' => $lang['color_default'], 1024 'L_COLOR_DARK_RED' => $lang['color_dark_red'], 1025 'L_COLOR_RED' => $lang['color_red'], 1026 'L_COLOR_ORANGE' => $lang['color_orange'], 1027 'L_COLOR_BROWN' => $lang['color_brown'], 1028 'L_COLOR_YELLOW' => $lang['color_yellow'], 1029 'L_COLOR_GREEN' => $lang['color_green'], 1030 'L_COLOR_OLIVE' => $lang['color_olive'], 1031 'L_COLOR_CYAN' => $lang['color_cyan'], 1032 'L_COLOR_BLUE' => $lang['color_blue'], 1033 'L_COLOR_DARK_BLUE' => $lang['color_dark_blue'], 1034 'L_COLOR_INDIGO' => $lang['color_indigo'], 1035 'L_COLOR_VIOLET' => $lang['color_violet'], 1036 'L_COLOR_WHITE' => $lang['color_white'], 1037 'L_COLOR_BLACK' => $lang['color_black'], 1038 1039 'L_FONT_SIZE' => $lang['Font_size'], 1040 'L_FONT_TINY' => $lang['font_tiny'], 1041 'L_FONT_SMALL' => $lang['font_small'], 1042 'L_FONT_NORMAL' => $lang['font_normal'], 1043 'L_FONT_LARGE' => $lang['font_large'], 1044 'L_FONT_HUGE' => $lang['font_huge'], 1045 1046 'L_BBCODE_CLOSE_TAGS' => $lang['Close_Tags'], 1047 'L_STYLES_TIP' => $lang['Styles_tip'], 1048 1049 'U_VIEWTOPIC' => ( $mode == 'reply' ) ? append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id&postorder=desc") : '', 1050 'U_REVIEW_TOPIC' => ( $mode == 'reply' ) ? append_sid("posting.$phpEx?mode=topicreview&" . POST_TOPIC_URL . "=$topic_id&popup=1") : '', 1051 1052 'S_HTML_CHECKED' => ( !$html_on ) ? 'checked="checked"' : '', 1053 'S_BBCODE_CHECKED' => ( !$bbcode_on ) ? 'checked="checked"' : '', 1054 'S_SMILIES_CHECKED' => ( !$smilies_on ) ? 'checked="checked"' : '', 1055 'S_SIGNATURE_CHECKED' => ( $attach_sig ) ? 'checked="checked"' : '', 1056 'S_NOTIFY_CHECKED' => ( $notify_user ) ? 'checked="checked"' : '', 1057 'S_TYPE_TOGGLE' => $topic_type_toggle, 1058 'S_TOPIC_ID' => $topic_id, 1059 'S_POST_ACTION' => append_sid("posting.$phpEx"), 1060 'S_HIDDEN_FORM_FIELDS' => $hidden_form_fields) 1061 ); 1062 1063 // 1064 // Poll entry switch/output 1065 // 1066 if( ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['edit_poll']) ) && $is_auth['auth_pollcreate'] ) 1067 { 1068 $template->assign_vars(array( 1069 'L_ADD_A_POLL' => $lang['Add_poll'], 1070 'L_ADD_POLL_EXPLAIN' => $lang['Add_poll_explain'], 1071 'L_POLL_QUESTION' => $lang['Poll_question'], 1072 'L_POLL_OPTION' => $lang['Poll_option'], 1073 'L_ADD_OPTION' => $lang['Add_option'], 1074 'L_UPDATE_OPTION' => $lang['Update'], 1075 'L_DELETE_OPTION' => $lang['Delete'], 1076 'L_POLL_LENGTH' => $lang['Poll_for'], 1077 'L_DAYS' => $lang['Days'], 1078 'L_POLL_LENGTH_EXPLAIN' => $lang['Poll_for_explain'], 1079 'L_POLL_DELETE' => $lang['Delete_poll'], 1080 1081 'POLL_TITLE' => $poll_title, 1082 'POLL_LENGTH' => $poll_length) 1083 ); 1084 1085 if( $mode == 'editpost' && $post_data['edit_poll'] && $post_data['has_poll']) 1086 { 1087 $template->assign_block_vars('switch_poll_delete_toggle', array()); 1088 } 1089 1090 if( !empty($poll_options) ) 1091 { 1092 while( list($option_id, $option_text) = each($poll_options) ) 1093 { 1094 $template->assign_block_vars('poll_option_rows', array( 1095 'POLL_OPTION' => str_replace('"', '"', $option_text), 1096 1097 'S_POLL_OPTION_NUM' => $option_id) 1098 ); 1099 } 1100 } 1101 1102 $template->assign_var_from_handle('POLLBOX', 'pollbody'); 1103 } 1104 1105 // 1106 // Topic review 1107 // 1108 if( $mode == 'reply' && $is_auth['auth_read'] ) 1109 { 1110 require ("includes/topic_review.php"); 1111 topic_review($topic_id, true); 1112 1113 $template->assign_block_vars('switch_inline_mode', array()); 1114 $template->assign_var_from_handle('TOPIC_REVIEW_BOX', 'reviewbody'); 1115 } 1116 1117 $template->pparse('body'); 1118 1119 include ("includes/page_tail.php"); 1120 1121 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Apr 1 11:11:59 2007 | par Balluche grâce à PHPXref 0.7 |