search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
adjust schema to support defining types of columns. This is required for dbms being...
[phpbb.git] / phpBB / posting.php
blobe2484dfd156e08d8a79e562f633897c406ca4597
1 <?php
2 /**
3 *
4 * @package phpBB3
5 * @version $Id$
6 * @copyright (c) 2005 phpBB Group
7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
8 *
9 */
10
11 /**
12 * @ignore
13 */
14 define('IN_PHPBB', true);
15 if (!defined('PHPBB_ROOT_PATH')) define('PHPBB_ROOT_PATH', './');
16 if (!defined('PHP_EXT')) define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1));
17 include(PHPBB_ROOT_PATH . 'common.' . PHP_EXT);
18 include(PHPBB_ROOT_PATH . 'includes/functions_posting.' . PHP_EXT);
19 include(PHPBB_ROOT_PATH . 'includes/functions_display.' . PHP_EXT);
20 include(PHPBB_ROOT_PATH . 'includes/message_parser.' . PHP_EXT);
21
22
23 // Start session management
24 $user->session_begin();
25 $auth->acl($user->data);
26
27
28 // Grab only parameters needed here
29 $post_id = request_var('p', 0);
30 $topic_id = request_var('t', 0);
31 $forum_id = request_var('f', 0);
32 $draft_id = request_var('d', 0);
33 $lastclick = request_var('lastclick', 0);
34
35 $submit = phpbb_request::is_set_post('post');
36 $preview = phpbb_request::is_set_post('preview');
37 $save = phpbb_request::is_set_post('save');
38 $load = phpbb_request::is_set_post('load');
39 $delete = phpbb_request::is_set_post('delete');
40 $cancel = (phpbb_request::is_set_post('cancel') && !phpbb_request::is_set_post('save')) ? true : false;
41
42 $refresh = (phpbb_request::is_set_post('add_file') || phpbb_request::is_set_post('delete_file') || phpbb_request::is_set_post('cancel_unglobalise') || $save || $load) ? true : false;
43 $mode = ($delete && !$preview && !$refresh && $submit) ? 'delete' : request_var('mode', '');
44
45 $error = $post_data = array();
46 $current_time = time();
47
48 if (phpbb::$config['enable_post_confirm'] && !$user->data['is_registered'])
49 {
50 include(PHPBB_ROOT_PATH . 'includes/captcha/captcha_factory.' . PHP_EXT);
51 $captcha = phpbb_captcha_factory::get_instance(phpbb::$config['captcha_plugin']);
52 $captcha->init(CONFIRM_POST);
53 }
54
55 // Was cancel pressed? If so then redirect to the appropriate page
56 if ($cancel || ($current_time - $lastclick < 2 && $submit))
57 {
58 $redirect = ($post_id) ? append_sid('viewtopic', 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid('viewtopic', 't=' . $topic_id) : (($forum_id) ? append_sid('viewforum', 'f=' . $forum_id) : append_sid('index')));
59 redirect($redirect);
60 }
61
62 if (in_array($mode, array('post', 'reply', 'quote', 'edit', 'delete')) && !$forum_id)
63 {
64 trigger_error('NO_FORUM');
65 }
66
67 // We need to know some basic information in all cases before we do anything.
68 switch ($mode)
69 {
70 case 'post':
71 $sql = 'SELECT *
72 FROM ' . FORUMS_TABLE . "
73 WHERE forum_id = $forum_id";
74 break;
75
76 case 'bump':
77 case 'reply':
78 if (!$topic_id)
79 {
80 trigger_error('NO_TOPIC');
81 }
82
83 $sql = 'SELECT f.*, t.*
84 FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
85 WHERE t.topic_id = $topic_id
86 AND (f.forum_id = t.forum_id
87 OR f.forum_id = $forum_id)";
88 break;
89
90 case 'quote':
91 case 'edit':
92 case 'delete':
93 if (!$post_id)
94 {
95 $user->setup('posting');
96 trigger_error('NO_POST');
97 }
98
99 $sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield
100 FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u
101 WHERE p.post_id = $post_id
102 AND t.topic_id = p.topic_id
103 AND u.user_id = p.poster_id
104 AND (f.forum_id = t.forum_id
105 OR f.forum_id = $forum_id)";
106 break;
107
108 case 'smilies':
109 $sql = '';
110 generate_smilies('window', $forum_id);
111 break;
112
113 case 'popup':
114 if ($forum_id)
115 {
116 $sql = 'SELECT forum_style
117 FROM ' . FORUMS_TABLE . '
118 WHERE forum_id = ' . $forum_id;
119 }
120 else
121 {
122 upload_popup();
123 return;
124 }
125 break;
126
127 default:
128 $sql = '';
129 break;
130 }
131
132 if (!$sql)
133 {
134 $user->setup('posting');
135 trigger_error('NO_POST_MODE');
136 }
137
138 $result = $db->sql_query($sql);
139 $post_data = $db->sql_fetchrow($result);
140 $db->sql_freeresult($result);
141
142 if (!$post_data)
143 {
144 if (!($mode == 'post' || $mode == 'bump' || $mode == 'reply'))
145 {
146 $user->setup('posting');
147 }
148 trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST');
149 }
150
151 if ($mode == 'popup')
152 {
153 upload_popup($post_data['forum_style']);
154 return;
155 }
156
157 $user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
158
159 // Use post_row values in favor of submitted ones...
160 $forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id;
161 $topic_id = (!empty($post_data['topic_id'])) ? (int) $post_data['topic_id'] : (int) $topic_id;
162 $post_id = (!empty($post_data['post_id'])) ? (int) $post_data['post_id'] : (int) $post_id;
163
164 // Need to login to passworded forum first?
165 if ($post_data['forum_password'])
166 {
167 login_forum_box(array(
168 'forum_id' => $forum_id,
169 'forum_password' => $post_data['forum_password'])
170 );
171 }
172
173 // Check permissions
174 if ($user->data['is_bot'])
175 {
176 redirect(append_sid('index'));
177 }
178
179 // Is the user able to read within this forum?
180 if (!$auth->acl_get('f_read', $forum_id))
181 {
182 if ($user->data['user_id'] != ANONYMOUS)
183 {
184 trigger_error('USER_CANNOT_READ');
185 }
186
187 login_box('', $user->lang['LOGIN_EXPLAIN_POST']);
188 }
189
190 // Permission to do the action asked?
191 $is_authed = false;
192
193 switch ($mode)
194 {
195 case 'post':
196 if ($auth->acl_get('f_post', $forum_id))
197 {
198 $is_authed = true;
199 }
200 break;
201
202 case 'bump':
203 if ($auth->acl_get('f_bump', $forum_id))
204 {
205 $is_authed = true;
206 }
207 break;
208
209 case 'quote':
210
211 $post_data['post_edit_locked'] = 0;
212
213 // no break;
214
215 case 'reply':
216 if ($auth->acl_get('f_reply', $forum_id))
217 {
218 $is_authed = true;
219 }
220 break;
221
222 case 'edit':
223 if ($user->data['is_registered'] && $auth->acl_gets('f_edit', 'm_edit', $forum_id))
224 {
225 $is_authed = true;
226 }
227 break;
228
229 case 'delete':
230 if ($user->data['is_registered'] && $auth->acl_gets('f_delete', 'm_delete', $forum_id))
231 {
232 $is_authed = true;
233 }
234 break;
235 }
236
237 if (!$is_authed)
238 {
239 $check_auth = ($mode == 'quote') ? 'reply' : $mode;
240
241 if ($user->data['is_registered'])
242 {
243 trigger_error('USER_CANNOT_' . strtoupper($check_auth));
244 }
245
246 login_box('', $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]);
247 }
248
249 // Is the user able to post within this forum?
250 if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply')))
251 {
252 trigger_error('USER_CANNOT_FORUM_POST');
253 }
254
255 // Forum/Topic locked?
256 if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED)) && !$auth->acl_get('m_edit', $forum_id))
257 {
258 trigger_error(($post_data['forum_status'] == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED');
259 }
260
261 // Can we edit this post ... if we're a moderator with rights then always yes
262 // else it depends on editing times, lock status and if we're the correct user
263 if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id))
264 {
265 if ($user->data['user_id'] != $post_data['poster_id'])
266 {
267 trigger_error('USER_CANNOT_EDIT');
268 }
269
270 if (!($post_data['post_time'] > time() - (phpbb::$config['edit_time'] * 60) || !phpbb::$config['edit_time']))
271 {
272 trigger_error('CANNOT_EDIT_TIME');
273 }
274
275 if ($post_data['post_edit_locked'])
276 {
277 trigger_error('CANNOT_EDIT_POST_LOCKED');
278 }
279 }
280
281 // Handle delete mode...
282 if ($mode == 'delete')
283 {
284 handle_post_delete($forum_id, $topic_id, $post_id, $post_data);
285 return;
286 }
287
288 // Handle bump mode...
289 if ($mode == 'bump')
290 {
291 if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id'])
292 && check_link_hash(request_var('hash', ''), "topic_{$post_data['topic_id']}"))
293 {
294 $db->sql_transaction('begin');
295
296 $sql = 'UPDATE ' . POSTS_TABLE . "
297 SET post_time = $current_time
298 WHERE post_id = {$post_data['topic_last_post_id']}
299 AND topic_id = $topic_id";
300 $db->sql_query($sql);
301
302 $sql = 'UPDATE ' . TOPICS_TABLE . "
303 SET topic_last_post_time = $current_time,
304 topic_bumped = 1,
305 topic_bumper = " . $user->data['user_id'] . "
306 WHERE topic_id = $topic_id";
307 $db->sql_query($sql);
308
309 update_post_information('forum', $forum_id);
310
311 $sql = 'UPDATE ' . USERS_TABLE . "
312 SET user_lastpost_time = $current_time
313 WHERE user_id = " . $user->data['user_id'];
314 $db->sql_query($sql);
315
316 $db->sql_transaction('commit');
317
318 markread('post', $forum_id, $topic_id, $current_time);
319
320 add_log('mod', $forum_id, $topic_id, 'LOG_BUMP_TOPIC', $post_data['topic_title']);
321
322 $meta_url = append_sid('viewtopic', "f=$forum_id&amp;t=$topic_id&amp;p={$post_data['topic_last_post_id']}") . "#p{$post_data['topic_last_post_id']}";
323 meta_refresh(3, $meta_url);
324
325 $message = $user->lang['TOPIC_BUMPED'] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $meta_url . '">', '</a>');
326 $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid('viewforum', 'f=' . $forum_id) . '">', '</a>');
327
328 trigger_error($message);
329 }
330
331 trigger_error('BUMP_ERROR');
332 }
333
334 // Subject length limiting to 60 characters if first post...
335 if ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_data['post_id']))
336 {
337 $template->assign_var('S_NEW_MESSAGE', true);
338 }
339
340 // Determine some vars
341 if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS)
342 {
343 $post_data['quote_username'] = (!empty($post_data['post_username'])) ? $post_data['post_username'] : $user->lang['GUEST'];
344 }
345 else
346 {
347 $post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : '';
348 }
349
350 $post_data['post_edit_locked'] = (isset($post_data['post_edit_locked'])) ? (int) $post_data['post_edit_locked'] : 0;
351 $post_data['post_subject'] = (in_array($mode, array('quote', 'edit'))) ? $post_data['post_subject'] : ((isset($post_data['topic_title'])) ? $post_data['topic_title'] : '');
352 $post_data['topic_time_limit'] = (isset($post_data['topic_time_limit'])) ? (($post_data['topic_time_limit']) ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit']) : 0;
353 $post_data['poll_length'] = (!empty($post_data['poll_length'])) ? (int) $post_data['poll_length'] / 86400 : 0;
354 $post_data['poll_start'] = (!empty($post_data['poll_start'])) ? (int) $post_data['poll_start'] : 0;
355 $post_data['icon_id'] = (!isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply'))) ? 0 : (int) $post_data['icon_id'];
356 $post_data['poll_options'] = array();
357
358 // Get Poll Data
359 if ($post_data['poll_start'])
360 {
361 $sql = 'SELECT poll_option_text
362 FROM ' . POLL_OPTIONS_TABLE . "
363 WHERE topic_id = $topic_id
364 ORDER BY poll_option_id";
365 $result = $db->sql_query($sql);
366
367 while ($row = $db->sql_fetchrow($result))
368 {
369 $post_data['poll_options'][] = trim($row['poll_option_text']);
370 }
371 $db->sql_freeresult($result);
372 }
373
374 $orig_poll_options_size = sizeof($post_data['poll_options']);
375
376 $message_parser = new parse_message();
377
378 if (isset($post_data['post_text']))
379 {
380 $message_parser->message = &$post_data['post_text'];
381 unset($post_data['post_text']);
382 }
383
384 // Set some default variables
385 $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0);
386
387 foreach ($uninit as $var_name => $default_value)
388 {
389 if (!isset($post_data[$var_name]))
390 {
391 $post_data[$var_name] = $default_value;
392 }
393 }
394 unset($uninit);
395
396 // Always check if the submitted attachment data is valid and belongs to the user.
397 // Further down (especially in submit_post()) we do not check this again.
398 $message_parser->get_submitted_attachment_data($post_data['poster_id']);
399
400 if ($post_data['post_attachment'] && !$submit && !$refresh && !$preview && $mode == 'edit')
401 {
402 // Do not change to SELECT *
403 $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename
404 FROM ' . ATTACHMENTS_TABLE . "
405 WHERE post_msg_id = $post_id
406 AND in_message = 0
407 AND is_orphan = 0
408 ORDER BY filetime DESC";
409 $result = $db->sql_query($sql);
410 $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));
411 $db->sql_freeresult($result);
412 }
413
414 if ($post_data['poster_id'] == ANONYMOUS)
415 {
416 $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['post_username']) : '';
417 }
418 else
419 {
420 $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['username']) : '';
421 }
422
423 $post_data['enable_urls'] = $post_data['enable_magic_url'];
424
425 if ($mode != 'edit')
426 {
427 $post_data['enable_sig'] = (phpbb::$config['allow_sig'] && $user->optionget('attachsig')) ? true: false;
428 $post_data['enable_smilies'] = (phpbb::$config['allow_smilies'] && $user->optionget('smilies')) ? true : false;
429 $post_data['enable_bbcode'] = (phpbb::$config['allow_bbcode'] && $user->optionget('bbcode')) ? true : false;
430 $post_data['enable_urls'] = true;
431 }
432
433 $post_data['enable_magic_url'] = $post_data['drafts'] = false;
434
435 // User own some drafts?
436 if ($user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
437 {
438 $sql = 'SELECT draft_id
439 FROM ' . DRAFTS_TABLE . '
440 WHERE user_id = ' . $user->data['user_id'] .
441 (($forum_id) ? ' AND forum_id = ' . (int) $forum_id : '') .
442 (($topic_id) ? ' AND topic_id = ' . (int) $topic_id : '') .
443 (($draft_id) ? " AND draft_id <> $draft_id" : '');
444 $result = $db->sql_query_limit($sql, 1);
445
446 if ($db->sql_fetchrow($result))
447 {
448 $post_data['drafts'] = true;
449 }
450 $db->sql_freeresult($result);
451 }
452
453 $check_value = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
454
455 // Check if user is watching this topic
456 if ($mode != 'post' && phpbb::$config['allow_topic_notify'] && $user->data['is_registered'])
457 {
458 $sql = 'SELECT topic_id
459 FROM ' . TOPICS_WATCH_TABLE . '
460 WHERE topic_id = ' . $topic_id . '
461 AND user_id = ' . $user->data['user_id'];
462 $result = $db->sql_query($sql);
463 $post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id');
464 $db->sql_freeresult($result);
465 }
466
467 // Do we want to edit our post ?
468 if ($mode == 'edit' && $post_data['bbcode_uid'])
469 {
470 $message_parser->bbcode_uid = $post_data['bbcode_uid'];
471 }
472
473 // HTML, BBCode, Smilies, Images and Flash status
474 $bbcode_status = (phpbb::$config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false;
475 $smilies_status = ($bbcode_status && phpbb::$config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false;
476 $img_status = ($bbcode_status && $auth->acl_get('f_img', $forum_id)) ? true : false;
477 $url_status = (phpbb::$config['allow_post_links']) ? true : false;
478 $flash_status = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && phpbb::$config['allow_post_flash']) ? true : false;
479 $quote_status = ($auth->acl_get('f_reply', $forum_id)) ? true : false;
480
481 // Save Draft
482 if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
483 {
484 $subject = utf8_normalize_nfc(request_var('subject', '', true));
485 $subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject;
486 $message = utf8_normalize_nfc(request_var('message', '', true));
487
488 if ($subject && $message)
489 {
490 if (confirm_box(true))
491 {
492 $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
493 'user_id' => (int) $user->data['user_id'],
494 'topic_id' => (int) $topic_id,
495 'forum_id' => (int) $forum_id,
496 'save_time' => (int) $current_time,
497 'draft_subject' => (string) $subject,
498 'draft_message' => (string) $message)
499 );
500 $db->sql_query($sql);
501
502 $meta_info = ($mode == 'post') ? append_sid('viewforum', 'f=' . $forum_id) : append_sid('viewtopic', "f=$forum_id&amp;t=$topic_id");
503
504 meta_refresh(3, $meta_info);
505
506 $message = $user->lang['DRAFT_SAVED'] . '<br /><br />';
507 $message .= ($mode != 'post') ? sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>') . '<br /><br />' : '';
508 $message .= sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid('viewforum', 'f=' . $forum_id) . '">', '</a>');
509
510 trigger_error($message);
511 }
512 else
513 {
514 $s_hidden_fields = build_hidden_fields(array(
515 'mode' => $mode,
516 'save' => true,
517 'f' => $forum_id,
518 't' => $topic_id,
519 'subject' => $subject,
520 'message' => $message,
521 'attachment_data' => $message_parser->attachment_data,
522 )
523 );
524
525 confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields);
526 }
527 }
528 else
529 {
530 if (utf8_clean_string($subject) === '')
531 {
532 $error[] = $user->lang['EMPTY_SUBJECT'];
533 }
534
535 if (utf8_clean_string($message) === '')
536 {
537 $error[] = $user->lang['TOO_FEW_CHARS'];
538 }
539 }
540 unset($subject, $message);
541 }
542
543 // Load requested Draft
544 if ($draft_id && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $user->data['is_registered'] && $auth->acl_get('u_savedrafts'))
545 {
546 $sql = 'SELECT draft_subject, draft_message
547 FROM ' . DRAFTS_TABLE . "
548 WHERE draft_id = $draft_id
549 AND user_id = " . $user->data['user_id'];
550 $result = $db->sql_query_limit($sql, 1);
551 $row = $db->sql_fetchrow($result);
552 $db->sql_freeresult($result);
553
554 if ($row)
555 {
556 $post_data['post_subject'] = $row['draft_subject'];
557 $message_parser->message = $row['draft_message'];
558
559 $template->assign_var('S_DRAFT_LOADED', true);
560 }
561 else
562 {
563 $draft_id = 0;
564 }
565 }
566
567 // Load draft overview
568 if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_data['drafts'])
569 {
570 load_drafts($topic_id, $forum_id);
571 }
572
573 $solved_captcha = false;
574
575 if ($submit || $preview || $refresh)
576 {
577 $edit_reason = utf8_normalize_nfc(request_var('edit_reason', '', true));
578
579 $post_data['topic_cur_post_id'] = request_var('topic_cur_post_id', 0);
580 $post_data['post_subject'] = utf8_normalize_nfc(request_var('subject', '', true));
581 $message_parser->message = utf8_normalize_nfc(request_var('message', '', true));
582
583 $post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true));
584 $post_data['post_edit_reason'] = (!empty($edit_reason) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? $edit_reason : '';
585
586 $post_data['orig_topic_type'] = $post_data['topic_type'];
587 $post_data['topic_type'] = request_var('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL));
588 $post_data['topic_time_limit'] = request_var('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0));
589 $post_data['icon_id'] = request_var('icon', 0);
590
591 $post_data['enable_bbcode'] = (!$bbcode_status || phpbb_request::is_set_post('disable_bbcode')) ? false : true;
592 $post_data['enable_smilies'] = (!$smilies_status || phpbb_request::is_set_post('disable_smilies')) ? false : true;
593 $post_data['enable_urls'] = phpbb_request::is_set_post('disable_magic_url');
594 $post_data['enable_sig'] = (!phpbb::$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig')) ? false : ((phpbb_request::is_set_post('attach_sig') && $user->data['is_registered']) ? true : false);
595
596 if (phpbb::$config['allow_topic_notify'] && $user->data['is_registered'])
597 {
598 $notify = phpbb_request::is_set_post('notify');
599 }
600 else
601 {
602 $notify = false;
603 }
604
605 $topic_lock = phpbb_request::is_set_post('lock_topic');
606 $post_lock = phpbb_request::is_set_post('lock_post');
607 $poll_delete = phpbb_request::is_set_post('poll_delete');
608
609 if ($submit)
610 {
611 $status_switch = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
612 $status_switch = ($status_switch != $check_value);
613 }
614 else
615 {
616 $status_switch = 1;
617 }
618
619 // Delete Poll
620 if ($poll_delete && $mode == 'edit' && sizeof($post_data['poll_options']) &&
621 ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id)))
622 {
623 if ($submit && check_form_key('posting'))
624 {
625 $sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . "
626 WHERE topic_id = $topic_id";
627 $db->sql_query($sql);
628
629 $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . "
630 WHERE topic_id = $topic_id";
631 $db->sql_query($sql);
632
633 $topic_sql = array(
634 'poll_title' => '',
635 'poll_start' => 0,
636 'poll_length' => 0,
637 'poll_last_vote' => 0,
638 'poll_max_options' => 0,
639 'poll_vote_change' => 0
640 );
641
642 $sql = 'UPDATE ' . TOPICS_TABLE . '
643 SET ' . $db->sql_build_array('UPDATE', $topic_sql) . "
644 WHERE topic_id = $topic_id";
645 $db->sql_query($sql);
646 }
647
648 $post_data['poll_title'] = $post_data['poll_option_text'] = '';
649 $post_data['poll_vote_change'] = $post_data['poll_max_options'] = $post_data['poll_length'] = 0;
650 }
651 else
652 {
653 $post_data['poll_title'] = utf8_normalize_nfc(request_var('poll_title', '', true));
654 $post_data['poll_length'] = request_var('poll_length', 0);
655 $post_data['poll_option_text'] = utf8_normalize_nfc(request_var('poll_option_text', '', true));
656 $post_data['poll_max_options'] = request_var('poll_max_options', 1);
657 $post_data['poll_vote_change'] = ($auth->acl_get('f_votechg', $forum_id) && phpbb_request::is_set_post('poll_vote_change')) ? 1 : 0;
658 }
659
660 // If replying/quoting and last post id has changed
661 // give user option to continue submit or return to post
662 // notify and show user the post made between his request and the final submit
663 if (($mode == 'reply' || $mode == 'quote') && $post_data['topic_cur_post_id'] && $post_data['topic_cur_post_id'] != $post_data['topic_last_post_id'])
664 {
665 // Only do so if it is allowed forum-wide
666 if ($post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
667 {
668 if (topic_review($topic_id, $forum_id, 'post_review', $post_data['topic_cur_post_id']))
669 {
670 $template->assign_var('S_POST_REVIEW', true);
671 }
672
673 $submit = false;
674 $refresh = true;
675 }
676 }
677
678 // Parse Attachments - before checksum is calculated
679 $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh);
680
681 // Grab md5 'checksum' of new message
682 $message_md5 = md5($message_parser->message);
683
684 // Check checksum ... don't re-parse message if the same
685 $update_message = ($mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN) ? true : false;
686
687 // Parse message
688 if ($update_message)
689 {
690 if (sizeof($message_parser->warn_msg))
691 {
692 $error[] = implode('<br />', $message_parser->warn_msg);
693 $message_parser->warn_msg = array();
694 }
695
696 $message_parser->parse($post_data['enable_bbcode'], (phpbb::$config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, phpbb::$config['allow_post_links']);
697
698 // On a refresh we do not care about message parsing errors
699 if (sizeof($message_parser->warn_msg) && $refresh)
700 {
701 $message_parser->warn_msg = array();
702 }
703 }
704 else
705 {
706 $message_parser->bbcode_bitfield = $post_data['bbcode_bitfield'];
707 }
708
709 if ($mode != 'edit' && !$preview && !$refresh && phpbb::$config['flood_interval'] && !$auth->acl_get('f_ignoreflood', $forum_id))
710 {
711 // Flood check
712 $last_post_time = 0;
713
714 if ($user->data['is_registered'])
715 {
716 $last_post_time = $user->data['user_lastpost_time'];
717 }
718 else
719 {
720 $sql = 'SELECT post_time AS last_post_time
721 FROM ' . POSTS_TABLE . "
722 WHERE poster_ip = '" . $user->ip . "'
723 AND post_time > " . ($current_time - phpbb::$config['flood_interval']);
724 $result = $db->sql_query_limit($sql, 1);
725 if ($row = $db->sql_fetchrow($result))
726 {
727 $last_post_time = $row['last_post_time'];
728 }
729 $db->sql_freeresult($result);
730 }
731
732 if ($last_post_time && ($current_time - $last_post_time) < intval(phpbb::$config['flood_interval']))
733 {
734 $error[] = $user->lang['FLOOD_ERROR'];
735 }
736 }
737
738 // Validate username
739 if (($post_data['username'] && !$user->data['is_registered']) || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username']))
740 {
741 include(PHPBB_ROOT_PATH . 'includes/functions_user.' . PHP_EXT);
742
743 if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false)
744 {
745 $user->add_lang('ucp');
746 $error[] = $user->lang[$result . '_USERNAME'];
747 }
748 }
749
750 if (phpbb::$config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply')))
751 {
752 $vc_response = $captcha->validate();
753 if ($vc_response)
754 {
755 $error[] = $vc_response;
756 }
757 else
758 {
759 $solved_captcha = true;
760 }
761 }
762
763 // check form
764 if (($submit || $preview) && !check_form_key('posting'))
765 {
766 $error[] = $user->lang['FORM_INVALID'];
767 }
768
769 // Parse subject
770 if (!$preview && !$refresh && utf8_clean_string($post_data['post_subject']) === '' && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
771 {
772 $error[] = $user->lang['EMPTY_SUBJECT'];
773 }
774
775 $post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0;
776
777 if ($post_data['poll_option_text'] &&
778 ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
779 && $auth->acl_get('f_poll', $forum_id))
780 {
781 $poll = array(
782 'poll_title' => $post_data['poll_title'],
783 'poll_length' => $post_data['poll_length'],
784 'poll_max_options' => $post_data['poll_max_options'],
785 'poll_option_text' => $post_data['poll_option_text'],
786 'poll_start' => $post_data['poll_start'],
787 'poll_last_vote' => $post_data['poll_last_vote'],
788 'poll_vote_change' => $post_data['poll_vote_change'],
789 'enable_bbcode' => $post_data['enable_bbcode'],
790 'enable_urls' => $post_data['enable_urls'],
791 'enable_smilies' => $post_data['enable_smilies'],
792 'img_status' => $img_status
793 );
794
795 $message_parser->parse_poll($poll);
796
797 $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : '';
798 $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
799
800 /* We reset votes, therefore also allow removing options
801 if ($post_data['poll_last_vote'] && ($poll['poll_options_size'] < $orig_poll_options_size))
802 {
803 $message_parser->warn_msg[] = $user->lang['NO_DELETE_POLL_OPTIONS'];
804 }*/
805 }
806 else
807 {
808 $poll = array();
809 }
810
811 // Check topic type
812 if ($post_data['topic_type'] != POST_NORMAL && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
813 {
814 switch ($post_data['topic_type'])
815 {
816 case POST_GLOBAL:
817 case POST_ANNOUNCE:
818 $auth_option = 'f_announce';
819 break;
820
821 case POST_STICKY:
822 $auth_option = 'f_sticky';
823 break;
824
825 default:
826 $auth_option = '';
827 break;
828 }
829
830 if (!$auth->acl_get($auth_option, $forum_id))
831 {
832 // There is a special case where a user edits his post whereby the topic type got changed by an admin/mod.
833 // Another case would be a mod not having sticky permissions for example but edit permissions.
834 if ($mode == 'edit')
835 {
836 // To prevent non-authed users messing around with the topic type we reset it to the original one.
837 $post_data['topic_type'] = $post_data['orig_topic_type'];
838 }
839 else
840 {
841 $error[] = $user->lang['CANNOT_POST_' . str_replace('F_', '', strtoupper($auth_option))];
842 }
843 }
844 }
845
846 if (sizeof($message_parser->warn_msg))
847 {
848 $error[] = implode('<br />', $message_parser->warn_msg);
849 }
850
851 // DNSBL check
852 if (phpbb::$config['check_dnsbl'] && !$refresh)
853 {
854 if (($dnsbl = $user->check_dnsbl('post')) !== false)
855 {
856 $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
857 }
858 }
859
860 // Store message, sync counters
861 if (!sizeof($error) && $submit)
862 {
863 // Check if we want to de-globalize the topic... and ask for new forum
864 if ($post_data['topic_type'] != POST_GLOBAL)
865 {
866 $sql = 'SELECT topic_type, forum_id
867 FROM ' . TOPICS_TABLE . "
868 WHERE topic_id = $topic_id";
869 $result = $db->sql_query($sql);
870 $row = $db->sql_fetchrow($result);
871 $db->sql_freeresult($result);
872
873 if ($row && !$row['forum_id'] && $row['topic_type'] == POST_GLOBAL)
874 {
875 $to_forum_id = request_var('to_forum_id', 0);
876
877 if ($to_forum_id)
878 {
879 $sql = 'SELECT forum_type
880 FROM ' . FORUMS_TABLE . '
881 WHERE forum_id = ' . $to_forum_id;
882 $result = $db->sql_query($sql);
883 $forum_type = (int) $db->sql_fetchfield('forum_type');
884 $db->sql_freeresult($result);
885
886 if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id))
887 {
888 $to_forum_id = 0;
889 }
890 }
891
892 if (!$to_forum_id)
893 {
894 include_once(PHPBB_ROOT_PATH . 'includes/functions_admin.' . PHP_EXT);
895
896 $template->assign_vars(array(
897 'S_FORUM_SELECT' => make_forum_select(false, false, false, true, true, true),
898 'S_UNGLOBALISE' => true)
899 );
900
901 $submit = false;
902 $refresh = true;
903 }
904 else
905 {
906 if (!$auth->acl_get('f_post', $to_forum_id))
907 {
908 // This will only be triggered if the user tried to trick the forum.
909 trigger_error('NOT_AUTHORISED');
910 }
911
912 $forum_id = $to_forum_id;
913 }
914 }
915 }
916
917 if ($submit)
918 {
919 // Lock/Unlock Topic
920 $change_topic_status = $post_data['topic_status'];
921 $perm_lock_unlock = ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED)) ? true : false;
922
923 if ($post_data['topic_status'] == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock)
924 {
925 $change_topic_status = ITEM_UNLOCKED;
926 }
927 else if ($post_data['topic_status'] == ITEM_UNLOCKED && $topic_lock && $perm_lock_unlock)
928 {
929 $change_topic_status = ITEM_LOCKED;
930 }
931
932 if ($change_topic_status != $post_data['topic_status'])
933 {
934 $sql = 'UPDATE ' . TOPICS_TABLE . "
935 SET topic_status = $change_topic_status
936 WHERE topic_id = $topic_id
937 AND topic_moved_id = 0";
938 $db->sql_query($sql);
939
940 $user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster']) ? 'USER_' : '';
941
942 add_log('mod', $forum_id, $topic_id, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), $post_data['topic_title']);
943 }
944
945 // Lock/Unlock Post Edit
946 if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id))
947 {
948 $post_data['post_edit_locked'] = ITEM_UNLOCKED;
949 }
950 else if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id))
951 {
952 $post_data['post_edit_locked'] = ITEM_LOCKED;
953 }
954
955 $data = array(
956 'topic_title' => (empty($post_data['topic_title'])) ? $post_data['post_subject'] : $post_data['topic_title'],
957 'topic_first_post_id' => (isset($post_data['topic_first_post_id'])) ? (int) $post_data['topic_first_post_id'] : 0,
958 'topic_last_post_id' => (isset($post_data['topic_last_post_id'])) ? (int) $post_data['topic_last_post_id'] : 0,
959 'topic_time_limit' => (int) $post_data['topic_time_limit'],
960 'topic_attachment' => (isset($post_data['topic_attachment'])) ? (int) $post_data['topic_attachment'] : 0,
961 'post_id' => (int) $post_id,
962 'topic_id' => (int) $topic_id,
963 'forum_id' => (int) $forum_id,
964 'icon_id' => (int) $post_data['icon_id'],
965 'poster_id' => (int) $post_data['poster_id'],
966 'enable_sig' => (bool) $post_data['enable_sig'],
967 'enable_bbcode' => (bool) $post_data['enable_bbcode'],
968 'enable_smilies' => (bool) $post_data['enable_smilies'],
969 'enable_urls' => (bool) $post_data['enable_urls'],
970 'enable_indexing' => (bool) $post_data['enable_indexing'],
971 'message_md5' => (string) $message_md5,
972 'post_time' => (isset($post_data['post_time'])) ? (int) $post_data['post_time'] : $current_time,
973 'post_checksum' => (isset($post_data['post_checksum'])) ? (string) $post_data['post_checksum'] : '',
974 'post_edit_reason' => $post_data['post_edit_reason'],
975 'post_edit_user' => ($mode == 'edit') ? $user->data['user_id'] : ((isset($post_data['post_edit_user'])) ? (int) $post_data['post_edit_user'] : 0),
976 'forum_parents' => $post_data['forum_parents'],
977 'forum_name' => $post_data['forum_name'],
978 'notify' => $notify,
979 'notify_set' => $post_data['notify_set'],
980 'poster_ip' => (isset($post_data['poster_ip'])) ? $post_data['poster_ip'] : $user->ip,
981 'post_edit_locked' => (int) $post_data['post_edit_locked'],
982 'bbcode_bitfield' => $message_parser->bbcode_bitfield,
983 'bbcode_uid' => $message_parser->bbcode_uid,
984 'message' => $message_parser->message,
985 'attachment_data' => $message_parser->attachment_data,
986 'filename_data' => $message_parser->filename_data,
987
988 'topic_approved' => (isset($post_data['topic_approved'])) ? $post_data['topic_approved'] : false,
989 'post_approved' => (isset($post_data['post_approved'])) ? $post_data['post_approved'] : false,
990 );
991
992 if ($mode == 'edit')
993 {
994 $data['topic_replies_real'] = (int) $post_data['topic_replies_real'];
995 $data['topic_replies'] = (int) $post_data['topic_replies'];
996 }
997
998 $redirect_url = submit_post($mode, $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message);
999 if (phpbb::$config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply')))
1000 {
1001 $captcha->reset();
1002 }
1003 // Check the permissions for post approval, as well as the queue trigger where users are put on approval with a post count lower than specified. Moderators are not affected.
1004 if (((phpbb::$config['enable_queue_trigger'] && $user->data['user_posts'] < phpbb::$config['queue_trigger_posts']) || !$auth->acl_get('f_noapprove', $data['forum_id'])) && !$auth->acl_get('m_approve', $data['forum_id']))
1005 {
1006 meta_refresh(10, $redirect_url);
1007 $message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD'];
1008 $message .= (($user->data['user_id'] == ANONYMOUS) ? '' : ' '. $user->lang['POST_APPROVAL_NOTIFY']);
1009 }
1010 else
1011 {
1012 meta_refresh(3, $redirect_url);
1013
1014 $message = ($mode == 'edit') ? 'POST_EDITED' : 'POST_STORED';
1015 $message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $redirect_url . '">', '</a>');
1016 }
1017
1018 $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid('viewforum', 'f=' . $data['forum_id']) . '">', '</a>');
1019 trigger_error($message);
1020 }
1021 }
1022 }
1023
1024 // Preview
1025 if (!sizeof($error) && $preview)
1026 {
1027 $post_data['post_time'] = ($mode == 'edit') ? $post_data['post_time'] : $current_time;
1028
1029 $preview_message = $message_parser->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies'], false);
1030
1031 $preview_signature = ($mode == 'edit') ? $post_data['user_sig'] : $user->data['user_sig'];
1032 $preview_signature_uid = ($mode == 'edit') ? $post_data['user_sig_bbcode_uid'] : $user->data['user_sig_bbcode_uid'];
1033 $preview_signature_bitfield = ($mode == 'edit') ? $post_data['user_sig_bbcode_bitfield'] : $user->data['user_sig_bbcode_bitfield'];
1034
1035 // Signature
1036 if ($post_data['enable_sig'] && phpbb::$config['allow_sig'] && $preview_signature && $auth->acl_get('f_sigs', $forum_id))
1037 {
1038 $parse_sig = new parse_message($preview_signature);
1039 $parse_sig->bbcode_uid = $preview_signature_uid;
1040 $parse_sig->bbcode_bitfield = $preview_signature_bitfield;
1041
1042 // Not sure about parameters for bbcode/smilies/urls... in signatures
1043 $parse_sig->format_display(phpbb::$config['allow_sig_bbcode'], true, phpbb::$config['allow_sig_smilies']);
1044 $preview_signature = $parse_sig->message;
1045 unset($parse_sig);
1046 }
1047 else
1048 {
1049 $preview_signature = '';
1050 }
1051
1052 $preview_subject = censor_text($post_data['post_subject']);
1053
1054 // Poll Preview
1055 if (!$poll_delete && ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1056 && $auth->acl_get('f_poll', $forum_id))
1057 {
1058 $parse_poll = new parse_message($post_data['poll_title']);
1059 $parse_poll->bbcode_uid = $message_parser->bbcode_uid;
1060 $parse_poll->bbcode_bitfield = $message_parser->bbcode_bitfield;
1061
1062 $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
1063
1064 if ($post_data['poll_length'])
1065 {
1066 $poll_end = ($post_data['poll_length'] * 86400) + (($post_data['poll_start']) ? $post_data['poll_start'] : time());
1067 }
1068
1069 $template->assign_vars(array(
1070 'S_HAS_POLL_OPTIONS' => (sizeof($post_data['poll_options'])),
1071 'S_IS_MULTI_CHOICE' => ($post_data['poll_max_options'] > 1) ? true : false,
1072
1073 'POLL_QUESTION' => $parse_poll->message,
1074
1075 'L_POLL_LENGTH' => ($post_data['poll_length']) ? sprintf($user->lang['POLL_RUN_TILL'], $user->format_date($poll_end)) : '',
1076 'L_MAX_VOTES' => ($post_data['poll_max_options'] == 1) ? $user->lang['MAX_OPTION_SELECT'] : sprintf($user->lang['MAX_OPTIONS_SELECT'], $post_data['poll_max_options']))
1077 );
1078
1079 $parse_poll->message = implode("\n", $post_data['poll_options']);
1080 $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
1081 $preview_poll_options = explode('<br />', $parse_poll->message);
1082 unset($parse_poll);
1083
1084 foreach ($preview_poll_options as $key => $option)
1085 {
1086 $template->assign_block_vars('poll_option', array(
1087 'POLL_OPTION_CAPTION' => $option,
1088 'POLL_OPTION_ID' => $key + 1)
1089 );
1090 }
1091 unset($preview_poll_options);
1092 }
1093
1094 // Attachment Preview
1095 if (sizeof($message_parser->attachment_data))
1096 {
1097 $template->assign_var('S_HAS_ATTACHMENTS', true);
1098
1099 $update_count = array();
1100 $attachment_data = $message_parser->attachment_data;
1101
1102 parse_attachments($forum_id, $preview_message, $attachment_data, $update_count, true);
1103
1104 foreach ($attachment_data as $i => $attachment)
1105 {
1106 $template->assign_block_vars('attachment', array(
1107 'DISPLAY_ATTACHMENT' => $attachment)
1108 );
1109 }
1110 unset($attachment_data);
1111 }
1112
1113 if (!sizeof($error))
1114 {
1115 $template->assign_vars(array(
1116 'PREVIEW_SUBJECT' => $preview_subject,
1117 'PREVIEW_MESSAGE' => $preview_message,
1118 'PREVIEW_SIGNATURE' => $preview_signature,
1119
1120 'S_DISPLAY_PREVIEW' => true)
1121 );
1122 }
1123 }
1124
1125 // Decode text for message display
1126 $post_data['bbcode_uid'] = ($mode == 'quote' && !$preview && !$refresh && !sizeof($error)) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid;
1127 $message_parser->decode_message($post_data['bbcode_uid']);
1128
1129 if ($mode == 'quote' && !$submit && !$preview && !$refresh)
1130 {
1131 $message_parser->message = '[quote=&quot;' . $post_data['quote_username'] . '&quot;]' . censor_text(trim($message_parser->message)) . "[/quote]\n";
1132 }
1133
1134 if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh)
1135 {
1136 $post_data['post_subject'] = ((strpos($post_data['post_subject'], 'Re: ') !== 0) ? 'Re: ' : '') . censor_text($post_data['post_subject']);
1137 }
1138
1139 $attachment_data = $message_parser->attachment_data;
1140 $filename_data = $message_parser->filename_data;
1141 $post_data['post_text'] = $message_parser->message;
1142
1143 if (sizeof($post_data['poll_options']) && $post_data['poll_title'])
1144 {
1145 $message_parser->message = $post_data['poll_title'];
1146 $message_parser->bbcode_uid = $post_data['bbcode_uid'];
1147
1148 $message_parser->decode_message();
1149 $post_data['poll_title'] = $message_parser->message;
1150
1151 $message_parser->message = implode("\n", $post_data['poll_options']);
1152 $message_parser->decode_message();
1153 $post_data['poll_options'] = explode("\n", $message_parser->message);
1154 }
1155
1156 // MAIN POSTING PAGE BEGINS HERE
1157
1158 // Forum moderators?
1159 $moderators = array();
1160 get_moderators($moderators, $forum_id);
1161
1162 // Generate smiley listing
1163 generate_smilies('inline', $forum_id);
1164
1165 // Generate inline attachment select box
1166 posting_gen_inline_attachments($attachment_data);
1167
1168 // Do show topic type selection only in first post.
1169 $topic_type_toggle = false;
1170
1171 if ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']))
1172 {
1173 $topic_type_toggle = posting_gen_topic_types($forum_id, $post_data['topic_type']);
1174 }
1175
1176 $s_topic_icons = false;
1177 if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id))
1178 {
1179 $s_topic_icons = posting_gen_topic_icons($mode, $post_data['icon_id']);
1180 }
1181
1182 $bbcode_checked = (isset($post_data['enable_bbcode'])) ? !$post_data['enable_bbcode'] : ((phpbb::$config['allow_bbcode']) ? !$user->optionget('bbcode') : 1);
1183 $smilies_checked = (isset($post_data['enable_smilies'])) ? !$post_data['enable_smilies'] : ((phpbb::$config['allow_smilies']) ? !$user->optionget('smilies') : 1);
1184 $urls_checked = (isset($post_data['enable_urls'])) ? !$post_data['enable_urls'] : 0;
1185 $sig_checked = $post_data['enable_sig'];
1186 $lock_topic_checked = (isset($topic_lock) && $topic_lock) ? $topic_lock : (($post_data['topic_status'] == ITEM_LOCKED) ? 1 : 0);
1187 $lock_post_checked = (isset($post_lock)) ? $post_lock : $post_data['post_edit_locked'];
1188
1189 // If the user is replying or posting and not already watching this topic but set to always being notified we need to overwrite this setting
1190 $notify_set = ($mode != 'edit' && phpbb::$config['allow_topic_notify'] && $user->data['is_registered'] && !$post_data['notify_set']) ? $user->data['user_notify'] : $post_data['notify_set'];
1191 $notify_checked = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);
1192
1193 // Page title & action URL, include session_id for security purpose
1194 $s_action = append_sid('posting', "mode=$mode&amp;f=$forum_id", true, $user->session_id);
1195 $s_action .= ($topic_id) ? "&amp;t=$topic_id" : '';
1196 $s_action .= ($post_id) ? "&amp;p=$post_id" : '';
1197
1198 switch ($mode)
1199 {
1200 case 'post':
1201 $page_title = $user->lang['POST_TOPIC'];
1202 break;
1203
1204 case 'quote':
1205 case 'reply':
1206 $page_title = $user->lang['POST_REPLY'];
1207 break;
1208
1209 case 'delete':
1210 case 'edit':
1211 $page_title = $user->lang['EDIT_POST'];
1212 break;
1213 }
1214
1215 // Build Navigation Links
1216 generate_forum_nav($post_data);
1217
1218 // Build Forum Rules
1219 generate_forum_rules($post_data);
1220
1221 if (phpbb::$config['enable_post_confirm'] && !$user->data['is_registered'] && $solved_captcha === false && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
1222 {
1223 $captcha->reset();
1224
1225 $template->assign_vars(array(
1226 'S_CONFIRM_CODE' => true,
1227 'CONFIRM' => $captcha->get_template(),
1228 ));
1229 }
1230
1231 $s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $post_data['topic_last_post_id'] . '" />' : '';
1232 $s_hidden_fields .= '<input type="hidden" name="lastclick" value="' . $current_time . '" />';
1233 $s_hidden_fields .= ($draft_id || phpbb_request::is_set('draft_loaded')) ? '<input type="hidden" name="draft_loaded" value="' . request_var('draft_loaded', $draft_id) . '" />' : '';
1234
1235 // Add the confirm id/code pair to the hidden fields, else an error is displayed on next submit/preview
1236 if ($solved_captcha !== false)
1237 {
1238 $s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields());
1239 }
1240
1241 $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !phpbb::$config['allow_attachments'] || !$auth->acl_get('u_attach') || !$auth->acl_get('f_attach', $forum_id)) ? '' : ' enctype="multipart/form-data"';
1242 add_form_key('posting');
1243
1244
1245 // Start assigning vars for main posting page ...
1246 $template->assign_vars(array(
1247 'L_POST_A' => $page_title,
1248 'L_ICON' => ($mode == 'reply' || $mode == 'quote' || ($mode == 'edit' && $post_id != $post_data['topic_first_post_id'])) ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'],
1249 'L_MESSAGE_BODY_EXPLAIN' => (intval(phpbb::$config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval(phpbb::$config['max_post_chars'])) : '',
1250
1251 'FORUM_NAME' => $post_data['forum_name'],
1252 'FORUM_DESC' => ($post_data['forum_desc']) ? generate_text_for_display($post_data['forum_desc'], $post_data['forum_desc_uid'], $post_data['forum_desc_bitfield'], $post_data['forum_desc_options']) : '',
1253 'TOPIC_TITLE' => censor_text($post_data['topic_title']),
1254 'MODERATORS' => (sizeof($moderators)) ? implode(', ', $moderators[$forum_id]) : '',
1255 'USERNAME' => ((!$preview && $mode != 'quote') || $preview) ? $post_data['username'] : '',
1256 'SUBJECT' => $post_data['post_subject'],
1257 'MESSAGE' => $post_data['post_text'],
1258 'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid('faq', 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid('faq', 'mode=bbcode') . '">', '</a>'),
1259 'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
1260 'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
1261 'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
1262 'URL_STATUS' => ($bbcode_status && $url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
1263 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['POST']),
1264 'POST_DATE' => ($post_data['post_time']) ? $user->format_date($post_data['post_time']) : '',
1265 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
1266 'TOPIC_TIME_LIMIT' => (int) $post_data['topic_time_limit'],
1267 'EDIT_REASON' => $post_data['post_edit_reason'],
1268 'U_VIEW_FORUM' => append_sid('viewforum', "f=$forum_id"),
1269 'U_VIEW_TOPIC' => ($mode != 'post') ? append_sid('viewtopic', "f=$forum_id&amp;t=$topic_id") : '',
1270 'U_PROGRESS_BAR' => append_sid('posting', "f=$forum_id&amp;mode=popup"),
1271 'UA_PROGRESS_BAR' => addslashes(append_sid('posting', "f=$forum_id&amp;mode=popup")),
1272
1273 'S_PRIVMSGS' => false,
1274 'S_CLOSE_PROGRESS_WINDOW' => phpbb_request::is_set_post('add_file'),
1275 'S_EDIT_POST' => ($mode == 'edit') ? true : false,
1276 'S_EDIT_REASON' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
1277 'S_DISPLAY_USERNAME' => (!$user->data['is_registered'] || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS)) ? true : false,
1278 'S_SHOW_TOPIC_ICONS' => $s_topic_icons,
1279 'S_DELETE_ALLOWED' => ($mode == 'edit' && (($post_id == $post_data['topic_last_post_id'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - (phpbb::$config['edit_time'] * 60) || !phpbb::$config['edit_time'])) || $auth->acl_get('m_delete', $forum_id))) ? true : false,
1280 'S_BBCODE_ALLOWED' => $bbcode_status,
1281 'S_BBCODE_CHECKED' => ($bbcode_checked) ? ' checked="checked"' : '',
1282 'S_SMILIES_ALLOWED' => $smilies_status,
1283 'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '',
1284 'S_SIG_ALLOWED' => ($auth->acl_get('f_sigs', $forum_id) && phpbb::$config['allow_sig'] && $user->data['is_registered']) ? true : false,
1285 'S_SIGNATURE_CHECKED' => ($sig_checked) ? ' checked="checked"' : '',
1286 'S_NOTIFY_ALLOWED' => (!$user->data['is_registered'] || ($mode == 'edit' && $user->data['user_id'] != $post_data['poster_id']) || !phpbb::$config['allow_topic_notify'] || !phpbb::$config['email_enable']) ? false : true,
1287 'S_NOTIFY_CHECKED' => ($notify_checked) ? ' checked="checked"' : '',
1288 'S_LOCK_TOPIC_ALLOWED' => (($mode == 'edit' || $mode == 'reply' || $mode == 'quote') && ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED))) ? true : false,
1289 'S_LOCK_TOPIC_CHECKED' => ($lock_topic_checked) ? ' checked="checked"' : '',
1290 'S_LOCK_POST_ALLOWED' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
1291 'S_LOCK_POST_CHECKED' => ($lock_post_checked) ? ' checked="checked"' : '',
1292 'S_LINKS_ALLOWED' => $url_status,
1293 'S_MAGIC_URL_CHECKED' => ($urls_checked) ? ' checked="checked"' : '',
1294 'S_TYPE_TOGGLE' => $topic_type_toggle,
1295 'S_SAVE_ALLOWED' => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $mode != 'edit') ? true : false,
1296 'S_HAS_DRAFTS' => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $post_data['drafts']) ? true : false,
1297 'S_FORM_ENCTYPE' => $form_enctype,
1298
1299 'S_BBCODE_IMG' => $img_status,
1300 'S_BBCODE_URL' => $url_status,
1301 'S_BBCODE_FLASH' => $flash_status,
1302 'S_BBCODE_QUOTE' => $quote_status,
1303
1304 'S_POST_ACTION' => $s_action,
1305 'S_HIDDEN_FIELDS' => $s_hidden_fields)
1306 );
1307
1308 // Build custom bbcodes array
1309 display_custom_bbcodes();
1310
1311 // Poll entry
1312 if (($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1313 && $auth->acl_get('f_poll', $forum_id))
1314 {
1315 $template->assign_vars(array(
1316 'S_SHOW_POLL_BOX' => true,
1317 'S_POLL_VOTE_CHANGE' => ($auth->acl_get('f_votechg', $forum_id)),
1318 'S_POLL_DELETE' => ($mode == 'edit' && sizeof($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))),
1319 'S_POLL_DELETE_CHECKED' => (!empty($poll_delete)) ? true : false,
1320
1321 'L_POLL_OPTIONS_EXPLAIN' => sprintf($user->lang['POLL_OPTIONS_' . (($mode == 'edit') ? 'EDIT_' : '') . 'EXPLAIN'], phpbb::$config['max_poll_options']),
1322
1323 'VOTE_CHANGE_CHECKED' => (!empty($post_data['poll_vote_change'])) ? ' checked="checked"' : '',
1324 // 'POLL_TITLE' => (isset($post_data['poll_title'])) ? $post_data['poll_title'] : '',
1325 'POLL_OPTIONS' => (!empty($post_data['poll_options'])) ? implode("\n", $post_data['poll_options']) : '',
1326 'POLL_MAX_OPTIONS' => (isset($post_data['poll_max_options'])) ? (int) $post_data['poll_max_options'] : 1,
1327 'POLL_LENGTH' => $post_data['poll_length'])
1328 );
1329 }
1330
1331 // Show attachment box for adding attachments if true
1332 $allowed = ($auth->acl_get('f_attach', $forum_id) && $auth->acl_get('u_attach') && phpbb::$config['allow_attachments'] && $form_enctype);
1333
1334 // Attachment entry
1335 posting_gen_attachment_entry($attachment_data, $filename_data, $allowed);
1336
1337 // Output page ...
1338 page_header($page_title);
1339
1340 $template->set_filenames(array(
1341 'body' => 'posting_body.html')
1342 );
1343
1344 make_jumpbox(append_sid('viewforum'));
1345
1346 // Topic review
1347 if ($mode == 'reply' || $mode == 'quote')
1348 {
1349 if (topic_review($topic_id, $forum_id))
1350 {
1351 $template->assign_var('S_DISPLAY_REVIEW', true);
1352 }
1353 }
1354
1355 page_footer();
1356
1357 /**
1358 * Show upload popup (progress bar)
1359 */
1360 function upload_popup($forum_style = 0)
1361 {
1362 global $template, $user;
1363
1364 ($forum_style) ? $user->setup('posting', $forum_style) : $user->setup('posting');
1365
1366 page_header($user->lang['PROGRESS_BAR']);
1367
1368 $template->set_filenames(array(
1369 'popup' => 'posting_progress_bar.html')
1370 );
1371
1372 $template->assign_vars(array(
1373 'PROGRESS_BAR' => $user->img('upload_bar', $user->lang['UPLOAD_IN_PROGRESS']))
1374 );
1375
1376 $template->display('popup');
1377
1378 garbage_collection();
1379 exit_handler();
1380 }
1381
1382 /**
1383 * Do the various checks required for removing posts as well as removing it
1384 */
1385 function handle_post_delete($forum_id, $topic_id, $post_id, &$post_data)
1386 {
1387 global $user, $db, $auth;
1388
1389 // If moderator removing post or user itself removing post, present a confirmation screen
1390 if ($auth->acl_get('m_delete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get('f_delete', $forum_id) && $post_id == $post_data['topic_last_post_id'] && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - (phpbb::$config['edit_time'] * 60) || !phpbb::$config['edit_time'])))
1391 {
1392 $s_hidden_fields = build_hidden_fields(array(
1393 'p' => $post_id,
1394 'f' => $forum_id,
1395 'mode' => 'delete')
1396 );
1397
1398 if (confirm_box(true))
1399 {
1400 $data = array(
1401 'topic_first_post_id' => $post_data['topic_first_post_id'],
1402 'topic_last_post_id' => $post_data['topic_last_post_id'],
1403 'topic_replies_real' => $post_data['topic_replies_real'],
1404 'topic_approved' => $post_data['topic_approved'],
1405 'topic_type' => $post_data['topic_type'],
1406 'post_approved' => $post_data['post_approved'],
1407 'post_reported' => $post_data['post_reported'],
1408 'post_time' => $post_data['post_time'],
1409 'poster_id' => $post_data['poster_id'],
1410 'post_postcount' => $post_data['post_postcount']
1411 );
1412
1413 $next_post_id = delete_post($forum_id, $topic_id, $post_id, $data);
1414
1415 if ($next_post_id === false)
1416 {
1417 add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_TOPIC', $post_data['topic_title']);
1418
1419 $meta_info = append_sid('viewforum', "f=$forum_id");
1420 $message = $user->lang['POST_DELETED'];
1421 }
1422 else
1423 {
1424 add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_POST', $post_data['post_subject']);
1425
1426 $meta_info = append_sid('viewtopic', "f=$forum_id&amp;t=$topic_id&amp;p=$next_post_id") . "#p$next_post_id";
1427 $message = $user->lang['POST_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>');
1428 }
1429
1430 meta_refresh(3, $meta_info);
1431 $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid('viewforum', 'f=' . $forum_id) . '">', '</a>');
1432 trigger_error($message);
1433 }
1434 else
1435 {
1436 confirm_box(false, 'DELETE_POST', $s_hidden_fields);
1437 }
1438 }
1439
1440 // If we are here the user is not able to delete - present the correct error message
1441 if ($post_data['poster_id'] != $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id))
1442 {
1443 trigger_error('DELETE_OWN_POSTS');
1444 }
1445
1446 if ($post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && $post_id != $post_data['topic_last_post_id'])
1447 {
1448 trigger_error('CANNOT_DELETE_REPLIED');
1449 }
1450
1451 trigger_error('USER_CANNOT_DELETE');
1452 }
1453
1454 ?>
phpbb is a php-based BBS (buletin board system)