search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
(a little test for later merges)
[phpbb.git] / phpBB / posting.php
blob1c7cd95b81738a98ca2b1d032fc2265581aaee64
1 <?php
2 /**
3 *
4 * @package phpBB3
5 * @version $Id$
6 * @copyright (c) 2005 phpBB Group
7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
8 *
9 */
10
11 /**
12 * @ignore
13 */
14 define('IN_PHPBB', true);
15 $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
16 $phpEx = substr(strrchr(__FILE__, '.'), 1);
17 include($phpbb_root_path . 'common.' . $phpEx);
18 include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
19 include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
20 include($phpbb_root_path . 'includes/message_parser.' . $phpEx);
21
22
23 // Start session management
24 $user->session_begin();
25 $auth->acl($user->data);
26
27
28 // Grab only parameters needed here
29 $post_id = request_var('p', 0);
30 $topic_id = request_var('t', 0);
31 $forum_id = request_var('f', 0);
32 $draft_id = request_var('d', 0);
33 $lastclick = request_var('lastclick', 0);
34
35 $submit = (isset($_POST['post'])) ? true : false;
36 $preview = (isset($_POST['preview'])) ? true : false;
37 $save = (isset($_POST['save'])) ? true : false;
38 $load = (isset($_POST['load'])) ? true : false;
39 $delete = (isset($_POST['delete'])) ? true : false;
40 $cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false;
41
42 $refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['full_editor']) || isset($_POST['cancel_unglobalise']) || $save || $load) ? true : false;
43 $mode = ($delete && !$preview && !$refresh && $submit) ? 'delete' : request_var('mode', '');
44
45 $error = $post_data = array();
46 $current_time = time();
47
48 if ($config['enable_post_confirm'] && !$user->data['is_registered'])
49 {
50 include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx);
51 $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']);
52 $captcha->init(CONFIRM_POST);
53 }
54
55 // Was cancel pressed? If so then redirect to the appropriate page
56 if ($cancel || ($current_time - $lastclick < 2 && $submit))
57 {
58 $f = ($forum_id) ? 'f=' . $forum_id . '&amp;' : '';
59 $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx")));
60 redirect($redirect);
61 }
62
63 if (in_array($mode, array('post', 'reply', 'quote', 'edit', 'delete')) && !$forum_id)
64 {
65 trigger_error('NO_FORUM');
66 }
67
68 // We need to know some basic information in all cases before we do anything.
69 switch ($mode)
70 {
71 case 'post':
72 $sql = 'SELECT *
73 FROM ' . FORUMS_TABLE . "
74 WHERE forum_id = $forum_id";
75 break;
76
77 case 'bump':
78 case 'reply':
79 if (!$topic_id)
80 {
81 trigger_error('NO_TOPIC');
82 }
83
84 // Force forum id
85 $sql = 'SELECT forum_id
86 FROM ' . TOPICS_TABLE . '
87 WHERE topic_id = ' . $topic_id;
88 $result = $db->sql_query($sql);
89 $f_id = (int) $db->sql_fetchfield('forum_id');
90 $db->sql_freeresult($result);
91
92 $forum_id = (!$f_id) ? $forum_id : $f_id;
93
94 $sql = 'SELECT f.*, t.*
95 FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
96 WHERE t.topic_id = $topic_id
97 AND (f.forum_id = t.forum_id
98 OR f.forum_id = $forum_id)
99 AND t.topic_approved = 1";
100 break;
101
102 case 'quote':
103 case 'edit':
104 case 'delete':
105 if (!$post_id)
106 {
107 $user->setup('posting');
108 trigger_error('NO_POST');
109 }
110
111 // Force forum id
112 $sql = 'SELECT forum_id
113 FROM ' . POSTS_TABLE . '
114 WHERE post_id = ' . $post_id;
115 $result = $db->sql_query($sql);
116 $f_id = (int) $db->sql_fetchfield('forum_id');
117 $db->sql_freeresult($result);
118
119 $forum_id = (!$f_id) ? $forum_id : $f_id;
120
121 $sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield
122 FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u
123 WHERE p.post_id = $post_id
124 AND t.topic_id = p.topic_id
125 AND u.user_id = p.poster_id
126 AND (f.forum_id = t.forum_id
127 OR f.forum_id = $forum_id)" .
128 (($auth->acl_get('m_approve', $forum_id) && $mode != 'quote') ? '' : 'AND p.post_approved = 1');
129 break;
130
131 case 'smilies':
132 $sql = '';
133 generate_smilies('window', $forum_id);
134 break;
135
136 case 'popup':
137 if ($forum_id)
138 {
139 $sql = 'SELECT forum_style
140 FROM ' . FORUMS_TABLE . '
141 WHERE forum_id = ' . $forum_id;
142 }
143 else
144 {
145 upload_popup();
146 return;
147 }
148 break;
149
150 default:
151 $sql = '';
152 break;
153 }
154
155 if (!$sql)
156 {
157 $user->setup('posting');
158 trigger_error('NO_POST_MODE');
159 }
160
161 $result = $db->sql_query($sql);
162 $post_data = $db->sql_fetchrow($result);
163 $db->sql_freeresult($result);
164
165 if (!$post_data)
166 {
167 if (!($mode == 'post' || $mode == 'bump' || $mode == 'reply'))
168 {
169 $user->setup('posting');
170 }
171 trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST');
172 }
173
174 if ($mode == 'popup')
175 {
176 upload_popup($post_data['forum_style']);
177 return;
178 }
179
180 $user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
181
182 // Use post_row values in favor of submitted ones...
183 $forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id;
184 $topic_id = (!empty($post_data['topic_id'])) ? (int) $post_data['topic_id'] : (int) $topic_id;
185 $post_id = (!empty($post_data['post_id'])) ? (int) $post_data['post_id'] : (int) $post_id;
186
187 // Need to login to passworded forum first?
188 if ($post_data['forum_password'])
189 {
190 login_forum_box(array(
191 'forum_id' => $forum_id,
192 'forum_password' => $post_data['forum_password'])
193 );
194 }
195
196 // Check permissions
197 if ($user->data['is_bot'])
198 {
199 redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
200 }
201
202 // Is the user able to read within this forum?
203 if (!$auth->acl_get('f_read', $forum_id))
204 {
205 if ($user->data['user_id'] != ANONYMOUS)
206 {
207 trigger_error('USER_CANNOT_READ');
208 }
209
210 login_box('', $user->lang['LOGIN_EXPLAIN_POST']);
211 }
212
213 // Permission to do the action asked?
214 $is_authed = false;
215
216 switch ($mode)
217 {
218 case 'post':
219 if ($auth->acl_get('f_post', $forum_id))
220 {
221 $is_authed = true;
222 }
223 break;
224
225 case 'bump':
226 if ($auth->acl_get('f_bump', $forum_id))
227 {
228 $is_authed = true;
229 }
230 break;
231
232 case 'quote':
233
234 $post_data['post_edit_locked'] = 0;
235
236 // no break;
237
238 case 'reply':
239 if ($auth->acl_get('f_reply', $forum_id))
240 {
241 $is_authed = true;
242 }
243 break;
244
245 case 'edit':
246 if ($user->data['is_registered'] && $auth->acl_gets('f_edit', 'm_edit', $forum_id))
247 {
248 $is_authed = true;
249 }
250 break;
251
252 case 'delete':
253 if ($user->data['is_registered'] && $auth->acl_gets('f_delete', 'm_delete', $forum_id))
254 {
255 $is_authed = true;
256 }
257 break;
258 }
259
260 if (!$is_authed)
261 {
262 $check_auth = ($mode == 'quote') ? 'reply' : $mode;
263
264 if ($user->data['is_registered'])
265 {
266 trigger_error('USER_CANNOT_' . strtoupper($check_auth));
267 }
268
269 login_box('', $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]);
270 }
271
272 // Is the user able to post within this forum?
273 if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply')))
274 {
275 trigger_error('USER_CANNOT_FORUM_POST');
276 }
277
278 // Forum/Topic locked?
279 if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED)) && !$auth->acl_get('m_edit', $forum_id))
280 {
281 trigger_error(($post_data['forum_status'] == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED');
282 }
283
284 // Can we edit this post ... if we're a moderator with rights then always yes
285 // else it depends on editing times, lock status and if we're the correct user
286 if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id))
287 {
288 if ($user->data['user_id'] != $post_data['poster_id'])
289 {
290 trigger_error('USER_CANNOT_EDIT');
291 }
292
293 if (!($post_data['post_time'] > time() - ($config['edit_time'] * 60) || !$config['edit_time']))
294 {
295 trigger_error('CANNOT_EDIT_TIME');
296 }
297
298 if ($post_data['post_edit_locked'])
299 {
300 trigger_error('CANNOT_EDIT_POST_LOCKED');
301 }
302 }
303
304 // Handle delete mode...
305 if ($mode == 'delete')
306 {
307 handle_post_delete($forum_id, $topic_id, $post_id, $post_data);
308 return;
309 }
310
311 // Handle bump mode...
312 if ($mode == 'bump')
313 {
314 if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id'])
315 && check_link_hash(request_var('hash', ''), "topic_{$post_data['topic_id']}"))
316 {
317 $db->sql_transaction('begin');
318
319 $sql = 'UPDATE ' . POSTS_TABLE . "
320 SET post_time = $current_time
321 WHERE post_id = {$post_data['topic_last_post_id']}
322 AND topic_id = $topic_id";
323 $db->sql_query($sql);
324
325 $sql = 'UPDATE ' . TOPICS_TABLE . "
326 SET topic_last_post_time = $current_time,
327 topic_bumped = 1,
328 topic_bumper = " . $user->data['user_id'] . "
329 WHERE topic_id = $topic_id";
330 $db->sql_query($sql);
331
332 update_post_information('forum', $forum_id);
333
334 $sql = 'UPDATE ' . USERS_TABLE . "
335 SET user_lastpost_time = $current_time
336 WHERE user_id = " . $user->data['user_id'];
337 $db->sql_query($sql);
338
339 $db->sql_transaction('commit');
340
341 markread('post', $forum_id, $topic_id, $current_time);
342
343 add_log('mod', $forum_id, $topic_id, 'LOG_BUMP_TOPIC', $post_data['topic_title']);
344
345 $meta_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=$topic_id&amp;p={$post_data['topic_last_post_id']}") . "#p{$post_data['topic_last_post_id']}";
346 meta_refresh(3, $meta_url);
347
348 $message = $user->lang['TOPIC_BUMPED'] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $meta_url . '">', '</a>');
349 $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
350
351 trigger_error($message);
352 }
353
354 trigger_error('BUMP_ERROR');
355 }
356
357 // Subject length limiting to 60 characters if first post...
358 if ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_data['post_id']))
359 {
360 $template->assign_var('S_NEW_MESSAGE', true);
361 }
362
363 // Determine some vars
364 if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS)
365 {
366 $post_data['quote_username'] = (!empty($post_data['post_username'])) ? $post_data['post_username'] : $user->lang['GUEST'];
367 }
368 else
369 {
370 $post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : '';
371 }
372
373 $post_data['post_edit_locked'] = (isset($post_data['post_edit_locked'])) ? (int) $post_data['post_edit_locked'] : 0;
374 $post_data['post_subject_md5'] = (isset($post_data['post_subject']) && $mode == 'edit') ? md5($post_data['post_subject']) : '';
375 $post_data['post_subject'] = (in_array($mode, array('quote', 'edit'))) ? $post_data['post_subject'] : ((isset($post_data['topic_title'])) ? $post_data['topic_title'] : '');
376 $post_data['topic_time_limit'] = (isset($post_data['topic_time_limit'])) ? (($post_data['topic_time_limit']) ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit']) : 0;
377 $post_data['poll_length'] = (!empty($post_data['poll_length'])) ? (int) $post_data['poll_length'] / 86400 : 0;
378 $post_data['poll_start'] = (!empty($post_data['poll_start'])) ? (int) $post_data['poll_start'] : 0;
379 $post_data['icon_id'] = (!isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply'))) ? 0 : (int) $post_data['icon_id'];
380 $post_data['poll_options'] = array();
381
382 // Get Poll Data
383 if ($post_data['poll_start'])
384 {
385 $sql = 'SELECT poll_option_text
386 FROM ' . POLL_OPTIONS_TABLE . "
387 WHERE topic_id = $topic_id
388 ORDER BY poll_option_id";
389 $result = $db->sql_query($sql);
390
391 while ($row = $db->sql_fetchrow($result))
392 {
393 $post_data['poll_options'][] = trim($row['poll_option_text']);
394 }
395 $db->sql_freeresult($result);
396 }
397
398 $orig_poll_options_size = sizeof($post_data['poll_options']);
399
400 $message_parser = new parse_message();
401
402 if (isset($post_data['post_text']))
403 {
404 $message_parser->message = &$post_data['post_text'];
405 unset($post_data['post_text']);
406 }
407
408 // Set some default variables
409 $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0);
410
411 foreach ($uninit as $var_name => $default_value)
412 {
413 if (!isset($post_data[$var_name]))
414 {
415 $post_data[$var_name] = $default_value;
416 }
417 }
418 unset($uninit);
419
420 // Always check if the submitted attachment data is valid and belongs to the user.
421 // Further down (especially in submit_post()) we do not check this again.
422 $message_parser->get_submitted_attachment_data($post_data['poster_id']);
423
424 if ($post_data['post_attachment'] && !$submit && !$refresh && !$preview && $mode == 'edit')
425 {
426 // Do not change to SELECT *
427 $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename
428 FROM ' . ATTACHMENTS_TABLE . "
429 WHERE post_msg_id = $post_id
430 AND in_message = 0
431 AND is_orphan = 0
432 ORDER BY filetime DESC";
433 $result = $db->sql_query($sql);
434 $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));
435 $db->sql_freeresult($result);
436 }
437
438 if ($post_data['poster_id'] == ANONYMOUS)
439 {
440 $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['post_username']) : '';
441 }
442 else
443 {
444 $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['username']) : '';
445 }
446
447 $post_data['enable_urls'] = $post_data['enable_magic_url'];
448
449 if ($mode != 'edit')
450 {
451 $post_data['enable_sig'] = ($config['allow_sig'] && $user->optionget('attachsig')) ? true: false;
452 $post_data['enable_smilies'] = ($config['allow_smilies'] && $user->optionget('smilies')) ? true : false;
453 $post_data['enable_bbcode'] = ($config['allow_bbcode'] && $user->optionget('bbcode')) ? true : false;
454 $post_data['enable_urls'] = true;
455 }
456
457 $post_data['enable_magic_url'] = $post_data['drafts'] = false;
458
459 // User own some drafts?
460 if ($user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
461 {
462 $sql = 'SELECT draft_id
463 FROM ' . DRAFTS_TABLE . '
464 WHERE user_id = ' . $user->data['user_id'] .
465 (($forum_id) ? ' AND forum_id = ' . (int) $forum_id : '') .
466 (($topic_id) ? ' AND topic_id = ' . (int) $topic_id : '') .
467 (($draft_id) ? " AND draft_id <> $draft_id" : '');
468 $result = $db->sql_query_limit($sql, 1);
469
470 if ($db->sql_fetchrow($result))
471 {
472 $post_data['drafts'] = true;
473 }
474 $db->sql_freeresult($result);
475 }
476
477 $check_value = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
478
479 // Check if user is watching this topic
480 if ($mode != 'post' && $config['allow_topic_notify'] && $user->data['is_registered'])
481 {
482 $sql = 'SELECT topic_id
483 FROM ' . TOPICS_WATCH_TABLE . '
484 WHERE topic_id = ' . $topic_id . '
485 AND user_id = ' . $user->data['user_id'];
486 $result = $db->sql_query($sql);
487 $post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id');
488 $db->sql_freeresult($result);
489 }
490
491 // Do we want to edit our post ?
492 if ($mode == 'edit' && $post_data['bbcode_uid'])
493 {
494 $message_parser->bbcode_uid = $post_data['bbcode_uid'];
495 }
496
497 // HTML, BBCode, Smilies, Images and Flash status
498 $bbcode_status = ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false;
499 $smilies_status = ($config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false;
500 $img_status = ($bbcode_status && $auth->acl_get('f_img', $forum_id)) ? true : false;
501 $url_status = ($config['allow_post_links']) ? true : false;
502 $flash_status = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false;
503 $quote_status = true;
504
505 // Save Draft
506 if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
507 {
508 $subject = utf8_normalize_nfc(request_var('subject', '', true));
509 $subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject;
510 $message = utf8_normalize_nfc(request_var('message', '', true));
511
512 if ($subject && $message)
513 {
514 if (confirm_box(true))
515 {
516 $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
517 'user_id' => (int) $user->data['user_id'],
518 'topic_id' => (int) $topic_id,
519 'forum_id' => (int) $forum_id,
520 'save_time' => (int) $current_time,
521 'draft_subject' => (string) $subject,
522 'draft_message' => (string) $message)
523 );
524 $db->sql_query($sql);
525
526 $meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=$topic_id");
527
528 meta_refresh(3, $meta_info);
529
530 $message = $user->lang['DRAFT_SAVED'] . '<br /><br />';
531 $message .= ($mode != 'post') ? sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>') . '<br /><br />' : '';
532 $message .= sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
533
534 trigger_error($message);
535 }
536 else
537 {
538 $s_hidden_fields = build_hidden_fields(array(
539 'mode' => $mode,
540 'save' => true,
541 'f' => $forum_id,
542 't' => $topic_id,
543 'subject' => $subject,
544 'message' => $message,
545 'attachment_data' => $message_parser->attachment_data,
546 )
547 );
548
549 $hidden_fields = array(
550 'icon_id' => 0,
551
552 'disable_bbcode' => false,
553 'disable_smilies' => false,
554 'disable_magic_url' => false,
555 'attach_sig' => true,
556 'lock_topic' => false,
557
558 'topic_type' => POST_NORMAL,
559 'topic_time_limit' => 0,
560
561 'poll_title' => '',
562 'poll_option_text' => '',
563 'poll_max_options' => 1,
564 'poll_length' => 0,
565 'poll_vote_change' => false,
566 );
567
568 foreach ($hidden_fields as $name => $default)
569 {
570 if (!isset($_POST[$name]))
571 {
572 // Don't include it, if its not available
573 unset($hidden_fields[$name]);
574 continue;
575 }
576
577 if (is_bool($default))
578 {
579 // Use the string representation
580 $hidden_fields[$name] = request_var($name, '');
581 }
582 else
583 {
584 $hidden_fields[$name] = request_var($name, $default);
585 }
586 }
587
588 $s_hidden_fields .= build_hidden_fields($hidden_fields);
589
590 confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields);
591 }
592 }
593 else
594 {
595 if (utf8_clean_string($subject) === '')
596 {
597 $error[] = $user->lang['EMPTY_SUBJECT'];
598 }
599
600 if (utf8_clean_string($message) === '')
601 {
602 $error[] = $user->lang['TOO_FEW_CHARS'];
603 }
604 }
605 unset($subject, $message);
606 }
607
608 // Load requested Draft
609 if ($draft_id && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $user->data['is_registered'] && $auth->acl_get('u_savedrafts'))
610 {
611 $sql = 'SELECT draft_subject, draft_message
612 FROM ' . DRAFTS_TABLE . "
613 WHERE draft_id = $draft_id
614 AND user_id = " . $user->data['user_id'];
615 $result = $db->sql_query_limit($sql, 1);
616 $row = $db->sql_fetchrow($result);
617 $db->sql_freeresult($result);
618
619 if ($row)
620 {
621 $post_data['post_subject'] = $row['draft_subject'];
622 $message_parser->message = $row['draft_message'];
623
624 $template->assign_var('S_DRAFT_LOADED', true);
625 }
626 else
627 {
628 $draft_id = 0;
629 }
630 }
631
632 // Load draft overview
633 if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_data['drafts'])
634 {
635 load_drafts($topic_id, $forum_id);
636 }
637
638
639 if ($submit || $preview || $refresh)
640 {
641 $post_data['topic_cur_post_id'] = request_var('topic_cur_post_id', 0);
642 $post_data['post_subject'] = utf8_normalize_nfc(request_var('subject', '', true));
643 $message_parser->message = utf8_normalize_nfc(request_var('message', '', true));
644
645 $post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true));
646 $post_data['post_edit_reason'] = (!empty($_POST['edit_reason']) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? utf8_normalize_nfc(request_var('edit_reason', '', true)) : '';
647
648 $post_data['orig_topic_type'] = $post_data['topic_type'];
649 $post_data['topic_type'] = request_var('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL));
650 $post_data['topic_time_limit'] = request_var('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0));
651
652 if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id))
653 {
654 $post_data['icon_id'] = request_var('icon', (int) $post_data['icon_id']);
655 }
656
657 $post_data['enable_bbcode'] = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true;
658 $post_data['enable_smilies'] = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true;
659 $post_data['enable_urls'] = (isset($_POST['disable_magic_url'])) ? 0 : 1;
660 $post_data['enable_sig'] = (!$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig')) ? false : ((isset($_POST['attach_sig']) && $user->data['is_registered']) ? true : false);
661
662 if ($config['allow_topic_notify'] && $user->data['is_registered'])
663 {
664 $notify = (isset($_POST['notify'])) ? true : false;
665 }
666 else
667 {
668 $notify = false;
669 }
670
671 $topic_lock = (isset($_POST['lock_topic'])) ? true : false;
672 $post_lock = (isset($_POST['lock_post'])) ? true : false;
673 $poll_delete = (isset($_POST['poll_delete'])) ? true : false;
674
675 if ($submit)
676 {
677 $status_switch = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
678 $status_switch = ($status_switch != $check_value);
679 }
680 else
681 {
682 $status_switch = 1;
683 }
684
685 // Delete Poll
686 if ($poll_delete && $mode == 'edit' && sizeof($post_data['poll_options']) &&
687 ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id)))
688 {
689 if ($submit && check_form_key('posting'))
690 {
691 $sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . "
692 WHERE topic_id = $topic_id";
693 $db->sql_query($sql);
694
695 $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . "
696 WHERE topic_id = $topic_id";
697 $db->sql_query($sql);
698
699 $topic_sql = array(
700 'poll_title' => '',
701 'poll_start' => 0,
702 'poll_length' => 0,
703 'poll_last_vote' => 0,
704 'poll_max_options' => 0,
705 'poll_vote_change' => 0
706 );
707
708 $sql = 'UPDATE ' . TOPICS_TABLE . '
709 SET ' . $db->sql_build_array('UPDATE', $topic_sql) . "
710 WHERE topic_id = $topic_id";
711 $db->sql_query($sql);
712 }
713
714 $post_data['poll_title'] = $post_data['poll_option_text'] = '';
715 $post_data['poll_vote_change'] = $post_data['poll_max_options'] = $post_data['poll_length'] = 0;
716 }
717 else
718 {
719 $post_data['poll_title'] = utf8_normalize_nfc(request_var('poll_title', '', true));
720 $post_data['poll_length'] = request_var('poll_length', 0);
721 $post_data['poll_option_text'] = utf8_normalize_nfc(request_var('poll_option_text', '', true));
722 $post_data['poll_max_options'] = request_var('poll_max_options', 1);
723 $post_data['poll_vote_change'] = ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0;
724 }
725
726 // If replying/quoting and last post id has changed
727 // give user option to continue submit or return to post
728 // notify and show user the post made between his request and the final submit
729 if (($mode == 'reply' || $mode == 'quote') && $post_data['topic_cur_post_id'] && $post_data['topic_cur_post_id'] != $post_data['topic_last_post_id'])
730 {
731 // Only do so if it is allowed forum-wide
732 if ($post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
733 {
734 if (topic_review($topic_id, $forum_id, 'post_review', $post_data['topic_cur_post_id']))
735 {
736 $template->assign_var('S_POST_REVIEW', true);
737 }
738
739 $submit = false;
740 $refresh = true;
741 }
742 }
743
744 // Parse Attachments - before checksum is calculated
745 $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh);
746
747 // Grab md5 'checksum' of new message
748 $message_md5 = md5($message_parser->message);
749
750 // If editing and checksum has changed we know the post was edited while we're editing
751 // Notify and show user the changed post
752 if ($mode == 'edit' && $post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
753 {
754 $edit_post_message_checksum = request_var('edit_post_message_checksum', '');
755 $edit_post_subject_checksum = request_var('edit_post_subject_checksum', '');
756
757 // $post_data['post_checksum'] is the checksum of the post submitted in the meantime
758 // $message_md5 is the checksum of the post we're about to submit
759 // $edit_post_message_checksum is the checksum of the post we're editing
760 // ...
761
762 // We make sure nobody else made exactly the same change
763 // we're about to submit by also checking $message_md5 != $post_data['post_checksum']
764 if (($edit_post_message_checksum !== '' && $edit_post_message_checksum != $post_data['post_checksum'] && $message_md5 != $post_data['post_checksum'])
765 || ($edit_post_subject_checksum !== '' && $edit_post_subject_checksum != $post_data['post_subject_md5'] && md5($post_data['post_subject']) != $post_data['post_subject_md5']))
766 {
767 if (topic_review($topic_id, $forum_id, 'post_review_edit', $post_id))
768 {
769 $template->assign_vars(array(
770 'S_POST_REVIEW' => true,
771
772 'L_POST_REVIEW' => $user->lang['POST_REVIEW_EDIT'],
773 'L_POST_REVIEW_EXPLAIN' => $user->lang['POST_REVIEW_EDIT_EXPLAIN'],
774 ));
775 }
776
777 $submit = false;
778 $refresh = true;
779 }
780 }
781
782 // Check checksum ... don't re-parse message if the same
783 $update_message = ($mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN) ? true : false;
784
785 // Also check if subject got updated...
786 $update_subject = $mode != 'edit' || ($post_data['post_subject_md5'] && $post_data['post_subject_md5'] != md5($post_data['post_subject']));
787
788 // Parse message
789 if ($update_message)
790 {
791 if (sizeof($message_parser->warn_msg))
792 {
793 $error[] = implode('<br />', $message_parser->warn_msg);
794 $message_parser->warn_msg = array();
795 }
796
797 $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
798
799 // On a refresh we do not care about message parsing errors
800 if (sizeof($message_parser->warn_msg) && $refresh)
801 {
802 $message_parser->warn_msg = array();
803 }
804 }
805 else
806 {
807 $message_parser->bbcode_bitfield = $post_data['bbcode_bitfield'];
808 }
809
810 if ($mode != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$auth->acl_get('f_ignoreflood', $forum_id))
811 {
812 // Flood check
813 $last_post_time = 0;
814
815 if ($user->data['is_registered'])
816 {
817 $last_post_time = $user->data['user_lastpost_time'];
818 }
819 else
820 {
821 $sql = 'SELECT post_time AS last_post_time
822 FROM ' . POSTS_TABLE . "
823 WHERE poster_ip = '" . $user->ip . "'
824 AND post_time > " . ($current_time - $config['flood_interval']);
825 $result = $db->sql_query_limit($sql, 1);
826 if ($row = $db->sql_fetchrow($result))
827 {
828 $last_post_time = $row['last_post_time'];
829 }
830 $db->sql_freeresult($result);
831 }
832
833 if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval']))
834 {
835 $error[] = $user->lang['FLOOD_ERROR'];
836 }
837 }
838
839 // Validate username
840 if (($post_data['username'] && !$user->data['is_registered']) || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username']))
841 {
842 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
843
844 if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false)
845 {
846 $user->add_lang('ucp');
847 $error[] = $user->lang[$result . '_USERNAME'];
848 }
849 }
850
851 if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply')))
852 {
853 $captcha_data = array(
854 'message' => utf8_normalize_nfc(request_var('message', '', true)),
855 'subject' => utf8_normalize_nfc(request_var('subject', '', true)),
856 'username' => utf8_normalize_nfc(request_var('username', '', true)),
857 );
858 $vc_response = $captcha->validate($captcha_data);
859 if ($vc_response)
860 {
861 $error[] = $vc_response;
862 }
863 }
864
865 // check form
866 if (($submit || $preview) && !check_form_key('posting'))
867 {
868 $error[] = $user->lang['FORM_INVALID'];
869 }
870
871 // Parse subject
872 if (!$preview && !$refresh && utf8_clean_string($post_data['post_subject']) === '' && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
873 {
874 $error[] = $user->lang['EMPTY_SUBJECT'];
875 }
876
877 $post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0;
878
879 if ($post_data['poll_option_text'] &&
880 ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
881 && $auth->acl_get('f_poll', $forum_id))
882 {
883 $poll = array(
884 'poll_title' => $post_data['poll_title'],
885 'poll_length' => $post_data['poll_length'],
886 'poll_max_options' => $post_data['poll_max_options'],
887 'poll_option_text' => $post_data['poll_option_text'],
888 'poll_start' => $post_data['poll_start'],
889 'poll_last_vote' => $post_data['poll_last_vote'],
890 'poll_vote_change' => $post_data['poll_vote_change'],
891 'enable_bbcode' => $post_data['enable_bbcode'],
892 'enable_urls' => $post_data['enable_urls'],
893 'enable_smilies' => $post_data['enable_smilies'],
894 'img_status' => $img_status
895 );
896
897 $message_parser->parse_poll($poll);
898
899 $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : '';
900 $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
901
902 /* We reset votes, therefore also allow removing options
903 if ($post_data['poll_last_vote'] && ($poll['poll_options_size'] < $orig_poll_options_size))
904 {
905 $message_parser->warn_msg[] = $user->lang['NO_DELETE_POLL_OPTIONS'];
906 }*/
907 }
908 else
909 {
910 $poll = array();
911 }
912
913 // Check topic type
914 if ($post_data['topic_type'] != POST_NORMAL && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
915 {
916 switch ($post_data['topic_type'])
917 {
918 case POST_GLOBAL:
919 case POST_ANNOUNCE:
920 $auth_option = 'f_announce';
921 break;
922
923 case POST_STICKY:
924 $auth_option = 'f_sticky';
925 break;
926
927 default:
928 $auth_option = '';
929 break;
930 }
931
932 if (!$auth->acl_get($auth_option, $forum_id))
933 {
934 // There is a special case where a user edits his post whereby the topic type got changed by an admin/mod.
935 // Another case would be a mod not having sticky permissions for example but edit permissions.
936 if ($mode == 'edit')
937 {
938 // To prevent non-authed users messing around with the topic type we reset it to the original one.
939 $post_data['topic_type'] = $post_data['orig_topic_type'];
940 }
941 else
942 {
943 $error[] = $user->lang['CANNOT_POST_' . str_replace('F_', '', strtoupper($auth_option))];
944 }
945 }
946 }
947
948 if (sizeof($message_parser->warn_msg))
949 {
950 $error[] = implode('<br />', $message_parser->warn_msg);
951 }
952
953 // DNSBL check
954 if ($config['check_dnsbl'] && !$refresh)
955 {
956 if (($dnsbl = $user->check_dnsbl('post')) !== false)
957 {
958 $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
959 }
960 }
961
962 // Store message, sync counters
963 if (!sizeof($error) && $submit)
964 {
965 // Check if we want to de-globalize the topic... and ask for new forum
966 if ($post_data['topic_type'] != POST_GLOBAL)
967 {
968 $sql = 'SELECT topic_type, forum_id
969 FROM ' . TOPICS_TABLE . "
970 WHERE topic_id = $topic_id";
971 $result = $db->sql_query($sql);
972 $row = $db->sql_fetchrow($result);
973 $db->sql_freeresult($result);
974
975 if ($row && !$row['forum_id'] && $row['topic_type'] == POST_GLOBAL)
976 {
977 $to_forum_id = request_var('to_forum_id', 0);
978
979 if ($to_forum_id)
980 {
981 $sql = 'SELECT forum_type
982 FROM ' . FORUMS_TABLE . '
983 WHERE forum_id = ' . $to_forum_id;
984 $result = $db->sql_query($sql);
985 $forum_type = (int) $db->sql_fetchfield('forum_type');
986 $db->sql_freeresult($result);
987
988 if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id))
989 {
990 $to_forum_id = 0;
991 }
992 }
993
994 if (!$to_forum_id)
995 {
996 include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
997
998 $template->assign_vars(array(
999 'S_FORUM_SELECT' => make_forum_select(false, false, false, true, true, true),
1000 'S_UNGLOBALISE' => true)
1001 );
1002
1003 $submit = false;
1004 $refresh = true;
1005 }
1006 else
1007 {
1008 if (!$auth->acl_get('f_post', $to_forum_id))
1009 {
1010 // This will only be triggered if the user tried to trick the forum.
1011 trigger_error('NOT_AUTHORISED');
1012 }
1013
1014 $forum_id = $to_forum_id;
1015 }
1016 }
1017 }
1018
1019 if ($submit)
1020 {
1021 // Lock/Unlock Topic
1022 $change_topic_status = $post_data['topic_status'];
1023 $perm_lock_unlock = ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED)) ? true : false;
1024
1025 if ($post_data['topic_status'] == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock)
1026 {
1027 $change_topic_status = ITEM_UNLOCKED;
1028 }
1029 else if ($post_data['topic_status'] == ITEM_UNLOCKED && $topic_lock && $perm_lock_unlock)
1030 {
1031 $change_topic_status = ITEM_LOCKED;
1032 }
1033
1034 if ($change_topic_status != $post_data['topic_status'])
1035 {
1036 $sql = 'UPDATE ' . TOPICS_TABLE . "
1037 SET topic_status = $change_topic_status
1038 WHERE topic_id = $topic_id
1039 AND topic_moved_id = 0";
1040 $db->sql_query($sql);
1041
1042 $user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster']) ? 'USER_' : '';
1043
1044 add_log('mod', $forum_id, $topic_id, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), $post_data['topic_title']);
1045 }
1046
1047 // Lock/Unlock Post Edit
1048 if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id))
1049 {
1050 $post_data['post_edit_locked'] = ITEM_UNLOCKED;
1051 }
1052 else if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id))
1053 {
1054 $post_data['post_edit_locked'] = ITEM_LOCKED;
1055 }
1056
1057 $data = array(
1058 'topic_title' => (empty($post_data['topic_title'])) ? $post_data['post_subject'] : $post_data['topic_title'],
1059 'topic_first_post_id' => (isset($post_data['topic_first_post_id'])) ? (int) $post_data['topic_first_post_id'] : 0,
1060 'topic_last_post_id' => (isset($post_data['topic_last_post_id'])) ? (int) $post_data['topic_last_post_id'] : 0,
1061 'topic_time_limit' => (int) $post_data['topic_time_limit'],
1062 'topic_attachment' => (isset($post_data['topic_attachment'])) ? (int) $post_data['topic_attachment'] : 0,
1063 'post_id' => (int) $post_id,
1064 'topic_id' => (int) $topic_id,
1065 'forum_id' => (int) $forum_id,
1066 'icon_id' => (int) $post_data['icon_id'],
1067 'poster_id' => (int) $post_data['poster_id'],
1068 'enable_sig' => (bool) $post_data['enable_sig'],
1069 'enable_bbcode' => (bool) $post_data['enable_bbcode'],
1070 'enable_smilies' => (bool) $post_data['enable_smilies'],
1071 'enable_urls' => (bool) $post_data['enable_urls'],
1072 'enable_indexing' => (bool) $post_data['enable_indexing'],
1073 'message_md5' => (string) $message_md5,
1074 'post_time' => (isset($post_data['post_time'])) ? (int) $post_data['post_time'] : $current_time,
1075 'post_checksum' => (isset($post_data['post_checksum'])) ? (string) $post_data['post_checksum'] : '',
1076 'post_edit_reason' => $post_data['post_edit_reason'],
1077 'post_edit_user' => ($mode == 'edit') ? $user->data['user_id'] : ((isset($post_data['post_edit_user'])) ? (int) $post_data['post_edit_user'] : 0),
1078 'forum_parents' => $post_data['forum_parents'],
1079 'forum_name' => $post_data['forum_name'],
1080 'notify' => $notify,
1081 'notify_set' => $post_data['notify_set'],
1082 'poster_ip' => (isset($post_data['poster_ip'])) ? $post_data['poster_ip'] : $user->ip,
1083 'post_edit_locked' => (int) $post_data['post_edit_locked'],
1084 'bbcode_bitfield' => $message_parser->bbcode_bitfield,
1085 'bbcode_uid' => $message_parser->bbcode_uid,
1086 'message' => $message_parser->message,
1087 'attachment_data' => $message_parser->attachment_data,
1088 'filename_data' => $message_parser->filename_data,
1089
1090 'topic_approved' => (isset($post_data['topic_approved'])) ? $post_data['topic_approved'] : false,
1091 'post_approved' => (isset($post_data['post_approved'])) ? $post_data['post_approved'] : false,
1092 );
1093
1094 if ($mode == 'edit')
1095 {
1096 $data['topic_replies_real'] = $post_data['topic_replies_real'];
1097 $data['topic_replies'] = $post_data['topic_replies'];
1098 }
1099
1100 // The last parameter tells submit_post if search indexer has to be run
1101 $redirect_url = submit_post($mode, $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message, ($update_message || $update_subject) ? true : false);
1102
1103 if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === true) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
1104 {
1105 $captcha->reset();
1106 }
1107
1108 // Check the permissions for post approval. Moderators are not affected.
1109 if ((!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id'])) || !empty($post_data['force_approved_state']))
1110 {
1111 meta_refresh(10, $redirect_url);
1112 $message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD'];
1113 $message .= (($user->data['user_id'] == ANONYMOUS) ? '' : ' '. $user->lang['POST_APPROVAL_NOTIFY']);
1114 }
1115 else
1116 {
1117 meta_refresh(3, $redirect_url);
1118
1119 $message = ($mode == 'edit') ? 'POST_EDITED' : 'POST_STORED';
1120 $message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $redirect_url . '">', '</a>');
1121 }
1122
1123 $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $data['forum_id']) . '">', '</a>');
1124 trigger_error($message);
1125 }
1126 }
1127 }
1128
1129 // Preview
1130 if (!sizeof($error) && $preview)
1131 {
1132 $post_data['post_time'] = ($mode == 'edit') ? $post_data['post_time'] : $current_time;
1133
1134 $preview_message = $message_parser->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies'], false);
1135
1136 $preview_signature = ($mode == 'edit') ? $post_data['user_sig'] : $user->data['user_sig'];
1137 $preview_signature_uid = ($mode == 'edit') ? $post_data['user_sig_bbcode_uid'] : $user->data['user_sig_bbcode_uid'];
1138 $preview_signature_bitfield = ($mode == 'edit') ? $post_data['user_sig_bbcode_bitfield'] : $user->data['user_sig_bbcode_bitfield'];
1139
1140 // Signature
1141 if ($post_data['enable_sig'] && $config['allow_sig'] && $preview_signature && $auth->acl_get('f_sigs', $forum_id))
1142 {
1143 $parse_sig = new parse_message($preview_signature);
1144 $parse_sig->bbcode_uid = $preview_signature_uid;
1145 $parse_sig->bbcode_bitfield = $preview_signature_bitfield;
1146
1147 // Not sure about parameters for bbcode/smilies/urls... in signatures
1148 $parse_sig->format_display($config['allow_sig_bbcode'], true, $config['allow_sig_smilies']);
1149 $preview_signature = $parse_sig->message;
1150 unset($parse_sig);
1151 }
1152 else
1153 {
1154 $preview_signature = '';
1155 }
1156
1157 $preview_subject = censor_text($post_data['post_subject']);
1158
1159 // Poll Preview
1160 if (!$poll_delete && ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1161 && $auth->acl_get('f_poll', $forum_id))
1162 {
1163 $parse_poll = new parse_message($post_data['poll_title']);
1164 $parse_poll->bbcode_uid = $message_parser->bbcode_uid;
1165 $parse_poll->bbcode_bitfield = $message_parser->bbcode_bitfield;
1166
1167 $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
1168
1169 if ($post_data['poll_length'])
1170 {
1171 $poll_end = ($post_data['poll_length'] * 86400) + (($post_data['poll_start']) ? $post_data['poll_start'] : time());
1172 }
1173
1174 $template->assign_vars(array(
1175 'S_HAS_POLL_OPTIONS' => (sizeof($post_data['poll_options'])),
1176 'S_IS_MULTI_CHOICE' => ($post_data['poll_max_options'] > 1) ? true : false,
1177
1178 'POLL_QUESTION' => $parse_poll->message,
1179
1180 'L_POLL_LENGTH' => ($post_data['poll_length']) ? sprintf($user->lang['POLL_RUN_TILL'], $user->format_date($poll_end)) : '',
1181 'L_MAX_VOTES' => ($post_data['poll_max_options'] == 1) ? $user->lang['MAX_OPTION_SELECT'] : sprintf($user->lang['MAX_OPTIONS_SELECT'], $post_data['poll_max_options']))
1182 );
1183
1184 $parse_poll->message = implode("\n", $post_data['poll_options']);
1185 $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
1186 $preview_poll_options = explode('<br />', $parse_poll->message);
1187 unset($parse_poll);
1188
1189 foreach ($preview_poll_options as $key => $option)
1190 {
1191 $template->assign_block_vars('poll_option', array(
1192 'POLL_OPTION_CAPTION' => $option,
1193 'POLL_OPTION_ID' => $key + 1)
1194 );
1195 }
1196 unset($preview_poll_options);
1197 }
1198
1199 // Attachment Preview
1200 if (sizeof($message_parser->attachment_data))
1201 {
1202 $template->assign_var('S_HAS_ATTACHMENTS', true);
1203
1204 $update_count = array();
1205 $attachment_data = $message_parser->attachment_data;
1206
1207 parse_attachments($forum_id, $preview_message, $attachment_data, $update_count, true);
1208
1209 foreach ($attachment_data as $i => $attachment)
1210 {
1211 $template->assign_block_vars('attachment', array(
1212 'DISPLAY_ATTACHMENT' => $attachment)
1213 );
1214 }
1215 unset($attachment_data);
1216 }
1217
1218 if (!sizeof($error))
1219 {
1220 $template->assign_vars(array(
1221 'PREVIEW_SUBJECT' => $preview_subject,
1222 'PREVIEW_MESSAGE' => $preview_message,
1223 'PREVIEW_SIGNATURE' => $preview_signature,
1224
1225 'S_DISPLAY_PREVIEW' => true)
1226 );
1227 }
1228 }
1229
1230 // Decode text for message display
1231 $post_data['bbcode_uid'] = ($mode == 'quote' && !$preview && !$refresh && !sizeof($error)) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid;
1232 $message_parser->decode_message($post_data['bbcode_uid']);
1233
1234 if ($mode == 'quote' && !$submit && !$preview && !$refresh)
1235 {
1236 if ($config['allow_bbcode'])
1237 {
1238 $message_parser->message = '[quote=&quot;' . $post_data['quote_username'] . '&quot;]' . censor_text(trim($message_parser->message)) . "[/quote]\n";
1239 }
1240 else
1241 {
1242 $offset = 0;
1243 $quote_string = "&gt; ";
1244 $message = censor_text(trim($message_parser->message));
1245 // see if we are nesting. It's easily tricked but should work for one level of nesting
1246 if (strpos($message, "&gt;") !== false)
1247 {
1248 $offset = 10;
1249 }
1250 $message = utf8_wordwrap($message, 75 + $offset, "\n");
1251
1252 $message = $quote_string . $message;
1253 $message = str_replace("\n", "\n" . $quote_string, $message);
1254 $message_parser->message = $post_data['quote_username'] . " " . $user->lang['WROTE'] . " :\n" . $message . "\n";
1255 }
1256 }
1257
1258 if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh)
1259 {
1260 $post_data['post_subject'] = ((strpos($post_data['post_subject'], 'Re: ') !== 0) ? 'Re: ' : '') . censor_text($post_data['post_subject']);
1261 }
1262
1263 $attachment_data = $message_parser->attachment_data;
1264 $filename_data = $message_parser->filename_data;
1265 $post_data['post_text'] = $message_parser->message;
1266
1267 if (sizeof($post_data['poll_options']) && $post_data['poll_title'])
1268 {
1269 $message_parser->message = $post_data['poll_title'];
1270 $message_parser->bbcode_uid = $post_data['bbcode_uid'];
1271
1272 $message_parser->decode_message();
1273 $post_data['poll_title'] = $message_parser->message;
1274
1275 $message_parser->message = implode("\n", $post_data['poll_options']);
1276 $message_parser->decode_message();
1277 $post_data['poll_options'] = explode("\n", $message_parser->message);
1278 }
1279
1280 // MAIN POSTING PAGE BEGINS HERE
1281
1282 // Forum moderators?
1283 $moderators = array();
1284 if ($config['load_moderators'])
1285 {
1286 get_moderators($moderators, $forum_id);
1287 }
1288
1289 // Generate smiley listing
1290 generate_smilies('inline', $forum_id);
1291
1292 // Generate inline attachment select box
1293 posting_gen_inline_attachments($attachment_data);
1294
1295 // Do show topic type selection only in first post.
1296 $topic_type_toggle = false;
1297
1298 if ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']))
1299 {
1300 $topic_type_toggle = posting_gen_topic_types($forum_id, $post_data['topic_type']);
1301 }
1302
1303 $s_topic_icons = false;
1304 if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id))
1305 {
1306 $s_topic_icons = posting_gen_topic_icons($mode, $post_data['icon_id']);
1307 }
1308
1309 $bbcode_checked = (isset($post_data['enable_bbcode'])) ? !$post_data['enable_bbcode'] : (($config['allow_bbcode']) ? !$user->optionget('bbcode') : 1);
1310 $smilies_checked = (isset($post_data['enable_smilies'])) ? !$post_data['enable_smilies'] : (($config['allow_smilies']) ? !$user->optionget('smilies') : 1);
1311 $urls_checked = (isset($post_data['enable_urls'])) ? !$post_data['enable_urls'] : 0;
1312 $sig_checked = $post_data['enable_sig'];
1313 $lock_topic_checked = (isset($topic_lock) && $topic_lock) ? $topic_lock : (($post_data['topic_status'] == ITEM_LOCKED) ? 1 : 0);
1314 $lock_post_checked = (isset($post_lock)) ? $post_lock : $post_data['post_edit_locked'];
1315
1316 // If the user is replying or posting and not already watching this topic but set to always being notified we need to overwrite this setting
1317 $notify_set = ($mode != 'edit' && $config['allow_topic_notify'] && $user->data['is_registered'] && !$post_data['notify_set']) ? $user->data['user_notify'] : $post_data['notify_set'];
1318 $notify_checked = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);
1319
1320 // Page title & action URL, include session_id for security purpose
1321 $s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode&amp;f=$forum_id", true, $user->session_id);
1322 $s_action .= ($topic_id) ? "&amp;t=$topic_id" : '';
1323 $s_action .= ($post_id) ? "&amp;p=$post_id" : '';
1324
1325 switch ($mode)
1326 {
1327 case 'post':
1328 $page_title = $user->lang['POST_TOPIC'];
1329 break;
1330
1331 case 'quote':
1332 case 'reply':
1333 $page_title = $user->lang['POST_REPLY'];
1334 break;
1335
1336 case 'delete':
1337 case 'edit':
1338 $page_title = $user->lang['EDIT_POST'];
1339 break;
1340 }
1341
1342 // Build Navigation Links
1343 generate_forum_nav($post_data);
1344
1345 // Build Forum Rules
1346 generate_forum_rules($post_data);
1347
1348 // Posting uses is_solved for legacy reasons. Plugins have to use is_solved to force themselves to be displayed.
1349 if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === false) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
1350 {
1351
1352 $template->assign_vars(array(
1353 'S_CONFIRM_CODE' => true,
1354 'CAPTCHA_TEMPLATE' => $captcha->get_template(),
1355 ));
1356 }
1357
1358 $s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $post_data['topic_last_post_id'] . '" />' : '';
1359 $s_hidden_fields .= '<input type="hidden" name="lastclick" value="' . $current_time . '" />';
1360 $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . request_var('draft_loaded', $draft_id) . '" />' : '';
1361
1362 if ($mode == 'edit')
1363 {
1364 $s_hidden_fields .= build_hidden_fields(array(
1365 'edit_post_message_checksum' => $post_data['post_checksum'],
1366 'edit_post_subject_checksum' => $post_data['post_subject_md5'],
1367 ));
1368 }
1369
1370 // Add the confirm id/code pair to the hidden fields, else an error is displayed on next submit/preview
1371 if (isset($captcha) && $captcha->is_solved() !== false)
1372 {
1373 $s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields());
1374 }
1375
1376 $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_attachments'] || !$auth->acl_get('u_attach') || !$auth->acl_get('f_attach', $forum_id)) ? '' : ' enctype="multipart/form-data"';
1377 add_form_key('posting');
1378
1379
1380 // Start assigning vars for main posting page ...
1381 $template->assign_vars(array(
1382 'L_POST_A' => $page_title,
1383 'L_ICON' => ($mode == 'reply' || $mode == 'quote' || ($mode == 'edit' && $post_id != $post_data['topic_first_post_id'])) ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'],
1384 'L_MESSAGE_BODY_EXPLAIN' => (intval($config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '',
1385
1386 'FORUM_NAME' => $post_data['forum_name'],
1387 'FORUM_DESC' => ($post_data['forum_desc']) ? generate_text_for_display($post_data['forum_desc'], $post_data['forum_desc_uid'], $post_data['forum_desc_bitfield'], $post_data['forum_desc_options']) : '',
1388 'TOPIC_TITLE' => censor_text($post_data['topic_title']),
1389 'MODERATORS' => (sizeof($moderators)) ? implode(', ', $moderators[$forum_id]) : '',
1390 'USERNAME' => ((!$preview && $mode != 'quote') || $preview) ? $post_data['username'] : '',
1391 'SUBJECT' => $post_data['post_subject'],
1392 'MESSAGE' => $post_data['post_text'],
1393 'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'),
1394 'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
1395 'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
1396 'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
1397 'URL_STATUS' => ($bbcode_status && $url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
1398 'MAX_FONT_SIZE' => (int) $config['max_post_font_size'],
1399 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['POST']),
1400 'POST_DATE' => ($post_data['post_time']) ? $user->format_date($post_data['post_time']) : '',
1401 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
1402 'TOPIC_TIME_LIMIT' => (int) $post_data['topic_time_limit'],
1403 'EDIT_REASON' => $post_data['post_edit_reason'],
1404 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"),
1405 'U_VIEW_TOPIC' => ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=$topic_id") : '',
1406 'U_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&amp;mode=popup"),
1407 'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&amp;mode=popup")),
1408
1409 'S_PRIVMSGS' => false,
1410 'S_CLOSE_PROGRESS_WINDOW' => (isset($_POST['add_file'])) ? true : false,
1411 'S_EDIT_POST' => ($mode == 'edit') ? true : false,
1412 'S_EDIT_REASON' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
1413 'S_DISPLAY_USERNAME' => (!$user->data['is_registered'] || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS)) ? true : false,
1414 'S_SHOW_TOPIC_ICONS' => $s_topic_icons,
1415 'S_DELETE_ALLOWED' => ($mode == 'edit' && (($post_id == $post_data['topic_last_post_id'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])) || $auth->acl_get('m_delete', $forum_id))) ? true : false,
1416 'S_BBCODE_ALLOWED' => $bbcode_status,
1417 'S_BBCODE_CHECKED' => ($bbcode_checked) ? ' checked="checked"' : '',
1418 'S_SMILIES_ALLOWED' => $smilies_status,
1419 'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '',
1420 'S_SIG_ALLOWED' => ($auth->acl_get('f_sigs', $forum_id) && $config['allow_sig'] && $user->data['is_registered']) ? true : false,
1421 'S_SIGNATURE_CHECKED' => ($sig_checked) ? ' checked="checked"' : '',
1422 'S_NOTIFY_ALLOWED' => (!$user->data['is_registered'] || ($mode == 'edit' && $user->data['user_id'] != $post_data['poster_id']) || !$config['allow_topic_notify'] || !$config['email_enable']) ? false : true,
1423 'S_NOTIFY_CHECKED' => ($notify_checked) ? ' checked="checked"' : '',
1424 'S_LOCK_TOPIC_ALLOWED' => (($mode == 'edit' || $mode == 'reply' || $mode == 'quote') && ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED))) ? true : false,
1425 'S_LOCK_TOPIC_CHECKED' => ($lock_topic_checked) ? ' checked="checked"' : '',
1426 'S_LOCK_POST_ALLOWED' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
1427 'S_LOCK_POST_CHECKED' => ($lock_post_checked) ? ' checked="checked"' : '',
1428 'S_LINKS_ALLOWED' => $url_status,
1429 'S_MAGIC_URL_CHECKED' => ($urls_checked) ? ' checked="checked"' : '',
1430 'S_TYPE_TOGGLE' => $topic_type_toggle,
1431 'S_SAVE_ALLOWED' => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $mode != 'edit') ? true : false,
1432 'S_HAS_DRAFTS' => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $post_data['drafts']) ? true : false,
1433 'S_FORM_ENCTYPE' => $form_enctype,
1434
1435 'S_BBCODE_IMG' => $img_status,
1436 'S_BBCODE_URL' => $url_status,
1437 'S_BBCODE_FLASH' => $flash_status,
1438 'S_BBCODE_QUOTE' => $quote_status,
1439
1440 'S_POST_ACTION' => $s_action,
1441 'S_HIDDEN_FIELDS' => $s_hidden_fields)
1442 );
1443
1444 // Build custom bbcodes array
1445 display_custom_bbcodes();
1446
1447 // Poll entry
1448 if (($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1449 && $auth->acl_get('f_poll', $forum_id))
1450 {
1451 $template->assign_vars(array(
1452 'S_SHOW_POLL_BOX' => true,
1453 'S_POLL_VOTE_CHANGE' => ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id)),
1454 'S_POLL_DELETE' => ($mode == 'edit' && sizeof($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))),
1455 'S_POLL_DELETE_CHECKED' => (!empty($poll_delete)) ? true : false,
1456
1457 'L_POLL_OPTIONS_EXPLAIN' => sprintf($user->lang['POLL_OPTIONS_' . (($mode == 'edit') ? 'EDIT_' : '') . 'EXPLAIN'], $config['max_poll_options']),
1458
1459 'VOTE_CHANGE_CHECKED' => (!empty($post_data['poll_vote_change'])) ? ' checked="checked"' : '',
1460 'POLL_TITLE' => (isset($post_data['poll_title'])) ? $post_data['poll_title'] : '',
1461 'POLL_OPTIONS' => (!empty($post_data['poll_options'])) ? implode("\n", $post_data['poll_options']) : '',
1462 'POLL_MAX_OPTIONS' => (isset($post_data['poll_max_options'])) ? (int) $post_data['poll_max_options'] : 1,
1463 'POLL_LENGTH' => $post_data['poll_length'])
1464 );
1465 }
1466
1467 // Show attachment box for adding attachments if true
1468 $allowed = ($auth->acl_get('f_attach', $forum_id) && $auth->acl_get('u_attach') && $config['allow_attachments'] && $form_enctype);
1469
1470 // Attachment entry
1471 posting_gen_attachment_entry($attachment_data, $filename_data, $allowed);
1472
1473 // Output page ...
1474 page_header($page_title, false);
1475
1476 $template->set_filenames(array(
1477 'body' => 'posting_body.html')
1478 );
1479
1480 make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx"));
1481
1482 // Topic review
1483 if ($mode == 'reply' || $mode == 'quote')
1484 {
1485 if (topic_review($topic_id, $forum_id))
1486 {
1487 $template->assign_var('S_DISPLAY_REVIEW', true);
1488 }
1489 }
1490
1491 page_footer();
1492
1493 /**
1494 * Show upload popup (progress bar)
1495 */
1496 function upload_popup($forum_style = 0)
1497 {
1498 global $template, $user;
1499
1500 ($forum_style) ? $user->setup('posting', $forum_style) : $user->setup('posting');
1501
1502 page_header($user->lang['PROGRESS_BAR'], false);
1503
1504 $template->set_filenames(array(
1505 'popup' => 'posting_progress_bar.html')
1506 );
1507
1508 $template->assign_vars(array(
1509 'PROGRESS_BAR' => $user->img('upload_bar', $user->lang['UPLOAD_IN_PROGRESS']))
1510 );
1511
1512 $template->display('popup');
1513
1514 garbage_collection();
1515 exit_handler();
1516 }
1517
1518 /**
1519 * Do the various checks required for removing posts as well as removing it
1520 */
1521 function handle_post_delete($forum_id, $topic_id, $post_id, &$post_data)
1522 {
1523 global $user, $db, $auth, $config;
1524 global $phpbb_root_path, $phpEx;
1525
1526 // If moderator removing post or user itself removing post, present a confirmation screen
1527 if ($auth->acl_get('m_delete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get('f_delete', $forum_id) && $post_id == $post_data['topic_last_post_id'] && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])))
1528 {
1529 $s_hidden_fields = build_hidden_fields(array(
1530 'p' => $post_id,
1531 'f' => $forum_id,
1532 'mode' => 'delete')
1533 );
1534
1535 if (confirm_box(true))
1536 {
1537 $data = array(
1538 'topic_first_post_id' => $post_data['topic_first_post_id'],
1539 'topic_last_post_id' => $post_data['topic_last_post_id'],
1540 'topic_replies_real' => $post_data['topic_replies_real'],
1541 'topic_approved' => $post_data['topic_approved'],
1542 'topic_type' => $post_data['topic_type'],
1543 'post_approved' => $post_data['post_approved'],
1544 'post_reported' => $post_data['post_reported'],
1545 'post_time' => $post_data['post_time'],
1546 'poster_id' => $post_data['poster_id'],
1547 'post_postcount' => $post_data['post_postcount']
1548 );
1549
1550 $next_post_id = delete_post($forum_id, $topic_id, $post_id, $data);
1551 $post_username = ($post_data['poster_id'] == ANONYMOUS && !empty($post_data['post_username'])) ? $post_data['post_username'] : $post_data['username'];
1552
1553 if ($next_post_id === false)
1554 {
1555 add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_TOPIC', $post_data['topic_title'], $post_username);
1556
1557 $meta_info = append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id");
1558 $message = $user->lang['POST_DELETED'];
1559 }
1560 else
1561 {
1562 add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_POST', $post_data['post_subject'], $post_username);
1563
1564 $meta_info = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=$topic_id&amp;p=$next_post_id") . "#p$next_post_id";
1565 $message = $user->lang['POST_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>');
1566 }
1567
1568 meta_refresh(3, $meta_info);
1569 $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
1570 trigger_error($message);
1571 }
1572 else
1573 {
1574 confirm_box(false, 'DELETE_POST', $s_hidden_fields);
1575 }
1576 }
1577
1578 // If we are here the user is not able to delete - present the correct error message
1579 if ($post_data['poster_id'] != $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id))
1580 {
1581 trigger_error('DELETE_OWN_POSTS');
1582 }
1583
1584 if ($post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && $post_id != $post_data['topic_last_post_id'])
1585 {
1586 trigger_error('CANNOT_DELETE_REPLIED');
1587 }
1588
1589 trigger_error('USER_CANNOT_DELETE');
1590 }
1591
1592 ?>
phpbb is a php-based BBS (buletin board system)