TidyPost($post); $post = str_replace("##TSURUPETTANYOUJO##", "\n", $post); $post = "<!-- ###MULTIREP:" . $_POST['to'] . " ### -->" . $post; $post = mysql_real_escape_string($post); $qPMT = "update pmsgs_text set title = '" . justEscape($_POST['title']) . "', text = '" . $post . "' where pid = " . $pmid; $rPMT = Query($qPMT); $qPM = "update pmsgs set userto = " . $firstTo . " where id = " . $pmid; $rPM = Query($qPM); Redirect(__("PM draft updated!"), "private.php?show=2", __("your PM box")); exit; } else { $post = htmlentities2(deSlashMagic($pm['text'])); $post = preg_replace("'/me '", "[b]* " . $loguser['name'] . "[/b] ", $post); //to prevent identity confusion $post = str_replace("\n", "##TSURUPETTANYOUJO##", $post); TidyPost($post); $post = mysql_real_escape_string($post); $qPMT = "update pmsgs_text set title = '" . justEscape($_POST['title']) . "', text = '" . $post . "' where pid = " . $pmid; $rPMT = Query($qPMT); $qPM = "update pmsgs set drafting = 0 where id = " . $pmid; $rPM = Query($qPM); foreach ($recipIDs as $recipient) { if ($recipient == $firstTo) { continue; } $qPM = "insert into pmsgs (userto, userfrom, date, ip, msgread) values (" . $recipient . ", " . $loguserid . ", " . time() . ", '" . $_SERVER['REMOTE_ADDR'] . "', 0)"; $rPM = Query($qPM); $pid = mysql_insert_id(); $qPMT = "insert into pmsgs_text (pid,title,text) values (" . $pid . ", '" . justEscape($_POST['title']) . "', '" . $post . "')"; $rPMT = Query($qPMT); }
$rPosts = Query($qPosts); } if ($forum['minpower'] < 1) { Report("Post edited by [b]" . $loguser['name'] . "[/] in [b]" . $thread['title'] . "[/] (" . $forum['title'] . ") -> [g]#HERE#?pid=" . $pid); } Redirect(__("Edited!"), "thread.php?pid=" . $pid . "#" . $pid, __("the thread")); exit; } else { Alert(__("Enter a message and try again."), __("Your post is empty.")); } } if ($_POST['text']) { //$prefill = htmlentities2(stripslashes($_POST['text'])); $prefill = htmlentities2(deSlashMagic($_POST['text'])); $prefill = str_replace("\n", "##TSURUPETTANYOUJO##", $prefill); TidyPost($prefill); $prefill = str_replace("##TSURUPETTANYOUJO##", "\n", $prefill); } if ($_POST['action'] == __("Preview")) { $qUser = "******" . $post['user']; $rUser = Query($qUser); if (NumRows($rUser)) { $user = Fetch($rUser); } else { Kill(__("Unknown user ID.")); } $bucket = "userMangler"; include "./lib/pluginloader.php"; if ($_POST['text']) { $previewPost['text'] = $prefill; $previewPost['num'] = $post['num'];