// Anti Flood Code if (!($CURUSER['post_count'] < $CURUSER['post_max'])) { stderr('Notice', 'You have reached your Post limit. Please wait 15 minutes before retrying.'); } $newtopic = is_valid_id($forumid); $subject = isset($_POST["subject"]) ? $_POST["subject"] : ''; if ($newtopic) { $subject = trim($subject); if (empty($subject)) { stderr("Error", "You must enter a subject."); } if (strlen($subject) > $maxsubjectlength) { stderr("Error", "Subject is limited to " . $maxsubjectlength . " characters."); } } else { $forumid = get_topic_forum($topicid) or die("Bad topic ID"); } if ($CURUSER["forumpost"] == 'no') { stderr("Sorry", "Your are not allowed to post.)"); } // ------ Make sure sure user has write access in forum $arr = get_forum_access_levels($forumid) or die("Bad forum ID"); if ($CURUSER['class'] < $arr["write"] || $newtopic && $CURUSER['class'] < $arr["create"] && !isMod($forumid)) { stderr("Error", "Permission denied."); } $body = trim($_POST["body"]); if (empty($body)) { stderr("Error", "No body text."); } $userid = (int) $CURUSER["id"]; if ($use_flood_mod && $CURUSER['class'] < UC_MODERATOR && !isMod($forumid)) {
$topicid = $_POST["topicid"]; if (!is_valid_id($forumid) && !is_valid_id($topicid)) { showerror(T_("FORUM_ERROR"), "w00t"); } $newtopic = $forumid > 0; $subject = $_POST["subject"]; if ($newtopic) { if (!$subject) { showerror(T_("ERROR"), "You must enter a subject."); } $subject = trim($subject); //if (!$subject) //showerror(T_("ERROR"), "You must enter a subject."); //showerror(T_("ERROR"), "Subject is limited to $maxsubjectlength characters."); } else { $forumid = get_topic_forum($topicid) or showerror(T_("FORUM_ERROR"), "Bad topic ID"); } ////// Make sure sure user has write access in forum $arr = get_forum_access_levels($forumid) or showerror(T_("FORUM_ERROR"), "Bad forum ID"); if (get_user_class() < $arr["write"]) { showerror(T_("FORUM_ERROR"), T_("FORUMS_NOT_PERMIT")); } $body = trim($_POST["body"]); if (!$body) { showerror(T_("ERROR"), "No body text."); } $userid = $CURUSER["id"]; if ($newtopic) { //Create topic $subject = sqlesc($subject); SQL_Query_exec("INSERT INTO forum_topics (userid, forumid, subject) VALUES({$userid}, {$forumid}, {$subject})");
$topicid = isset($_POST["topicid"]) ? intval($_POST["topicid"]) : false; if (!is_valid_id($forumid) && !is_valid_id($topicid)) { stderr(ERROR, ERR_FORUM_TOPIC); } $newtopic = $forumid > 0; $subject = isset($_POST["subject"]) ? $_POST["subject"] : false; if ($newtopic) { $subject = trim($subject); if (!$subject) { stderr(ERROR, ERR_SUBJECT); } if (strlen($subject) > $maxsubjectlength) { stderr(ERROR, SUBJECT_MAX_CHAR . " " . $maxsubjectlength . " " . CHARACTERS); } } else { $forumid = get_topic_forum($topicid) or die(ERR_TOPIC_ID); } //------ Make sure sure user has write access in forum $arr = get_forum_access_levels($forumid) or die(BAD_FORUM_ID); if (user::$current["id_level"] < $arr["write"] || $newtopic && user::$current["id_level"] < $arr["create"]) { stderr(ERROR, ERR_PERM_DENIED); } $body = trim($_POST["body"]); if ($body == "") { stderr(ERROR, ERR_NO_BODY); } $userid = user::$current["uid"]; if ($newtopic) { //---- Create topic $subject = sqlesc(security::html_safe($subject)); $db->query("UPDATE forums SET topiccount = topiccount + 1 WHERE id = " . $forumid);
$forumid = isset($_POST["forumid"]) ? (int) $_POST["forumid"] : 0; $topicid = isset($_POST["topicid"]) ? (int) $_POST["topicid"] : 0; if (!is_valid_id($forumid) && !is_valid_id($topicid)) { stderr("{$lang['forum_post_error']}", "{$lang['forum_post_bad_id']}"); } $newtopic = $forumid > 0; if ($newtopic) { $subject = trim(strip_tags($_POST["subject"])); if (!$subject) { stderr("{$lang['forum_post_error']}", "{$lang['forum_post_subject']}"); } if (strlen($subject) > $maxsubjectlength) { stderr("{$lang['forum_post_error']}", "{$lang['forum_post_subject_limit']}"); } } else { $forumid = get_topic_forum($topicid) or die("{$lang['forum_post_bad_topic']}"); } //------ Make sure sure user has write access in forum $arr = get_forum_access_levels($forumid) or die("{$lang['forum_post_bad_forum']}"); if (get_user_class() < $arr["write"] || $newtopic && get_user_class() < $arr["create"]) { stderr("{$lang['forum_post_error']}", "{$lang['forum_post_denied']}"); } $body = trim($_POST["body"]); if ($body == "") { stderr("{$lang['forum_post_error']}", "{$lang['forum_post_body']}"); } $userid = $CURUSER["id"]; if ($newtopic) { //---- Create topic $subject = sqlesc($subject); @mysql_query("INSERT INTO topics (userid, forumid, subject) VALUES({$userid}, {$forumid}, {$subject})") or sqlerr(__FILE__, __LINE__);
$newtopic = $forumid > 0; $subject = $_POST["subject"]; if ($newtopic) { $subject = trim($subject); if (!$subject) stderr("Villa", "Þú verður að hafa efni."); if (strlen($subject) > $maxsubjectlength) stderr("Villa", "Efni má vera mest $maxsubjectlength stafir."); } else $forumid = get_topic_forum($topicid) or die("Slæmt ID"); //------ Make sure sure user has write access in forum $arr = get_forum_access_levels($forumid) or die("Slæmt ID"); if (get_user_class() < $arr["write"] || ($newtopic && get_user_class() < $arr["create"])) { if($CURUSER['donor'] === 'no' || $forumid === '1' || $forumid === '8' || $forumid === '12') stderr("Villa", "Aðgangi hafnað."); } $body = trim($_POST["body"]); if ($body == "") stderr("Villa", "Ekkert meginatriði.");