$hostip = COM_applyFilter($_POST['hostip']);
DB_query("INSERT INTO {$_TABLES['gf_banned_ip']} (host_ip) VALUES ('{$hostip}')");
$link = "{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$fortopicid}";
forum_statusMessage($LANG_GF02['msg56'], $link, $LANG_GF02['msg56']);
gf_siteFooter();
exit;
}
}
if ($_POST['confirm_move'] == '1' and forum_modPermission($forum, $_USER['uid'], 'mod_move') and $moveid != 0) {
if ($submit == $LANG_GF01['CANCEL']) {
echo COM_refresh("viewtopic.php?showtopic={$moveid}");
exit;
} else {
$date = time();
$movetoforum = gf_preparefordb($_POST['movetoforum'], text);
$movetitle = gf_preparefordb($_POST['movetitle'], text);
$newforumid = DB_getItem($_TABLES['gf_forums'], "forum_id", "forum_name='{$movetoforum}'");
/* Check and see if we are splitting this forum thread */
if (isset($_POST['splittype'])) {
// - Yes
$curpostpid = DB_getItem($_TABLES['gf_topic'], "pid", "id='{$moveid}'");
if ($_POST['splittype'] == 'single') {
// Move only the single post - create a new topic
$topicdate = DB_getItem($_TABLES['gf_topic'], "date", "id='{$moveid}'");
$sql = "UPDATE {$_TABLES['gf_topic']} SET forum='{$newforumid}', pid='0',lastupdated='{$topicdate}', ";
$sql .= "subject='{$movetitle}', replies = '0' WHERE id='{$moveid}' ";
DB_query($sql);
DB_query("UPDATE {$_TABLES['gf_topic']} SET replies=replies-1 WHERE id='{$curpostpid}' ");
// Update Topic and Post Count for the effected forums
DB_query("UPDATE {$_TABLES['gf_forums']} SET topic_count=topic_count+1, post_count=post_count+1 WHERE forum_id={$newforumid}");
$topicsQuery = DB_query("SELECT id FROM {$_TABLES['gf_topic']} WHERE forum={$forum} and pid=0");
$spamcheck = '<h1>' . $_POST['subject'] . '</h1><p>' . $_POST['comment'] . '</p>';
$result = PLG_checkforSpam($spamcheck, $_CONF['spamx']);
// Now check the result and redirect to index.php if spam action was taken
if ($result > 0) {
// then tell them to get lost ...
echo COM_showMessage($result, 'spamx');
gf_siteFooter();
exit;
}
}
DB_query("DELETE FROM {$_TABLES['gf_log']} WHERE topic='{$id}' and time > 0");
// Check for any users subscribed notifications
gf_chknotifications($forum, $id, $uid);
$postmode = gf_chkpostmode($postmode, $postmode_switch);
$subject = gf_preparefordb($_POST['subject'], 'text');
$comment = gf_preparefordb($_POST['comment'], $postmode);
$mood = COM_applyFilter($_POST['mood']);
$fields = "name,date,subject,comment,postmode,ip,mood,uid,pid,forum";
$sql = "INSERT INTO {$_TABLES['gf_topic']} ({$fields}) ";
$sql .= "VALUES ('{$name}','{$date}','{$subject}','{$comment}',";
$sql .= "'{$postmode}','{$REMOTE_ADDR}','{$mood}','{$uid}','{$id}','{$forum}')";
DB_query($sql);
// Find the id of the last inserted topic
list($lastid) = DB_fetchArray(DB_query("SELECT max(id) FROM {$_TABLES['gf_topic']} "));
/* Check for any uploaded files - during adding reply post */
gf_check4files($lastid);
// Check and see if there are no [file] bbcode tags in content and reset the show_inline value
// This is needed in case user had used the file bbcode tag and then removed it
$imagerecs = '';
$imagerecs = implode(',', $forumfiles);
$sql = "UPDATE {$_TABLES['gf_attachments']} SET show_inline = 0 WHERE topic_id={$lastid} ";
$display .= COM_endBlock();
$display .= adminfooter();
$display = COM_createHTMLDocument($display);
COM_output($display);
exit;
}
} elseif ($mode == $LANG_GF01['EDIT'] && isset($_POST['what']) && COM_applyFilter($_POST['what']) == 'order' && SEC_checkToken()) {
$order = COM_applyFilter($_POST['order'], true);
DB_query("UPDATE {$_TABLES['forum_forums']} SET forum_order='{$order}' WHERE forum_id='{$id}'");
$display = COM_refresh($_CONF['site_admin_url'] . '/plugins/forum/boards.php?msg=7');
COM_output($display);
exit;
} elseif ($mode == 'save' && SEC_checkToken()) {
$category = isset($_REQUEST['category']) ? COM_applyFilter($_POST['category'], true) : 0;
$name = gf_preparefordb($_POST['name'], 'text');
$dscp = gf_preparefordb($_POST['dscp'], 'text');
$is_hidden = isset($_POST['is_hidden']) ? COM_applyFilter($_POST['is_hidden'], true) : 0;
$is_readonly = isset($_POST['is_readonly']) ? COM_applyFilter($_POST['is_readonly'], true) : 0;
$no_newposts = isset($_POST['no_newposts']) ? COM_applyFilter($_POST['no_newposts'], true) : 0;
$privgroup = isset($_POST['privgroup']) ? COM_applyFilter($_POST['privgroup'], true) : 0;
if ($privgroup == 0) {
$privgroup = 2;
}
DB_query("UPDATE {$_TABLES['forum_forums']} SET forum_cat={$category},forum_name='{$name}',forum_dscp='{$dscp}', grp_id={$privgroup},\n is_hidden='{$is_hidden}', is_readonly='{$is_readonly}', no_newposts='{$no_newposts}' WHERE forum_id='{$id}'");
$display = COM_refresh($_CONF['site_admin_url'] . '/plugins/forum/boards.php?msg=8');
COM_output($display);
exit;
} elseif ($mode == $LANG_GF01['RESYNC']) {
gf_resyncforum($id);
} elseif ($mode == $LANG_GF01['EDIT']) {
$grouplist = '';
exit;
} else {
DB_query("INSERT INTO {$_TABLES['forum_banned_ip']} (host_ip) VALUES ('{$hostip}')");
$display = COM_refresh($_CONF['site_url'] . "/forum/viewtopic.php?msg=6&showtopic={$fortopicid}");
echo $display;
exit;
}
}
if ($confirm_move == '1' and forum_modPermission($forum, $_USER['uid'], 'mod_move') and $moveid != 0) {
if ($submit == $LANG_GF01['CANCEL']) {
echo COM_refresh("viewtopic.php?showtopic={$moveid}");
exit;
} else {
$date = time();
$movetoforum = gf_preparefordb($movetoforum, 'text');
$movetitle = gf_preparefordb($movetitle, 'text');
$newforumid = DB_getItem($_TABLES['forum_forums'], "forum_id", "forum_name='{$movetoforum}'");
/* Check and see if we are splitting this forum thread */
if (isset($_POST['splittype'])) {
// - Yes
$curpostpid = DB_getItem($_TABLES['forum_topic'], "pid", "id='{$moveid}'");
if ($_POST['splittype'] == 'single') {
// Move only the single post - create a new topic
$topicdate = DB_getItem($_TABLES['forum_topic'], "date", "id='{$moveid}'");
$sql = "UPDATE {$_TABLES['forum_topic']} SET forum='{$newforumid}', pid='0',lastupdated='{$topicdate}', ";
$sql .= "subject='{$movetitle}', replies = '0' WHERE id='{$moveid}' ";
DB_query($sql);
PLG_itemSaved($moveid, 'forum');
DB_query("UPDATE {$_TABLES['forum_topic']} SET replies=replies-1 WHERE id='{$curpostpid}' ");
// Update Topic and Post Count for the effected forums
DB_query("UPDATE {$_TABLES['forum_forums']} SET topic_count=topic_count+1, post_count=post_count+1 WHERE forum_id={$newforumid}");