// Check if the request is to make a post
if (isset($_POST['message']) || isset($_POST['file'])) {
if (TINYIB_DBMIGRATE) {
fancyDie('Posting is currently disabled.<br>Please try again in a few moments.');
}
list($loggedin, $isadmin) = manageCheckLogIn();
$rawpost = isRawPost();
if (!$loggedin) {
checkCAPTCHA();
checkBanned();
checkMessageSize();
checkFlood();
}
$post = newPost(setParent());
$post['ip'] = $_SERVER['REMOTE_ADDR'];
list($post['name'], $post['tripcode']) = nameAndTripcode($_POST['name']);
$post['name'] = cleanString(substr($post['name'], 0, 75));
$post['email'] = cleanString(str_replace('"', '"', substr($_POST['email'], 0, 75)));
$post['subject'] = cleanString(substr($_POST['subject'], 0, 75));
if ($rawpost) {
$rawposttext = $isadmin ? ' <span style="color: red;">## Admin</span>' : ' <span style="color: purple;">## Mod</span>';
$post['message'] = $_POST['message'];
// Treat message as raw HTML
} else {
$rawposttext = '';
$post['message'] = str_replace("\n", '<br>', makeLinksClickable(colorQuote(postLink(cleanString(rtrim($_POST['message']))))));
}
$post['password'] = $_POST['password'] != '' ? md5(md5($_POST['password'])) : '';
$post['nameblock'] = nameBlock($post['name'], $post['tripcode'], $post['email'], time(), $rawposttext);
if (isset($_POST['embed']) && trim($_POST['embed']) != '') {
list($service, $embed) = getEmbed(trim($_POST['embed']));
$parent = $_POST["parent"];
}
}
$lastpost = lastPostByIP();
if ($lastpost) {
if (time() - $lastpost['timestamp'] < 30) {
fancyDie("Please wait a moment before posting again. You will be able to make another post in " . (30 - (time() - $lastpost['timestamp'])) . " seconds.");
}
}
if (strlen($_POST["message"]) > 8000) {
fancyDie("Please shorten your message, or post it in multiple parts. Your message is " . strlen($_POST["message"]) . " characters long, and the maximum allowed is 8000.");
}
$post = newPost();
$post['parent'] = $parent;
$post['ip'] = $_SERVER['REMOTE_ADDR'];
$nt = nameAndTripcode($_POST["name"]);
$post['name'] = $nt[0];
$post['tripcode'] = $nt[1];
$post['name'] = cleanString(substr($post['name'], 0, 75));
$post['email'] = cleanString(str_replace('"', '"', substr($_POST["email"], 0, 75)));
$post['subject'] = cleanString(substr($_POST["subject"], 0, 75));
$post['message'] = str_replace("\n", "<br>", colorQuote(cleanString(rtrim($_POST["message"]))));
if ($_POST['password'] != '') {
$post['password'] = md5(md5($_POST['password']));
} else {
$post['password'] = '';
}
$post['nameblock'] = nameBlock($post['name'], $post['tripcode'], $post['email'], time());
if (isset($_FILES['file'])) {
if ($_FILES['file']['name'] != "") {
switch ($_FILES['file']['error']) {
