function execute(&$request) { if (isset($_REQUEST['forum_id']) && intval($_REQUEST['forum_id']) != 0) { $forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($_REQUEST['forum_id'])); if (!is_array($forum) || empty($forum)) { exit; } } else { exit; } if ($request['user']->get('perms') < get_map($request['user'], 'attachments', 'can_add', array('forum_id' => $forum['forum_id']))) { exit; } $num_attachments = 0; $post_id = 0; $row_type = 0; $parent_id = 0; // check for a post id and add attachments accordingly if (isset($_REQUEST['post_id']) && intval($_REQUEST['post_id']) > 0) { $post = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id=" . intval($_REQUEST['post_id']) . " AND poster_id=" . intval($request['user']->get('id'))); if (!$post || !is_array($post) || empty($post)) { exit; } $post_id = $post['post_id']; $row_type = $post['row_type']; $parent_id = $post['parent_id']; } else { $post = array('post_id' => $post_id, 'parent_id' => $parent_id, 'row_type' => $row_type); } $result = attach_files($request, $forum, $post); $error_str = ''; if (is_array($result) && !empty($result)) { $error_str = implode('|', $result); } header("Location: misc.php?act=attachments_manager&post_id=" . $post['post_id'] . "&forum_id=" . $forum['forum_id'] . "&error=" . $error_str); return TRUE; }
function execute(&$request) { global $_QUERYPARAMS, $_DATASTORE, $_SETTINGS; $this->dba = $request['dba']; /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); /* Check the request ID */ if (!isset($_REQUEST['forum_id']) || !$_REQUEST['forum_id'] || intval($_REQUEST['forum_id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_FORUMDOESNTEXIST'); } /* Check the request ID */ if (!isset($_REQUEST['forum_id']) || !$_REQUEST['forum_id'] || intval($_REQUEST['forum_id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_FORUMDOESNTEXIST'); } $forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id = " . intval($_REQUEST['forum_id'])); /* Check the forum data given */ if (!$forum || !is_array($forum) || empty($forum)) { $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_FORUMDOESNTEXIST'); } /* Make sure the we are trying to post into a forum */ if (!($forum['row_type'] & FORUM) || $forum['forum_id'] == GARBAGE_BIN) { $action = new K4InformationAction(new K4LanguageElement('L_CANTPOSTTONONFORUM'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_CANTPOSTTONONFORUM'); } /* Do we have permission to post to this forum? */ if ($request['user']->get('perms') < get_map('topics', 'can_add', array('forum_id' => $forum['forum_id']))) { $action = new K4InformationAction(new K4LanguageElement('L_PERMCANTPOST'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_PERMCANTPOST'); } /* General error checking */ if (!isset($_REQUEST['name']) || $_REQUEST['name'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_INSERTTOPICNAME'), 'content', TRUE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_INSERTTOPICNAME'); } if (!$this->runPostFilter('name', new FALengthFilter(intval($_SETTINGS['topicmaxchars'])))) { $action = new K4InformationAction(new K4LanguageElement('L_TITLETOOSHORT', intval($_SETTINGS['topicminchars']), intval($_SETTINGS['topicmaxchars'])), 'content', TRUE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message(new K4LanguageElement('L_TITLETOOSHORT', intval($_SETTINGS['topicminchars']), intval($_SETTINGS['topicmaxchars']))); } if (!$this->runPostFilter('name', new FALengthFilter(intval($_SETTINGS['topicmaxchars']), intval($_SETTINGS['topicminchars'])))) { $action = new K4InformationAction(new K4LanguageElement('L_TITLETOOSHORT', intval($_SETTINGS['topicminchars']), intval($_SETTINGS['topicmaxchars'])), 'content', TRUE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message(new K4LanguageElement('L_TITLETOOSHORT', intval($_SETTINGS['topicminchars']), intval($_SETTINGS['topicmaxchars']))); } if (!isset($_REQUEST['message']) || $_REQUEST['message'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_INSERTTOPICMESSAGE'), 'content', TRUE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_INSERTTOPICMESSAGE'); } /* Get our topic */ $draft = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id = " . intval($_REQUEST['post_id']) . " AND is_draft = 1 AND poster_id = " . intval($request['user']->get('id'))); if (!$draft || !is_array($draft) || empty($draft)) { $action = new K4InformationAction(new K4LanguageElement('L_DRAFTDOESNTEXIST'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_DRAFTDOESNTEXIST'); } /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], 'L_POSTTOPIC', $forum); $created = time(); /* Initialize the bbcode parser with the topic message */ $_REQUEST['message'] = substr($_REQUEST['message'], 0, $_SETTINGS['postmaxchars']); /* Parse the bbcode */ $body_text = $_REQUEST['message']; $submit_type = isset($_REQUEST['submit_type']) ? $_REQUEST['submit_type'] : 'post'; if (!isset($_REQUEST['disable_bbcode']) || !$_REQUEST['disable_bbcode']) { $parser =& new BBParser(); Globals::setGlobal('forum_id', $forum['forum_id']); Globals::setGlobal('maxpolloptions', $request['template']->getVar('maxpolloptions') > $forum['maxpolloptions'] ? $forum['maxpolloptions'] : $request['template']->getVar('maxpolloptions')); Globals::setGlobal('maxpollquestions', $request['template']->getVar('maxpollquestions') > $forum['maxpollquestions'] ? $forum['maxpollquestions'] : $request['template']->getVar('maxpollquestions')); if ($submit_type == 'post' || $submit_type == 'draft' || isset($_REQUEST['post'])) { $parser->register('BBPollNode'); } $body_text = $parser->parse($body_text); $is_poll = Globals::getGlobal('is_poll'); } // permissions are taken into account inside the poller //$poller = &new K4BBPolls($body_text, $draft['body_text'], $forum, $draft['post_id']); /** * Figure out what type of topic type this is */ $post_type = isset($_REQUEST['post_type']) && intval($_REQUEST['post_type']) != 0 ? $_REQUEST['post_type'] : TOPIC_NORMAL; if ($post_type == TOPIC_STICKY && $request['user']->get('perms') < get_map('sticky', 'can_add', array('forum_id' => $forum['forum_id']))) { $post_type = TOPIC_NORMAL; } else { if ($post_type == TOPIC_ANNOUNCE && $request['user']->get('perms') < get_map('announce', 'can_add', array('forum_id' => $forum['forum_id']))) { $post_type = TOPIC_NORMAL; } } $is_feature = isset($_REQUEST['is_feature']) && $_REQUEST['is_feature'] == 'yes' ? 1 : 0; if ($is_feature == 1 && $request['user']->get('perms') < get_map('feature', 'can_add', array('forum_id' => $forum['forum_id']))) { $is_feature = 0; } /* If we are submitting or saving a draft */ if ($submit_type == 'post' || $submit_type == 'draft' || (isset($_REQUEST['post']) || isset($_REQUEST['draft']))) { /** * Build the queries to add the draft */ $poster_name = $request['user']->get('id') <= 0 ? k4_htmlentities(isset($_REQUEST['poster_name']) ? $_REQUEST['poster_name'] : '', ENT_QUOTES) : $request['user']->get('name'); $update_a = $request['dba']->prepareStatement("UPDATE " . K4POSTS . " SET name=?,body_text=?,posticon=?,disable_html=?,disable_bbcode=?,disable_emoticons=?,disable_sig=?,disable_areply=?,disable_aurls=?,is_draft=?,post_type=?,is_feature=?,is_poll=?,created=? WHERE post_id=?"); /* Set the informtion */ $update_a->setInt(1, $created); $update_a->setInt(2, $draft['post_id']); /* Set the topic information */ $update_a->setString(1, k4_htmlentities(html_entity_decode($_REQUEST['name']), ENT_QUOTES)); $update_a->setString(2, $body_text); $update_a->setString(3, $request['user']->get('perms') >= get_map('posticons', 'can_add', array('forum_id' => $forum['forum_id'])) ? isset($_REQUEST['posticon']) ? $_REQUEST['posticon'] : 'clear.gif' : 'clear.gif'); $update_a->setInt(4, isset($_REQUEST['disable_html']) && $_REQUEST['disable_html'] ? 1 : 0); $update_a->setInt(5, isset($_REQUEST['disable_bbcode']) && $_REQUEST['disable_bbcode'] ? 1 : 0); $update_a->setInt(6, isset($_REQUEST['disable_emoticons']) && $_REQUEST['disable_emoticons'] ? 1 : 0); $update_a->setInt(7, isset($_REQUEST['enable_sig']) && $_REQUEST['enable_sig'] ? 0 : 1); $update_a->setInt(8, isset($_REQUEST['disable_areply']) && $_REQUEST['disable_areply'] ? 1 : 0); $update_a->setInt(9, isset($_REQUEST['disable_aurls']) && $_REQUEST['disable_aurls'] ? 1 : 0); $update_a->setInt(10, 0); $update_a->setInt(11, $post_type); $update_a->setInt(12, $is_feature); $update_a->setInt(13, $is_poll); $update_a->setInt(14, $created); $update_a->setInt(15, $draft['post_id']); /** * Do the queries */ $update_a->executeUpdate(); $forum_update = $request['dba']->prepareStatement("UPDATE " . K4FORUMS . " SET topics=topics+1,posts=posts+1,post_created=?,post_name=?,post_uname=?,post_id=?,post_uid=?,post_posticon=? WHERE forum_id=?"); $datastore_update = $request['dba']->prepareStatement("UPDATE " . K4DATASTORE . " SET data=? WHERE varname=?"); if (isset($_REQUEST['submit_type']) && $_REQUEST['submit_type'] == 'post' || isset($_REQUEST['post'])) { $request['dba']->executeUpdate("UPDATE " . K4USERINFO . " SET num_posts=num_posts+1,total_posts=total_posts+1 WHERE user_id=" . intval($request['user']->get('id'))); } /* Set the forum values */ $forum_update->setInt(1, $created); $forum_update->setString(2, k4_htmlentities(html_entity_decode($_REQUEST['name']), ENT_QUOTES)); $forum_update->setString(3, $poster_name); $forum_update->setInt(4, $draft['post_id']); $forum_update->setInt(5, $request['user']->get('id')); $forum_update->setString(6, iif($request['user']->get('perms') >= get_map('posticons', 'can_add', array('forum_id' => $forum['forum_id'])), isset($_REQUEST['posticon']) ? $_REQUEST['posticon'] : 'clear.gif', 'clear.gif')); $forum_update->setInt(7, $forum['forum_id']); /* Set the datastore values */ $datastore = $_DATASTORE['forumstats']; $datastore['num_topics'] = $request['dba']->getValue("SELECT COUNT(*) FROM " . K4POSTS . " WHERE is_draft=0"); $datastore_update->setString(1, serialize($datastore)); $datastore_update->setString(2, 'forumstats'); /** * Update the forums table and datastore table */ $forum_update->executeUpdate(); $datastore_update->executeUpdate(); reset_cache('datastore'); /** * Subscribe this user to the topic */ if (isset($_REQUEST['disable_areply']) && $_REQUEST['disable_areply']) { $subscribe = $request['dba']->prepareStatement("INSERT INTO " . K4SUBSCRIPTIONS . " (user_id,post_id,forum_id,email) VALUES (?,?,?,?)"); $subscribe->setInt(1, $request['user']->get('id')); $subscribe->setInt(2, $draft['id']); $subscribe->setInt(3, $forum['forum_id']); $subscribe->setString(4, $request['user']->get('email')); $subscribe->executeUpdate(); } // deal with attachments if ($request['template']->getVar('nojs') == 0) { attach_files($request, $forum, $draft['post_id']); } // set up the topic queue set_send_topic_mail($forum['forum_id'], $poster_name == '' ? $request['template']->getVar('L_GUEST') : $poster_name); /* Redirect the user */ $action = new K4InformationAction(new K4LanguageElement('L_ADDEDTOPIC', k4_htmlentities(html_entity_decode($_REQUEST['name']), ENT_QUOTES), $forum['name']), 'content', FALSE, 'viewtopic.php?id=' . $draft['post_id'], 3); return $action->execute($request); /* If we are previewing */ } else { /** * Post Previewing */ if (!USE_XMLHTTP) { $request['template']->setVar('L_TITLETOOSHORT', sprintf($request['template']->getVar('L_TITLETOOSHORT'), $request['template']->getVar('topicminchars'), $request['template']->getVar('topicmaxchars'))); /* Get and set the emoticons and post icons to the template */ $emoticons = $request['dba']->executeQuery("SELECT * FROM " . K4EMOTICONS . " WHERE clickable=1"); $posticons = $request['dba']->executeQuery("SELECT * FROM " . K4POSTICONS); /* Add the emoticons and posticons */ $request['template']->setList('emoticons', $emoticons); $request['template']->setList('posticons', $posticons); /* Set some emoticon information */ $request['template']->setVar('emoticons_per_row', $request['template']->getVar('smcolumns')); $request['template']->setVar('emoticons_per_row_remainder', $request['template']->getVar('smcolumns') - 1); $request['template']->setVar('newtopic_action', 'newtopic.php?act=postdraft'); $request['template']->setVisibility('post_topic', TRUE); post_attachment_options($request, $forum, $draft); topic_post_options($request['template'], $request['user'], $forum); /* Create our editor */ create_editor($request, $_REQUEST['message'], 'post', $forum); } /* Set topic iterator array elements to be passed to the template */ $topic_preview = array('post_id' => @$draft['post_id'], 'name' => k4_htmlentities(html_entity_decode($_REQUEST['name']), ENT_QUOTES), 'posticon' => isset($_REQUEST['posticon']) ? $_REQUEST['posticon'] : 'clear.gif', 'body_text' => $body_text, 'poster_name' => html_entity_decode($draft['poster_name'], ENT_QUOTES), 'poster_id' => $request['user']->get('id'), 'is_poll' => $draft['is_poll'], 'row_left' => 0, 'row_right' => 0, 'post_type' => $post_type, 'is_feature' => $is_feature, 'posticon' => $request['user']->get('perms') >= get_map('posticons', 'can_add', array('forum_id' => $forum['forum_id'])) ? isset($_REQUEST['posticon']) ? $_REQUEST['posticon'] : 'clear.gif' : 'clear.gif', 'disable_html' => isset($_REQUEST['disable_html']) && $_REQUEST['disable_html'] ? 1 : 0, 'disable_sig' => isset($_REQUEST['enable_sig']) && $_REQUEST['enable_sig'] ? 0 : 1, 'disable_bbcode' => isset($_REQUEST['disable_bbcode']) && $_REQUEST['disable_bbcode'] ? 1 : 0, 'disable_emoticons' => isset($_REQUEST['disable_emoticons']) && $_REQUEST['disable_emoticons'] ? 1 : 0, 'disable_areply' => isset($_REQUEST['disable_areply']) && $_REQUEST['disable_areply'] ? 1 : 0, 'disable_aurls' => isset($_REQUEST['disable_aurls']) && $_REQUEST['disable_aurls'] ? 1 : 0); /* Add the topic information to the template */ $topic_iterator = new TopicIterator($request['dba'], $request['user'], $topic_preview, FALSE); $request['template']->setList('topic', $topic_iterator); /* Assign the topic preview values to the template */ $topic_preview['body_text'] = $_REQUEST['message']; foreach ($topic_preview as $key => $val) { $request['template']->setVar('topic_' . $key, $val); } /* Assign the forum information to the template */ foreach ($forum as $key => $val) { $request['template']->setVar('forum_' . $key, $val); } $request['template']->setVar('is_topic', 1); if (!USE_XMLHTTP) { /* Set the the button display options */ $request['template']->setVisibility('save_draft', FALSE); $request['template']->setVisibility('load_button', FALSE); $request['template']->setVisibility('edit_topic', TRUE); $request['template']->setVisibility('post_id', TRUE); /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], 'L_POSTTOPIC', $forum); /* Set the post topic form */ $request['template']->setVar('forum_forum_id', $forum['forum_id']); $request['template']->setFile('preview', 'post_preview.html'); $request['template']->setFile('content', 'newtopic.html'); } else { $templateset = $request['user']->isMember() ? $request['user']->get('templateset') : $forum['defaultstyle']; $html = $request['template']->run(BB_BASE_DIR . '/templates/' . $templateset . '/post_preview.html'); xmlhttp_header(); echo $html; xmlhttp_footer(); } } return TRUE; }
function execute(&$request) { global $_QUERYPARAMS, $_DATASTORE, $_SETTINGS; /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], 'L_INFORMATION'); /* Check the request ID */ if (!isset($_REQUEST['forum_id']) || !$_REQUEST['forum_id'] || intval($_REQUEST['forum_id']) == 0) { $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_FORUMDOESNTEXIST'); } $forum = $request['dba']->getRow("SELECT * FROM " . K4FORUMS . " WHERE forum_id=" . intval($_REQUEST['forum_id'])); /* Check the forum data given */ if (!$forum || !is_array($forum) || empty($forum)) { $action = new K4InformationAction(new K4LanguageElement('L_FORUMDOESNTEXIST'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_FORUMDOESNTEXIST'); } /* Make sure the we are trying to edit in a forum */ if (!($forum['row_type'] & FORUM) || $forum['forum_id'] == GARBAGE_BIN) { $action = new K4InformationAction(new K4LanguageElement('L_CANTEDITTONONFORUM'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_CANTEDITTONONFORUM'); } /* General error checking */ if ($this->row_type & TOPIC) { if (!isset($_REQUEST['name']) || $_REQUEST['name'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_INSERTTOPICNAME'), 'content', TRUE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_INSERTTOPICNAME'); } $len = strlen($_REQUEST['name']); if ($len < intval($_SETTINGS['topicminchars']) || $len > intval($_SETTINGS['topicmaxchars'])) { $action = new K4InformationAction(new K4LanguageElement('L_TITLETOOSHORT', intval($_SETTINGS['topicminchars']), intval($_SETTINGS['topicmaxchars'])), 'content', TRUE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message(new K4LanguageElement('L_TITLETOOSHORT', intval($_SETTINGS['topicminchars']), intval($_SETTINGS['topicmaxchars']))); } } if (!isset($_REQUEST['message']) || $_REQUEST['message'] == '') { $action = new K4InformationAction(new K4LanguageElement('L_INSERTTOPICMESSAGE'), 'content', TRUE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_INSERTTOPICMESSAGE'); } /* Get our post */ $post = $request['dba']->getRow("SELECT * FROM " . K4POSTS . " WHERE post_id = " . intval($_REQUEST['post_id'])); if (!is_array($post) || empty($post)) { $action = new K4InformationAction(new K4LanguageElement('L_POSTDOESNTEXIST'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_POSTDOESNTEXIST'); } $type = $this->row_type & TOPIC ? 'topics' : 'replies'; /* Does this person have permission to edit this topic? */ if ($post['poster_id'] == $request['user']->get('id')) { if (get_map($type, 'can_edit', array('forum_id' => $forum['forum_id'])) > $request['user']->get('perms')) { $action = new K4InformationAction(new K4LanguageElement('L_YOUNEEDPERMS'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_YOUNEEDPERMS'); } } else { if (get_map('other_' . $type, 'can_edit', array('forum_id' => $forum['forum_id'])) > $request['user']->get('perms')) { $action = new K4InformationAction(new K4LanguageElement('L_YOUNEEDPERMS'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_YOUNEEDPERMS'); } } if ($post['is_poll'] == 1) { // TODO: something here. } /* Does this user have permission to edit this topic if it is locked? */ if ($post['post_locked'] == 1 && get_map('closed', 'can_edit', array('forum_id' => $forum['forum_id'])) > $request['user']->get('perms')) { $action = new K4InformationAction(new K4LanguageElement('L_YOUNEEDPERMS'), 'content', FALSE); return !USE_XMLHTTP ? $action->execute($request) : xmlhttp_message('L_YOUNEEDPERMS'); } /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], $this->row_type & TOPIC ? 'L_EDITTOPIC' : 'L_EDITREPLY', $post, $forum); /* Initialize the bbcode parser with the topic message */ $_REQUEST['message'] = substr($_REQUEST['message'], 0, $_SETTINGS['postmaxchars']); /* Parse the bbcode */ $body_text = $_REQUEST['message']; $submit_type = isset($_REQUEST['submit_type']) ? $_REQUEST['submit_type'] : 'post'; if (!isset($_REQUEST['disable_bbcode']) || !$_REQUEST['disable_bbcode']) { $parser =& new BBParser(); Globals::setGlobal('forum_id', $forum['forum_id']); Globals::setGlobal('maxpolloptions', $request['template']->getVar('maxpolloptions') > $forum['maxpolloptions'] ? $forum['maxpolloptions'] : $request['template']->getVar('maxpolloptions')); Globals::setGlobal('maxpollquestions', $request['template']->getVar('maxpollquestions') > $forum['maxpollquestions'] ? $forum['maxpollquestions'] : $request['template']->getVar('maxpollquestions')); if ($submit_type == 'post' || isset($_REQUEST['post'])) { $parser->register('BBPollNode'); } $body_text = $parser->parse($body_text); if ($submit_type == 'post' || isset($_REQUEST['post'])) { $body_text = $parser->comparePolls($post['post_id'], $body_text, $post['body_text'], $request['dba']); } $is_poll = Globals::getGlobal('is_poll'); } // permissions are taken into account inside the poller //$poller = &new K4BBPolls($body_text, $topic['body_text'], $forum, $topic['post_id']); $request['template']->setVar('newtopic_action', 'newtopic.php?act=updatetopic'); if ($this->row_type & TOPIC) { /* Get the topic type */ $post_type = isset($_REQUEST['post_type']) && intval($_REQUEST['post_type']) != 0 ? $_REQUEST['post_type'] : TOPIC_NORMAL; /* Check the topic type and check if this user has permission to post that type of topic */ if ($post_type == TOPIC_STICKY && $request['user']->get('perms') < get_map('sticky', 'can_add', array('forum_id' => $forum['forum_id']))) { $post_type = TOPIC_NORMAL; } else { if ($post_type == TOPIC_ANNOUNCE && $request['user']->get('perms') < get_map('announce', 'can_add', array('forum_id' => $forum['forum_id']))) { $post_type = TOPIC_NORMAL; } } /* Is this a featured topic? */ $is_feature = isset($_REQUEST['is_feature']) && $_REQUEST['is_feature'] == 'yes' ? 1 : 0; if ($is_feature == 1 && $request['user']->get('perms') < get_map('feature', 'can_add', array('forum_id' => $forum['forum_id']))) { $is_feature = 0; } } else { $post_type = TOPIC_NORMAL; $is_feature = 0; } /* If we are saving this topic */ if ($submit_type == 'post' || isset($_REQUEST['post'])) { $posticon = iif($request['user']->get('perms') >= get_map('posticons', 'can_add', array('forum_id' => $forum['forum_id'])), isset($_REQUEST['posticon']) ? $_REQUEST['posticon'] : 'clear.gif', 'clear.gif'); $time = time(); $name = k4_htmlentities($_REQUEST['name'], ENT_QUOTES); /** * Build the queries to update the topic */ $update_a = $request['dba']->prepareStatement("UPDATE " . K4POSTS . " SET name=?,body_text=?,posticon=?,disable_html=?,disable_bbcode=?,disable_emoticons=?,disable_sig=?,disable_areply=?,disable_aurls=?,is_draft=?,edited_time=?,edited_username=?,edited_userid=?,is_feature=?,post_type=?,post_expire=?,is_poll=? WHERE post_id=?"); $update_a->setString(1, $name); $update_a->setString(2, $body_text); $update_a->setString(3, $posticon); $update_a->setInt(4, isset($_REQUEST['disable_html']) && $_REQUEST['disable_html'] ? 1 : 0); $update_a->setInt(5, isset($_REQUEST['disable_bbcode']) && $_REQUEST['disable_bbcode'] ? 1 : 0); $update_a->setInt(6, isset($_REQUEST['disable_emoticons']) && $_REQUEST['disable_emoticons'] ? 1 : 0); $update_a->setInt(7, isset($_REQUEST['enable_sig']) && $_REQUEST['enable_sig'] ? 0 : 1); $update_a->setInt(8, isset($_REQUEST['disable_areply']) && $_REQUEST['disable_areply'] ? 1 : 0); $update_a->setInt(9, isset($_REQUEST['disable_aurls']) && $_REQUEST['disable_aurls'] ? 1 : 0); $update_a->setInt(10, 0); $update_a->setInt(11, $time); $update_a->setString(12, $request['user']->get('id') <= 0 ? k4_htmlentities(isset($_REQUEST['poster_name']) ? $_REQUEST['poster_name'] : '', ENT_QUOTES) : $request['user']->get('name')); $update_a->setInt(13, $request['user']->get('id')); $update_a->setInt(14, $is_feature); $update_a->setInt(15, $post_type); $update_a->setInt(16, $post_type > TOPIC_NORMAL ? intval(isset($_REQUEST['post_expire']) ? $_REQUEST['post_expire'] : 0) : 0); $update_a->setInt(17, $is_poll); $update_a->setInt(18, $post['post_id']); $update_a->executeUpdate(); /* If this topic is a redirect/ connects to one, update the original */ if ($this->row_type & TOPIC && ($post['moved_new_post_id'] > 0 || $post['moved_old_post_id'] > 0)) { $redirect = $request['dba']->prepareStatement("UPDATE " . K4POSTS . " SET name=?,edited_time=?,edited_username=?,edited_userid=? WHERE post_id=?"); $redirect->setString(1, $name); $redirect->setInt(2, time()); $redirect->setString(3, $request['user']->get('name')); $redirect->setInt(4, $request['user']->get('id')); $redirect->setInt(5, $post['moved_new_post_id'] > 0 ? $post['moved_new_post_id'] : $post['moved_old_post_id']); $redirect->executeUpdate(); /** * Subscribe/Unsubscribe this user to the topic */ $is_subscribed = $request['dba']->getRow("SELECT * FROM " . K4SUBSCRIPTIONS . " WHERE user_id = " . intval($request['user']->get('id')) . " AND post_id = " . intval($post['post_id'])); if (isset($_REQUEST['disable_areply']) && $_REQUEST['disable_areply']) { if (!is_array($is_subscribed) || empty($is_subscribed)) { $subscribe = $request['dba']->prepareStatement("INSERT INTO " . K4SUBSCRIPTIONS . " (user_id,post_id,forum_id,email) VALUES (?,?,?,?)"); $subscribe->setInt(1, $request['user']->get('id')); $subscribe->setInt(2, $topic['post_id']); $subscribe->setInt(3, $forum['forum_id']); $subscribe->setString(4, $request['user']->get('email')); $subscribe->executeUpdate(); } } else { if (!isset($_REQUEST['disable_areply']) || !$_REQUEST['disable_areply']) { if (is_array($is_subscribed) && !empty($is_subscribed)) { $subscribe = $request['dba']->prepareStatement("DELETE FROM " . K4SUBSCRIPTIONS . " WHERE user_id=? AND post_id=?"); $subscribe->setInt(1, $request['user']->get('id')); $subscribe->setInt(2, $topic['post_id']); $subscribe->executeUpdate(); } } } } // deal with attachments if ($request['template']->getVar('nojs') == 0) { attach_files($request, $forum, $post); } /* Should we update the forum's last post info? */ if ($forum['lastpost_id'] == $post['post_id']) { // if this topic is the forums last post if ($forum['lastpost_id'] == $post['post_id'] && $forum['lastpost_created'] == $post['created']) { $forum_topic_update = $request['dba']->prepareStatement("UPDATE " . K4FORUMS . " SET lastpost_name=?,lastpost_posticon=? WHERE forum_id=?"); $forum_topic_update->setString(1, $name); $forum_topic_update->setString(2, $posticon); $forum_topic_update->setInt(3, $forum['forum_id']); $forum_topic_update->executeUpdate(); } } /* Redirect the user */ $action = new K4InformationAction(new K4LanguageElement($this->row_type & TOPIC ? 'L_UPDATEDTOPIC' : 'L_UPDATEDREPLY', $name), 'content', FALSE, 'findpost.php?id=' . $post['post_id'], 3); return $action->execute($request); } else { /** * Post Previewing */ if (!USE_XMLHTTP) { $request['template']->setVar('L_TITLETOOSHORT', sprintf($request['template']->getVar('L_TITLETOOSHORT'), $request['template']->getVar('topicminchars'), $request['template']->getVar('topicmaxchars'))); /* Get and set the emoticons and post icons to the template */ $emoticons = $request['dba']->executeQuery("SELECT * FROM " . K4EMOTICONS . " WHERE clickable = 1"); $posticons = $request['dba']->executeQuery("SELECT * FROM " . K4POSTICONS); $request['template']->setList('emoticons', $emoticons); $request['template']->setList('posticons', $posticons); $request['template']->setVar('emoticons_per_row', $request['template']->getVar('smcolumns')); $request['template']->setVar('emoticons_per_row_remainder', $request['template']->getVar('smcolumns') - 1); post_attachment_options($request, $forum, $post); topic_post_options($request['template'], $request['user'], $forum); /* Create our editor */ create_editor($request, $_REQUEST['message'], 'post', $forum); } $topic_preview = array('post_id' => @$post['post_id'], 'name' => $name, 'posticon' => isset($_REQUEST['posticon']) ? $_REQUEST['posticon'] : 'clear.gif', 'body_text' => $body_text, 'poster_name' => html_entity_decode($topic['poster_name'], ENT_QUOTES), 'poster_id' => $request['user']->get('id'), 'is_poll' => $topic['is_poll'], 'row_left' => 0, 'row_right' => 0, 'post_type' => $post_type, 'is_feature' => $is_feature, 'disable_html' => isset($_REQUEST['disable_html']) && $_REQUEST['disable_html'] ? 1 : 0, 'disable_sig' => isset($_REQUEST['enable_sig']) && $_REQUEST['enable_sig'] ? 1 : 0, 'disable_bbcode' => isset($_REQUEST['disable_bbcode']) && $_REQUEST['disable_bbcode'] ? 1 : 0, 'disable_emoticons' => isset($_REQUEST['disable_emoticons']) && $_REQUEST['disable_emoticons'] ? 1 : 0, 'disable_areply' => isset($_REQUEST['disable_areply']) && $_REQUEST['disable_areply'] ? 1 : 0, 'disable_aurls' => isset($_REQUEST['disable_aurls']) && $_REQUEST['disable_aurls'] ? 1 : 0); /* Add the topic information to the template */ $topic_iterator =& new TopicIterator($request['dba'], $request['user'], $topic_preview, FALSE); $request['template']->setList('topic', $topic_iterator); /* Assign the topic preview values to the template */ $topic_preview['body_text'] = $_REQUEST['message']; foreach ($topic_preview as $key => $val) { $request['template']->setVar('topic_' . $key, $val); } /* Assign the forum information to the template */ foreach ($forum as $key => $val) { $request['template']->setVar('forum_' . $key, $val); } if (!USE_XMLHTTP) { /* Set the the button display options */ $request['template']->setVisibility('save_draft', FALSE); $request['template']->setVisibility('load_button', FALSE); $request['template']->setVisibility('edit_topic', TRUE); $request['template']->setVisibility('post_id', TRUE); $request['template']->setVisibility('post_topic', FALSE); $request['template']->setVisibility('edit_post', TRUE); /* set the breadcrumbs bit */ k4_bread_crumbs($request['template'], $request['dba'], 'L_POSTTOPIC', $forum); /* Set the post topic form */ $request['template']->setVar('forum_forum_id', $forum['forum_id']); $request['template']->setFile('preview', 'post_preview.html'); $request['template']->setFile('content', 'newtopic.html'); } else { $templateset = $request['user']->isMember() ? $request['user']->get('templateset') : $forum['defaultstyle']; xmlhttp_header(); echo $request['template']->run(BB_BASE_DIR . '/templates/' . $templateset . '/post_preview.html'); xmlhttp_footer(); } } return TRUE; }