Ejemplo n.º 1
0
 public function get_mood_message()
 {
     // whether any user has reacted to this post
     $locale = fusion_get_locale("", FORUM_ADMIN_LOCALE);
     $locale += fusion_get_locale("", FORUM_LOCALE);
     $last_datestamp = array();
     $mood_description = array();
     $mood_cache = $this->cache_mood();
     $response_query = "SELECT pn.*, u.user_id, u.user_name, u.user_avatar, u.user_status\n        FROM " . DB_POST_NOTIFY . " pn\n        LEFT JOIN " . DB_USERS . " u ON pn.notify_sender = u.user_id\n        WHERE post_id='" . $this->post_id . "' GROUP BY pn.notify_mood_id ORDER BY pn.notify_mood_id ASC, pn.post_id ASC";
     $response_result = dbquery($response_query);
     if (dbrows($response_result)) {
         while ($m_data = dbarray($response_result)) {
             $user_output = "<a class='mood_sender' href='" . FUSION_REQUEST . "#post_" . $this->post_id . "'>\n" . profile_link($m_data['user_id'], $m_data['user_name'], $m_data['user_status'], "", FALSE) . "</a>";
             if (fusion_get_userdata('user_id') == $m_data['notify_sender']) {
                 $user_output = $locale['you'];
             }
             $reply_sender[$m_data['notify_mood_id']][] = $user_output;
             // The pairing errors are when `notify_mood_id` is illegally inserted or deleted
             // To code fallback on empty
             $last_datestamp[$m_data['notify_mood_id']] = $m_data['notify_datestamp'];
             $icon = isset($mood_cache[$m_data['notify_mood_id']]['mood_icon']) ? $mood_cache[$m_data['notify_mood_id']]['mood_icon'] : "fa fa-question fa-fw";
             $mood_icon[$m_data['notify_mood_id']] = "<i class='{$icon}'></i>";
             $description = isset($mood_cache[$m_data['notify_mood_id']]['mood_description']) ? $mood_cache[$m_data['notify_mood_id']]['mood_description'] : $locale['forum_0529'];
             $mood_description[$m_data['notify_mood_id']] = $description;
         }
         $output_message = "";
         foreach ($mood_description as $mood_id => $mood_output) {
             $senders = implode(", ", $reply_sender[$mood_id]);
             $output_message .= sprintf($locale['forum_0528'], $mood_icon[$mood_id], $senders, $mood_output, timer($last_datestamp[$mood_id])) . "\n                        <br/>";
         }
         return (string) $output_message;
     }
 }
Ejemplo n.º 2
0
 public function generate_token($form_id = 'phpfusion', $max_tokens = 10, $file = "")
 {
     global $defender;
     $userdata = fusion_get_userdata();
     $user_id = iMEMBER ? $userdata['user_id'] : 0;
     // store just one token for each form if the user is a guest
     if ($user_id == 0) {
         $max_tokens = 1;
     }
     if (isset($_POST['fusion_token']) && $defender->tokenIsValid && $form_id == stripinput($_POST['form_id'])) {
         /**
          * Attempt to recover the token instead of generating a new one
          * Checks if a token is being posted and if is valid, and then
          * checks if the form for which this token was intended is
          * the same form for which we are trying to generate a token
          */
         $token = stripinput($_POST['fusion_token']);
         if ($defender->debug) {
             addNotice('success', 'The token for "' . stripinput($_POST['form_id']) . '" has been recovered and is being reused');
         }
         $defender->recycled_token = $token;
     } else {
         $token_time = time();
         $algo = fusion_get_settings('password_algorithm');
         $key = $user_id . $token_time . $form_id . SECRET_KEY;
         $salt = md5(isset($userdata['user_salt']) ? $userdata['user_salt'] . SECRET_KEY_SALT : SECRET_KEY_SALT);
         // generate a new token
         $token = $user_id . "." . $token_time . "." . hash_hmac($algo, $key, $salt);
         // store the token in session
         $_SESSION['csrf_tokens'][self::pageHash($file)][$form_id][] = $token;
         if ($defender->debug) {
             if (!$defender->safe()) {
                 addNotice('danger', 'FUSION NULL is DECLARED');
             }
             if (!empty($_SESSION['csrf_tokens'][self::pageHash($file)][$form_id])) {
                 addNotice('danger', 'Current Token That is Going to be validated in this page: ');
                 addNotice('danger', $_SESSION['csrf_tokens'][self::pageHash($file)][$form_id]);
                 // is not going to be able to read the new one.
             } else {
                 addNotice('warning', 'There is no token for this page this round');
             }
         }
         // some cleaning, remove oldest token if there are too many
         if (count($_SESSION['csrf_tokens'][self::pageHash($file)][$form_id]) > $max_tokens) {
             if ($defender->debug) {
                 addNotice('warning', 'Token that is <b>erased</b> ' . $_SESSION['csrf_tokens'][self::pageHash($file)][$form_id][0] . '. This token cannot be validated anymore.');
             }
             array_shift($_SESSION['csrf_tokens'][self::pageHash($file)][$form_id]);
         }
         if ($defender->debug) {
             if (!empty($_SESSION['csrf_tokens'][self::pageHash($file)][$form_id])) {
                 addNotice('danger', "After clean up, the token remaining is on " . $form_id . " is -- ");
                 addNotice('danger', $_SESSION['csrf_tokens'][self::pageHash($file)][$form_id]);
             } else {
                 addNotice('warning', 'There is no token for this page this round');
             }
         }
     }
     return $token;
 }
Ejemplo n.º 3
0
 /**
  * Get thread structure when given specific tag id
  * @param string     $tag_id
  * @param bool|FALSE $filter
  * @return array
  */
 public static function get_tag_thread($tag_id = '0', $filter = FALSE)
 {
     $info = array();
     $locale = fusion_get_locale("", FORUM_LOCALE);
     $forum_settings = ForumServer::get_forum_settings();
     $userdata = fusion_get_userdata();
     $userdata['user_id'] = !empty($userdata['user_id']) ? (int) intval($userdata['user_id']) : 0;
     $lastVisited = isset($userdata['user_lastvisit']) && isnum($userdata['user_lastvisit']) ? $userdata['user_lastvisit'] : time();
     /**
      * Get threads with filter conditions (XSS prevention)
      */
     $thread_query = "\n        SELECT\n        count(t.thread_id) 'thread_max_rows',\n        count(a1.attach_id) 'attach_image',\n        count(a2.attach_id) 'attach_files'\n        FROM " . DB_FORUM_THREADS . " t\n        LEFT JOIN " . DB_FORUMS . " tf ON tf.forum_id = t.forum_id\n        INNER JOIN " . DB_USERS . " tu1 ON t.thread_author = tu1.user_id\n        #LEFT JOIN " . DB_USERS . " tu2 ON t.thread_lastuser = tu2.user_id\n        LEFT JOIN " . DB_FORUM_POSTS . " p1 ON p1.thread_id = t.thread_id and p1.post_id = t.thread_lastpostid\n        LEFT JOIN " . DB_FORUM_POLLS . " p ON p.thread_id = t.thread_id\n        #LEFT JOIN " . DB_FORUM_VOTES . " v ON v.thread_id = t.thread_id AND p1.post_id = v.post_id\n        LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a1 on a1.thread_id = t.thread_id AND a1.attach_mime IN ('" . implode(",", img_mimeTypes()) . "')\n        LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a2 on a2.thread_id = t.thread_id AND a2.attach_mime NOT IN ('" . implode(",", img_mimeTypes()) . "')\n        WHERE " . in_group('t.thread_tags', intval($tag_id), '.') . " AND t.thread_hidden='0' AND " . groupaccess('tf.forum_access') . "\n        " . (isset($filter['condition']) ? $filter['condition'] : '') . "\n        GROUP BY tf.forum_id\n        ";
     $thread_result = dbquery($thread_query);
     $thread_rows = dbrows($thread_result);
     $count = array("thread_max_rows" => 0, "attach_image" => 0, "attach_files" => 0);
     $info['item'][$tag_id]['forum_threadcount'] = 0;
     $info['item'][$tag_id]['forum_threadcount_word'] = format_word($count['thread_max_rows'], $locale['fmt_thread']);
     if ($thread_rows > 0) {
         $count = dbarray($thread_result);
         $info['item'][$tag_id]['forum_threadcount'] = 0;
         $info['item'][$tag_id]['forum_threadcount_word'] = format_word($count['thread_max_rows'], $locale['fmt_thread']);
     }
     $info['thread_max_rows'] = $count['thread_max_rows'];
     if ($info['thread_max_rows'] > 0) {
         $info['threads']['pagenav'] = "";
         $info['threads']['pagenav2'] = "";
         // anti-XSS filtered rowstart
         $_GET['thread_rowstart'] = isset($_GET['thread_rowstart']) && isnum($_GET['thread_rowstart']) && $_GET['thread_rowstart'] <= $count['thread_max_rows'] ? $_GET['thread_rowstart'] : 0;
         $thread_query = "\n            SELECT t.*, tf.forum_type, tf.forum_name, tf.forum_cat,\n            tu1.user_name ' author_name', tu1.user_status 'author_status', tu1.user_avatar 'author_avatar',\n            tu2.user_name 'last_user_name', tu2.user_status 'last_user_status', tu2.user_avatar 'last_user_avatar',\n            p1.post_datestamp, p1.post_message,\n            IF (n.thread_id > 0, 1 , 0) 'user_tracked',\n            count(v.vote_user) 'thread_rated',\n            count(pv.forum_vote_user_id) 'poll_voted',\n            p.forum_poll_title,\n            count(v.post_id) AS vote_count,\n            a1.attach_name, a1.attach_id,\n            a2.attach_name, a2.attach_id,\n            count(a1.attach_mime) 'attach_image',\n            count(a2.attach_mime) 'attach_files',\n            min(p2.post_datestamp) 'first_post_datestamp'\n            FROM " . DB_FORUM_THREADS . " t\n            LEFT JOIN " . DB_FORUMS . " tf ON tf.forum_id = t.forum_id\n            INNER JOIN " . DB_USERS . " tu1 ON t.thread_author = tu1.user_id\n            LEFT JOIN " . DB_USERS . " tu2 ON t.thread_lastuser = tu2.user_id\n            LEFT JOIN " . DB_FORUM_POSTS . " p1 ON p1.thread_id = t.thread_id and p1.post_id = t.thread_lastpostid\n            LEFT JOIN " . DB_FORUM_POSTS . " p2 ON p2.thread_id = t.thread_id\n            LEFT JOIN " . DB_FORUM_POLLS . " p ON p.thread_id = t.thread_id\n            #LEFT JOIN " . DB_FORUM_VOTES . " v ON v.thread_id = t.thread_id AND p1.post_id = v.post_id\n            LEFT JOIN " . DB_FORUM_VOTES . " v on v.thread_id = t.thread_id AND v.vote_user='******'user_id'] . "' AND v.forum_id = t.forum_id AND tf.forum_type='4'\n            LEFT JOIN " . DB_FORUM_POLL_VOTERS . " pv on pv.thread_id = t.thread_id AND pv.forum_vote_user_id='" . $userdata['user_id'] . "' AND t.thread_poll=1\n            LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a1 on a1.thread_id = t.thread_id AND a1.attach_mime IN ('" . implode(",", img_mimeTypes()) . "')\n            LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a2 on a2.thread_id = t.thread_id AND a2.attach_mime NOT IN ('" . implode(",", img_mimeTypes()) . "')\n            LEFT JOIN " . DB_FORUM_THREAD_NOTIFY . " n on n.thread_id = t.thread_id and n.notify_user = '******'user_id'] . "'\n            WHERE " . in_group('t.thread_tags', intval($tag_id), '.') . " AND t.thread_hidden='0' AND " . groupaccess('tf.forum_access') . "\n            " . (isset($filter['condition']) ? $filter['condition'] : '') . "\n            " . (multilang_table("FO") ? "AND tf.forum_language='" . LANGUAGE . "'" : '') . "\n            GROUP BY t.thread_id\n            " . (isset($filter['order']) ? $filter['order'] : '') . "\n            LIMIT " . intval($_GET['thread_rowstart']) . ", " . $forum_settings['threads_per_page'];
         $cthread_result = dbquery($thread_query);
         if (dbrows($cthread_result) > 0) {
             while ($threads = dbarray($cthread_result)) {
                 $icon = "";
                 $match_regex = $threads['thread_id'] . "\\|" . $threads['thread_lastpost'] . "\\|" . $threads['forum_id'];
                 if ($threads['thread_lastpost'] > $lastVisited) {
                     if (iMEMBER && ($threads['thread_lastuser'] == $userdata['user_id'] || preg_match("(^\\.{$match_regex}\$|\\.{$match_regex}\\.|\\.{$match_regex}\$)", $userdata['user_threads']))) {
                         $icon = "<i class='" . get_forumIcons('thread') . "' title='" . $locale['forum_0261'] . "'></i>";
                     } else {
                         $icon = "<i class='" . get_forumIcons('new') . "' title='" . $locale['forum_0260'] . "'></i>";
                     }
                 }
                 $author = array('user_id' => $threads['thread_author'], 'user_name' => $threads['author_name'], 'user_status' => $threads['author_status'], 'user_avatar' => $threads['author_avatar']);
                 $lastuser = array('user_id' => $threads['thread_lastuser'], 'user_name' => $threads['last_user_name'], 'user_status' => $threads['last_user_status'], 'user_avatar' => $threads['last_user_avatar']);
                 $threads += array("thread_link" => array("link" => FORUM . "viewthread.php?thread_id=" . $threads['thread_id'], "title" => $threads['thread_subject']), "forum_type" => $threads['forum_type'], "thread_pages" => makepagenav(0, $forum_settings['posts_per_page'], $threads['thread_postcount'], 3, FORUM . "viewthread.php?thread_id=" . $threads['thread_id'] . "&amp;"), "thread_icons" => array('lock' => $threads['thread_locked'] ? "<i class='" . self::get_forumIcons('lock') . "' title='" . $locale['forum_0263'] . "'></i>" : '', 'sticky' => $threads['thread_sticky'] ? "<i class='" . self::get_forumIcons('sticky') . "' title='" . $locale['forum_0103'] . "'></i>" : '', 'poll' => $threads['thread_poll'] ? "<i class='" . self::get_forumIcons('poll') . "' title='" . $locale['forum_0314'] . "'></i>" : '', 'hot' => $threads['thread_postcount'] >= 20 ? "<i class='" . self::get_forumIcons('hot') . "' title='" . $locale['forum_0311'] . "'></i>" : '', 'reads' => $threads['thread_views'] >= 20 ? "<i class='" . self::get_forumIcons('reads') . "' title='" . $locale['forum_0311'] . "'></i>" : '', 'image' => $threads['attach_image'] > 0 ? "<i class='" . self::get_forumIcons('image') . "' title='" . $locale['forum_0313'] . "'></i>" : '', 'file' => $threads['attach_files'] > 0 ? "<i class='" . self::get_forumIcons('file') . "' title='" . $locale['forum_0312'] . "'></i>" : '', 'icon' => $icon), "thread_starter" => $locale['forum_0006'] . timer($threads['first_post_datestamp']) . " " . $locale['by'] . " " . profile_link($author['user_id'], $author['user_name'], $author['user_status']) . "</span>", "thread_author" => $author, "thread_last" => array('avatar' => display_avatar($lastuser, '30px', '', '', ''), 'profile_link' => profile_link($lastuser['user_id'], $lastuser['user_name'], $lastuser['user_status']), 'time' => $threads['post_datestamp'], 'post_message' => parseubb(parsesmileys($threads['post_message'])), "formatted" => "<div class='pull-left'>" . display_avatar($lastuser, '30px', '', '', '') . "</div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class='overflow-hide'>" . $locale['forum_0373'] . " <span class='forum_profile_link'>" . profile_link($lastuser['user_id'], $lastuser['user_name'], $lastuser['user_status']) . "</span><br/>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . timer($threads['post_datestamp']) . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t</div>"));
                 if ($threads['thread_sticky']) {
                     $info['threads']['sticky'][$threads['thread_id']] = $threads;
                 } else {
                     $info['threads']['item'][$threads['thread_id']] = $threads;
                 }
             }
         }
         if ($info['thread_max_rows'] > $forum_settings['threads_per_page']) {
             $info['threads']['pagenav'] = makepagenav($_GET['thread_rowstart'], $forum_settings['threads_per_page'], $info['thread_max_rows'], 3, clean_request("", array("thread_rowstart"), FALSE) . "&amp;", "thread_rowstart");
             $info['threads']['pagenav2'] = makepagenav($_GET['thread_rowstart'], $forum_settings['threads_per_page'], $info['thread_max_rows'], 3, clean_request("", array("thread_rowstart"), FALSE) . "&amp;", "thread_rowstart", TRUE);
         }
     }
     return (array) $info;
 }
Ejemplo n.º 4
0
 public function __construct()
 {
     $this->settings = fusion_get_settings();
     $this->locale = fusion_get_locale("", LOCALE . LOCALESET . "comments.php");
     $this->userdata = fusion_get_userdata();
     $this->postLink = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "");
     $this->postLink = preg_replace("^(&amp;|\\?)c_action=(edit|delete)&amp;comment_id=\\d*^", "", $this->postLink);
     $_GET['comment'] = isset($_GET['comment']) && isnum($_GET['comment']) ? $_GET['comment'] : 0;
 }
Ejemplo n.º 5
0
function unsuspend_log($user_id, $type, $reason = "", $system = FALSE)
{
    $userdata = fusion_get_userdata();
    // Pre v7.01 check
    $result = dbquery("SELECT suspend_id FROM " . DB_SUSPENDS . "\n\t\tWHERE suspended_user='******' AND suspend_type='{$type}' AND reinstate_date='0'\n\t\tLIMIT 1");
    if (!dbrows($result)) {
        suspend_log($user_id, $type, "", TRUE, FALSE);
    }
    $result = dbquery("UPDATE " . DB_SUSPENDS . " SET\n\t\t\treinstating_admin='" . (!$system ? $userdata['user_id'] : 0) . "', \n\t\t\treinstate_reason='{$reason}', \n\t\t\treinstate_date='" . time() . "', \n\t\t\treinstate_ip='" . (!$system ? USER_IP : 0) . "',\n\t\t\treinstate_ip_type='" . (!$system ? USER_IP_TYPE : 0) . "'\t\t\t\n\t\tWHERE \n\t\t\tsuspended_user='******' AND suspend_type='{$type}' AND reinstate_date='0'");
}
Ejemplo n.º 6
0
 /**
  * Septenary Header
  */
 public function displayHeader()
 {
     global $aidlink;
     $userdata = fusion_get_userdata();
     $locale = self::$locale;
     echo "<header id='top'>";
     echo "<div class='overlay'>\n";
     $this->open_grid('section-1', 1);
     echo "<div class='row hidden-xs'>\n";
     echo "<div id='logo' class='hidden-xs hidden-md col-lg-3 p-t-5 text-smaller'>\n</div>\n";
     echo "<div class='col-xs-12 col-md-9 col-lg-9 text-right clearfix'>\n";
     echo "<div class='display-inline-block' style='width:30%; float:right;'>\n";
     echo openform('searchform', 'post', BASEDIR . 'search.php?stype=all', array('class' => 'm-b-10'));
     echo form_text('stext', '', '', array('placeholder' => $locale['sept_006'], 'append_button' => TRUE, 'append_type' => "submit", "append_form_value" => $locale['sept_006'], "append_value" => "<i class='fa fa-search'></i> " . $locale['sept_006'], "append_button_name" => "search", 'class' => 'no-border m-b-0'));
     echo closeform();
     echo "</div>\n";
     echo "<ul id='head_nav' class='display-inline-block'>\n";
     $language_opts = '';
     if (count(fusion_get_enabled_languages()) > 1) {
         $language_opts = "<li class='dropdown'>\n";
         $language_opts .= "<a class='dropdown-toggle pointer' data-toggle='dropdown' title='" . fusion_get_locale('UM101') . "'><i class='fa fa-globe fa-lg'></i> " . translate_lang_names(LANGUAGE) . " <span class='caret'></span></a>\n";
         $language_opts .= "<ul class='dropdown-menu' role='menu'>\n";
         $language_switch = fusion_get_language_switch();
         if (!empty($language_switch)) {
             foreach ($language_switch as $folder => $langData) {
                 $language_opts .= "<li class='text-left'><a href='" . $langData['language_link'] . "'>\n";
                 $language_opts .= "<img alt='" . $langData['language_name'] . "' class='m-r-5' src='" . $langData['language_icon_s'] . "'/>\n";
                 $language_opts .= $langData['language_name'];
                 $language_opts .= "</a></li>\n";
             }
         }
         $language_opts .= "</ul>\n";
         $language_opts .= "</li>\n";
     }
     if (!iMEMBER) {
         echo "<li><a href='" . BASEDIR . "login.php'>" . $locale['sept_001'] . "</a></li>\n";
         if (fusion_get_settings("enable_registration")) {
             echo "<li><a href='" . BASEDIR . "register.php'>" . $locale['sept_002'] . "</a></li>\n";
         }
         echo $language_opts;
     } else {
         if (iADMIN) {
             echo "<li>\n<a href='" . ADMIN . $aidlink . "&amp;pagenum=0'>" . $locale['sept_003'] . "</a>\n</li>\n";
         }
         echo "<li>\n<a href='" . BASEDIR . "profile.php?lookup=" . $userdata['user_id'] . "'>" . $locale['sept_004'] . "</a>\n</li>\n";
         echo $language_opts;
         echo "<li>\n<a href='" . BASEDIR . "index.php?logout=yes'>" . $locale['sept_005'] . "</a></li>\n";
     }
     echo "</ul>\n";
     echo "</div>\n";
     echo "</div>\n";
     $this->close_grid(1);
     $this->open_grid('section-2', 1);
     echo "<div class='header-nav'>\n";
     echo showsublinks('') . "\n";
     echo "</div>\n";
     $this->close_grid();
     echo "</div>\n";
     $this->display_Showcase();
     echo "</header>\n";
 }
Ejemplo n.º 7
0
 /**
  * Get the forum structure
  *
  * @param bool $forum_id
  * @param bool $branch_id
  *
  * @return array
  */
 public static function get_forum($forum_id = FALSE, $branch_id = FALSE)
 {
     // only need to fetch child.
     $forum_settings = self::get_forum_settings();
     $userdata = fusion_get_userdata();
     $locale = fusion_get_locale("", FORUM_LOCALE);
     $index = array();
     // define what a row is
     $row = array('forum_new_status' => '', 'last_post' => '', 'forum_icon' => '', 'forum_icon_lg' => '', 'forum_moderators' => '', 'forum_link' => array('link' => '', 'title' => ''), 'forum_description' => '', 'forum_postcount_word' => '', 'forum_threadcount_word' => '');
     $query = dbquery("\n\t\t\t\tSELECT tf.forum_id, tf.forum_cat, tf.forum_branch, tf.forum_name, tf.forum_description, tf.forum_image,\n\t\t\t\ttf.forum_type, tf.forum_mods, tf.forum_threadcount, tf.forum_postcount, tf.forum_order, tf.forum_lastuser, tf.forum_access, tf.forum_lastpost, tf.forum_lastpostid,\n\t\t\t\tt.thread_id, t.thread_lastpost, t.thread_lastpostid, t.thread_subject, p.post_message,\n\t\t\t\tu.user_id, u.user_name, u.user_status, u.user_avatar\n\t\t\t\tFROM " . DB_FORUMS . " tf\n\t\t\t\tLEFT JOIN " . DB_FORUM_THREADS . " t ON tf.forum_lastpostid = t.thread_lastpostid\n\t\t\t\tLEFT JOIN " . DB_FORUM_POSTS . " p ON p.thread_id = t.thread_id AND p.post_id = t.thread_lastpostid\n\t\t\t\tLEFT JOIN " . DB_USERS . " u ON tf.forum_lastuser = u.user_id\n\t\t\t\t" . (multilang_table("FO") ? "WHERE forum_language='" . LANGUAGE . "' AND" : "WHERE") . " " . groupaccess('tf.forum_access') . "\n\t\t\t\t" . ($forum_id && $branch_id ? "AND tf.forum_id = '" . intval($forum_id) . "' or tf.forum_cat = '" . intval($forum_id) . "' OR tf.forum_branch = '" . intval($branch_id) . "'" : '') . "\n\t\t\t\tGROUP BY tf.forum_id ORDER BY tf.forum_cat ASC, tf.forum_order ASC, t.thread_lastpost DESC\n\t\t");
     while ($data = dbarray($query) and checkgroup($data['forum_access'])) {
         // Calculate Forum New Status
         $newStatus = "";
         $forum_match = "\\|" . $data['forum_lastpost'] . "\\|" . $data['forum_id'];
         $last_visited = isset($userdata['user_lastvisit']) && isnum($userdata['user_lastvisit']) ? $userdata['user_lastvisit'] : time();
         if ($data['forum_lastpost'] > $last_visited) {
             if (iMEMBER && ($data['forum_lastuser'] !== $userdata['user_id'] || !preg_match("({$forum_match}\\.|{$forum_match}\$)", $userdata['user_threads']))) {
                 $newStatus = "<span class='forum-new-icon'><i title='" . $locale['forum_0260'] . "' class='" . self::get_forumIcons('new') . "'></i></span>";
             }
         }
         // Calculate lastpost information
         $lastPostInfo = array();
         if ($data['forum_lastpostid']) {
             $last_post = array('avatar' => '', 'avatar_src' => $data['user_avatar'] && file_exists(IMAGES . 'avatars/' . $data['user_avatar']) && !is_dir(IMAGES . 'avatars/' . $data['user_avatar']) ? IMAGES . 'avatars/' . $data['user_avatar'] : '', 'message' => fusion_first_words(parseubb(parsesmileys($data['post_message'])), 10), 'profile_link' => profile_link($data['forum_lastuser'], $data['user_name'], $data['user_status']), 'time' => timer($data['forum_lastpost']), 'date' => showdate("forumdate", $data['forum_lastpost']), 'thread_link' => INFUSIONS . "forum/viewthread.php?forum_id=" . $data['forum_id'] . "&amp;thread_id=" . $data['thread_id'], 'post_link' => INFUSIONS . "forum/viewthread.php?forum_id=" . $data['forum_id'] . "&amp;thread_id=" . $data['thread_id'] . "&amp;pid=" . $data['thread_lastpostid'] . "#post_" . $data['thread_lastpostid']);
             if ($forum_settings['forum_last_post_avatar']) {
                 $last_post['avatar'] = display_avatar($data, '30px', '', '', 'img-rounded');
             }
             $lastPostInfo = $last_post;
         }
         /**
          * Default system icons - why do i need this? Why not let themers decide?
          */
         switch ($data['forum_type']) {
             case '1':
                 $forum_icon = "<i class='" . self::get_forumIcons('forum') . " fa-fw m-r-10'></i>";
                 $forum_icon_lg = "<i class='" . self::get_forumIcons('forum') . " fa-3x fa-fw m-r-10'></i>";
                 break;
             case '2':
                 $forum_icon = "<i class='" . self::get_forumIcons('thread') . " fa-fw m-r-10'></i>";
                 $forum_icon_lg = "<i class='" . self::get_forumIcons('thread') . " fa-3x fa-fw m-r-10'></i>";
                 break;
             case '3':
                 $forum_icon = "<i class='" . self::get_forumIcons('link') . " fa-fw m-r-10'></i>";
                 $forum_icon_lg = "<i class='" . self::get_forumIcons('link') . " fa-3x fa-fw m-r-10'></i>";
                 break;
             case '4':
                 $forum_icon = "<i class='" . self::get_forumIcons('question') . " fa-fw m-r-10'></i>";
                 $forum_icon_lg = "<i class='" . self::get_forumIcons('question') . " fa-3x fa-fw m-r-10'></i>";
                 break;
             default:
                 $forum_icon = "";
                 $forum_icon_lg = "";
         }
         $mod = new Moderator();
         $row = array_merge($row, $data, array("forum_moderators" => $mod::parse_forum_mods($data['forum_mods']), "forum_new_status" => $newStatus, "forum_link" => array("link" => INFUSIONS . "forum/index.php?viewforum&amp;forum_id=" . $data['forum_id'] . "&amp;parent_id=" . $data['forum_cat'], "title" => $data['forum_name']), "forum_description" => nl2br(parseubb($data['forum_description'])), "forum_postcount_word" => format_word($data['forum_postcount'], $locale['fmt_post']), "forum_threadcount_word" => format_word($data['forum_threadcount'], $locale['fmt_thread']), "last_post" => $lastPostInfo, "forum_icon" => $forum_icon, "forum_icon_lg" => $forum_icon_lg));
         $data["forum_image"] = $data['forum_image'] && file_exists(FORUM . "images/" . $data['forum_image']) ? $data['forum_image'] : "";
         $thisref =& $refs[$data['forum_id']];
         $thisref = $row;
         if ($data['forum_cat'] == 0) {
             $index[0][$data['forum_id']] =& $thisref;
         } else {
             $refs[$data['forum_cat']]['child'][$data['forum_id']] =& $thisref;
         }
     }
     return (array) $index;
 }
Ejemplo n.º 8
0
 public static function setAdminLogin()
 {
     global $locale;
     if (isset($_GET['logout'])) {
         self::expireAdminCookie();
         $user = fusion_get_userdata("user_id");
         if (!empty($user)) {
             redirect(BASEDIR . "index.php");
         }
     }
     if (isset($_POST['admin_password'])) {
         $admin_password = form_sanitizer($_POST['admin_password'], '', 'admin_password');
         if (\PHPFusion\Authenticate::validateAuthAdmin($admin_password)) {
             if (Authenticate::setAdminCookie($admin_password)) {
                 unset($_SESSION['notices']);
                 redirect(FUSION_REQUEST);
             } else {
                 addNotice("danger", $locale['cookie_error'], $locale['cookie_error_description']);
             }
         } else {
             addNotice("danger", $locale['password_invalid'], $locale['password_invalid_description']);
         }
     }
     if (defined('ADMIN_PANEL') && !isset($_COOKIE[COOKIE_PREFIX . "admin"])) {
         setNotice("danger", $locale['cookie_title'], $locale['cookie_description']);
     }
 }
Ejemplo n.º 9
0
| https://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: admin/blog.php
| Author: Frederick MC Chan (Chan)
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
$formaction = FUSION_REQUEST;
$locale = fusion_get_locale();
$userdata = fusion_get_userdata();
$data = array('blog_id' => 0, 'blog_draft' => 0, 'blog_sticky' => 0, 'blog_blog' => '', 'blog_datestamp' => time(), 'blog_extended' => '', 'blog_keywords' => '', 'blog_breaks' => 'yes', 'blog_allow_comments' => 1, 'blog_allow_ratings' => 1, 'blog_language' => LANGUAGE, 'blog_visibility' => 0, 'blog_subject' => '', 'blog_start' => '', 'blog_end' => '', 'blog_cat' => 0, 'blog_image' => '', 'blog_ialign' => 'pull-left');
if (fusion_get_settings('tinymce_enabled') != 1) {
    $data['blog_breaks'] = isset($_POST['line_breaks']) ? "yes" : "no";
} else {
    $data['blog_breaks'] = "no";
}
if (isset($_POST['save'])) {
    $blog_blog = "";
    if ($_POST['blog_blog']) {
        $blog_blog = str_replace("src='" . str_replace("../", "", IMAGES_B), "src='" . IMAGES_B, stripslashes($_POST['blog_blog']));
        $blog_blog = parse_textarea($blog_blog, FALSE, FALSE);
    }
    $blog_extended = "";
    if ($_POST['blog_extended']) {
        $blog_extended = str_replace("src='" . str_replace("../", "", IMAGES_B), "src='" . IMAGES_B, stripslashes($_POST['blog_extended']));
Ejemplo n.º 10
0
| https://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: admin/downloads.php
| Author: Frederick MC Chan (Chan)
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
/* Download Form */
$locale = fusion_get_locale();
$data = array('download_id' => 0, 'download_user' => fusion_get_userdata("user_id"), 'download_homepage' => '', 'download_title' => '', 'download_cat' => 0, 'download_description_short' => '', 'download_description' => '', 'download_keywords' => '', 'download_image_thumb' => '', 'download_url' => '', 'download_file' => '', 'download_license' => '', 'download_copyright' => '', 'download_os' => '', 'download_version' => '', 'download_filesize' => '', 'download_visibility' => 0, 'download_allow_comments' => 0, 'download_allow_ratings' => 0, 'download_datestamp' => time());
/* Delete Screenshot, Delete Files */
if (isset($_GET['action']) && $_GET['action'] == "delete" && (isset($_GET['download_id']) && isnum($_GET['download_id']))) {
    $result = dbquery("SELECT download_file, download_image, download_image_thumb FROM " . DB_DOWNLOADS . " WHERE download_id='" . $_GET['download_id'] . "'");
    if (dbrows($result)) {
        $data = dbarray($result);
        if (!empty($data['download_file']) && file_exists(DOWNLOADS . $data['download_file'])) {
            @unlink(DOWNLOADS . $data['download_file']);
        }
        if (!empty($data['download_image']) && file_exists(DOWNLOADS . "images/" . $data['download_image'])) {
            @unlink(DOWNLOADS . "images/" . $data['download_image']);
        }
        if (!empty($data['download_image_thumb']) && file_exists(DOWNLOADS . "images/" . $data['download_image_thumb'])) {
            @unlink(DOWNLOADS . "images/" . $data['download_image_thumb']);
        }
        $result = dbquery("DELETE FROM " . DB_DOWNLOADS . " WHERE download_id='" . $_GET['download_id'] . "'");
Ejemplo n.º 11
0
    // accept or not username change.
    $userInput->verifyNewEmail = TRUE;
    $userInput->userData = fusion_get_userdata();
    $userInput->saveUpdate();
    if (defender::safe()) {
        redirect(FUSION_REQUEST);
    }
} elseif (isset($_GET['code']) && fusion_get_settings('email_verification') == 1) {
    $userInput = new PHPFusion\UserFieldsInput();
    $userInput->verifyCode($_GET['code']);
    redirect(FUSION_REQUEST);
}
if (fusion_get_settings('email_verification') == 1) {
    $result = dbquery("SELECT user_email FROM " . DB_EMAIL_VERIFY . " WHERE user_id='" . $userdata['user_id'] . "'");
    if (dbrows($result)) {
        $data = dbarray($result);
        $info['email_notification'] = sprintf($locale['u200'], $data['user_email']) . "\n<br />\n" . $locale['u201'];
    }
}
$userFields = new PHPFusion\UserFields();
$userFields->postName = "update_profile";
$userFields->postValue = $locale['u105'];
$userFields->userData = fusion_get_userdata();
$userFields->plugin_folder = INCLUDES . "user_fields/";
$userFields->plugin_locale_folder = LOCALE . LOCALESET . "user_fields/";
$userFields->setUserNameChange(fusion_get_settings("userNameChange"));
$userFields->registration = FALSE;
$userFields->method = 'input';
$info += $userFields->get_profile_input();
render_userform($info);
require_once THEMES . "templates/footer.php";
Ejemplo n.º 12
0
    /**
     * Displays forum mood listing
     */
    private function displayMoodList()
    {
        $locale = fusion_get_locale('', FORUM_ADMIN_LOCALE);
        $mood_max_count = dbcount("(mood_id)", DB_FORUM_MOODS, "");
        $_GET['rowstart'] = isset($_GET['rowstart']) && isnum($_GET['rowstart']) && $_GET['rowstart'] <= $mood_max_count ? intval($_GET['rowstart']) : 0;
        $mood_query = "SELECT fm.*, count(post_id) 'mood_count' FROM " . DB_FORUM_MOODS . " fm\n        LEFT JOIN " . DB_POST_NOTIFY . " pn ON pn.notify_mood_id = fm.mood_id\n        GROUP BY mood_id ORDER BY mood_id ASC LIMIT 0, 16";
        $mood_result = dbquery($mood_query);
        $rows = dbrows($mood_result);
        if ($rows > 0) {
            ?>
            <table class="table table-responsive table-striped table-hover m-t-20 m-b-20">
                <thead>
                <tr>
                    <td class="col-xs-2"><?php 
            echo $locale['forum_107'];
            ?>
</td>
                    <td class="col-xs-2"><?php 
            echo $locale['forum_108'];
            ?>
</td>
                    <td><?php 
            echo $locale['forum_109'];
            ?>
</td>
                    <td><?php 
            echo $locale['forum_115'];
            ?>
</td>
                    <td><?php 
            echo $locale['forum_110'];
            ?>
</td>
                    <td><?php 
            echo $locale['forum_111'];
            ?>
</td>
                    <td><?php 
            echo $locale['forum_112'];
            ?>
</td>
                </tr>
                </thead>
                <tbody>

                <?php 
            while ($data = dbarray($mood_result)) {
                $edit_link = clean_request("ref=mood_form&action=edit&mood_id=" . $data['mood_id'], array("ref", "action", "mood_id"), FALSE);
                $delete_link = clean_request("ref=mood_form&action=delete&mood_id=" . $data['mood_id'], array("ref", "action", "mood_id"), FALSE);
                ?>
                    <tr>
                        <td>
                            <a href="<?php 
                echo $edit_link;
                ?>
">
                                <?php 
                echo QuantumFields::parse_label($data['mood_name']);
                ?>
                            </a>
                        </td>
                        <td><?php 
                echo sprintf($locale['forum_113'], ucfirst(fusion_get_userdata("user_name")), QuantumFields::parse_label($data['mood_description']));
                ?>
                        </td>
                        <td>
                            <?php 
                if (!empty($data['mood_icon'])) {
                    ?>
                                <i class="<?php 
                    echo $data['mood_icon'];
                    ?>
"></i>
                            <?php 
                }
                ?>
                        </td>
                        <td><?php 
                echo format_word($data['mood_count'], $locale['fmt_post']);
                ?>
</td>
                        <td><?php 
                echo getgroupname($data['mood_notify']);
                ?>
</td>
                        <td><?php 
                echo getgroupname($data['mood_access']);
                ?>
</td>
                        <td>
                            <a href="<?php 
                echo $edit_link;
                ?>
"><?php 
                echo $locale['edit'];
                ?>
</a> -
                            <a href="<?php 
                echo $delete_link;
                ?>
"><?php 
                echo $locale['delete'];
                ?>
</a>
                        </td>
                    </tr>
                <?php 
            }
            ?>

                </tbody>
            </table>

            <?php 
            if ($mood_max_count > 16) {
                echo makepagenav($_GET['rowstart'], $rows, $mood_max_count, 3);
            }
            ?>

        <?php 
        } else {
            ?>
            <div class="well text-center"><?php 
            echo $locale['forum_114'];
            ?>
</div>
        <?php 
        }
    }
Ejemplo n.º 13
0
function showratings($rating_type, $rating_item_id, $rating_link)
{
    $locale = fusion_get_locale("", LOCALE . LOCALESET . "ratings.php");
    $userdata = fusion_get_userdata();
    $settings = \fusion_get_settings();
    if ($settings['ratings_enabled'] == "1") {
        if (iMEMBER) {
            $d_rating = dbarray(dbquery("SELECT rating_vote,rating_datestamp FROM " . DB_RATINGS . " WHERE rating_item_id='" . $rating_item_id . "' AND rating_type='" . $rating_type . "' AND rating_user='******'user_id'] . "'"));
            if (isset($_POST['post_rating'])) {
                // Rate
                if (isnum($_POST['rating']) && $_POST['rating'] > 0 && $_POST['rating'] < 6 && !isset($d_rating['rating_vote'])) {
                    $result = dbquery("INSERT INTO " . DB_RATINGS . " (rating_item_id, rating_type, rating_user, rating_vote, rating_datestamp, rating_ip, rating_ip_type) VALUES ('{$rating_item_id}', '{$rating_type}', '" . $userdata['user_id'] . "', '" . $_POST['rating'] . "', '" . time() . "', '" . USER_IP . "', '" . USER_IP_TYPE . "')");
                    if ($result) {
                        defender::unset_field_session();
                    }
                }
                redirect($rating_link);
            } elseif (isset($_POST['remove_rating'])) {
                // Unrate
                $result = dbquery("DELETE FROM " . DB_RATINGS . " WHERE rating_item_id='{$rating_item_id}' AND rating_type='{$rating_type}' AND rating_user='******'user_id'] . "'");
                if ($result) {
                    defender::unset_field_session();
                }
                redirect($rating_link);
            }
        }
        $ratings = array(5 => $locale['r120'], 4 => $locale['r121'], 3 => $locale['r122'], 2 => $locale['r123'], 1 => $locale['r124']);
        if (!iMEMBER) {
            $message = str_replace("[RATING_ACTION]", "<a href='" . BASEDIR . "login.php'>" . $locale['login'] . "</a>", $locale['r104']);
            if (fusion_get_settings("enable_registration") == TRUE) {
                $message = str_replace("[RATING_ACTION]", "<a href='" . BASEDIR . "login.php'>" . $locale['login'] . "</a> " . $locale['or'] . " <a href='" . BASEDIR . "register.php'>" . $locale['register'] . "</a>", $locale['r104']);
            }
            echo "<div class='text-center'>" . $message . "</div>\n";
        } elseif (isset($d_rating['rating_vote'])) {
            echo "<div class='display-block'>\n";
            echo openform('removerating', 'post', $rating_link, array('class' => 'display-block text-center'));
            echo sprintf($locale['r105'], $ratings[$d_rating['rating_vote']], showdate("longdate", $d_rating['rating_datestamp'])) . "<br /><br />\n";
            echo form_button('remove_rating', $locale['r102'], $locale['r102'], array('class' => 'btn-default', 'icon' => 'fa fa-times m-r-10'));
            echo closeform();
            echo "</div>\n";
        } else {
            echo "<div class='display-block'>\n";
            echo openform('postrating', 'post', $rating_link, array('max_tokens' => 1, 'notice' => 0, 'class' => 'm-b-20 text-center'));
            echo form_select('rating', $locale['r106'], '', array('options' => $ratings, 'class' => 'display-block text-center'));
            echo form_button('post_rating', $locale['r103'], $locale['r103'], array('class' => 'btn-primary btn-sm', 'icon' => 'fa fa-thumbs-up m-r-10'));
            echo closeform();
            echo "</div>\n";
        }
        $rating_votes = dbarray(dbquery("\n\t\tSELECT\n\t\tSUM(IF(rating_vote='5', 1, 0)) as r120,\n\t\tSUM(IF(rating_vote='4', 1, 0)) as r121,\n\t\tSUM(IF(rating_vote='3', 1, 0)) as r122,\n\t\tSUM(IF(rating_vote='2', 1, 0)) as r123,\n\t\tSUM(IF(rating_vote='1', 1, 0)) as r124\n\t\tFROM " . DB_RATINGS . " WHERE rating_type='" . $rating_type . "' and rating_item_id='" . intval($rating_item_id) . "'\n\t\t"));
        if (!empty($rating_votes)) {
            $rating_sum = dbcount("(rating_id)", DB_RATINGS, "rating_type='" . $rating_type . "' AND rating_item_id='" . intval($rating_item_id) . "'");
            echo "<div id='ratings' class='rating_container'>\n";
            foreach ($rating_votes as $key => $num) {
                $num = intval($num);
                $percentage = $rating_sum == 0 ? 0 : round($num / $rating_sum * 100, 1);
                echo progress_bar($percentage, $locale[$key] . " ({$num})", FALSE, '10px', FALSE, TRUE);
            }
            echo "</div>\n";
        } else {
            echo "<div class='text-center'>" . $locale['r101'] . "</div>\n";
        }
    }
}
Ejemplo n.º 14
0
     if (defender::safe()) {
         if (!empty($_FILES['photo_image']) && is_uploaded_file($_FILES['photo_image']['tmp_name'])) {
             $upload = form_sanitizer($_FILES['photo_image'], "", "photo_image");
             if (empty($upload['error'])) {
                 $criteriaArray['photo_filename'] = $upload['image_name'];
                 $criteriaArray['photo_thumb1'] = $upload['thumb1_name'];
                 $criteriaArray['photo_thumb2'] = $upload['thumb2_name'];
             }
         } else {
             $defender->stop();
             $defender->setInputError("photo_image");
             addNotice("danger", $locale['photo_0014']);
         }
     }
     if (defender::safe()) {
         $inputArray = array("submit_id" => 0, "submit_type" => "p", "submit_user" => fusion_get_userdata("user_id"), "submit_datestamp" => time(), "submit_criteria" => addslashes(serialize($criteriaArray)));
         dbquery_insert(DB_SUBMISSIONS, $inputArray, "save");
         addNotice("success", $locale['gallery_0101']);
         redirect(clean_request("submitted=p", array("stype"), TRUE));
     }
 }
 if (isset($_GET['submitted']) && $_GET['submitted'] == "p") {
     echo "<div class='well text-center'><p><strong>" . $locale['gallery_0101'] . "</strong></p>";
     echo "<p><a href='submit.php?stype=p'>" . $locale['gallery_0102'] . "</a></p>";
     echo "<p><a href='index.php'>" . $locale['gallery_0113'] . "</a></p>\n";
     echo "</div>\n";
 } else {
     $result = dbquery("SELECT album_id, album_title FROM " . DB_PHOTO_ALBUMS . " " . (multilang_table("PG") ? "WHERE album_language='" . LANGUAGE . "' AND" : "WHERE") . " " . groupaccess("album_access") . " ORDER BY album_title");
     if (dbrows($result) > 0) {
         $opts = array();
         while ($data = dbarray($result)) {
Ejemplo n.º 15
0
    add_to_footer("<script type='text/javascript' src='" . INCLUDES . "bootstrap/holder.js'></script>");
}
require_once THEMES . "templates/panels.php";
ob_start();
require_once ADMIN . "admin.php";
$admin = new \PHPFusion\Admin();
@(list($title) = dbarraynum(dbquery("SELECT admin_title FROM " . DB_ADMIN . " WHERE admin_link='" . FUSION_SELF . "'")));
\PHPFusion\OutputHandler::setTitle($GLOBALS['locale']['global_123'] . $GLOBALS['locale']['global_201'] . ($title ? $title . $GLOBALS['locale']['global_201'] : ""));
// Use infusion_db file to modify admin properties
$infusion_folder = makefilelist(INFUSIONS, ".|..|", "", "folders");
if (!empty($infusion_folder)) {
    foreach ($infusion_folder as $folder) {
        if (file_exists(INFUSIONS . $folder . "/infusion_db.php")) {
            require_once INFUSIONS . $folder . "/infusion_db.php";
        }
    }
}
// If the user is not logged in as admin then don't parse the administration page
// otherwise it could result in bypass of the admin password and one could do
// changes to the system settings without even being logged into Admin Panel.
// After relogin the user can simply click back in browser and their input will
// still be there so nothing is lost
if (!check_admin_pass('')) {
    // If not admin, also must check if user_id is exist due to session time out.
    $user_id = fusion_get_userdata("user_id");
    if (empty($user_id)) {
        redirect(BASEDIR . "index.php");
    }
    require_once "footer.php";
    exit;
}
Ejemplo n.º 16
0
/**
 * Displays News Form
 */
function display_news_form()
{
    global $aidlink;
    if (isset($_POST['cancel'])) {
        redirect(FUSION_SELF . $aidlink);
    }
    $formaction = FUSION_REQUEST;
    $locale = fusion_get_locale();
    $userdata = fusion_get_userdata();
    $news_settings = fusion_get_settings("news");
    $edit = isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['news_id']) && isnum($_GET['news_id']) ? TRUE : FALSE;
    add_breadcrumb(array('link' => '', 'title' => $edit ? $locale['news_0003'] : $locale['news_0002']));
    $data = array('news_id' => 0, 'news_draft' => 0, 'news_sticky' => 0, 'news_news' => '', 'news_datestamp' => time(), 'news_extended' => '', 'news_keywords' => '', 'news_breaks' => 'n', 'news_allow_comments' => 1, 'news_allow_ratings' => 1, 'news_language' => LANGUAGE, 'news_visibility' => 0, 'news_subject' => '', 'news_start' => '', 'news_end' => '', 'news_cat' => 0, 'news_image' => '', 'news_ialign' => 'pull-left');
    if (fusion_get_settings("tinymce_enabled")) {
        $data['news_breaks'] = 'n';
    } else {
        $data['news_breaks'] = 'y';
    }
    if (isset($_POST['save']) or isset($_POST['save_and_close'])) {
        $news_news = "";
        if ($_POST['news_news']) {
            $news_news = str_replace("src='" . str_replace("../", "", IMAGES_N), "src='" . IMAGES_N, fusion_get_settings('allow_php_exe') ? htmlspecialchars($_POST['news_news']) : stripslashes($_POST['news_news']));
            $news_news = parse_textarea($news_news);
        }
        $news_extended = "";
        if ($_POST['news_extended']) {
            $news_extended = str_replace("src='" . str_replace("../", "", IMAGES_N), "src='" . IMAGES_N, fusion_get_settings('allow_php_exe') ? htmlspecialchars($_POST['news_extended']) : stripslashes($_POST['news_extended']));
            $news_extended = parse_textarea($news_extended);
        }
        $data = array('news_id' => form_sanitizer($_POST['news_id'], 0, 'news_id'), 'news_subject' => form_sanitizer($_POST['news_subject'], '', 'news_subject'), 'news_cat' => form_sanitizer($_POST['news_cat'], 0, 'news_cat'), 'news_news' => form_sanitizer($news_news, "", "news_news"), 'news_extended' => form_sanitizer($news_extended, "", "news_extended"), 'news_keywords' => form_sanitizer($_POST['news_keywords'], '', 'news_keywords'), 'news_datestamp' => form_sanitizer($_POST['news_datestamp'], '', 'news_datestamp'), 'news_start' => form_sanitizer($_POST['news_start'], 0, 'news_start'), 'news_end' => form_sanitizer($_POST['news_end'], 0, 'news_end'), 'news_visibility' => form_sanitizer($_POST['news_visibility'], 0, 'news_visibility'), 'news_draft' => isset($_POST['news_draft']) ? "1" : "0", 'news_sticky' => isset($_POST['news_sticky']) ? "1" : "0", 'news_allow_comments' => isset($_POST['news_allow_comments']) ? "1" : "0", 'news_allow_ratings' => isset($_POST['news_allow_ratings']) ? "1" : "0", 'news_language' => form_sanitizer($_POST['news_language'], '', 'news_language'), 'news_image' => "", 'news_ialign' => "", 'news_image_t1' => "", 'news_image_t2' => "");
        if (isset($_FILES['news_image'])) {
            // when files is uploaded.
            $upload = form_sanitizer($_FILES['news_image'], '', 'news_image');
            if (!empty($upload) && !$upload['error']) {
                $data['news_image'] = $upload['image_name'];
                $data['news_image_t1'] = $upload['thumb1_name'];
                $data['news_image_t2'] = $upload['thumb2_name'];
                $data['news_ialign'] = isset($_POST['news_ialign']) ? form_sanitizer($_POST['news_ialign'], "pull-left", "news_ialign") : "pull-left";
            }
        } else {
            // when files not uploaded. but there should be exist check.
            $data['news_image'] = isset($_POST['news_image']) ? $_POST['news_image'] : "";
            $data['news_image_t1'] = isset($_POST['news_image_t1']) ? $_POST['news_image_t1'] : "";
            $data['news_image_t2'] = isset($_POST['news_image_t2']) ? $_POST['news_image_t2'] : "";
            $data['news_ialign'] = isset($_POST['news_ialign']) ? form_sanitizer($_POST['news_ialign'], "pull-left", "news_ialign") : "pull-left";
        }
        if (fusion_get_settings('tinymce_enabled') != 1) {
            $data['news_breaks'] = isset($_POST['line_breaks']) ? "y" : "n";
        } else {
            $data['news_breaks'] = "n";
        }
        if ($data['news_sticky'] == "1") {
            $result = dbquery("UPDATE " . DB_NEWS . " SET news_sticky='0' WHERE news_sticky='1'");
        }
        // reset other sticky
        // delete image
        if (isset($_POST['del_image'])) {
            if (!empty($data['news_image']) && file_exists(IMAGES_N . $data['news_image'])) {
                unlink(IMAGES_N . $data['news_image']);
            }
            if (!empty($data['news_image_t1']) && file_exists(IMAGES_N_T . $data['news_image_t1'])) {
                unlink(IMAGES_N_T . $data['news_image_t1']);
            }
            if (!empty($data['news_image_t2']) && file_exists(IMAGES_N_T . $data['news_image_t2'])) {
                unlink(IMAGES_N_T . $data['news_image_t2']);
            }
            $data['news_image'] = "";
            $data['news_image_t1'] = "";
            $data['news_image_t2'] = "";
        }
        if (defender::safe()) {
            if (dbcount("('news_id')", DB_NEWS, "news_id='" . $data['news_id'] . "'")) {
                dbquery_insert(DB_NEWS, $data, 'update');
                addNotice('success', $locale['news_0101']);
            } else {
                $data['news_name'] = $userdata['user_id'];
                dbquery_insert(DB_NEWS, $data, 'save');
                addNotice('success', $locale['news_0100']);
            }
            if (isset($_POST['save_and_close'])) {
                redirect(clean_request("", array("ref"), FALSE));
            } else {
                redirect(FUSION_REQUEST);
            }
        }
    } elseif (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_POST['news_id']) && isnum($_POST['news_id'])) || isset($_GET['news_id']) && isnum($_GET['news_id'])) {
        $result = dbquery("SELECT * FROM " . DB_NEWS . " WHERE news_id='" . (isset($_POST['news_id']) ? $_POST['news_id'] : $_GET['news_id']) . "'");
        if (dbrows($result)) {
            $data = dbarray($result);
        } else {
            redirect(FUSION_SELF . $aidlink);
        }
    }
    $result = dbquery("SELECT news_cat_id, news_cat_name FROM " . DB_NEWS_CATS . " " . (multilang_table("NS") ? "WHERE news_cat_language='" . LANGUAGE . "'" : "") . " ORDER BY news_cat_name");
    $news_cat_opts = array();
    $news_cat_opts['0'] = $locale['news_0202'];
    if (dbrows($result)) {
        while ($odata = dbarray($result)) {
            $news_cat_opts[$odata['news_cat_id']] = $odata['news_cat_name'];
        }
    }
    echo "<div class='m-t-20'>\n";
    $news_settings = get_settings("news");
    echo openform('news_form', 'post', $formaction, array('enctype' => 1));
    echo "<div class='row'>\n";
    echo "<div class='col-xs-12 col-sm-12 col-md-7 col-lg-8'>\n";
    echo form_hidden('news_id', "", $data['news_id']);
    echo form_text('news_subject', $locale['news_0200'], $data['news_subject'], array('required' => 1, 'max_length' => 200, 'error_text' => $locale['news_0250']));
    echo form_select('news_keywords', $locale['news_0205'], $data['news_keywords'], array("max_length" => 320, "placeholder" => $locale['news_0205a'], "width" => "100%", "error_text" => $locale['news_0255'], "tags" => TRUE, "multiple" => TRUE));
    echo "<div class='pull-left m-r-10 display-inline-block'>\n";
    echo form_datepicker('news_start', $locale['news_0206'], $data['news_start'], array('placeholder' => $locale['news_0208'], "join_to_id" => "news_end"));
    echo "</div>\n<div class='pull-left m-r-10 display-inline-block'>\n";
    echo form_datepicker('news_end', $locale['news_0207'], $data['news_end'], array('placeholder' => $locale['news_0208'], "join_from_id" => "news_start"));
    echo "</div>\n";
    echo "</div>\n<div class='col-xs-12 col-sm-12 col-md-5 col-lg-4'>\n";
    openside('');
    echo form_select_tree("news_cat", $locale['news_0201'], $data['news_cat'], array("width" => "100%", "inline" => TRUE, "parent_value" => $locale['news_0202'], "query" => multilang_table("NS") ? "WHERE news_cat_language='" . LANGUAGE . "'" : ""), DB_NEWS_CATS, "news_cat_name", "news_cat_id", "news_cat_parent");
    echo form_select('news_visibility', $locale['news_0209'], $data['news_visibility'], array('options' => fusion_get_groups(), 'placeholder' => $locale['choose'], 'width' => '100%', "inline" => TRUE));
    if (multilang_table("NS")) {
        echo form_select('news_language', $locale['global_ML100'], $data['news_language'], array('options' => fusion_get_enabled_languages(), 'placeholder' => $locale['choose'], 'width' => '100%', "inline" => TRUE));
    } else {
        echo form_hidden('news_language', '', $data['news_language']);
    }
    echo form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default m-r-10'));
    echo form_button('save', $locale['news_0241'], $locale['news_0241'], array('class' => 'btn-success'));
    echo form_button("save_and_close", "Save and Close", "save_and_close", array("class" => "btn-primary m-l-10"));
    closeside();
    echo "</div>\n</div>\n";
    $snippetSettings = array("required" => TRUE, "preview" => TRUE, "html" => TRUE, "autosize" => TRUE, "placeholder" => $locale['news_0203a'], "form_name" => "news_form");
    if (fusion_get_settings("tinymce_enabled")) {
        $snippetSettings = array("required" => TRUE, "type" => "tinymce", "tinymce" => "advanced");
    }
    echo form_textarea('news_news', $locale['news_0203'], $data['news_news'], $snippetSettings);
    if (!fusion_get_settings("tinymce_enabled")) {
        $extendedSettings = array("preview" => TRUE, "html" => TRUE, "autosize" => TRUE, "placeholder" => $locale['news_0203b'], "form_name" => "news_form");
    } else {
        $extendedSettings = array("type" => "tinymce", "tinymce" => "advanced");
    }
    echo form_textarea('news_extended', $locale['news_0204'], $data['news_extended'], $extendedSettings);
    // second row
    echo "<div class='row'>\n";
    echo "<div class='col-xs-12 col-sm-12 col-md-7 col-lg-8'>\n";
    openside('');
    if ($data['news_image'] != "" && $data['news_image_t1'] != "") {
        $image_thumb = get_news_image_path($data['news_image'], $data['news_image_t1'], $data['news_image_t2']);
        if (!$image_thumb) {
            $image_thumb = IMAGES . "imagenotfound70.jpg";
        }
        echo "<div class='row'>\n";
        echo "<div class='col-xs-12 col-sm-6'>\n";
        echo "<label><img class='img-responsive img-thumbnail' src='" . $image_thumb . "' alt='" . $locale['news_0216'] . "' /><br />\n";
        echo "<input type='checkbox' name='del_image' value='y' /> " . $locale['delete'] . "</label>\n";
        echo "</div>\n";
        echo "<div class='col-xs-12 col-sm-6'>\n";
        $alignOptions = array('pull-left' => $locale['left'], 'news-img-center' => $locale['center'], 'pull-right' => $locale['right']);
        echo form_select('news_ialign', $locale['news_0218'], $data['news_ialign'], array("options" => $alignOptions, "inline" => FALSE));
        echo "</div>\n</div>\n";
        echo "<input type='hidden' name='news_image' value='" . $data['news_image'] . "' />\n";
        echo "<input type='hidden' name='news_image_t1' value='" . $data['news_image_t1'] . "' />\n";
        echo "<input type='hidden' name='news_image_t2' value='" . $data['news_image_t2'] . "' />\n";
    } else {
        $file_input_options = array('upload_path' => IMAGES_N, 'max_width' => $news_settings['news_photo_max_w'], 'max_height' => $news_settings['news_photo_max_h'], 'max_byte' => $news_settings['news_photo_max_b'], 'thumbnail' => 1, 'thumbnail_w' => $news_settings['news_thumb_w'], 'thumbnail_h' => $news_settings['news_thumb_h'], 'thumbnail_folder' => 'thumbs', 'delete_original' => 0, 'thumbnail2' => 1, 'thumbnail2_w' => $news_settings['news_photo_w'], 'thumbnail2_h' => $news_settings['news_photo_h'], 'type' => 'image');
        echo form_fileinput("news_image", $locale['news_0216'], "", $file_input_options);
        echo "<div class='small m-b-10'>" . sprintf($locale['news_0217'], parsebytesize($news_settings['news_photo_max_b'])) . "</div>\n";
        $alignOptions = array('pull-left' => $locale['left'], 'news-img-center' => $locale['center'], 'pull-right' => $locale['right']);
        echo form_select('news_ialign', $locale['news_0218'], $data['news_ialign'], array("options" => $alignOptions));
    }
    closeside();
    openside('');
    echo "<label><input type='checkbox' name='news_draft' value='yes'" . ($data['news_draft'] ? "checked='checked'" : "") . " /> " . $locale['news_0210'] . "</label><br />\n";
    echo "<label><input type='checkbox' name='news_sticky' value='yes'" . ($data['news_sticky'] ? "checked='checked'" : "") . "  /> " . $locale['news_0211'] . "</label><br />\n";
    echo form_hidden('news_datestamp', '', $data['news_datestamp']);
    if (fusion_get_settings("tinymce_enabled") != 1) {
        echo "<label><input type='checkbox' name='line_breaks' value='yes'" . ($data['news_breaks'] ? "checked='checked'" : "") . " /> " . $locale['news_0212'] . "</label><br />\n";
    }
    closeside();
    echo "</div>\n<div class='col-xs-12 col-sm-12 col-md-5 col-lg-4'>\n";
    openside("");
    if (!fusion_get_settings("comments_enabled") || !fusion_get_settings("ratings_enabled")) {
        $sys = "";
        if (!fusion_get_settings("comments_enabled") && !fusion_get_settings("ratings_enabled")) {
            $sys = $locale['comments_ratings'];
        } elseif (!fusion_get_settings("comments_enabled")) {
            $sys = $locale['comments'];
        } else {
            $sys = $locale['ratings'];
        }
        echo "<div class='alert alert-warning'>" . sprintf($locale['news_0253'], $sys) . "</div>\n";
    }
    echo "<label><input type='checkbox' name='news_allow_comments' value='yes' onclick='SetRatings();'" . ($data['news_allow_comments'] ? "checked='checked'" : "") . " /> " . $locale['news_0213'] . "</label><br/>";
    echo "<label><input type='checkbox' name='news_allow_ratings' value='yes'" . ($data['news_allow_ratings'] ? "checked='checked'" : "") . " /> " . $locale['news_0214'] . "</label>";
    closeside();
    echo "</div>\n</div>\n";
    echo form_button('preview', $locale['news_0240'], $locale['news_0240'], array('class' => 'btn-default m-r-10'));
    echo form_button('save', $locale['news_0241'], $locale['news_0241'], array('class' => 'btn-success'));
    echo form_button("save_and_close", "Save and Close", "save_and_close", array("class" => "btn-primary m-l-10"));
    echo closeform();
    echo "</div>\n";
}
Ejemplo n.º 17
0
 * replace <body> tags with your own theme definition body tags. Some body tags require additional params
 * for the theme purposes.
 */
if (!defined("THEME_BODY")) {
    echo "<body>\n";
} else {
    echo THEME_BODY;
}
if (iADMIN) {
    if (iSUPERADMIN && file_exists(BASEDIR . "install/")) {
        addNotice("danger", fusion_get_locale("global_198"), 'all');
    }
    if (fusion_get_settings("maintenance")) {
        addNotice("warning", fusion_get_locale("global_190"), 'all');
    }
    if (!fusion_get_userdata('user_admin_password')) {
        addNotice("warning", str_replace(array("[LINK]", "[/LINK]"), array("<a href='edit_profile.php'>", "</a>"), fusion_get_locale("global_199")), 'all');
    }
}
if (function_exists("render_page")) {
    render_page();
    // by here, header and footer already closed
}
// Output lines added with add_to_footer()
echo $fusion_page_footer_tags;
if (!empty($footerError)) {
    echo "<div class='admin-message container'>" . $footerError . "</div>";
}
// Output lines added with add_to_jquery()
$jquery_tags = "\$('[data-submenu]').submenupicker();";
if (!empty($fusion_jquery_tags)) {
Ejemplo n.º 18
0
 /**
  * Handle new email verification procedures
  */
 private function _verifyNewEmail()
 {
     $settings = fusion_get_settings();
     $userdata = fusion_get_userdata();
     $locale = fusion_get_locale();
     require_once INCLUDES . "sendmail_include.php";
     mt_srand((double) microtime() * 1000000);
     $salt = "";
     for ($i = 0; $i <= 10; $i++) {
         $salt .= chr(rand(97, 122));
     }
     $user_code = md5($this->_userEmail . $salt);
     $email_verify_link = $settings['siteurl'] . "edit_profile.php?code=" . $user_code;
     $mailbody = str_replace("[EMAIL_VERIFY_LINK]", $email_verify_link, $locale['u203']);
     $mailbody = str_replace("[SITENAME]", fusion_get_settings("sitename"), $mailbody);
     $mailbody = str_replace("[SITEUSERNAME]", fusion_get_settings("siteusername"), $mailbody);
     $mailbody = str_replace("[USER_NAME]", $userdata['user_name'], $mailbody);
     $mailSubject = str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['u202']);
     sendemail($this->_userName, $this->_userEmail, $settings['siteusername'], $settings['siteemail'], $mailSubject, $mailbody);
     dbquery("DELETE FROM " . DB_EMAIL_VERIFY . " WHERE user_id='" . $this->userData['user_id'] . "'");
     dbquery("INSERT INTO " . DB_EMAIL_VERIFY . " (user_id, user_code, user_email, user_datestamp) VALUES('" . $this->userData['user_id'] . "', '{$user_code}', '" . $this->_userEmail . "', '" . time() . "')");
 }
Ejemplo n.º 19
0
 /**
  * New Status
  */
 public function set_thread_visitor()
 {
     if (iMEMBER) {
         $userdata = fusion_get_userdata();
         $thread_match = $this->thread_info['thread_id'] . "\\|" . $this->thread_info['thread']['thread_lastpost'] . "\\|" . $this->thread_info['thread']['forum_id'];
         if ($this->thread_info['thread']['thread_lastpost'] > $this->thread_info['lastvisited'] && !preg_match("(^\\.{$thread_match}\$|\\.{$thread_match}\\.|\\.{$thread_match}\$)", $userdata['user_threads'])) {
             dbquery("UPDATE " . DB_USERS . " SET user_threads='" . $userdata['user_threads'] . "." . stripslashes($thread_match) . "' WHERE user_id='" . $userdata['user_id'] . "'");
         }
     }
 }
Ejemplo n.º 20
0
 function display_quickReply($info)
 {
     $locale = fusion_get_locale("", FORUM_LOCALE);
     $forum_settings = \PHPFusion\Forums\ForumServer::get_forum_settings();
     $userdata = fusion_get_userdata();
     $qr_form = "<!--sub_forum_thread-->\n";
     $form_url = INFUSIONS . "forum/viewthread.php?thread_id=" . $info['thread_id'];
     $qr_form .= openform('quick_reply_form', 'post', $form_url, array('class' => 'm-b-20 m-t-20'));
     $qr_form .= "<h4 class='m-t-20 pull-left'>" . $locale['forum_0168'] . "</h4>\n";
     $qr_form .= form_textarea('post_message', $locale['forum_0601'], '', array('bbcode' => true, 'required' => true, 'autosize' => true, 'preview' => true, 'form_name' => 'quick_reply_form'));
     $qr_form .= "<div class='m-t-10 pull-right'>\n";
     $qr_form .= form_button('post_quick_reply', $locale['forum_0172'], $locale['forum_0172'], array('class' => 'btn-primary btn-sm m-r-10'));
     $qr_form .= "</div>\n";
     $qr_form .= "<div class='overflow-hide'>\n";
     $qr_form .= form_checkbox('post_smileys', $locale['forum_0169'], '', array('class' => 'm-b-0', 'reverse_label' => TRUE));
     if (array_key_exists("user_sig", $userdata) && $userdata['user_sig']) {
         $qr_form .= form_checkbox('post_showsig', $locale['forum_0170'], '1', array('class' => 'm-b-0', 'reverse_label' => TRUE));
     }
     if ($forum_settings['thread_notify']) {
         $qr_form .= form_checkbox('notify_me', $locale['forum_0171'], $info['user_tracked'], array('class' => 'm-b-0', 'reverse_label' => TRUE));
     }
     $qr_form .= "</div>\n";
     $qr_form .= closeform();
     return (string) $qr_form;
 }
Ejemplo n.º 21
0
 public function render_edit_form()
 {
     $thread = $this->thread();
     $thread_info = $thread->get_threadInfo();
     $thread_data = $thread_info['thread'];
     $forum_settings = $this->get_forum_settings();
     $locale = fusion_get_locale("", FORUM_LOCALE);
     $locale += fusion_get_locale("", FORUM_TAGS_LOCALE);
     $userdata = fusion_get_userdata();
     if ((!iMOD or !iSUPERADMIN) && $thread_data['thread_locked']) {
         redirect(INFUSIONS . 'forum/index.php');
     }
     if (isset($_GET['post_id']) && isnum($_GET['post_id'])) {
         add_to_title($locale['global_201'] . $locale['forum_0503']);
         add_breadcrumb(array('link' => '', 'title' => $locale['forum_0503']));
         $result = dbquery("SELECT tp.*, tt.thread_subject, tt.thread_poll, tt.thread_author, tt.thread_locked, MIN(tp2.post_id) AS first_post\n\t\t\t\tFROM " . DB_FORUM_POSTS . " tp\n\t\t\t\tINNER JOIN " . DB_FORUM_THREADS . " tt on tp.thread_id=tt.thread_id\n\t\t\t\tINNER JOIN " . DB_FORUM_POSTS . " tp2 on tp.thread_id=tp2.thread_id\n\t\t\t\tWHERE tp.post_id='" . intval($_GET['post_id']) . "' AND tp.thread_id='" . intval($thread_data['thread_id']) . "' AND tp.forum_id='" . intval($thread_data['forum_id']) . "'\n\t\t\t\tGROUP BY tp2.post_id\n\t\t\t\t");
         // Permission to edit
         if (dbrows($result) > 0) {
             $post_data = dbarray($result);
             if ((iMOD or iSUPERADMIN) || $thread->getThreadPermission("can_reply") && $post_data['post_author'] == $userdata['user_id']) {
                 $is_first_post = $post_data['post_id'] == $thread_info['post_firstpost'] ? TRUE : FALSE;
                 // no edit if locked
                 if ($post_data['post_locked'] && !iMOD) {
                     redirect(FORUM . "postify.php?post=edit&error=5&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "&post_id=" . $post_data['post_id']);
                 }
                 // no edit if time limit reached
                 if (!iMOD && ($forum_settings['forum_edit_timelimit'] > 0 && time() - $forum_settings['forum_edit_timelimit'] * 60 > $post_data['post_datestamp'])) {
                     redirect(FORUM . "postify.php?post=edit&error=6&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "&post_id=" . $post_data['post_id']);
                 }
                 // execute form post actions
                 if (isset($_POST['post_edit'])) {
                     require_once INCLUDES . "flood_include.php";
                     if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
                         // have notice
                         $post_data = array('forum_id' => $thread_data['forum_id'], 'thread_id' => $thread_data['thread_id'], 'post_id' => $post_data['post_id'], 'thread_subject' => '', 'post_message' => form_sanitizer($_POST['post_message'], '', 'post_message'), 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 1 : 0, 'post_author' => $userdata['user_id'], 'post_datestamp' => $post_data['post_datestamp'], 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => $userdata['user_id'], 'post_edittime' => isset($_POST['hide_edit']) ? 0 : time(), 'post_editreason' => form_sanitizer($_POST['post_editreason'], '', 'post_editreason'), 'post_hidden' => 0, 'notify_me' => 0, 'post_locked' => $forum_settings['forum_edit_lock'] || isset($_POST['post_locked']) ? 1 : 0);
                         // require thread_subject if first post
                         if ($is_first_post) {
                             $post_data['thread_subject'] = form_sanitizer($_POST['thread_subject'], '', 'thread_subject');
                             $current_thread_tags = form_sanitizer($_POST['thread_tags'], '', 'thread_tags');
                             if ($thread_data['thread_tags'] !== $current_thread_tags) {
                                 // Assign the old ones into history
                                 $thread_data['thread_tags_old'] = $thread_data['thread_tags'];
                                 $thread_data['thread_tags_change'] = time();
                             }
                             $thread_data['thread_tags'] = $current_thread_tags;
                             $thread_data['thread_subject'] = $post_data['thread_subject'];
                         }
                         $thread_data['thread_sticky'] = isset($_POST['thread_sticky']) ? 1 : 0;
                         if (\defender::safe()) {
                             // If post delete checkbox
                             $this->delete_post($post_data['post_id'], $post_data['thread_id'], $post_data['forum_id']);
                             // Update thread subject
                             if ($is_first_post) {
                                 dbquery_insert(DB_FORUM_THREADS, $thread_data, "update", array("keep_session" => TRUE));
                             }
                             // Prepare forum merging action
                             $last_post_author = dbarray(dbquery("SELECT post_author FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $thread_data['thread_id'] . "' ORDER BY post_id DESC LIMIT 1"));
                             if ($last_post_author == $post_data['post_author'] && $thread_data['forum_merge']) {
                                 $last_message = dbarray(dbquery("SELECT post_id, post_message FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $thread_data['thread_id'] . "' ORDER BY post_id DESC"));
                                 $post_data['post_id'] = $last_message['post_id'];
                                 $post_data['post_message'] = $last_message['post_message'] . "\n\n" . $locale['forum_0640'] . " " . showdate("longdate", time()) . ":\n" . $post_data['post_message'];
                                 dbquery_insert(DB_FORUM_POSTS, $post_data, 'update', array('primary_key' => 'post_id', 'keep_session' => TRUE));
                             } else {
                                 dbquery_insert(DB_FORUM_POSTS, $post_data, 'update', array('primary_key' => 'post_id', 'keep_session' => TRUE));
                             }
                             // Delete attachments if there is any
                             foreach ($_POST as $key => $value) {
                                 if (!strstr($key, "delete_attach")) {
                                     continue;
                                 }
                                 $key = str_replace("delete_attach_", "", $key);
                                 $result = dbquery("SELECT * FROM " . DB_FORUM_ATTACHMENTS . " WHERE post_id='" . $post_data['post_id'] . "' AND attach_id='" . (isnum($key) ? $key : 0) . "'");
                                 if (dbrows($result) != 0 && $value) {
                                     $adata = dbarray($result);
                                     unlink(FORUM . "attachments/" . $adata['attach_name']);
                                     dbquery("DELETE FROM " . DB_FORUM_ATTACHMENTS . " WHERE post_id='" . $post_data['post_id'] . "' AND attach_id='" . (isnum($key) ? $key : 0) . "'");
                                 }
                             }
                             if (!empty($_FILES) && is_uploaded_file($_FILES['file_attachments']['tmp_name'][0]) && $thread->getThreadPermission("can_upload_attach")) {
                                 $upload = form_sanitizer($_FILES['file_attachments'], '', 'file_attachments');
                                 if ($upload['error'] == 0) {
                                     foreach ($upload['target_file'] as $arr => $file_name) {
                                         $attachment = array('thread_id' => $thread_data['thread_id'], 'post_id' => $post_data['post_id'], 'attach_name' => $file_name, 'attach_mime' => $upload['type'][$arr], 'attach_size' => $upload['source_size'][$arr], 'attach_count' => '0');
                                         dbquery_insert(DB_FORUM_ATTACHMENTS, $attachment, 'save', array('keep_session' => TRUE));
                                     }
                                 }
                             }
                             if (\defender::safe()) {
                                 redirect(FORUM . "postify.php?post=edit&error=0&amp;forum_id=" . intval($post_data['forum_id']) . "&amp;thread_id=" . intval($post_data['thread_id']) . "&amp;post_id=" . intval($post_data['post_id']));
                             }
                         }
                     }
                 }
                 // template data
                 $form_action = FORUM . "viewthread.php?action=edit&amp;forum_id=" . $thread_data['forum_id'] . "&amp;thread_id=" . $thread_data['thread_id'] . "&amp;post_id=" . $_GET['post_id'];
                 // get attachment.
                 $attachments = array();
                 $attach_rows = 0;
                 if ($thread->getThreadPermission("can_upload_attach") && !empty($thread_info['post_items'][$post_data['post_id']]['post_attachments'])) {
                     // need id
                     $a_result = dbquery("SELECT * FROM " . DB_FORUM_ATTACHMENTS . " WHERE post_id='" . intval($post_data['post_id']) . "' AND thread_id='" . intval($thread_data['thread_id']) . "'");
                     $attach_rows = dbrows($a_result);
                     if ($attach_rows > 0) {
                         while ($a_data = dbarray($a_result)) {
                             $attachments[] = $a_data;
                         }
                     }
                 }
                 $info = array('title' => $locale['forum_0507'], 'description' => $locale['forum_2000'] . $thread_data['thread_subject'], 'openform' => openform('input_form', 'post', $form_action, array('enctype' => $thread->getThreadPermission("can_upload_attach") ? TRUE : FALSE)), 'closeform' => closeform(), 'forum_id_field' => form_hidden('forum_id', '', $post_data['forum_id']), 'thread_id_field' => form_hidden('thread_id', '', $post_data['thread_id']), 'tags_field' => $is_first_post ? form_select('thread_tags[]', $locale['forum_tag_0100'], $thread_data['thread_tags'], array('options' => $this->tag()->get_TagOpts(), 'width' => '100%', 'multiple' => TRUE, 'delimiter' => '.', 'max_select' => 3)) : '', "forum_field" => "", 'subject_field' => $thread_info['post_firstpost'] == $_GET['post_id'] ? form_text('thread_subject', $locale['forum_0600'], $thread_data['thread_subject'], array('required' => TRUE, 'placeholder' => $locale['forum_2001'], "class" => 'm-t-20 m-b-20')) : form_hidden("thread_subject", "", $thread_data['thread_subject']), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => TRUE, 'autosize' => TRUE, 'no_resize' => TRUE, 'preview' => TRUE, 'form_name' => 'input_form', 'bbcode' => TRUE)), 'delete_field' => form_checkbox('delete', $locale['forum_0624'], '', array('class' => 'm-b-0', 'reverse_label' => TRUE)), 'edit_reason_field' => form_text('post_editreason', $locale['forum_0611'], $post_data['post_editreason'], array('placeholder' => '', 'class' => 'm-t-20 m-b-20')), 'attachment_field' => $thread->getThreadPermission("can_upload_attach") ? form_fileinput('file_attachments[]', $locale['forum_0557'], "", array('input_id' => 'file_attachments', 'upload_path' => FORUM . 'attachments/', 'type' => 'object', 'preview_off' => TRUE, 'multiple' => TRUE, 'max_count' => $attach_rows > 0 ? $forum_settings['forum_attachmax_count'] - $attach_rows : $forum_settings['forum_attachmax_count'], 'valid_ext' => $forum_settings['forum_attachtypes'])) . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t <div class='m-b-20'>\n<small>" . sprintf($locale['forum_0559'], parsebytesize($forum_settings['forum_attachmax']), str_replace('|', ', ', $forum_settings['forum_attachtypes']), $forum_settings['forum_attachmax_count']) . "</small>\n</div>\n" : "", "poll_form" => "", 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0', 'reverse_label' => TRUE)), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'sticky_field' => (iMOD || iSUPERADMIN) && $is_first_post ? form_checkbox('thread_sticky', $locale['forum_0620'], $thread_data['thread_sticky'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'lock_field' => iMOD || iSUPERADMIN ? form_checkbox('thread_locked', $locale['forum_0621'], $thread_data['thread_locked'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'hide_edit_field' => form_checkbox('hide_edit', $locale['forum_0627'], !empty($post_data['post_editreason']) && empty($post_data['post_edittime']) ? 1 : 0, array('class' => 'm-b-0', 'reverse_label' => TRUE)), 'post_locked_field' => iMOD || iSUPERADMIN ? form_checkbox('post_locked', $locale['forum_0628'], $post_data['post_locked'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'notify_field' => '', 'post_buttons' => form_button('post_edit', $locale['forum_0504'], $locale['forum_0504'], array('class' => 'btn-primary')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default m-l-10')), 'last_posts_reply' => '');
                 $a_info = '';
                 if (!empty($attachments)) {
                     foreach ($attachments as $a_data) {
                         $a_info .= form_checkbox("delete_attach_" . $a_data['attach_id'], $locale['forum_0625'], 0, array("reverse_label" => TRUE, "ext_tip" => "<a href='" . FORUM . "attachments/" . $a_data['attach_name'] . "'>" . $a_data['attach_name'] . "</a> [" . parsebytesize($a_data['attach_size']) . "]"));
                     }
                     $info['attachment_field'] = $a_info . $info['attachment_field'];
                 }
                 display_forum_postform($info);
             } else {
                 if (fusion_get_settings("site_seo")) {
                     redirect(fusion_get_settings("siteurl") . "infusions/forum/index.php");
                 }
                 redirect(FORUM . 'index.php');
                 // no access
             }
         } else {
             redirect(FORUM . "postify.php?post=edit&error=4&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "&post_id=" . $_GET['post_id']);
         }
     } else {
         if (fusion_get_settings("site_seo")) {
             redirect(fusion_get_settings("siteurl") . "infusions/forum/index.php");
         }
         redirect(FORUM . "index.php");
     }
 }
Ejemplo n.º 22
0
/* $user_level = fusion_get_userdata("user_level");
if (fusion_get_settings("maintenance") == "1" && fusion_get_settings("maintenance_level") < $user_level) {
    if (fusion_get_settings("site_seo")) {
        redirect(FUSION_ROOT.BASEDIR."maintenance.php");
    } else {
        redirect(BASEDIR."maintenance.php");
    }
}*/
// Code provided by Karrak
$user_level = fusion_get_userdata("user_level");
if (fusion_get_settings("maintenance") == "1") {
    if (fusion_get_settings("maintenance_level") < $user_level or empty($user_level)) {
        if (fusion_get_settings("site_seo")) {
            redirect(FUSION_ROOT . BASEDIR . "maintenance.php");
        } else {
            redirect(BASEDIR . "maintenance.php");
        }
    }
}
if (fusion_get_settings("site_seo") == 1) {
    $permalink = \PHPFusion\Rewrite\Permalinks::getInstance();
}
require_once INCLUDES . "breadcrumbs.php";
require_once INCLUDES . "header_includes.php";
require_once THEME . "theme.php";
require_once THEMES . "templates/render_functions.php";
if (iMEMBER) {
    dbquery("UPDATE " . DB_USERS . " SET user_lastvisit=UNIX_TIMESTAMP(NOW()), user_ip='" . USER_IP . "', user_ip_type='" . USER_IP_TYPE . "' WHERE user_id='" . fusion_get_userdata("user_id") . "'");
}
ob_start();
require_once THEMES . "templates/panels.php";
Ejemplo n.º 23
0
 function render_comments_form($comment_type, $clink, $comment_item_id, $_CAPTCHA_HIDE_INPUT)
 {
     $userdata = fusion_get_userdata();
     $settings = fusion_get_settings();
     $locale = fusion_get_locale();
     $comment_cat = "";
     $comment_message = "";
     if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
         $eresult = dbquery("SELECT tcm.*, tcu.user_name\n\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "' AND comment_item_id='" . $comment_item_id . "'\n\t\t\t\tAND comment_type='" . $comment_type . "' AND comment_hidden='0'");
         if (dbrows($eresult) > 0) {
             $edata = dbarray($eresult);
             if (iADMIN && checkrights("C") || iMEMBER && $edata['comment_name'] == $userdata['user_id'] && isset($edata['user_name'])) {
                 $clink .= "&amp;c_action=edit&amp;comment_id=" . $edata['comment_id'];
                 $comment_message = $edata['comment_message'];
                 $comment_cat = $edata['comment_cat'];
             }
         }
     }
     // Comments form
     if (iMEMBER || fusion_get_settings("guestposts") == 1) {
         $comments_form = openform('inputform', 'post', $clink);
         $comments_form .= form_hidden("comment_cat", "", $comment_cat);
         if (iGUEST) {
             $comments_form .= form_text('comment_name', $locale['c104'], '', array('max_length' => 30, 'required' => TRUE));
         }
         $comments_form .= form_textarea('comment_message', '', $comment_message, array('required' => 1, 'autosize' => 1, 'form_name' => 'inputform', "tinymce" => "simple", 'type' => fusion_get_settings("tinymce_enabled") ? "tinymce" : "bbcode"));
         if (iGUEST && (!isset($_CAPTCHA_HIDE_INPUT) || isset($_CAPTCHA_HIDE_INPUT) && !$_CAPTCHA_HIDE_INPUT)) {
             $_CAPTCHA_HIDE_INPUT = FALSE;
             $comments_form .= "<div class='m-t-10 m-b-10'>";
             $comments_form .= "<label class='col-xs-12 col-sm-3'>" . $locale['global_150'] . "</label><div class='col-xs-12 col-sm-9'>\n";
             ob_start();
             include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_display.php";
             $comments_form .= ob_get_contents();
             ob_end_clean();
             if (!$_CAPTCHA_HIDE_INPUT) {
                 $comments_form .= "<br />\n<label for='captcha_code'>" . $locale['global_151'] . "</label>";
                 $comments_form .= "<br />\n<input type='text' id='captcha_code' name='captcha_code' class='textbox' autocomplete='off' style='width:100px' />\n";
             }
             $comments_form .= "</div>\n";
             $comments_form .= "</div>\n";
         }
         $comments_form .= form_button('post_comment', $comment_message ? $locale['c103'] : $locale['c102'], $comment_message ? $locale['c103'] : $locale['c102'], array('class' => 'btn-success m-t-10'));
         $comments_form .= closeform();
     } else {
         $comments_form = "<div class='well'>\n";
         $comments_form .= $locale['c105'] . "\n";
         $comments_form .= "</div>\n";
     }
     ?>
     <!---comments form--->
     <div class="comments-form-panel">
         <!---comments header-->
         <div class="comments-form-header">
             <?php 
     echo $locale['c102'];
     ?>
         </div>
         <!---//comments header-->
         <div class="comments-form">
             <div class="pull-left">
                 <?php 
     echo display_avatar(fusion_get_userdata(), "50px", "", FALSE, "img-rounded");
     ?>
             </div>
             <div class="overflow-hide">
                 <a id="edit_comment" name="edit_comment"></a>
                 <?php 
     echo $comments_form;
     ?>
             </div>
         </div>
     </div>
     <!---//comments form--->
     <?php 
 }
Ejemplo n.º 24
0
 /**
  * New thread
  */
 public function set_newThreadInfo()
 {
     $userdata = fusion_get_userdata();
     $locale = fusion_get_locale("", FORUM_LOCALE);
     $locale += fusion_get_locale("", FORUM_TAGS_LOCALE);
     $forum_settings = ForumServer::get_forum_settings();
     // @todo: Reduce lines and optimize further
     if (iMEMBER) {
         // New thread directly to a specified forum
         if (!empty($_GET['forum_id']) && ForumServer::verify_forum($_GET['forum_id'])) {
             add_to_title($locale['forum_0000']);
             add_to_meta("description", $locale['forum_0000']);
             add_breadcrumb(array("link" => FORUM . "index.php", "title" => $locale['forum_0000']));
             add_to_title($locale['global_201'] . $locale['forum_0057']);
             $forum_data = dbarray(dbquery("SELECT f.*, f2.forum_name AS forum_cat_name\n\t\t\t\tFROM " . DB_FORUMS . " f\n\t\t\t\tLEFT JOIN " . DB_FORUMS . " f2 ON f.forum_cat=f2.forum_id\n\t\t\t\tWHERE f.forum_id='" . intval($_GET['forum_id']) . "'\n\t\t\t\tAND " . groupaccess('f.forum_access') . "\n\t\t\t\t"));
             if ($forum_data['forum_type'] == 1) {
                 redirect(INFUSIONS . "forum/index.php");
             }
             // Use the new permission settings
             self::setPermission($forum_data);
             $forum_data['lock_edit'] = $forum_settings['forum_edit_lock'];
             if (self::getPermission("can_post") && self::getPermission("can_access")) {
                 add_breadcrumb(array('link' => INFUSIONS . 'forum/index.php?viewforum&amp;forum_id=' . $forum_data['forum_id'] . '&amp;parent_id=' . $forum_data['forum_cat'], 'title' => $forum_data['forum_name']));
                 add_breadcrumb(array('link' => INFUSIONS . 'forum/index.php?viewforum&amp;forum_id=' . $forum_data['forum_id'] . '&amp;parent_id=' . $forum_data['forum_cat'], 'title' => $locale['forum_0057']));
                 /**
                  * Generate a poll form
                  */
                 $poll_form = "";
                 if (self::getPermission("can_create_poll")) {
                     // initial data to push downwards
                     $pollData = array('thread_id' => 0, 'forum_poll_title' => !empty($_POST['forum_poll_title']) ? form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title') : '', 'forum_poll_start' => time(), 'forum_poll_length' => 2, 'forum_poll_votes' => 0);
                     // counter of lengths
                     $option_data[1] = "";
                     $option_data[2] = "";
                     // Do a validation if checked add_poll
                     if (isset($_POST['add_poll'])) {
                         $pollData = array('thread_id' => 0, 'forum_poll_title' => isset($_POST['forum_poll_title']) ? form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title') : '', 'forum_poll_start' => time(), 'forum_poll_length' => count($option_data), 'forum_poll_votes' => 0);
                         // calculate poll lengths
                         if (!empty($_POST['poll_options']) && is_array($_POST['poll_options'])) {
                             foreach ($_POST['poll_options'] as $i => $value) {
                                 $option_data[$i] = form_sanitizer($value, '', "poll_options[{$i}]");
                             }
                         }
                     }
                     if (isset($_POST['add_poll_option']) && isset($_POST['poll_options'])) {
                         // reindex the whole array with blank values.
                         foreach ($_POST['poll_options'] as $i => $value) {
                             $option_data[$i] = form_sanitizer($value, '', "poll_options[{$i}]");
                         }
                         if (\defender::safe()) {
                             $option_data = array_values(array_filter($option_data));
                             array_unshift($option_data, NULL);
                             unset($option_data[0]);
                             $pollData['forum_poll_length'] = count($option_data);
                         }
                         array_push($option_data, '');
                     }
                     $poll_field = '';
                     $poll_field['poll_field'] = form_text('forum_poll_title', $locale['forum_0604'], $pollData['forum_poll_title'], array('max_length' => 255, 'placeholder' => $locale['forum_0604a'], 'inline' => TRUE, 'required' => TRUE));
                     for ($i = 1; $i <= count($option_data); $i++) {
                         $poll_field['poll_field'] .= form_text("poll_options[{$i}]", sprintf($locale['forum_0606'], $i), $option_data[$i], array('max_length' => 255, 'placeholder' => $locale['forum_0605'], 'inline' => TRUE, 'required' => $i <= 2 ? TRUE : FALSE));
                     }
                     $poll_field['poll_field'] .= "<div class='col-xs-12 col-sm-offset-3'>\n";
                     $poll_field['poll_field'] .= form_button('add_poll_option', $locale['forum_0608'], $locale['forum_0608'], array('class' => 'btn-primary btn-sm'));
                     $poll_field['poll_field'] .= "</div>\n";
                     $info = array('title' => $locale['forum_0366'], 'description' => $locale['forum_0630'], 'field' => $poll_field);
                     ob_start();
                     echo form_checkbox("add_poll", $locale['forum_0366'], isset($_POST['add_poll']) ? TRUE : FALSE, array('reverse_label' => TRUE));
                     echo "<div id='poll_form' class='poll-form' style='display:none;'>\n";
                     echo "<div class='well clearfix'>\n";
                     echo "<!--pre_form-->\n";
                     echo $info['field']['poll_field'];
                     echo "</div>\n";
                     echo "</div>\n";
                     $poll_form = ob_get_contents();
                     ob_end_clean();
                 }
                 $thread_data = array('forum_id' => $forum_data['forum_id'], 'thread_id' => 0, 'thread_subject' => isset($_POST['thread_subject']) ? form_sanitizer($_POST['thread_subject'], '', 'thread_subject') : '', 'thread_tags' => isset($_POST['thread_tags']) ? form_sanitizer($_POST['thread_tags'], '', 'thread_tags') : '', 'thread_author' => $userdata['user_id'], 'thread_views' => 0, 'thread_lastpost' => time(), 'thread_lastpostid' => 0, 'thread_lastuser' => $userdata['user_id'], 'thread_postcount' => 1, 'thread_poll' => 0, 'thread_sticky' => isset($_POST['thread_sticky']) ? 1 : 0, 'thread_locked' => isset($_POST['thread_sticky']) ? 1 : 0, 'thread_hidden' => 0);
                 $post_data = array('forum_id' => $forum_data['forum_id'], 'forum_cat' => $forum_data['forum_cat'], 'thread_id' => 0, 'post_id' => 0, 'post_message' => isset($_POST['post_message']) ? form_sanitizer($_POST['post_message'], '', 'post_message') : '', 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => !isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 0 : 1, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'notify_me' => isset($_POST['notify_me']) ? 1 : 0, 'post_locked' => 0);
                 // Execute post new thread
                 if (isset($_POST['post_newthread']) && \defender::safe()) {
                     require_once INCLUDES . "flood_include.php";
                     // all data is sanitized here.
                     if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
                         // have notice
                         if (\defender::safe()) {
                             // create a new thread.
                             dbquery_insert(DB_FORUM_THREADS, $thread_data, 'save', array('primary_key' => 'thread_id', 'keep_session' => TRUE));
                             $post_data['thread_id'] = dblastid();
                             $pollData['thread_id'] = dblastid();
                             dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id', 'keep_session' => TRUE));
                             $post_data['post_id'] = dblastid();
                             // Attach files if permitted
                             if (!empty($_FILES) && is_uploaded_file($_FILES['file_attachments']['tmp_name'][0]) && self::getPermission("can_upload_attach")) {
                                 $upload = form_sanitizer($_FILES['file_attachments'], '', 'file_attachments');
                                 if ($upload['error'] == 0) {
                                     foreach ($upload['target_file'] as $arr => $file_name) {
                                         $attach_data = array('thread_id' => $post_data['thread_id'], 'post_id' => $post_data['post_id'], 'attach_name' => $file_name, 'attach_mime' => $upload['type'][$arr], 'attach_size' => $upload['source_size'][$arr], 'attach_count' => '0');
                                         dbquery_insert(DB_FORUM_ATTACHMENTS, $attach_data, "save", array('keep_session' => TRUE));
                                     }
                                 }
                             }
                             dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . intval($post_data['post_author']) . "'");
                             // Update stats in forum and threads
                             // find all parents and update them
                             $list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $post_data['forum_id']);
                             if (is_array($list_of_forums)) {
                                 foreach ($list_of_forums as $forum_id) {
                                     $forum_update_sql = "\n                                        UPDATE " . DB_FORUMS . " SET forum_lastpost='" . intval($post_data['post_datestamp']) . "',\n                                        forum_postcount=forum_postcount+1,\n                                        forum_threadcount=forum_threadcount+1,\n                                        forum_lastpostid='" . intval($post_data['post_id']) . "',\n                                        forum_lastuser='******'post_author']) . "' WHERE forum_id='" . intval($forum_id) . "'\n                                        ";
                                     dbquery($forum_update_sql);
                                 }
                             }
                             // update current forum
                             dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . $post_data['post_datestamp'] . "', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $post_data['forum_id'] . "'");
                             // update current thread
                             dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost='" . $post_data['post_datestamp'] . "', thread_lastpostid='" . $post_data['post_id'] . "', thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $post_data['thread_id'] . "'");
                             // set notify
                             if ($forum_settings['thread_notify'] && isset($_POST['notify_me']) && $post_data['thread_id']) {
                                 if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $post_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
                                     dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $post_data['thread_id'] . "', '" . $post_data['post_datestamp'] . "', '" . $post_data['post_author'] . "', '1')");
                                 }
                             }
                             // Add poll if exist
                             if (!empty($option_data) && isset($_POST['add_poll'])) {
                                 dbquery_insert(DB_FORUM_POLLS, $pollData, 'save');
                                 $poll_option_data['thread_id'] = $pollData['thread_id'];
                                 $i = 1;
                                 foreach ($option_data as $option_text) {
                                     if ($option_text) {
                                         $poll_option_data['forum_poll_option_id'] = $i;
                                         $poll_option_data['forum_poll_option_text'] = $option_text;
                                         $poll_option_data['forum_poll_option_votes'] = 0;
                                         dbquery_insert(DB_FORUM_POLL_OPTIONS, $poll_option_data, 'save');
                                         $i++;
                                     }
                                 }
                                 dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_poll='1' WHERE thread_id='" . $pollData['thread_id'] . "'");
                             }
                         }
                         if (\defender::safe()) {
                             redirect(INFUSIONS . "forum/postify.php?post=new&error=0&amp;forum_id=" . intval($post_data['forum_id']) . "&amp;parent_id=" . intval($post_data['forum_cat']) . "&amp;thread_id=" . intval($post_data['thread_id'] . ""));
                         }
                     }
                 }
                 $this->info = array('title' => $locale['forum_0057'], 'description' => '', 'openform' => openform('input_form', 'post', FORUM . "newthread.php?forum_id=" . $post_data['forum_id'], array('enctype' => self::getPermission("can_upload_attach"))), 'closeform' => closeform(), 'forum_id_field' => '', 'thread_id_field' => '', "forum_field" => "", 'subject_field' => form_text('thread_subject', $locale['forum_0600'], $thread_data['thread_subject'], array('required' => 1, 'placeholder' => $locale['forum_2001'], 'error_text' => '', 'class' => 'm-t-20 m-b-20')), 'tags_field' => form_select('thread_tags[]', $locale['forum_tag_0100'], $thread_data['thread_tags'], array('options' => $this->tag()->get_TagOpts(TRUE), 'width' => '100%', 'multiple' => TRUE, 'delimiter' => '.', 'max_select' => 3)), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => 1, 'error_text' => '', 'autosize' => 1, 'no_resize' => 1, 'preview' => 1, 'form_name' => 'input_form', 'bbcode' => 1)), 'attachment_field' => self::getPermission("can_upload_attach") ? form_fileinput('file_attachments[]', $locale['forum_0557'], "", array('input_id' => 'file_attachments', 'upload_path' => INFUSIONS . 'forum/attachments/', 'type' => 'object', 'preview_off' => TRUE, "multiple" => TRUE, "inline" => FALSE, 'max_count' => $forum_settings['forum_attachmax_count'], 'valid_ext' => $forum_settings['forum_attachtypes'], "class" => "m-b-0")) . " <div class='m-b-20'>\n<small>\n                            " . sprintf($locale['forum_0559'], parsebytesize($forum_settings['forum_attachmax']), str_replace('|', ', ', $forum_settings['forum_attachtypes']), $forum_settings['forum_attachmax_count']) . "</small>\n</div>\n" : "", 'poll_form' => $poll_form, 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0', 'reverse_label' => TRUE)), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'sticky_field' => iMOD || iSUPERADMIN ? form_checkbox('thread_sticky', $locale['forum_0620'], $thread_data['thread_sticky'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'lock_field' => iMOD || iSUPERADMIN ? form_checkbox('thread_locked', $locale['forum_0621'], $thread_data['thread_locked'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'edit_reason_field' => '', 'delete_field' => '', 'hide_edit_field' => '', 'post_locked_field' => '', 'notify_field' => $forum_settings['thread_notify'] ? form_checkbox('notify_me', $locale['forum_0626'], $post_data['notify_me'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'post_buttons' => form_button('post_newthread', $locale['forum_0057'], $locale['forum_0057'], array('class' => 'btn-primary btn-sm')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default btn-sm m-l-10')), 'last_posts_reply' => '');
                 // add a jquery to toggle the poll form
                 add_to_jquery("\n                        if (\$('#add_poll').is(':checked')) {\n                            \$('#poll_form').show();\n                        } else {\n                            \$('#poll_form').hide();\n                        }\n                        \$('#add_poll').bind('click', function() {\n                            if (\$(this).is(':checked')) {\n                                \$('#poll_form').slideDown();\n                            } else {\n                                \$('#poll_form').slideUp();\n                            }\n                        });\n                    ");
             } else {
                 redirect(FORUM . "index.php");
             }
         } else {
             /*
              * Quick New Forum Posting.
              * Does not require to run permissions.
              * Does not contain forum poll.
              * Does not contain attachment
              */
             if (!dbcount("(forum_id)", DB_FORUMS, "forum_type !='1'")) {
                 redirect(INFUSIONS . "forum/index.php");
             }
             if (!dbcount("(forum_id)", DB_FORUMS, "forum_language ='" . LANGUAGE . "'")) {
                 redirect(INFUSIONS . "forum/index.php");
             }
             add_breadcrumb(array("link" => FORUM . "newthread.php?forum_id=0", "title" => $locale['forum_0057']));
             $thread_data = array('forum_id' => isset($_POST['forum_id']) ? form_sanitizer($_POST['forum_id'], 0, "forum_id") : 0, 'thread_id' => 0, 'thread_subject' => isset($_POST['thread_subject']) ? form_sanitizer($_POST['thread_subject'], '', 'thread_subject') : '', 'thread_tags' => isset($_POST['thread_tags']) ? form_sanitizer($_POST['thread_tags'], '', 'thread_tags') : '', 'thread_author' => $userdata['user_id'], 'thread_views' => 0, 'thread_lastpost' => time(), 'thread_lastpostid' => 0, 'thread_lastuser' => $userdata['user_id'], 'thread_postcount' => 1, 'thread_poll' => 0, 'thread_sticky' => isset($_POST['thread_sticky']) ? TRUE : FALSE, 'thread_locked' => isset($_POST['thread_sticky']) ? TRUE : FALSE, 'thread_hidden' => 0);
             $post_data = array('forum_id' => isset($_POST['forum_id']) ? form_sanitizer($_POST['forum_id'], 0, "forum_id") : 0, "forum_cat" => 0, 'thread_id' => 0, 'post_id' => 0, 'post_message' => isset($_POST['post_message']) ? form_sanitizer($_POST['post_message'], '', 'post_message') : '', 'post_showsig' => isset($_POST['post_showsig']) ? TRUE : FALSE, 'post_smileys' => !isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? FALSE : TRUE, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'notify_me' => isset($_POST['notify_me']) ? TRUE : FALSE, 'post_locked' => 0);
             // go for a new thread posting.
             // check data
             // and validate
             // do not run attach, and do not run poll.
             if (isset($_POST['post_newthread']) && \defender::safe()) {
                 require_once INCLUDES . "flood_include.php";
                 // all data is sanitized here.
                 if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
                     // have notice
                     if (ForumServer::verify_forum($thread_data['forum_id'])) {
                         $forum_data = dbarray(dbquery("SELECT f.*, f2.forum_name AS forum_cat_name\n                            FROM " . DB_FORUMS . " f\n                            LEFT JOIN " . DB_FORUMS . " f2 ON f.forum_cat=f2.forum_id\n                            WHERE f.forum_id='" . intval($thread_data['forum_id']) . "'\n                            AND " . groupaccess('f.forum_access') . "\n                            "));
                         if ($forum_data['forum_type'] == 1) {
                             redirect(INFUSIONS . "forum/index.php");
                         }
                         // Use the new permission settings
                         self::setPermission($forum_data);
                         $forum_data['lock_edit'] = $forum_settings['forum_edit_lock'];
                         if (self::getPermission("can_post") && self::getPermission("can_access")) {
                             $post_data['forum_cat'] = $forum_data['forum_cat'];
                             // create a new thread.
                             dbquery_insert(DB_FORUM_THREADS, $thread_data, 'save', array('primary_key' => 'thread_id', 'keep_session' => TRUE));
                             $post_data['thread_id'] = dblastid();
                             dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id', 'keep_session' => TRUE));
                             $post_data['post_id'] = dblastid();
                             dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . $post_data['post_author'] . "'");
                             // Update stats in forum and threads
                             // find all parents and update them
                             $list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $post_data['forum_id']);
                             foreach ($list_of_forums as $fid) {
                                 dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $fid . "'");
                             }
                             // update current forum
                             dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost=''" . time() . "'', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $post_data['forum_id'] . "'");
                             // update current thread
                             dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost=''" . time() . "'', thread_lastpostid='" . $post_data['post_id'] . "', thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $post_data['thread_id'] . "'");
                             // set notify
                             if ($forum_settings['thread_notify'] && isset($_POST['notify_me']) && $post_data['thread_id']) {
                                 if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $post_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
                                     dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $post_data['thread_id'] . "', '" . time() . "', '" . $post_data['post_author'] . "', 1)");
                                 }
                             }
                             if (\defender::safe()) {
                                 redirect(INFUSIONS . "forum/postify.php?post=new&error=0&amp;forum_id=" . intval($post_data['forum_id']) . "&amp;parent_id=" . intval($post_data['forum_cat']) . "&amp;thread_id=" . intval($post_data['thread_id'] . ""));
                             }
                         } else {
                             addNotice("danger", $locale['forum_0186']);
                         }
                     } else {
                         addNotice("danger", $locale['forum_0187']);
                         redirect(INFUSIONS . "forum/index.php");
                     }
                 }
             }
             //Disable all parents
             $disabled_opts = array();
             $disable_query = "\n                SELECT forum_id FROM " . DB_FORUMS . " WHERE forum_type='1'\n                " . (multilang_table("FO") ? "AND forum_language='" . LANGUAGE . "'" : "") . "\n                ";
             $disable_query = dbquery(" {$disable_query} ");
             if (dbrows($disable_query) > 0) {
                 while ($d_forum = dbarray($disable_query)) {
                     $disabled_opts = $d_forum['forum_id'];
                 }
             }
             $this->info = array('title' => $locale['forum_0057'], 'description' => '', 'openform' => openform('input_form', 'post', FORUM . "newthread.php", array('enctype' => FALSE)), 'closeform' => closeform(), 'forum_id_field' => '', 'thread_id_field' => '', 'forum_field' => form_select_tree("forum_id", $locale['forum_0395'], $thread_data['forum_id'], array("required" => TRUE, "width" => "320px", "no_root" => TRUE, "disable_opts" => $disabled_opts, "query" => multilang_table("FO") ? "WHERE forum_language='" . LANGUAGE . "'" : ""), DB_FORUMS, "forum_name", "forum_id", "forum_cat"), 'subject_field' => form_text('thread_subject', $locale['forum_0600'], $thread_data['thread_subject'], array('required' => 1, 'placeholder' => $locale['forum_2001'], 'error_text' => '', 'class' => 'm-t-20 m-b-20')), 'tags_field' => form_select('thread_tags[]', $locale['forum_tag_0100'], $thread_data['thread_tags'], array('options' => $this->tag()->get_TagOpts(), 'width' => '100%', 'multiple' => TRUE, 'delimiter' => '.', 'max_select' => 3)), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => 1, 'error_text' => '', 'autosize' => 1, 'no_resize' => 1, 'preview' => 1, 'form_name' => 'input_form', 'bbcode' => 1)), 'attachment_field' => "", 'poll_form' => "", 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0', 'reverse_label' => TRUE)), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'sticky_field' => iSUPERADMIN ? form_checkbox('thread_sticky', $locale['forum_0620'], $thread_data['thread_sticky'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'lock_field' => iSUPERADMIN ? form_checkbox('thread_locked', $locale['forum_0621'], $thread_data['thread_locked'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'edit_reason_field' => '', 'delete_field' => '', 'hide_edit_field' => '', 'post_locked_field' => '', 'notify_field' => $forum_settings['thread_notify'] ? form_checkbox('notify_me', $locale['forum_0626'], $post_data['notify_me'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'post_buttons' => form_button('post_newthread', $locale['forum_0057'], $locale['forum_0057'], array('class' => 'btn-primary btn-sm')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default btn-sm m-l-10')), 'last_posts_reply' => '');
         }
     } else {
         redirect(INFUSIONS . 'forum/index.php');
     }
 }
Ejemplo n.º 25
0
 function render_post_item($data)
 {
     global $aidlink;
     $forum_settings = \PHPFusion\Forums\ForumServer::get_forum_settings();
     $locale = fusion_get_locale();
     $userdata = fusion_get_userdata();
     echo "\n\t\t<div id='" . $data['marker']['id'] . "' class='clearfix post_items'>\n\n\t\t<div class='forum_avatar text-center'>\n\n\t\t" . $data['user_avatar_image'] . "\n\t\t" . ($forum_settings['forum_rank_style'] == '1' ? "<div class='text-center m-t-10'>" . $data['user_rank'] . "</div>\n" : '') . "\n\t\t</div>\n\n\t\t<div class='pull-right m-l-10 col-sm-4 col-md-3 m-l-10'>\n\t\t<div class='pull-right m-l-10'>" . $data['post_checkbox'] . "</div>\n\n\t\t<div class='btn-group dropdown'>\n\n\t\t" . (isset($data['post_quote']) && !empty($data['post_quote']) ? "<a class='btn btn-default btn-xs quote-link' href='" . $data['post_quote']['link'] . "' title='" . $data['post_quote']['title'] . "'>" . $data['post_quote']['title'] . "</a>\n" : '') . "\n\t\t" . (isset($data['post_reply']) && !empty($data['post_reply']) ? "<a class='btn btn-default btn-xs reply-link' href='" . $data['post_reply']['link'] . "' title='" . $data['post_reply']['title'] . "'>" . $data['post_reply']['title'] . "</a>\n" : '') . "\n\t\t" . (isset($data['post_edit']) && !empty($data['post_edit']) ? "<a class='btn btn-default btn-xs edit-link' href='" . $data['post_edit']['link'] . "' title='" . $data['post_edit']['title'] . "'>" . $data['post_edit']['title'] . "</a>\n" : "") . "\n\t\t<a class='dropdown btn btn-xs btn-default' data-toggle='dropdown'><i class='fa fa-fw fa-ellipsis-v'></i></a>\n\n\t\t<ul class='dropdown-menu'>\n\n\t\t<!--forum_thread_user_fields_" . $data['post_id'] . "-->\n\n\t\t" . ($data['user_ip'] ? "<li class='hidden-sm hidden-md hidden-lg'><i class='fa fa-user fa-fw'></i> IP : " . $data['user_ip'] . "</li>" : "") . "\n\t\t<li class='hidden-sm hidden-md hidden-lg'><i class='fa fa-commenting-o fa-fw'></i> " . $data['user_post_count'] . "</li>\n\t\t" . ($data['user_message']['link'] !== "" ? "<li><a href='" . $data['user_message']['link'] . "' title='" . $data['user_message']['title'] . "'>" . $data['user_message']['title'] . "</a></li>\n" : "");
     if ($data['user_web']['link'] !== "") {
         echo "<li>" . (fusion_get_settings('index_url_userweb') ? "" : "<!--noindex-->") . " <a href='" . $data['user_web']['link'] . "' title='" . $data['user_web']['title'] . "' " . (fusion_get_settings('index_url_userweb') ? "" : "rel='nofollow'") . ">" . $data['user_web']['title'] . "</a>" . (fusion_get_settings('index_url_userweb') ? "" : "<!--/noindex-->") . "</li>\n";
     }
     echo "<li><a href='" . $data['print']['link'] . "' title='" . $data['print']['title'] . "'>" . $data['print']['title'] . "</a></li>\n\n\t\t" . (isset($data['post_quote']) && !empty($data['post_quote']) ? "<li><a href='" . $data['post_quote']['link'] . "' title='" . $data['post_quote']['title'] . "'>" . $data['post_quote']['title'] . "</a></li>\n" : '') . "\n\t\t" . (isset($data['post_edit']) && !empty($data['post_edit']) ? "<li><a href='" . $data['post_edit']['link'] . "' title='" . $data['post_edit']['title'] . "'>" . $locale['forum_0507'] . "</a></li>\n" : '');
     if (iADMIN && checkrights("M") && $data['user_id'] != $userdata['user_id'] && $data['user_level'] == USER_LEVEL_SUPER_ADMIN) {
         echo "<li class='divider'></li>\n";
         echo "<p class='text-center'><a href='" . ADMIN . "members.php" . $aidlink . "&amp;step=edit&amp;user_id=" . $data['user_id'] . "'>" . $locale['edit'] . "</a> &middot; ";
         echo "<a href='" . ADMIN . "members.php" . $aidlink . "&amp;user_id=" . $data['user_id'] . "&amp;action=1'>" . $locale['ban'] . "</a> &middot; ";
         echo "<a href='" . ADMIN . "members.php" . $aidlink . "&amp;step=delete&amp;status=0&amp;user_id=" . $data['user_id'] . "'>" . $locale['delete'] . "</a></p>\n";
     }
     echo "</ul>\n</div>\n";
     echo "<ul class='overflow-hide post_info post_stats hidden-xs m-t-15 p-0'>\n\t\t<!--forum_thread_user_fields_" . $data['post_id'] . "-->\n\n\t\t" . ($data['user_ip'] ? "<li>IP : " . $data['user_ip'] . "</li>" : "") . "\n\t\t<li>" . $data['user_post_count'] . "</li>\n\t\t</ul>\n\t\t</div>\n\t\t<div class='overflow-hide'>\n\n\t\t<!--forum_thread_user_name-->\n\n\t\t<div class='m-b-10 post_info'>\n\n\t\t<span style='height:5px; width:10px; border-radius:50%; color:#5CB85C'><i class='fa " . ($data['user_online'] ? "fa-circle" : "fa-circle-thin") . "'></i></span>\n\n\t\t<span class='text-smaller'><span class='forum_poster'>" . $data['user_profile_link'] . "</span>\n\t\t" . ($forum_settings['forum_rank_style'] == '0' ? "<span class='forum_rank'>\n" . $data['user_rank'] . "</span>\n" : '') . "\n\t\t" . $data['post_shortdate'] . " </span>\n\n\t\t</div>\n\n\t\t<!--forum_thread_prepost_" . $data['post_id'] . "-->\n\n\t\t" . ($data['post_votebox'] ? "<div class='pull-left m-r-15'>" . $data['post_votebox'] . "</div>" : '') . "\n\t\t<div class='display-block overflow-hide'>\n\n\t\t<div class='post_message'>" . $data['post_message'] . "</div>\n\t\t" . ($data['user_sig'] ? "<div class='forum_sig text-smaller'>" . $data['user_sig'] . "</div>\n" : "") . "\n\t\t" . ($data['post_attachments'] ? "<div class='forum_attachments'>" . $data['post_attachments'] . "</div>" : "") . "\n\t\t</div>\n\n\t\t</div>\n\n\n\t\t<!--sub_forum_post_message-->\n\n\t\t<div class='post_info m-t-20'>\n\n\n\t\t    " . (!empty($data['post_mood']) ? "<!--forum_mood--><div class='pull-right m-l-10'>" . $data['post_mood'] . "</div><!--//forum_mood-->" : "") . "\n\n\t\t    " . $data['post_edit_reason'] . "\n\t\t    " . $data['post_reply_message'] . "\n\t\t    " . $data['post_mood_message'] . "\n\t\t</div>\n\n        <!--//sub_forum_post_message-->\n\n\n\t\t</div>\n\n\t\t";
     /*
     * <div class='text-right m-t-10'>\n
     		<a class='btn btn-primary btn-xs' href='".$data['post_quote']['link']."' title='".$data['post_quote']['title']."'>".$data['post_quote']['title']."</a>\n
     		<a class='btn btn-default btn-xs' href='".$data['post_edit']['link']."' title='".$data['post_edit']['title']."'>".$data['post_edit']['title']."</a>\n
     		</div>\n
     */
 }