function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, &$post_username, &$post_subject, &$post_message, &$post_np, &$poll_title, &$poll_options, &$poll_length, $ub = '') { global $config, $lang, $userdata, $user_ip, $tree; $current_time = time(); /* // // Retreive authentication info to determine if this user has moderator status // $is_auth = $tree['auth'][POST_FORUM_URL . $forum_id]; $is_mod = $is_auth['auth_mod']; if ($mode == 'newtopic' || $mode == 'reply' && !$is_mod) { // // Flood control // $where_sql = ($userdata['user_id'] == GUEST) ? "poster_ip = '$user_ip'" : 'poster_id = ' . $userdata['user_id']; $sql = "SELECT MAX(post_time) AS last_post_time FROM _forum_posts WHERE $where_sql"; if ($row = sql_fieldrow($result)) { if (intval($row['last_post_time']) > 0 && ($current_time - intval($row['last_post_time'])) < intval($config['flood_interval'])) { trigger_error('Flood_Error'); } } } */ if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post'])) { $topic_vote = (!empty($poll_title) && count($poll_options) >= 2) ? 1 : 0; if ($mode != 'editpost') { $sql_insert = array( 'topic_title' => $post_subject, 'topic_poster' => $userdata['user_id'], 'topic_time' => $current_time, 'forum_id' => $forum_id, 'topic_status' => TOPIC_UNLOCKED, 'topic_important' => $topic_type, 'topic_vote' => $topic_vote ); if (!empty($ub)) { $sql_insert['ub'] = $ub; } sql_insert('forum_topics', $sql_insert); } else { $sql_update = array( 'topic_title' => $post_subject, 'topic_important' => $topic_type ); if ($post_data['edit_vote'] || !empty($poll_title)) { $sql_update['topic_vote'] = $topic_vote; } $sql = 'UPDATE _forum_topics SET ?? WHERE topic_id = ?'; sql_query(sql_filter($sql, sql_build('UPDATE', $sql_update), $topic_id)); } if ($mode == 'newtopic') { $topic_id = sql_nextid(); } } $edited_sql = ($mode == 'editpost' && !$post_data['last_post'] && $post_data['poster_post']) ? '' : ''; if ($mode != 'editpost') { $sql_insert = array( 'topic_id' => $topic_id, 'forum_id' => $forum_id, 'poster_id' => $userdata['user_id'], 'post_username' => $post_username, 'post_time' => $current_time, 'poster_ip' => $user_ip, 'post_subject' => $post_subject, 'post_text' => $post_message, 'post_np' => $post_np ); sql_insert('forum_posts', $sql_insert); } else { $sql_update = array( 'post_username' => $post_username, 'post_subject' => $post_subject, 'post_text' => $post_text, 'post_np' => $post_np ); $sql = 'UPDATE _forum_posts SET ?? WHERE post_id = ?'; sql_query(sql_filter($sql, sql_build('UPDATE', $sql_update), $post_id)); } if ($mode != 'editpost') { $post_id = sql_nextid(); } // // Add poll // if (($mode == 'newtopic' || ($mode == 'editpost' && $post_data['edit_poll'])) && !empty($poll_title) && count($poll_options) >= 2) { if ($post_data['has_poll']) { $sql_update = array( 'vote_text' => $poll_title, 'vote_length' => ($poll_length * 86400) ); $sql = 'UPDATE _poll_options SET ?? WHERE topic_id = ?'; sql_query(sql_filter($sql, sql_build('UPDATE', $sql_update), $topic_id)); } else { $sql_insert = array( 'topic_id' => $topic_id, 'vote_text' => $poll_title, 'vote_start' => $current_time, 'vote_length' => ($poll_length * 86400) ); sql_insert('poll_options', $sql_insert); } $delete_option_sql = ''; $old_poll_result = w(); if ($mode == 'editpost' && $post_data['has_poll']) { $sql = 'SELECT vote_option_id, vote_result FROM _poll_results WHERE vote_id = ? ORDER BY vote_option_id ASC'; $result = sql_rowset(sql_filter($sql, $poll_id)); foreach ($result as $row) { $old_poll_result[$row['vote_option_id']] = $row['vote_result']; if (!isset($poll_options[$row['vote_option_id']])) { $delete_option_sql .= ($delete_option_sql != '') ? ', ' . $row['vote_option_id'] : $row['vote_option_id']; } } } else { $poll_id = sql_nextid(); } $poll_option_id = 1; while (list($option_id, $option_text) = each($poll_options)) { if (!empty($option_text)) { $option_text = str_replace("\'", "''", htmlspecialchars($option_text)); $poll_result = ($mode == "editpost" && isset($old_poll_result[$option_id])) ? $old_poll_result[$option_id] : 0; if ($mode != 'editpost' || !isset($old_poll_result[$option_id])) { $sql_insert = array( 'vote_id' => $poll_id, 'vote_option_id' => $poll_option_id, 'vote_option_text' => $option_text, 'vote_result' => $poll_result ); sql_insert('poll_results', $sql_insert); } else { $sql_update = array( 'vote_option_text' => $option_text, 'vote_result' => $poll_result ); $sql = 'UPDATE _poll_results SET ?? WHERE vote_option_id = ? AND vote_id = ?'; sql_query(sql_filter($sql, sql_build('UPDATE', $sql_update), $option_id, $poll_id)); } $poll_option_id++; } } if (!empty($delete_option_sql)) { $sql = 'DELETE FROM _poll_results WHERE vote_option_id IN (??) AND vote_id = ?'; sql_query(sql_filter($sql, $delete_option_sql, $poll_id)); } } redirect(s_link('post', $post_id) . '#' . $post_id); return false; }
protected function _event_home() { global $warning; $v = $this->__(array('e_title', 'e_text', 'e_time' => array(0), 'e_artists' => array(0))); $v_check = array('e_title' => 'INVALID_NAME', 'e_cat' => 'INVALID_CATEGORY'); foreach ($v_check as $vk => $vv) { if (empty($v->{$vk})) { $warning->set($vv); } } if (!$warning->exist) { $v['e_alias'] = _alias($v['e_title']); if (empty($v['e_alias'])) { $arning->set('INVALID_ALIAS'); } } if (!$warning->exist) { $sql = 'SELECT cat_id FROM _events_category WHERE cat_id = ?'; if (!sql_fieldrow(sql_filter($sql, $v->e_cat))) { $this->warning->set('invalid_category'); } } if (!$this->warning->exist) { $core->require('upload'); $core->upload->init(); $f = $core->upload->process(LIB . 'tmp/', $_FILES['e_flyer'], w('jpg'), max_upload_size()); if ($f === false && count($core->upload->warning)) { $this->warning->set($core->upload->warning); } } if (!$this->warning->exist()) { $sql_insert = array('alias' => $v['e_alias'], 'subject' => str_normalize($v['e_title']), 'text' => str_normalize($v['e_text']), 'approved' => 0, 'views' => 0, 'posts' => 0, 'start' => $e_start, 'end' => $e_end, 'images' => 0); sql_put('_events', prefix('event', $sql_insert)); $v['e_id'] = sql_nextid(); if (is_array($v->e_artists)) { foreach ($v['e_artists'] as $row) { $sql_insert = array('id' => (int) $v['e_id'], 'artist' => (int) $row); sql_put('_events_artists', prefix('event', $sql_insert)); } } foreach ($f as $row) { $f2 = $upload->resize($row, LIB . 'tmp', LIB . 'events/future/', $v['e_id'], array(600, 400), false, false, true); if ($f2 === false) { continue; } $f3 = $upload->resize($row, LIB . 'events/future/', LIB . 'events/preview/', $v['e_id'], array(210, 210), false, false); } redirect(_link('events', $v['e_alias'])); } return; }