function gf_resyncforum($id) { global $_CONF, $_TABLES; COM_errorLog("Re-Syncing Forum id:{$id}"); // Update all the Topics lastupdated timestamp to that of the last posted comment $topicsQuery = DB_query("SELECT id FROM {$_TABLES['gf_topic']} WHERE forum={$id} and pid=0"); $topicCount = DB_numRows($topicsQuery); if ($topicCount > 0) { $lastTopicQuery = DB_query("SELECT MAX(id) as maxid FROM {$_TABLES['gf_topic']} WHERE forum={$id}"); $lasttopic = DB_fetchArray($lastTopicQuery); DB_query("UPDATE {$_TABLES['gf_forums']} SET last_post_rec = {$lasttopic['maxid']} WHERE forum_id={$id}"); $postCount = DB_Count($_TABLES['gf_topic'], 'forum', $id); // Update the forum definition record to know the number of topics and number of posts DB_query("UPDATE {$_TABLES['gf_forums']} SET topic_count={$topicCount}, post_count={$postCount} WHERE forum_id={$id}"); $recCount = 0; while ($trecord = DB_fetchArray($topicsQuery)) { $recCount++; // Retrieve the oldest post records for this topic and update the lastupdated time in the parent topic record $lsql = DB_query("SELECT MAX(id)as maxid FROM {$_TABLES['gf_topic']} WHERE pid={$trecord['id']}"); $lastrec = DB_fetchArray($lsql); if ($lastrec['maxid'] != NULL) { $postCount = DB_count($_TABLES['gf_topic'], 'forum', $id); $latest = DB_getITEM($_TABLES['gf_topic'], date, "id={$lastrec['maxid']}"); DB_query("UPDATE {$_TABLES['gf_topic']} SET lastupdated = '{$latest}' where id='{$trecord['id']}'"); // Update the parent topic record to know the id of the Last Reply DB_query("UPDATE {$_TABLES['gf_topic']} SET last_reply_rec = {$lastrec['maxid']} where id='{$trecord['id']}'"); } else { $latest = DB_getITEM($_TABLES['gf_topic'], date, "id={$trecord['id']}"); DB_query("UPDATE {$_TABLES['gf_topic']} SET lastupdated = '{$latest}' WHERE id='{$trecord['id']}'"); } // Recalculate and Update the number of replies $numreplies = DB_Count($_TABLES['gf_topic'], "pid", $trecord['id']); DB_query("UPDATE {$_TABLES['gf_topic']} SET replies = '{$numreplies}' WHERE id='{$trecord['id']}'"); } COM_errorLog("{$recCount} Topic Records Updated"); } else { DB_query("UPDATE {$_TABLES['gf_forums']} SET topic_count=0, post_count=0 WHERE forum_id={$id}"); COM_errorLog("No topic records to resync"); } }
function _ff_migrateComments($forum, $sid, $parent) { global $verbose, $_TABLES, $_CONF, $migratedcomments; $sql = DB_query("SELECT sid,date,uid,title,comment from {$_TABLES['comments']} WHERE sid = '" . DB_escapeString($sid) . "' ORDER BY date ASC"); $num_comments = DB_numRows($sql); $i = 0; while (list($sid, $commentdate, $uid, $subject, $comment) = DB_fetchArray($sql)) { $sqlid = DB_query("SELECT id from {$_TABLES['ff_topic']} ORDER BY id desc LIMIT 1"); list($lastid) = DB_fetchArray($sqlid); $comment = prepareStringForDB($comment); $subject = prepareStringForDB($subject); $postmode = "html"; $name = DB_getITEM($_TABLES['users'], 'username', "uid=" . (int) $uid); $email = DB_getITEM($_TABLES['users'], 'email', "uid=" . (int) $uid); $website = DB_getITEM($_TABLES['users'], 'homepage', "uid=" . (int) $uid); $datetime = explode(" ", $commentdate); $date = explode("-", $datetime[0]); $time = explode(":", $datetime[1]); $year = $date[0] > 1969 ? $date[0] : "2001"; $month = $date[1]; $day = $date[2]; $hour = $time[0]; $min = $time[1]; $timestamp = mktime($hour, $min, 0, $month, $day, $year); $lastupdated = $timestamp; $migratedcomments++; DB_query("INSERT INTO {$_TABLES['ff_topic']} (forum,name,date,lastupdated, email, website, subject, comment, postmode, ip, mood, uid, pid, sticky, locked)\n VALUES (" . (int) $forum . ",'" . DB_escapeString($name) . "','{$timestamp}','{$lastupdated}','" . DB_escapeString($email) . "','" . DB_escapeString($website) . "','{$subject}','{$comment}','" . DB_escapeString($postmode) . "','',''," . (int) $uid . "," . (int) $parent . ",'0','0')"); $i++; } DB_query("UPDATE {$_TABLES['ff_topic']} SET replies = {$num_comments} WHERE id=" . (int) $parent); return $num_comments; }
// Remove any lastviewed records in the log so that the new updated topic indicator will appear DB_query("DELETE FROM {$_TABLES['gf_log']} WHERE topic='{$moveid}'"); $link = "{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$moveid}"; forum_statusMessage($LANG_GF02['msg163'], $link, $LANG_GF02['msg163']); } gf_siteFooter(); exit; } } if ($modfunction == 'deletepost' and forum_modPermission($forum, $_USER['uid'], 'mod_delete') and $fortopicid != 0) { if ($top == 'yes') { $alertmessage = $LANG_GF02['msg65'] . "<p>"; } else { $alertmessage = ''; } $subject = DB_getITEM($_TABLES['gf_topic'], "subject", "id='{$msgpid}'"); $alertmessage .= sprintf($LANG_GF02['msg64'], $fortopicid, $subject); $promptform = '<p><FORM ACTION="' . $_CONF['site_url'] . '/forum/moderation.php" METHOD="POST">'; $promptform .= '<INPUT TYPE="hidden" NAME="modconfirmdelete" VALUE="1">'; $promptform .= '<INPUT TYPE="hidden" NAME="msgid" VALUE="' . $fortopicid . '">'; $promptform .= '<INPUT TYPE="hidden" NAME="forum" VALUE="' . $forum . '">'; $promptform .= '<INPUT TYPE="hidden" NAME="msgpid" VALUE="' . $msgpid . '">'; $promptform .= '<INPUT TYPE="hidden" NAME="top" VALUE="' . $top . '">'; $promptform .= '<CENTER><INPUT TYPE="submit" NAME="submit" VALUE="' . $LANG_GF01['CONFIRM'] . '"> '; $promptform .= '<INPUT TYPE="submit" NAME="submit" VALUE="' . $LANG_GF01['CANCEL'] . '"></CENTER>'; $promptform .= '</CENTER></FORM></p>'; alertMessage($alertmessage, $LANG_GF02['msg182'], $promptform); } elseif ($modfunction == 'editpost' and forum_modPermission($forum, $_USER['uid'], 'mod_edit') and $fortopicid != 0) { $page = COM_applyFilter($_REQUEST['page'], true); echo COM_refresh("createtopic.php?method=edit&id={$fortopicid}&page={$page}"); echo $LANG_GF02['msg110'];
} if (DB_count($_TABLES[messenger_dist], 'msg_id', $id) == 0) { DB_query("DELETE FROM {$_TABLES['messenger_msg']} WHERE (id = '{$id}')"); } messenger_statusMessage($LANG_MSG['msgdelsuccess'], $phpself . '?folder=' . $folder, $LANG_MSG['msgreturn']); exit; } else { echo COM_startBlock($LANG_MSG['ERROR']); echo $LANG_MSG['msgdelerr']; echo COM_endBlock("blockfooter-system.thtml"); exit; } } if ($mode == 'archive') { // Check that user has rights $source = DB_getITEM($_TABLES['messenger_msg'], "source_uid", "id='{$id}'"); if ($source = $uid || SEC_hasRights('messenger.edit')) { DB_query("UPDATE {$_TABLES['messenger_dist']} SET archive='1' WHERE msg_id='{$id}'"); messenger_statusMessage($LANG_MSG['msgarchive'], $phpself . '?folder=' . $folder, $LANG_MSG['msgreturn']); } else { messenger_statusMessage($LANG_MSG['err02'], $phpself . '?folder=' . $folder, $LANG_MSG['msgreturn']); } exit; } if ($action == 'delall') { if ($folder == 'ARCHIVE') { $delquery = DB_query("SELECT id FROM {$_TABLES['messenger_msg']} LEFT JOIN {$_TABLES['messenger_dist']} ON id = msg_id WHERE (target_uid='{$uid}' AND archive='1') "); } else { $delquery = DB_query("SELECT id FROM {$_TABLES['messenger_msg']} LEFT JOIN {$_TABLES['messenger_dist']} ON id = msg_id WHERE (target_uid='{$uid}' AND archive='0') "); } while (list($id) = DB_fetchARRAY($delquery)) {
} elseif ($notifytype == '3') { $sql .= " AND topic_id < '0'"; } else { $sql .= " AND topic_id > '0'"; } $sql .= " ORDER BY forum_id ASC, date_added DESC"; $notifications = DB_query($sql); $nrows = DB_numRows($notifications); $numpages = ceil($nrows / $show); $offset = ($page - 1) * $show; $base_url = $_CONF['site_url'] . "/forum/notify.php?filter={$notifytype}&forum={$forum}&show={$show}"; $sql .= " LIMIT {$offset}, {$show}"; $notifications = DB_query($sql); $i = 1; while (list($notify_recid, $forum_id, $topic_id, $date_added) = DB_fetchARRAY($notifications)) { $forum_name = DB_getITEM($_TABLES['gf_forums'], "forum_name", "forum_id='{$forum_id}'"); $is_forum = ''; if ($topic_id == '0') { $subject = ''; $is_forum = $LANG_GF02['msg138']; $topic_link = '<a href="' . $_CONF['site_url'] . '/forum/index.php?forum=' . $forum_id . '" title="' . $subject . '">' . $subject . '</a>'; } else { if ($topic_id < 0) { $neg_subscription = true; $topic_id = -$topic_id; } else { $neg_subscription = false; } $result = DB_query("SELECT subject,name,replies,views,uid,id FROM {$_TABLES['gf_topic']} WHERE id = '{$topic_id}'"); $A = DB_fetchArray($result); if ($A['subject'] == '') {
function modDownloadS() { global $_CONF, $_TABLES, $myts, $eh, $filemgmt_SnapStore, $filemgmt_FileStore, $_FMDOWNLOAD; if (defined('DEMO_MODE')) { redirect_header($_CONF['site_admin_url'] . "/plugins/filemgmt/index.php", 10, 'Uploads and file edits are disabled in demo mode'); exit; } $cid = $_POST["cid"]; if ($_POST["url"] || $_POST["url"] != "") { $fileurl = COM_applyFilter($_POST['url']); $url = rawurlencode($myts->makeTboxData4Save($_POST['url'])); } $silentEdit = isset($_POST['silentedit']) ? COM_applyFilter($_POST['silentedit'], true) : 0; $submitter = (int) COM_applyFilter($_POST['owner_id'], true); $currentfile = DB_getITEM($_TABLES['filemgmt_filedetail'], 'url', "lid=" . intval($_POST['lid'])); $currentfileFQN = $filemgmt_FileStore . $myts->makeTboxData4Save(rawurldecode($currentfile)); $newfile = rawurlencode($myts->makeTboxData4Save($_FILES['newfile']['name'])); if ($newfile != '') { require_once $_CONF['path_system'] . 'classes/upload.class.php'; $upload = new upload(); $upload->setFieldName('newfile'); $upload->setPath($filemgmt_FileStore); $upload->setAllowAnyMimeType(true); // allow any file type $upload->setMaxFileSize(100000000); $upload->uploadFiles(); if ($upload->areErrors()) { $errmsg = "Upload Error: " . $upload->printErrors(false); COM_errorLog($errmsg); $eh->show("1106"); } else { $url = rawurlencode($myts->makeTboxData4Save($upload->_currentFile['name'])); $size = $myts->makeTboxData4Save($upload->_currentFile['size']); $pos = strrpos($newfile, '.') + 1; $fileExtension = strtolower(substr($newfile, $pos)); if (array_key_exists($fileExtension, $_FMDOWNLOAD)) { if ($_FMDOWNLOAD[$fileExtension] == 'reject') { COM_errorLOG("AddNewFile - New Upload file is rejected by config rule:{$uploadfilename}"); $eh->show("1109"); } else { $fileExtension = $_FMDOWNLOAD[$fileExtension]; $pos = strrpos($url, '.') + 1; $url = strtolower(substr($url, 0, $pos)) . $fileExtension; $pos2 = strrpos($newfile, '.') + 1; $filename = substr($newfile, 0, $pos2) . $fileExtension; $rc = @copy($filemgmt_FileStore . $newfile, $filemgmt_FileStore . $filename); if ($rc === false) { $errmsg = "Upload Error: Unable to copy new file"; COM_errorLog($errmsg); $eh->show("1106"); } @unlink($filemgmt_FileStore . $newfile); } } DB_query("UPDATE {$_TABLES['filemgmt_filedetail']} SET url='{$url}',size=" . $size . " WHERE lid=" . intval($_POST['lid'])); if ($currentfile != $newfile) { @unlink($filemgmt_FileStore . $currentfile); } } } else { if (!empty($fileurl)) { $size = (int) COM_applyFilter($_POST['size'], true); $size = $myts->makeTboxData4Save($size); $url = DB_escapeString($fileurl); $lid = (int) COM_applyFilter($_POST['lid'], true); DB_query("UPDATE {$_TABLES['filemgmt_filedetail']} SET url='{$url}',size=" . $size . " WHERE lid=" . (int) $lid); } } $currentsnapfile = DB_getITEM($_TABLES['filemgmt_filedetail'], 'logourl', "lid=" . intval($_POST['lid'])); $currentSnapFQN = $filemgmt_SnapStore . $myts->makeTboxData4Save(rawurldecode($currentsnapfile)); $newsnapfile = rawurlencode($myts->makeTboxData4Save($_FILES['newfileshot']['name'])); if ($newsnapfile != '') { require_once $_CONF['path_system'] . 'classes/upload.class.php'; $upload = new upload(); $upload->setFieldName('newfileshot'); $upload->setPath($filemgmt_SnapStore); $upload->setAllowAnyMimeType(false); $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png')); $upload->setAutomaticResize(true); if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) { $upload->setLogFile($_CONF['path'] . 'logs/error.log'); $upload->setDebug(true); } $upload->setMaxDimensions(640, 480); $upload->setAutomaticResize(true); $upload->setMaxFileSize(100000000); $upload->uploadFiles(); if ($upload->areErrors()) { $errmsg = "Upload Error: " . $upload->printErrors(false); COM_errorLog($errmsg); $eh->show("1106"); } else { $logourl = rawurlencode($myts->makeTboxData4Save($upload->_currentFile['name'])); $lid = (int) COM_applyFilter($_POST['lid'], true); DB_query("UPDATE {$_TABLES['filemgmt_filedetail']} SET logourl='{$logourl}' WHERE lid=" . $lid); if ($currentsnapfile != $newfile) { @unlink($filemgmt_SnapStore . $currentsnapfile); } } } elseif (isset($_POST['deletesnap'])) { if (file_exists($currentSnapFQN) && !is_dir($currentSnapFQN)) { $lid = (int) COM_applyFilter($_POST['lid'], true); $err = @unlink($currentSnapFQN); DB_query("UPDATE {$_TABLES['filemgmt_filedetail']} SET logourl='' WHERE lid=" . $lid); COM_errorLOG("Delete repository snapfile:{$currentSnapFQN}."); } } $title = $myts->makeTboxData4Save($_POST['title']); $homepage = $myts->makeTboxData4Save($_POST['homepage']); $version = $myts->makeTboxData4Save($_POST['version']); $description = $myts->makeTareaData4Save($_POST['description']); $lid = (int) COM_applyFilter($_POST['lid'], true); $cid = DB_escapeString($cid); $commentoption = DB_escapeString(COM_applyFilter($_POST['commentoption'])); if ($silentEdit) { DB_query("UPDATE {$_TABLES['filemgmt_filedetail']} SET cid='{$cid}', title='{$title}', url='{$url}', homepage='{$homepage}', version='{$version}', status=1, comments='{$commentoption}', submitter={$submitter} WHERE lid=" . $lid); } else { DB_query("UPDATE {$_TABLES['filemgmt_filedetail']} SET cid='{$cid}', title='{$title}', url='{$url}', homepage='{$homepage}', version='{$version}', status=1, date=" . time() . ", comments='{$commentoption}', submitter={$submitter} WHERE lid=" . $lid); } DB_query("UPDATE {$_TABLES['filemgmt_filedesc']} SET description='{$description}' WHERE lid=" . $lid); PLG_itemSaved($lid, 'filemgmt'); CACHE_remove_instance('whatsnew'); redirect_header("{$_CONF['site_url']}/filemgmt/index.php", 2, _MD_DBUPDATED); exit; }
} $sql = "UPDATE {$_TABLES['gf_topic']} SET subject='{$subject}',comment='{$comment}',postmode='{$postmode}', "; $sql .= "mood='{$mood}', sticky='{$sticky}', locked='{$locked}' WHERE (id='{$editid}')"; DB_query($sql); /* Check for any uploaded files - during save of edit */ gf_check4files($editid); // Check and see if there are no [file] bbcode tags in content and reset the show_inline value // This is needed in case user had used the file bbcode tag and then removed it $imagerecs = ''; $imagerecs = implode(',', $forumfiles); $sql = "UPDATE {$_TABLES['gf_attachments']} SET show_inline = 0 WHERE topic_id={$editid} "; if ($imagerecs != '') { $sql .= "AND id NOT IN ({$imagerecs})"; } DB_query($sql); $topicparent = DB_getITEM($_TABLES['gf_topic'], "pid", "id='{$editid}'"); if ($topicparent == 0) { $topicparent = $editid; } //NOTIFY - Checkbox variable in form set to "on" when checked and they have not already subscribed to forum $notifyRecID = DB_getItem($_TABLES['gf_watch'], 'id', "forum_id='{$forum}' AND topic_id='{$topicparent}' AND uid='{$uid}'"); if ($notify == 'on' and $notifyRecID < 1) { DB_query("INSERT INTO {$_TABLES['gf_watch']} (forum_id,topic_id,uid,date_added) VALUES ('{$forum}','{$topicparent}','{$_USER['uid']}',now() )"); } elseif ($notify == '' and $notifyRecID > 1) { DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE id={$notifyRecID}"); } // if user has un-checked the Silent option then they want to have user alerted of the edit and update the topic timestamp if ($_POST['silentedit'] != 1) { DB_query("UPDATE {$_TABLES['gf_topic']} SET lastupdated = {$date} WHERE id={$topicparent}"); //Remove any lastviewed records in the log so that the new updated topic indicator will appear DB_query("DELETE FROM {$_TABLES['gf_log']} WHERE topic='{$topicparent}' and time > 0");
$topicResults = DB_query($sql); $totalresults = DB_numRows($topicResults); // Retrieve Forum details and Category name $sql = "SELECT forum.forum_name,category.id,category.cat_name,forum.is_readonly FROM {$_TABLES['forum_forums']} forum "; $sql .= "LEFT JOIN {$_TABLES['forum_categories']} category ON category.id=forum.forum_cat "; $sql .= "WHERE forum.forum_id = {$forum}"; $category = DB_fetchArray(DB_query($sql)); if ($totalresults < 1) { $LANG_MSG05 = $LANG_GF02['msg05']; $topiclisting->set_var('records_message', $LANG_GF02['msg05']); $topiclisting->parse('no_records_message', 'no_records_message'); } $subscribelink = ''; if (!COM_isAnonUser()) { // Check for user subscription status $sub_check = DB_getITEM($_TABLES['forum_watch'], "id", "forum_id='{$forum}' AND topic_id=0 AND uid='{$_USER['uid']}'"); if ($sub_check == '') { $subscribelink = "{$_CONF['site_url']}/forum/index.php?op=subscribe&forum={$forum}"; $topiclisting->set_var('subscribelink', $subscribelink); $topiclisting->set_var('subscribelinktext', $LANG_GF01['FORUMSUBSCRIBE']); $topiclisting->set_var('LANG_subscribe', $LANG_GF01['FORUMSUBSCRIBE']); $topiclisting->set_var('LANG_subscribe_state', $LANG_GF01['FORUMSUBSCRIBE_FALSE']); $topiclisting->parse('subscribeforum_link', 'subscribeforum_link'); } else { $subscribelink = "{$_CONF['site_url']}/forum/notify.php?filter=2"; $topiclisting->set_var('subscribelink', $subscribelink); $topiclisting->set_var('subscribelinktext', $LANG_GF01['FORUMUNSUBSCRIBE']); $topiclisting->set_var('LANG_subscribe', $LANG_GF01['FORUMUNSUBSCRIBE']); $topiclisting->set_var('LANG_subscribe_state', $LANG_GF01['FORUMSUBSCRIBE_TRUE']); $topiclisting->parse('subscribeforum_link', 'subscribeforum_link'); }
function gf_updateLastPost($forumid, $topicparent = 0) { global $_TABLES; if ($topicparent == 0) { // Get the last topic in this forum $query = DB_query("SELECT MAX(id)as maxid FROM {$_TABLES['gf_topic']} WHERE forum={$forumid}"); list($topicparent) = DB_fetchArray($query); if ($topicparent > 0) { $lastrecid = $topicparent; DB_query("UPDATE {$_TABLES['gf_forums']} SET last_post_rec={$lastrecid} WHERE forum_id={$forumid}"); } } else { $query = DB_query("SELECT MAX(id)as maxid FROM {$_TABLES['gf_topic']} WHERE pid={$topicparent}"); list($lastrecid) = DB_fetchArray($query); } if ($lastrecid == NULL and $topicparent > 0) { $topicdatecreated = DB_getITEM($_TABLES['gf_topic'], date, "id={$topicparent}"); DB_query("UPDATE {$_TABLES['gf_topic']} SET last_reply_rec={$topicparent}, lastupdated='{$topicdatecreated}' WHERE id={$topicparent}"); } elseif ($topicparent > 0) { $topicdatecreated = DB_getITEM($_TABLES['gf_topic'], date, "id={$lastrecid}"); DB_query("UPDATE {$_TABLES['gf_topic']} SET last_reply_rec={$lastrecid}, lastupdated={$topicdatecreated} WHERE id={$topicparent}"); } if ($topicparent > 0) { // Recalculate and Update the number of replies $numreplies = DB_Count($_TABLES['gf_topic'], "pid", $topicparent); DB_query("UPDATE {$_TABLES['gf_topic']} SET replies = '{$numreplies}' WHERE id={$topicparent}"); } }
function FF_saveTopic($forumData, $postData, $action) { global $_CONF, $_TABLES, $_FF_CONF, $_USER, $LANG03, $LANG_GF01, $LANG_GF02; $retval = ''; $uploadErrors = ''; $msg = ''; $errorMessages = ''; $email = ''; $forumfiles = array(); $okToSave = true; $dt = new Date('now', $_USER['tzid']); $date = $dt->toUnix(); $REMOTE_ADDR = $_SERVER['REMOTE_ADDR']; if (COM_isAnonUser()) { $uid = 1; } else { $uid = $_USER['uid']; } // verify postmode is allowed if (strtolower($postData['postmode']) == 'html') { if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) { $postData['postmode'] = 'html'; } else { $postData['postmode'] = 'text'; } } // is forum readonly? if ($forumData['is_readonly'] == 1) { // Check if this user has moderation rights now to allow a post to a locked topic if (!forum_modPermission($forumData['forum'], $uid, 'mod_edit')) { _ff_accessError(); } } if ($action == 'saveedit') { // does the forum match the forum id of the posted data? if ($forumData['forum'] != 0 && $forumData['forum'] != $postData['forum']) { _ff_accessError(); } $editid = COM_applyFilter($postData['editid'], true); $forum = COM_applyFilter($postData['forum'], true); $editAllowed = false; if (forum_modPermission($forumData['forum'], $_USER['uid'], 'mod_edit')) { $editAllowed = true; } else { if ($_FF_CONF['allowed_editwindow'] > 0) { $t1 = DB_getItem($_TABLES['ff_topic'], 'date', "id=" . (int) $postData['id']); $t2 = $_FF_CONF['allowed_editwindow']; $time = time(); if (time() - $t2 < $t1) { $editAllowed = true; } } else { $editAllowed = true; } } if ($postData['editpid'] < 1 && trim($postData['subject']) == '') { $retval .= FF_BlockMessage('', $LANG_GF02['msg18'], false); $okToSave = false; } elseif (!$editAllowed) { $link = $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . (int) $postData['$id']; $retval .= _ff_alertMessage('', $LANG_GF02['msg189'], sprintf($LANG_GF02['msg187'], $link)); $okToSave = false; } } else { if (!COM_isAnonUser() && $_FF_CONF['use_sfs']) { $email = isset($_USER['email']) ? $_USER['email'] : ''; } } if (isset($postData['name']) && $postData['name'] != '') { $name = _ff_preparefordb(@htmlspecialchars(strip_tags(trim(COM_checkWords(USER_sanitizeName($postData['name'])))), ENT_QUOTES, COM_getEncodingt()), 'text'); $name = urldecode($name); } else { $okToSave = false; $errorMessages .= $LANG_GF02['invalid_name'] . '<br />'; } // speed limit check if (!SEC_hasRights('forum.edit')) { COM_clearSpeedlimit($_FF_CONF['post_speedlimit'], 'forum'); $last = COM_checkSpeedlimit('forum'); if ($last > 0) { $errorMessages .= sprintf($LANG_GF01['SPEEDLIMIT'], $last, $_FF_CONF['post_speedlimit']) . '<br/>'; $okToSave = false; } } // standard edit checks if (strlen(trim($postData['name'])) < $_FF_CONF['min_username_length'] || strlen(trim($postData['subject'])) < $_FF_CONF['min_subject_length'] || strlen(trim($postData['comment'])) < $_FF_CONF['min_comment_length']) { $errorMessages .= $LANG_GF02['msg18'] . '<br/>'; $okToSave = false; } // CAPTCHA check if (function_exists('plugin_itemPreSave_captcha') && $okToSave == true) { if (!isset($postData['captcha'])) { $postData['captcha'] = ''; } $msg = plugin_itemPreSave_captcha('forum', $postData['captcha']); if ($msg != '') { $errorMessages .= $msg . '<br/>'; $okToSave = false; } } // spamx check if ($_FF_CONF['use_spamx_filter'] == 1 && $okToSave == true) { // Check for SPAM $spamcheck = '<h1>' . $postData['subject'] . '</h1><p>' . $postData['comment'] . '</p>'; $result = PLG_checkforSpam($spamcheck, $_CONF['spamx']); // Now check the result and redirect to index.php if spam action was taken if ($result > 0) { // then tell them to get lost ... $errorMessages .= $LANG_GF02['spam_detected']; $okToSave = false; } } if ($_FF_CONF['use_sfs'] == 1 && COM_isAnonUser() && function_exists('plugin_itemPreSave_spamx')) { $spamCheckData = array('username' => $postData['name'], 'email' => $email, 'ip' => $REMOTE_ADDR); $msg = plugin_itemPreSave_spamx('forum', $spamCheckData); if ($msg) { $errorMessages .= $msg; $okToSave = false; } } if ($okToSave == false) { $retval .= _ff_alertMessage($errorMessages, $LANG_GF01['ERROR'], ' '); return array(false, $retval); } if ($okToSave == true) { if (!isset($postData['postmode_switch'])) { $postData['postmode_switch'] = 0; } $postmode = _ff_chkpostmode($postData['postmode'], $postData['postmode_switch']); // validate postmode if ($postmode == 'html' || $postmode == 'HTML') { if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) { $postmode = 'html'; } else { $postmode = 'text'; } } $subject = _ff_preparefordb(strip_tags($postData['subject']), 'text'); $comment = _ff_preparefordb($postData['comment'], $postmode); $mood = isset($postData['mood']) ? COM_applyFilter($postData['mood']) : ''; $id = COM_applyFilter($postData['id'], true); $forum = COM_applyFilter($postData['forum'], true); $notify = isset($postData['notify']) ? COM_applyFilter($postData['notify']) : ''; $status = 0; if (isset($postData['disable_bbcode']) && $postData['disable_bbcode'] == 1) { $status += DISABLE_BBCODE; } if (isset($postData['disable_smilies']) && $postData['disable_smilies'] == 1) { $status += DISABLE_SMILIES; } if (isset($postData['disable_urlparse']) && $postData['disable_urlparse'] == 1) { $status += DISABLE_URLPARSE; } // If user has moderator edit rights only $locked = 0; $sticky = 0; if (isset($postData['modedit']) && $postData['modedit'] == 1) { if (isset($postData['locked_switch']) && $postData['locked_switch'] == 1) { $locked = 1; } if (isset($postData['sticky_switch']) && $postData['sticky_switch'] == 1) { $sticky = 1; } } if ($action == 'savetopic') { $fields = "forum,name,email,date,lastupdated,subject,comment,postmode,ip,mood,uid,pid,sticky,locked,status"; $sql = "INSERT INTO {$_TABLES['ff_topic']} ({$fields}) "; $sql .= "VALUES (" . (int) $forum . "," . "'" . DB_escapeString($name) . "'," . "'" . DB_escapeString($email) . "'," . "'" . DB_escapeString($date) . "'," . "'" . DB_escapeString($date) . "'," . "'" . $subject . "'," . "'" . $comment . "'," . "'" . DB_escapeString($postmode) . "'," . "'" . DB_escapeString($REMOTE_ADDR) . "'," . "'" . DB_escapeString($mood) . "'," . (int) $uid . "," . "0," . (int) $sticky . "," . (int) $locked . "," . (int) $status . ")"; DB_query($sql); // Find the id of the last inserted topic list($lastid) = DB_fetchArray(DB_query("SELECT max(id) FROM {$_TABLES['ff_topic']} ")); $savedPostID = $lastid; $topicPID = $lastid; /* Check for any uploaded files - during add of new topic */ $uploadErrors = _ff_check4files($lastid); // Check and see if there are no [file] bbcode tags in content and reset the show_inline value // This is needed in case user had used the file bbcode tag and then removed it $imagerecs = ''; $imagerecs = implode(',', $forumfiles); $sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $lastid . " "; if ($imagerecs != '') { $sql .= "AND id NOT IN ({$imagerecs})"; } DB_query($sql); // Update forums record DB_query("UPDATE {$_TABLES['ff_forums']} SET post_count=post_count+1, topic_count=topic_count+1, last_post_rec=" . (int) $lastid . " WHERE forum_id=" . (int) $forum); if (DB_Count($_TABLES['ff_attachments'], 'topic_id', (int) $lastid)) { DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=1 WHERE id=" . (int) $lastid); } DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topicPID . " and time > 0"); } else { if ($action == 'savereply') { $fields = "name,email,date,subject,comment,postmode,ip,mood,uid,pid,forum,status"; $sql = "INSERT INTO {$_TABLES['ff_topic']} ({$fields}) "; $sql .= "VALUES (" . "'" . DB_escapeString($name) . "'," . "'" . DB_escapeString($email) . "'," . "'" . DB_escapeString($date) . "'," . "'{$subject}'," . "'{$comment}'," . "'" . DB_escapeString($postmode) . "'," . "'" . DB_escapeString($REMOTE_ADDR) . "'," . "'" . DB_escapeString($mood) . "'," . (int) $uid . "," . (int) $id . "," . (int) $forum . "," . (int) $status . ")"; DB_query($sql); // Find the id of the last inserted topic list($lastid) = DB_fetchArray(DB_query("SELECT max(id) FROM {$_TABLES['ff_topic']} ")); $savedPostID = $lastid; $topicPID = $id; /* Check for any uploaded files - during adding reply post */ $uploadErrors = _ff_check4files($lastid); // Check and see if there are no [file] bbcode tags in content and reset the show_inline value // This is needed in case user had used the file bbcode tag and then removed it $imagerecs = ''; $imagerecs = implode(',', $forumfiles); $sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $lastid; if ($imagerecs != '') { $sql .= " AND id NOT IN ({$imagerecs})"; } DB_query($sql); DB_query("UPDATE {$_TABLES['ff_topic']} SET replies=replies+1, lastupdated='" . DB_escapeString($date) . "',last_reply_rec=" . (int) $lastid . " WHERE id=" . (int) $id); DB_query("UPDATE {$_TABLES['ff_forums']} SET post_count=post_count+1, last_post_rec=" . (int) $lastid . " WHERE forum_id=" . (int) $forum); if (DB_Count($_TABLES['ff_attachments'], 'topic_id', (int) $lastid)) { DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=1 WHERE id=" . (int) $id); } DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topicPID . " and time > 0"); } elseif ($action == 'saveedit') { $sql = "UPDATE {$_TABLES['ff_topic']} SET " . "subject='{$subject}'," . "comment='{$comment}'," . "postmode='" . DB_escapeString($postmode) . "'," . "mood='" . DB_escapeString($mood) . "'," . "sticky=" . (int) $sticky . "," . "locked=" . (int) $locked . "," . "status=" . (int) $status . " " . "WHERE (id=" . (int) $editid . ")"; DB_query($sql); /* Check for any uploaded files - during save of edit */ $uploadErrors = _ff_check4files($editid); // Check and see if there are no [file] bbcode tags in content and reset the show_inline value // This is needed in case user had used the file bbcode tag and then removed it $imagerecs = ''; $imagerecs = implode(',', $forumfiles); $sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $editid . " "; if ($imagerecs != '') { $sql .= "AND id NOT IN ({$imagerecs})"; } DB_query($sql); $topicPID = DB_getITEM($_TABLES['ff_topic'], "pid", "id=" . (int) $editid); if ($topicPID == 0) { $topicPID = $editid; } $savedPostID = $editid; if ($postData['silentedit'] != 1) { DB_query("UPDATE {$_TABLES['ff_topic']} SET lastupdated='" . DB_escapeString($date) . "' WHERE id=" . (int) $topicPID); //Remove any lastviewed records in the log so that the new updated topic indicator will appear DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topicPID . " and time > 0"); } if (DB_Count($_TABLES['ff_attachments'], 'topic_id', (int) $editid)) { DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=1 WHERE id=" . (int) $topicPID); } $topicparent = $topicPID; } } COM_updateSpeedLimit('forum'); PLG_itemSaved($savedPostID, 'forum'); CACHE_remove_instance('forumcb'); if (!COM_isAnonUser()) { //NOTIFY - Checkbox variable in form set to "on" when checked and they don't already have subscribed to forum or topic $nid = -$topicPID; $currentForumNotifyRecID = (int) DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category='" . DB_escapeString($forum) . "' AND id=0 AND uid=" . (int) $uid); $currentTopicNotifyRecID = (int) DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category='" . DB_escapeString($forum) . "' AND id='" . DB_escapeString($topicPID) . "' AND uid=" . (int) $uid); $currentTopicUnNotifyRecID = (int) DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category='" . DB_escapeString($forum) . "' AND id='" . DB_escapeString($nid) . "' AND uid=" . (int) $uid); $forum_name = DB_getItem($_TABLES['ff_forums'], 'forum_name', 'forum_id=' . (int) $forum); $topic_name = $subject; if ($notify == 'on' and ($currentForumNotifyRecID < 1 and $currentTopicNotifyRecID < 1)) { $sql = "INSERT INTO {$_TABLES['subscriptions']} (type,category,category_desc,id,id_desc,uid,date_added) "; $sql .= "VALUES ('forum','" . DB_escapeString($forum) . "','" . DB_escapeString($forum_name) . "','" . DB_escapeString($topicPID) . "','" . $subject . "'," . (int) $uid . ",now() )"; DB_query($sql); } elseif ($notify == 'on' and $currentTopicUnNotifyRecID > 1) { // Had un-subcribed to topic and now wants to subscribe DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE sub_id=" . (int) $currentTopicUnNotifyRecID); } elseif ($notify == '' and $currentTopicNotifyRecID > 1) { // Subscribed to topic - but does not want to be notified anymore DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $uid . " AND category='" . DB_escapeString($forum) . "' and id = '" . DB_escapeString($topicPID) . "'"); } elseif ($notify == '' and $currentForumNotifyRecID > 1) { // Subscribed to forum - but does not want to be notified about this topic DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $uid . " AND category='" . DB_escapeString($forum) . "' and id = '" . DB_escapeString($topicPID) . "'"); DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $uid . " AND category='" . DB_escapeString($forum) . "' and id = '" . DB_escapeString($nid) . "'"); DB_query("INSERT INTO {$_TABLES['subscriptions']} (type,category,category_desc,id,id_desc,uid,date_added) VALUES ('forum','" . DB_escapeString($forum) . "','" . DB_escapeString($forum_name) . "','" . DB_escapeString($nid) . "','" . $subject . "'," . (int) $uid . ",now() )"); } } if ($action != 'saveedit') { _ff_chknotifications($forum, $savedPostID, $uid); } $link = $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $topicPID . '&topic=' . $savedPostID . '#' . $savedPostID; if ($uploadErrors != '') { $autorefresh = false; } else { $autorefresh = true; } $retval .= FF_statusMessage($uploadErrors . $LANG_GF02['msg19'], $link, $LANG_GF02['msg19'], false, '', $autorefresh); } else { $retval .= _ff_alertMessage($LANG_GF02['msg18']); } return array(true, $retval); }
} else { DB_query("UPDATE {$_TABLES['ff_forums']} SET last_post_rec = 0 WHERE forum_id={$id}"); } // Update the forum definition record to know the number of topics $postCount = DB_Count($_TABLES['ff_topic'], 'forum', $id); // Update the forum definition record to know the number of posts if ($postCount == NULL || $postCount == '') { $postCount = 0; } DB_query("UPDATE {$_TABLES['ff_forums']} SET post_count = '{$postCount}' WHERE forum_id={$id}"); $topicsQuery = DB_query("SELECT id FROM {$_TABLES['ff_topic']} WHERE forum={$id} and pid=0"); while ($trecord = DB_fetchArray($topicsQuery)) { // Retrieve the oldest post records for this topic and update the lastupdated time in the parent topic record $lsql = DB_query("SELECT MAX(id)as maxid FROM {$_TABLES['ff_topic']} WHERE pid={$trecord['id']}"); $lastrec = DB_fetchArray($lsql); if ($lastrec['maxid'] != NULL) { $postCount = DB_count($_TABLES['ff_topic'], 'forum', $id); $latest = DB_getITEM($_TABLES['ff_topic'], 'date', "id={$lastrec['maxid']}"); DB_query("UPDATE {$_TABLES['ff_topic']} SET lastupdated = '{$latest}' where id='{$trecord['id']}'"); } else { $latest = DB_getITEM($_TABLES['ff_topic'], 'date', "id={$trecord['id']}"); DB_query("UPDATE {$_TABLES['ff_topic']} SET lastupdated = '{$latest}' WHERE id='{$trecord['id']}'"); } // Recalculate and Update the number of replies $numreplies = DB_Count($_TABLES['ff_topic'], "pid", $trecord['id']); DB_query("UPDATE {$_TABLES['ff_topic']} SET replies = '{$numreplies}' WHERE id='{$trecord['id']}'"); } } $display .= COM_endBlock(); $display .= FF_siteFooter(); echo $display;
function migrateComments($forum, $sid, $parent) { global $verbose, $_TABLES, $_CONF, $migratedcomments; $sql = DB_query("SELECT sid,date,uid,title,comment from {$_TABLES['comments']} WHERE sid = '" . $sid . "' ORDER BY date ASC"); $num_comments = DB_numROWS($sql); if ($verbose) { echo "Found {$num_comments} Comments to migrate for this topic"; } $i = 0; while (list($sid, $commentdate, $uid, $subject, $comment) = DB_fetchARRAY($sql)) { $sqlid = DB_query("SELECT id from {$_TABLES['gf_topic']} ORDER BY id desc LIMIT 1"); list($lastid) = DB_fetchARRAY($sqlid); $comment = prepareStringForDB($comment); $subject = prepareStringForDB($subject); $postmode = "HTML"; $name = DB_getITEM($_TABLES['users'], 'username', "uid={$uid}"); $email = DB_getITEM($_TABLES['users'], 'email', "uid={$uid}"); $website = DB_getITEM($_TABLES['users'], 'homepage', "uid={$uid}"); $datetime = explode(" ", $commentdate); $date = explode("-", $datetime[0]); $time = explode(":", $datetime[1]); $year = $date[0] > 1969 ? $date[0] : "2001"; $month = $date[1]; $day = $date[2]; $hour = $time[0]; $min = $time[1]; $timestamp = mktime($hour, $min, 0, $month, $day, $year); $lastupdated = $timestamp; $migratedcomments++; DB_query("INSERT INTO {$_TABLES['gf_topic']} (forum,name,date,lastupdated, email, website, subject, comment, postmode, ip, mood, uid, pid, sticky, locked)\r\n VALUES ('{$forum}','{$name}','{$timestamp}','{$lastupdated}','{$email}','{$website}','{$subject}','{$comment}','{$postmode}','','','{$uid}','{$parent}','0','0')"); $i++; } DB_query("UPDATE {$_TABLES['gf_topic']} SET replies = {$num_comments} WHERE id={$parent}"); return $num_comments; }
$chk_move = "checked=\"checked\""; } else { $chk_move = ""; } if ($M['mod_stick'] == "1") { $chk_stick = "checked=\"checked\""; } else { $chk_stick = ""; } $moderators->set_var('id', $M['mod_id']); if (isset($_POST['filtermode']) && $_POST['filtermode'] == 'group') { $moderators->set_var('name', DB_getItem($_TABLES['groups'], 'grp_name', "grp_id='{$M['mod_groupid']}'")); } else { $moderators->set_var('name', $M['mod_username']); } $moderators->set_var('forum', DB_getITEM($_TABLES['ff_forums'], "forum_name", "forum_id={$M['mod_forum']}")); $moderators->set_var('delete_yes', $chk_delete); $moderators->set_var('ban_yes', $chk_ban); $moderators->set_var('edit_yes', $chk_edit); $moderators->set_var('move_yes', $chk_move); $moderators->set_var('stick_yes', $chk_stick); $moderators->set_var('cssid', $i % 2 + 1); $moderators->parse('moderator_records', 'mod_record', true); $i++; } $moderators->parse('output', 'moderators'); $display .= $moderators->finish($moderators->get_var('output')); } } $display .= COM_endBlock(); $display .= FF_adminfooter();