Example #1
0
function post_create($fid, $tid, $reply_pid, $fuid, $tuid, $content, $hide_ipaddress = false)
{
    if (!($db = db::get())) {
        return -1;
    }
    $post_content = $db->escape($content);
    $ipaddress = $hide_ipaddress == false ? get_ip_address() : '';
    if (!is_numeric($tid)) {
        return -1;
    }
    if (!is_numeric($reply_pid)) {
        return -1;
    }
    if (!is_numeric($fuid)) {
        return -1;
    }
    if (!is_numeric($tuid)) {
        return -1;
    }
    $current_datetime = date(MYSQL_DATETIME, time());
    if (!($table_prefix = get_table_prefix())) {
        return -1;
    }
    // Check that the post needs approval. If the user is a moderator their posts are self-approved.
    if (perm_check_folder_permissions($fid, USER_PERM_POST_APPROVAL, $fuid) && !perm_is_moderator($fuid, $fid)) {
        $sql = "INSERT INTO `{$table_prefix}POST` (TID, REPLY_TO_PID, FROM_UID, ";
        $sql .= "TO_UID, CREATED, APPROVED, IPADDRESS) VALUES ({$tid}, {$reply_pid}, {$fuid}, ";
        $sql .= "{$tuid}, CAST('{$current_datetime}' AS DATETIME), NULL, '{$ipaddress}')";
    } else {
        $sql = "INSERT INTO `{$table_prefix}POST` (TID, REPLY_TO_PID, FROM_UID, ";
        $sql .= "TO_UID, CREATED, APPROVED, APPROVED_BY, IPADDRESS) VALUES ({$tid}, {$reply_pid}, ";
        $sql .= "{$fuid}, {$tuid}, CAST('{$current_datetime}' AS DATETIME), ";
        $sql .= "CAST('{$current_datetime}' AS DATETIME), {$fuid}, '{$ipaddress}')";
    }
    if (!$db->query($sql)) {
        return -1;
    }
    $new_pid = $db->insert_id;
    $sql = "INSERT INTO `{$table_prefix}POST_CONTENT` (TID, PID, CONTENT) ";
    $sql .= "VALUES ('{$tid}', '{$new_pid}', '{$post_content}')";
    if (!$db->query($sql)) {
        return -1;
    }
    $sql = "INSERT INTO `{$table_prefix}POST_SEARCH_ID` (TID, PID) ";
    $sql .= "VALUES('{$tid}', '{$new_pid}')";
    if (!$db->query($sql)) {
        return -1;
    }
    post_update_thread_length($tid, $new_pid);
    user_increment_post_count($fuid);
    if (perm_check_folder_permissions($fid, USER_PERM_POST_APPROVAL, $fuid) && !perm_is_moderator($fuid, $fid)) {
        admin_send_post_approval_notification($fid);
    }
    return $new_pid;
}
Example #2
0
function links_add($uri, $title, $description, $fid, $uid, $visible = true)
{
    if (!is_numeric($fid)) {
        return false;
    }
    if (!is_numeric($uid)) {
        return false;
    }
    if (!($db = db::get())) {
        return false;
    }
    $uri = $db->escape($uri);
    $title = $db->escape($title);
    $description = $db->escape($description);
    $visible = $visible ? "Y" : "N";
    $current_datetime = date(MYSQL_DATETIME, time());
    if (!($table_prefix = get_table_prefix())) {
        return false;
    }
    if (forum_get_setting('require_link_approval', 'Y') && !perm_is_links_moderator($uid)) {
        $sql = "INSERT INTO `{$table_prefix}LINKS` (URI, TITLE, DESCRIPTION, FID, ";
        $sql .= "UID, VISIBLE, CREATED, APPROVED) VALUES ('{$uri}', '{$title}', '{$description}', ";
        $sql .= "'{$fid}', '{$uid}', '{$visible}', CAST('{$current_datetime}' AS DATETIME), NULL)";
    } else {
        $sql = "INSERT INTO `{$table_prefix}LINKS` (URI, TITLE, DESCRIPTION, FID, ";
        $sql .= "UID, VISIBLE, CREATED, APPROVED, APPROVED_BY) VALUES ('{$uri}', '{$title}', ";
        $sql .= "'{$description}', '{$fid}', '{$uid}', '{$visible}', CAST('{$current_datetime}' AS DATETIME), ";
        $sql .= "CAST('{$current_datetime}' AS DATETIME), '{$uid}')";
    }
    if (!$db->query($sql)) {
        return false;
    }
    if (forum_get_setting('require_link_approval', 'Y') && !perm_is_links_moderator($uid)) {
        admin_send_post_approval_notification($fid);
    }
    return true;
}
Example #3
0
             light_html_draw_error(gettext("This thread is closed, you cannot post in it!"));
         }
     }
     if (isset($tid) && is_numeric($tid)) {
         if ($allow_sig == true && strlen(trim($sig)) > 0) {
             $content .= "<div class=\"sig\">{$sig}</div>";
         }
         if (($new_pid = post_create($fid, $tid, $reply_to_pid, $_SESSION['UID'], $to_logon_array, $content)) !== false) {
             if ($high_interest == "Y") {
                 thread_set_high_interest($tid);
             }
             email_send_notification($tid, $new_pid);
             email_send_thread_subscription($tid, $new_pid);
             email_send_folder_subscription($fid, $tid);
             if (perm_check_folder_permissions($fid, USER_PERM_POST_APPROVAL, $_SESSION['UID']) && !perm_is_moderator($_SESSION['UID'], $fid)) {
                 admin_send_post_approval_notification($fid);
             }
             if (sizeof($attachments) > 0 && ($attachments_array = attachments_get($_SESSION['UID'], $attachments)) !== false) {
                 foreach ($attachments_array as $attachment) {
                     post_add_attachment($tid, $new_pid, $attachment['aid']);
                 }
             }
         }
     }
 }
 if ($new_thread && isset($tid) && is_numeric($tid)) {
     $uri = "lmessages.php?webtag={$webtag}&msg={$tid}.1";
 } else {
     if (isset($return_msg)) {
         $uri = "lmessages.php?webtag={$webtag}&msg={$return_msg}";
     } else {