function store_message($name, $email, $info, $message, $groupid, $referrer) { global $state_left, $current_locale, $kind_for_agent, $kind_user; $remoteHost = get_remote_host(); $userbrowser = $_SERVER['HTTP_USER_AGENT']; $visitor = visitor_from_request(); $link = connect(); $thread = create_thread($groupid, $name, $remoteHost, $referrer, $current_locale, $visitor['id'], $userbrowser, $state_left, $link); if ($referrer) { post_message_($thread['threadid'], $kind_for_agent, getstring2('chat.came.from', array($referrer)), $link); } if ($email) { post_message_($thread['threadid'], $kind_for_agent, getstring2('chat.visitor.email', array($email)), $link); } if ($info) { post_message_($thread['threadid'], $kind_for_agent, getstring2('chat.visitor.info', array($info)), $link); } post_message_($thread['threadid'], $kind_user, $message, $link, $name); mysql_close($link); }
} header('Location: blog.php'); break; case 'takenewblog': $Title = db_string($_POST['title']); $Body = db_string($_POST['body']); $ThreadID = $_POST['thread']; if($ThreadID && is_number($ThreadID)) { $DB->query("SELECT ForumID FROM forums_topics WHERE ID=".$ThreadID); if($DB->record_count() < 1) { error_message("No such thread exists!"); header('Location: blog.php'); } } else { $ThreadID = create_thread(ANNOUNCEMENT_FORUM_ID, $LoggedUser[ID], $Title, $Body); if($ThreadID < 1) { error(0); } save_message("Thread ".$ThreadID." created"); } $DB->query("INSERT INTO blog (UserID, Title, Body, Time, ThreadID) VALUES ('$LoggedUser[ID]', '".db_string($_POST['title'])."', '".db_string($_POST['body'])."', '".sqltime()."', ".$ThreadID.")"); $Cache->delete_value('blog'); header('Location: blog.php'); break; } } ?>
$content = post_str("content", true); $preview = post_str("preview", true); $warning = null; if ($content && $title && !$preview) { if (post_str('add_signature', true) == "add_it") { $add_signature = true; // set a flag and concatenate later } else { $add_signature = false; } check_tokens($logged_in_user->authenticator); if (!akismet_check($logged_in_user, $content)) { $warning = tra("Your message was flagged as spam by the Akismet anti-spam system. Please modify your text and try again."); $preview = tra("Preview"); } else { $thread = create_thread($title, $content, $logged_in_user, $forum, $add_signature, $export); header('Location: forum_thread.php?id=' . $thread->id); } } page_head(tra("Create new thread"), '', '', '', $bbcode_js); show_forum_header($logged_in_user); if ($warning) { echo "<span class=error>{$warning}</span><p>"; } switch ($forum->parent_type) { case 0: $category = BoincCategory::lookup_id($forum->category); show_forum_title($category, $forum, null); break; case 1: show_team_forum_title($forum);
setup_logo(); if (!empty($survey_captcha_failed)) { $errors[] = getlocal('errors.captcha'); } setup_survey($visitor['name'], $email, $groupid, $info, $referrer, can_show_captcha()); expand("styles", getchatstyle(), "survey.tpl"); exit; } $remoteHost = get_remote_host(); $userbrowser = $_SERVER['HTTP_USER_AGENT']; $link = connect(); if (!check_connections_from_remote($remoteHost, $link)) { mysql_close($link); die("number of connections from your IP is exceeded, try again later"); } $thread = create_thread($groupid, $visitor['name'], $remoteHost, $referrer, $current_locale, $visitor['id'], $userbrowser, $state_loading, $link); $_SESSION['threadid'] = $thread['threadid']; // Store own thread ids to restrict access for other people if (!isset($_SESSION['own_threads'])) { $_SESSION['own_threads'] = array(); } $_SESSION['own_threads'][] = $thread['threadid']; if ($referrer) { post_message_($thread['threadid'], $kind_for_agent, getstring2('chat.came.from', array($referrer), true), $link); } post_message_($thread['threadid'], $kind_info, getstring('chat.wait', true), $link); if ($email) { post_message_($thread['threadid'], $kind_for_agent, getstring2('chat.visitor.email', array($email), true), $link); } if ($info) { post_message_($thread['threadid'], $kind_for_agent, getstring2('chat.visitor.info', array($info), true), $link);
include_once '../../../includes/user.php'; include_once '../../../includes/topic.php'; include_once '../../../includes/thread.php'; include_once '../../../includes/post.php'; include_once '../../../includes/parsedown.php'; include_once '../../../includes/htmlpurifier/HTMLPurifier.auto.php'; session_start(); if (isset($_SESSION['user'])) { if (isset($_POST['create-thread'])) { if (isset($_GET['id'])) { $thread = get_thread_by_id(create_thread($_POST['title'], get_topic_by_id($_GET['id']))); $parsedown = new Parsedown(); $htmlpurifierconfig = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($htmlpurifierconfig); create_post($thread, $_SESSION['user'], $purifier->purify($parsedown->text($_POST['text']))); header("HTTP/1.1 303 See Other"); header("Location: /forum/thread/?id=" . $thread->get_id()); } else { $thread = get_thread_by_id(create_thread($_POST['title'])); $htmlpurifierconfig = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($htmlpurifierconfig); create_post($thread, $_SESSION['user'], $purifier->purify($parsedown->text($_POST['text']))); header("HTTP/1.1 303 See Other"); header("Location: /forum/thread/?id=" . $thread->get_id()); } } else { header("HTTP/1.1 400 Bad Request"); } } else { header("HTTP/1.1 400 Bad Request"); }
print "Invalid forum ID.<br><a href='index.php'>Return to the main page</a>"; } else { $forumid = intval($forumid); // just to be safe $forumquery = dbquery("SELECT * FROM forums WHERE id = {$forumid}"); if (mysql_num_rows($forumquery) == 0) { print "No forum with this ID exists.<br><a href='index.php'>Return to the main page</a>"; } else { $foruminfo = dbrow($forumquery); if ($s[user][powerlevel] < $foruminfo[thread_power] || !can_view_forum($foruminfo)) { print "You're not allowed to create threads in this forum.<br><a href='index.php'>Return to the main page</a>"; } else { // if it returns a non-blank string, it's an error // if it returns a thread id (check with is_numeric) the thread has been created successfully // if it returns nothing, just show the form $result = create_thread(); if (is_numeric($result)) { header("Location: index.php?showthread={$result}"); } else { if ($result != '') { print '<b>The following errors occurred while creating your thread:<br>' . $result . '</b><br>Your post data has been saved.<hr>'; } if (isset($_POST['preview'])) { print "<b>Preview:</b>"; $posttext = getpost($_POST['text'], true, true, false); display_post($s[user], 'Posted', time(), $cmds, $posttext); print "<br>"; } ?> <b>Create a thread in <?php echo $foruminfo[name];
$tr = $db->get_thread($vars['thread_id']); $db->delete_thread($vars['thread_id']); $t->assign('msg', "Thread deleted"); $t->assign('link', 'newsletter_threads.php'); $t->display("admin/newsletter_thread_saved.html"); } //////////////////// main //////////////////////////////////////// $vars = get_input_vars(); if ($vars['thread_id']) { $t->assign('thread_id', $vars['thread_id']); } switch ($vars['action']) { case 'new': display_form(); break; case 'create': create_thread($vars); break; case 'edit': display_edit_form(); break; case 'update': update_thread($vars); break; case 'delete': delete_thread(); break; default: display_threads_list(); break; }