/** * Display Attachments in Posts */ function display_post_attachments($post_id, $switch_attachment) { global $attach_config, $is_auth; if (intval($switch_attachment) == 0 || intval($attach_config['disable_mod'])) { return; } if ($is_auth['auth_download'] && $is_auth['auth_view']) { display_attachments($post_id); } }
function cms_block_forum_attach() { global $db, $cache, $config, $template, $images, $lang, $bbcode, $block_id, $cms_config_vars; if (!class_exists('class_topics')) { include IP_ROOT_PATH . 'includes/class_topics.' . PHP_EXT; } $class_topics = new class_topics(); @(include_once IP_ROOT_PATH . ATTACH_MOD_PATH . 'displaying.' . PHP_EXT); $template->_tpldata['articles_fp.'] = array(); $index_file = !empty($_SERVER['SCRIPT_NAME']) ? $_SERVER['SCRIPT_NAME'] : getenv('SCRIPT_NAME'); $index_file = htmlspecialchars(urldecode($index_file)); $template->set_filenames(array('forum_attach_block' => 'blocks/forum_attach_block.tpl')); $template->assign_vars(array('L_COMMENTS' => $lang['Comments'], 'L_VIEW_COMMENTS' => $lang['View_comments'], 'L_POST_COMMENT' => $lang['Post_your_comment'], 'L_POSTED' => $lang['Posted'], 'L_ANNOUNCEMENT' => $lang['Post_Announcement'], 'L_REPLIES' => $lang['Replies'], 'L_REPLY_NEWS' => $lang['News_Reply'], 'L_PRINT_NEWS' => $lang['News_Print'], 'L_EMAIL_NEWS' => $lang['News_Email'], 'MINIPOST_IMG' => $images['icon_minipost'], 'NEWS_REPLY_IMG' => $images['news_reply'], 'NEWS_PRINT_IMG' => $images['news_print'], 'NEWS_EMAIL_IMG' => $images['news_email'], 'IMG_CLOCK' => $images['news_clock'])); // $only_auth_view must have the opposite value of $cms_config_vars['md_ignore_auth_view'][$block_id] // Suggested by JHL - To Be Verified! //$only_auth_view = (!empty($cms_config_vars['md_ignore_auth_view'][$block_id]) ? true : false); $only_auth_view = !empty($cms_config_vars['md_ignore_auth_view'][$block_id]) || $cms_config_vars['md_ignore_auth_view'][$block_id] == true ? false : true; if ($cms_config_vars['md_single_post_retrieve'][$block_id]) { $single_post_id = request_var('post_id', 0); if ($cms_config_vars['md_single_post_auto_id'][$block_id]) { $single_post_id = !empty($single_post_id) ? $single_post_id : $cms_config_vars['md_single_post_id'][$block_id]; } else { $single_post_id = $cms_config_vars['md_single_post_id'][$block_id]; } // Mighty Gorgon: edited by JHL, I still need to check the impacts of this amendment //$fetchposts = $class_topics->fetch_posts($single_post_id, 1, $cms_config_vars['md_single_post_length'][$block_id], false, false, true, $only_auth_view); $fetchposts = $class_topics->fetch_posts($single_post_id, 1, $cms_config_vars['md_single_post_length'][$block_id], false, 0, true, $only_auth_view); } else { $fetchposts = $class_topics->fetch_posts($cms_config_vars['md_posts_forum_id'][$block_id], $cms_config_vars['md_num_posts'][$block_id], $cms_config_vars['md_posts_length'][$block_id], $cms_config_vars['md_posts_show_portal'][$block_id], $cms_config_vars['md_posts_random'][$block_id], false, $only_auth_view); } for ($i = 0; $i < sizeof($fetchposts); $i++) { init_display_post_attachments($fetchposts[$i]['topic_attachment'], $fetchposts[$i], true, $block_id); $open_bracket = ''; $close_bracket = ''; $read_full = ''; if ($fetchposts[$i]['striped'] == 1) { $open_bracket = '[ '; $close_bracket = ' ]'; $read_full = $lang['Read_Full']; } // Convert and clean special chars! $topic_title = htmlspecialchars_clean($fetchposts[$i]['topic_title']); $template->assign_block_vars('articles_fp', array('TOPIC_ID' => $fetchposts[$i]['topic_id'], 'FORUM_ID' => $fetchposts[$i]['forum_id'], 'TITLE' => $topic_title, 'POSTER' => $fetchposts[$i]['username'], 'POSTER_CG' => colorize_username($fetchposts[$i]['user_id'], $fetchposts[$i]['username'], $fetchposts[$i]['user_color'], $fetchposts[$i]['user_active']), 'TIME' => $fetchposts[$i]['topic_time'], 'TEXT' => $fetchposts[$i]['post_text'], 'REPLIES' => $fetchposts[$i]['topic_replies'], 'U_VIEW_COMMENTS' => append_sid(CMS_PAGE_VIEWTOPIC . '?' . POST_FORUM_URL . '=' . $fetchposts[$i]['forum_id'] . '&' . POST_TOPIC_URL . '=' . $fetchposts[$i]['topic_id'] . '&' . POST_POST_URL . '=' . $fetchposts[$i]['post_id'] . '#p' . $fetchposts[$i]['post_id'], true), 'U_POST_COMMENT' => append_sid('posting.' . PHP_EXT . '?mode=reply&' . POST_FORUM_URL . '=' . $fetchposts[$i]['forum_id'] . '&' . POST_TOPIC_URL . '=' . $fetchposts[$i]['topic_id']), 'U_PRINT_TOPIC' => append_sid('printview.' . PHP_EXT . '?' . POST_FORUM_URL . '=' . $fetchposts[$i]['forum_id'] . '&' . POST_TOPIC_URL . '=' . $fetchposts[$i]['topic_id'] . '&start=0'), 'U_EMAIL_TOPIC' => append_sid('tellafriend.' . PHP_EXT . '?topic_title=' . urlencode(ip_utf8_decode($fetchposts[$i]['topic_title'])) . '&topic_id=' . $fetchposts[$i]['topic_id']), 'U_READ_FULL' => append_sid($index_file . '?article=' . $i), 'L_READ_FULL' => $read_full, 'OPEN' => $open_bracket, 'CLOSE' => $close_bracket)); display_attachments($fetchposts[$i]['post_id'], 'articles_fp'); } }
/** * prepares a list of articles. * * @param integer (optional) the article id to the article to be displayed. * * @return void * * @access private */ function prepareArticles($articles, $show_abstract = false, $show_attachments = true) { global $lang, $config, $images, $is_auth, $theme, $user, $block_id, $cms_config_var; if (isset($cms_config_var['md_news_length'])) { $news_trim = $cms_config_var['md_news_length']; } else { $news_trim = $this->config['news_item_trim']; } if (is_array($articles)) { if ($config['display_tags_box']) { @(include_once IP_ROOT_PATH . 'includes/class_topics_tags.' . PHP_EXT); $class_topics_tags = new class_topics_tags(); } foreach ($articles as $article) { $trimmed = false; // Trim the post body if needed. if ($show_abstract && $news_trim > 0) { $article['post_abstract'] = $this->trimText($article['post_text'], $news_trim, $trimmed); $article['post_abstract'] = $this->parseMessage($article['post_abstract'] . ' ... ', $article['enable_bbcode'], $article['enable_html'], $article['enable_smilies'], $article['enable_autolinks_acronyms']); } $article['post_text'] = $this->parseMessage($article['post_text'], $article['enable_bbcode'], $article['enable_html'], $article['enable_smilies'], $article['enable_autolinks_acronyms']); if ($show_attachments == true) { init_display_post_attachments($article['topic_attachment'], $article, false, $block_id); } $sql = ''; $dateformat = $user->data['user_id'] == ANONYMOUS ? $config['default_dateformat'] : $user->data['user_dateformat']; $timezone = $user->data['user_id'] == ANONYMOUS ? $config['board_timezone'] : $user->data['user_timezone']; $this->setVariables(array('L_REPLIES' => $lang['Replies'], 'L_REPLY_NEWS' => $lang['News_Reply'], 'L_PRINT_NEWS' => $lang['News_Print'], 'L_EMAIL_NEWS' => $lang['News_Email'], 'MINIPOST_IMG' => $images['icon_minipost'], 'NEWS_REPLY_IMG' => $images['news_reply'], 'NEWS_PRINT_IMG' => $images['news_print'], 'NEWS_EMAIL_IMG' => $images['news_email'])); //$index_file = CMS_PAGE_HOME; $index_file = !empty($_SERVER['SCRIPT_NAME']) ? $_SERVER['SCRIPT_NAME'] : getenv('SCRIPT_NAME'); //$page_query = $_SERVER['QUERY_STRING']; //$page_query = (!empty($_SERVER['QUERY_STRING'])) ? explode('&', $_SERVER['QUERY_STRING']) : explode('&', getenv('QUERY_STRING')); if ($this->config['news_base_url'] != '') { $index_file = $this->config['news_base_url'] . $index_file; } $index_file = htmlspecialchars(urldecode($index_file)); $portal_page_id = request_var('page', 0); $portal_page_id = !empty($portal_page_id) ? 'page=' . $portal_page_id . '&' : ''; $ubid_link = request_var('ubid', 0); $ubid_link = !empty($ubid_link) ? 'ubid=' . $ubid_link . '&' : ''; $format = 'r'; $gmepoch = $article['post_time']; $tz = $timezone; $news_dst_sec = get_dst($gmepoch, $tz); $news_date = @gmdate($format, $gmepoch + 3600 * $tz + $news_dst_sec); $topic_tags_links = ''; $topic_tags_display = false; if ($config['display_tags_box']) { $topic_id = $article['topic_id']; $topic_tags_links = $class_topics_tags->build_tags_list(array($topic_id)); $topic_tags_display = !empty($topic_tags_links) ? true : false; } // Convert and clean special chars! $topic_title = htmlspecialchars_clean($article['topic_title']); $this->setBlockVariables('articles', array('L_TITLE' => $topic_title, 'ID' => $article['topic_id'], 'KEY' => !empty($article['article_key']) ? $article['article_key'] : '', 'DAY' => $this->getDay($article['topic_time']), 'MONTH' => $this->getMonth($article['topic_time']), 'YEAR' => $this->getYear($article['topic_time']), 'CATEGORY' => $article['news_category'], 'CAT_ID' => $article['news_id'], 'COUNT_VIEWS' => $article['topic_views'], 'CAT_IMG' => $article['news_image'] ? $this->root_path . $config['news_path'] . '/' . $article['news_image'] : '', 'POST_DATE' => create_date_ip($dateformat, $article['post_time'], $timezone, true), 'RFC_POST_DATE' => $news_date, 'L_POSTER' => colorize_username($article['user_id'], $article['username'], $article['user_color'], $article['user_active']), 'L_COMMENTS' => $article['topic_replies'], 'S_TOPIC_TAGS' => $topic_tags_display, 'TOPIC_TAGS' => $topic_tags_links, 'U_COMMENTS' => append_sid(CMS_PAGE_VIEWTOPIC . '?' . POST_FORUM_URL . '=' . $article['forum_id'] . '&' . POST_TOPIC_URL . '=' . $article['topic_id']), 'U_COMMENT' => append_sid(CMS_PAGE_VIEWTOPIC . '?' . POST_FORUM_URL . '=' . $article['forum_id'] . '&' . POST_TOPIC_URL . '=' . $article['topic_id']), 'U_VIEWS' => append_sid('topic_view_users.' . PHP_EXT . '?' . POST_TOPIC_URL . '=' . $article['topic_id']), 'U_POST_COMMENT' => append_sid('posting.' . PHP_EXT . '?mode=reply&' . POST_FORUM_URL . '=' . $article['forum_id'] . '&' . POST_TOPIC_URL . '=' . $article['topic_id']), 'U_PRINT_TOPIC' => append_sid('printview.' . PHP_EXT . '?' . POST_FORUM_URL . '=' . $article['forum_id'] . '&' . POST_TOPIC_URL . '=' . $article['topic_id'] . '&start=0'), 'U_EMAIL_TOPIC' => append_sid('tellafriend.' . PHP_EXT . '?topic_title=' . urlencode(ip_utf8_decode($article['topic_title'])) . '&topic_id=' . $article['topic_id']), 'L_TITLE_HTML' => urlencode(ip_utf8_decode($article['topic_title'])), 'COUNT_COMMENTS' => $article['topic_replies'], 'BODY' => $show_abstract && $trimmed ? $article['post_abstract'] : $article['post_text'], 'READ_MORE_LINK' => $show_abstract && $trimmed ? '<a href="' . $index_file . '?' . $portal_page_id . $ubid_link . 'topic_id=' . $article['topic_id'] . '">' . $lang['Read_More'] . '</a>' : '')); if ($show_attachments) { display_attachments($article['post_id'], 'articles'); } $post_id = $article['post_id']; } } if (sizeof($articles) == 0) { $this->setBlockVariables('no_articles', array('L_NO_NEWS' => $lang['No_articles'])); } }
function cms_block_kb() { global $db, $cache, $config, $template, $theme, $images, $table_prefix, $user, $lang, $block_id, $cms_config_vars; global $ip_cms; if (!class_exists('class_topics')) { include IP_ROOT_PATH . 'includes/class_topics.' . PHP_EXT; } $class_topics = new class_topics(); @(include_once IP_ROOT_PATH . ATTACH_MOD_PATH . 'displaying.' . PHP_EXT); $template->_tpldata['kb_list.'] = array(); $template->_tpldata['kb_article.'] = array(); $template->_tpldata['cat_row.'] = array(); $template->_tpldata['menu_row.'] = array(); $template->set_filenames(array('kb_block' => 'blocks/kb_block.tpl')); $template->assign_vars(array('L_COMMENTS' => $lang['Comments'], 'L_VIEW_COMMENTS' => $lang['View_comments'], 'L_POST_COMMENT' => $lang['Post_your_comment'], 'L_POSTED' => $lang['Posted'], 'L_ANNOUNCEMENT' => $lang['Post_Announcement'], 'L_REPLIES' => $lang['Replies'], 'L_REPLY_ARTICLE' => $lang['Article_Reply'], 'L_PRINT_ARTICLE' => $lang['Article_Print'], 'L_EMAIL_ARTICLE' => $lang['Article_Email'], 'L_TOPIC' => $lang['Topic'], 'L_ARTICLES' => $lang['Articles'], 'L_TIME' => $lang['Articles_time'], 'L_OPTIONS' => $lang['Articles_options'], 'MINIPOST_IMG' => $images['icon_minipost'], 'ARTICLE_COMMENTS_IMG' => $images['vf_topic_nor'], 'ARTICLE_REPLY_IMG' => $images['news_reply'], 'ARTICLE_PRINT_IMG' => $images['news_print'], 'ARTICLE_EMAIL_IMG' => $images['news_email'])); if (isset($_GET['kb']) && $_GET['kb'] == 'article') { $template->assign_block_vars('kb_article', array()); $forum_id = request_var(POST_FORUM_URL, 0); // Mighty Gorgon: edited by JHL, I still need to check the impacts on the auth system //$fetchposts = $class_topics->fetch_posts($forum_id, 0, 0, false, false, false, false); $fetchposts = $class_topics->fetch_posts($forum_id, 0, 0); $id = isset($_GET[POST_TOPIC_URL]) ? intval($_GET[POST_TOPIC_URL]) : intval($_POST[POST_TOPIC_URL]); $i = 0; while ($fetchposts[$i]['topic_id'] != $id) { $i++; } init_display_post_attachments($fetchposts[$i]['topic_attachment'], $fetchposts[$i], true, $block_id); $template->assign_vars(array('TOPIC_ID' => $fetchposts[$i]['topic_id'], 'KB_TITLE' => $fetchposts[$i]['topic_title'], 'TOPIC_DESC' => $fetchposts[$i]['topic_desc'], 'POSTER' => $fetchposts[$i]['username'], 'POSTER_CG' => colorize_username($fetchposts[$i]['user_id'], $fetchposts[$i]['username'], $fetchposts[$i]['user_color'], $fetchposts[$i]['user_active']), 'TIME' => $fetchposts[$i]['topic_time'], 'TEXT' => $fetchposts[$i]['post_text'], 'REPLIES' => $fetchposts[$i]['topic_replies'], 'U_VIEW_COMMENTS' => append_sid(CMS_PAGE_VIEWTOPIC . '?' . POST_FORUM_URL . '=' . $forum_id . '&' . POST_TOPIC_URL . '=' . $fetchposts[$i]['topic_id'], true), 'U_POST_COMMENT' => append_sid('posting.' . PHP_EXT . '?mode=reply&' . POST_FORUM_URL . '=' . $forum_id . '&' . POST_TOPIC_URL . '=' . $fetchposts[$i]['topic_id']), 'U_PRINT_TOPIC' => append_sid('printview.' . PHP_EXT . '?' . POST_FORUM_URL . '=' . $forum_id . '&' . POST_TOPIC_URL . '=' . $fetchposts[$i]['topic_id'] . '&start=0'), 'U_EMAIL_TOPIC' => append_sid('tellafriend.' . PHP_EXT . '?topic_title=' . urlencode(ip_utf8_decode($fetchposts[$i]['topic_title'])) . '&topic_id=' . $fetchposts[$i]['topic_id']))); display_attachments($fetchposts[$i]['post_id'], 'articles_fp'); } else { if (isset($_GET['kb']) && $_GET['kb'] == 'category') { $template->assign_block_vars('kb_list', array()); $forum_id = request_var(POST_FORUM_URL, 0); // Mighty Gorgon: edited by JHL, I still need to check the impacts on the auth system //$fetchposts = $class_topics->fetch_posts($forum_id, 0, 0, false, false, false, false); $fetchposts = $class_topics->fetch_posts($forum_id, 0, 0); for ($i = 0; $i < sizeof($fetchposts); $i++) { init_display_post_attachments($fetchposts[$i]['topic_attachment'], $fetchposts[$i], true, $block_id); $template->assign_block_vars('kb_list.kb_articles', array('TOPIC_ID' => $fetchposts[$i]['topic_id'], 'TOPIC_TITLE' => $fetchposts[$i]['topic_title'], 'TOPIC_DESC' => $fetchposts[$i]['topic_desc'], 'POSTER' => $fetchposts[$i]['username'], 'POSTER_CG' => colorize_username($fetchposts[$i]['user_id'], $fetchposts[$i]['username'], $fetchposts[$i]['user_color'], $fetchposts[$i]['user_active']), 'TIME' => $fetchposts[$i]['topic_time'], 'REPLIES' => $fetchposts[$i]['topic_replies'], 'U_VIEW_ARTICLE' => append_sid($_SERVER['SCRIPT_NAME'] . '?kb=article&f=' . $forum_id . '&' . POST_TOPIC_URL . '=' . $fetchposts[$i]['topic_id'], true), 'U_VIEW_COMMENTS' => append_sid(CMS_PAGE_VIEWTOPIC . '?' . POST_FORUM_URL . '=' . $forum_id . '&' . POST_TOPIC_URL . '=' . $fetchposts[$i]['topic_id'], true), 'U_POST_COMMENT' => append_sid('posting.' . PHP_EXT . '?mode=reply&' . POST_FORUM_URL . '=' . $forum_id . '&' . POST_TOPIC_URL . '=' . $fetchposts[$i]['topic_id']), 'U_PRINT_TOPIC' => append_sid('printview.' . PHP_EXT . '?' . POST_FORUM_URL . '=' . $forum_id . '&' . POST_TOPIC_URL . '=' . $fetchposts[$i]['topic_id'] . '&start=0'), 'U_EMAIL_TOPIC' => append_sid('tellafriend.' . PHP_EXT . '?topic_title=' . urlencode(ip_utf8_decode($fetchposts[$i]['topic_title'])) . '&topic_id=' . $fetchposts[$i]['topic_id']))); display_attachments($fetchposts[$i]['post_id'], 'articles_fp'); } $template->assign_vars(array('KB_TITLE' => $lang['Kb_name'])); } else { $template->assign_block_vars('cat_row', array()); $sql = "SELECT * FROM " . CMS_NAV_MENU_TABLE . "\n\t\t\t\t\t\t\tWHERE menu_id = '" . intval($cms_config_vars['kb_cat_id'][$block_id]) . "'\n\t\t\t\t\t\t\tLIMIT 1"; $result = $db->sql_query($sql, 0, 'cms_menu_', CMS_CACHE_FOLDER); //$row = $db->sql_fetchrow($result); while ($row = $db->sql_fetchrow($result)) { break; } $db->sql_freeresult($result); if ($row['menu_name_lang'] != '' && isset($lang[$row['menu_name_lang']])) { $main_menu_name = $lang[$row['menu_name_lang']]; } else { $main_menu_name = $row['menu_name'] != '' ? $row['menu_name'] : $lang['quick_links']; } $sql = "SELECT * FROM " . CMS_NAV_MENU_TABLE . "\n\t\t\t\t\t\t\tWHERE menu_parent_id = '" . intval($cms_config_vars['kb_cat_id'][$block_id]) . "'\n\t\t\t\t\t\t\tORDER BY cat_parent_id ASC, menu_order ASC"; $result = $db->sql_query($sql, 0, 'cms_menu_', CMS_CACHE_FOLDER); $menu_cat = array(); $cat_item = array(); $menu_item = array(); $auth_levels = $ip_cms->cms_auth_view(); while ($menu_item = $db->sql_fetchrow($result)) { if ($menu_item['cat_id'] > 0) { $cat_item[$menu_item['cat_id']] = $menu_item; } if ($menu_item['cat_parent_id'] > 0) { $menu_cat[$menu_item['cat_parent_id']][$menu_item['menu_item_id']] = $menu_item; } } $db->sql_freeresult($result); foreach ($cat_item as $cat_item_data) { if ($cat_item_data['menu_status'] == false) { $cat_allowed = false; } else { $auth_level_req = $cat_item_data['auth_view']; $cat_allowed = in_array($auth_level_req, $auth_levels) ? true : false; } if (!empty($cat_allowed)) { //echo($cat_item_data['menu_name'] . '<br />'); $cat_id = $cat_item_data['cat_id']; if ($cat_item_data['menu_name_lang'] != '' && isset($lang[$cat_item_data['menu_name_lang']])) { $cat_name = $lang[$cat_item_data['menu_name_lang']]; } else { $cat_name = $cat_item_data['menu_name'] != '' ? stripslashes($cat_item_data['menu_name']) : 'cat_item' . $cat_item_data['cat_id']; } $cat_icon = $cat_item_data['menu_icon'] != '' ? '<img src="' . $cat_item_data['menu_icon'] . '" alt="" title="' . $cat_name . '" style="vertical-align:middle;" /> ' : '<img src="' . $images['nav_menu_sep'] . '" alt="" title="" style="vertical-align:middle;" /> '; //$cat_icon = (($cat_item_data['menu_icon'] != '') ? '<img src="' . $cat_item_data['menu_icon'] . '" alt="" title="' . $cat_name . '" style="vertical-align:middle;" /> ' : ' '); if ($cat_item_data['menu_link'] != '') { $cat_link = append_sid($cat_item_data['menu_link']); if ($cat_item_data['menu_link_external'] == true) { $cat_link .= '" target="_blank'; } } $template->assign_block_vars('cat_row', array('CAT_ID' => $cat_item_data['cat_id'], 'CAT_ITEM' => $cat_name, 'CAT_ICON' => $cat_icon)); foreach ($menu_cat[$cat_id] as $menu_cat_item_data) { if ($menu_cat_item_data['menu_status'] == false) { $menu_allowed = false; } else { $auth_level_req = $menu_cat_item_data['auth_view']; $menu_allowed = in_array($auth_level_req, $auth_levels) ? true : false; } if (!empty($menu_allowed)) { //echo($menu_cat_item_data['menu_name'] . '<br />'); if ($menu_cat_item_data['menu_name_lang'] != '' && isset($lang[$menu_cat_item_data['menu_name_lang']])) { $menu_name = $lang[$menu_cat_item_data['menu_name_lang']]; } else { $menu_name = $menu_cat_item_data['menu_name'] != '' ? stripslashes($menu_cat_item_data['menu_name']) : 'cat_item' . $menu_cat_item_data['cat_id']; } if ($menu_cat_item_data['menu_link_external'] == true) { $menu_link .= '" target="_blank'; $menu_link = $menu_cat_item_data['menu_link']; } else { $menu_link = append_sid($menu_cat_item_data['menu_link']); } $menu_icon = $menu_cat_item_data['menu_icon'] != '' ? '<img src="' . $menu_cat_item_data['menu_icon'] . '" alt="" title="' . $menu_name . '" style="vertical-align:middle;" />' : '<img src="' . $images['nav_menu_sep'] . '" alt="" title="" style="vertical-align:middle;" />'; $menu_desc = $menu_cat_item_data['menu_desc']; $template->assign_block_vars('cat_row.menu_row', array('MENU_ITEM' => $menu_name, 'MENU_LINK' => $menu_link, 'MENU_ICON' => $menu_icon, 'MENU_DESC' => $menu_desc)); } } } } $template->assign_vars(array('KB_TITLE' => $lang['Kb_name'])); } } }
function display_review_attachments($post_id, $switch_attachment, $is_auth) { global $attach_config, $attachments; if (intval($switch_attachment) == 0 || intval($attach_config['disable_mod']) || !($is_auth['auth_download'] && $is_auth['auth_view']) || intval($attach_config['attachment_topic_review']) == 0) { return; } @reset($attachments); $attachments['_' . $post_id] = get_attachments_from_post($post_id); if (count($attachments['_' . $post_id]) == 0) { return; } display_attachments($post_id); }
/** * Inline Attachment processing */ function parse_inline_attachments(&$text, &$attachments, &$update_count, $forum_id = 0, $preview = false) { global $config, $user; $attachments = display_attachments($forum_id, NULL, $attachments, $update_count, false, true); $tpl_size = sizeof($attachments); $unset_tpl = array(); preg_match_all('#<!\\-\\- ia([0-9]+) \\-\\->(.*?)<!\\-\\- ia\\1 \\-\\->#', $text, $matches, PREG_PATTERN_ORDER); $replace = array(); foreach ($matches[0] as $num => $capture) { // Flip index if we are displaying the reverse way $index = $config['display_order'] ? $tpl_size - ($matches[1][$num] + 1) : $matches[1][$num]; $replace['from'][] = $matches[0][$num]; $replace['to'][] = isset($attachments[$index]) ? $attachments[$index] : sprintf($user->lang['MISSING_INLINE_ATTACHMENT'], $matches[2][array_search($index, $matches[1])]); $unset_tpl[] = $index; } if (isset($replace['from'])) { $text = str_replace($replace['from'], $replace['to'], $text); } return array_unique($unset_tpl); }
function parse_inline_attachments(&$text, $attachments, &$update_count, $forum_id = 0, $preview = false) { global $config, $_CLASS; $unset_array = array(); $tpl_size = count($attachments); preg_match_all('#<!\\-\\- ia([0-9]+) \\-\\->(.*?)<!\\-\\- ia\\1 \\-\\->#', $text, $matches, PREG_PATTERN_ORDER); //print_r($matches); if (count($matches[1])) { $matches[1] = array_unique($matches[1]); foreach ($matches[1] as $key => $index) { // Flip index if we are displaying the reverse way // whats this display_order all about ? $index = $config['display_order'] ? $tpl_size - ($index + 1) : $index; if (isset($attachments[$index])) { $inline_attachments[$key] = display_attachments($forum_id, array($attachments[$index]), $update_count, $preview, true); $unset_array[] = $index; } else { $inline_attachments[$key] = false; } } $replace = array(); foreach ($matches[1] as $key => $index) { $replace['from'][] = $matches[0][$key]; $replace['to'][] = $inline_attachments[$key] ? $inline_attachments[$key][0] : sprintf($_CLASS['core_user']->lang['MISSING_INLINE_ATTACHMENT'], $matches[2][array_search($index, $matches[1])]); } if (isset($replace['from'])) { $text = str_replace($replace['from'], $replace['to'], $text); } } return $unset_array; }
switch ($_GET['cmd']) { case 'set_email_view_log': set_email_view_log(); break; case 'get_email_view_log': get_email_view_log(); break; case 'view_error_file': view_error_file(); break; case 'display_attachments': display_attachments(); break; case 'delete_attachment': delete_attachment(); break; case 'rename_attachment': rename_attachment(); break; case 'fetch_file_info': fetch_file_info(); break; case 'rename_document': rename_document(); break; case 'view_attached_file': view_attached_file();
$template->assign_block_vars('postrow.user_details', $msn); } if (!empty($yim)) { $template->assign_block_vars('postrow.user_details', $yim); } if (!empty($skype)) { $template->assign_block_vars('postrow.user_details', $skype); } if (!empty($gal)) { $template->assign_block_vars('postrow.user_details', $gal); } } # Display Attachments in Posts # if (defined('BBAttach_mod') && $postrow[$i]['post_attachment']) { if (!intval($attach_config['disable_mod']) && $is_auth['auth_download'] && $postrow[$i]['post_attachment']) { display_attachments($postrow[$i]['post_id']); } } # Quick Reply Mod if ((!$is_auth['auth_reply'] || $board_config['ropm_quick_reply'] == '0' || $forum_topic_data['forum_status'] == FORUM_LOCKED || $forum_topic_data['topic_status'] == TOPIC_LOCKED) && $userdata['user_level'] != ADMIN) { $template->assign_vars(array('QUICK_REPLY_FORM' => '')); } else { if ($can_watch_topic && $is_watching_topic) { $notify = 1; } else { $notify = $userdata['user_notify']; } $last_poster = $postrow[$total_posts - 1]['username']; $last_msg = $postrow[$total_posts - 1]['post_text']; $last_msg = "[quote=\"{$last_poster}\"]" . $last_msg . '[/quote]'; $last_msg = str_replace("'", "'", $last_msg);
$Form->radio('comment_status', $edited_Comment->status, $sharing_options, T_('Visibility'), true); } // Display renderers $comment_renderer_checkboxes = $edited_Comment->renderer_checkboxes(NULL, false); if (!empty($comment_renderer_checkboxes)) { $Form->info(T_('Text Renderers'), $comment_renderer_checkboxes); } // Display comment attachments $LinkOwner = new LinkComment($edited_Comment); if ($LinkOwner->count_links()) { // there are attachments to display $Form->switch_template_parts(array('fieldset_begin' => '<tr><td class="left" valign="top"><strong>$fieldset_title$:</strong></td><td class="row2 left">')); $Form->begin_fieldset(T_('Attachments')); if ($current_User->check_perm('files', 'view')) { // User has permission to view files display_attachments($LinkOwner); } else { echo T_('You do not have permission to edit file attachments for this comment'); } $Form->end_fieldset(); $Form->switch_template_parts($disp_params['edit_form_params']); } $Form->begin_fieldset(); $Form->submit(array('actionArray[update]', T_('Save changes'), 'SaveButton submit')); $Form->end_fieldset(); $Form->end_form(); ?> <script type="text/javascript"> function switch_edit_view() { var form = document.getElementById('comment_edit');
} // // Again this will be handled by the templating // code at some point // $row_color = !($i % 2) ? $theme['td_color1'] : $theme['td_color2']; $row_class = !($i % 2) ? $theme['td_class1'] : $theme['td_class2']; $s_post_download = '<a href="' . append_sid("viewtopic.{$phpEx}?download=" . $postrow[$i]['post_id'] . "&" . POST_TOPIC_URL . "={$topic_id}") . '">' . $lang['Download_post'] . '</a>'; $s_post_download_img = isset($images['icon_download']) ? '<a href="' . append_sid("viewtopic.{$phpEx}?download=" . $postrow[$i]['post_id'] . "&" . POST_TOPIC_URL . "={$topic_id}") . '"><img src="' . $images['icon_download'] . '" alt="' . $lang['Download_post'] . '" title="' . $lang['Download_post'] . '"></a>' : ''; $num_attachments = count($attachments['_' . $postrow[$i]['post_id']]); if ($num_attachments > 0) { $s_has_attachment = TRUE; } $template->assign_block_vars('postrow', array('POST_ID' => $postrow[$i]['post_id'], 'AUTHOR_PANEL' => $postrow[$i]['user_my_ignore'] ? $ignore_panel : $author_panel, 'BUTTONS_PANEL' => $buttons_panel, 'IGNORE_IMG' => $ignore_buttons, 'ROW_COLOR' => '#' . $row_color, 'ROW_CLASS' => $row_class, 'POSTER_NAME' => $poster, 'POST_NUMBER' => $i + $start + 1, 'POST_DATE' => $post_date, 'POST_SUBJECT' => $post_subject, 'MESSAGE' => $message, 'SIGNATURE' => $user_sig, 'EDITED_MESSAGE' => $l_edited_by, 'MINI_POST_IMG' => $mini_post_img, 'S_DOWNLOAD_POST' => $s_post_download, 'S_DOWNLOAD_POST_IMG' => $s_post_download_img, 'EDIT_IMG' => $edit_img, 'EDIT' => $edit, 'QUOTE_IMG' => $quote_img, 'QUOTE' => $quote, 'IP_IMG' => $ip_img, 'IP' => $ip, 'DELETE_IMG' => $delpost_img, 'DELETE' => $delpost, 'USER_WARNINGS' => $user_warnings, 'CARD_IMG' => $card_img, 'CARD_HIDDEN_FIELDS' => $card_hidden, 'CARD_EXTRA_SPACE' => $r_card_img || $y_card_img || $g_card_img || $b_card_img ? ' ' : '', 'L_MINI_POST_ALT' => $mini_post_alt, 'U_MINI_POST' => $mini_post_url, 'U_G_CARD' => $g_card_img, 'U_Y_CARD' => $y_card_img, 'U_R_CARD' => $r_card_img, 'U_B_CARD' => $b_card_img, 'S_CARD' => append_sid("card." . $phpEx), 'U_POST_ID' => $postrow[$i]['post_id'], 'S_HAS_ATTACHMENT' => $s_has_attachment)); if ($s_has_attachment) { display_attachments($postrow[$i]['post_id'], $num_attachments); } $cm_viewtopic->post_vars($postrow[$i], $userdata, $forum_id); //-- mod : profile cp ------------------------------------------------------------------------------ //-- add if ($postrow[$i]['user_my_ignore']) { $template->assign_block_vars('postrow.switch_buddy_ignore', array()); } else { $template->assign_block_vars('postrow.switch_no_buddy_ignore', array()); } //-- fin mod : profile cp -------------------------------------------------------------------------- } //-- mod : profile cp ------------------------------------------------------------------------------ //-- add $template->assign_vars(array('L_IGNORE_CHOOSEN' => $lang['Ignore_choosed'])); //-- fin mod : profile cp --------------------------------------------------------------------------
function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) { global $_CLASS, $_CORE_CONFIG, $site_file_root, $config; $_CLASS['core_user']->add_lang('viewtopic'); $msg_id = (int) $msg_id; $folder_id = (int) $folder_id; $author_id = (int) $message_row['author_id']; // Not able to view message, it was deleted by the sender if ($message_row['deleted']) { trigger_error('NO_AUTH_READ_REMOVED_MESSAGE'); } // Grab icons $icons = array(); obtain_icons($icons); // Instantiate BBCode if need be if ($message_row['bbcode_bitfield']) { require $site_file_root . 'includes/forums/bbcode.php'; $bbcode = new bbcode($message_row['bbcode_bitfield']); } // Assign TO/BCC Addresses to template write_pm_addresses(array('to' => $message_row['to_address'], 'bcc' => $message_row['bcc_address']), $author_id); $user_info = get_user_informations($author_id, $message_row); // Parse the message and subject $message = $message_row['message_text']; // If the board has HTML off but the message has HTML on then we process it, else leave it alone if ($message_row['enable_html'] && (!$config['auth_html_pm'] || !$_CLASS['auth']->acl_get('u_pm_html'))) { $message = preg_replace('#(<!\\-\\- h \\-\\-><)([\\/]?.*?)(><!\\-\\- h \\-\\->)#is', "<\\2>", $message); } // Second parse bbcode here if ($message_row['bbcode_bitfield']) { $bbcode->bbcode_second_pass($message, $message_row['bbcode_uid'], $message_row['bbcode_bitfield']); } // Always process smilies after parsing bbcodes $message = smiley_text($message); // Replace naughty words such as farty pants $message_row['message_subject'] = censor_text($message_row['message_subject']); $message = str_replace("\n", '<br />', censor_text($message)); // Editing information if ($message_row['message_edit_count'] && $config['display_last_edited']) { $l_edit_time_total = $message_row['message_edit_count'] == 1 ? $_CLASS['core_user']->lang['EDITED_TIME_TOTAL'] : $_CLASS['core_user']->lang['EDITED_TIMES_TOTAL']; $l_edited_by = '<br /><br />' . sprintf($l_edit_time_total, !$message_row['message_edit_user'] ? $message_row['username'] : $message_row['message_edit_user'], $_CLASS['core_user']->format_date($message_row['message_edit_time']), $message_row['message_edit_count']); } else { $l_edited_by = ''; } // Pull attachment data $display_notice = false; $attachments = array(); if ($message_row['message_attachment'] && $config['allow_pm_attach']) { if ($config['auth_download_pm'] && $_CLASS['auth']->acl_get('u_pm_download')) { $sql = 'SELECT * FROM ' . FORUMS_ATTACHMENTS_TABLE . "\n\t\t\t\tWHERE post_msg_id = {$msg_id}\n\t\t\t\t\tAND in_message = 1\n\t\t\t\tORDER BY filetime " . (!$config['display_order'] ? 'DESC' : 'ASC') . ', post_msg_id ASC'; $result = $_CLASS['core_db']->query($sql); while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) { $attachments[] = $row; } $_CLASS['core_db']->free_result($result); // No attachments exist, but message table thinks they do so go ahead and reset attach flags if (empty($attachments)) { $sql = 'UPDATE ' . FORUMS_PRIVMSGS_TABLE . " \n\t\t\t\t\tSET message_attachment = 0 \n\t\t\t\t\tWHERE msg_id = {$msg_id}"; $_CLASS['core_db']->query($sql); } } else { $display_notice = true; } } $_CLASS['core_template']->assign('S_HAS_ATTACHMENTS', false); if (!empty($attachments)) { require_once SITE_FILE_ROOT . 'includes/forums/functions_display.php'; $null = array(); $unset_attachments = parse_inline_attachments($message, $attachments, $update_count, 0); // Needed to let not display the inlined attachments at the end of the post again foreach ($unset_attachments as $index) { unset($attachments[$index]); } unset($unset_attachments); if (!empty($attachments)) { $_CLASS['core_template']->assign('S_HAS_ATTACHMENTS', true); $_CLASS['core_template']->assign('attachment', display_attachments(0, $attachments, $update_count, true)); } unset($attachment_data, $null); } if (!mb_strpos($_CLASS['core_user']->data['session_url'], '&t=' . $msg_id) && !empty($update_count)) { // Update the attachment download counts $sql = 'UPDATE ' . FORUMS_ATTACHMENTS_TABLE . ' SET download_count = download_count + 1 WHERE attach_id IN (' . implode(', ', array_unique($update_count)) . ')'; $_CLASS['core_db']->query($sql); } $signature = $message_row['enable_sig'] && $config['allow_sig'] && $_CLASS['auth']->acl_get('u_sig') && $_CLASS['core_user']->optionget('viewsigs') ? $user_info['user_sig'] : ''; // End signature parsing, only if needed if ($signature) { if ($user_info['user_sig_bbcode_bitfield']) { if (!isset($bbcode) || !$bbcode) { require $site_file_root . 'includes/forums/bbcode.php'; $bbcode = new bbcode($user_info['user_sig_bbcode_bitfield']); } $bbcode->bbcode_second_pass($signature, $user_info['user_sig_bbcode_uid'], $user_info['user_sig_bbcode_bitfield']); } $signature = smiley_text($signature); $signature = str_replace("\n", '<br />', censor_text($signature)); } $url = 'Control_Panel&i=' . $id; $_CLASS['core_template']->assign_array(array('AUTHOR_NAME' => $user_info['user_colour'] ? '<span style="color:#' . $user_info['user_colour'] . '">' . $user_info['username'] . '</span>' : $user_info['username'], 'AUTHOR_RANK' => $user_info['rank_title'], 'RANK_IMAGE' => $user_info['rank_image'], 'AUTHOR_AVATAR' => isset($user_info['avatar']) ? $user_info['avatar'] : '', 'AUTHOR_JOINED' => $_CLASS['core_user']->format_date($user_info['user_reg_date']), 'AUTHOR_POSTS' => !empty($user_info['user_posts']) ? $user_info['user_posts'] : '', 'AUTHOR_FROM' => !empty($user_info['user_from']) ? $user_info['user_from'] : '', 'ONLINE_IMG' => !$config['load_onlinetrack'] ? '' : (isset($user_info['online']) && $user_info['online'] ? $_CLASS['core_user']->img('btn_online', $_CLASS['core_user']->lang['ONLINE']) : $_CLASS['core_user']->img('btn_offline', $_CLASS['core_user']->lang['OFFLINE'])), 'DELETE_IMG' => $_CLASS['core_user']->img('btn_delete', $_CLASS['core_user']->lang['DELETE_MESSAGE']), 'INFO_IMG' => $_CLASS['core_user']->img('btn_info', $_CLASS['core_user']->lang['VIEW_PM_INFO']), 'REPORT_IMG' => $_CLASS['core_user']->img('btn_report', $_CLASS['core_user']->lang['REPORT_PM']), 'REPORTED_IMG' => $_CLASS['core_user']->img('icon_reported', $_CLASS['core_user']->lang['MESSAGE_REPORTED_MESSAGE']), 'PROFILE_IMG' => $_CLASS['core_user']->img('btn_profile', $_CLASS['core_user']->lang['READ_PROFILE']), 'EMAIL_IMG' => $_CLASS['core_user']->img('btn_email', $_CLASS['core_user']->lang['SEND_EMAIL']), 'QUOTE_IMG' => $_CLASS['core_user']->img('btn_quote', $_CLASS['core_user']->lang['POST_QUOTE_PM']), 'REPLY_IMG' => $_CLASS['core_user']->img('btn_reply_pm', $_CLASS['core_user']->lang['POST_REPLY_PM']), 'EDIT_IMG' => $_CLASS['core_user']->img('btn_edit', $_CLASS['core_user']->lang['POST_EDIT_PM']), 'MINI_POST_IMG' => $_CLASS['core_user']->img('icon_post', $_CLASS['core_user']->lang['PM']), 'SENT_DATE' => $_CLASS['core_user']->format_date($message_row['message_time']), 'SUBJECT' => $message_row['message_subject'], 'MESSAGE' => $message, 'SIGNATURE' => $message_row['enable_sig'] ? $signature : '', 'EDITED_MESSAGE' => $l_edited_by, 'U_MCP_REPORT' => generate_link('Forums&file=mcp&mode=pm_details&p=' . $message_row['msg_id']), 'U_REPORT' => $config['auth_report_pm'] && $_CLASS['auth']->acl_get('u_pm_report') ? generate_link('Forums&file=report&pm=' . $message_row['msg_id']) : '', 'U_INFO' => $_CLASS['auth']->acl_get('m_') && ($message_row['message_reported'] || $message_row['forwarded']) ? generate_link('Forums&file=mcp&mode=pm_details&p=' . $message_row['msg_id']) : '', 'U_DELETE' => $_CLASS['auth']->acl_get('u_pm_delete') ? generate_link("{$url}&mode=compose&action=delete&f={$folder_id}&p=" . $message_row['msg_id']) : '', 'U_AUTHOR_PROFILE' => generate_link('Members_List&mode=viewprofile&u=' . $author_id), 'U_EMAIL' => $user_info['email'], 'U_QUOTE' => $_CLASS['auth']->acl_get('u_sendpm') && $author_id != $_CLASS['core_user']->data['user_id'] ? generate_link("{$url}&mode=compose&action=quote&f={$folder_id}&p=" . $message_row['msg_id']) : '', 'U_EDIT' => ($message_row['message_time'] > time() - $config['pm_edit_time'] || !$config['pm_edit_time']) && $folder_id == PRIVMSGS_OUTBOX && $_CLASS['auth']->acl_get('u_pm_edit') ? generate_link("{$url}&mode=compose&action=edit&f={$folder_id}&p=" . $message_row['msg_id']) : '', 'U_POST_REPLY_PM' => $author_id != $_CLASS['core_user']->data['user_id'] && $_CLASS['auth']->acl_get('u_sendpm') ? generate_link("{$url}&mode=compose&action=reply&f={$folder_id}&p=" . $message_row['msg_id']) : '', 'U_PREVIOUS_PM' => generate_link("{$url}&f={$folder_id}&p=" . $message_row['msg_id'] . "&view=previous"), 'U_NEXT_PM' => generate_link("{$url}&f={$folder_id}&p=" . $message_row['msg_id'] . "&view=next"), 'S_MESSAGE_REPORTED' => $message_row['message_reported'] && $_CLASS['auth']->acl_get('m_') ? true : false, 'S_DISPLAY_NOTICE' => $display_notice && $message_row['message_attachment'], 'U_PRINT_PM' => generate_link("{$url}&f={$folder_id}&p=" . $message_row['msg_id'] . "&view=print"), 'U_EMAIL_PM' => $_CORE_CONFIG['email']['email_enable'] ? 'Email' : '', 'U_FORWARD_PM' => generate_link("{$url}&mode=compose&action=forward&f={$folder_id}&p=" . $message_row['msg_id']))); if (!isset($_REQUEST['view']) || $_REQUEST['view'] != 'print') { // Message History if (message_history($msg_id, $_CLASS['core_user']->data['user_id'], $message_row, $folder)) { $_CLASS['core_template']->assign('S_DISPLAY_HISTORY', true); } } }
function compose_pm($id, $mode, $action) { global $_CLASS, $site_file_root, $config; if (!$action) { $action = 'post'; } $_CLASS['core_template']->assign(array('S_DISPLAY_FORM' => false, 'S_DRAFT_LOADED' => false, 'S_SHOW_DRAFTS' => false, 'S_POST_REVIEW' => false, 'S_INLINE_ATTACHMENT_OPTIONS' => false, 'S_EDIT_REASON' => false, 'S_HAS_ATTACHMENTS' => false, 'to_recipient' => false, 'bcc_recipient' => false, 'S_DISPLAY_HISTORY' => false, 'S_DISPLAY_PREVIEW' => false)); // Grab only parameters needed here $to_user_id = request_var('u', 0); $to_group_id = request_var('g', 0); $msg_id = request_var('p', 0); $quote_post = request_var('q', 0); $draft_id = request_var('d', 0); $lastclick = request_var('lastclick', 0); $message_text = $subject = ''; // Do NOT use request_var or specialchars here $address_list = isset($_REQUEST['address_list']) ? $_REQUEST['address_list'] : array(); $submit = isset($_POST['post']); $preview = isset($_POST['preview']); $save = isset($_POST['save']); $load = isset($_POST['load']); $cancel = isset($_POST['cancel']); $confirm = isset($_POST['confirm']); $delete = isset($_POST['delete']); $remove_u = isset($_REQUEST['remove_u']); $remove_g = isset($_REQUEST['remove_g']); $add_to = isset($_REQUEST['add_to']); $add_bcc = isset($_REQUEST['add_bcc']); $refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['edit_comment']) || $save || $load || $remove_u || $remove_g || $add_to || $add_bcc; $action = $delete && !$preview && !$refresh && $submit ? 'delete' : $action; $error = array(); $current_time = gmtime(); // Was cancel pressed? If so then redirect to the appropriate page if ($cancel || $current_time - $lastclick < 2 && $submit) { $redirect = generate_link("Control_Panel&i={$id}&mode=view_messages&action=view_message" . ($msg_id ? "&p={$msg_id}" : '')); redirect($redirect); } if ($action == 'forward' && (!$config['forward_pm'] || !$_CLASS['auth']->acl_get('u_pm_forward'))) { trigger_error('NO_AUTH_FORWARD_MESSAGE'); } if ($action == 'edit' && !$_CLASS['auth']->acl_get('u_pm_edit')) { trigger_error('NO_AUTH_EDIT_MESSAGE'); } $sql = ''; // What is all this following SQL for? Well, we need to know // some basic information in all cases before we do anything. switch ($action) { case 'post': if (!$_CLASS['auth']->acl_get('u_sendpm')) { trigger_error('NO_AUTH_SEND_MESSAGE'); } break; case 'reply': case 'quote': case 'forward': if (!$msg_id) { trigger_error('NO_MESSAGE'); } if (!$_CLASS['auth']->acl_get('u_sendpm')) { trigger_error('NO_AUTH_SEND_MESSAGE'); } if ($quote_post) { $sql = 'SELECT p.post_text as message_text, p.poster_id as author_id, p.post_time as message_time, p.bbcode_bitfield, p.bbcode_uid, p.enable_sig, p.enable_html, p.enable_smilies, p.enable_magic_url, t.topic_title as message_subject, u.username as quote_username FROM ' . FORUMS_POSTS_TABLE . ' p, ' . FORUMS_TOPICS_TABLE . ' t, ' . USERS_TABLE . " u\n\t\t\t\t\tWHERE p.post_id = {$msg_id}\n\t\t\t\t\t\tAND t.topic_id = p.topic_id\n\t\t\t\t\t\tAND u.user_id = p.poster_id"; } else { $sql = 'SELECT t.*, p.*, u.username as quote_username FROM ' . FORUMS_PRIVMSGS_TO_TABLE . ' t, ' . FORUMS_PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE t.user_id = ' . $_CLASS['core_user']->data['user_id'] . "\n\t\t\t\t\t\tAND p.author_id = u.user_id\n\t\t\t\t\t\tAND t.msg_id = p.msg_id\n\t\t\t\t\t\tAND p.msg_id = {$msg_id}"; } break; case 'edit': if (!$msg_id) { trigger_error('NO_MESSAGE'); } // check for outbox (not read) status, we do not allow editing if one user already having the message $sql = 'SELECT p.*, t.* FROM ' . FORUMS_PRIVMSGS_TO_TABLE . ' t, ' . FORUMS_PRIVMSGS_TABLE . ' p WHERE t.user_id = ' . $_CLASS['core_user']->data['user_id'] . ' AND t.folder_id = ' . PRIVMSGS_OUTBOX . "\n\t\t\t\t\tAND t.msg_id = {$msg_id}\n\t\t\t\t\tAND t.msg_id = p.msg_id"; break; case 'delete': if (!$_CLASS['auth']->acl_get('u_pm_delete')) { trigger_error('NO_AUTH_DELETE_MESSAGE'); } if (!$msg_id) { trigger_error('NO_MESSAGE'); } $sql = 'SELECT msg_id, unread, new, author_id, folder_id FROM ' . FORUMS_PRIVMSGS_TO_TABLE . ' WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . "\n\t\t\t\t\tAND msg_id = {$msg_id}"; break; case 'smilies': require_once $site_file_root . 'includes/forums/functions_posting.php'; generate_smilies('window', 0); script_close(false); break; default: trigger_error('NO_ACTION_MODE'); break; } if ($sql) { $result = $_CLASS['core_db']->query_limit($sql, 1); if (!($row = $_CLASS['core_db']->fetch_row_assoc($result))) { trigger_error('NO_MESSAGE'); } extract($row); $_CLASS['core_db']->free_result($result); $msg_id = (int) $msg_id; $enable_urls = $enable_magic_url; if (!$author_id && $msg_id) { trigger_error('NO_AUTHOR'); } if (($action == 'reply' || $action == 'quote') && empty($address_list) && !$refresh && !$submit && !$preview) { $address_list = array('u' => array($author_id => 'to')); } elseif ($action == 'edit' && empty($address_list) && !$refresh && !$submit && !$preview) { // Rebuild TO and BCC Header $address_list = rebuild_header(array('to' => $to_address, 'bcc' => $bcc_address)); } $check_value = ($enable_html + 1 << 16) + ($enable_bbcode + 1 << 8) + ($enable_smilies + 1 << 4) + ($enable_urls + 1 << 2) + ($enable_sig + 1 << 1); } else { $message_attachment = 0; if ($to_user_id && $action == 'post') { $address_list['u'][$to_user_id] = 'to'; } else { if ($to_group_id && $action == 'post') { $address_list['g'][$to_group_id] = 'to'; } } $check_value = 0; } if (($to_group_id || isset($address_list['g'])) && !$config['allow_mass_pm']) { trigger_error('NO_AUTH_GROUP_MESSAGE'); } if ($action == 'edit' && !$refresh && !$preview && !$submit) { if (!($message_time > time() - $config['pm_edit_time'] || !$config['pm_edit_time'])) { trigger_error('CANNOT_EDIT_MESSAGE_TIME'); } } if (!isset($icon_id)) { $icon_id = 0; } require_once $site_file_root . 'includes/forums/functions_admin.php'; require_once $site_file_root . 'includes/forums/functions_posting.php'; require_once $site_file_root . 'includes/forums/message_parser.php'; $message_parser = new parse_message(); $message_subject = isset($message_subject) ? $message_subject : ''; $message_parser->message = $action == 'reply' ? '' : (isset($message_text) ? $message_text : ''); unset($message_text); $s_action = "Control_Panel&i={$id}&mode={$mode}&action={$action}"; $s_action .= $msg_id ? "&p={$msg_id}" : ''; $s_action .= $quote_post ? "&q=1" : ''; // Delete triggered ? if ($action == 'delete') { // Folder id has been determined by the SQL Statement // $folder_id = request_var('f', PRIVMSGS_NO_BOX); $s_hidden_fields = '<input type="hidden" name="p" value="' . $msg_id . '" /><input type="hidden" name="f" value="' . $folder_id . '" /><input type="hidden" name="action" value="delete" />'; // Do we need to confirm ? if (confirm_box(true)) { delete_pm($_CLASS['core_user']->data['user_id'], $msg_id, $folder_id); // TODO - jump to next message in "history"? $meta_info = generate_link('Control_Panel&i=pm&folder=' . $folder_id); $message = $_CLASS['core_user']->lang['MESSAGE_DELETED']; meta_refresh(3, $meta_info); $message .= '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_FOLDER'], '<a href="' . $meta_info . '">', '</a>'); trigger_error($message); } else { confirm_box(false, 'DELETE_MESSAGE', $s_hidden_fields); } } // Handle User/Group adding/removing handle_message_list_actions($address_list, $remove_u, $remove_g, $add_to, $add_bcc); // Check for too many recipients if (!$config['allow_mass_pm'] && num_recipients($address_list) > 1) { $address_list = get_recipient_pos($address_list, 1); $error[] = $_CLASS['core_user']->lang['TOO_MANY_RECIPIENTS']; } $message_parser->get_submitted_attachment_data(); if ($message_attachment && !$submit && !$refresh && !$preview && $action == 'edit') { $sql = 'SELECT attach_id, physical_filename, comment, real_filename, extension, mimetype, filesize, filetime, thumbnail FROM ' . FORUMS_ATTACHMENTS_TABLE . "\n\t\t\tWHERE post_msg_id = {$msg_id}\n\t\t\t\tAND in_message = 1\n\t\t\t\tORDER BY filetime " . (!$config['display_order'] ? 'DESC' : 'ASC'); $result = $_CLASS['core_db']->query($sql); $message_parser->attachment_data = array_merge($message_parser->attachment_data, $_CLASS['core_db']->fetch_row_assocset($result)); $_CLASS['core_db']->free_result($result); } if (!in_array($action, array('quote', 'edit', 'delete', 'forward'))) { $enable_sig = $config['allow_sig'] && $_CLASS['auth']->acl_get('u_sig') && $_CLASS['core_user']->optionget('attachsig'); $enable_smilies = $config['allow_smilies'] && $_CLASS['auth']->acl_get('u_pm_smilies') && $_CLASS['core_user']->optionget('smilies'); $enable_bbcode = $config['allow_bbcode'] && $_CLASS['auth']->acl_get('u_pm_bbcode') && $_CLASS['core_user']->optionget('bbcode'); $enable_urls = true; } $enable_magic_url = $drafts = false; // User own some drafts? if ($_CLASS['auth']->acl_get('u_savedrafts') && $action != 'delete') { $sql = 'SELECT draft_id FROM ' . FORUMS_DRAFTS_TABLE . ' WHERE (forum_id = 0 AND topic_id = 0) AND user_id = ' . $_CLASS['core_user']->data['user_id'] . ($draft_id ? " AND draft_id <> {$draft_id}" : ''); $result = $_CLASS['core_db']->query_limit($sql, 1); if ($_CLASS['core_db']->fetch_row_assoc($result)) { $drafts = true; } $_CLASS['core_db']->free_result($result); } if ($action == 'edit' || $action == 'forward') { $message_parser->bbcode_uid = $bbcode_uid; } $config['auth_bbcode_pm'] = true; $html_status = $config['allow_html'] && $config['auth_html_pm'] && $_CLASS['auth']->acl_get('u_pm_html'); $bbcode_status = $config['allow_bbcode'] && $config['auth_bbcode_pm'] && $_CLASS['auth']->acl_get('u_pm_bbcode'); $smilies_status = $config['allow_smilies'] && $config['auth_smilies_pm'] && $_CLASS['auth']->acl_get('u_pm_smilies'); $img_status = $config['auth_img_pm'] && $_CLASS['auth']->acl_get('u_pm_img'); $flash_status = $config['auth_flash_pm'] && $_CLASS['auth']->acl_get('u_pm_flash'); // Save Draft if ($save && $_CLASS['auth']->acl_get('u_savedrafts')) { $subject = request_var('subject', '', true); $subject = !$subject && $action != 'post' ? $_CLASS['core_user']->lang['NEW_MESSAGE'] : $subject; $message = request_var('message', '', true); if ($subject && $message) { $sql = 'INSERT INTO ' . FORUMS_DRAFTS_TABLE . ' ' . $_CLASS['core_db']->sql_build_array('INSERT', array('user_id' => $_CLASS['core_user']->data['user_id'], 'topic_id' => 0, 'forum_id' => 0, 'save_time' => $current_time, 'draft_subject' => $subject, 'draft_message' => $message)); $_CLASS['core_db']->query($sql); $_CLASS['core_display']->meta_refresh(3, generate_link('Control_Panel&i=pm&mode=' . $mode)); $message = $_CLASS['core_user']->lang['DRAFT_SAVED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_UCP'], '<a href="' . generate_link('Control_Panel&i=pm&mode=' . $mode) . '">', '</a>'); trigger_error($message); } unset($subject); unset($message); } // Load Draft if ($draft_id && $_CLASS['auth']->acl_get('u_savedrafts')) { $sql = 'SELECT draft_subject, draft_message FROM ' . FORUMS_DRAFTS_TABLE . " \n\t\t\tWHERE draft_id = {$draft_id}\n\t\t\t\tAND topic_id = 0\n\t\t\t\tAND forum_id = 0\n\t\t\t\tAND user_id = " . $_CLASS['core_user']->data['user_id']; $result = $_CLASS['core_db']->query_limit($sql, 1); if ($row = $_CLASS['core_db']->fetch_row_assoc($result)) { $_REQUEST['subject'] = $row['draft_subject']; $_REQUEST['message'] = $row['draft_message']; $refresh = true; $_CLASS['core_template']->assign('S_DRAFT_LOADED', true); } else { $draft_id = 0; } } // Load Drafts if ($load && $drafts) { load_drafts(0, 0, $id); } if ($submit || $preview || $refresh) { $subject = mb_strtolower(get_variable('subject', 'POST', '')); $message_parser->message = request_var('message', '', true); $icon_id = request_var('icon', 0); $enable_html = !$html_status || isset($_POST['disable_html']) ? false : true; $enable_bbcode = !$bbcode_status || isset($_POST['disable_bbcode']) ? false : true; $enable_smilies = !$smilies_status || isset($_POST['disable_smilies']) ? false : true; $enable_urls = isset($_POST['disable_magic_url']) ? 0 : 1; $enable_sig = !$config['allow_sig'] ? false : (isset($_POST['attach_sig']) ? true : false); if ($submit) { $status_switch = ($enable_html + 1 << 16) + ($enable_bbcode + 1 << 8) + ($enable_smilies + 1 << 4) + ($enable_urls + 1 << 2) + ($enable_sig + 1 << 1); $status_switch = $status_switch != $check_value; } else { $status_switch = 1; } // Parse Attachments - before checksum is calculated $message_parser->parse_attachments('fileupload', $action, 0, $submit, $preview, $refresh, true); // Grab md5 'checksum' of new message $message_md5 = md5($message_parser->message); // Check checksum ... don't re-parse message if the same $update_message = $action != 'edit' || $message_md5 != $post_checksum || $status_switch || $preview ? true : false; if ($update_message) { $message_parser->parse($enable_html, $enable_bbcode, $enable_urls, $enable_smilies, $img_status, $flash_status, true); } else { $message_parser->bbcode_bitfield = $bbcode_bitfield; } if ($action != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$_CLASS['auth']->acl_get('u_ignoreflood')) { // Flood check $last_post_time = $_CLASS['core_user']->data['user_last_post_time']; if ($last_post_time) { if ($last_post_time && $current_time - $last_post_time < intval($config['flood_interval'])) { $error[] = $_CLASS['core_user']->lang['FLOOD_ERROR']; } } } // Subject defined if (!$subject && !($remove_u || $remove_g || $add_to || $add_bcc)) { $error[] = $_CLASS['core_user']->lang['EMPTY_SUBJECT']; } if (empty($address_list)) { $error[] = $_CLASS['core_user']->lang['NO_RECIPIENT']; } if (!empty($message_parser->warn_msg) && !($remove_u || $remove_g || $add_to || $add_bcc)) { $error[] = implode('<br />', $message_parser->warn_msg); } // Store message, sync counters if (empty($error) && $submit) { $pm_data = array('msg_id' => (int) $msg_id, 'reply_from_root_level' => isset($root_level) ? (int) $root_level : 0, 'reply_from_msg_id' => (int) $msg_id, 'icon_id' => (int) $icon_id, 'enable_sig' => (bool) $enable_sig, 'enable_bbcode' => (bool) $enable_bbcode, 'enable_html' => (bool) $enable_html, 'enable_smilies' => (bool) $enable_smilies, 'enable_urls' => (bool) $enable_urls, 'message_md5' => (int) $message_md5, 'bbcode_bitfield' => (int) $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'address_list' => $address_list); unset($message_parser); // ((!$message_subject) ? $subject : $message_subject) $msg_id = submit_pm($action, $subject, $pm_data, $update_message); $return_message_url = generate_link('Control_Panel&i=pm&mode=view_messages&action=view_message&p=' . $msg_id); $return_folder_url = generate_link('Control_Panel&i=pm&folder=outbox'); $_CLASS['core_display']->meta_refresh(3, $return_message_url); $message = $_CLASS['core_user']->lang['MESSAGE_STORED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['VIEW_MESSAGE'], '<a href="' . $return_message_url . '">', '</a>') . '<br /><br />' . sprintf($_CLASS['core_user']->lang['CLICK_RETURN_FOLDER'], '<a href="' . $return_folder_url . '">', '</a>', $_CLASS['core_user']->lang['PM_OUTBOX']); trigger_error($message); } $message_subject = stripslashes($subject); } if (empty($error) && $preview) { $post_time = $action == 'edit' ? $post_time : $current_time; $preview_message = $message_parser->format_display($enable_html, $enable_bbcode, $enable_urls, $enable_smilies, false); $preview_signature = $_CLASS['core_user']->data['user_sig']; $preview_signature_uid = $_CLASS['core_user']->data['user_sig_bbcode_uid']; $preview_signature_bitfield = $_CLASS['core_user']->data['user_sig_bbcode_bitfield']; // Signature if ($enable_sig && $config['allow_sig'] && $preview_signature) { $parse_sig = new parse_message($preview_signature); $parse_sig->bbcode_uid = $preview_signature_uid; $parse_sig->bbcode_bitfield = $preview_signature_bitfield; $parse_sig->format_display($enable_html, $enable_bbcode, $enable_urls, $enable_smilies); $preview_signature = $parse_sig->message; unset($parse_sig); } else { $preview_signature = ''; } // Attachment Preview if (!empty($message_parser->attachment_data)) { require $site_file_root . 'includes/forums/functions_display.php'; $extensions = $update_count = array(); $_CLASS['core_template']->assign('S_HAS_ATTACHMENTS', true); display_attachments(0, 'attachment', $message_parser->attachment_data, $update_count, true); } $preview_subject = censor_text($subject); if (empty($error)) { $_CLASS['core_template']->assign(array('POST_DATE' => $_CLASS['core_user']->format_date($post_time), 'PREVIEW_SUBJECT' => $preview_subject, 'PREVIEW_MESSAGE' => $preview_message, 'PREVIEW_SIGNATURE' => $preview_signature, 'S_DISPLAY_PREVIEW' => true)); } unset($message_text); } // Decode text for message display $bbcode_uid = ($action == 'quote' || $action == 'forward') && !$preview && !$refresh && empty($error) ? $bbcode_uid : $message_parser->bbcode_uid; $message_parser->decode_message($bbcode_uid); if ($action == 'quote' && !$preview && !$refresh) { $message_parser->message = '[quote="' . $quote_username . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n"; } if (($action == 'reply' || $action == 'quote') && !$preview && !$refresh) { $message_subject = (!preg_match('/^Re:/', $message_subject) ? 'Re: ' : '') . censor_text($message_subject); } if ($action == 'forward' && !$preview && !$refresh) { $fwd_to_field = write_pm_addresses(array('to' => $to_address), 0, true); $forward_text = array(); $forward_text[] = $_CLASS['core_user']->lang['FWD_ORIGINAL_MESSAGE']; $forward_text[] = sprintf($_CLASS['core_user']->lang['FWD_SUBJECT'], censor_text($message_subject)); $forward_text[] = sprintf($_CLASS['core_user']->lang['FWD_DATE'], $_CLASS['core_user']->format_date($message_time)); $forward_text[] = sprintf($_CLASS['core_user']->lang['FWD_FROM'], $quote_username); $forward_text[] = sprintf($_CLASS['core_user']->lang['FWD_TO'], implode(', ', $fwd_to_field['to'])); $message_parser->message = implode("\n", $forward_text) . "\n\n[quote=\"[url=" . generate_link("Members_List&mode=viewprofile&u={$author_id}]{$quote_username}") . "[/url]\"]\n" . censor_text(trim($message_parser->message)) . "\n[/quote]"; $message_subject = (!preg_match('/^Fwd:/', $message_subject) ? 'Fwd: ' : '') . censor_text($message_subject); } $attachment_data = $message_parser->attachment_data; $filename_data = $message_parser->filename_data; $message_text = $message_parser->message; unset($message_parser); // MAIN PM PAGE BEGINS HERE // Generate smiley listing generate_smilies('inline', 0); // Generate PM Icons $s_pm_icons = false; if ($config['enable_pm_icons']) { $s_pm_icons = posting_gen_topic_icons($action, $icon_id); } // Generate inline attachment select box posting_gen_inline_attachments($attachment_data); // Build address list for display // array('u' => array($author_id => 'to')); if (!empty($address_list)) { // Get Usernames and Group Names $result = array(); if (isset($address_list['u']) && !empty($address_list['u'])) { $result['u'] = $_CLASS['core_db']->query('SELECT user_id as id, username as name, user_colour as colour FROM ' . USERS_TABLE . ' WHERE user_id IN (' . implode(', ', array_map('intval', array_keys($address_list['u']))) . ')'); } if (isset($address_list['g']) && !empty($address_list['g'])) { $result['g'] = $_CLASS['core_db']->query('SELECT group_id as id, group_name as name, group_colour as colour FROM ' . GROUPS_TABLE . ' WHERE group_receive_pm = 1 AND group_id IN (' . implode(', ', array_map('intval', array_keys($address_list['g']))) . ')'); } $u = $g = array(); foreach (array('u', 'g') as $type) { if (isset($result[$type]) && $result[$type]) { while ($row = $_CLASS['core_db']->fetch_row_assoc($result[$type])) { ${$type}[$row['id']] = array('name' => $row['name'], 'colour' => $row['colour']); } $_CLASS['core_db']->free_result($result[$type]); } } // Now Build the address list $plain_address_field = ''; foreach ($address_list as $type => $adr_ary) { foreach ($adr_ary as $id => $field) { if (!isset(${$type}[$id])) { unset($address_list[$type][$id]); continue; } $field = $field == 'to' ? 'to' : 'bcc'; $type = $type == 'u' ? 'u' : 'g'; $id = (int) $id; $_CLASS['core_template']->assign_vars_array($field . '_recipient', array('NAME' => ${$type}[$id]['name'], 'IS_GROUP' => $type == 'g', 'IS_USER' => $type == 'u', 'COLOUR' => ${$type}[$id]['colour'] ? ${$type}[$id]['colour'] : '', 'UG_ID' => $id, 'U_VIEW' => $type == 'u' ? generate_link('Members_List&mode=viewprofile&u=' . $id) : generate_link('Members_List&mode=group&g=' . $id), 'TYPE' => $type)); } } } // Build hidden address list $s_hidden_address_field = ''; foreach ($address_list as $type => $adr_ary) { foreach ($adr_ary as $id => $field) { $s_hidden_address_field .= '<input type="hidden" name="address_list[' . ($type == 'u' ? 'u' : 'g') . '][' . (int) $id . ']" value="' . ($field == 'to' ? 'to' : 'bcc') . '" />'; } } $html_checked = isset($enable_html) ? !$enable_html : ($config['allow_html'] && $_CLASS['auth']->acl_get('u_pm_html') ? !$_CLASS['core_user']->optionget('html') : 1); $bbcode_checked = isset($enable_bbcode) ? !$enable_bbcode : ($config['allow_bbcode'] && $_CLASS['auth']->acl_get('u_pm_bbcode') ? !$_CLASS['core_user']->optionget('bbcode') : 1); $smilies_checked = isset($enable_smilies) ? !$enable_smilies : ($config['allow_smilies'] && $_CLASS['auth']->acl_get('u_pm_smilies') ? !$_CLASS['core_user']->optionget('smilies') : 1); $urls_checked = isset($enable_urls) ? !$enable_urls : 0; $sig_checked = $enable_sig; switch ($action) { case 'post': $page_title = $_CLASS['core_user']->lang['POST_NEW_PM']; break; case 'quote': $page_title = $_CLASS['core_user']->lang['POST_QUOTE_PM']; break; case 'reply': $page_title = $_CLASS['core_user']->lang['POST_REPLY_PM']; break; case 'edit': $page_title = $_CLASS['core_user']->lang['POST_EDIT_PM']; break; case 'forward': $page_title = $_CLASS['core_user']->lang['POST_FORWARD_PM']; break; default: trigger_error('NO_ACTION_MODE'); } $s_hidden_fields = '<input type="hidden" name="lastclick" value="' . $current_time . '" />'; $s_hidden_fields .= isset($check_value) ? '<input type="hidden" name="status_switch" value="' . $check_value . '" />' : ''; $s_hidden_fields .= $draft_id || isset($_REQUEST['draft_loaded']) ? '<input type="hidden" name="draft_loaded" value="' . (isset($_REQUEST['draft_loaded']) ? intval($_REQUEST['draft_loaded']) : $draft_id) . '" />' : ''; $form_enctype = @ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || @ini_get('file_uploads') == '0' || !$config['allow_pm_attach'] || !$_CLASS['auth']->acl_get('u_pm_attach') ? '' : ' enctype="multipart/form-data"'; // Start assigning vars for main posting page ... $_CLASS['core_template']->assign(array('L_POST_A' => $page_title, 'L_ICON' => $_CLASS['core_user']->lang['PM_ICON'], 'L_MESSAGE_BODY_EXPLAIN' => intval($config['max_post_chars']) ? sprintf($_CLASS['core_user']->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '', 'SUBJECT' => isset($message_subject) ? $message_subject : '', 'MESSAGE' => $message_text, 'HTML_STATUS' => $html_status ? $_CLASS['core_user']->lang['HTML_IS_ON'] : $_CLASS['core_user']->lang['HTML_IS_OFF'], 'BBCODE_STATUS' => $bbcode_status ? sprintf($_CLASS['core_user']->lang['BBCODE_IS_ON'], '<a href="' . generate_link('Forums&file=faq&mode=bbcode') . '" target="_phpbbcode">', '</a>') : sprintf($_CLASS['core_user']->lang['BBCODE_IS_OFF'], '<a href="' . generate_link('Forums&file=faq&mode=bbcode') . '" target="_phpbbcode">', '</a>'), 'IMG_STATUS' => $img_status ? $_CLASS['core_user']->lang['IMAGES_ARE_ON'] : $_CLASS['core_user']->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => $flash_status ? $_CLASS['core_user']->lang['FLASH_IS_ON'] : $_CLASS['core_user']->lang['FLASH_IS_OFF'], 'SMILIES_STATUS' => $smilies_status ? $_CLASS['core_user']->lang['SMILIES_ARE_ON'] : $_CLASS['core_user']->lang['SMILIES_ARE_OFF'], 'MINI_POST_IMG' => $_CLASS['core_user']->img('icon_post', $_CLASS['core_user']->lang['PM']), 'ERROR' => empty($error) ? '' : implode('<br />', $error), 'S_EDIT_POST' => $action == 'edit', 'S_SHOW_PM_ICONS' => $s_pm_icons, 'S_HTML_ALLOWED' => $html_status, 'S_HTML_CHECKED' => $html_checked ? ' checked="checked"' : '', 'S_BBCODE_ALLOWED' => $bbcode_status, 'S_BBCODE_CHECKED' => $bbcode_checked ? ' checked="checked"' : '', 'S_SMILIES_ALLOWED' => $smilies_status, 'S_SMILIES_CHECKED' => $smilies_checked ? ' checked="checked"' : '', 'S_SIG_ALLOWED' => $config['allow_sig'] && $_CLASS['auth']->acl_get('u_sig'), 'S_SIGNATURE_CHECKED' => $sig_checked ? ' checked="checked"' : '', 'S_MAGIC_URL_CHECKED' => $urls_checked ? ' checked="checked"' : '', 'S_SAVE_ALLOWED' => $_CLASS['auth']->acl_get('u_savedrafts'), 'S_HAS_DRAFTS' => $_CLASS['auth']->acl_get('u_savedrafts') && $drafts, 'S_FORM_ENCTYPE' => $form_enctype, 'S_POST_ACTION' => generate_link($s_action), 'S_HIDDEN_ADDRESS_FIELD' => $s_hidden_address_field, 'S_HIDDEN_FIELDS' => $s_hidden_fields)); // Attachment entry if ($_CLASS['auth']->acl_get('u_pm_attach') && $config['allow_pm_attach'] && $form_enctype) { posting_gen_attachment_entry($attachment_data, $filename_data); } }
} // Bump information if ($topic_data['topic_bumped'] && $row['post_id'] == $topic_data['topic_last_post_id']) { // It is safe to grab the username from the user cache array, we are at the last // post and only the topic poster and last poster are allowed to bump $l_bumped_by = '<br /><br />' . sprintf($_CLASS['core_user']->lang['BUMPED_BY'], $user_cache[$topic_data['topic_bumper']]['username'], $_CLASS['core_user']->format_date($topic_data['topic_last_post_time'])); } else { $l_bumped_by = ''; } if (empty($icons[$row['icon_id']])) { $icons[$row['icon_id']] = array('img' => '', 'width' => '', 'height' => ''); } if ($unread = $row['post_time'] > $topic_last_read) { $update_mark = $update_mark ? (int) max($row['post_time'], $update_mark) : $row['post_time']; } $postrow = array('ATTACHMENTS' => empty($attachments[$row['post_id']]) ? false : display_attachments($forum_id, $attachments[$row['post_id']], $update_count), 'POSTER_NAME' => $row['poster'], 'POSTER_RANK' => $user_cache[$poster_id]['rank_title'], 'RANK_IMAGE' => $user_cache[$poster_id]['rank_image'], 'POSTER_JOINED' => $user_cache[$poster_id]['joined'], 'POSTER_POSTS' => $user_cache[$poster_id]['posts'], 'POSTER_FROM' => $user_cache[$poster_id]['from'], 'POSTER_AVATAR' => $user_cache[$poster_id]['avatar'], 'POST_DATE' => $_CLASS['core_user']->format_date($row['post_time']), 'POST_SUBJECT' => censor_text($row['post_subject']), 'MESSAGE' => censor_text($row['post_text']), 'SIGNATURE' => $row['enable_sig'] ? $user_cache[$poster_id]['sig'] : '', 'EDITED_MESSAGE' => $l_edited_by, 'EDIT_REASON' => $row['post_edit_reason'], 'BUMPED_MESSAGE' => $l_bumped_by, 'MINI_POST_IMG' => $unread ? $_CLASS['core_user']->img('icon_post_new', 'NEW_POST') : $_CLASS['core_user']->img('icon_post', 'POST'), 'POST_ICON_IMG' => $icons[$row['icon_id']]['img'], 'POST_ICON_IMG_WIDTH' => $icons[$row['icon_id']]['width'], 'POST_ICON_IMG_HEIGHT' => $icons[$row['icon_id']]['height'], 'ICQ_STATUS_IMG' => $user_cache[$poster_id]['icq_status_img'], 'ONLINE_IMG' => $poster_id == ANONYMOUS || !$config['load_onlinetrack'] ? '' : ($user_cache[$poster_id]['online'] ? $_CLASS['core_user']->img('btn_online', 'ONLINE') : $_CLASS['core_user']->img('btn_offline', 'OFFLINE')), 'U_EDIT' => $_CLASS['core_user']->data['user_id'] == $poster_id && $_CLASS['auth']->acl_get('f_edit', $forum_id) && ($row['post_time'] > time() - $config['edit_time'] || !$config['edit_time']) || $_CLASS['auth']->acl_get('m_edit', $forum_id) ? generate_link("Forums&file=posting&mode=edit&p=" . $row['post_id']) : '', 'U_QUOTE' => $_CLASS['auth']->acl_get('f_quote', $forum_id) ? generate_link("Forums&file=posting&mode=quote&p=" . $row['post_id']) : '', 'U_INFO' => $_CLASS['auth']->acl_get('m_', $forum_id) ? generate_link('Forums&file=mcp&mode=post_details&p=' . $row['post_id'], false, false) : '', 'U_DELETE' => $_CLASS['core_user']->data['user_id'] == $poster_id && $_CLASS['auth']->acl_get('f_delete', $forum_id) && $topic_data['topic_last_post_id'] == $row['post_id'] && ($row['post_time'] > time() - $config['edit_time'] || !$config['edit_time']) || $_CLASS['auth']->acl_get('m_delete', $forum_id) ? generate_link("Forums&file=posting&mode=delete&p=" . $row['post_id']) : '', 'U_PROFILE' => $user_cache[$poster_id]['profile'], 'U_SEARCH' => $user_cache[$poster_id]['search'], 'U_PM' => $poster_id != ANONYMOUS ? generate_link('Control_Panel&i=pm&mode=compose&action=quote&q=1&p=' . $row['post_id']) : '', 'U_EMAIL' => $user_cache[$poster_id]['email'], 'U_WWW' => $user_cache[$poster_id]['www'], 'U_ICQ' => $user_cache[$poster_id]['icq'], 'U_AIM' => $user_cache[$poster_id]['aim'], 'U_MSN' => $user_cache[$poster_id]['msn'], 'U_YIM' => $user_cache[$poster_id]['yim'], 'U_JABBER' => $user_cache[$poster_id]['jabber'], 'U_REPORT' => generate_link('Forums&file=report&p=' . $row['post_id']), 'U_MCP_REPORT' => $_CLASS['auth']->acl_gets(array('m_', 'a_', 'f_report'), $forum_id) ? generate_link('Forums&file=mcp&mode=post_details&p=' . $row['post_id']) : '', 'U_MCP_APPROVE' => $_CLASS['auth']->acl_get('m_approve', $forum_id) ? generate_link('Forums&file=mcp&i=queue&mode=approve&post_id_list[]=' . $row['post_id'], false, false) : '', 'U_MCP_DETAILS' => $_CLASS['auth']->acl_get('m_', $forum_id) ? generate_link('Forums&file=mcp&mode=post_details&p=' . $row['post_id']) : '', 'U_MINI_POST' => generate_link('Forums&file=viewtopic&p=' . $row['post_id']) . '#' . $row['post_id'], 'U_NEXT_POST_ID' => $i < $i_total && isset($rowset[$i + 1]) ? $rowset[$i + 1]['post_id'] : '', 'U_PREV_POST_ID' => $prev_post_id, 'POST_ID' => $row['post_id'], 'S_IGNORE_POST' => false, 'S_POST_UNAPPROVED' => !$row['post_approved'], 'S_POST_REPORTED' => $row['post_reported'] && $_CLASS['auth']->acl_get('m_', $forum_id) ? TRUE : FALSE, 'S_DISPLAY_NOTICE' => $display_notice && $row['post_attachment'] ? true : false, 'S_FRIEND' => $row['friend'], 'S_UNREAD_POST' => $unread, 'S_FIRST_UNREAD' => false); if ($unread && !$first_unread_makred) { $postrow['S_FIRST_UNREAD'] = true; $first_unread_makred = true; } // Dump vars into template $_CLASS['core_template']->assign_vars_array('postrow', $postrow); $prev_post_id = $row['post_id']; unset($rowset[$i], $attachments[$row['post_id']]); } unset($rowset, $user_cache); // Quick mod tools $topic_mod = ''; $topic_mod .= $_CLASS['auth']->acl_get('m_lock', $forum_id) || $_CLASS['auth']->acl_get('f_user_lock', $forum_id) && $_CLASS['core_user']->data['user_id'] != ANONYMOUS && $_CLASS['core_user']->data['user_id'] == $topic_data['topic_poster'] ? $topic_data['topic_status'] == ITEM_UNLOCKED ? '<option value="lock">' . $_CLASS['core_user']->lang['LOCK_TOPIC'] . '</option>' : '<option value="unlock">' . $_CLASS['core_user']->lang['UNLOCK_TOPIC'] . '</option>' : ''; $topic_mod .= $_CLASS['auth']->acl_get('m_delete', $forum_id) ? '<option value="delete_topic">' . $_CLASS['core_user']->lang['DELETE_TOPIC'] . '</option>' : ''; $topic_mod .= $_CLASS['auth']->acl_get('m_move', $forum_id) ? '<option value="move">' . $_CLASS['core_user']->lang['MOVE_TOPIC'] . '</option>' : '';
} $_CLASS['core_template']->assign('S_HAS_ATTACHMENTS', false); // Attachment Preview if (!empty($message_parser->attachment_data)) { require_once SITE_FILE_ROOT . 'includes/forums/functions_display.php'; $null = array(); $attachment_data = $message_parser->attachment_data; $unset_attachments = parse_inline_attachments($preview_message, $attachment_data, $update_count, $forum_id, true); // Needed to let not display the inlined attachments at the end of the post again foreach ($unset_attachments as $index) { unset($attachment_data[$index]); } unset($unset_attachments); if (!empty($attachment_data)) { $_CLASS['core_template']->assign('S_HAS_ATTACHMENTS', true); $_CLASS['core_template']->assign('attachment', display_attachments($forum_id, $attachment_data, $null, true)); } unset($attachment_data, $null); } $_CLASS['core_template']->assign_array(array('PREVIEW_SUBJECT' => $preview_subject, 'PREVIEW_MESSAGE' => $preview_message, 'PREVIEW_SIGNATURE' => $preview_signature, 'S_DISPLAY_PREVIEW' => true)); unset($preview_message, $preview_subject, $preview_signature, $preview_signature); } // Decode text for message display $bbcode_uid = $mode == 'quote' && !$preview && !$refresh && empty($error) ? $bbcode_uid : $message_parser->bbcode_uid; $message_parser->decode_message($bbcode_uid); if ($mode == 'quote' && !$preview && !$refresh) { $quote_username = isset($posting_data['username']) ? $posting_data['username'] : (isset($posting_data['post_username']) ? $posting_data['post_username'] : ''); $message_parser->message = '[quote="' . $quote_username . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n"; } if (($mode == 'reply' || $mode == 'quote') && !$preview && !$refresh) { $post_subject = (!preg_match('/^Re:/', $post_subject) ? 'Re: ' : '') . censor_text($post_subject);
/** * Display Attachments in Review Window */ function display_review_attachments($post_id, $switch_attachment, $is_auth) { // Begin PNphpBB2 Module // global $attach_config, $attachments; global $attach_config, $attachments, $phpbb_root_path; // End PNphpBB2 Module if (intval($switch_attachment) == 0 || intval($attach_config['disable_mod']) || !($is_auth['auth_download'] && $is_auth['auth_view']) || intval($attach_config['attachment_topic_review']) == 0) { return; } @reset($attachments); $attachments['_' . $post_id] = get_attachments_from_post($post_id); if (sizeof($attachments['_' . $post_id]) == 0) { return; } display_attachments($post_id); }
function cms_block_forum_articles() { global $db, $cache, $config, $template, $images, $lang, $bbcode, $block_id, $cms_config_vars, $meta_content, $breadcrumbs; if (!class_exists('class_topics')) { include IP_ROOT_PATH . 'includes/class_topics.' . PHP_EXT; } $class_topics = new class_topics(); @(include_once IP_ROOT_PATH . ATTACH_MOD_PATH . 'displaying.' . PHP_EXT); $template->_tpldata['articles_fa.'] = array(); $index_file = !empty($_SERVER['SCRIPT_NAME']) ? $_SERVER['SCRIPT_NAME'] : getenv('SCRIPT_NAME'); $index_file = htmlspecialchars(urldecode($index_file)); while (substr($index_file, 0, 1) == '/') { $index_file = substr($index_file, 1); } if ($index_file == 'index.' . PHP_EXT) { $prefix = '?page=' . request_var('page', 0) . '&'; } else { $prefix = '?'; } $meta_content['page_title_clean'] = empty($meta_content['page_title_clean']) ? strip_tags($meta_content['page_title']) : $meta_content['page_title_clean']; $template->set_filenames(array('forum_articles_block' => 'blocks/forum_articles_block.tpl')); $title = empty($cms_config_vars['md_posts_title'][$block_id]) ? $meta_content['page_title_clean'] : htmlspecialchars_clean($cms_config_vars['md_posts_title'][$block_id]); $template->assign_vars(array('L_TITLE' => $title, 'L_POSTED' => $lang['Posted'], 'L_ANNOUNCEMENT' => $lang['Post_Announcement'], 'L_PRINT_NEWS' => $lang['News_Print'], 'L_EMAIL_NEWS' => $lang['News_Email'], 'NEWS_PRINT_IMG' => $images['news_print'], 'NEWS_EMAIL_IMG' => $images['news_email'])); // $only_auth_view must have the opposite value of $cms_config_vars['md_ignore_auth_view'][$block_id] $only_auth_view = !empty($cms_config_vars['md_ignore_auth_view'][$block_id]) || $cms_config_vars['md_ignore_auth_view'][$block_id] == true ? false : true; $single_post_id = request_var('post_id', 0); if (!empty($single_post_id)) { $fetchposts = $class_topics->fetch_posts($single_post_id, 1, 0, false, 0, true, $only_auth_view); for ($i = 0; $i < sizeof($fetchposts); $i++) { init_display_post_attachments($fetchposts[$i]['topic_attachment'], $fetchposts[$i], true, $block_id); $topic_title = htmlspecialchars_clean($fetchposts[$i]['topic_title']); $topic_link = $index_file . $prefix . 'post_id=' . $single_post_id; $template->assign_block_vars('articles_fa', array('TOPIC_ID' => $fetchposts[$i]['topic_id'], 'FORUM_ID' => $fetchposts[$i]['forum_id'], 'TITLE' => $topic_title, 'POSTER' => $fetchposts[$i]['username'], 'POSTER_CG' => colorize_username($fetchposts[$i]['user_id'], $fetchposts[$i]['username'], $fetchposts[$i]['user_color'], $fetchposts[$i]['user_active']), 'TIME' => $fetchposts[$i]['topic_time'], 'VIEWS' => $fetchposts[$i]['topic_views'], 'TEXT' => $fetchposts[$i]['post_text'], 'U_PRINT_TOPIC' => append_sid('printview.' . PHP_EXT . '?' . POST_FORUM_URL . '=' . $fetchposts[$i]['forum_id'] . '&' . POST_TOPIC_URL . '=' . $fetchposts[$i]['topic_id'] . '&is_article=1'), 'U_EMAIL_TOPIC' => append_sid('tellafriend.' . PHP_EXT . '?topic_title=' . urlencode(ip_utf8_decode($fetchposts[$i]['topic_title'])) . '&topic_url=' . urlencode(ip_utf8_decode($topic_link))))); display_attachments($fetchposts[$i]['post_id'], 'articles'); } if ($cms_config_vars['md_posts_breadcrumbs'][$block_id]) { $meta_content['page_title_clean'] = empty($meta_content['page_title_clean']) ? strip_tags($meta_content['page_title']) : $meta_content['page_title_clean']; $breadcrumbs['address'] = ''; if ($meta_content['page_title_clean'] != $config['sitename']) { $index_url = $index_file; if ($index_file == 'index.' . PHP_EXT) { $index_url .= '?page=' . request_var('page', 0); } $breadcrumbs['address'] .= $lang['Nav_Separator'] . '<a href="' . append_sid($index_url) . '">' . $meta_content['page_title_clean'] . '</a>'; } $breadcrumbs['address'] .= $lang['Nav_Separator'] . '<a href="#" class="nav-current">' . $topic_title . '</a>'; } } else { $fetchposts = $class_topics->fetch_posts($cms_config_vars['md_posts_forum_id'][$block_id], $cms_config_vars['md_num_posts'][$block_id], -1, $cms_config_vars['md_posts_show_portal'][$block_id], $cms_config_vars['md_posts_random'][$block_id], false, $only_auth_view); for ($i = 0; $i < sizeof($fetchposts); $i++) { // Convert and clean special chars! $topic_title = htmlspecialchars_clean($fetchposts[$i]['topic_title']); $template->assign_block_vars('articles_fa', array('TOPIC_ID' => $fetchposts[$i]['topic_id'], 'FORUM_ID' => $fetchposts[$i]['forum_id'], 'TITLE' => $topic_title, 'POSTER' => $fetchposts[$i]['username'], 'POSTER_CG' => colorize_username($fetchposts[$i]['user_id'], $fetchposts[$i]['username'], $fetchposts[$i]['user_color'], $fetchposts[$i]['user_active']), 'TIME' => $fetchposts[$i]['topic_time'], 'VIEWS' => $fetchposts[$i]['topic_views'], 'U_VIEW_TOPIC' => append_sid($index_file . $prefix . 'post_id=' . $fetchposts[$i]['topic_first_post_id']))); } $template->assign_vars(array('IS_LIST' => true, 'L_TOPICS' => $lang['Topics'], 'L_AUTHOR' => $lang['Author'], 'L_VIEWS' => $lang['Views'])); if ($cms_config_vars['md_posts_breadcrumbs'][$block_id]) { $breadcrumbs['address'] = ''; if ($meta_content['page_title_clean'] != $config['sitename']) { $breadcrumbs['address'] .= $lang['Nav_Separator'] . '<a href="#" class="nav-current">' . $meta_content['page_title_clean'] . '</a>'; } } } }