function sp_order_topic_pins()
{
$topicid = sp_esc_int($_GET['topicid']);
$forumid = sp_esc_int($_GET['forumid']);
if (!sp_get_auth('pin_topics', $forumid)) {
if (!is_user_logged_in()) {
sp_etext('Access denied - are you logged in?');
} else {
sp_etext('Access denied - you do not have permission');
}
die;
}
$thisforum = spdb_table(SFFORUMS, "forum_id={$forumid}", 'row');
$topics = spdb_table(SFTOPICS, "forum_id={$forumid} AND topic_pinned > 0", '', 'topic_pinned DESC');
if (empty($topics) || empty($forumid)) {
die;
}
?>
<div id="spMainContainer" class="spForumToolsPopup">
<div class="spForumToolsHeader">
<div class="spForumToolsHeaderTitle"><?php
sp_etext('Please note: The HIGHER numbered topics will appear at the top of the list');
?>
</div>
</div>
<form action="<?php
echo sp_build_url($thisforum->forum_slug, '', 1, 0);
?>
" method="post" name="ordertopicpinsform">
<input type="hidden" name="orderpinsforumid" value="<?php
echo $forumid;
?>
" />
<table class="spPopupTable">
<?php
foreach ($topics as $topic) {
?>
<tr><td class="spLabel" style="width:85%"><?php
echo sp_filter_title_display($topic->topic_name);
?>
<input type="hidden" name="topicid[]" value="<?php
echo $topic->topic_id;
?>
" /></td>
<td class="spControl">
<input type="text" class="spControl" size="6" name="porder[]" value="<?php
echo $topic->topic_pinned;
?>
" />
</td>
<?php
}
?>
</table>
<div class="spCenter">
<input type="submit" class="spSubmit" name="ordertopicpins" value="<?php
sp_etext('Save Pin Order Changes');
?>
" />
<input type="button" class="spSubmit" name="cancel" value="<?php
sp_etext('Cancel');
?>
" onclick="jQuery('#dialog').dialog('close');" />
</div>
</form>
</div>
<?php
}
function sp_forum_footer()
{
global $spVars, $spGlobals, $spThisUser, $spMobile, $spDevice;
do_action('sph_footer_start');
# wait for page load and run JS inits
?>
<script type='text/javascript'>
var jspf = jQuery.noConflict();
jspf(document).ready(function() {
<?php
# Quicklinks selects
?>
jspf("#spQuickLinksForumSelect, #spQuickLinksTopicSelect").msDropDown();
jspf('#spQuickLinksForum').show();
jspf('#spQuickLinksTopic').show();
<?php
# Checkboxes/radio buttons and tooltips
if (defined('SP_USE_PRETTY_CBOX') && SP_USE_PRETTY_CBOX == true) {
?>
jspf("input[type=checkbox],input[type=radio]").prettyCheckboxes();
<?php
}
?>
if (sp_platform_vars.device == 'desktop' && sp_platform_vars.tooltips == true) {
jspf(document).tooltip( {
tooltipClass: "ttip",
position: {
my: "left+20 top",
at: "left bottom+10"
},
track: false,
content: function() {
var element = jspf(this);
if (element.prop("nodeName") == "IFRAME") {
return '';
} else {
return element.attr( "title" );
}
}
});
}
<?php
# if fragment postID and head padding add padding
?>
var hash = jspf(location).attr('hash');
if (hash && sp_platform_vars.headpadding > 0) {
jspf('html, body').animate({ scrollTop: (Math.round(jspf(hash).offset().top) - parseInt(sp_platform_vars.headpadding)) }, 'fast');
}
<?php
# pre-load 'wait' image
?>
waitImage = new Image(32,32);
waitImage.src = '<?php
echo sp_paint_file_icon(SPFIMAGES, 'sp_Wait.png');
?>
';
successImage = new Image(32,32);
successImage.src = '<?php
echo sp_paint_file_icon(SPFIMAGES, 'sp_Success.png');
?>
';
failureImage = new Image(32,32);
failureImage.src = '<?php
echo sp_paint_file_icon(SPFIMAGES, 'sp_Failure.png');
?>
';
<?php
# check if this is a redirect from a failed save
if ($spVars['pageview'] == 'topic' || $spVars['pageview'] == 'forum') {
?>
if (jspf('#spPostNotifications').html() != null) {
if (jspf('#spPostNotifications').html() != '') {
jspf('#spPostNotifications').show();
spjOpenEditor('spPostForm', 'post');
}
}
<?php
}
# turn on auto update of required
$sfauto = array();
$sfauto = sp_get_option('sfauto');
if ($sfauto['sfautoupdate']) {
$timer = $sfauto['sfautotime'] * 1000;
$autoup = $spGlobals['autoupdate'];
$arg = '';
foreach ($autoup as $up) {
$list = implode($up, ',');
$list = str_replace('sp_ahah=', site_url() . '/index.php?sp_ahah=', $list);
$list .= '&sfnonce=' . wp_create_nonce('forum-ahah');
if ($arg != '') {
$arg .= '%';
}
$arg .= $list;
}
?>
spjAutoUpdate("<?php
echo $arg;
?>
", "<?php
echo $timer;
?>
");
<?php
}
# fix for Bootstrap stealing button object from jQuery UI
?>
try {
var btn = jspf.fn.button.noConflict() // reverts $.fn.button to jqueryui btn
jspf.fn.btn = btn // assigns bootstrap button functionality to $.fn.btn
} catch (e) { }
<?php
# Show message if leaving page during edit
if ($spVars['pageview'] == 'topic' || $spVars['pageview'] == 'forum') {
?>
var showConfirm = false;
var edContent = '';
window.onbeforeunload = confirmExit;
<?php
if ($spGlobals['editor'] != 1) {
?>
jspf('#postitem').keyup(function() {
showConfirm = true;
});
<?php
}
?>
function confirmExit() {
if(sp_platform_vars.saveprocess == 0 && jspf('#spPostForm').css('display') == 'block') {
<?php
if ($spGlobals['editor'] == 1) {
?>
edContent = tinymce.activeEditor.getContent();
<?php
}
?>
if(showConfirm || edContent != '') {
return '<?php
sp_etext('You have entered text into the post editor which may be lost');
?>
';
}
}
}
<?php
}
?>
});
</script>
<?php
do_action('sph_footer_end');
}
function sp_rpx_process_token()
{
$sfrpx = sp_get_option('sfrpx');
if (empty($_REQUEST['rpx_response']) || empty($_REQUEST['token'])) {
return;
}
$post_data = array('token' => $_REQUEST['token'], 'apiKey' => $sfrpx['sfrpxkey'], 'format' => 'json');
$raw_response = sp_rpx_http_post('https://rpxnow.com/api/v2/auth_info', $post_data);
# parse the json or xml response into an associative array
$auth_info = sp_rpx_parse_auth_info($raw_response);
# process the auth_info response
if ($auth_info['stat'] == 'ok') {
sp_rpx_process_auth_info($auth_info);
} else {
sp_etext('An error occured');
}
}
$Rev: 10210 $
*/
if (preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) {
die('Access denied - you cannot directly call this file');
}
sp_forum_api_support();
sp_load_editor(0, 1);
global $s0ThisUser;
$postid = sp_esc_int($_GET['post']);
$forumid = sp_esc_int($_GET['forumid']);
if (empty($forumid) || empty($postid)) {
die;
}
if (!sp_get_auth('reply_topics', $forumid)) {
if (!is_user_logged_in()) {
sp_etext('Access denied - are you logged in?');
} else {
sp_etext('Access denied - you do not have permission');
}
die;
}
$post = spdb_table(SFPOSTS, "post_id={$postid}", 'row');
if (!sp_get_auth('view_admin_posts', $forumid) && sp_is_forum_admin($post->user_id)) {
die;
}
if (sp_get_auth('view_own_admin_posts', $forumid) && !sp_is_forum_admin($post->user_id) && !sp_is_forum_mod($post->user_id) && $spThisUser->ID != $post->user_id) {
die;
}
$content = sp_filter_content_edit($post->post_content);
echo $content;
die;
function validatePermission()
{
global $spGlobals;
$this->abort = false;
$this->newpost['action'] = $this->action;
# If the forum is not set then this may be a back door approach
if (!$this->newpost['forumid'] || empty($this->newpost['forumslug'])) {
$this->abort = true;
$this->message = sp_etext('Forum not set - Unable to create post');
return;
}
# If this is a new post check topic id and slug is set
if ($this->action == 'post') {
if (!$this->newpost['topicid'] || empty($this->newpost['topicslug'])) {
$this->abort = true;
$this->message = sp_etext('Topic not set - Unable to create post');
return;
}
}
# Check that current user is actually allowed to do this
$starter = spdb_table(SFTOPICS, 'topic_id=' . $this->newpost['topicid'], 'user_id');
if ($this->action == 'topic' && !sp_get_auth('start_topics', $this->newpost['forumid'], $this->userid) || $this->action == 'post' && sp_get_auth('reply_own_topics', $this->newpost['forumid'], $this->userid) && $starter != $this->userid || $this->action == 'post' && !sp_get_auth('reply_topics', $this->newpost['forumid'], $this->userid)) {
$this->abort = true;
$this->message = sp_etext('Access denied - you do not have permission');
return;
}
# If forum or system locked then refuse post unless admin
if ($this->admin == false) {
if ($spGlobals['lockdown'] ? $slock = true : ($slock = false)) {
}
if ($slock == false) {
if (spdb_table(SFFORUMS, 'forum_id=' . $this->newpost['forumid'], 'forum_status') ? $flock = true : ($flock = false)) {
}
}
if ($slock || $flock) {
$this->abort = true;
$this->message = sp_etext('This forum is currently locked - access is read only');
return;
}
}
# Good so far so set up new url to return to if save fails later
if ($this->action == 'topic') {
$this->returnURL = sp_build_url($this->newpost['forumslug'], '', 0, 0);
$this->newpost['started_by'] = $starter;
} else {
$postid = spdb_table(SFTOPICS, 'topic_id = ' . $this->newpost['topicid'], 'post_id');
$this->returnURL = sp_build_url($this->newpost['forumslug'], $this->newpost['topicslug'], 0, $postid);
$this->newpost['started_by'] = $this->userid;
}
$this->newpost = apply_filters('sph_post_permissions_validation', $this->newpost);
}
