function topic_review($topic_id, $is_inline_review)
{
global $db, $board_config, $template, $lang, $images, $theme, $phpEx, $phpbb_root_path;
global $userdata, $user_ip;
global $orig_word, $replacement_word;
global $starttime;
if (!$is_inline_review) {
if (!isset($topic_id) || !$topic_id) {
message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
}
//
// Get topic info ...
//
$sql = "SELECT t.topic_title, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments \n\t\t\tFROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f \n\t\t\tWHERE t.topic_id = {$topic_id}\n\t\t\t\tAND f.forum_id = t.forum_id";
$tmp = '';
attach_setup_viewtopic_auth($tmp, $sql);
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not obtain topic information', '', __LINE__, __FILE__, $sql);
}
if (!($forum_row = $db->sql_fetchrow($result))) {
message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
}
$db->sql_freeresult($result);
$forum_id = $forum_row['forum_id'];
$topic_title = $forum_row['topic_title'];
//
// Start session management
//
$userdata = session_pagestart($user_ip, $forum_id);
init_userprefs($userdata);
//
// End session management
//
$is_auth = array();
$is_auth = auth(AUTH_ALL, $forum_id, $userdata, $forum_row);
if (!$is_auth['auth_read']) {
message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_auth_read'], $is_auth['auth_read_type']));
}
}
//
// Define censored word matches
//
if (empty($orig_word) && empty($replacement_word)) {
$orig_word = array();
$replacement_word = array();
obtain_word_list($orig_word, $replacement_word);
}
//
// Dump out the page header and load viewtopic body template
//
if (!$is_inline_review) {
$gen_simple_header = TRUE;
$page_title = $lang['Topic_review'] . ' - ' . $topic_title;
include $phpbb_root_path . 'includes/page_header.' . $phpEx;
$template->set_filenames(array('reviewbody' => 'posting_topic_review.tpl'));
}
//
// Go ahead and pull all data for this topic
//
$sql = "SELECT u.username, u.user_id, p.*, pt.post_text, pt.post_subject, pt.bbcode_uid\n\t\tFROM " . POSTS_TABLE . " p, " . USERS_TABLE . " u, " . POSTS_TEXT_TABLE . " pt\n\t\tWHERE p.topic_id = {$topic_id}\n\t\t\tAND p.poster_id = u.user_id\n\t\t\tAND p.post_id = pt.post_id\n\t\tORDER BY p.post_time DESC\n\t\tLIMIT " . $board_config['posts_per_page'];
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not obtain post/user information', '', __LINE__, __FILE__, $sql);
}
init_display_review_attachments($is_auth);
//
// Okay, let's do the loop, yeah come on baby let's do the loop
// and it goes like this ...
//
if ($row = $db->sql_fetchrow($result)) {
$mini_post_img = $images['icon_minipost'];
$mini_post_alt = $lang['Post'];
$i = 0;
do {
$poster_id = $row['user_id'];
$poster = $row['username'];
$post_date = create_date($board_config['default_dateformat'], $row['post_time'], $board_config['board_timezone']);
//
// Handle anon users posting with usernames
//
if ($poster_id == ANONYMOUS && $row['post_username'] != '') {
$poster = $row['post_username'];
$poster_rank = $lang['Guest'];
} elseif ($poster_id == ANONYMOUS) {
$poster = $lang['Guest'];
$poster_rank = '';
}
$post_subject = $row['post_subject'] != '' ? $row['post_subject'] : '';
include_once $phpbb_root_path . 'includes/functions_hide.' . $phpEx;
$message = strip_hidden_contents($row, $hiding_info);
$bbcode_uid = $row['bbcode_uid'];
//
// If the board has HTML off but the post has HTML
// on then we process it, else leave it alone
//
if (!$board_config['allow_html'] && $row['enable_html']) {
$message = preg_replace('#(<)([\\/]?.*?)(>)#is', '<\\2>', $message);
}
if ($bbcode_uid != "") {
$message = $board_config['allow_bbcode'] ? bbencode_second_pass($message, $bbcode_uid) : preg_replace('/\\:[0-9a-z\\:]+\\]/si', ']', $message);
}
$message = make_clickable($message);
if (count($orig_word)) {
$post_subject = preg_replace($orig_word, $replacement_word, $post_subject);
$message = preg_replace($orig_word, $replacement_word, $message);
}
if ($board_config['allow_smilies'] && $row['enable_smilies']) {
$message = smilies_pass($message);
}
$message = str_replace("\n", '<br />', $message);
//
// Again this will be handled by the templating
// code at some point
//
$row_color = !($i % 2) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = !($i % 2) ? $theme['td_class1'] : $theme['td_class2'];
$info_box = get_hiding_info_box($hiding_info, true);
$template->assign_block_vars('postrow', array('ROW_COLOR' => '#' . $row_color, 'ROW_CLASS' => $row_class, 'MINI_POST_IMG' => $mini_post_img, 'POSTER_NAME' => $poster, 'POST_DATE' => $post_date, 'POST_SUBJECT' => $post_subject, 'MESSAGE' => $message, 'HIDING_INFO_BOX' => $info_box, 'L_MINI_POST_ALT' => $mini_post_alt));
if ($hiding_info['show_attachment']) {
display_review_attachments($row['post_id'], $row['post_attachment'], $is_auth);
}
$i++;
} while ($row = $db->sql_fetchrow($result));
} else {
message_die(GENERAL_MESSAGE, 'Topic_post_not_exist', '', __LINE__, __FILE__, $sql);
}
$db->sql_freeresult($result);
$template->assign_vars(array('L_AUTHOR' => $lang['Author'], 'L_MESSAGE' => $lang['Message'], 'L_POSTED' => $lang['Posted'], 'L_POST_SUBJECT' => $lang['Post_subject'], 'L_TOPIC_REVIEW' => $lang['Topic_review']));
if (!$is_inline_review) {
$template->pparse('reviewbody');
include $phpbb_root_path . 'includes/page_tail.' . $phpEx;
}
}
$y_card_img = '';
$r_card_img = '';
}
if ($is_auth['auth_bluecard']) {
if ($is_auth['auth_mod']) {
$b_card_img = $postrow[$i]['post_bluecard'] ? ' <input type="image" name="report_reset" value="report_reset" onClick="return confirm(\'' . $lang['Clear_blue_card_warning'] . '\')" src="' . $images['icon_bhot_card'] . '" alt="' . sprintf($lang['Clear_b_card'], $postrow[$i]['post_bluecard']) . '">' : ' <input type="image" name="report" value="report" onClick="return confirm(\'' . $lang['Blue_card_warning'] . '\')" src="' . $images['icon_b_card'] . '" alt="' . $lang['Give_b_card'] . '" >';
} else {
$b_card_img = ' <input type="image" name="report" value="report" onClick="return confirm(\'' . $lang['Blue_card_warning'] . '\')" src="' . $images['icon_b_card'] . '" alt="' . $lang['Give_b_card'] . '" >';
}
} else {
$b_card_img = '';
}
// parse hidden filds if cards visible
$card_hidden = $g_card_img || $r_card_img || $y_card_img || $b_card_img ? '<input type="hidden" name="post_id" value="' . $postrow[$i]['post_id'] . '">' : '';
$post_subject = $postrow[$i]['post_subject'] != '' ? $postrow[$i]['post_subject'] : '';
$message = strip_hidden_contents($postrow[$i], $hiding_info);
$bbcode_uid = $postrow[$i]['bbcode_uid'];
$user_sig = $postrow[$i]['enable_sig'] && $postrow[$i]['user_sig'] != '' && $board_config['allow_sig'] ? $postrow[$i]['user_sig'] : '';
$user_sig_bbcode_uid = $postrow[$i]['user_sig_bbcode_uid'];
//
// Note! The order used for parsing the message _is_ important, moving things around could break any
// output
//
//
// If the board has HTML off but the post has HTML
// on then we process it, else leave it alone
//
if (!$board_config['allow_html'] || !$userdata['user_allowhtml']) {
if ($user_sig != '') {
$user_sig = preg_replace('#(<)([\\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
$highlight_match[] = '#\\b(' . str_replace("*", "([\\w]+)?", $replace_synonym) . ')\\b#is';
$highlight_active .= ' ' . $match_synonym;
}
}
}
}
$highlight_active = urlencode(trim($highlight_active));
$tracking_topics = isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) : array();
$tracking_forums = isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) : array();
include $phpbb_root_path . 'includes/functions_hide.' . $phpEx;
for ($i = 0; $i < count($searchset); $i++) {
$forum_url = append_sid("viewforum.{$phpEx}?" . POST_FORUM_URL . '=' . $searchset[$i]['forum_id']);
$topic_url = append_sid("viewtopic.{$phpEx}?" . POST_TOPIC_URL . '=' . $searchset[$i]['topic_id'] . "&highlight={$highlight_active}");
$post_url = append_sid("viewtopic.{$phpEx}?" . POST_POST_URL . '=' . $searchset[$i]['post_id'] . "&highlight={$highlight_active}") . '#' . $searchset[$i]['post_id'];
$post_date = create_date($board_config['default_dateformat'], $searchset[$i]['post_time'], $board_config['board_timezone']);
$message = strip_hidden_contents($searchset[$i], $hiding_info);
$topic_title = $searchset[$i]['topic_title'];
$forum_id = $searchset[$i]['forum_id'];
$topic_id = $searchset[$i]['topic_id'];
if ($show_results == 'posts') {
if (isset($return_chars)) {
$bbcode_uid = $searchset[$i]['bbcode_uid'];
//
// If the board has HTML off but the post has HTML
// on then we process it, else leave it alone
//
if ($return_chars != -1) {
$message = strip_tags($message);
$message = preg_replace("/\\[.*?:{$bbcode_uid}:?.*?\\]/si", '', $message);
$message = preg_replace('/\\[url\\]|\\[\\/url\\]/si', '', $message);
$message = strlen($message) > $return_chars ? substr($message, 0, $return_chars) . ' ...' : $message;
