// Check if the user is viewing signatures.
$show_sigs = session::get_value('VIEW_SIGS') == 'N' ? false : true;
// Form validation
$valid = true;
// Submit code.
if (isset($_POST['msg']) && validate_msg($_POST['msg'])) {
$msg = $_POST['msg'];
list($tid, $pid) = explode(".", $msg);
if (!($t_fid = thread_get_folder($tid, $pid))) {
html_draw_error(gettext("The requested thread could not be found or access was denied."));
}
} else {
if (isset($_GET['msg']) && validate_msg($_GET['msg'])) {
$msg = $_GET['msg'];
list($tid, $pid) = explode(".", $msg);
if (!($t_fid = thread_get_folder($tid, $pid))) {
html_draw_error(gettext("The requested thread could not be found or access was denied."));
}
} else {
html_draw_error(gettext("No message specified for deletion"));
}
}
if (isset($_POST['cancel'])) {
header_redirect("discussion.php?webtag={$webtag}&msg={$msg}");
exit;
}
if (session::check_perm(USER_PERM_EMAIL_CONFIRM, 0)) {
html_email_confirmation_error();
exit;
}
if (!session::check_perm(USER_PERM_POST_EDIT | USER_PERM_POST_READ, $t_fid)) {
$message_content = message_apply_formatting($message_content, true);
$message_link = "messages.php?webtag={$webtag}&msg={$reply_to_tid}.{$quote_pid}";
$t_content_array[] = sprintf('<div class="quotetext"><b>%s:</b> <a href="%s">%s</a></div>
<div class="quote">%s</div>', gettext('quote'), $message_link, $message_author, fix_html($message_content));
}
}
if (sizeof($t_content_array) > 0) {
$t_content = implode('', $t_content_array);
}
}
$new_thread = false;
} else {
if (isset($_POST['t_tid']) && isset($_POST['t_rpid'])) {
$reply_to_tid = is_numeric($_POST['t_tid']) ? $_POST['t_tid'] : 0;
$reply_to_pid = is_numeric($_POST['t_rpid']) ? $_POST['t_rpid'] : 0;
if (!($t_fid = thread_get_folder($reply_to_tid, $reply_to_pid))) {
html_draw_error(gettext("The requested thread could not be found or access was denied."));
}
if (session::check_perm(USER_PERM_EMAIL_CONFIRM, 0)) {
html_email_confirmation_error();
exit;
}
if (!session::check_perm(USER_PERM_POST_CREATE, $t_fid)) {
html_draw_error(gettext("You cannot reply to posts in this folder"));
}
if (attachments_get_count($aid) > 0 && !session::check_perm(USER_PERM_POST_ATTACHMENTS | USER_PERM_POST_READ, $t_fid)) {
$error_msg_array[] = gettext("You cannot post attachments in this folder. Remove attachments to continue.");
$valid = false;
}
$new_thread = false;
} else {
function poll_close($tid)
{
if (!($db = db::get())) {
return false;
}
if (!is_numeric($tid)) {
return false;
}
if (!($table_prefix = get_table_prefix())) {
return false;
}
$sql = "SELECT FROM_UID FROM `{$table_prefix}POST` WHERE TID = '{$tid}' AND PID = 1";
if (!($result = $db->query($sql))) {
return false;
}
if (($t_fid = thread_get_folder($tid, 1)) && $result->num_rows > 0) {
$poll_data = $result->fetch_assoc();
if (session::get_value('UID') == $poll_data['FROM_UID'] || session::check_perm(USER_PERM_FOLDER_MODERATE, $t_fid)) {
$closes_datetime = date(MYSQL_DATETIME_MIDNIGHT, time());
$sql = "UPDATE LOW_PRIORITY `{$table_prefix}POLL` SET ";
$sql .= "CLOSES = CAST('{$closes_datetime}' AS DATETIME) ";
$sql .= "WHERE TID = '{$tid}'";
if (!$db->query($sql)) {
return false;
}
}
}
return true;
}
html_guest_error();
}
// Check that required variables are set
if (isset($_GET['msg']) && validate_msg($_GET['msg'])) {
$msg = $_GET['msg'];
list($tid, $pid) = explode(".", $_GET['msg']);
} else {
if (isset($_POST['msg']) && validate_msg($_POST['msg'])) {
$msg = $_POST['msg'];
list($tid, $pid) = explode(".", $_POST['msg']);
} else {
html_draw_error(gettext("The requested thread could not be found or access was denied."));
}
}
// Get the folder ID for the current message
if (!($fid = thread_get_folder($tid))) {
html_draw_error(gettext("The requested thread could not be found or access was denied."));
}
// UID of the current user.
$uid = session::get_value('UID');
// Get the existing thread data.
if (!($thread_data = thread_get($tid, true))) {
html_draw_error(gettext("The requested thread could not be found or access was denied."));
}
// Array to hold error messages
$error_msg_array = array();
// Array of valid thread deletion types
$thread_delete_valid_types = array(THREAD_DELETE_PERMENANT, THREAD_DELETE_NON_PERMENANT);
// Back button clicked.
if (isset($_POST['back'])) {
header_redirect("messages.php?webtag={$webtag}&msg={$msg}");
} else {
if (isset($_POST['post_vote_down_x']) || isset($_POST['post_vote_up_x'])) {
$post_rating = isset($_POST['post_vote_down_x']) ? -1 : 1;
post_set_user_rating($tid, $pid, $_SESSION['UID'], $post_rating);
header_redirect("messages.php?webtag={$webtag}&msg={$msg}");
}
}
}
// Number of posts per page
if (isset($_SESSION['POSTS_PER_PAGE']) && is_numeric($_SESSION['POSTS_PER_PAGE'])) {
$posts_per_page = max(min($_SESSION['POSTS_PER_PAGE'], 30), 10);
} else {
$posts_per_page = 20;
}
$high_interest = isset($_SESSION['MARK_AS_OF_INT']) && $_SESSION['MARK_AS_OF_INT'] == 'Y' ? 'Y' : 'N';
if (!($folder_data = thread_get_folder($tid))) {
html_draw_error(gettext("The requested folder could not be found or access was denied."));
}
$perm_folder_moderate = session::check_perm(USER_PERM_FOLDER_MODERATE, $folder_data['FID']);
if (!($thread_data = thread_get($tid, $perm_folder_moderate, false, $perm_folder_moderate))) {
html_draw_error(gettext("The requested thread could not be found or access was denied."));
}
if (!($messages = messages_get($tid, $pid, $posts_per_page))) {
html_draw_error(gettext("That post does not exist in this thread!"));
}
html_draw_top(array('title' => $thread_data['TITLE'], 'class' => 'window_title', 'js' => array('js/post.js', 'js/poll.js', 'js/messages.js', 'ckeditor/ckeditor.js'), 'base_target' => '_blank'));
if (isset($thread_data['STICKY']) && isset($thread_data['STICKY_UNTIL'])) {
if ($thread_data['STICKY'] == "Y" && $thread_data['STICKY_UNTIL'] != 0 && time() > $thread_data['STICKY_UNTIL']) {
thread_set_sticky($tid, false);
$thread_data['STICKY'] = "N";
}
function thread_get_folder_fid($tid)
{
if (!($folder_data = thread_get_folder($tid, false))) {
return false;
}
return $folder_data['FID'];
}
require_once BH_INCLUDE_PATH . 'constants.inc.php';
require_once BH_INCLUDE_PATH . 'folder.inc.php';
require_once BH_INCLUDE_PATH . 'form.inc.php';
require_once BH_INCLUDE_PATH . 'format.inc.php';
require_once BH_INCLUDE_PATH . 'header.inc.php';
require_once BH_INCLUDE_PATH . 'html.inc.php';
require_once BH_INCLUDE_PATH . 'lang.inc.php';
require_once BH_INCLUDE_PATH . 'logon.inc.php';
require_once BH_INCLUDE_PATH . 'messages.inc.php';
require_once BH_INCLUDE_PATH . 'poll.inc.php';
require_once BH_INCLUDE_PATH . 'session.inc.php';
require_once BH_INCLUDE_PATH . 'thread.inc.php';
require_once BH_INCLUDE_PATH . 'word_filter.inc.php';
if (isset($_GET['tid']) && is_numeric($_GET['tid'])) {
$tid = $_GET['tid'];
if (!($t_fid = thread_get_folder($tid, 1))) {
html_draw_error(gettext("The requested thread could not be found or access was denied."));
}
} else {
html_draw_error(gettext("You must specify a poll to view."));
}
if (!($thread_data = thread_get($tid, session::check_perm(USER_PERM_ADMIN_TOOLS, 0)))) {
html_draw_error(gettext("The requested thread could not be found or access was denied."));
}
if (!($folder_data = folder_get($thread_data['FID']))) {
html_draw_error(gettext("The requested folder could not be found or access was denied."));
}
if (!($poll_data = poll_get($tid))) {
html_draw_error(gettext("The requested thread could not be found or access was denied."));
}
$show_sigs = session::get_value('VIEW_SIGS') == 'N' ? false : true;
