function CopyTopic2()
{
global $txt, $board, $topic, $scripturl, $sourcedir, $modSettings, $context;
global $boards, $language, $user_info, $smcFunc;
// Make sure this form hasn't been submitted before.
checkSubmitOnce('check');
// Permission check!
isAllowedTo('copy');
// Check Session
checkSession();
// The destination board must be numeric.
$_POST['toboard'] = (int) $_POST['toboard'];
if (empty($_POST['toboard'])) {
fatal_lang_error('no_board');
}
// Destination board exists
$request = $smcFunc['db_query']('', '
SELECT count_posts
FROM {db_prefix}boards
WHERE id_board = {int:toboard}
LIMIT 1', array('toboard' => $_POST['toboard']));
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('no_board');
}
list($count_posts) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
// Strangely 0 = true, 1 = false
$count_posts = empty($count_posts) ? 1 : 0;
// Can the user see that board
$request = $smcFunc['db_query']('', '
SELECT count(*)
FROM {db_prefix}boards as b
WHERE b.id_board = {int:toboard}
AND {query_see_board}
LIMIT 1', array('toboard' => $_POST['toboard']));
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('copytopic_notallowed');
}
// Remember this for later.
$_SESSION['copy_to_topic'] = $_POST['toboard'];
$topic = (int) $topic;
// THE ACTUAL COPYING FUNCTION
CopyTopics($topic, $_POST['toboard'], $count_posts);
// Log that they copied this topic.
if (!allowedTo('copy')) {
logAction('copy', array('topic' => $topic, 'board_from' => $board, 'board_to' => $_POST['toboard']));
}
// Why not go back to the original board in case they want to keep moving?
if (!isset($_REQUEST['goback'])) {
redirectexit('board=' . $board . '.0');
} else {
redirectexit('topic=' . $topic . '.0');
}
}
function CopyTopic2()
{
global $txt, $board, $topic, $scripturl, $sourcedir, $modSettings, $context;
global $db_prefix, $ID_MEMBER, $boards, $language, $user_info, $func;
// Make sure this form hasn't been submitted before.
checkSubmitOnce('check');
// Permission check!
isAllowedTo('copy');
// Check Session
checkSession();
// The destination board must be numeric.
$_POST['toboard'] = (int) $_POST['toboard'];
if (empty($_POST['toboard'])) {
fatal_lang_error('smf232');
}
// Destination board exists
$request = db_query("\n\t\tSELECT countPosts\n\t\tFROM {$db_prefix}boards\n\t\tWHERE ID_BOARD = {$_POST['toboard']}\n\t\tLIMIT 1", __FILE__, __LINE__);
if (mysql_num_rows($request) == 0) {
fatal_lang_error('smf232');
}
list($countPosts) = mysql_fetch_row($request);
mysql_free_result($request);
// Strangely 0 = true, 1 = false
$countPosts = empty($countPosts) ? 1 : 0;
// Can the user see that board
$request = db_query("\n\t\tSELECT count(*)\n\t\tFROM {$db_prefix}boards as b\n\t\tWHERE b.ID_BOARD = {$_POST['toboard']}\n\t\t\tAND {$user_info['query_see_board']}\n\t\tLIMIT 1", __FILE__, __LINE__);
if (mysql_num_rows($request) == 0) {
fatal_lang_error('copytopic_notallowed');
}
// Remember this for later.
$_SESSION['copy_to_topic'] = $_POST['toboard'];
$topic = (int) $topic;
// THE ACTUAL COPYING FUNCTION
CopyTopics($topic, $_POST['toboard'], $countPosts);
// Log that they copied this topic.
if (!allowedTo('copy')) {
logAction('copy', array('topic' => $topic, 'board_from' => $board, 'board_to' => $_POST['toboard']));
}
// Why not go back to the original board in case they want to keep moving?
if (!isset($_REQUEST['goback'])) {
redirectexit('board=' . $board . '.0');
} else {
redirectexit('topic=' . $topic . '.0');
}
}
/**
* Send a personal message.
*/
public function action_send2()
{
global $txt, $context, $user_info, $modSettings;
// All the helpers we need
require_once SUBSDIR . '/Auth.subs.php';
require_once SUBSDIR . '/Post.subs.php';
// PM Drafts enabled and needed?
if ($context['drafts_pm_save'] && (isset($_POST['save_draft']) || isset($_POST['id_pm_draft']))) {
require_once SUBSDIR . '/Drafts.subs.php';
}
loadLanguage('PersonalMessage', '', false);
// Extract out the spam settings - it saves database space!
list($modSettings['max_pm_recipients'], $modSettings['pm_posts_verification'], $modSettings['pm_posts_per_hour']) = explode(',', $modSettings['pm_spam_settings']);
// Initialize the errors we're about to make.
$post_errors = Error_Context::context('pm', 1);
// Check whether we've gone over the limit of messages we can send per hour - fatal error if fails!
if (!empty($modSettings['pm_posts_per_hour']) && !allowedTo(array('admin_forum', 'moderate_forum', 'send_mail')) && $user_info['mod_cache']['bq'] == '0=1' && $user_info['mod_cache']['gq'] == '0=1') {
// How many have they sent this last hour?
$pmCount = pmCount($user_info['id'], 3600);
if (!empty($pmCount) && $pmCount >= $modSettings['pm_posts_per_hour']) {
if (!isset($_REQUEST['xml'])) {
fatal_lang_error('pm_too_many_per_hour', true, array($modSettings['pm_posts_per_hour']));
} else {
$post_errors->addError('pm_too_many_per_hour');
}
}
}
// If your session timed out, show an error, but do allow to re-submit.
if (!isset($_REQUEST['xml']) && checkSession('post', '', false) != '') {
$post_errors->addError('session_timeout');
}
$_REQUEST['subject'] = isset($_REQUEST['subject']) ? strtr(Util::htmltrim($_POST['subject']), array("\r" => '', "\n" => '', "\t" => '')) : '';
$_REQUEST['to'] = empty($_POST['to']) ? empty($_GET['to']) ? '' : $_GET['to'] : $_POST['to'];
$_REQUEST['bcc'] = empty($_POST['bcc']) ? empty($_GET['bcc']) ? '' : $_GET['bcc'] : $_POST['bcc'];
// Route the input from the 'u' parameter to the 'to'-list.
if (!empty($_POST['u'])) {
$_POST['recipient_to'] = explode(',', $_POST['u']);
}
// Construct the list of recipients.
$recipientList = array();
$namedRecipientList = array();
$namesNotFound = array();
foreach (array('to', 'bcc') as $recipientType) {
// First, let's see if there's user ID's given.
$recipientList[$recipientType] = array();
if (!empty($_POST['recipient_' . $recipientType]) && is_array($_POST['recipient_' . $recipientType])) {
foreach ($_POST['recipient_' . $recipientType] as $recipient) {
$recipientList[$recipientType][] = (int) $recipient;
}
}
// Are there also literal names set?
if (!empty($_REQUEST[$recipientType])) {
// We're going to take out the "s anyway ;).
$recipientString = strtr($_REQUEST[$recipientType], array('\\"' => '"'));
preg_match_all('~"([^"]+)"~', $recipientString, $matches);
$namedRecipientList[$recipientType] = array_unique(array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $recipientString))));
// Clean any literal names entered
foreach ($namedRecipientList[$recipientType] as $index => $recipient) {
if (strlen(trim($recipient)) > 0) {
$namedRecipientList[$recipientType][$index] = Util::htmlspecialchars(Util::strtolower(trim($recipient)));
} else {
unset($namedRecipientList[$recipientType][$index]);
}
}
// Now see if we can resolove the entered name to an actual user
if (!empty($namedRecipientList[$recipientType])) {
$foundMembers = findMembers($namedRecipientList[$recipientType]);
// Assume all are not found, until proven otherwise.
$namesNotFound[$recipientType] = $namedRecipientList[$recipientType];
// Make sure we only have each member listed once, incase they did not use the select list
foreach ($foundMembers as $member) {
$testNames = array(Util::strtolower($member['username']), Util::strtolower($member['name']), Util::strtolower($member['email']));
if (count(array_intersect($testNames, $namedRecipientList[$recipientType])) !== 0) {
$recipientList[$recipientType][] = $member['id'];
// Get rid of this username, since we found it.
$namesNotFound[$recipientType] = array_diff($namesNotFound[$recipientType], $testNames);
}
}
}
}
// Selected a recipient to be deleted? Remove them now.
if (!empty($_POST['delete_recipient'])) {
$recipientList[$recipientType] = array_diff($recipientList[$recipientType], array((int) $_POST['delete_recipient']));
}
// Make sure we don't include the same name twice
$recipientList[$recipientType] = array_unique($recipientList[$recipientType]);
}
// Are we changing the recipients some how?
$is_recipient_change = !empty($_POST['delete_recipient']) || !empty($_POST['to_submit']) || !empty($_POST['bcc_submit']);
// Check if there's at least one recipient.
if (empty($recipientList['to']) && empty($recipientList['bcc'])) {
$post_errors->addError('no_to');
}
// Make sure that we remove the members who did get it from the screen.
if (!$is_recipient_change) {
foreach (array_keys($recipientList) as $recipientType) {
if (!empty($namesNotFound[$recipientType])) {
$post_errors->addError('bad_' . $recipientType);
// Since we already have a post error, remove the previous one.
$post_errors->removeError('no_to');
foreach ($namesNotFound[$recipientType] as $name) {
$context['send_log']['failed'][] = sprintf($txt['pm_error_user_not_found'], $name);
}
}
}
}
// Did they make any mistakes like no subject or message?
if ($_REQUEST['subject'] == '') {
$post_errors->addError('no_subject');
}
if (!isset($_REQUEST['message']) || $_REQUEST['message'] == '') {
$post_errors->addError('no_message');
} elseif (!empty($modSettings['max_messageLength']) && Util::strlen($_REQUEST['message']) > $modSettings['max_messageLength']) {
$post_errors->addError('long_message');
} else {
// Preparse the message.
$message = $_REQUEST['message'];
preparsecode($message);
// Make sure there's still some content left without the tags.
if (Util::htmltrim(strip_tags(parse_bbc(Util::htmlspecialchars($message, ENT_QUOTES), false), '<img>')) === '' && (!allowedTo('admin_forum') || strpos($message, '[html]') === false)) {
$post_errors->addError('no_message');
}
}
// Wrong verification code?
if (!$user_info['is_admin'] && !isset($_REQUEST['xml']) && !empty($modSettings['pm_posts_verification']) && $user_info['posts'] < $modSettings['pm_posts_verification']) {
require_once SUBSDIR . '/VerificationControls.class.php';
$verificationOptions = array('id' => 'pm');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
foreach ($context['require_verification'] as $error) {
$post_errors->addError($error);
}
}
}
// If they made any errors, give them a chance to make amends.
if ($post_errors->hasErrors() && !$is_recipient_change && !isset($_REQUEST['preview']) && !isset($_REQUEST['xml'])) {
return messagePostError($namedRecipientList, $recipientList);
}
// Want to take a second glance before you send?
if (isset($_REQUEST['preview'])) {
// Set everything up to be displayed.
$context['preview_subject'] = Util::htmlspecialchars($_REQUEST['subject']);
$context['preview_message'] = Util::htmlspecialchars($_REQUEST['message'], ENT_QUOTES, 'UTF-8', true);
preparsecode($context['preview_message'], true);
// Parse out the BBC if it is enabled.
$context['preview_message'] = parse_bbc($context['preview_message']);
// Censor, as always.
censorText($context['preview_subject']);
censorText($context['preview_message']);
// Set a descriptive title.
$context['page_title'] = $txt['preview'] . ' - ' . $context['preview_subject'];
// Pretend they messed up but don't ignore if they really did :P.
return messagePostError($namedRecipientList, $recipientList);
} elseif ($is_recipient_change) {
// Maybe we couldn't find one?
foreach ($namesNotFound as $recipientType => $names) {
$post_errors->addError('bad_' . $recipientType);
foreach ($names as $name) {
$context['send_log']['failed'][] = sprintf($txt['pm_error_user_not_found'], $name);
}
}
return messagePostError($namedRecipientList, $recipientList);
}
// Want to save this as a draft and think about it some more?
if ($context['drafts_pm_save'] && isset($_POST['save_draft'])) {
savePMDraft($recipientList);
return messagePostError($namedRecipientList, $recipientList);
} elseif (!empty($modSettings['max_pm_recipients']) && count($recipientList['to']) + count($recipientList['bcc']) > $modSettings['max_pm_recipients'] && !allowedTo(array('moderate_forum', 'send_mail', 'admin_forum'))) {
$context['send_log'] = array('sent' => array(), 'failed' => array(sprintf($txt['pm_too_many_recipients'], $modSettings['max_pm_recipients'])));
return messagePostError($namedRecipientList, $recipientList);
}
// Protect from message spamming.
spamProtection('pm');
// Prevent double submission of this form.
checkSubmitOnce('check');
// Finally do the actual sending of the PM.
if (!empty($recipientList['to']) || !empty($recipientList['bcc'])) {
$context['send_log'] = sendpm($recipientList, $_REQUEST['subject'], $_REQUEST['message'], true, null, !empty($_REQUEST['pm_head']) ? (int) $_REQUEST['pm_head'] : 0);
} else {
$context['send_log'] = array('sent' => array(), 'failed' => array());
}
// Mark the message as "replied to".
if (!empty($context['send_log']['sent']) && !empty($_REQUEST['replied_to']) && isset($_REQUEST['f']) && $_REQUEST['f'] == 'inbox') {
require_once SUBSDIR . '/PersonalMessage.subs.php';
setPMRepliedStatus($user_info['id'], (int) $_REQUEST['replied_to']);
}
// If one or more of the recipients were invalid, go back to the post screen with the failed usernames.
if (!empty($context['send_log']['failed'])) {
return messagePostError($namesNotFound, array('to' => array_intersect($recipientList['to'], $context['send_log']['failed']), 'bcc' => array_intersect($recipientList['bcc'], $context['send_log']['failed'])));
}
// Message sent successfully?
if (!empty($context['send_log']) && empty($context['send_log']['failed'])) {
$context['current_label_redirect'] = $context['current_label_redirect'] . ';done=sent';
// If we had a PM draft for this one, then its time to remove it since it was just sent
if ($context['drafts_pm_save'] && !empty($_POST['id_pm_draft'])) {
deleteDrafts($_POST['id_pm_draft'], $user_info['id']);
}
}
// Go back to the where they sent from, if possible...
redirectexit($context['current_label_redirect']);
}
/**
* Send it!
*/
function MessagePost2()
{
global $txt, $context, $sourcedir;
global $user_info, $modSettings, $scripturl, $smcFunc;
isAllowedTo('pm_send');
require_once $sourcedir . '/Subs-Auth.php';
loadLanguage('PersonalMessage', '', false);
// Extract out the spam settings - it saves database space!
list($modSettings['max_pm_recipients'], $modSettings['pm_posts_verification'], $modSettings['pm_posts_per_hour']) = explode(',', $modSettings['pm_spam_settings']);
// Initialize the errors we're about to make.
$post_errors = array();
// Check whether we've gone over the limit of messages we can send per hour - fatal error if fails!
if (!empty($modSettings['pm_posts_per_hour']) && !allowedTo(array('admin_forum', 'moderate_forum', 'send_mail')) && $user_info['mod_cache']['bq'] == '0=1' && $user_info['mod_cache']['gq'] == '0=1') {
// How many have they sent this last hour?
$request = $smcFunc['db_query']('', '
SELECT COUNT(pr.id_pm) AS post_count
FROM {db_prefix}personal_messages AS pm
INNER JOIN {db_prefix}pm_recipients AS pr ON (pr.id_pm = pm.id_pm)
WHERE pm.id_member_from = {int:current_member}
AND pm.msgtime > {int:msgtime}', array('current_member' => $user_info['id'], 'msgtime' => time() - 3600));
list($postCount) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
if (!empty($postCount) && $postCount >= $modSettings['pm_posts_per_hour']) {
if (!isset($_REQUEST['xml'])) {
fatal_lang_error('pm_too_many_per_hour', true, array($modSettings['pm_posts_per_hour']));
} else {
$post_errors[] = 'pm_too_many_per_hour';
}
}
}
// If your session timed out, show an error, but do allow to re-submit.
if (!isset($_REQUEST['xml']) && checkSession('post', '', false) != '') {
$post_errors[] = 'session_timeout';
}
$_REQUEST['subject'] = isset($_REQUEST['subject']) ? trim($_REQUEST['subject']) : '';
$_REQUEST['to'] = empty($_POST['to']) ? empty($_GET['to']) ? '' : $_GET['to'] : $_POST['to'];
$_REQUEST['bcc'] = empty($_POST['bcc']) ? empty($_GET['bcc']) ? '' : $_GET['bcc'] : $_POST['bcc'];
// Route the input from the 'u' parameter to the 'to'-list.
if (!empty($_POST['u'])) {
$_POST['recipient_to'] = explode(',', $_POST['u']);
}
// Construct the list of recipients.
$recipientList = array();
$namedRecipientList = array();
$namesNotFound = array();
foreach (array('to', 'bcc') as $recipientType) {
// First, let's see if there's user ID's given.
$recipientList[$recipientType] = array();
if (!empty($_POST['recipient_' . $recipientType]) && is_array($_POST['recipient_' . $recipientType])) {
foreach ($_POST['recipient_' . $recipientType] as $recipient) {
$recipientList[$recipientType][] = (int) $recipient;
}
}
// Are there also literal names set?
if (!empty($_REQUEST[$recipientType])) {
// We're going to take out the "s anyway ;).
$recipientString = strtr($_REQUEST[$recipientType], array('\\"' => '"'));
preg_match_all('~"([^"]+)"~', $recipientString, $matches);
$namedRecipientList[$recipientType] = array_unique(array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $recipientString))));
foreach ($namedRecipientList[$recipientType] as $index => $recipient) {
if (strlen(trim($recipient)) > 0) {
$namedRecipientList[$recipientType][$index] = $smcFunc['htmlspecialchars']($smcFunc['strtolower'](trim($recipient)));
} else {
unset($namedRecipientList[$recipientType][$index]);
}
}
if (!empty($namedRecipientList[$recipientType])) {
$foundMembers = findMembers($namedRecipientList[$recipientType]);
// Assume all are not found, until proven otherwise.
$namesNotFound[$recipientType] = $namedRecipientList[$recipientType];
foreach ($foundMembers as $member) {
$testNames = array($smcFunc['strtolower']($member['username']), $smcFunc['strtolower']($member['name']), $smcFunc['strtolower']($member['email']));
if (count(array_intersect($testNames, $namedRecipientList[$recipientType])) !== 0) {
$recipientList[$recipientType][] = $member['id'];
// Get rid of this username, since we found it.
$namesNotFound[$recipientType] = array_diff($namesNotFound[$recipientType], $testNames);
}
}
}
}
// Selected a recipient to be deleted? Remove them now.
if (!empty($_POST['delete_recipient'])) {
$recipientList[$recipientType] = array_diff($recipientList[$recipientType], array((int) $_POST['delete_recipient']));
}
// Make sure we don't include the same name twice
$recipientList[$recipientType] = array_unique($recipientList[$recipientType]);
}
// Are we changing the recipients some how?
$is_recipient_change = !empty($_POST['delete_recipient']) || !empty($_POST['to_submit']) || !empty($_POST['bcc_submit']);
// Check if there's at least one recipient.
if (empty($recipientList['to']) && empty($recipientList['bcc'])) {
$post_errors[] = 'no_to';
}
// Make sure that we remove the members who did get it from the screen.
if (!$is_recipient_change) {
foreach ($recipientList as $recipientType => $dummy) {
if (!empty($namesNotFound[$recipientType])) {
$post_errors[] = 'bad_' . $recipientType;
// Since we already have a post error, remove the previous one.
$post_errors = array_diff($post_errors, array('no_to'));
foreach ($namesNotFound[$recipientType] as $name) {
$context['send_log']['failed'][] = sprintf($txt['pm_error_user_not_found'], $name);
}
}
}
}
// Did they make any mistakes?
if ($_REQUEST['subject'] == '') {
$post_errors[] = 'no_subject';
}
if (!isset($_REQUEST['message']) || $_REQUEST['message'] == '') {
$post_errors[] = 'no_message';
} elseif (!empty($modSettings['max_messageLength']) && $smcFunc['strlen']($_REQUEST['message']) > $modSettings['max_messageLength']) {
$post_errors[] = 'long_message';
} else {
// Preparse the message.
$message = $_REQUEST['message'];
preparsecode($message);
// Make sure there's still some content left without the tags.
if ($smcFunc['htmltrim'](strip_tags(parse_bbc($smcFunc['htmlspecialchars']($message, ENT_QUOTES), false), '<img>')) === '' && (!allowedTo('admin_forum') || strpos($message, '[html]') === false)) {
$post_errors[] = 'no_message';
}
}
// Wrong verification code?
if (!$user_info['is_admin'] && !isset($_REQUEST['xml']) && !empty($modSettings['pm_posts_verification']) && $user_info['posts'] < $modSettings['pm_posts_verification']) {
require_once $sourcedir . '/Subs-Editor.php';
$verificationOptions = array('id' => 'pm');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
$post_errors = array_merge($post_errors, $context['require_verification']);
}
}
// If they did, give a chance to make ammends.
if (!empty($post_errors) && !$is_recipient_change && !isset($_REQUEST['preview']) && !isset($_REQUEST['xml'])) {
return messagePostError($post_errors, $namedRecipientList, $recipientList);
}
// Want to take a second glance before you send?
if (isset($_REQUEST['preview'])) {
// Set everything up to be displayed.
$context['preview_subject'] = $smcFunc['htmlspecialchars']($_REQUEST['subject']);
$context['preview_message'] = $smcFunc['htmlspecialchars']($_REQUEST['message'], ENT_QUOTES);
preparsecode($context['preview_message'], true);
// Parse out the BBC if it is enabled.
$context['preview_message'] = parse_bbc($context['preview_message']);
// Censor, as always.
censorText($context['preview_subject']);
censorText($context['preview_message']);
// Set a descriptive title.
$context['page_title'] = $txt['preview'] . ' - ' . $context['preview_subject'];
// Pretend they messed up but don't ignore if they really did :P.
return messagePostError($post_errors, $namedRecipientList, $recipientList);
} elseif ($is_recipient_change) {
// Maybe we couldn't find one?
foreach ($namesNotFound as $recipientType => $names) {
$post_errors[] = 'bad_' . $recipientType;
foreach ($names as $name) {
$context['send_log']['failed'][] = sprintf($txt['pm_error_user_not_found'], $name);
}
}
return messagePostError(array(), $namedRecipientList, $recipientList);
}
// Want to save this as a draft and think about it some more?
if (!empty($modSettings['drafts_enabled']) && !empty($modSettings['drafts_pm_enabled']) && isset($_POST['save_draft'])) {
require_once $sourcedir . '/Drafts.php';
SavePMDraft($post_errors, $recipientList);
return messagePostError($post_errors, $namedRecipientList, $recipientList);
} elseif (!empty($modSettings['max_pm_recipients']) && count($recipientList['to']) + count($recipientList['bcc']) > $modSettings['max_pm_recipients'] && !allowedTo(array('moderate_forum', 'send_mail', 'admin_forum'))) {
$context['send_log'] = array('sent' => array(), 'failed' => array(sprintf($txt['pm_too_many_recipients'], $modSettings['max_pm_recipients'])));
return messagePostError($post_errors, $namedRecipientList, $recipientList);
}
// Protect from message spamming.
spamProtection('pm');
// Prevent double submission of this form.
checkSubmitOnce('check');
// Do the actual sending of the PM.
if (!empty($recipientList['to']) || !empty($recipientList['bcc'])) {
$context['send_log'] = sendpm($recipientList, $_REQUEST['subject'], $_REQUEST['message'], !empty($_REQUEST['outbox']), null, !empty($_REQUEST['pm_head']) ? (int) $_REQUEST['pm_head'] : 0);
} else {
$context['send_log'] = array('sent' => array(), 'failed' => array());
}
// Mark the message as "replied to".
if (!empty($context['send_log']['sent']) && !empty($_REQUEST['replied_to']) && isset($_REQUEST['f']) && $_REQUEST['f'] == 'inbox') {
$smcFunc['db_query']('', '
UPDATE {db_prefix}pm_recipients
SET is_read = is_read | 2
WHERE id_pm = {int:replied_to}
AND id_member = {int:current_member}', array('current_member' => $user_info['id'], 'replied_to' => (int) $_REQUEST['replied_to']));
}
// If one or more of the recipient were invalid, go back to the post screen with the failed usernames.
if (!empty($context['send_log']['failed'])) {
return messagePostError($post_errors, $namesNotFound, array('to' => array_intersect($recipientList['to'], $context['send_log']['failed']), 'bcc' => array_intersect($recipientList['bcc'], $context['send_log']['failed'])));
}
// Message sent successfully?
if (!empty($context['send_log']) && empty($context['send_log']['failed'])) {
$context['current_label_redirect'] = $context['current_label_redirect'] . ';done=sent';
}
// Go back to the where they sent from, if possible...
redirectexit($context['current_label_redirect']);
}
/**
* Handles user requests to copy an existing role.
*
* @since 2.0
*/
function shd_admin_copy_role()
{
global $context, $txt, $smcFunc;
$_REQUEST['role'] = isset($_REQUEST['role']) ? (int) $_REQUEST['role'] : 0;
shd_load_role($_REQUEST['role']);
// Hah, no, you're just an extra, bye.
if (empty($context['shd_permissions']['user_defined_roles'][$_REQUEST['role']])) {
fatal_lang_error('shd_unknown_role', false);
}
if (empty($_REQUEST['part'])) {
$context['page_title'] = $txt['shd_copy_role'];
$context['sub_template'] = 'shd_copy_role';
checkSubmitOnce('register');
} else {
checkSubmitOnce('check');
checkSession();
// Boring stuff like session checks done. Were you a naughty admin and didn't set it properly?
if (!isset($_POST['rolename']) || $smcFunc['htmltrim']($smcFunc['htmlspecialchars']($_POST['rolename'])) === '') {
fatal_lang_error('shd_no_role_name', false);
} else {
$_POST['rolename'] = strtr($smcFunc['htmlspecialchars']($_POST['rolename']), array("\r" => '', "\n" => '', "\t" => ''));
}
// So here we are, source role is valid, we're good little admins and specified a name, so let's create the new role in the DB.
$smcFunc['db_insert']('insert', '{db_prefix}helpdesk_roles', array('template' => 'int', 'role_name' => 'string'), array($context['shd_permissions']['user_defined_roles'][$_REQUEST['role']]['template'], $_POST['rolename']), array('id_role'));
$newrole = $smcFunc['db_insert_id']('{db_prefix}helpdesk_roles', 'id_role');
if (empty($newrole)) {
fatal_lang_error('shd_could_not_create_role', false);
}
// OK, so we made the role. Now add the permissions from the existing role, first grab 'em
$new_perms = array();
$query = $smcFunc['db_query']('', '
SELECT permission, add_type
FROM {db_prefix}helpdesk_role_permissions
WHERE id_role = {int:role}', array('role' => $_REQUEST['role']));
while ($row = $smcFunc['db_fetch_assoc']($query)) {
$new_perms[] = array((int) $newrole, $row['permission'], (int) $row['add_type']);
}
$smcFunc['db_free_result']($query);
// Now insert them new perms if they got any
if (!empty($new_perms)) {
$smcFunc['db_insert']('insert', '{db_prefix}helpdesk_role_permissions', array('id_role' => 'int', 'permission' => 'string', 'add_type' => 'int'), $new_perms, array('id_role', 'permission'));
}
// Now copy the groups and departments if they wanted to
if (!empty($_REQUEST['copygroups'])) {
// Groups first.
$groups = array();
$query = $smcFunc['db_query']('', '
SELECT id_group
FROM {db_prefix}helpdesk_role_groups
WHERE id_role = {int:role}', array('role' => $_REQUEST['role']));
while ($row = $smcFunc['db_fetch_assoc']($query)) {
$groups[] = array((int) $newrole, (int) $row['id_group']);
}
$smcFunc['db_free_result']($query);
if (!empty($groups)) {
$smcFunc['db_insert']('insert', '{db_prefix}helpdesk_role_groups', array('id_role' => 'int', 'id_group' => 'int'), $groups, array('id_role', 'id_group'));
}
// Departments second.
$depts = array();
$query = $smcFunc['db_query']('', '
SELECT id_dept
FROM {db_prefix}helpdesk_dept_roles
WHERE id_role = {int:role}', array('role' => $_REQUEST['role']));
while ($row = $smcFunc['db_fetch_assoc']($query)) {
$depts[] = array((int) $newrole, (int) $row['id_dept']);
}
$smcFunc['db_free_result']($query);
if (!empty($depts)) {
$smcFunc['db_insert']('insert', '{db_prefix}helpdesk_dept_roles', array('id_role' => 'int', 'id_dept' => 'int'), $depts, array('id_role', 'id_dept'));
}
}
// Take them to the edit screen!
redirectexit('action=admin;area=helpdesk_permissions;sa=editrole;role=' . $newrole);
}
}
function EditPoll2()
{
global $txt, $topic, $board, $ID_MEMBER, $db_prefix, $context;
global $modSettings, $user_info, $func;
if (checkSession('post', '', false) != '') {
$poll_errors[] = 'session_timeout';
}
if (isset($_POST['preview'])) {
return EditPoll();
}
// HACKERS (!!) can't edit :P.
if (empty($topic)) {
fatal_lang_error(1, false);
}
// Is this a new poll, or editing an existing?
$isEdit = isset($_REQUEST['add']) ? 0 : 1;
// Get the starter and the poll's ID - if it's an edit.
$request = db_query("\n\t\tSELECT t.ID_MEMBER_STARTED, t.ID_POLL, p.ID_MEMBER AS pollStarter\n\t\tFROM {$db_prefix}topics AS t\n\t\t\tLEFT JOIN {$db_prefix}polls AS p ON (p.ID_POLL = t.ID_POLL)\n\t\tWHERE t.ID_TOPIC = {$topic}\n\t\tLIMIT 1", __FILE__, __LINE__);
if (mysql_num_rows($request) == 0) {
fatal_lang_error('smf232');
}
$bcinfo = mysql_fetch_assoc($request);
mysql_free_result($request);
// Check their adding/editing is valid.
if (!$isEdit && !empty($bcinfo['ID_POLL'])) {
fatal_lang_error('poll_already_exists');
} elseif ($isEdit && empty($bcinfo['ID_POLL'])) {
fatal_lang_error('poll_not_found');
}
// Check if they have the power to add or edit the poll.
if ($isEdit && !allowedTo('poll_edit_any')) {
isAllowedTo('poll_edit_' . ($ID_MEMBER == $bcinfo['ID_MEMBER_STARTED'] || $bcinfo['pollStarter'] != 0 && $ID_MEMBER == $bcinfo['pollStarter'] ? 'own' : 'any'));
} elseif (!$isEdit && !allowedTo('poll_add_any')) {
isAllowedTo('poll_add_' . ($ID_MEMBER == $bcinfo['ID_MEMBER_STARTED'] ? 'own' : 'any'));
}
$optionCount = 0;
// Ensure the user is leaving a valid amount of options - there must be at least two.
foreach ($_POST['options'] as $k => $option) {
if (trim($option) != '') {
$optionCount++;
}
}
if ($optionCount < 2) {
$poll_errors[] = 'poll_few';
}
// Also - ensure they are not removing the question.
if (trim($_POST['question']) == '') {
$poll_errors[] = 'no_question';
}
// Got any errors to report?
if (!empty($poll_errors)) {
loadLanguage('Errors');
// Previewing.
$_POST['preview'] = true;
$context['poll_error'] = array('messages' => array());
foreach ($poll_errors as $poll_error) {
$context['poll_error'][$poll_error] = true;
$context['poll_error']['messages'][] = $txt['error_' . $poll_error];
}
return EditPoll();
}
// Prevent double submission of this form.
checkSubmitOnce('check');
// Now we've done all our error checking, let's get the core poll information cleaned... question first.
$_POST['question'] = $func['htmlspecialchars']($_POST['question']);
$_POST['poll_hide'] = (int) $_POST['poll_hide'];
$_POST['poll_change_vote'] = isset($_POST['poll_change_vote']) ? 1 : 0;
// Ensure that the number options allowed makes sense, and the expiration date is valid.
if (!$isEdit || allowedTo('moderate_board')) {
if (empty($_POST['poll_expire']) && $_POST['poll_hide'] == 2) {
$_POST['poll_hide'] = 1;
} else {
$_POST['poll_expire'] = empty($_POST['poll_expire']) ? '0' : time() + $_POST['poll_expire'] * 3600 * 24;
}
if (empty($_POST['poll_max_votes']) || $_POST['poll_max_votes'] <= 0) {
$_POST['poll_max_votes'] = 1;
} else {
$_POST['poll_max_votes'] = (int) $_POST['poll_max_votes'];
}
}
// If we're editing, let's commit the changes.
if ($isEdit) {
db_query("\n\t\t\tUPDATE {$db_prefix}polls\n\t\t\tSET question = '{$_POST['question']}', changeVote = {$_POST['poll_change_vote']}," . (allowedTo('moderate_board') ? "\n\t\t\t\thideResults = {$_POST['poll_hide']}, expireTime = {$_POST['poll_expire']}, maxVotes = {$_POST['poll_max_votes']}" : "\n\t\t\t\thideResults = IF(expireTime = 0 AND {$_POST['poll_hide']} = 2, 1, {$_POST['poll_hide']})") . "\n\t\t\tWHERE ID_POLL = {$bcinfo['ID_POLL']}\n\t\tLIMIT 1", __FILE__, __LINE__);
} else {
// Create the poll.
db_query("\n\t\t\tINSERT INTO {$db_prefix}polls\n\t\t\t\t(question, hideResults, maxVotes, expireTime, ID_MEMBER, posterName, changeVote)\n\t\t\tVALUES (SUBSTRING('{$_POST['question']}', 1, 255), {$_POST['poll_hide']}, {$_POST['poll_max_votes']}, {$_POST['poll_expire']}, {$ID_MEMBER}, SUBSTRING('{$user_info['username']}', 1, 255), {$_POST['poll_change_vote']})", __FILE__, __LINE__);
// Set the poll ID.
$bcinfo['ID_POLL'] = db_insert_id();
// Link the poll to the topic
db_query("\n\t\t\tUPDATE {$db_prefix}topics\n\t\t\tSET ID_POLL = {$bcinfo['ID_POLL']}\n\t\t\tWHERE ID_TOPIC = {$topic}\n\t\t\tLIMIT 1", __FILE__, __LINE__);
}
// Get all the choices. (no better way to remove all emptied and add previously non-existent ones.)
$request = db_query("\n\t\tSELECT ID_CHOICE\n\t\tFROM {$db_prefix}poll_choices\n\t\tWHERE ID_POLL = {$bcinfo['ID_POLL']}", __FILE__, __LINE__);
$choices = array();
while ($row = mysql_fetch_assoc($request)) {
$choices[] = $row['ID_CHOICE'];
}
mysql_free_result($request);
$delete_options = array();
foreach ($_POST['options'] as $k => $option) {
// Make sure the key is numeric for sanity's sake.
$k = (int) $k;
// They've cleared the box. Either they want it deleted, or it never existed.
if (trim($option) == '') {
// They want it deleted. Bye.
if (in_array($k, $choices)) {
$delete_options[] = $k;
}
// Skip the rest...
continue;
}
// Dress the option up for its big date with the database.
$option = $func['htmlspecialchars']($option);
// If it's already there, update it. If it's not... add it.
if (in_array($k, $choices)) {
db_query("\n\t\t\t\tUPDATE {$db_prefix}poll_choices\n\t\t\t\tSET label = '{$option}'\n\t\t\t\tWHERE ID_POLL = {$bcinfo['ID_POLL']}\n\t\t\t\t\tAND ID_CHOICE = {$k}\n\t\t\t\tLIMIT 1", __FILE__, __LINE__);
} else {
db_query("\n\t\t\t\tINSERT INTO {$db_prefix}poll_choices\n\t\t\t\t\t(ID_POLL, ID_CHOICE, label, votes)\n\t\t\t\tVALUES ({$bcinfo['ID_POLL']}, {$k}, SUBSTRING('{$option}', 1, 255), 0)", __FILE__, __LINE__);
}
}
// I'm sorry, but... well, no one was choosing you. Poor options, I'll put you out of your misery.
if (!empty($delete_options)) {
db_query("\n\t\t\tDELETE FROM {$db_prefix}log_polls\n\t\t\tWHERE ID_POLL = {$bcinfo['ID_POLL']}\n\t\t\t\tAND ID_CHOICE IN (" . implode(', ', $delete_options) . ")", __FILE__, __LINE__);
db_query("\n\t\t\tDELETE FROM {$db_prefix}poll_choices\n\t\t\tWHERE ID_POLL = {$bcinfo['ID_POLL']}\n\t\t\t\tAND ID_CHOICE IN (" . implode(', ', $delete_options) . ")", __FILE__, __LINE__);
}
// Shall I reset the vote count, sir?
if (isset($_POST['resetVoteCount'])) {
db_query("\n\t\t\tUPDATE {$db_prefix}poll_choices\n\t\t\tSET votes = 0\n\t\t\tWHERE ID_POLL = {$bcinfo['ID_POLL']}", __FILE__, __LINE__);
db_query("\n\t\t\tDELETE FROM {$db_prefix}log_polls\n\t\t\tWHERE ID_POLL = {$bcinfo['ID_POLL']}", __FILE__, __LINE__);
}
// Off we go.
redirectexit('topic=' . $topic . '.' . $_REQUEST['start']);
}
function PackageInstall()
{
global $boarddir, $txt, $context, $boardurl, $scripturl, $sourcedir, $modSettings;
global $user_info, $smcFunc;
// Make sure we don't install this mod twice.
checkSubmitOnce('check');
checkSession();
// If there's no file, what are we installing?
if (!isset($_REQUEST['package']) || $_REQUEST['package'] == '') {
redirectexit('action=admin;area=packages');
}
$context['filename'] = $_REQUEST['package'];
// If this is an uninstall, we'll have an id.
$context['install_id'] = isset($_REQUEST['pid']) ? (int) $_REQUEST['pid'] : 0;
require_once $sourcedir . '/lib/Subs-Package.php';
// !!! TODO: Perhaps do it in steps, if necessary?
$context['uninstalling'] = $_REQUEST['sa'] == 'uninstall2';
// Set up the linktree for other.
$context['linktree'][count($context['linktree']) - 1] = array('url' => $scripturl . '?action=admin;area=packages;sa=browse', 'name' => $context['uninstalling'] ? $txt['uninstall'] : $txt['extracting']);
$context['page_title'] .= ' - ' . ($context['uninstalling'] ? $txt['uninstall'] : $txt['extracting']);
$context['sub_template'] = 'extract_package';
if (!file_exists($boarddir . '/Packages/' . $context['filename'])) {
fatal_lang_error('package_no_file', false);
}
// Load up the package FTP information?
create_chmod_control(array(), array('destination_url' => $scripturl . '?action=admin;area=packages;sa=' . $_REQUEST['sa'] . ';package=' . $_REQUEST['package']));
// Make sure temp directory exists and is empty!
if (file_exists($boarddir . '/Packages/temp')) {
deltree($boarddir . '/Packages/temp', false);
} else {
mktree($boarddir . '/Packages/temp', 0777);
}
// Let the unpacker do the work.
if (is_file($boarddir . '/Packages/' . $context['filename'])) {
$context['extracted_files'] = read_tgz_file($boarddir . '/Packages/' . $context['filename'], $boarddir . '/Packages/temp');
if (!file_exists($boarddir . '/Packages/temp/package-info.xml')) {
foreach ($context['extracted_files'] as $file) {
if (basename($file['filename']) == 'package-info.xml') {
$context['base_path'] = dirname($file['filename']) . '/';
break;
}
}
}
if (!isset($context['base_path'])) {
$context['base_path'] = '';
}
} elseif (is_dir($boarddir . '/Packages/' . $context['filename'])) {
copytree($boarddir . '/Packages/' . $context['filename'], $boarddir . '/Packages/temp');
$context['extracted_files'] = listtree($boarddir . '/Packages/temp');
$context['base_path'] = '';
} else {
fatal_lang_error('no_access', false);
}
// Are we installing this into any custom themes?
$custom_themes = array(1);
$known_themes = explode(',', $modSettings['knownThemes']);
if (!empty($_POST['custom_theme'])) {
foreach ($_POST['custom_theme'] as $tid) {
if (in_array($tid, $known_themes)) {
$custom_themes[] = (int) $tid;
}
}
}
// Now load up the paths of the themes that we need to know about.
$request = smf_db_query('
SELECT id_theme, variable, value
FROM {db_prefix}themes
WHERE id_theme IN ({array_int:custom_themes})
AND variable IN ({string:name}, {string:theme_dir})', array('custom_themes' => $custom_themes, 'name' => 'name', 'theme_dir' => 'theme_dir'));
$theme_paths = array();
$themes_installed = array(1);
while ($row = mysql_fetch_assoc($request)) {
$theme_paths[$row['id_theme']][$row['variable']] = $row['value'];
}
mysql_free_result($request);
// Are there any theme copying that we want to take place?
$context['theme_copies'] = array('require-file' => array(), 'require-dir' => array());
if (!empty($_POST['theme_changes'])) {
foreach ($_POST['theme_changes'] as $change) {
if (empty($change)) {
continue;
}
$theme_data = unserialize(base64_decode($change));
if (empty($theme_data['type'])) {
continue;
}
$themes_installed[] = $theme_data['id'];
$context['theme_copies'][$theme_data['type']][$theme_data['orig']][] = $theme_data['future'];
}
}
// Get the package info...
$packageInfo = getPackageInfo($context['filename']);
if (!is_array($packageInfo)) {
fatal_lang_error($packageInfo);
}
$packageInfo['filename'] = $context['filename'];
// Set the type of extraction...
$context['extract_type'] = isset($packageInfo['type']) ? $packageInfo['type'] : 'modification';
// Create a backup file to roll back to! (but if they do this more than once, don't run it a zillion times.)
if (!empty($modSettings['package_make_backups']) && (!isset($_SESSION['last_backup_for']) || $_SESSION['last_backup_for'] != $context['filename'] . ($context['uninstalling'] ? '$$' : '$'))) {
$_SESSION['last_backup_for'] = $context['filename'] . ($context['uninstalling'] ? '$$' : '$');
// !!! Internationalize this?
package_create_backup(($context['uninstalling'] ? 'backup_' : 'before_') . strtok($context['filename'], '.'));
}
// The mod isn't installed.... unless proven otherwise.
$context['is_installed'] = false;
// Is it actually installed?
$request = smf_db_query('
SELECT version, themes_installed, db_changes
FROM {db_prefix}log_packages
WHERE package_id = {string:current_package}
AND install_state != {int:not_installed}
ORDER BY time_installed DESC
LIMIT 1', array('not_installed' => 0, 'current_package' => $packageInfo['id']));
while ($row = mysql_fetch_assoc($request)) {
$old_themes = explode(',', $row['themes_installed']);
$old_version = $row['version'];
$db_changes = empty($row['db_changes']) ? array() : unserialize($row['db_changes']);
}
mysql_free_result($request);
// Wait, it's not installed yet!
// !!! TODO: Replace with a better error message!
if (!isset($old_version) && $context['uninstalling']) {
deltree($boarddir . '/Packages/temp');
fatal_error('Hacker?', false);
} elseif ($context['uninstalling']) {
$install_log = parsePackageInfo($packageInfo['xml'], false, 'uninstall');
// Gadzooks! There's no uninstaller at all!?
if (empty($install_log)) {
fatal_lang_error('package_uninstall_cannot', false);
}
// They can only uninstall from what it was originally installed into.
foreach ($theme_paths as $id => $data) {
if ($id != 1 && !in_array($id, $old_themes)) {
unset($theme_paths[$id]);
}
}
} elseif (isset($old_version) && $old_version != $packageInfo['version']) {
// Look for an upgrade...
$install_log = parsePackageInfo($packageInfo['xml'], false, 'upgrade', $old_version);
// There was no upgrade....
if (empty($install_log)) {
$context['is_installed'] = true;
} else {
// Upgrade previous themes only!
foreach ($theme_paths as $id => $data) {
if ($id != 1 && !in_array($id, $old_themes)) {
unset($theme_paths[$id]);
}
}
}
} elseif (isset($old_version) && $old_version == $packageInfo['version']) {
$context['is_installed'] = true;
}
if (!isset($old_version) || $context['is_installed']) {
$install_log = parsePackageInfo($packageInfo['xml'], false, 'install');
}
$context['install_finished'] = false;
// !!! TODO: Make a log of any errors that occurred and output them?
if (!empty($install_log)) {
$failed_steps = array();
$failed_count = 0;
foreach ($install_log as $action) {
$failed_count++;
if ($action['type'] == 'modification' && !empty($action['filename'])) {
if ($action['boardmod']) {
$mod_actions = parseBoardMod(file_get_contents($boarddir . '/Packages/temp/' . $context['base_path'] . $action['filename']), false, $action['reverse'], $theme_paths);
} else {
$mod_actions = parseModification(file_get_contents($boarddir . '/Packages/temp/' . $context['base_path'] . $action['filename']), false, $action['reverse'], $theme_paths);
}
// Any errors worth noting?
foreach ($mod_actions as $key => $action) {
if ($action['type'] == 'failure') {
$failed_steps[] = array('file' => $action['filename'], 'large_step' => $failed_count, 'sub_step' => $key, 'theme' => 1);
}
// Gather the themes we installed into.
if (!empty($action['is_custom'])) {
$themes_installed[] = $action['is_custom'];
}
}
} elseif ($action['type'] == 'code' && !empty($action['filename'])) {
// This is just here as reference for what is available.
global $txt, $boarddir, $sourcedir, $modSettings, $context, $settings, $forum_version, $smcFunc;
// Now include the file and be done with it ;).
require $boarddir . '/Packages/temp/' . $context['base_path'] . $action['filename'];
} elseif ($action['type'] == 'database' && !empty($action['filename']) && (!$context['uninstalling'] || !empty($_POST['do_db_changes']))) {
// These can also be there for database changes.
global $txt, $boarddir, $sourcedir, $modSettings, $context, $settings, $forum_version, $smcFunc;
global $db_package_log;
// We'll likely want the package specific database functionality!
db_extend('packages');
// Let the file work its magic ;)
require $boarddir . '/Packages/temp/' . $context['base_path'] . $action['filename'];
} elseif ($action['type'] == 'redirect' && !empty($action['redirect_url'])) {
$context['redirect_url'] = $action['redirect_url'];
$context['redirect_text'] = !empty($action['filename']) && file_exists($boarddir . '/Packages/temp/' . $context['base_path'] . $action['filename']) ? file_get_contents($boarddir . '/Packages/temp/' . $context['base_path'] . $action['filename']) : ($context['uninstalling'] ? $txt['package_uninstall_done'] : $txt['package_installed_done']);
$context['redirect_timeout'] = $action['redirect_timeout'];
// Parse out a couple of common urls.
$urls = array('$boardurl' => $boardurl, '$scripturl' => $scripturl, '$session_var' => $context['session_var'], '$session_id' => $context['session_id']);
$context['redirect_url'] = strtr($context['redirect_url'], $urls);
}
}
package_flush_cache();
// First, ensure this change doesn't get removed by putting a stake in the ground (So to speak).
package_put_contents($boarddir . '/Packages/installed.list', time());
// See if this is already installed, and change it's state as required.
$request = smf_db_query('
SELECT package_id, install_state, db_changes
FROM {db_prefix}log_packages
WHERE install_state != {int:not_installed}
AND package_id = {string:current_package}
' . ($context['install_id'] ? ' AND id_install = {int:install_id} ' : '') . '
ORDER BY time_installed DESC
LIMIT 1', array('not_installed' => 0, 'install_id' => $context['install_id'], 'current_package' => $packageInfo['id']));
$is_upgrade = false;
while ($row = mysql_fetch_assoc($request)) {
// Uninstalling?
if ($context['uninstalling']) {
smf_db_query('
UPDATE {db_prefix}log_packages
SET install_state = {int:not_installed}, member_removed = {string:member_name}, id_member_removed = {int:current_member},
time_removed = {int:current_time}
WHERE package_id = {string:package_id}', array('current_member' => $user_info['id'], 'not_installed' => 0, 'current_time' => time(), 'package_id' => $row['package_id'], 'member_name' => $user_info['name']));
} else {
$is_upgrade = true;
$old_db_changes = empty($row['db_changes']) ? array() : unserialize($row['db_changes']);
}
}
// Assuming we're not uninstalling, add the entry.
if (!$context['uninstalling']) {
// Any db changes from older version?
if (!empty($old_db_changes)) {
$db_package_log = empty($db_package_log) ? $old_db_changes : array_merge($old_db_changes, $db_package_log);
}
// If there are some database changes we might want to remove then filter them out.
if (!empty($db_package_log)) {
// We're really just checking for entries which are create table AND add columns (etc).
$tables = array();
function sort_table_first($a, $b)
{
if ($a[0] == $b[0]) {
return 0;
}
return $a[0] == 'remove_table' ? -1 : 1;
}
usort($db_package_log, 'sort_table_first');
foreach ($db_package_log as $k => $log) {
if ($log[0] == 'remove_table') {
$tables[] = $log[1];
} elseif (in_array($log[1], $tables)) {
unset($db_package_log[$k]);
}
}
$db_changes = serialize($db_package_log);
} else {
$db_changes = '';
}
// What themes did we actually install?
$themes_installed = array_unique($themes_installed);
$themes_installed = implode(',', $themes_installed);
// What failed steps?
$failed_step_insert = serialize($failed_steps);
smf_db_insert('', '{db_prefix}log_packages', array('filename' => 'string', 'name' => 'string', 'package_id' => 'string', 'version' => 'string', 'id_member_installed' => 'int', 'member_installed' => 'string', 'time_installed' => 'int', 'install_state' => 'int', 'failed_steps' => 'string', 'themes_installed' => 'string', 'member_removed' => 'int', 'db_changes' => 'string'), array($packageInfo['filename'], $packageInfo['name'], $packageInfo['id'], $packageInfo['version'], $user_info['id'], $user_info['name'], time(), $is_upgrade ? 2 : 1, $failed_step_insert, $themes_installed, 0, $db_changes), array('id_install'));
}
mysql_free_result($request);
$context['install_finished'] = true;
}
// If there's database changes - and they want them removed - let's do it last!
if (!empty($db_changes) && !empty($_POST['do_db_changes'])) {
// We're gonna be needing the package db functions!
db_extend('packages');
foreach ($db_changes as $change) {
if ($change[0] == 'remove_table' && isset($change[1])) {
smf_db_drop_table($change[1]);
} elseif ($change[0] == 'remove_column' && isset($change[2])) {
smf_db_remove_column($change[1], $change[2]);
} elseif ($change[0] == 'remove_index' && isset($change[2])) {
smf_db_remove_index($change[1], $change[2]);
}
}
}
// Clean house... get rid of the evidence ;).
if (file_exists($boarddir . '/Packages/temp')) {
deltree($boarddir . '/Packages/temp');
}
// Log what we just did.
logAction($context['uninstalling'] ? 'uninstall_package' : (!empty($is_upgrade) ? 'upgrade_package' : 'install_package'), array('package' => commonAPI::htmlspecialchars($packageInfo['name']), 'version' => commonAPI::htmlspecialchars($packageInfo['version'])), 'admin');
// Just in case, let's clear the whole cache to avoid anything going up the swanny.
clean_cache();
// Restore file permissions?
create_chmod_control(array(), array(), true);
}
/**
* The central part of the board - topic display.
*
* What it does:
* - This function loads the posts in a topic up so they can be displayed.
* - It uses the main sub template of the Display template.
* - It requires a topic, and can go to the previous or next topic from it.
* - It jumps to the correct post depending on a number/time/IS_MSG passed.
* - It depends on the messages_per_page, defaultMaxMessages and enableAllMessages settings.
* - It is accessed by ?topic=id_topic.START.
*/
public function action_display()
{
global $scripturl, $txt, $modSettings, $context, $settings;
global $options, $user_info, $board_info, $topic, $board;
global $attachments, $messages_request;
// What are you gonna display if these are empty?!
if (empty($topic)) {
fatal_lang_error('no_board', false);
}
// Load the template
loadTemplate('Display');
$context['sub_template'] = 'messages';
// And the topic functions
require_once SUBSDIR . '/Topic.subs.php';
require_once SUBSDIR . '/Messages.subs.php';
// Not only does a prefetch make things slower for the server, but it makes it impossible to know if they read it.
if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch') {
@ob_end_clean();
header('HTTP/1.1 403 Prefetch Forbidden');
die;
}
// How much are we sticking on each page?
$context['messages_per_page'] = empty($modSettings['disableCustomPerPage']) && !empty($options['messages_per_page']) ? $options['messages_per_page'] : $modSettings['defaultMaxMessages'];
$template_layers = Template_Layers::getInstance();
$template_layers->addEnd('messages_informations');
$includeUnapproved = !$modSettings['postmod_active'] || allowedTo('approve_posts');
// Let's do some work on what to search index.
if (count($_GET) > 2) {
foreach ($_GET as $k => $v) {
if (!in_array($k, array('topic', 'board', 'start', session_name()))) {
$context['robot_no_index'] = true;
}
}
}
if (!empty($_REQUEST['start']) && (!is_numeric($_REQUEST['start']) || $_REQUEST['start'] % $context['messages_per_page'] != 0)) {
$context['robot_no_index'] = true;
}
// Find the previous or next topic. Make a fuss if there are no more.
if (isset($_REQUEST['prev_next']) && ($_REQUEST['prev_next'] == 'prev' || $_REQUEST['prev_next'] == 'next')) {
// No use in calculating the next topic if there's only one.
if ($board_info['num_topics'] > 1) {
$includeStickies = !empty($modSettings['enableStickyTopics']);
$topic = $_REQUEST['prev_next'] === 'prev' ? previousTopic($topic, $board, $user_info['id'], $includeUnapproved, $includeStickies) : nextTopic($topic, $board, $user_info['id'], $includeUnapproved, $includeStickies);
$context['current_topic'] = $topic;
}
// Go to the newest message on this topic.
$_REQUEST['start'] = 'new';
}
// Add 1 to the number of views of this topic (except for robots).
if (!$user_info['possibly_robot'] && (empty($_SESSION['last_read_topic']) || $_SESSION['last_read_topic'] != $topic)) {
increaseViewCounter($topic);
$_SESSION['last_read_topic'] = $topic;
}
$topic_selects = array();
$topic_tables = array();
$topic_parameters = array('topic' => $topic, 'member' => $user_info['id'], 'board' => (int) $board);
// Allow addons to add additional details to the topic query
call_integration_hook('integrate_topic_query', array(&$topic_selects, &$topic_tables, &$topic_parameters));
// Load the topic details
$topicinfo = getTopicInfo($topic_parameters, 'all', $topic_selects, $topic_tables);
if (empty($topicinfo)) {
fatal_lang_error('not_a_topic', false);
}
// Is this a moved topic that we are redirecting to?
if (!empty($topicinfo['id_redirect_topic']) && !isset($_GET['noredir'])) {
markTopicsRead(array($user_info['id'], $topic, $topicinfo['id_last_msg'], 0), $topicinfo['new_from'] !== 0);
redirectexit('topic=' . $topicinfo['id_redirect_topic'] . '.0;redirfrom=' . $topicinfo['id_topic']);
}
$context['real_num_replies'] = $context['num_replies'] = $topicinfo['num_replies'];
$context['topic_first_message'] = $topicinfo['id_first_msg'];
$context['topic_last_message'] = $topicinfo['id_last_msg'];
$context['topic_unwatched'] = isset($topicinfo['unwatched']) ? $topicinfo['unwatched'] : 0;
if (isset($_GET['redirfrom'])) {
$redir_topics = topicsList(array((int) $_GET['redirfrom']));
if (!empty($redir_topics[(int) $_GET['redirfrom']])) {
$context['topic_redirected_from'] = $redir_topics[(int) $_GET['redirfrom']];
$context['topic_redirected_from']['redir_href'] = $scripturl . '?topic=' . $context['topic_redirected_from']['id_topic'] . '.0;noredir';
}
}
// Add up unapproved replies to get real number of replies...
if ($modSettings['postmod_active'] && allowedTo('approve_posts')) {
$context['real_num_replies'] += $topicinfo['unapproved_posts'] - ($topicinfo['approved'] ? 0 : 1);
}
// If this topic was derived from another, set the followup details
if (!empty($topicinfo['derived_from'])) {
require_once SUBSDIR . '/FollowUps.subs.php';
$context['topic_derived_from'] = topicStartedHere($topic, $includeUnapproved);
}
// If this topic has unapproved posts, we need to work out how many posts the user can see, for page indexing.
if (!$includeUnapproved && $topicinfo['unapproved_posts'] && !$user_info['is_guest']) {
$myUnapprovedPosts = unapprovedPosts($topic, $user_info['id']);
$context['total_visible_posts'] = $context['num_replies'] + $myUnapprovedPosts + ($topicinfo['approved'] ? 1 : 0);
} elseif ($user_info['is_guest']) {
$context['total_visible_posts'] = $context['num_replies'] + ($topicinfo['approved'] ? 1 : 0);
} else {
$context['total_visible_posts'] = $context['num_replies'] + $topicinfo['unapproved_posts'] + ($topicinfo['approved'] ? 1 : 0);
}
// When was the last time this topic was replied to? Should we warn them about it?
if (!empty($modSettings['oldTopicDays'])) {
$mgsOptions = basicMessageInfo($topicinfo['id_last_msg'], true);
$context['oldTopicError'] = $mgsOptions['poster_time'] + $modSettings['oldTopicDays'] * 86400 < time() && empty($topicinfo['is_sticky']);
} else {
$context['oldTopicError'] = false;
}
// The start isn't a number; it's information about what to do, where to go.
if (!is_numeric($_REQUEST['start'])) {
// Redirect to the page and post with new messages, originally by Omar Bazavilvazo.
if ($_REQUEST['start'] == 'new') {
// Guests automatically go to the last post.
if ($user_info['is_guest']) {
$context['start_from'] = $context['total_visible_posts'] - 1;
$_REQUEST['start'] = $context['start_from'];
} else {
// Fall through to the next if statement.
$_REQUEST['start'] = 'msg' . $topicinfo['new_from'];
}
}
// Start from a certain time index, not a message.
if (substr($_REQUEST['start'], 0, 4) == 'from') {
$timestamp = (int) substr($_REQUEST['start'], 4);
if ($timestamp === 0) {
$_REQUEST['start'] = 0;
} else {
// Find the number of messages posted before said time...
$context['start_from'] = countNewPosts($topic, $topicinfo, $timestamp);
$_REQUEST['start'] = $context['start_from'];
}
} elseif (substr($_REQUEST['start'], 0, 3) == 'msg') {
$virtual_msg = (int) substr($_REQUEST['start'], 3);
if (!$topicinfo['unapproved_posts'] && $virtual_msg >= $topicinfo['id_last_msg']) {
$context['start_from'] = $context['total_visible_posts'] - 1;
} elseif (!$topicinfo['unapproved_posts'] && $virtual_msg <= $topicinfo['id_first_msg']) {
$context['start_from'] = 0;
} else {
$only_approved = $modSettings['postmod_active'] && $topicinfo['unapproved_posts'] && !allowedTo('approve_posts');
$context['start_from'] = countMessagesBefore($topic, $virtual_msg, false, $only_approved, !$user_info['is_guest']);
}
// We need to reverse the start as well in this case.
$_REQUEST['start'] = $context['start_from'];
}
}
// Mark the mention as read if requested
if (isset($_REQUEST['mentionread']) && !empty($virtual_msg)) {
require_once CONTROLLERDIR . '/Mentions.controller.php';
$mentions = new Mentions_Controller();
$mentions->setData(array('id_mention' => $_REQUEST['item'], 'mark' => $_REQUEST['mark']));
$mentions->action_markread();
}
// Create a previous next string if the selected theme has it as a selected option.
if ($modSettings['enablePreviousNext']) {
$context['links'] += array('go_prev' => $scripturl . '?topic=' . $topic . '.0;prev_next=prev#new', 'go_next' => $scripturl . '?topic=' . $topic . '.0;prev_next=next#new');
}
// Derived from, set the link back
if (!empty($context['topic_derived_from'])) {
$context['links']['derived_from'] = $scripturl . '?msg=' . $context['topic_derived_from']['derived_from'];
}
// Check if spellchecking is both enabled and actually working. (for quick reply.)
$context['show_spellchecking'] = !empty($modSettings['enableSpellChecking']) && function_exists('pspell_new');
if ($context['show_spellchecking']) {
loadJavascriptFile('spellcheck.js', array('defer' => true));
}
// Do we need to show the visual verification image?
$context['require_verification'] = !$user_info['is_mod'] && !$user_info['is_admin'] && !empty($modSettings['posts_require_captcha']) && ($user_info['posts'] < $modSettings['posts_require_captcha'] || $user_info['is_guest'] && $modSettings['posts_require_captcha'] == -1);
if ($context['require_verification']) {
require_once SUBSDIR . '/VerificationControls.class.php';
$verificationOptions = array('id' => 'post');
$context['require_verification'] = create_control_verification($verificationOptions);
$context['visual_verification_id'] = $verificationOptions['id'];
}
// Are we showing signatures - or disabled fields?
$context['signature_enabled'] = substr($modSettings['signature_settings'], 0, 1) == 1;
$context['disabled_fields'] = isset($modSettings['disabled_profile_fields']) ? array_flip(explode(',', $modSettings['disabled_profile_fields'])) : array();
// Censor the title...
censorText($topicinfo['subject']);
$context['page_title'] = $topicinfo['subject'];
// Is this topic sticky, or can it even be?
$topicinfo['is_sticky'] = empty($modSettings['enableStickyTopics']) ? '0' : $topicinfo['is_sticky'];
// Allow addons access to the topicinfo array
call_integration_hook('integrate_display_topic', array($topicinfo));
// Default this topic to not marked for notifications... of course...
$context['is_marked_notify'] = false;
// Did we report a post to a moderator just now?
$context['report_sent'] = isset($_GET['reportsent']);
if ($context['report_sent']) {
$template_layers->add('report_sent');
}
// Let's get nosey, who is viewing this topic?
if (!empty($settings['display_who_viewing'])) {
require_once SUBSDIR . '/Who.subs.php';
formatViewers($topic, 'topic');
}
// If all is set, but not allowed... just unset it.
$can_show_all = !empty($modSettings['enableAllMessages']) && $context['total_visible_posts'] > $context['messages_per_page'] && $context['total_visible_posts'] < $modSettings['enableAllMessages'];
if (isset($_REQUEST['all']) && !$can_show_all) {
unset($_REQUEST['all']);
} elseif (isset($_REQUEST['all'])) {
$_REQUEST['start'] = -1;
}
// Construct the page index, allowing for the .START method...
$context['page_index'] = constructPageIndex($scripturl . '?topic=' . $topic . '.%1$d', $_REQUEST['start'], $context['total_visible_posts'], $context['messages_per_page'], true, array('all' => $can_show_all, 'all_selected' => isset($_REQUEST['all'])));
$context['start'] = $_REQUEST['start'];
// This is information about which page is current, and which page we're on - in case you don't like the constructed page index. (again, wireles..)
$context['page_info'] = array('current_page' => $_REQUEST['start'] / $context['messages_per_page'] + 1, 'num_pages' => floor(($context['total_visible_posts'] - 1) / $context['messages_per_page']) + 1);
// Figure out all the link to the next/prev
$context['links'] += array('prev' => $_REQUEST['start'] >= $context['messages_per_page'] ? $scripturl . '?topic=' . $topic . '.' . ($_REQUEST['start'] - $context['messages_per_page']) : '', 'next' => $_REQUEST['start'] + $context['messages_per_page'] < $context['total_visible_posts'] ? $scripturl . '?topic=' . $topic . '.' . ($_REQUEST['start'] + $context['messages_per_page']) : '');
// If they are viewing all the posts, show all the posts, otherwise limit the number.
if ($can_show_all && isset($_REQUEST['all'])) {
// No limit! (actually, there is a limit, but...)
$context['messages_per_page'] = -1;
// Set start back to 0...
$_REQUEST['start'] = 0;
}
// Build the link tree.
$context['linktree'][] = array('url' => $scripturl . '?topic=' . $topic . '.0', 'name' => $topicinfo['subject']);
// Build a list of this board's moderators.
$context['moderators'] =& $board_info['moderators'];
$context['link_moderators'] = array();
// Information about the current topic...
$context['is_locked'] = $topicinfo['locked'];
$context['is_sticky'] = $topicinfo['is_sticky'];
$context['is_very_hot'] = $topicinfo['num_replies'] >= $modSettings['hotTopicVeryPosts'];
$context['is_hot'] = $topicinfo['num_replies'] >= $modSettings['hotTopicPosts'];
$context['is_approved'] = $topicinfo['approved'];
$context['is_poll'] = $topicinfo['id_poll'] > 0 && !empty($modSettings['pollMode']) && allowedTo('poll_view');
determineTopicClass($context);
// Did this user start the topic or not?
$context['user']['started'] = $user_info['id'] == $topicinfo['id_member_started'] && !$user_info['is_guest'];
$context['topic_starter_id'] = $topicinfo['id_member_started'];
// Set the topic's information for the template.
$context['subject'] = $topicinfo['subject'];
$context['num_views'] = $topicinfo['num_views'];
$context['num_views_text'] = $context['num_views'] == 1 ? $txt['read_one_time'] : sprintf($txt['read_many_times'], $context['num_views']);
$context['mark_unread_time'] = !empty($virtual_msg) ? $virtual_msg : $topicinfo['new_from'];
// Set a canonical URL for this page.
$context['canonical_url'] = $scripturl . '?topic=' . $topic . '.' . $context['start'];
// For quick reply we need a response prefix in the default forum language.
$context['response_prefix'] = response_prefix();
// If we want to show event information in the topic, prepare the data.
if (allowedTo('calendar_view') && !empty($modSettings['cal_showInTopic']) && !empty($modSettings['cal_enabled'])) {
// We need events details and all that jazz
require_once SUBSDIR . '/Calendar.subs.php';
// First, try create a better time format, ignoring the "time" elements.
if (preg_match('~%[AaBbCcDdeGghjmuYy](?:[^%]*%[AaBbCcDdeGghjmuYy])*~', $user_info['time_format'], $matches) == 0 || empty($matches[0])) {
$date_string = $user_info['time_format'];
} else {
$date_string = $matches[0];
}
// Get event information for this topic.
$events = eventInfoForTopic($topic);
$context['linked_calendar_events'] = array();
foreach ($events as $event) {
// Prepare the dates for being formatted.
$start_date = sscanf($event['start_date'], '%04d-%02d-%02d');
$start_date = mktime(12, 0, 0, $start_date[1], $start_date[2], $start_date[0]);
$end_date = sscanf($event['end_date'], '%04d-%02d-%02d');
$end_date = mktime(12, 0, 0, $end_date[1], $end_date[2], $end_date[0]);
$context['linked_calendar_events'][] = array('id' => $event['id_event'], 'title' => $event['title'], 'can_edit' => allowedTo('calendar_edit_any') || $event['id_member'] == $user_info['id'] && allowedTo('calendar_edit_own'), 'modify_href' => $scripturl . '?action=post;msg=' . $topicinfo['id_first_msg'] . ';topic=' . $topic . '.0;calendar;eventid=' . $event['id_event'] . ';' . $context['session_var'] . '=' . $context['session_id'], 'can_export' => allowedTo('calendar_edit_any') || $event['id_member'] == $user_info['id'] && allowedTo('calendar_edit_own'), 'export_href' => $scripturl . '?action=calendar;sa=ical;eventid=' . $event['id_event'] . ';' . $context['session_var'] . '=' . $context['session_id'], 'start_date' => standardTime($start_date, $date_string, 'none'), 'start_timestamp' => $start_date, 'end_date' => standardTime($end_date, $date_string, 'none'), 'end_timestamp' => $end_date, 'is_last' => false);
}
if (!empty($context['linked_calendar_events'])) {
$context['linked_calendar_events'][count($context['linked_calendar_events']) - 1]['is_last'] = true;
$template_layers->add('display_calendar');
}
}
// Create the poll info if it exists.
if ($context['is_poll']) {
$template_layers->add('display_poll');
require_once SUBSDIR . '/Poll.subs.php';
loadPollContext($topicinfo['id_poll']);
// Build the poll moderation button array.
$context['poll_buttons'] = array('vote' => array('test' => 'allow_return_vote', 'text' => 'poll_return_vote', 'image' => 'poll_options.png', 'lang' => true, 'url' => $scripturl . '?topic=' . $context['current_topic'] . '.' . $context['start']), 'results' => array('test' => 'allow_poll_view', 'text' => 'poll_results', 'image' => 'poll_results.png', 'lang' => true, 'url' => $scripturl . '?topic=' . $context['current_topic'] . '.' . $context['start'] . ';viewresults'), 'change_vote' => array('test' => 'allow_change_vote', 'text' => 'poll_change_vote', 'image' => 'poll_change_vote.png', 'lang' => true, 'url' => $scripturl . '?action=poll;sa=vote;topic=' . $context['current_topic'] . '.' . $context['start'] . ';poll=' . $context['poll']['id'] . ';' . $context['session_var'] . '=' . $context['session_id']), 'lock' => array('test' => 'allow_lock_poll', 'text' => !$context['poll']['is_locked'] ? 'poll_lock' : 'poll_unlock', 'image' => 'poll_lock.png', 'lang' => true, 'url' => $scripturl . '?action=lockvoting;topic=' . $context['current_topic'] . '.' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id']), 'edit' => array('test' => 'allow_edit_poll', 'text' => 'poll_edit', 'image' => 'poll_edit.png', 'lang' => true, 'url' => $scripturl . '?action=editpoll;topic=' . $context['current_topic'] . '.' . $context['start']), 'remove_poll' => array('test' => 'can_remove_poll', 'text' => 'poll_remove', 'image' => 'admin_remove_poll.png', 'lang' => true, 'custom' => 'onclick="return confirm(\'' . $txt['poll_remove_warn'] . '\');"', 'url' => $scripturl . '?action=poll;sa=remove;topic=' . $context['current_topic'] . '.' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id']));
// Allow mods to add additional buttons here
call_integration_hook('integrate_poll_buttons');
}
// Calculate the fastest way to get the messages!
$ascending = true;
$start = $_REQUEST['start'];
$limit = $context['messages_per_page'];
$firstIndex = 0;
if ($start >= $context['total_visible_posts'] / 2 && $context['messages_per_page'] != -1) {
$ascending = !$ascending;
$limit = $context['total_visible_posts'] <= $start + $limit ? $context['total_visible_posts'] - $start : $limit;
$start = $context['total_visible_posts'] <= $start + $limit ? 0 : $context['total_visible_posts'] - $start - $limit;
$firstIndex = $limit - 1;
}
// Taking care of member specific settings
$limit_settings = array('messages_per_page' => $context['messages_per_page'], 'start' => $start, 'offset' => $limit);
// Get each post and poster in this topic.
$topic_details = getTopicsPostsAndPoster($topic, $limit_settings, $ascending);
$messages = $topic_details['messages'];
$posters = array_unique($topic_details['all_posters']);
$all_posters = $topic_details['all_posters'];
unset($topic_details);
call_integration_hook('integrate_display_message_list', array(&$messages, &$posters));
// Guests can't mark topics read or for notifications, just can't sorry.
if (!$user_info['is_guest'] && !empty($messages)) {
$mark_at_msg = max($messages);
if ($mark_at_msg >= $topicinfo['id_last_msg']) {
$mark_at_msg = $modSettings['maxMsgID'];
}
if ($mark_at_msg >= $topicinfo['new_from']) {
markTopicsRead(array($user_info['id'], $topic, $mark_at_msg, $topicinfo['unwatched']), $topicinfo['new_from'] !== 0);
}
updateReadNotificationsFor($topic, $board);
// Have we recently cached the number of new topics in this board, and it's still a lot?
if (isset($_REQUEST['topicseen']) && isset($_SESSION['topicseen_cache'][$board]) && $_SESSION['topicseen_cache'][$board] > 5) {
$_SESSION['topicseen_cache'][$board]--;
} elseif (isset($_REQUEST['topicseen'])) {
// Use the mark read tables... and the last visit to figure out if this should be read or not.
$numNewTopics = getUnreadCountSince($board, empty($_SESSION['id_msg_last_visit']) ? 0 : $_SESSION['id_msg_last_visit']);
// If there're no real new topics in this board, mark the board as seen.
if (empty($numNewTopics)) {
$_REQUEST['boardseen'] = true;
} else {
$_SESSION['topicseen_cache'][$board] = $numNewTopics;
}
} elseif (isset($_SESSION['topicseen_cache'][$board])) {
$_SESSION['topicseen_cache'][$board]--;
}
// Mark board as seen if we came using last post link from BoardIndex. (or other places...)
if (isset($_REQUEST['boardseen'])) {
require_once SUBSDIR . '/Boards.subs.php';
markBoardsRead($board, false, false);
}
}
$attachments = array();
// If there _are_ messages here... (probably an error otherwise :!)
if (!empty($messages)) {
require_once SUBSDIR . '/Attachments.subs.php';
// Fetch attachments.
$includeUnapproved = !$modSettings['postmod_active'] || allowedTo('approve_posts');
if (!empty($modSettings['attachmentEnable']) && allowedTo('view_attachments')) {
$attachments = getAttachments($messages, $includeUnapproved, 'filter_accessible_attachment', $all_posters);
}
$msg_parameters = array('message_list' => $messages, 'new_from' => $topicinfo['new_from']);
$msg_selects = array();
$msg_tables = array();
call_integration_hook('integrate_message_query', array(&$msg_selects, &$msg_tables, &$msg_parameters));
// What? It's not like it *couldn't* be only guests in this topic...
if (!empty($posters)) {
loadMemberData($posters);
}
// Load in the likes for this group of messages
if (!empty($modSettings['likes_enabled'])) {
require_once SUBSDIR . '/Likes.subs.php';
$context['likes'] = loadLikes($messages, true);
// ajax controller for likes
loadJavascriptFile('like_posts.js', array('defer' => true));
loadLanguage('Errors');
// Initiate likes and the tooltips for likes
addInlineJavascript('
$(document).ready(function () {
var likePostInstance = likePosts.prototype.init({
oTxt: ({
btnText : ' . JavaScriptEscape($txt['ok_uppercase']) . ',
likeHeadingError : ' . JavaScriptEscape($txt['like_heading_error']) . ',
error_occurred : ' . JavaScriptEscape($txt['error_occurred']) . '
}),
});
$(".like_button, .unlike_button").SiteTooltip({
hoverIntent: {
sensitivity: 10,
interval: 150,
timeout: 50
}
});
});', true);
}
$messages_request = loadMessageRequest($msg_selects, $msg_tables, $msg_parameters);
if (!empty($modSettings['enableFollowup'])) {
require_once SUBSDIR . '/FollowUps.subs.php';
$context['follow_ups'] = followupTopics($messages, $includeUnapproved);
}
// Go to the last message if the given time is beyond the time of the last message.
if (isset($context['start_from']) && $context['start_from'] >= $topicinfo['num_replies']) {
$context['start_from'] = $topicinfo['num_replies'];
}
// Since the anchor information is needed on the top of the page we load these variables beforehand.
$context['first_message'] = isset($messages[$firstIndex]) ? $messages[$firstIndex] : $messages[0];
$context['first_new_message'] = isset($context['start_from']) && $_REQUEST['start'] == $context['start_from'];
} else {
$messages_request = false;
$context['first_message'] = 0;
$context['first_new_message'] = false;
}
$context['jump_to'] = array('label' => addslashes(un_htmlspecialchars($txt['jump_to'])), 'board_name' => htmlspecialchars(strtr(strip_tags($board_info['name']), array('&' => '&')), ENT_COMPAT, 'UTF-8'), 'child_level' => $board_info['child_level']);
// Set the callback. (do you REALIZE how much memory all the messages would take?!?)
// This will be called from the template.
$context['get_message'] = array($this, 'prepareDisplayContext_callback');
// Now set all the wonderful, wonderful permissions... like moderation ones...
$common_permissions = array('can_approve' => 'approve_posts', 'can_ban' => 'manage_bans', 'can_sticky' => 'make_sticky', 'can_merge' => 'merge_any', 'can_split' => 'split_any', 'calendar_post' => 'calendar_post', 'can_mark_notify' => 'mark_any_notify', 'can_send_topic' => 'send_topic', 'can_send_pm' => 'pm_send', 'can_send_email' => 'send_email_to_members', 'can_report_moderator' => 'report_any', 'can_moderate_forum' => 'moderate_forum', 'can_issue_warning' => 'issue_warning', 'can_restore_topic' => 'move_any', 'can_restore_msg' => 'move_any');
foreach ($common_permissions as $contextual => $perm) {
$context[$contextual] = allowedTo($perm);
}
// Permissions with _any/_own versions. $context[YYY] => ZZZ_any/_own.
$anyown_permissions = array('can_move' => 'move', 'can_lock' => 'lock', 'can_delete' => 'remove', 'can_add_poll' => 'poll_add', 'can_remove_poll' => 'poll_remove', 'can_reply' => 'post_reply', 'can_reply_unapproved' => 'post_unapproved_replies');
foreach ($anyown_permissions as $contextual => $perm) {
$context[$contextual] = allowedTo($perm . '_any') || $context['user']['started'] && allowedTo($perm . '_own');
}
// Cleanup all the permissions with extra stuff...
$context['can_mark_notify'] &= !$context['user']['is_guest'];
$context['can_sticky'] &= !empty($modSettings['enableStickyTopics']);
$context['calendar_post'] &= !empty($modSettings['cal_enabled']) && (allowedTo('modify_any') || $context['user']['started'] && allowedTo('modify_own'));
$context['can_add_poll'] &= !empty($modSettings['pollMode']) && $topicinfo['id_poll'] <= 0;
$context['can_remove_poll'] &= !empty($modSettings['pollMode']) && $topicinfo['id_poll'] > 0;
$context['can_reply'] &= empty($topicinfo['locked']) || allowedTo('moderate_board');
$context['can_reply_unapproved'] &= $modSettings['postmod_active'] && (empty($topicinfo['locked']) || allowedTo('moderate_board'));
$context['can_issue_warning'] &= in_array('w', $context['admin_features']) && !empty($modSettings['warning_enable']);
// Handle approval flags...
$context['can_reply_approved'] = $context['can_reply'];
$context['can_reply'] |= $context['can_reply_unapproved'];
$context['can_quote'] = $context['can_reply'] && (empty($modSettings['disabledBBC']) || !in_array('quote', explode(',', $modSettings['disabledBBC'])));
$context['can_mark_unread'] = !$user_info['is_guest'] && $settings['show_mark_read'];
$context['can_unwatch'] = !$user_info['is_guest'] && $modSettings['enable_unwatch'];
$context['can_send_topic'] = (!$modSettings['postmod_active'] || $topicinfo['approved']) && allowedTo('send_topic');
$context['can_print'] = empty($modSettings['disable_print_topic']);
// Start this off for quick moderation - it will be or'd for each post.
$context['can_remove_post'] = allowedTo('delete_any') || allowedTo('delete_replies') && $context['user']['started'];
// Can restore topic? That's if the topic is in the recycle board and has a previous restore state.
$context['can_restore_topic'] &= !empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] == $board && !empty($topicinfo['id_previous_board']);
$context['can_restore_msg'] &= !empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] == $board && !empty($topicinfo['id_previous_topic']);
$context['can_follow_up'] = !empty($modSettings['enableFollowup']) && boardsallowedto('post_new') !== array();
// Check if the draft functions are enabled and that they have permission to use them (for quick reply.)
$context['drafts_save'] = !empty($modSettings['drafts_enabled']) && !empty($modSettings['drafts_post_enabled']) && allowedTo('post_draft') && $context['can_reply'];
$context['drafts_autosave'] = !empty($context['drafts_save']) && !empty($modSettings['drafts_autosave_enabled']) && allowedTo('post_autosave_draft');
if (!empty($context['drafts_save'])) {
loadLanguage('Drafts');
}
if (!empty($context['drafts_autosave']) && empty($options['use_editor_quick_reply'])) {
loadJavascriptFile('drafts.js');
}
if (!empty($modSettings['mentions_enabled'])) {
$context['mentions_enabled'] = true;
// Just using the plain text quick reply and not the editor
if (empty($options['use_editor_quick_reply'])) {
loadJavascriptFile(array('jquery.atwho.js', 'jquery.caret.min.js', 'mentioning.js'));
}
loadCSSFile('jquery.atwho.css');
addInlineJavascript('
$(document).ready(function () {
for (var i = 0, count = all_elk_mentions.length; i < count; i++)
all_elk_mentions[i].oMention = new elk_mentions(all_elk_mentions[i].oOptions);
});');
}
// Load up the Quick ModifyTopic and Quick Reply scripts
loadJavascriptFile('topic.js');
// Auto video embeding enabled?
if (!empty($modSettings['enableVideoEmbeding'])) {
addInlineJavascript('
$(document).ready(function() {
$().linkifyvideo(oEmbedtext);
});');
}
// Load up the "double post" sequencing magic.
if (!empty($options['display_quick_reply'])) {
checkSubmitOnce('register');
$context['name'] = isset($_SESSION['guest_name']) ? $_SESSION['guest_name'] : '';
$context['email'] = isset($_SESSION['guest_email']) ? $_SESSION['guest_email'] : '';
if (!empty($options['use_editor_quick_reply']) && $context['can_reply']) {
// Needed for the editor and message icons.
require_once SUBSDIR . '/Editor.subs.php';
// Now create the editor.
$editorOptions = array('id' => 'message', 'value' => '', 'labels' => array('post_button' => $txt['post']), 'height' => '250px', 'width' => '100%', 'preview_type' => 0);
create_control_richedit($editorOptions);
$context['attached'] = '';
$context['make_poll'] = isset($_REQUEST['poll']);
// Message icons - customized icons are off?
$context['icons'] = getMessageIcons($board);
if (!empty($context['icons'])) {
$context['icons'][count($context['icons']) - 1]['is_last'] = true;
}
}
}
addJavascriptVar(array('notification_topic_notice' => $context['is_marked_notify'] ? $txt['notification_disable_topic'] : $txt['notification_enable_topic']), true);
if ($context['can_send_topic']) {
addJavascriptVar(array('sendtopic_cancel' => $txt['modify_cancel'], 'sendtopic_back' => $txt['back'], 'sendtopic_close' => $txt['find_close'], 'sendtopic_error' => $txt['send_error_occurred'], 'required_field' => $txt['require_field']), true);
}
// Build the normal button array.
$context['normal_buttons'] = array('reply' => array('test' => 'can_reply', 'text' => 'reply', 'image' => 'reply.png', 'lang' => true, 'url' => $scripturl . '?action=post;topic=' . $context['current_topic'] . '.' . $context['start'] . ';last_msg=' . $context['topic_last_message'], 'active' => true), 'notify' => array('test' => 'can_mark_notify', 'text' => $context['is_marked_notify'] ? 'unnotify' : 'notify', 'image' => ($context['is_marked_notify'] ? 'un' : '') . 'notify.png', 'lang' => true, 'custom' => 'onclick="return notifyButton(this);"', 'url' => $scripturl . '?action=notify;sa=' . ($context['is_marked_notify'] ? 'off' : 'on') . ';topic=' . $context['current_topic'] . '.' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id']), 'mark_unread' => array('test' => 'can_mark_unread', 'text' => 'mark_unread', 'image' => 'markunread.png', 'lang' => true, 'url' => $scripturl . '?action=markasread;sa=topic;t=' . $context['mark_unread_time'] . ';topic=' . $context['current_topic'] . '.' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id']), 'unwatch' => array('test' => 'can_unwatch', 'text' => ($context['topic_unwatched'] ? '' : 'un') . 'watch', 'image' => ($context['topic_unwatched'] ? '' : 'un') . 'watched.png', 'lang' => true, 'custom' => 'onclick="return unwatchButton(this);"', 'url' => $scripturl . '?action=unwatchtopic;topic=' . $context['current_topic'] . '.' . $context['start'] . ';sa=' . ($context['topic_unwatched'] ? 'off' : 'on') . ';' . $context['session_var'] . '=' . $context['session_id']), 'send' => array('test' => 'can_send_topic', 'text' => 'send_topic', 'image' => 'sendtopic.png', 'lang' => true, 'url' => $scripturl . '?action=emailuser;sa=sendtopic;topic=' . $context['current_topic'] . '.0', 'custom' => 'onclick="return sendtopicOverlayDiv(this.href, \'' . $txt['send_topic'] . '\');"'), 'print' => array('test' => 'can_print', 'text' => 'print', 'image' => 'print.png', 'lang' => true, 'custom' => 'rel="nofollow"', 'class' => 'new_win', 'url' => $scripturl . '?action=topic;sa=printpage;topic=' . $context['current_topic'] . '.0'));
// Build the mod button array
$context['mod_buttons'] = array('move' => array('test' => 'can_move', 'text' => 'move_topic', 'image' => 'admin_move.png', 'lang' => true, 'url' => $scripturl . '?action=movetopic;current_board=' . $context['current_board'] . ';topic=' . $context['current_topic'] . '.0'), 'delete' => array('test' => 'can_delete', 'text' => 'remove_topic', 'image' => 'admin_rem.png', 'lang' => true, 'custom' => 'onclick="return confirm(\'' . $txt['are_sure_remove_topic'] . '\');"', 'url' => $scripturl . '?action=removetopic2;topic=' . $context['current_topic'] . '.0;' . $context['session_var'] . '=' . $context['session_id']), 'lock' => array('test' => 'can_lock', 'text' => empty($context['is_locked']) ? 'set_lock' : 'set_unlock', 'image' => 'admin_lock.png', 'lang' => true, 'url' => $scripturl . '?action=topic;sa=lock;topic=' . $context['current_topic'] . '.' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id']), 'sticky' => array('test' => 'can_sticky', 'text' => empty($context['is_sticky']) ? 'set_sticky' : 'set_nonsticky', 'image' => 'admin_sticky.png', 'lang' => true, 'url' => $scripturl . '?action=topic;sa=sticky;topic=' . $context['current_topic'] . '.' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id']), 'merge' => array('test' => 'can_merge', 'text' => 'merge', 'image' => 'merge.png', 'lang' => true, 'url' => $scripturl . '?action=mergetopics;board=' . $context['current_board'] . '.0;from=' . $context['current_topic']), 'calendar' => array('test' => 'calendar_post', 'text' => 'calendar_link', 'image' => 'linktocal.png', 'lang' => true, 'url' => $scripturl . '?action=post;calendar;msg=' . $context['topic_first_message'] . ';topic=' . $context['current_topic'] . '.0'));
// Restore topic. eh? No monkey business.
if ($context['can_restore_topic']) {
$context['mod_buttons'][] = array('text' => 'restore_topic', 'image' => '', 'lang' => true, 'url' => $scripturl . '?action=restoretopic;topics=' . $context['current_topic'] . ';' . $context['session_var'] . '=' . $context['session_id']);
}
if ($context['can_reply'] && !empty($options['display_quick_reply'])) {
$template_layers->add('quickreply');
}
$template_layers->add('pages_and_buttons');
// Allow adding new buttons easily.
call_integration_hook('integrate_display_buttons');
call_integration_hook('integrate_mod_buttons');
}
function Post2()
{
global $board, $topic, $txt, $db_prefix, $modSettings, $sourcedir, $context;
global $ID_MEMBER, $user_info, $board_info, $options, $func;
// Previewing? Go back to start.
if (isset($_REQUEST['preview'])) {
return Post();
}
// Prevent double submission of this form.
checkSubmitOnce('check');
// No errors as yet.
$post_errors = array();
// If the session has timed out, let the user re-submit their form.
if (checkSession('post', '', false) != '') {
$post_errors[] = 'session_timeout';
}
require_once $sourcedir . '/Subs-Post.php';
loadLanguage('Post');
// Replying to a topic?
if (!empty($topic) && !isset($_REQUEST['msg'])) {
$request = db_query("\n\t\t\tSELECT t.locked, t.isSticky, t.ID_POLL, t.numReplies, m.ID_MEMBER\n\t\t\tFROM ({$db_prefix}topics AS t, {$db_prefix}messages AS m)\n\t\t\tWHERE t.ID_TOPIC = {$topic}\n\t\t\t\tAND m.ID_MSG = t.ID_FIRST_MSG\n\t\t\tLIMIT 1", __FILE__, __LINE__);
list($tmplocked, $tmpstickied, $pollID, $numReplies, $ID_MEMBER_POSTER) = mysql_fetch_row($request);
mysql_free_result($request);
// Don't allow a post if it's locked.
if ($tmplocked != 0 && !allowedTo('moderate_board')) {
fatal_lang_error(90, false);
}
// Sorry, multiple polls aren't allowed... yet. You should stop giving me ideas :P.
if (isset($_REQUEST['poll']) && $pollID > 0) {
unset($_REQUEST['poll']);
}
if ($ID_MEMBER_POSTER != $ID_MEMBER) {
isAllowedTo('post_reply_any');
} elseif (!allowedTo('post_reply_any')) {
isAllowedTo('post_reply_own');
}
if (isset($_POST['lock'])) {
// Nothing is changed to the lock.
if (empty($tmplocked) && empty($_POST['lock']) || !empty($_POST['lock']) && !empty($tmplocked)) {
unset($_POST['lock']);
} elseif (!allowedTo(array('lock_any', 'lock_own')) || !allowedTo('lock_any') && $ID_MEMBER != $ID_MEMBER_POSTER) {
unset($_POST['lock']);
} elseif (!allowedTo('lock_any')) {
// You cannot override a moderator lock.
if ($tmplocked == 1) {
unset($_POST['lock']);
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 2;
}
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 1;
}
}
// So you wanna (un)sticky this...let's see.
if (isset($_POST['sticky']) && (empty($modSettings['enableStickyTopics']) || $_POST['sticky'] == $tmpstickied || !allowedTo('make_sticky'))) {
unset($_POST['sticky']);
}
// If the number of replies has changed, if the setting is enabled, go back to Post() - which handles the error.
$newReplies = isset($_POST['num_replies']) && $numReplies > $_POST['num_replies'] ? $numReplies - $_POST['num_replies'] : 0;
if (empty($options['no_new_reply_warning']) && !empty($newReplies)) {
$_REQUEST['preview'] = true;
return Post();
}
$posterIsGuest = $user_info['is_guest'];
} elseif (empty($topic)) {
if (!isset($_REQUEST['poll']) || $modSettings['pollMode'] != '1') {
isAllowedTo('post_new');
}
if (isset($_POST['lock'])) {
// New topics are by default not locked.
if (empty($_POST['lock'])) {
unset($_POST['lock']);
} elseif (!allowedTo(array('lock_any', 'lock_own'))) {
unset($_POST['lock']);
} else {
$_POST['lock'] = allowedTo('lock_any') ? 1 : 2;
}
}
if (isset($_POST['sticky']) && (empty($modSettings['enableStickyTopics']) || empty($_POST['sticky']) || !allowedTo('make_sticky'))) {
unset($_POST['sticky']);
}
$posterIsGuest = $user_info['is_guest'];
} elseif (isset($_REQUEST['msg']) && !empty($topic)) {
$_REQUEST['msg'] = (int) $_REQUEST['msg'];
$request = db_query("\n\t\t\tSELECT\n\t\t\t\tm.ID_MEMBER, m.posterName, m.posterEmail, m.posterTime, \n\t\t\t\tt.ID_FIRST_MSG, t.locked, t.isSticky, t.ID_MEMBER_STARTED AS ID_MEMBER_POSTER\n\t\t\tFROM ({$db_prefix}messages AS m, {$db_prefix}topics AS t)\n\t\t\tWHERE m.ID_MSG = {$_REQUEST['msg']}\n\t\t\t\tAND t.ID_TOPIC = {$topic}\n\t\t\tLIMIT 1", __FILE__, __LINE__);
if (mysql_num_rows($request) == 0) {
fatal_lang_error('smf272', false);
}
$row = mysql_fetch_assoc($request);
mysql_free_result($request);
if (!empty($row['locked']) && !allowedTo('moderate_board')) {
fatal_lang_error(90, false);
}
if (isset($_POST['lock'])) {
// Nothing changes to the lock status.
if (empty($_POST['lock']) && empty($row['locked']) || !empty($_POST['lock']) && !empty($row['locked'])) {
unset($_POST['lock']);
} elseif (!allowedTo(array('lock_any', 'lock_own')) || !allowedTo('lock_any') && $ID_MEMBER != $row['ID_MEMBER_POSTER']) {
unset($_POST['lock']);
} elseif (!allowedTo('lock_any')) {
// You're not allowed to break a moderator's lock.
if ($row['locked'] == 1) {
unset($_POST['lock']);
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 2;
}
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 1;
}
}
// Change the sticky status of this topic?
if (isset($_POST['sticky']) && (!allowedTo('make_sticky') || $_POST['sticky'] == $row['isSticky'])) {
unset($_POST['sticky']);
}
if ($row['ID_MEMBER'] == $ID_MEMBER && !allowedTo('modify_any')) {
if (!empty($modSettings['edit_disable_time']) && $row['posterTime'] + ($modSettings['edit_disable_time'] + 5) * 60 < time()) {
fatal_lang_error('modify_post_time_passed', false);
} elseif ($row['ID_MEMBER_POSTER'] == $ID_MEMBER && !allowedTo('modify_own')) {
isAllowedTo('modify_replies');
} else {
isAllowedTo('modify_own');
}
} elseif ($row['ID_MEMBER_POSTER'] == $ID_MEMBER && !allowedTo('modify_any')) {
isAllowedTo('modify_replies');
// If you're modifying a reply, I say it better be logged...
$moderationAction = true;
} else {
isAllowedTo('modify_any');
// Log it, assuming you're not modifying your own post.
if ($row['ID_MEMBER'] != $ID_MEMBER) {
$moderationAction = true;
}
}
$posterIsGuest = empty($row['ID_MEMBER']);
if (!allowedTo('moderate_forum') || !$posterIsGuest) {
$_POST['guestname'] = addslashes($row['posterName']);
$_POST['email'] = addslashes($row['posterEmail']);
}
}
// If the poster is a guest evaluate the legality of name and email.
if ($posterIsGuest) {
$_POST['guestname'] = !isset($_POST['guestname']) ? '' : trim($_POST['guestname']);
$_POST['email'] = !isset($_POST['email']) ? '' : trim($_POST['email']);
if ($_POST['guestname'] == '' || $_POST['guestname'] == '_') {
$post_errors[] = 'no_name';
}
if ($func['strlen']($_POST['guestname']) > 25) {
$post_errors[] = 'long_name';
}
if (empty($modSettings['guest_post_no_email'])) {
// Only check if they changed it!
if (!isset($row) || $row['posterEmail'] != $_POST['email']) {
if (!allowedTo('moderate_forum') && (!isset($_POST['email']) || $_POST['email'] == '')) {
$post_errors[] = 'no_email';
}
if (!allowedTo('moderate_forum') && preg_match('~^[0-9A-Za-z=_+\\-/][0-9A-Za-z=_\'+\\-/\\.]*@[\\w\\-]+(\\.[\\w\\-]+)*(\\.[\\w]{2,6})$~', stripslashes($_POST['email'])) == 0) {
$post_errors[] = 'bad_email';
}
}
// Now make sure this email address is not banned from posting.
isBannedEmail($_POST['email'], 'cannot_post', sprintf($txt['you_are_post_banned'], $txt[28]));
}
}
// Check the subject and message.
if (!isset($_POST['subject']) || $func['htmltrim']($_POST['subject']) === '') {
$post_errors[] = 'no_subject';
}
if (!isset($_POST['message']) || $func['htmltrim']($_POST['message']) === '') {
$post_errors[] = 'no_message';
} elseif (!empty($modSettings['max_messageLength']) && $func['strlen']($_POST['message']) > $modSettings['max_messageLength']) {
$post_errors[] = 'long_message';
} else {
// Prepare the message a bit for some additional testing.
$_POST['message'] = $func['htmlspecialchars']($_POST['message'], ENT_QUOTES);
// Preparse code. (Zef)
if ($user_info['is_guest']) {
$user_info['name'] = $_POST['guestname'];
}
preparsecode($_POST['message']);
// Let's see if there's still some content left without the tags.
if ($func['htmltrim'](strip_tags(parse_bbc($_POST['message'], false), '<img>')) === '') {
$post_errors[] = 'no_message';
}
}
if (isset($_POST['calendar']) && !isset($_REQUEST['deleteevent']) && $func['htmltrim']($_POST['evtitle']) === '') {
$post_errors[] = 'no_event';
}
// You are not!
if (isset($_POST['message']) && strtolower($_POST['message']) == 'i am the administrator.' && !$user_info['is_admin']) {
fatal_error('Knave! Masquerader! Charlatan!', false);
}
// Validate the poll...
if (isset($_REQUEST['poll']) && $modSettings['pollMode'] == '1') {
if (!empty($topic) && !isset($_REQUEST['msg'])) {
fatal_lang_error(1, false);
}
// This is a new topic... so it's a new poll.
if (empty($topic)) {
isAllowedTo('poll_post');
} elseif ($ID_MEMBER == $row['ID_MEMBER_POSTER'] && !allowedTo('poll_add_any')) {
isAllowedTo('poll_add_own');
} else {
isAllowedTo('poll_add_any');
}
if (!isset($_POST['question']) || trim($_POST['question']) == '') {
$post_errors[] = 'no_question';
}
$_POST['options'] = empty($_POST['options']) ? array() : htmltrim__recursive($_POST['options']);
// Get rid of empty ones.
foreach ($_POST['options'] as $k => $option) {
if ($option == '') {
unset($_POST['options'][$k], $_POST['options'][$k]);
}
}
// What are you going to vote between with one choice?!?
if (count($_POST['options']) < 2) {
$post_errors[] = 'poll_few';
}
}
if ($posterIsGuest) {
// If user is a guest, make sure the chosen name isn't taken.
require_once $sourcedir . '/Subs-Members.php';
if (isReservedName($_POST['guestname'], 0, true, false) && (!isset($row['posterName']) || $_POST['guestname'] != $row['posterName'])) {
$post_errors[] = 'bad_name';
}
} elseif (!isset($_REQUEST['msg'])) {
$_POST['guestname'] = addslashes($user_info['username']);
$_POST['email'] = addslashes($user_info['email']);
}
// Any mistakes?
if (!empty($post_errors)) {
loadLanguage('Errors');
// Previewing.
$_REQUEST['preview'] = true;
$context['post_error'] = array('messages' => array());
foreach ($post_errors as $post_error) {
$context['post_error'][$post_error] = true;
$context['post_error']['messages'][] = $txt['error_' . $post_error];
}
return Post();
}
// Make sure the user isn't spamming the board.
if (!isset($_REQUEST['msg'])) {
spamProtection('spam');
}
// At about this point, we're posting and that's that.
ignore_user_abort(true);
@set_time_limit(300);
// Add special html entities to the subject, name, and email.
$_POST['subject'] = strtr($func['htmlspecialchars']($_POST['subject']), array("\r" => '', "\n" => '', "\t" => ''));
$_POST['guestname'] = htmlspecialchars($_POST['guestname']);
$_POST['email'] = htmlspecialchars($_POST['email']);
// At this point, we want to make sure the subject isn't too long.
if ($func['strlen']($_POST['subject']) > 100) {
$_POST['subject'] = addslashes($func['substr'](stripslashes($_POST['subject']), 0, 100));
}
// Make the poll...
if (isset($_REQUEST['poll'])) {
// Make sure that the user has not entered a ridiculous number of options..
if (empty($_POST['poll_max_votes']) || $_POST['poll_max_votes'] <= 0) {
$_POST['poll_max_votes'] = 1;
} elseif ($_POST['poll_max_votes'] > count($_POST['options'])) {
$_POST['poll_max_votes'] = count($_POST['options']);
} else {
$_POST['poll_max_votes'] = (int) $_POST['poll_max_votes'];
}
// Just set it to zero if it's not there..
if (!isset($_POST['poll_hide'])) {
$_POST['poll_hide'] = 0;
} else {
$_POST['poll_hide'] = (int) $_POST['poll_hide'];
}
$_POST['poll_change_vote'] = isset($_POST['poll_change_vote']) ? 1 : 0;
// If the user tries to set the poll too far in advance, don't let them.
if (!empty($_POST['poll_expire']) && $_POST['poll_expire'] < 1) {
fatal_lang_error('poll_range_error', false);
} elseif (empty($_POST['poll_expire']) && $_POST['poll_hide'] == 2) {
$_POST['poll_hide'] = 1;
}
// Clean up the question and answers.
$_POST['question'] = $func['htmlspecialchars']($_POST['question']);
$_POST['options'] = htmlspecialchars__recursive($_POST['options']);
}
// Check if they are trying to delete any current attachments....
if (isset($_REQUEST['msg'], $_POST['attach_del']) && allowedTo('post_attachment')) {
$del_temp = array();
foreach ($_POST['attach_del'] as $i => $dummy) {
$del_temp[$i] = (int) $dummy;
}
require_once $sourcedir . '/ManageAttachments.php';
removeAttachments('a.attachmentType = 0 AND a.ID_MSG = ' . (int) $_REQUEST['msg'] . ' AND a.ID_ATTACH NOT IN (' . implode(', ', $del_temp) . ')');
}
// ...or attach a new file...
if (isset($_FILES['attachment']['name']) || !empty($_SESSION['temp_attachments'])) {
isAllowedTo('post_attachment');
// If this isn't a new post, check the current attachments.
if (isset($_REQUEST['msg'])) {
$request = db_query("\n\t\t\t\tSELECT COUNT(*), SUM(size)\n\t\t\t\tFROM {$db_prefix}attachments\n\t\t\t\tWHERE ID_MSG = " . (int) $_REQUEST['msg'] . "\n\t\t\t\t\tAND attachmentType = 0", __FILE__, __LINE__);
list($quantity, $total_size) = mysql_fetch_row($request);
mysql_free_result($request);
} else {
$quantity = 0;
$total_size = 0;
}
if (!empty($_SESSION['temp_attachments'])) {
foreach ($_SESSION['temp_attachments'] as $attachID => $name) {
if (preg_match('~^post_tmp_' . $ID_MEMBER . '_\\d+$~', $attachID) == 0) {
continue;
}
if (!empty($_POST['attach_del']) && !in_array($attachID, $_POST['attach_del'])) {
unset($_SESSION['temp_attachments'][$attachID]);
@unlink($modSettings['attachmentUploadDir'] . '/' . $attachID);
continue;
}
$_FILES['attachment']['tmp_name'][] = $attachID;
$_FILES['attachment']['name'][] = addslashes($name);
$_FILES['attachment']['size'][] = filesize($modSettings['attachmentUploadDir'] . '/' . $attachID);
list($_FILES['attachment']['width'][], $_FILES['attachment']['height'][]) = @getimagesize($modSettings['attachmentUploadDir'] . '/' . $attachID);
unset($_SESSION['temp_attachments'][$attachID]);
}
}
if (!isset($_FILES['attachment']['name'])) {
$_FILES['attachment']['tmp_name'] = array();
}
$attachIDs = array();
foreach ($_FILES['attachment']['tmp_name'] as $n => $dummy) {
if ($_FILES['attachment']['name'][$n] == '') {
continue;
}
// Have we reached the maximum number of files we are allowed?
$quantity++;
if (!empty($modSettings['attachmentNumPerPostLimit']) && $quantity > $modSettings['attachmentNumPerPostLimit']) {
fatal_lang_error('attachments_limit_per_post', false, array($modSettings['attachmentNumPerPostLimit']));
}
// Check the total upload size for this post...
$total_size += $_FILES['attachment']['size'][$n];
if (!empty($modSettings['attachmentPostLimit']) && $total_size > $modSettings['attachmentPostLimit'] * 1024) {
fatal_lang_error('smf122', false, array($modSettings['attachmentPostLimit']));
}
$attachmentOptions = array('post' => isset($_REQUEST['msg']) ? $_REQUEST['msg'] : 0, 'poster' => $ID_MEMBER, 'name' => $_FILES['attachment']['name'][$n], 'tmp_name' => $_FILES['attachment']['tmp_name'][$n], 'size' => $_FILES['attachment']['size'][$n]);
if (createAttachment($attachmentOptions)) {
$attachIDs[] = $attachmentOptions['id'];
if (!empty($attachmentOptions['thumb'])) {
$attachIDs[] = $attachmentOptions['thumb'];
}
} else {
if (in_array('could_not_upload', $attachmentOptions['errors'])) {
fatal_lang_error('smf124');
}
if (in_array('too_large', $attachmentOptions['errors'])) {
fatal_lang_error('smf122', false, array($modSettings['attachmentSizeLimit']));
}
if (in_array('bad_extension', $attachmentOptions['errors'])) {
fatal_error($attachmentOptions['name'] . '.<br />' . $txt['smf123'] . ' ' . $modSettings['attachmentExtensions'] . '.', false);
}
if (in_array('directory_full', $attachmentOptions['errors'])) {
fatal_lang_error('smf126');
}
if (in_array('bad_filename', $attachmentOptions['errors'])) {
fatal_error(basename($attachmentOptions['name']) . '.<br />' . $txt['smf130b'] . '.');
}
if (in_array('taken_filename', $attachmentOptions['errors'])) {
fatal_lang_error('smf125');
}
}
}
}
// Make the poll...
if (isset($_REQUEST['poll'])) {
// Create the poll.
db_query("\n\t\t\tINSERT INTO {$db_prefix}polls\n\t\t\t\t(question, hideResults, maxVotes, expireTime, ID_MEMBER, posterName, changeVote)\n\t\t\tVALUES (SUBSTRING('{$_POST['question']}', 1, 255), {$_POST['poll_hide']}, {$_POST['poll_max_votes']},\n\t\t\t\t" . (empty($_POST['poll_expire']) ? '0' : time() + $_POST['poll_expire'] * 3600 * 24) . ", {$ID_MEMBER}, SUBSTRING('{$_POST['guestname']}', 1, 255), {$_POST['poll_change_vote']})", __FILE__, __LINE__);
$ID_POLL = db_insert_id();
// Create each answer choice.
$i = 0;
$setString = '';
foreach ($_POST['options'] as $option) {
$setString .= "\n\t\t\t\t\t({$ID_POLL}, {$i}, SUBSTRING('{$option}', 1, 255)),";
$i++;
}
db_query("\n\t\t\tINSERT INTO {$db_prefix}poll_choices\n\t\t\t\t(ID_POLL, ID_CHOICE, label)\n\t\t\tVALUES" . substr($setString, 0, -1), __FILE__, __LINE__);
} else {
$ID_POLL = 0;
}
// Creating a new topic?
$newTopic = empty($_REQUEST['msg']) && empty($topic);
// Collect all parameters for the creation or modification of a post.
$msgOptions = array('id' => empty($_REQUEST['msg']) ? 0 : (int) $_REQUEST['msg'], 'subject' => $_POST['subject'], 'body' => $_POST['message'], 'icon' => preg_replace('~[\\./\\\\*\':"<>]~', '', $_POST['icon']), 'smileys_enabled' => !isset($_POST['ns']), 'attachments' => empty($attachIDs) ? array() : $attachIDs);
$topicOptions = array('id' => empty($topic) ? 0 : $topic, 'board' => $board, 'poll' => isset($_REQUEST['poll']) ? $ID_POLL : null, 'lock_mode' => isset($_POST['lock']) ? (int) $_POST['lock'] : null, 'sticky_mode' => isset($_POST['sticky']) && !empty($modSettings['enableStickyTopics']) ? (int) $_POST['sticky'] : null, 'mark_as_read' => true);
$posterOptions = array('id' => $ID_MEMBER, 'name' => $_POST['guestname'], 'email' => $_POST['email'], 'update_post_count' => !$user_info['is_guest'] && !isset($_REQUEST['msg']) && $board_info['posts_count']);
// This is an already existing message. Edit it.
if (!empty($_REQUEST['msg'])) {
// Have admins allowed people to hide their screwups?
if (time() - $row['posterTime'] > $modSettings['edit_wait_time'] || $ID_MEMBER != $row['ID_MEMBER']) {
$msgOptions['modify_time'] = time();
$msgOptions['modify_name'] = addslashes($user_info['name']);
}
modifyPost($msgOptions, $topicOptions, $posterOptions);
} else {
createPost($msgOptions, $topicOptions, $posterOptions);
if (isset($topicOptions['id'])) {
$topic = $topicOptions['id'];
}
}
// Editing or posting an event?
if (isset($_POST['calendar']) && (!isset($_REQUEST['eventid']) || $_REQUEST['eventid'] == -1)) {
require_once $sourcedir . '/Calendar.php';
calendarCanLink();
calendarInsertEvent($board, $topic, $_POST['evtitle'], $ID_MEMBER, $_POST['month'], $_POST['day'], $_POST['year'], isset($_POST['span']) ? $_POST['span'] : null);
} elseif (isset($_POST['calendar'])) {
$_REQUEST['eventid'] = (int) $_REQUEST['eventid'];
// Validate the post...
require_once $sourcedir . '/Subs-Post.php';
calendarValidatePost();
// If you're not allowed to edit any events, you have to be the poster.
if (!allowedTo('calendar_edit_any')) {
// Get the event's poster.
$request = db_query("\n\t\t\t\tSELECT ID_MEMBER\n\t\t\t\tFROM {$db_prefix}calendar\n\t\t\t\tWHERE ID_EVENT = {$_REQUEST['eventid']}", __FILE__, __LINE__);
$row2 = mysql_fetch_assoc($request);
mysql_free_result($request);
// Silly hacker, Trix are for kids. ...probably trademarked somewhere, this is FAIR USE! (parody...)
isAllowedTo('calendar_edit_' . ($row2['ID_MEMBER'] == $ID_MEMBER ? 'own' : 'any'));
}
// Delete it?
if (isset($_REQUEST['deleteevent'])) {
db_query("\n\t\t\t\tDELETE FROM {$db_prefix}calendar\n\t\t\t\tWHERE ID_EVENT = {$_REQUEST['eventid']}\n\t\t\t\tLIMIT 1", __FILE__, __LINE__);
} else {
$span = !empty($modSettings['cal_allowspan']) && !empty($_REQUEST['span']) ? min((int) $modSettings['cal_maxspan'], (int) $_REQUEST['span'] - 1) : 0;
$start_time = mktime(0, 0, 0, (int) $_REQUEST['month'], (int) $_REQUEST['day'], (int) $_REQUEST['year']);
db_query("\n\t\t\t\tUPDATE {$db_prefix}calendar\n\t\t\t\tSET endDate = '" . strftime('%Y-%m-%d', $start_time + $span * 86400) . "',\n\t\t\t\t\tstartDate = '" . strftime('%Y-%m-%d', $start_time) . "',\n\t\t\t\t\ttitle = '" . $func['htmlspecialchars']($_REQUEST['evtitle'], ENT_QUOTES) . "'\n\t\t\t\tWHERE ID_EVENT = {$_REQUEST['eventid']}\n\t\t\t\tLIMIT 1", __FILE__, __LINE__);
}
updateStats('calendar');
}
// Marking read should be done even for editing messages....
if (!$user_info['is_guest']) {
// Mark all the parents read. (since you just posted and they will be unread.)
if (!empty($board_info['parent_boards'])) {
db_query("\n\t\t\t\tUPDATE {$db_prefix}log_boards\n\t\t\t\tSET ID_MSG = {$modSettings['maxMsgID']}\n\t\t\t\tWHERE ID_MEMBER = {$ID_MEMBER}\n\t\t\t\t\tAND ID_BOARD IN (" . implode(',', array_keys($board_info['parent_boards'])) . ")", __FILE__, __LINE__);
}
}
// Turn notification on or off. (note this just blows smoke if it's already on or off.)
if (!empty($_POST['notify'])) {
if (allowedTo('mark_any_notify')) {
db_query("\n\t\t\t\tINSERT IGNORE INTO {$db_prefix}log_notify\n\t\t\t\t\t(ID_MEMBER, ID_TOPIC, ID_BOARD)\n\t\t\t\tVALUES ({$ID_MEMBER}, {$topic}, 0)", __FILE__, __LINE__);
}
} elseif (!$newTopic) {
db_query("\n\t\t\tDELETE FROM {$db_prefix}log_notify\n\t\t\tWHERE ID_MEMBER = {$ID_MEMBER}\n\t\t\t\tAND ID_TOPIC = {$topic}\n\t\t\tLIMIT 1", __FILE__, __LINE__);
}
// Log an act of moderation - modifying.
if (!empty($moderationAction)) {
logAction('modify', array('topic' => $topic, 'message' => (int) $_REQUEST['msg'], 'member' => $row['ID_MEMBER']));
}
if (isset($_POST['lock']) && $_POST['lock'] != 2) {
logAction('lock', array('topic' => $topicOptions['id']));
}
if (isset($_POST['sticky']) && !empty($modSettings['enableStickyTopics'])) {
logAction('sticky', array('topic' => $topicOptions['id']));
}
// Notify any members who have notification turned on for this topic.
if ($newTopic) {
notifyMembersBoard();
} elseif (empty($_REQUEST['msg'])) {
sendNotifications($topic, 'reply');
}
// Returning to the topic?
if (!empty($_REQUEST['goback'])) {
// Mark the board as read.... because it might get confusing otherwise.
db_query("\n\t\t\tUPDATE {$db_prefix}log_boards\n\t\t\tSET ID_MSG = {$modSettings['maxMsgID']}\n\t\t\tWHERE ID_MEMBER = {$ID_MEMBER}\n\t\t\t\tAND ID_BOARD = {$board}", __FILE__, __LINE__);
}
if (!empty($_POST['announce_topic'])) {
redirectexit('action=announce;sa=selectgroup;topic=' . $topic . (!empty($_POST['move']) && allowedTo('move_any') ? ';move' : '') . (empty($_REQUEST['goback']) ? '' : ';goback'));
}
if (!empty($_POST['move']) && allowedTo('move_any')) {
redirectexit('action=movetopic;topic=' . $topic . '.0' . (empty($_REQUEST['goback']) ? '' : ';goback'));
}
// Return to post if the mod is on.
if (isset($_REQUEST['msg']) && !empty($_REQUEST['goback'])) {
redirectexit('topic=' . $topic . '.msg' . $_REQUEST['msg'] . '#msg' . $_REQUEST['msg'], $context['browser']['is_ie']);
} elseif (!empty($_REQUEST['goback'])) {
redirectexit('topic=' . $topic . '.new#new', $context['browser']['is_ie']);
} else {
redirectexit('board=' . $board . '.0');
}
}
/**
* Execute the move of a topic.
* It is called on the submit of action_movetopic.
* This function logs that topics have been moved in the moderation log.
* If the member is the topic starter requires the move_own permission,
* otherwise requires the move_any permission.
* Upon successful completion redirects to message index.
* Accessed via ?action=movetopic2.
*
* @uses subs/Post.subs.php.
*/
public function action_movetopic2()
{
global $txt, $board, $topic, $scripturl, $context, $language, $user_info;
if (empty($topic)) {
fatal_lang_error('no_access', false);
}
// You can't choose to have a redirection topic and use an empty reason.
if (isset($_POST['postRedirect']) && (!isset($_POST['reason']) || trim($_POST['reason']) == '')) {
fatal_lang_error('movetopic_no_reason', false);
}
// You have to tell us were you are moving to
if (!isset($_POST['toboard'])) {
fatal_lang_error('movetopic_no_board', false);
}
// We will need this
require_once SUBSDIR . '/Topic.subs.php';
moveTopicConcurrence();
// Make sure this form hasn't been submitted before.
checkSubmitOnce('check');
// Get the basic details on this topic
$topic_info = getTopicInfo($topic);
$context['is_approved'] = $topic_info['approved'];
// Can they see it?
if (!$context['is_approved']) {
isAllowedTo('approve_posts');
}
// Can they move topics on this board?
if (!allowedTo('move_any')) {
if ($topic_info['id_member_started'] == $user_info['id']) {
isAllowedTo('move_own');
} else {
isAllowedTo('move_any');
}
}
checkSession();
require_once SUBSDIR . '/Post.subs.php';
require_once SUBSDIR . '/Boards.subs.php';
// The destination board must be numeric.
$toboard = (int) $_POST['toboard'];
// Make sure they can see the board they are trying to move to (and get whether posts count in the target board).
$board_info = boardInfo($toboard, $topic);
if (empty($board_info)) {
fatal_lang_error('no_board');
}
// Remember this for later.
$_SESSION['move_to_topic'] = array('move_to' => $toboard);
// Rename the topic...
if (isset($_POST['reset_subject'], $_POST['custom_subject']) && $_POST['custom_subject'] != '') {
$custom_subject = strtr(Util::htmltrim(Util::htmlspecialchars($_POST['custom_subject'])), array("\r" => '', "\n" => '', "\t" => ''));
// Keep checking the length.
if (Util::strlen($custom_subject) > 100) {
$custom_subject = Util::substr($custom_subject, 0, 100);
}
// If it's still valid move onwards and upwards.
if ($custom_subject != '') {
$all_messages = isset($_POST['enforce_subject']);
if ($all_messages) {
// Get a response prefix, but in the forum's default language.
$context['response_prefix'] = response_prefix();
topicSubject($topic_info, $custom_subject, $context['response_prefix'], $all_messages);
} else {
topicSubject($topic_info, $custom_subject);
}
// Fix the subject cache.
updateStats('subject', $topic, $custom_subject);
}
}
// Create a link to this in the old board.
// @todo Does this make sense if the topic was unapproved before? I'd just about say so.
if (isset($_POST['postRedirect'])) {
// Should be in the boardwide language.
if ($user_info['language'] != $language) {
loadLanguage('index', $language);
}
$reason = Util::htmlspecialchars($_POST['reason'], ENT_QUOTES);
preparsecode($reason);
// Add a URL onto the message.
$reason = strtr($reason, array($txt['movetopic_auto_board'] => '[url=' . $scripturl . '?board=' . $toboard . '.0]' . $board_info['name'] . '[/url]', $txt['movetopic_auto_topic'] => '[iurl]' . $scripturl . '?topic=' . $topic . '.0[/iurl]'));
// Auto remove this MOVED redirection topic in the future?
$redirect_expires = !empty($_POST['redirect_expires']) ? (int) $_POST['redirect_expires'] : 0;
// Redirect to the MOVED topic from topic list?
$redirect_topic = isset($_POST['redirect_topic']) ? $topic : 0;
// And remember the last expiry period too.
$_SESSION['move_to_topic']['redirect_topic'] = $redirect_topic;
$_SESSION['move_to_topic']['redirect_expires'] = $redirect_expires;
$msgOptions = array('subject' => $txt['moved'] . ': ' . $board_info['subject'], 'body' => $reason, 'icon' => 'moved', 'smileys_enabled' => 1);
$topicOptions = array('board' => $board, 'lock_mode' => 1, 'mark_as_read' => true, 'redirect_expires' => empty($redirect_expires) ? 0 : $redirect_expires * 60 + time(), 'redirect_topic' => $redirect_topic);
$posterOptions = array('id' => $user_info['id'], 'update_post_count' => empty($board_info['count_posts']));
createPost($msgOptions, $topicOptions, $posterOptions);
}
$board_from = boardInfo($board);
if ($board_from['count_posts'] != $board_info['count_posts']) {
$posters = postersCount($topic);
foreach ($posters as $id_member => $posts) {
// The board we're moving from counted posts, but not to.
if (empty($board_from['count_posts'])) {
updateMemberData($id_member, array('posts' => 'posts - ' . $posts));
} else {
updateMemberData($id_member, array('posts' => 'posts + ' . $posts));
}
}
}
// Do the move (includes statistics update needed for the redirect topic).
moveTopics($topic, $toboard);
// Log that they moved this topic.
if (!allowedTo('move_own') || $topic_info['id_member_started'] != $user_info['id']) {
logAction('move', array('topic' => $topic, 'board_from' => $board, 'board_to' => $toboard));
}
// Notify people that this topic has been moved?
require_once SUBSDIR . '/Notification.subs.php';
sendNotifications($topic, 'move');
// Why not go back to the original board in case they want to keep moving?
if (!isset($_REQUEST['goback'])) {
redirectexit('board=' . $board . '.0');
} else {
redirectexit('topic=' . $topic . '.0');
}
}
function MoveTopic2()
{
global $txt, $board, $topic, $scripturl, $sourcedir, $modSettings, $context;
global $db_prefix, $ID_MEMBER, $board, $language, $user_info, $func;
// Make sure this form hasn't been submitted before.
checkSubmitOnce('check');
$request = db_query("\n\t\tSELECT ID_MEMBER_STARTED, ID_FIRST_MSG\n\t\tFROM {$db_prefix}topics\n\t\tWHERE ID_TOPIC = {$topic}\n\t\tLIMIT 1", __FILE__, __LINE__);
list($ID_MEMBER_STARTED, $ID_FIRST_MSG) = mysql_fetch_row($request);
mysql_free_result($request);
// Can they move topics on this board?
if (!allowedTo('move_any')) {
if ($ID_MEMBER_STARTED == $ID_MEMBER) {
isAllowedTo('move_own');
$boards = array_merge(boardsAllowedTo('move_own'), boardsAllowedTo('move_any'));
} else {
isAllowedTo('move_any');
}
} else {
$boards = boardsAllowedTo('move_any');
}
checkSession();
require_once $sourcedir . '/Subs-Post.php';
// The destination board must be numeric.
$_POST['toboard'] = (int) $_POST['toboard'];
// !!!
/*if (!in_array($_POST['toboard'], $boards) && !in_array(0, $boards))
fatal_lang_error('smf232');*/
// Make sure they can see the board they are trying to move to (and get whether posts count in the target board).
$request = db_query("\n\t\tSELECT b.countPosts, b.name, m.subject\n\t\tFROM ({$db_prefix}boards AS b, {$db_prefix}topics AS t, {$db_prefix}messages AS m)\n\t\tWHERE {$user_info['query_see_board']}\n\t\t\tAND b.ID_BOARD = {$_POST['toboard']}\n\t\t\tAND t.ID_TOPIC = {$topic}\n\t\t\tAND m.ID_MSG = t.ID_FIRST_MSG\n\t\tLIMIT 1", __FILE__, __LINE__);
if (mysql_num_rows($request) == 0) {
fatal_lang_error('smf232');
}
list($pcounter, $board_name, $subject) = mysql_fetch_row($request);
mysql_free_result($request);
// Remember this for later.
$_SESSION['move_to_topic'] = $_POST['toboard'];
// Rename the topic...
if (isset($_POST['reset_subject'], $_POST['custom_subject']) && $_POST['custom_subject'] != '') {
$_POST['custom_subject'] = $func['htmlspecialchars']($_POST['custom_subject']);
if (isset($_POST['enforce_subject'])) {
// Get a response prefix, but in the forum's default language.
if (!isset($context['response_prefix']) && !($context['response_prefix'] = cache_get_data('response_prefix'))) {
if ($language === $user_info['language']) {
$context['response_prefix'] = $txt['response_prefix'];
} else {
loadLanguage('index', $language, false);
$context['response_prefix'] = $txt['response_prefix'];
loadLanguage('index');
}
cache_put_data('response_prefix', $context['response_prefix'], 600);
}
db_query("\n\t\t\t\tUPDATE {$db_prefix}messages\n\t\t\t\tSET subject = '{$context['response_prefix']}{$_POST['custom_subject']}'\n\t\t\t\tWHERE ID_TOPIC = {$topic}", __FILE__, __LINE__);
}
db_query("\n\t\t\tUPDATE {$db_prefix}messages\n\t\t\tSET subject = '{$_POST['custom_subject']}'\n\t\t\tWHERE ID_MSG = {$ID_FIRST_MSG}\n\t\t\tLIMIT 1", __FILE__, __LINE__);
// Fix the subject cache.
updateStats('subject', $topic, $_POST['custom_subject']);
}
// Create a link to this in the old board.
if (isset($_POST['postRedirect'])) {
// Should be in the boardwide language.
if ($user_info['language'] != $language) {
loadLanguage('index', $language);
}
$_POST['reason'] = $func['htmlspecialchars']($_POST['reason'], ENT_QUOTES);
preparsecode($_POST['reason']);
// Add a URL onto the message.
$_POST['reason'] = strtr($_POST['reason'], array($txt['movetopic_auto_board'] => '[url=' . $scripturl . '?board=' . $_POST['toboard'] . ']' . addslashes($board_name) . '[/url]', $txt['movetopic_auto_topic'] => '[iurl]' . $scripturl . '?topic=' . $topic . '.0[/iurl]'));
$msgOptions = array('subject' => addslashes($txt['smf56'] . ': ' . $subject), 'body' => $_POST['reason'], 'icon' => 'moved', 'smileys_enabled' => 1);
$topicOptions = array('board' => $board, 'lock_mode' => 1, 'mark_as_read' => true);
$posterOptions = array('id' => $ID_MEMBER, 'update_post_count' => !empty($pcounter));
createPost($msgOptions, $topicOptions, $posterOptions);
}
$request = db_query("\n\t\tSELECT countPosts\n\t\tFROM {$db_prefix}boards\n\t\tWHERE ID_BOARD = {$board}\n\t\tLIMIT 1", __FILE__, __LINE__);
list($pcounter_from) = mysql_fetch_row($request);
mysql_free_result($request);
if ($pcounter_from != $pcounter) {
$request = db_query("\n\t\t\tSELECT ID_MEMBER\n\t\t\tFROM {$db_prefix}messages\n\t\t\tWHERE ID_TOPIC = {$topic}", __FILE__, __LINE__);
$posters = array();
while ($row = mysql_fetch_assoc($request)) {
$posters[] = $row['ID_MEMBER'];
}
mysql_free_result($request);
// The board we're moving from counted posts, but not to.
if (empty($pcounter_from)) {
updateMemberData($posters, array('posts' => '-'));
} else {
updateMemberData($posters, array('posts' => '+'));
}
}
// Do the move (includes statistics update needed for the redirect topic).
moveTopics($topic, $_POST['toboard']);
// Log that they moved this topic.
if (!allowedTo('move_own') || $ID_MEMBER_STARTED != $ID_MEMBER) {
logAction('move', array('topic' => $topic, 'board_from' => $board, 'board_to' => $_POST['toboard']));
}
// Notify people that this topic has been moved?
sendNotifications($topic, 'move');
// Update the cache?
if (!empty($modSettings['cache_enable']) && $modSettings['cache_enable'] == 3) {
cache_put_data('topic_board-' . $topic, null, 120);
}
// Why not go back to the original board in case they want to keep moving?
if (!isset($_REQUEST['goback'])) {
redirectexit('board=' . $board . '.0');
} else {
redirectexit('topic=' . $topic . '.0');
}
}
function ArcadeNewMatch2()
{
global $scripturl, $txt, $db_prefix, $context, $smcFunc, $user_info, $sourcedir;
require_once $sourcedir . '/Subs-Members.php';
require_once $sourcedir . '/Subs-Auth.php';
$match = array();
$showConfirm = false;
$errors = array();
if (empty($_REQUEST['match_name']) || trim($_REQUEST['match_name']) == '') {
$errors[] = 'no_name';
} elseif ($smcFunc['strlen']($_REQUEST['match_name']) > 20) {
$errors[] = 'name_too_long';
}
if (!empty($_REQUEST['match_name'])) {
$match['name'] = $_REQUEST['match_name'];
}
if (empty($_REQUEST['game_mode']) || !in_array($_REQUEST['game_mode'], array('normal', 'knockout'))) {
$errors[] = 'invalid_game_mode';
} else {
$match['game_mode'] = $_REQUEST['game_mode'];
}
$match['private'] = isset($_REQUEST['private']);
$match['num_players'] = empty($_REQUEST['num_players']) ? 0 : $_REQUEST['num_players'];
// Check rounds
$match['rounds'] = array();
$context['games'] = array();
if (!empty($_REQUEST['rounds'])) {
// Check that all are numbers
foreach ($_REQUEST['rounds'] as $id => $round) {
if ($round != '::GAME_ID::' && (!isset($_REQUEST['delete_round']) || $_REQUEST['delete_round'] != $id)) {
$match['rounds'][] = (int) $round;
}
}
}
// Game from suggester text field?
if (!empty($_REQUEST['arenagame_input'])) {
$showConfirm = true;
$_REQUEST['arenagame_input'] = strtr($_REQUEST['arenagame_input'], array('\\"' => '"'));
preg_match_all('~"([^"]+)"~', $_REQUEST['arenagame_input'], $matches);
$games = array_unique(array_merge($matches[1], explode(',', preg_replace('~"([^"]+)"~', '', $_REQUEST['arenagame_input']))));
$request = $smcFunc['db_query']('', '
SELECT game.id_game
FROM {db_prefix}arcade_games AS game
LEFT JOIN {db_prefix}arcade_categories AS category ON (category.id_cat = game.id_cat)
WHERE game.game_name IN({array_string:games})
AND {query_arena_game}', array('games' => $games));
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$match['rounds'][] = (int) $row['id_game'];
}
unset($games, $matches);
}
if (!empty($match['rounds'])) {
$request = $smcFunc['db_query']('', '
SELECT game.id_game, game.game_name
FROM {db_prefix}arcade_games AS game
LEFT JOIN {db_prefix}arcade_categories AS category ON (category.id_cat = game.id_cat)
WHERE id_game IN({array_int:games})
AND {query_arena_game}', array('games' => array_unique($match['rounds'])));
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['games'][$row['id_game']] = array('id' => $row['id_game'], 'name' => $row['game_name']);
}
$smcFunc['db_free_result']($request);
$valid = true;
foreach ($match['rounds'] as $i => $r) {
if (!isset($context['games'][$r])) {
$valid = false;
unset($match['rounds'][$i]);
}
}
if (!$valid) {
$errors[] = 'invalid_rounds';
}
}
// Check players
$match['players'] = array();
// Players from add players field?
if (!empty($_REQUEST['player'])) {
$showConfirm = true;
$_REQUEST['player'] = strtr($_REQUEST['player'], array('\\"' => '"'));
preg_match_all('~"([^"]+)"~', $_REQUEST['player'], $matches);
$foundMembers = findMembers(array_unique(array_merge($matches[1], explode(',', preg_replace('~"([^"]+)"~', '', $_REQUEST['player'])))));
foreach ($foundMembers as $member) {
$match['players'][] = $member['id'];
}
unset($foundMembers, $matches);
}
// Previous / Players added via suggester
if (!empty($_REQUEST['players_list'])) {
foreach ($_REQUEST['players_list'] as $id) {
if (!isset($_REQUEST['delete_player']) || $_REQUEST['delete_player'] != $id) {
$match['players'][] = (int) $id;
}
}
}
// Remove duplicates
$match['players'] = array_unique($match['players']);
$totalp = count($match['players']);
// Check that selected players are allowed to play
$match['players'] = memberAllowedTo(array('arcade_join_match', 'arcade_join_invite_match'), $match['players']);
// Check number of players
if ($match['num_players'] < $totalp || $match['num_players'] < 2) {
$errors[] = 'not_enough_players';
}
if (count($match['players']) != $totalp) {
$errors[] = 'invalid_members';
}
if (count($match['rounds']) === 0) {
$errors[] = 'no_rounds';
}
if (!checkSubmitOnce('check', false)) {
$errors[] = 'submit_twice';
}
$showConfirm = $showConfirm || isset($_REQUEST['delete_round']) || isset($_REQUEST['delete_player']) || isset($_REQUEST['player_submit']) || isset($_REQUEST['arenagame_submit']);
if ($showConfirm || !empty($errors)) {
return ArcadeNewMatch($match, $showConfirm ? array() : $errors);
}
$matchOptions = array('name' => $smcFunc['htmlspecialchars']($match['name'], ENT_QUOTES), 'starter' => $user_info['id'], 'num_players' => $match['num_players'], 'games' => $match['rounds'], 'num_rounds' => count($match['rounds']), 'players' => $match['players'], 'extra' => array('mode' => $match['game_mode']));
$id_match = createMatch($matchOptions);
redirectexit('action=arcade;sa=viewMatch;match=' . $id_match);
}
/**
* Handles the actual assignment form, validates it and carries it out.
*
* Primarily this is just about receiving the form, making the same checks that {@link shd_movedept()} does and then
* logging the action before updating the database.
*
* @see shd_movedept()
* @since 2.0
*/
function shd_movedept2()
{
global $context, $smcFunc, $user_info, $sourcedir, $txt, $scripturl;
checkSession();
checkSubmitOnce('check');
if (empty($context['ticket_id'])) {
fatal_lang_error('shd_no_ticket', false);
}
if (isset($_POST['send_pm']) && (!isset($_POST['pm_content']) || trim($_POST['pm_content']) == '') && (empty($modSettings['shd_helpdesk_only']) || empty($modSettings['shd_disable_pm']))) {
fatal_lang_error('shd_move_no_pm', false);
}
// Just in case, are they cancelling?
if (isset($_REQUEST['cancel'])) {
redirectexit('action=helpdesk;sa=ticket;ticket=' . $context['ticket_id']);
}
if (empty($context['shd_multi_dept'])) {
fatal_lang_error('shd_cannot_move_dept', false);
}
$dest = isset($_REQUEST['to_dept']) ? (int) $_REQUEST['to_dept'] : 0;
if (empty($dest) || !shd_allowed_to('access_helpdesk', $dest)) {
fatal_lang_error('shd_cannot_move_dept', false);
}
$context['shd_return_to'] = isset($_REQUEST['home']) ? 'home' : 'ticket';
// Get ticket details - and kick it out if they shouldn't be able to see it.
$query = shd_db_query('', '
SELECT id_member_started, subject, hdt.id_dept, dept_name
FROM {db_prefix}helpdesk_tickets AS hdt
INNER JOIN {db_prefix}helpdesk_depts AS hdd ON (hdt.id_dept = hdd.id_dept)
WHERE {query_see_ticket} AND id_ticket = {int:ticket}', array('ticket' => $context['ticket_id']));
$log_params = array();
if ($row = $smcFunc['db_fetch_row']($query)) {
list($ticket_starter, $subject, $context['current_dept'], $context['current_dept_name']) = $row;
} else {
$smcFunc['db_free_result']($query);
fatal_lang_error('shd_no_ticket');
}
$smcFunc['db_free_result']($query);
if ($context['current_dept'] == $dest) {
fatal_lang_error('shd_cannot_move_dept', false);
}
if (shd_allowed_to('shd_move_dept_any', $context['current_dept']) || shd_allowed_to('shd_move_dept_own', $context['current_dept']) && $ticket_starter == $user_info['id']) {
// Find the new department. We've already established the user can see it, but we need its name.
$query = $smcFunc['db_query']('', '
SELECT id_dept, dept_name
FROM {db_prefix}helpdesk_depts
WHERE id_dept IN ({int:dest})', array('dest' => $dest));
list($new_dept, $dept_name) = $smcFunc['db_fetch_row']($query);
$smcFunc['db_free_result']($query);
// Just before we move, call any interesting hooks. We do normally have a lot of fun staff in $context and $_POST, but the department ID and name aren't in either.
call_integration_hook('shd_hook_movedept', array(&$new_dept, &$dept_name));
$log_params = array('subject' => $subject, 'ticket' => $context['ticket_id'], 'old_dept_id' => $context['current_dept'], 'old_dept_name' => $context['current_dept_name'], 'new_dept_id' => $new_dept, 'new_dept_name' => $dept_name);
shd_log_action('move_dept', $log_params);
$smcFunc['db_query']('', '
UPDATE {db_prefix}helpdesk_tickets
SET id_dept = {int:new_dept}
WHERE id_ticket = {int:ticket}', array('new_dept' => $new_dept, 'ticket' => $context['ticket_id']));
// Now, notify the ticket starter if that's what we wanted to do.
if (isset($_POST['send_pm'])) {
require_once $sourcedir . '/Subs-Post.php';
$request = shd_db_query('pm_find_username', '
SELECT id_member, real_name
FROM {db_prefix}members
WHERE id_member = {int:user}
LIMIT 1', array('user' => $ticket_starter));
list($userid, $username) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
// Fix the content
$replacements = array('{user}' => $username, '{subject}' => $subject, '{current_dept}' => $context['current_dept_name'], '{new_dept}' => $dept_name, '{link}' => $scripturl . '?action=helpdesk;sa=ticket;ticket=' . $context['ticket_id']);
$message = str_replace(array_keys($replacements), array_values($replacements), $_POST['pm_content']);
$recipients = array('to' => array($ticket_starter), 'bcc' => array());
sendpm($recipients, $txt['shd_ticket_moved_subject'], un_htmlspecialchars($message));
}
shd_clear_active_tickets($context['current_dept']);
shd_clear_active_tickets($new_dept);
if (!empty($context['shd_return_to']) && $context['shd_return_to'] == 'home') {
redirectexit($context['shd_home'] . ';dept=' . $new_dept);
} else {
redirectexit('action=helpdesk;sa=ticket;ticket=' . $context['ticket_id']);
}
} else {
fatal_lang_error('shd_no_perm_move_dept', false);
}
}
function BlogViewPost()
{
global $boarddir, $context, $smcFunc, $modSettings, $scripturl, $sourcedir, $txt;
// No ID? Redirect back to the main blog page.
if (empty($_GET['id'])) {
redirectexit('action=blog');
}
// Make sure it's numeric.
$_GET['id'] = (int) $_GET['id'];
// We need the postbox functions.
require_once $sourcedir . '/Subs-Post.php';
require_once $sourcedir . '/Subs-Editor.php';
// Now create the editor.
$editorOptions = array('id' => 'message', 'value' => '', 'width' => '90%', 'form' => 'postmodify', 'labels' => array('post_button' => ''));
create_control_richedit($editorOptions);
$context['post_box_name'] = $editorOptions['id'];
// Register the comment form in the session variables.
checkSubmitOnce('register');
// Make sure we have a posts per page value. If not, use a default.
if (empty($modSettings['blog_comments_perpage'])) {
$modSettings['blog_comments_perpage'] = 10;
}
// Grab the post and its replies.
$context['blog_post'] = BlogTopic($_GET['id'], $modSettings['blog_comments_perpage'], null, 'array');
// Construct a page index
// !!! ssi_topic() should be fixed! :P
$context['blog_post']['pageindex'] = constructPageIndex($scripturl . '?action=blog;sa=view_post;id=' . $_GET['id'] . (!empty($modSettings['blog_enable_rewrite']) ? ';blog_name=' . $_GET['blog_name'] : '') . ';start=%d#comments', $_REQUEST['start'], $context['blog_post']['reply_count'], $modSettings['blog_comments_perpage'], true);
// If the blog name is passed...
if (!empty($_GET['blog_name'])) {
$context['blog_name'] = $_GET['blog_name'];
}
// Use the "view_post" template.
$context['sub_template'] = 'view_post';
}
/**
* Posts or saves the message composed with Post().
*
* requires various permissions depending on the action.
* handles attachment, post, and calendar saving.
* sends off notifications, and allows for announcements and moderation.
* accessed from ?action=post2.
*/
public function action_post2()
{
global $board, $topic, $txt, $modSettings, $context, $user_settings;
global $user_info, $board_info, $options, $ignore_temp;
// Sneaking off, are we?
if (empty($_POST) && empty($topic)) {
if (empty($_SERVER['CONTENT_LENGTH'])) {
redirectexit('action=post;board=' . $board . '.0');
} else {
fatal_lang_error('post_upload_error', false);
}
} elseif (empty($_POST) && !empty($topic)) {
redirectexit('action=post;topic=' . $topic . '.0');
}
// No need!
$context['robot_no_index'] = true;
// We are now in post2 action
$context['current_action'] = 'post2';
require_once SOURCEDIR . '/AttachmentErrorContext.class.php';
// No errors as yet.
$post_errors = Error_Context::context('post', 1);
$attach_errors = Attachment_Error_Context::context();
// If the session has timed out, let the user re-submit their form.
if (checkSession('post', '', false) != '') {
$post_errors->addError('session_timeout');
// Disable the preview so that any potentially malicious code is not executed
$_REQUEST['preview'] = false;
return $this->action_post();
}
// Wrong verification code?
if (!$user_info['is_admin'] && !$user_info['is_mod'] && !empty($modSettings['posts_require_captcha']) && ($user_info['posts'] < $modSettings['posts_require_captcha'] || $user_info['is_guest'] && $modSettings['posts_require_captcha'] == -1)) {
require_once SUBSDIR . '/VerificationControls.class.php';
$verificationOptions = array('id' => 'post');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
foreach ($context['require_verification'] as $verification_error) {
$post_errors->addError($verification_error);
}
}
}
require_once SUBSDIR . '/Boards.subs.php';
require_once SUBSDIR . '/Post.subs.php';
loadLanguage('Post');
// Drafts enabled and needed?
if (!empty($modSettings['drafts_enabled']) && (isset($_POST['save_draft']) || isset($_POST['id_draft']))) {
require_once SUBSDIR . '/Drafts.subs.php';
}
// First check to see if they are trying to delete any current attachments.
if (isset($_POST['attach_del'])) {
$keep_temp = array();
$keep_ids = array();
foreach ($_POST['attach_del'] as $dummy) {
if (strpos($dummy, 'post_tmp_' . $user_info['id']) !== false) {
$keep_temp[] = $dummy;
} else {
$keep_ids[] = (int) $dummy;
}
}
if (isset($_SESSION['temp_attachments'])) {
foreach ($_SESSION['temp_attachments'] as $attachID => $attachment) {
if (isset($_SESSION['temp_attachments']['post']['files'], $attachment['name']) && in_array($attachment['name'], $_SESSION['temp_attachments']['post']['files']) || in_array($attachID, $keep_temp) || strpos($attachID, 'post_tmp_' . $user_info['id']) === false) {
continue;
}
unset($_SESSION['temp_attachments'][$attachID]);
@unlink($attachment['tmp_name']);
}
}
if (!empty($_REQUEST['msg'])) {
require_once SUBSDIR . '/ManageAttachments.subs.php';
$attachmentQuery = array('attachment_type' => 0, 'id_msg' => (int) $_REQUEST['msg'], 'not_id_attach' => $keep_ids);
removeAttachments($attachmentQuery);
}
}
// Then try to upload any attachments.
$context['attachments']['can']['post'] = !empty($modSettings['attachmentEnable']) && $modSettings['attachmentEnable'] == 1 && (allowedTo('post_attachment') || $modSettings['postmod_active'] && allowedTo('post_unapproved_attachments'));
if ($context['attachments']['can']['post'] && empty($_POST['from_qr'])) {
require_once SUBSDIR . '/Attachments.subs.php';
if (isset($_REQUEST['msg'])) {
processAttachments((int) $_REQUEST['msg']);
} else {
processAttachments();
}
}
// Previewing? Go back to start.
if (isset($_REQUEST['preview'])) {
return $this->action_post();
}
// Prevent double submission of this form.
checkSubmitOnce('check');
// If this isn't a new topic load the topic info that we need.
if (!empty($topic)) {
require_once SUBSDIR . '/Topic.subs.php';
$topic_info = getTopicInfo($topic);
// Though the topic should be there, it might have vanished.
if (empty($topic_info)) {
fatal_lang_error('topic_doesnt_exist');
}
// Did this topic suddenly move? Just checking...
if ($topic_info['id_board'] != $board) {
fatal_lang_error('not_a_topic');
}
}
// Replying to a topic?
if (!empty($topic) && !isset($_REQUEST['msg'])) {
// Don't allow a post if it's locked.
if ($topic_info['locked'] != 0 && !allowedTo('moderate_board')) {
fatal_lang_error('topic_locked', false);
}
// Sorry, multiple polls aren't allowed... yet. You should stop giving me ideas :P.
if (isset($_REQUEST['poll']) && $topic_info['id_poll'] > 0) {
unset($_REQUEST['poll']);
}
// Do the permissions and approval stuff...
$becomesApproved = true;
if ($topic_info['id_member_started'] != $user_info['id']) {
if ($modSettings['postmod_active'] && allowedTo('post_unapproved_replies_any') && !allowedTo('post_reply_any')) {
$becomesApproved = false;
} else {
isAllowedTo('post_reply_any');
}
} elseif (!allowedTo('post_reply_any')) {
if ($modSettings['postmod_active']) {
if (allowedTo('post_unapproved_replies_own') && !allowedTo('post_reply_own')) {
$becomesApproved = false;
} elseif ($user_info['is_guest'] && allowedTo('post_unapproved_replies_any')) {
$becomesApproved = false;
} else {
isAllowedTo('post_reply_own');
}
}
}
if (isset($_POST['lock'])) {
// Nothing is changed to the lock.
if (empty($topic_info['locked']) && empty($_POST['lock']) || !empty($_POST['lock']) && !empty($topic_info['locked'])) {
unset($_POST['lock']);
} elseif (!allowedTo(array('lock_any', 'lock_own')) || !allowedTo('lock_any') && $user_info['id'] != $topic_info['id_member_started']) {
unset($_POST['lock']);
} elseif (!allowedTo('lock_any')) {
// You cannot override a moderator lock.
if ($topic_info['locked'] == 1) {
unset($_POST['lock']);
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 2;
}
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 1;
}
}
// So you wanna (un)sticky this...let's see.
if (isset($_POST['sticky']) && (empty($modSettings['enableStickyTopics']) || $_POST['sticky'] == $topic_info['is_sticky'] || !allowedTo('make_sticky'))) {
unset($_POST['sticky']);
}
// If drafts are enabled, then pass this off
if (!empty($modSettings['drafts_enabled']) && isset($_POST['save_draft'])) {
saveDraft();
return $this->action_post();
}
// If the number of replies has changed, if the setting is enabled, go back to action_post() - which handles the error.
if (empty($options['no_new_reply_warning']) && isset($_POST['last_msg']) && $topic_info['id_last_msg'] > $_POST['last_msg']) {
addInlineJavascript('
$(document).ready(function () {
$("html,body").scrollTop($(\'.category_header:visible:first\').offset().top);
});');
return $this->action_post();
}
$posterIsGuest = $user_info['is_guest'];
} elseif (empty($topic)) {
// Now don't be silly, new topics will get their own id_msg soon enough.
unset($_REQUEST['msg'], $_POST['msg'], $_GET['msg']);
// Do like, the permissions, for safety and stuff...
$becomesApproved = true;
if ($modSettings['postmod_active'] && !allowedTo('post_new') && allowedTo('post_unapproved_topics')) {
$becomesApproved = false;
} else {
isAllowedTo('post_new');
}
if (isset($_POST['lock'])) {
// New topics are by default not locked.
if (empty($_POST['lock'])) {
unset($_POST['lock']);
} elseif (!allowedTo(array('lock_any', 'lock_own'))) {
unset($_POST['lock']);
} else {
$_POST['lock'] = allowedTo('lock_any') ? 1 : 2;
}
}
if (isset($_POST['sticky']) && (empty($modSettings['enableStickyTopics']) || empty($_POST['sticky']) || !allowedTo('make_sticky'))) {
unset($_POST['sticky']);
}
// Saving your new topic as a draft first?
if (!empty($modSettings['drafts_enabled']) && isset($_POST['save_draft'])) {
saveDraft();
return $this->action_post();
}
$posterIsGuest = $user_info['is_guest'];
} elseif (isset($_REQUEST['msg']) && !empty($topic)) {
$_REQUEST['msg'] = (int) $_REQUEST['msg'];
require_once SUBSDIR . '/Messages.subs.php';
$msgInfo = basicMessageInfo($_REQUEST['msg'], true);
if (empty($msgInfo)) {
fatal_lang_error('cant_find_messages', false);
}
if (!empty($topic_info['locked']) && !allowedTo('moderate_board')) {
fatal_lang_error('topic_locked', false);
}
if (isset($_POST['lock'])) {
// Nothing changes to the lock status.
if (empty($_POST['lock']) && empty($topic_info['locked']) || !empty($_POST['lock']) && !empty($topic_info['locked'])) {
unset($_POST['lock']);
} elseif (!allowedTo(array('lock_any', 'lock_own')) || !allowedTo('lock_any') && $user_info['id'] != $topic_info['id_member_started']) {
unset($_POST['lock']);
} elseif (!allowedTo('lock_any')) {
// You're not allowed to break a moderator's lock.
if ($topic_info['locked'] == 1) {
unset($_POST['lock']);
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 2;
}
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 1;
}
}
// Change the sticky status of this topic?
if (isset($_POST['sticky']) && (!allowedTo('make_sticky') || $_POST['sticky'] == $topic_info['is_sticky'])) {
unset($_POST['sticky']);
}
if ($msgInfo['id_member'] == $user_info['id'] && !allowedTo('modify_any')) {
if ((!$modSettings['postmod_active'] || $msgInfo['approved']) && !empty($modSettings['edit_disable_time']) && $msgInfo['poster_time'] + ($modSettings['edit_disable_time'] + 5) * 60 < time()) {
fatal_lang_error('modify_post_time_passed', false);
} elseif ($topic_info['id_member_started'] == $user_info['id'] && !allowedTo('modify_own')) {
isAllowedTo('modify_replies');
} else {
isAllowedTo('modify_own');
}
} elseif ($topic_info['id_member_started'] == $user_info['id'] && !allowedTo('modify_any')) {
isAllowedTo('modify_replies');
// If you're modifying a reply, I say it better be logged...
$moderationAction = true;
} else {
isAllowedTo('modify_any');
// Log it, assuming you're not modifying your own post.
if ($msgInfo['id_member'] != $user_info['id']) {
$moderationAction = true;
}
}
// If drafts are enabled, then lets send this off to save
if (!empty($modSettings['drafts_enabled']) && isset($_POST['save_draft'])) {
saveDraft();
return $this->action_post();
}
$posterIsGuest = empty($msgInfo['id_member']);
// Can they approve it?
$can_approve = allowedTo('approve_posts');
$becomesApproved = $modSettings['postmod_active'] ? $can_approve && !$msgInfo['approved'] ? !empty($_REQUEST['approve']) ? 1 : 0 : $msgInfo['approved'] : 1;
$approve_has_changed = $msgInfo['approved'] != $becomesApproved;
if (!allowedTo('moderate_forum') || !$posterIsGuest) {
$_POST['guestname'] = $msgInfo['poster_name'];
$_POST['email'] = $msgInfo['poster_email'];
}
}
// In case we want to override
if (allowedTo('approve_posts')) {
$becomesApproved = !isset($_REQUEST['approve']) || !empty($_REQUEST['approve']) ? 1 : 0;
$approve_has_changed = isset($msgInfo['approved']) ? $msgInfo['approved'] != $becomesApproved : false;
}
// If the poster is a guest evaluate the legality of name and email.
if ($posterIsGuest) {
$_POST['guestname'] = !isset($_POST['guestname']) ? '' : Util::htmlspecialchars(trim($_POST['guestname']));
$_POST['email'] = !isset($_POST['email']) ? '' : Util::htmlspecialchars(trim($_POST['email']));
if ($_POST['guestname'] == '' || $_POST['guestname'] == '_') {
$post_errors->addError('no_name');
}
if (Util::strlen($_POST['guestname']) > 25) {
$post_errors->addError('long_name');
}
if (empty($modSettings['guest_post_no_email'])) {
// Only check if they changed it!
if (!isset($msgInfo) || $msgInfo['poster_email'] != $_POST['email']) {
require_once SUBSDIR . '/DataValidator.class.php';
if (!allowedTo('moderate_forum') && !Data_Validator::is_valid($_POST, array('email' => 'valid_email|required'), array('email' => 'trim'))) {
empty($_POST['email']) ? $post_errors->addError('no_email') : $post_errors->addError('bad_email');
}
}
// Now make sure this email address is not banned from posting.
isBannedEmail($_POST['email'], 'cannot_post', sprintf($txt['you_are_post_banned'], $txt['guest_title']));
}
// In case they are making multiple posts this visit, help them along by storing their name.
if (!$post_errors->hasErrors()) {
$_SESSION['guest_name'] = $_POST['guestname'];
$_SESSION['guest_email'] = $_POST['email'];
}
}
// Check the subject and message.
if (!isset($_POST['subject']) || Util::htmltrim(Util::htmlspecialchars($_POST['subject'])) === '') {
$post_errors->addError('no_subject');
}
if (!isset($_POST['message']) || Util::htmltrim(Util::htmlspecialchars($_POST['message'], ENT_QUOTES)) === '') {
$post_errors->addError('no_message');
} elseif (!empty($modSettings['max_messageLength']) && Util::strlen($_POST['message']) > $modSettings['max_messageLength']) {
$post_errors->addError(array('long_message', array($modSettings['max_messageLength'])));
} else {
// Prepare the message a bit for some additional testing.
$_POST['message'] = Util::htmlspecialchars($_POST['message'], ENT_QUOTES);
// Preparse code. (Zef)
if ($user_info['is_guest']) {
$user_info['name'] = $_POST['guestname'];
}
preparsecode($_POST['message']);
// Let's see if there's still some content left without the tags.
if (Util::htmltrim(strip_tags(parse_bbc($_POST['message'], false), '<img>')) === '' && (!allowedTo('admin_forum') || strpos($_POST['message'], '[html]') === false)) {
$post_errors->addError('no_message');
}
}
if (isset($_POST['calendar']) && !isset($_REQUEST['deleteevent']) && Util::htmltrim($_POST['evtitle']) === '') {
$post_errors->addError('no_event');
}
// Validate the poll...
if (isset($_REQUEST['poll']) && !empty($modSettings['pollMode'])) {
if (!empty($topic) && !isset($_REQUEST['msg'])) {
fatal_lang_error('no_access', false);
}
// This is a new topic... so it's a new poll.
if (empty($topic)) {
isAllowedTo('poll_post');
} elseif ($user_info['id'] == $topic_info['id_member_started'] && !allowedTo('poll_add_any')) {
isAllowedTo('poll_add_own');
} else {
isAllowedTo('poll_add_any');
}
if (!isset($_POST['question']) || trim($_POST['question']) == '') {
$post_errors->addError('no_question');
}
$_POST['options'] = empty($_POST['options']) ? array() : htmltrim__recursive($_POST['options']);
// Get rid of empty ones.
foreach ($_POST['options'] as $k => $option) {
if ($option == '') {
unset($_POST['options'][$k], $_POST['options'][$k]);
}
}
// What are you going to vote between with one choice?!?
if (count($_POST['options']) < 2) {
$post_errors->addError('poll_few');
} elseif (count($_POST['options']) > 256) {
$post_errors->addError('poll_many');
}
}
if ($posterIsGuest) {
// If user is a guest, make sure the chosen name isn't taken.
require_once SUBSDIR . '/Members.subs.php';
if (isReservedName($_POST['guestname'], 0, true, false) && (!isset($msgInfo['poster_name']) || $_POST['guestname'] != $msgInfo['poster_name'])) {
$post_errors->addError('bad_name');
}
} elseif (!isset($_REQUEST['msg'])) {
$_POST['guestname'] = $user_info['username'];
$_POST['email'] = $user_info['email'];
}
// Posting somewhere else? Are we sure you can?
if (!empty($_REQUEST['post_in_board'])) {
$new_board = (int) $_REQUEST['post_in_board'];
if (!allowedTo('post_new', $new_board)) {
$post_in_board = boardInfo($new_board);
if (!empty($post_in_board)) {
$post_errors->addError(array('post_new_board', array($post_in_board['name'])));
} else {
$post_errors->addError('post_new');
}
}
}
// Any mistakes?
if ($post_errors->hasErrors() || $attach_errors->hasErrors()) {
addInlineJavascript('
$(document).ready(function () {
$("html,body").scrollTop($(\'.category_header:visible:first\').offset().top);
});');
return $this->action_post();
}
// Make sure the user isn't spamming the board.
if (!isset($_REQUEST['msg'])) {
spamProtection('post');
}
// At about this point, we're posting and that's that.
ignore_user_abort(true);
@set_time_limit(300);
// Add special html entities to the subject, name, and email.
$_POST['subject'] = strtr(Util::htmlspecialchars($_POST['subject']), array("\r" => '', "\n" => '', "\t" => ''));
$_POST['guestname'] = htmlspecialchars($_POST['guestname'], ENT_COMPAT, 'UTF-8');
$_POST['email'] = htmlspecialchars($_POST['email'], ENT_COMPAT, 'UTF-8');
// At this point, we want to make sure the subject isn't too long.
if (Util::strlen($_POST['subject']) > 100) {
$_POST['subject'] = Util::substr($_POST['subject'], 0, 100);
}
if (!empty($modSettings['mentions_enabled']) && !empty($_REQUEST['uid'])) {
$query_params = array();
$query_params['member_ids'] = array_unique(array_map('intval', $_REQUEST['uid']));
require_once SUBSDIR . '/Members.subs.php';
$mentioned_members = membersBy('member_ids', $query_params, true);
$replacements = 0;
$actually_mentioned = array();
foreach ($mentioned_members as $member) {
$_POST['message'] = str_replace('@' . $member['real_name'], '[member=' . $member['id_member'] . ']' . $member['real_name'] . '[/member]', $_POST['message'], $replacements);
if ($replacements > 0) {
$actually_mentioned[] = $member['id_member'];
}
}
}
// Make the poll...
if (isset($_REQUEST['poll'])) {
// Make sure that the user has not entered a ridiculous number of options..
if (empty($_POST['poll_max_votes']) || $_POST['poll_max_votes'] <= 0) {
$_POST['poll_max_votes'] = 1;
} elseif ($_POST['poll_max_votes'] > count($_POST['options'])) {
$_POST['poll_max_votes'] = count($_POST['options']);
} else {
$_POST['poll_max_votes'] = (int) $_POST['poll_max_votes'];
}
$_POST['poll_expire'] = (int) $_POST['poll_expire'];
$_POST['poll_expire'] = $_POST['poll_expire'] > 9999 ? 9999 : ($_POST['poll_expire'] < 0 ? 0 : $_POST['poll_expire']);
// Just set it to zero if it's not there..
if (!isset($_POST['poll_hide'])) {
$_POST['poll_hide'] = 0;
} else {
$_POST['poll_hide'] = (int) $_POST['poll_hide'];
}
$_POST['poll_change_vote'] = isset($_POST['poll_change_vote']) ? 1 : 0;
$_POST['poll_guest_vote'] = isset($_POST['poll_guest_vote']) ? 1 : 0;
// Make sure guests are actually allowed to vote generally.
if ($_POST['poll_guest_vote']) {
require_once SUBSDIR . '/Members.subs.php';
$allowedVoteGroups = groupsAllowedTo('poll_vote', $board);
if (!in_array(-1, $allowedVoteGroups['allowed'])) {
$_POST['poll_guest_vote'] = 0;
}
}
// If the user tries to set the poll too far in advance, don't let them.
if (!empty($_POST['poll_expire']) && $_POST['poll_expire'] < 1) {
fatal_lang_error('poll_range_error', false);
} elseif (empty($_POST['poll_expire']) && $_POST['poll_hide'] == 2) {
$_POST['poll_hide'] = 1;
}
// Clean up the question and answers.
$_POST['question'] = htmlspecialchars($_POST['question'], ENT_COMPAT, 'UTF-8');
$_POST['question'] = Util::substr($_POST['question'], 0, 255);
$_POST['question'] = preg_replace('~&#(\\d{4,5}|[2-9]\\d{2,4}|1[2-9]\\d);~', '&#$1;', $_POST['question']);
$_POST['options'] = htmlspecialchars__recursive($_POST['options']);
// Finally, make the poll.
require_once SUBSDIR . '/Poll.subs.php';
$id_poll = createPoll($_POST['question'], $user_info['id'], $_POST['guestname'], $_POST['poll_max_votes'], $_POST['poll_hide'], $_POST['poll_expire'], $_POST['poll_change_vote'], $_POST['poll_guest_vote'], $_POST['options']);
} else {
$id_poll = 0;
}
// ...or attach a new file...
if (empty($ignore_temp) && $context['attachments']['can']['post'] && !empty($_SESSION['temp_attachments']) && empty($_POST['from_qr'])) {
$attachIDs = array();
foreach ($_SESSION['temp_attachments'] as $attachID => $attachment) {
if ($attachID != 'initial_error' && strpos($attachID, 'post_tmp_' . $user_info['id']) === false) {
continue;
}
// If there was an initial error just show that message.
if ($attachID == 'initial_error') {
unset($_SESSION['temp_attachments']);
break;
}
// No errors, then try to create the attachment
if (empty($attachment['errors'])) {
// Load the attachmentOptions array with the data needed to create an attachment
$attachmentOptions = array('post' => isset($_REQUEST['msg']) ? $_REQUEST['msg'] : 0, 'poster' => $user_info['id'], 'name' => $attachment['name'], 'tmp_name' => $attachment['tmp_name'], 'size' => isset($attachment['size']) ? $attachment['size'] : 0, 'mime_type' => isset($attachment['type']) ? $attachment['type'] : '', 'id_folder' => isset($attachment['id_folder']) ? $attachment['id_folder'] : 0, 'approved' => !$modSettings['postmod_active'] || allowedTo('post_attachment'), 'errors' => array());
if (createAttachment($attachmentOptions)) {
$attachIDs[] = $attachmentOptions['id'];
if (!empty($attachmentOptions['thumb'])) {
$attachIDs[] = $attachmentOptions['thumb'];
}
}
} else {
@unlink($attachment['tmp_name']);
}
}
unset($_SESSION['temp_attachments']);
}
// Creating a new topic?
$newTopic = empty($_REQUEST['msg']) && empty($topic);
$_POST['icon'] = !empty($attachIDs) && $_POST['icon'] == 'xx' ? 'clip' : $_POST['icon'];
// Collect all parameters for the creation or modification of a post.
$msgOptions = array('id' => empty($_REQUEST['msg']) ? 0 : (int) $_REQUEST['msg'], 'subject' => $_POST['subject'], 'body' => $_POST['message'], 'icon' => preg_replace('~[\\./\\\\*:"\'<>]~', '', $_POST['icon']), 'smileys_enabled' => !isset($_POST['ns']), 'attachments' => empty($attachIDs) ? array() : $attachIDs, 'approved' => $becomesApproved);
$topicOptions = array('id' => empty($topic) ? 0 : $topic, 'board' => $board, 'poll' => isset($_REQUEST['poll']) ? $id_poll : null, 'lock_mode' => isset($_POST['lock']) ? (int) $_POST['lock'] : null, 'sticky_mode' => isset($_POST['sticky']) && !empty($modSettings['enableStickyTopics']) ? (int) $_POST['sticky'] : null, 'mark_as_read' => true, 'is_approved' => !$modSettings['postmod_active'] || empty($topic) || !empty($board_info['cur_topic_approved']));
$posterOptions = array('id' => $user_info['id'], 'name' => $_POST['guestname'], 'email' => $_POST['email'], 'update_post_count' => !$user_info['is_guest'] && !isset($_REQUEST['msg']) && $board_info['posts_count']);
// This is an already existing message. Edit it.
if (!empty($_REQUEST['msg'])) {
// Have admins allowed people to hide their screwups?
if (time() - $msgInfo['poster_time'] > $modSettings['edit_wait_time'] || $user_info['id'] != $msgInfo['id_member']) {
$msgOptions['modify_time'] = time();
$msgOptions['modify_name'] = $user_info['name'];
}
// This will save some time...
if (empty($approve_has_changed)) {
unset($msgOptions['approved']);
}
modifyPost($msgOptions, $topicOptions, $posterOptions);
} else {
if (!empty($modSettings['enableFollowup']) && !empty($_REQUEST['followup'])) {
$original_post = (int) $_REQUEST['followup'];
}
// We also have to fake the board:
// if it's valid and it's not the current, let's forget about the "current" and load the new one
if (!empty($new_board) && $board !== $new_board) {
$board = $new_board;
loadBoard();
// Some details changed
$topicOptions['board'] = $board;
$topicOptions['is_approved'] = !$modSettings['postmod_active'] || empty($topic) || !empty($board_info['cur_topic_approved']);
$posterOptions['update_post_count'] = !$user_info['is_guest'] && !isset($_REQUEST['msg']) && $board_info['posts_count'];
}
createPost($msgOptions, $topicOptions, $posterOptions);
if (isset($topicOptions['id'])) {
$topic = $topicOptions['id'];
}
if (!empty($modSettings['enableFollowup'])) {
require_once SUBSDIR . '/FollowUps.subs.php';
require_once SUBSDIR . '/Messages.subs.php';
// Time to update the original message with a pointer to the new one
if (!empty($original_post) && canAccessMessage($original_post)) {
linkMessages($original_post, $topic);
}
}
}
// If we had a draft for this, its time to remove it since it was just posted
if (!empty($modSettings['drafts_enabled']) && !empty($_POST['id_draft'])) {
deleteDrafts($_POST['id_draft'], $user_info['id']);
}
// Editing or posting an event?
if (isset($_POST['calendar']) && (!isset($_REQUEST['eventid']) || $_REQUEST['eventid'] == -1)) {
require_once SUBSDIR . '/Calendar.subs.php';
// Make sure they can link an event to this post.
canLinkEvent();
// Insert the event.
$eventOptions = array('id_board' => $board, 'id_topic' => $topic, 'title' => $_POST['evtitle'], 'member' => $user_info['id'], 'start_date' => sprintf('%04d-%02d-%02d', $_POST['year'], $_POST['month'], $_POST['day']), 'span' => isset($_POST['span']) && $_POST['span'] > 0 ? min((int) $modSettings['cal_maxspan'], (int) $_POST['span'] - 1) : 0);
insertEvent($eventOptions);
} elseif (isset($_POST['calendar'])) {
$_REQUEST['eventid'] = (int) $_REQUEST['eventid'];
// Validate the post...
require_once SUBSDIR . '/Calendar.subs.php';
validateEventPost();
// If you're not allowed to edit any events, you have to be the poster.
if (!allowedTo('calendar_edit_any')) {
$event_poster = getEventPoster($_REQUEST['eventid']);
// Silly hacker, Trix are for kids. ...probably trademarked somewhere, this is FAIR USE! (parody...)
isAllowedTo('calendar_edit_' . ($event_poster == $user_info['id'] ? 'own' : 'any'));
}
// Delete it?
if (isset($_REQUEST['deleteevent'])) {
removeEvent($_REQUEST['eventid']);
} else {
$span = !empty($modSettings['cal_allowspan']) && !empty($_REQUEST['span']) ? min((int) $modSettings['cal_maxspan'], (int) $_REQUEST['span'] - 1) : 0;
$start_time = mktime(0, 0, 0, (int) $_REQUEST['month'], (int) $_REQUEST['day'], (int) $_REQUEST['year']);
$eventOptions = array('start_date' => strftime('%Y-%m-%d', $start_time), 'end_date' => strftime('%Y-%m-%d', $start_time + $span * 86400), 'title' => $_REQUEST['evtitle']);
modifyEvent($_REQUEST['eventid'], $eventOptions);
}
}
// Marking boards as read.
// (You just posted and they will be unread.)
if (!$user_info['is_guest']) {
$board_list = !empty($board_info['parent_boards']) ? array_keys($board_info['parent_boards']) : array();
// Returning to the topic?
if (!empty($_REQUEST['goback'])) {
$board_list[] = $board;
}
if (!empty($board_list)) {
markBoardsRead($board_list, false, false);
}
}
// Turn notification on or off.
if (!empty($_POST['notify']) && allowedTo('mark_any_notify')) {
setTopicNotification($user_info['id'], $topic, true);
} elseif (!$newTopic) {
setTopicNotification($user_info['id'], $topic, false);
}
// Log an act of moderation - modifying.
if (!empty($moderationAction)) {
logAction('modify', array('topic' => $topic, 'message' => (int) $_REQUEST['msg'], 'member' => $msgInfo['id_member'], 'board' => $board));
}
if (isset($_POST['lock']) && $_POST['lock'] != 2) {
logAction(empty($_POST['lock']) ? 'unlock' : 'lock', array('topic' => $topicOptions['id'], 'board' => $topicOptions['board']));
}
if (isset($_POST['sticky']) && !empty($modSettings['enableStickyTopics'])) {
logAction(empty($_POST['sticky']) ? 'unsticky' : 'sticky', array('topic' => $topicOptions['id'], 'board' => $topicOptions['board']));
}
// Notify any members who have notification turned on for this topic/board - only do this if it's going to be approved(!)
if ($becomesApproved) {
require_once SUBSDIR . '/Notification.subs.php';
if ($newTopic) {
$notifyData = array('body' => $_POST['message'], 'subject' => $_POST['subject'], 'name' => $user_info['name'], 'poster' => $user_info['id'], 'msg' => $msgOptions['id'], 'board' => $board, 'topic' => $topic, 'signature' => isset($user_settings['signature']) ? $user_settings['signature'] : '');
sendBoardNotifications($notifyData);
} elseif (empty($_REQUEST['msg'])) {
// Only send it to everyone if the topic is approved, otherwise just to the topic starter if they want it.
if ($topic_info['approved']) {
sendNotifications($topic, 'reply');
} else {
sendNotifications($topic, 'reply', array(), $topic_info['id_member_started']);
}
}
}
if (!empty($modSettings['mentions_enabled']) && !empty($actually_mentioned)) {
require_once CONTROLLERDIR . '/Mentions.controller.php';
$mentions = new Mentions_Controller();
$mentions->setData(array('id_member' => $actually_mentioned, 'type' => 'men', 'id_msg' => $msgOptions['id'], 'status' => $becomesApproved ? 'new' : 'unapproved'));
$mentions->action_add();
}
if ($board_info['num_topics'] == 0) {
cache_put_data('board-' . $board, null, 120);
}
if (!empty($_POST['announce_topic'])) {
redirectexit('action=announce;sa=selectgroup;topic=' . $topic . (!empty($_POST['move']) && allowedTo('move_any') ? ';move' : '') . (empty($_REQUEST['goback']) ? '' : ';goback'));
}
if (!empty($_POST['move']) && allowedTo('move_any')) {
redirectexit('action=movetopic;topic=' . $topic . '.0' . (empty($_REQUEST['goback']) ? '' : ';goback'));
}
// Return to post if the mod is on.
if (isset($_REQUEST['msg']) && !empty($_REQUEST['goback'])) {
redirectexit('topic=' . $topic . '.msg' . $_REQUEST['msg'] . '#msg' . $_REQUEST['msg'], isBrowser('ie'));
} elseif (!empty($_REQUEST['goback'])) {
redirectexit('topic=' . $topic . '.new#new', isBrowser('ie'));
} else {
redirectexit('board=' . $board . '.0');
}
}
function shd_handle_attachments()
{
global $modSettings, $smcFunc, $context, $user_info, $sourcedir, $txt;
if (!shd_allowed_to('shd_post_attachment', $context['ticket_form']['dept'])) {
return;
}
$attachIDs = array();
require_once $sourcedir . '/Subs-Attachments.php';
// Check if they are trying to delete any current attachments....
if (isset($_POST['attach_del'])) {
shd_is_allowed_to('shd_delete_attachment', $context['ticket_form']['dept']);
$del_temp = array();
foreach ($_POST['attach_del'] as $i => $dummy) {
$del_temp[$i] = (int) $dummy;
}
// First, get them from the other table
$query = shd_db_query('', '
SELECT a.id_attach
FROM {db_prefix}attachments AS a
INNER JOIN {db_prefix}helpdesk_attachments AS hda ON (hda.id_attach = a.id_attach)
WHERE ' . ($modSettings['shd_attachments_mode'] == 'ticket' ? 'hda.id_ticket = {int:ticket}' : 'hda.id_msg = {int:msg}'), array('msg' => $context['ticket_form']['msg'], 'ticket' => $context['ticket_id']));
$attachments = array();
while ($row = $smcFunc['db_fetch_assoc']($query)) {
$attachments[] = $row['id_attach'];
}
$smcFunc['db_free_result']($query);
// OK, so attachments = full list of attachments on this post, del_temp is list of ones to keep, so look for the ones that aren't in both lists
$del_temp = array_diff($attachments, $del_temp);
if (!empty($del_temp)) {
$filenames = array();
// Before deleting, get the names for the log
$query = $smcFunc['db_query']('', '
SELECT filename, attachment_type
FROM {db_prefix}attachments
WHERE id_attach IN ({array_int:attach})
ORDER BY id_attach', array('attach' => $del_temp));
$removed = array();
while ($row = $smcFunc['db_fetch_assoc']($query)) {
$row['filename'] = htmlspecialchars($row['filename']);
$filenames[] = $row['filename'];
if ($row['attachment_type'] == 0) {
$removed[] = $row['filename'];
}
}
if (!empty($removed)) {
$context['log_params']['att_removed'] = $removed;
}
// Now you can delete
require_once $sourcedir . '/ManageAttachments.php';
$attachmentQuery = array('attachment_type' => 0, 'id_msg' => 0, 'id_attach' => $del_temp);
removeAttachments($attachmentQuery);
}
}
// ...or attach a new file...
if (!empty($_FILES) || !empty($_SESSION['temp_attachments'])) {
if (!empty($FILES)) {
$_FILES = array_reverse($_FILES);
}
shd_is_allowed_to('shd_post_attachment');
// Make sure we're uploading to the right place.
if (!empty($modSettings['currentAttachmentUploadDir'])) {
if (!is_array($modSettings['attachmentUploadDir'])) {
$modSettings['attachmentUploadDir'] = json_decode($modSettings['attachmentUploadDir'], true);
}
// The current directory, of course!
$current_attach_dir = $modSettings['attachmentUploadDir'][$modSettings['currentAttachmentUploadDir']];
} else {
$current_attach_dir = $modSettings['attachmentUploadDir'];
}
// If this isn't a new post, check the current attachments.
if (isset($_REQUEST['msg']) || !empty($context['ticket_id'])) {
$request = shd_db_query('', '
SELECT COUNT(*), SUM(size)
FROM {db_prefix}attachments AS a
INNER JOIN {db_prefix}helpdesk_attachments AS hda ON (a.id_attach = hda.id_attach)
WHERE ' . ($modSettings['shd_attachments_mode'] == 'ticket' ? 'hda.id_ticket = {int:ticket}' : 'hda.id_msg = {int:msg}') . '
AND attachment_type = {int:attachment_type}', array('msg' => $context['ticket_form']['msg'], 'ticket' => $context['ticket_id'], 'attachment_type' => 0));
list($quantity, $total_size) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
} else {
$quantity = 0;
$total_size = 0;
}
if (!empty($_SESSION['temp_attachments'])) {
foreach ($_SESSION['temp_attachments'] as $attachID => $name) {
if (preg_match('~^post_tmp_' . $user_info['id'] . '_\\d+$~', $attachID) == 0) {
continue;
}
if (!empty($_POST['attach_del']) && !in_array($attachID, $_POST['attach_del'])) {
unset($_SESSION['temp_attachments'][$attachID]);
@unlink($current_attach_dir . '/' . $attachID);
continue;
}
$_FILES['attachment' . $attachID]['tmp_name'] = $attachID;
$_FILES['attachment' . $attachID]['name'] = $name;
$_FILES['attachment' . $attachID]['size'] = filesize($current_attach_dir . '/' . $attachID);
list($_FILES['attachment' . $attachID]['width'], $_FILES['attachment' . $attachID]['height']) = @getimagesize($current_attach_dir . '/' . $attachID);
unset($_SESSION['temp_attachments'][$attachID]);
}
}
foreach ($_FILES as $uplfile) {
if ($uplfile['name'] == '') {
continue;
}
// Have we reached the maximum number of files we are allowed?
$quantity++;
$file_limit = !empty($modSettings['attachmentNumPerPostLimit']) && $modSettings['shd_attachments_mode'] != 'ticket' ? $modSettings['attachmentNumPerPostLimit'] : $quantity + 1;
if ($quantity > $file_limit) {
checkSubmitOnce('free');
fatal_lang_error('attachments_limit_per_post', false, array($modSettings['attachmentNumPerPostLimit']));
}
// Check the total upload size for this post...
$total_size += $uplfile['size'];
$size_limit = !empty($modSettings['attachmentPostLimit']) && $modSettings['shd_attachments_mode'] != 'ticket' ? $modSettings['attachmentPostLimit'] * 1024 : $total_size + 1024;
if ($total_size > $size_limit) {
checkSubmitOnce('free');
fatal_lang_error('file_too_big', false, array($modSettings['attachmentPostLimit']));
}
$attachmentOptions = array('post' => 0, 'poster' => $user_info['id'], 'name' => $uplfile['name'], 'tmp_name' => $uplfile['tmp_name'], 'size' => $uplfile['size'], 'id_folder' => $modSettings['currentAttachmentUploadDir']);
if (createAttachment($attachmentOptions)) {
$attachIDs[] = $attachmentOptions['id'];
if (!empty($attachmentOptions['thumb'])) {
$attachIDs[] = $attachmentOptions['thumb'];
}
$context['log_params']['att_added'][] = htmlspecialchars($attachmentOptions['name']);
} else {
if (in_array('could_not_upload', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_lang_error('attach_timeout', 'critical');
}
if (in_array('too_large', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_lang_error('file_too_big', false, array($modSettings['attachmentSizeLimit']));
}
if (in_array('bad_extension', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_error($attachmentOptions['name'] . '.<br />' . $txt['cant_upload_type'] . ' ' . strtr($modSettings['attachmentExtensions'], array(',' => ', ')) . '.', false);
}
if (in_array('directory_full', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_lang_error('ran_out_of_space', 'critical');
}
if (in_array('bad_filename', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_error(basename($attachmentOptions['name']) . '.<br />' . $txt['restricted_filename'] . '.', 'critical');
}
if (in_array('taken_filename', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_lang_error('filename_exists');
}
}
}
}
return $attachIDs;
}
function MessagePost2()
{
global $txt, $ID_MEMBER, $context, $sourcedir;
global $db_prefix, $user_info, $modSettings, $scripturl, $func;
isAllowedTo('pm_send');
require_once $sourcedir . '/Subs-Auth.php';
if (loadLanguage('PersonalMessage', '', false) === false) {
loadLanguage('InstantMessage');
}
// Extract out the spam settings - it saves database space!
list($modSettings['max_pm_recipients'], $modSettings['pm_posts_verification'], $modSettings['pm_posts_per_hour']) = explode(',', $modSettings['pm_spam_settings']);
// Check whether we've gone over the limit of messages we can send per hour - fatal error if fails!
if (!empty($modSettings['pm_posts_per_hour']) && !allowedTo(array('admin_forum', 'moderate_forum', 'send_mail'))) {
// How many messages have they sent this last hour?
$request = db_query("\n\t\t\tSELECT COUNT(pr.ID_PM) AS postCount\n\t\t\tFROM ({$db_prefix}personal_messages AS pm, {$db_prefix}pm_recipients AS pr)\n\t\t\tWHERE pm.ID_MEMBER_FROM = {$ID_MEMBER}\n\t\t\t\tAND pm.msgtime > " . (time() - 3600) . "\n\t\t\t\tAND pr.ID_PM = pm.ID_PM", __FILE__, __LINE__);
list($postCount) = mysql_fetch_row($request);
mysql_free_result($request);
if (!empty($postCount) && $postCount >= $modSettings['pm_posts_per_hour']) {
// Excempt moderators.
$request = db_query("\n\t\t\t\tSELECT ID_MEMBER\n\t\t\t\tFROM {$db_prefix}moderators\n\t\t\t\tWHERE ID_MEMBER = {$ID_MEMBER}", __FILE__, __LINE__);
if (mysql_num_rows($request) == 0) {
fatal_error(sprintf($txt['pm_too_many_per_hour'], $modSettings['pm_posts_per_hour']));
}
mysql_free_result($request);
}
}
// Initialize the errors we're about to make.
$post_errors = array();
// If your session timed out, show an error, but do allow to re-submit.
if (checkSession('post', '', false) != '') {
$post_errors[] = 'session_timeout';
}
$_REQUEST['subject'] = isset($_REQUEST['subject']) ? trim($_REQUEST['subject']) : '';
$_REQUEST['to'] = empty($_POST['to']) ? empty($_GET['to']) ? '' : $_GET['to'] : stripslashes($_POST['to']);
$_REQUEST['bcc'] = empty($_POST['bcc']) ? empty($_GET['bcc']) ? '' : $_GET['bcc'] : stripslashes($_POST['bcc']);
// Did they make any mistakes?
if ($_REQUEST['subject'] == '') {
$post_errors[] = 'no_subject';
}
if (!isset($_REQUEST['message']) || $_REQUEST['message'] == '') {
$post_errors[] = 'no_message';
} elseif (!empty($modSettings['max_messageLength']) && $func['strlen']($_REQUEST['message']) > $modSettings['max_messageLength']) {
$post_errors[] = 'long_message';
}
if (empty($_REQUEST['to']) && empty($_REQUEST['bcc']) && empty($_REQUEST['u'])) {
$post_errors[] = 'no_to';
}
// Wrong verification code?
if (!$user_info['is_admin'] && !empty($modSettings['pm_posts_verification']) && $user_info['posts'] < $modSettings['pm_posts_verification'] && (empty($_REQUEST['visual_verification_code']) || strtoupper($_REQUEST['visual_verification_code']) !== $_SESSION['visual_verification_code'])) {
$post_errors[] = 'wrong_verification_code';
}
// If they did, give a chance to make ammends.
if (!empty($post_errors)) {
return messagePostError($post_errors, $func['htmlspecialchars']($_REQUEST['to']), $func['htmlspecialchars']($_REQUEST['bcc']));
}
// Want to take a second glance before you send?
if (isset($_REQUEST['preview'])) {
// Set everything up to be displayed.
$context['preview_subject'] = $func['htmlspecialchars'](stripslashes($_REQUEST['subject']));
$context['preview_message'] = $func['htmlspecialchars'](stripslashes($_REQUEST['message']), ENT_QUOTES);
preparsecode($context['preview_message'], true);
// Parse out the BBC if it is enabled.
$context['preview_message'] = parse_bbc($context['preview_message']);
// Censor, as always.
censorText($context['preview_subject']);
censorText($context['preview_message']);
// Set a descriptive title.
$context['page_title'] = $txt[507] . ' - ' . $context['preview_subject'];
// Pretend they messed up :P.
return messagePostError(array(), $func['htmlspecialchars']($_REQUEST['to']), $func['htmlspecialchars']($_REQUEST['bcc']));
}
// Protect from message spamming.
spamProtection('spam');
// Prevent double submission of this form.
checkSubmitOnce('check');
// Initialize member ID array.
$recipients = array('to' => array(), 'bcc' => array());
// Format the to and bcc members.
$input = array('to' => array(), 'bcc' => array());
if (empty($_REQUEST['u'])) {
// To who..?
if (!empty($_REQUEST['to'])) {
// We're going to take out the "s anyway ;).
$_REQUEST['to'] = strtr($_REQUEST['to'], array('\\"' => '"'));
preg_match_all('~"([^"]+)"~', $_REQUEST['to'], $matches);
$input['to'] = array_unique(array_merge($matches[1], explode(',', preg_replace('~"([^"]+)"~', '', $_REQUEST['to']))));
}
// Your secret's safe with me!
if (!empty($_REQUEST['bcc'])) {
// We're going to take out the "s anyway ;).
$_REQUEST['bcc'] = strtr($_REQUEST['bcc'], array('\\"' => '"'));
preg_match_all('~"([^"]+)"~', $_REQUEST['bcc'], $matches);
$input['bcc'] = array_unique(array_merge($matches[1], explode(',', preg_replace('~"([^"]+)"~', '', $_REQUEST['bcc']))));
}
foreach ($input as $rec_type => $rec) {
foreach ($rec as $index => $member) {
if (strlen(trim($member)) > 0) {
$input[$rec_type][$index] = $func['htmlspecialchars']($func['strtolower'](stripslashes(trim($member))));
} else {
unset($input[$rec_type][$index]);
}
}
}
// Find the requested members - bcc and to.
$foundMembers = findMembers(array_merge($input['to'], $input['bcc']));
// Store IDs of the members that were found.
foreach ($foundMembers as $member) {
// It's easier this way.
$member['name'] = strtr($member['name'], array(''' => '\''));
foreach ($input as $rec_type => $to_members) {
if (array_intersect(array($func['strtolower']($member['username']), $func['strtolower']($member['name']), $func['strtolower']($member['email'])), $to_members)) {
$recipients[$rec_type][] = $member['id'];
// Get rid of this username. The ones that remain were not found.
$input[$rec_type] = array_diff($input[$rec_type], array($func['strtolower']($member['username']), $func['strtolower']($member['name']), $func['strtolower']($member['email'])));
}
}
}
} else {
$_REQUEST['u'] = explode(',', $_REQUEST['u']);
foreach ($_REQUEST['u'] as $key => $uID) {
$_REQUEST['u'][$key] = (int) $uID;
}
$request = db_query("\n\t\t\tSELECT ID_MEMBER\n\t\t\tFROM {$db_prefix}members\n\t\t\tWHERE ID_MEMBER IN (" . implode(',', $_REQUEST['u']) . ")\n\t\t\tLIMIT " . count($_REQUEST['u']), __FILE__, __LINE__);
while ($row = mysql_fetch_assoc($request)) {
$recipients['to'][] = $row['ID_MEMBER'];
}
mysql_free_result($request);
}
// Before we send the PM, let's make sure we don't have an abuse of numbers.
if (!empty($modSettings['max_pm_recipients']) && count($recipients['to']) + count($recipients['bcc']) > $modSettings['max_pm_recipients'] && !allowedTo(array('moderate_forum', 'send_mail', 'admin_forum'))) {
$context['send_log'] = array('sent' => array(), 'failed' => array(sprintf($txt['pm_too_many_recipients'], $modSettings['max_pm_recipients'])));
} else {
if (!empty($recipients['to']) || !empty($recipients['bcc'])) {
$context['send_log'] = sendpm($recipients, $_REQUEST['subject'], $_REQUEST['message'], !empty($_REQUEST['outbox']));
} else {
$context['send_log'] = array('sent' => array(), 'failed' => array());
}
}
// Add a log message for all recipients that were not found.
foreach ($input as $rec_type => $rec) {
// Either bad_to or bad_bcc.
if (!empty($rec) && !in_array('bad_' . $rec_type, $post_errors)) {
$post_errors[] = 'bad_' . $rec_type;
}
foreach ($rec as $i => $member) {
$context['send_log']['failed'][] = sprintf($txt['pm_error_user_not_found'], $input[$rec_type][$i]);
}
}
// Mark the message as "replied to".
if (!empty($context['send_log']['sent']) && !empty($_REQUEST['replied_to']) && isset($_REQUEST['f']) && $_REQUEST['f'] == 'inbox') {
db_query("\n\t\t\tUPDATE {$db_prefix}pm_recipients\n\t\t\tSET is_read = is_read | 2\n\t\t\tWHERE ID_PM = " . (int) $_REQUEST['replied_to'] . "\n\t\t\t\tAND ID_MEMBER = {$ID_MEMBER}\n\t\t\tLIMIT 1", __FILE__, __LINE__);
}
// If one or more of the recipient were invalid, go back to the post screen with the failed usernames.
if (!empty($context['send_log']['failed'])) {
return messagePostError($post_errors, empty($input['to']) ? '' : '"' . implode('", "', $input['to']) . '"', empty($input['bcc']) ? '' : '"' . implode('", "', $input['bcc']) . '"');
}
// Go back to the where they sent from, if possible...
redirectexit($context['current_label_redirect']);
}
/**
* Update the settings for a poll, or add a new one.
* Must be called with a topic specified in the URL.
* The user must have poll_edit_any/poll_add_any permission
* for the relevant action. Otherwise they must be poll starter
* with poll_edit_own permission for editing, or be topic starter
* with poll_add_any permission for adding.
* In the case of an error, this function will redirect back to
* action_editpoll and display the relevant error message.
* Upon successful completion of action will direct user back to topic.
* Accessed via ?action=editpoll2.
*/
public function action_editpoll2()
{
global $topic, $board, $user_info;
// Sneaking off, are we?
if (empty($_POST)) {
redirectexit('action=editpoll;topic=' . $topic . '.0');
}
$poll_errors = Error_Context::context('poll');
if (checkSession('post', '', false) != '') {
$poll_errors->addError('session_timeout');
}
if (isset($_POST['preview'])) {
return $this->action_editpoll();
}
// HACKERS (!!) can't edit :P.
if (empty($topic)) {
fatal_lang_error('no_access', false);
}
// Is this a new poll, or editing an existing?
$isEdit = isset($_REQUEST['add']) ? 0 : 1;
// Make sure we have our stuff.
require_once SUBSDIR . '/Poll.subs.php';
// Get the starter and the poll's ID - if it's an edit.
$bcinfo = getPollStarter($topic);
// Check their adding/editing is valid.
if (!$isEdit && !empty($bcinfo['id_poll'])) {
fatal_lang_error('poll_already_exists');
} elseif ($isEdit && empty($bcinfo['id_poll'])) {
fatal_lang_error('poll_not_found');
}
// Check if they have the power to add or edit the poll.
if ($isEdit && !allowedTo('poll_edit_any')) {
isAllowedTo('poll_edit_' . ($user_info['id'] == $bcinfo['id_member_started'] || $bcinfo['poll_starter'] != 0 && $user_info['id'] == $bcinfo['poll_starter'] ? 'own' : 'any'));
} elseif (!$isEdit && !allowedTo('poll_add_any')) {
isAllowedTo('poll_add_' . ($user_info['id'] == $bcinfo['id_member_started'] ? 'own' : 'any'));
}
$optionCount = 0;
$idCount = 0;
// Ensure the user is leaving a valid amount of options - there must be at least two.
foreach ($_POST['options'] as $k => $option) {
if (trim($option) != '') {
$optionCount++;
$idCount = max($idCount, $k);
}
}
if ($optionCount < 2) {
$poll_errors->addError('poll_few');
} elseif ($optionCount > 256 || $idCount > 255) {
$poll_errors->addError('poll_many');
}
// Also - ensure they are not removing the question.
if (trim($_POST['question']) == '') {
$poll_errors->addError('no_question');
}
// Got any errors to report?
if ($poll_errors->hasErrors()) {
return $this->action_editpoll();
}
// Prevent double submission of this form.
checkSubmitOnce('check');
// Now we've done all our error checking, let's get the core poll information cleaned... question first.
$_POST['question'] = Util::htmlspecialchars($_POST['question']);
$_POST['question'] = Util::substr($_POST['question'], 0, 255);
$_POST['poll_hide'] = (int) $_POST['poll_hide'];
$_POST['poll_expire'] = isset($_POST['poll_expire']) ? (int) $_POST['poll_expire'] : 0;
$_POST['poll_change_vote'] = isset($_POST['poll_change_vote']) ? 1 : 0;
$_POST['poll_guest_vote'] = isset($_POST['poll_guest_vote']) ? 1 : 0;
// Make sure guests are actually allowed to vote generally.
if ($_POST['poll_guest_vote']) {
require_once SUBSDIR . '/Members.subs.php';
$allowedGroups = groupsAllowedTo('poll_vote', $board);
if (!in_array(-1, $allowedGroups['allowed'])) {
$_POST['poll_guest_vote'] = 0;
}
}
// Ensure that the number options allowed makes sense, and the expiration date is valid.
if (!$isEdit || allowedTo('moderate_board')) {
$_POST['poll_expire'] = $_POST['poll_expire'] > 9999 ? 9999 : ($_POST['poll_expire'] < 0 ? 0 : $_POST['poll_expire']);
if (empty($_POST['poll_expire']) && $_POST['poll_hide'] == 2) {
$_POST['poll_hide'] = 1;
} elseif (!$isEdit || $_POST['poll_expire'] != ceil($bcinfo['expire_time'] <= time() ? -1 : ($bcinfo['expire_time'] - time()) / (3600 * 24))) {
$_POST['poll_expire'] = empty($_POST['poll_expire']) ? '0' : time() + $_POST['poll_expire'] * 3600 * 24;
} else {
$_POST['poll_expire'] = $bcinfo['expire_time'];
}
if (empty($_POST['poll_max_votes']) || $_POST['poll_max_votes'] <= 0) {
$_POST['poll_max_votes'] = 1;
} else {
$_POST['poll_max_votes'] = (int) $_POST['poll_max_votes'];
}
}
// If we're editing, let's commit the changes.
if ($isEdit) {
modifyPoll($bcinfo['id_poll'], $_POST['question'], !empty($_POST['poll_max_votes']) ? $_POST['poll_max_votes'] : 0, $_POST['poll_hide'], !empty($_POST['poll_expire']) ? $_POST['poll_expire'] : 0, $_POST['poll_change_vote'], $_POST['poll_guest_vote']);
} else {
// Create the poll.
$bcinfo['id_poll'] = createPoll($_POST['question'], $user_info['id'], $user_info['username'], $_POST['poll_max_votes'], $_POST['poll_hide'], $_POST['poll_expire'], $_POST['poll_change_vote'], $_POST['poll_guest_vote']);
// Link the poll to the topic.
associatedPoll($topic, $bcinfo['id_poll']);
}
// Get all the choices. (no better way to remove all emptied and add previously non-existent ones.)
$choices = array_keys(pollOptions($bcinfo['id_poll']));
$add_options = array();
$update_options = array();
$delete_options = array();
foreach ($_POST['options'] as $k => $option) {
// Make sure the key is numeric for sanity's sake.
$k = (int) $k;
// They've cleared the box. Either they want it deleted, or it never existed.
if (trim($option) == '') {
// They want it deleted. Bye.
if (in_array($k, $choices)) {
$delete_options[] = $k;
}
// Skip the rest...
continue;
}
// Dress the option up for its big date with the database.
$option = Util::htmlspecialchars($option);
// If it's already there, update it. If it's not... add it.
if (in_array($k, $choices)) {
$update_options[] = array($bcinfo['id_poll'], $k, $option);
} else {
$add_options[] = array($bcinfo['id_poll'], $k, $option, 0);
}
}
if (!empty($update_options)) {
modifyPollOption($update_options);
}
if (!empty($add_options)) {
insertPollOptions($add_options);
}
// I'm sorry, but... well, no one was choosing you. Poor options, I'll put you out of your misery.
if (!empty($delete_options)) {
deletePollOptions($bcinfo['id_poll'], $delete_options);
}
// Shall I reset the vote count, sir?
if (isset($_POST['resetVoteCount'])) {
resetVotes($bcinfo['id_poll']);
}
call_integration_hook('integrate_poll_add_edit', array($bcinfo['id_poll'], $isEdit));
// Off we go.
redirectexit('topic=' . $topic . '.' . $_REQUEST['start']);
}
/**
* Handles the actual assignment form, validates it and carries it out.
*
* Primarily this is just about receiving the form, making the same checks that {@link shd_assign()} does and then
* logging the action before passing over to {@link shd_commit_assignment()} to actually assign the ticket.
*
* @see shd_assign()
* @see shd_commit_assignment()
* @since 1.0
*/
function shd_assign2()
{
global $context, $smcFunc, $user_info, $sourcedir;
checkSession();
checkSubmitOnce('check');
if (empty($context['ticket_id'])) {
fatal_lang_error('shd_no_ticket');
}
$context['shd_return_to'] = isset($_REQUEST['home']) ? 'home' : 'ticket';
$assignee = isset($_REQUEST['to_user']) ? (int) $_REQUEST['to_user'] : 0;
// Get ticket details - and kick it out if they shouldn't be able to see it.
$query = shd_db_query('', '
SELECT id_member_started, id_member_assigned, private, subject, status, id_dept
FROM {db_prefix}helpdesk_tickets AS hdt
WHERE {query_see_ticket} AND id_ticket = {int:ticket}', array('ticket' => $context['ticket_id']));
$log_params = array();
if ($row = $smcFunc['db_fetch_row']($query)) {
list($ticket_starter, $ticket_owner, $private, $subject, $status, $dept) = $row;
// The core details that we'll be logging
$log_params = array('subject' => $subject, 'ticket' => $context['ticket_id']);
} else {
$smcFunc['db_free_result']($query);
fatal_lang_error('shd_no_ticket');
}
// Just in case, are they cancelling?
if (isset($_REQUEST['cancel'])) {
redirectexit('action=helpdesk;sa=ticket;ticket=' . $context['ticket_id']);
}
if ($status == TICKET_STATUS_CLOSED || $status == TICKET_STATUS_DELETED) {
fatal_lang_error('shd_cannot_assign', false);
}
if (shd_allowed_to('shd_assign_ticket_any', $dept)) {
if ($assignee == 0) {
shd_log_action('unassign', $log_params);
shd_commit_assignment($context['ticket_id'], 0);
} else {
$members = shd_get_possible_assignees($private, $ticket_starter, $dept);
if (in_array($assignee, $members)) {
global $user_profile;
loadMemberData($assignee, false, 'minimal');
$log_params += array('user_id' => $assignee, 'user_name' => $user_profile[$assignee]['real_name']);
shd_log_action('assign', $log_params);
shd_commit_assignment($context['ticket_id'], $assignee);
} else {
fatal_lang_error('shd_assigned_not_permitted', false);
}
}
} elseif (shd_allowed_to('shd_assign_ticket_own', $dept) && shd_allowed_to('shd_staff', $dept)) {
if ($ticket_owner == 0) {
$log_params += array('user_id' => $user_info['id'], 'user_name' => $user_info['name']);
shd_log_action('assign', $log_params);
shd_commit_assignment($context['ticket_id'], $user_info['id']);
} elseif ($ticket_starter == $user_info['id']) {
shd_log_action('unassign', $log_params);
shd_commit_assignment($context['ticket_id'], 0);
} else {
// oops, assigned to somebody else
fatal_lang_error('shd_cannot_assign_other', false);
}
} else {
fatal_lang_error('shd_cannot_assign', false);
}
}
function Display()
{
global $scripturl, $txt, $modSettings, $context, $settings, $memberContext, $output;
global $options, $sourcedir, $user_info, $user_profile, $board_info, $topic, $board;
global $attachments, $messages_request, $topicinfo, $language;
$context['response_prefixlen'] = strlen($txt['response_prefix']);
$context['need_synhlt'] = true;
$context['is_display_std'] = true;
$context['pcache_update_counter'] = !empty($modSettings['use_post_cache']) ? 0 : PCACHE_UPDATE_PER_VIEW + 1;
$context['time_cutoff_ref'] = time();
$context['template_hooks']['display'] = array('header' => '', 'extend_topicheader' => '', 'above_posts' => '', 'below_posts' => '', 'footer' => '');
//EoS_Smarty::getConfigInstance()->registerHookTemplate('postbit_below', 'overrides/foo');
if (!empty($modSettings['karmaMode'])) {
require_once $sourcedir . '/lib/Subs-Ratings.php';
} else {
$context['can_see_like'] = $context['can_give_like'] = false;
}
// What are you gonna display if these are empty?!
if (empty($topic)) {
fatal_lang_error('no_board', false);
}
// Not only does a prefetch make things slower for the server, but it makes it impossible to know if they read it.
if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch') {
ob_end_clean();
header('HTTP/1.1 403 Prefetch Forbidden');
die;
}
// How much are we sticking on each page?
$context['messages_per_page'] = commonAPI::getMessagesPerPage();
$context['page_number'] = isset($_REQUEST['start']) ? $_REQUEST['start'] / $context['messages_per_page'] : 0;
// Let's do some work on what to search index.
//$context['multiquote_cookiename'] = 'mq_' . $context['current_topic'];
$context['multiquote_posts'] = array();
if (isset($_COOKIE[$context['multiquote_cookiename']]) && strlen($_COOKIE[$context['multiquote_cookiename']]) > 1) {
$context['multiquote_posts'] = explode(',', $_COOKIE[$context['multiquote_cookiename']]);
}
$context['multiquote_posts_count'] = count($context['multiquote_posts']);
if (count($_GET) > 2) {
foreach ($_GET as $k => $v) {
if (!in_array($k, array('topic', 'board', 'start', session_name()))) {
$context['robot_no_index'] = true;
}
}
}
if (!empty($_REQUEST['start']) && (!is_numeric($_REQUEST['start']) || $_REQUEST['start'] % $context['messages_per_page'] != 0)) {
$context['robot_no_index'] = true;
}
// Find the previous or next topic. Make a fuss if there are no more.
if (isset($_REQUEST['prev_next']) && ($_REQUEST['prev_next'] == 'prev' || $_REQUEST['prev_next'] == 'next')) {
// No use in calculating the next topic if there's only one.
if ($board_info['num_topics'] > 1) {
// Just prepare some variables that are used in the query.
$gt_lt = $_REQUEST['prev_next'] == 'prev' ? '>' : '<';
$order = $_REQUEST['prev_next'] == 'prev' ? '' : ' DESC';
$request = smf_db_query('
SELECT t2.id_topic
FROM {db_prefix}topics AS t
INNER JOIN {db_prefix}topics AS t2 ON (' . (empty($modSettings['enableStickyTopics']) ? '
t2.id_last_msg ' . $gt_lt . ' t.id_last_msg' : '
(t2.id_last_msg ' . $gt_lt . ' t.id_last_msg AND t2.is_sticky ' . $gt_lt . '= t.is_sticky) OR t2.is_sticky ' . $gt_lt . ' t.is_sticky') . ')
WHERE t.id_topic = {int:current_topic}
AND t2.id_board = {int:current_board}' . (!$modSettings['postmod_active'] || allowedTo('approve_posts') ? '' : '
AND (t2.approved = {int:is_approved} OR (t2.id_member_started != {int:id_member_started} AND t2.id_member_started = {int:current_member}))') . '
ORDER BY' . (empty($modSettings['enableStickyTopics']) ? '' : ' t2.is_sticky' . $order . ',') . ' t2.id_last_msg' . $order . '
LIMIT 1', array('current_board' => $board, 'current_member' => $user_info['id'], 'current_topic' => $topic, 'is_approved' => 1, 'id_member_started' => 0));
// No more left.
if (mysql_num_rows($request) == 0) {
mysql_free_result($request);
// Roll over - if we're going prev, get the last - otherwise the first.
$request = smf_db_query('
SELECT id_topic
FROM {db_prefix}topics
WHERE id_board = {int:current_board}' . (!$modSettings['postmod_active'] || allowedTo('approve_posts') ? '' : '
AND (approved = {int:is_approved} OR (id_member_started != {int:id_member_started} AND id_member_started = {int:current_member}))') . '
ORDER BY' . (empty($modSettings['enableStickyTopics']) ? '' : ' is_sticky' . $order . ',') . ' id_last_msg' . $order . '
LIMIT 1', array('current_board' => $board, 'current_member' => $user_info['id'], 'is_approved' => 1, 'id_member_started' => 0));
}
// Now you can be sure $topic is the id_topic to view.
list($topic) = mysql_fetch_row($request);
mysql_free_result($request);
$context['current_topic'] = $topic;
}
// Go to the newest message on this topic.
$_REQUEST['start'] = 'new';
}
// Add 1 to the number of views of this topic.
if (empty($_SESSION['last_read_topic']) || $_SESSION['last_read_topic'] != $topic) {
smf_db_query('
UPDATE {db_prefix}topics
SET num_views = num_views + 1
WHERE id_topic = {int:current_topic}', array('current_topic' => $topic));
$_SESSION['last_read_topic'] = $topic;
}
if ($modSettings['tags_active']) {
$dbresult = smf_db_query('
SELECT t.tag,l.ID,t.ID_TAG FROM {db_prefix}tags_log as l, {db_prefix}tags as t
WHERE t.ID_TAG = l.ID_TAG && l.ID_TOPIC = {int:topic}', array('topic' => $topic));
$context['topic_tags'] = array();
while ($row = mysql_fetch_assoc($dbresult)) {
$context['topic_tags'][] = array('ID' => $row['ID'], 'ID_TAG' => $row['ID_TAG'], 'tag' => $row['tag']);
}
mysql_free_result($dbresult);
$context['tags_active'] = true;
} else {
$context['topic_tags'] = $context['tags_active'] = 0;
}
// Get all the important topic info.
$request = smf_db_query('SELECT
t.num_replies, t.num_views, t.locked, ms.poster_name, ms.subject, ms.poster_email, ms.poster_time AS first_post_time, t.is_sticky, t.id_poll,
t.id_member_started, t.id_first_msg, t.id_last_msg, t.approved, t.unapproved_posts, t.id_layout,
' . ($user_info['is_guest'] ? 't.id_last_msg + 1' : 'IFNULL(lt.id_msg, IFNULL(lmr.id_msg, -1)) + 1') . ' AS new_from
' . (!empty($modSettings['recycle_board']) && $modSettings['recycle_board'] == $board ? ', id_previous_board, id_previous_topic' : '') . ',
p.name AS prefix_name, ms1.poster_time AS last_post_time, ms1.modified_time AS last_modified_time, IFNULL(b.automerge, 0) AS automerge
FROM {db_prefix}topics AS t
INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
INNER JOIN {db_prefix}messages AS ms1 ON (ms1.id_msg = t.id_last_msg)
INNER JOIN {db_prefix}messages AS ms ON (ms.id_msg = t.id_first_msg)' . ($user_info['is_guest'] ? '' : '
LEFT JOIN {db_prefix}log_topics AS lt ON (lt.id_topic = {int:current_topic} AND lt.id_member = {int:current_member})
LEFT JOIN {db_prefix}log_mark_read AS lmr ON (lmr.id_board = {int:current_board} AND lmr.id_member = {int:current_member})') . '
LEFT JOIN {db_prefix}prefixes as p ON p.id_prefix = t.id_prefix
WHERE t.id_topic = {int:current_topic}
LIMIT 1', array('current_member' => $user_info['id'], 'current_topic' => $topic, 'current_board' => $board));
if (mysql_num_rows($request) == 0) {
fatal_lang_error('not_a_topic', false);
}
// Added by Related Topics
if (isset($modSettings['have_related_topics']) && $modSettings['have_related_topics'] && !empty($modSettings['relatedTopicsEnabled'])) {
require_once $sourcedir . '/lib/Subs-Related.php';
loadRelated($topic);
}
$topicinfo = mysql_fetch_assoc($request);
mysql_free_result($request);
$context['topic_banned_members'] = array();
$request = smf_db_query('SELECT id_member FROM {db_prefix}topicbans WHERE id_topic = {int:topic}', array('topic' => $topic));
if (mysql_num_rows($request) != 0) {
while ($row = mysql_fetch_row($request)) {
$context['topic_banned_members'][] = $row[0];
}
}
mysql_free_result($request);
$context['topic_banned_members_count'] = count($context['topic_banned_members']);
$context['topic_last_modified'] = max($topicinfo['last_post_time'], $topicinfo['last_modified_time']);
// todo: considering - make post cutoff time for the cache depend on the modification time of the topic's last post
$context['real_num_replies'] = $context['num_replies'] = $topicinfo['num_replies'];
$context['topic_first_message'] = $topicinfo['id_first_msg'];
$context['topic_last_message'] = $topicinfo['id_last_msg'];
$context['first_subject'] = $topicinfo['subject'];
$context['prefix'] = !empty($topicinfo['prefix_name']) ? html_entity_decode($topicinfo['prefix_name']) . ' ' : '';
$context['automerge'] = $topicinfo['automerge'] > 0;
// Add up unapproved replies to get real number of replies...
if ($modSettings['postmod_active'] && allowedTo('approve_posts')) {
$context['real_num_replies'] += $topicinfo['unapproved_posts'] - ($topicinfo['approved'] ? 0 : 1);
}
// If this topic has unapproved posts, we need to work out how many posts the user can see, for page indexing.
if ($modSettings['postmod_active'] && $topicinfo['unapproved_posts'] && !$user_info['is_guest'] && !allowedTo('approve_posts')) {
$request = smf_db_query('
SELECT COUNT(id_member) AS my_unapproved_posts
FROM {db_prefix}messages
WHERE id_topic = {int:current_topic}
AND id_member = {int:current_member}
AND approved = 0', array('current_topic' => $topic, 'current_member' => $user_info['id']));
list($myUnapprovedPosts) = mysql_fetch_row($request);
mysql_free_result($request);
$context['total_visible_posts'] = $context['num_replies'] + $myUnapprovedPosts + ($topicinfo['approved'] ? 1 : 0);
} else {
$context['total_visible_posts'] = $context['num_replies'] + $topicinfo['unapproved_posts'] + ($topicinfo['approved'] ? 1 : 0);
}
// When was the last time this topic was replied to? Should we warn them about it?
/* redundant query? last_post_time is already in $topicinfo[]
$request = smf_db_query( '
SELECT poster_time
FROM {db_prefix}messages
WHERE id_msg = {int:id_last_msg}
LIMIT 1',
array(
'id_last_msg' => $topicinfo['id_last_msg'],
)
);
list ($lastPostTime) = mysql_fetch_row($request);
mysql_free_result($request);
*/
$lastPostTime = $topicinfo['last_post_time'];
$context['oldTopicError'] = !empty($modSettings['oldTopicDays']) && $lastPostTime + $modSettings['oldTopicDays'] * 86400 < time() && empty($sticky);
// The start isn't a number; it's information about what to do, where to go.
if (!is_numeric($_REQUEST['start'])) {
// Redirect to the page and post with new messages, originally by Omar Bazavilvazo.
if ($_REQUEST['start'] == 'new') {
// Guests automatically go to the last post.
if ($user_info['is_guest']) {
$context['start_from'] = $context['total_visible_posts'] - 1;
$_REQUEST['start'] = empty($options['view_newest_first']) ? $context['start_from'] : 0;
} else {
// Find the earliest unread message in the topic. (the use of topics here is just for both tables.)
$request = smf_db_query('
SELECT IFNULL(lt.id_msg, IFNULL(lmr.id_msg, -1)) + 1 AS new_from
FROM {db_prefix}topics AS t
LEFT JOIN {db_prefix}log_topics AS lt ON (lt.id_topic = {int:current_topic} AND lt.id_member = {int:current_member})
LEFT JOIN {db_prefix}log_mark_read AS lmr ON (lmr.id_board = {int:current_board} AND lmr.id_member = {int:current_member})
WHERE t.id_topic = {int:current_topic}
LIMIT 1', array('current_board' => $board, 'current_member' => $user_info['id'], 'current_topic' => $topic));
list($new_from) = mysql_fetch_row($request);
mysql_free_result($request);
// Fall through to the next if statement.
$_REQUEST['start'] = 'msg' . $new_from;
}
}
// Start from a certain time index, not a message.
if (substr($_REQUEST['start'], 0, 4) == 'from') {
$timestamp = (int) substr($_REQUEST['start'], 4);
if ($timestamp === 0) {
$_REQUEST['start'] = 0;
} else {
// Find the number of messages posted before said time...
$request = smf_db_query('
SELECT COUNT(*)
FROM {db_prefix}messages
WHERE poster_time < {int:timestamp}
AND id_topic = {int:current_topic}' . ($modSettings['postmod_active'] && $topicinfo['unapproved_posts'] && !allowedTo('approve_posts') ? '
AND (approved = {int:is_approved}' . ($user_info['is_guest'] ? '' : ' OR id_member = {int:current_member}') . ')' : ''), array('current_topic' => $topic, 'current_member' => $user_info['id'], 'is_approved' => 1, 'timestamp' => $timestamp));
list($context['start_from']) = mysql_fetch_row($request);
mysql_free_result($request);
// Handle view_newest_first options, and get the correct start value.
$_REQUEST['start'] = empty($options['view_newest_first']) ? $context['start_from'] : $context['total_visible_posts'] - $context['start_from'] - 1;
}
} elseif (substr($_REQUEST['start'], 0, 3) == 'msg') {
$virtual_msg = (int) substr($_REQUEST['start'], 3);
if (!$topicinfo['unapproved_posts'] && $virtual_msg >= $topicinfo['id_last_msg']) {
$context['start_from'] = $context['total_visible_posts'] - 1;
} elseif (!$topicinfo['unapproved_posts'] && $virtual_msg <= $topicinfo['id_first_msg']) {
$context['start_from'] = 0;
} else {
// Find the start value for that message......
$request = smf_db_query('
SELECT COUNT(*)
FROM {db_prefix}messages
WHERE id_msg < {int:virtual_msg}
AND id_topic = {int:current_topic}' . ($modSettings['postmod_active'] && $topicinfo['unapproved_posts'] && !allowedTo('approve_posts') ? '
AND (approved = {int:is_approved}' . ($user_info['is_guest'] ? '' : ' OR id_member = {int:current_member}') . ')' : ''), array('current_member' => $user_info['id'], 'current_topic' => $topic, 'virtual_msg' => $virtual_msg, 'is_approved' => 1, 'no_member' => 0));
list($context['start_from']) = mysql_fetch_row($request);
mysql_free_result($request);
}
// We need to reverse the start as well in this case.
if (isset($_REQUEST['perma'])) {
$_REQUEST['start'] = $virtual_msg;
} else {
$_REQUEST['start'] = empty($options['view_newest_first']) ? $context['start_from'] : $context['total_visible_posts'] - $context['start_from'] - 1;
}
}
}
// Create a previous next string if the selected theme has it as a selected option.
$context['previous_next'] = $modSettings['enablePreviousNext'] ? '<a href="' . $scripturl . '?topic=' . $topic . '.0;prev_next=prev#new">' . $txt['previous_next_back'] . '</a> <a href="' . $scripturl . '?topic=' . $topic . '.0;prev_next=next#new">' . $txt['previous_next_forward'] . '</a>' : '';
// Do we need to show the visual verification image?
$context['require_verification'] = !$user_info['is_mod'] && !$user_info['is_admin'] && !empty($modSettings['posts_require_captcha']) && ($user_info['posts'] < $modSettings['posts_require_captcha'] || $user_info['is_guest'] && $modSettings['posts_require_captcha'] == -1);
if ($context['require_verification']) {
require_once $sourcedir . '/lib/Subs-Editor.php';
$verificationOptions = array('id' => 'post', 'skip_template' => true);
$context['require_verification'] = create_control_verification($verificationOptions);
$context['visual_verification_id'] = $verificationOptions['id'];
}
// Are we showing signatures - or disabled fields?
$context['signature_enabled'] = substr($modSettings['signature_settings'], 0, 1) == 1;
$context['disabled_fields'] = isset($modSettings['disabled_profile_fields']) ? array_flip(explode(',', $modSettings['disabled_profile_fields'])) : array();
// Censor the title...
censorText($topicinfo['subject']);
$context['page_title'] = $topicinfo['subject'] . ((int) $context['page_number'] > 0 ? ' - ' . $txt['page'] . ' ' . ($context['page_number'] + 1) : '');
// Is this topic sticky, or can it even be?
$topicinfo['is_sticky'] = empty($modSettings['enableStickyTopics']) ? '0' : $topicinfo['is_sticky'];
// Default this topic to not marked for notifications... of course...
$context['is_marked_notify'] = false;
// Did we report a post to a moderator just now?
$context['report_sent'] = isset($_GET['reportsent']);
// Let's get nosey, who is viewing this topic?
if (!empty($settings['display_who_viewing'])) {
// Start out with no one at all viewing it.
$context['view_members'] = array();
$context['view_members_list'] = array();
$context['view_num_hidden'] = 0;
// Search for members who have this topic set in their GET data.
$request = smf_db_query('
SELECT
lo.id_member, lo.log_time, mem.real_name, mem.member_name, mem.show_online, mem.id_group, mem.id_post_group
FROM {db_prefix}log_online AS lo
LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = lo.id_member)
WHERE INSTR(lo.url, {string:in_url_string}) > 0 OR lo.session = {string:session}', array('in_url_string' => 's:5:"topic";i:' . $topic . ';', 'session' => $user_info['is_guest'] ? 'ip' . $user_info['ip'] : session_id()));
while ($row = mysql_fetch_assoc($request)) {
if (empty($row['id_member'])) {
continue;
}
$class = 'member group_' . (empty($row['id_group']) ? $row['id_post_group'] : $row['id_group']) . (in_array($row['id_member'], $user_info['buddies']) ? ' buddy' : '');
$href = URL::user($row['id_member'], $row['real_name']);
if ($row['id_member'] == $user_info['id']) {
$link = '<strong>' . $txt['you'] . '</strong>';
} else {
$link = '<a onclick="getMcard(' . $row['id_member'] . ');return(false);" class="' . $class . '" href="' . $href . '">' . $row['real_name'] . '</a>';
}
// Add them both to the list and to the more detailed list.
if (!empty($row['show_online']) || allowedTo('moderate_forum')) {
$context['view_members_list'][$row['log_time'] . $row['member_name']] = empty($row['show_online']) ? '<em>' . $link . '</em>' : $link;
}
$context['view_members'][$row['log_time'] . $row['member_name']] = array('id' => $row['id_member'], 'username' => $row['member_name'], 'name' => $row['real_name'], 'group' => $row['id_group'], 'href' => $href, 'link' => $link, 'hidden' => empty($row['show_online']));
if (empty($row['show_online'])) {
$context['view_num_hidden']++;
}
}
// The number of guests is equal to the rows minus the ones we actually used ;).
$context['view_num_guests'] = mysql_num_rows($request) - count($context['view_members']);
mysql_free_result($request);
// Sort the list.
krsort($context['view_members']);
krsort($context['view_members_list']);
}
// If all is set, but not allowed... just unset it.
$can_show_all = !empty($modSettings['enableAllMessages']) && $context['total_visible_posts'] > $context['messages_per_page'] && $context['total_visible_posts'] < $modSettings['enableAllMessages'];
if (isset($_REQUEST['all']) && !$can_show_all) {
unset($_REQUEST['all']);
} elseif (isset($_REQUEST['all'])) {
$_REQUEST['start'] = -1;
}
// Construct the page index, allowing for the .START method...
if (!isset($_REQUEST['perma'])) {
$context['page_index'] = constructPageIndex(URL::topic($topic, $topicinfo['subject'], '%1$d'), $_REQUEST['start'], $context['total_visible_posts'], $context['messages_per_page'], true);
}
$context['start'] = $_REQUEST['start'];
// This is information about which page is current, and which page we're on - in case you don't like the constructed page index. (again, wireles..)
$context['page_info'] = array('current_page' => $_REQUEST['start'] / $context['messages_per_page'] + 1, 'num_pages' => floor(($context['total_visible_posts'] - 1) / $context['messages_per_page']) + 1);
$context['links'] = array('first' => $_REQUEST['start'] >= $context['messages_per_page'] ? $scripturl . '?topic=' . $topic . '.0' : '', 'prev' => $_REQUEST['start'] >= $context['messages_per_page'] ? $scripturl . '?topic=' . $topic . '.' . ($_REQUEST['start'] - $context['messages_per_page']) : '', 'next' => $_REQUEST['start'] + $context['messages_per_page'] < $context['total_visible_posts'] ? $scripturl . '?topic=' . $topic . '.' . ($_REQUEST['start'] + $context['messages_per_page']) : '', 'last' => $_REQUEST['start'] + $context['messages_per_page'] < $context['total_visible_posts'] ? $scripturl . '?topic=' . $topic . '.' . floor($context['total_visible_posts'] / $context['messages_per_page']) * $context['messages_per_page'] : '', 'up' => $scripturl . '?board=' . $board . '.0');
// If they are viewing all the posts, show all the posts, otherwise limit the number.
if ($can_show_all) {
if (isset($_REQUEST['all'])) {
// No limit! (actually, there is a limit, but...)
$context['messages_per_page'] = -1;
$context['page_index'] .= '[<strong>' . $txt['all'] . '</strong>] ';
// Set start back to 0...
$_REQUEST['start'] = 0;
} else {
if (!isset($context['page_index'])) {
$context['page_index'] = '';
}
$context['page_index'] .= ' <a href="' . $scripturl . '?topic=' . $topic . '.0;all">' . $txt['all'] . '</a> ';
}
}
// Build the link tree.
$context['linktree'][] = array('url' => URL::topic($topic, $topicinfo['subject'], 0), 'name' => $topicinfo['subject'], 'extra_before' => $settings['linktree_inline'] ? $txt['topic'] . ': ' : '');
// Build a list of this board's moderators.
$context['moderators'] =& $board_info['moderators'];
$context['link_moderators'] = array();
if (!empty($board_info['moderators'])) {
// Add a link for each moderator...
foreach ($board_info['moderators'] as $mod) {
$context['link_moderators'][] = '<a href="' . $scripturl . '?action=profile;u=' . $mod['id'] . '" title="' . $txt['board_moderator'] . '">' . $mod['name'] . '</a>';
}
// And show it after the board's name.
//$context['linktree'][count($context['linktree']) - 2]['extra_after'] = ' (' . (count($context['link_moderators']) == 1 ? $txt['moderator'] : $txt['moderators']) . ': ' . implode(', ', $context['link_moderators']) . ')';
}
// Information about the current topic...
$context['is_locked'] = $topicinfo['locked'];
$context['is_sticky'] = $topicinfo['is_sticky'];
$context['is_very_hot'] = $topicinfo['num_replies'] >= $modSettings['hotTopicVeryPosts'];
$context['is_hot'] = $topicinfo['num_replies'] >= $modSettings['hotTopicPosts'];
$context['is_approved'] = $topicinfo['approved'];
// We don't want to show the poll icon in the topic class here, so pretend it's not one.
$context['is_poll'] = false;
determineTopicClass($context);
$context['is_poll'] = $topicinfo['id_poll'] > 0 && $modSettings['pollMode'] == '1' && allowedTo('poll_view');
// Did this user start the topic or not?
$context['user']['started'] = $user_info['id'] == $topicinfo['id_member_started'] && !$user_info['is_guest'];
$context['topic_starter_id'] = $topicinfo['id_member_started'];
// Set the topic's information for the template.
$context['subject'] = $topicinfo['subject'];
$context['num_views'] = $topicinfo['num_views'];
$context['mark_unread_time'] = $topicinfo['new_from'];
// Set a canonical URL for this page.
$context['canonical_url'] = URL::topic($topic, $topicinfo['subject'], $context['start']);
$context['share_url'] = $scripturl . '?topic=' . $topic;
// For quick reply we need a response prefix in the default forum language.
if (!isset($context['response_prefix']) && !($context['response_prefix'] = CacheAPI::getCache('response_prefix', 600))) {
if ($language === $user_info['language']) {
$context['response_prefix'] = $txt['response_prefix'];
} else {
loadLanguage('index', $language, false);
$context['response_prefix'] = $txt['response_prefix'];
loadLanguage('index');
}
CacheAPI::putCache('response_prefix', $context['response_prefix'], 600);
}
// If we want to show event information in the topic, prepare the data.
if (allowedTo('calendar_view') && !empty($modSettings['cal_showInTopic']) && !empty($modSettings['cal_enabled'])) {
// First, try create a better time format, ignoring the "time" elements.
if (preg_match('~%[AaBbCcDdeGghjmuYy](?:[^%]*%[AaBbCcDdeGghjmuYy])*~', $user_info['time_format'], $matches) == 0 || empty($matches[0])) {
$date_string = $user_info['time_format'];
} else {
$date_string = $matches[0];
}
// Any calendar information for this topic?
$request = smf_db_query('
SELECT cal.id_event, cal.start_date, cal.end_date, cal.title, cal.id_member, mem.real_name
FROM {db_prefix}calendar AS cal
LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = cal.id_member)
WHERE cal.id_topic = {int:current_topic}
ORDER BY start_date', array('current_topic' => $topic));
$context['linked_calendar_events'] = array();
while ($row = mysql_fetch_assoc($request)) {
// Prepare the dates for being formatted.
$start_date = sscanf($row['start_date'], '%04d-%02d-%02d');
$start_date = mktime(12, 0, 0, $start_date[1], $start_date[2], $start_date[0]);
$end_date = sscanf($row['end_date'], '%04d-%02d-%02d');
$end_date = mktime(12, 0, 0, $end_date[1], $end_date[2], $end_date[0]);
$context['linked_calendar_events'][] = array('id' => $row['id_event'], 'title' => $row['title'], 'can_edit' => allowedTo('calendar_edit_any') || $row['id_member'] == $user_info['id'] && allowedTo('calendar_edit_own'), 'modify_href' => $scripturl . '?action=post;msg=' . $topicinfo['id_first_msg'] . ';topic=' . $topic . '.0;calendar;eventid=' . $row['id_event'] . ';' . $context['session_var'] . '=' . $context['session_id'], 'start_date' => timeformat_static($start_date, $date_string, 'none'), 'start_timestamp' => $start_date, 'end_date' => timeformat_static($end_date, $date_string, 'none'), 'end_timestamp' => $end_date, 'is_last' => false);
}
mysql_free_result($request);
if (!empty($context['linked_calendar_events'])) {
$context['linked_calendar_events'][count($context['linked_calendar_events']) - 1]['is_last'] = true;
}
}
// Create the poll info if it exists.
if ($context['is_poll']) {
// Get the question and if it's locked.
$request = smf_db_query('
SELECT
p.question, p.voting_locked, p.hide_results, p.expire_time, p.max_votes, p.change_vote,
p.guest_vote, p.id_member, IFNULL(mem.real_name, p.poster_name) AS poster_name, p.num_guest_voters, p.reset_poll
FROM {db_prefix}polls AS p
LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = p.id_member)
WHERE p.id_poll = {int:id_poll}
LIMIT 1', array('id_poll' => $topicinfo['id_poll']));
$pollinfo = mysql_fetch_assoc($request);
mysql_free_result($request);
$request = smf_db_query('
SELECT COUNT(DISTINCT id_member) AS total
FROM {db_prefix}log_polls
WHERE id_poll = {int:id_poll}
AND id_member != {int:not_guest}', array('id_poll' => $topicinfo['id_poll'], 'not_guest' => 0));
list($pollinfo['total']) = mysql_fetch_row($request);
mysql_free_result($request);
// Total voters needs to include guest voters
$pollinfo['total'] += $pollinfo['num_guest_voters'];
// Get all the options, and calculate the total votes.
$request = smf_db_query('
SELECT pc.id_choice, pc.label, pc.votes, IFNULL(lp.id_choice, -1) AS voted_this
FROM {db_prefix}poll_choices AS pc
LEFT JOIN {db_prefix}log_polls AS lp ON (lp.id_choice = pc.id_choice AND lp.id_poll = {int:id_poll} AND lp.id_member = {int:current_member} AND lp.id_member != {int:not_guest})
WHERE pc.id_poll = {int:id_poll}', array('current_member' => $user_info['id'], 'id_poll' => $topicinfo['id_poll'], 'not_guest' => 0));
$pollOptions = array();
$realtotal = 0;
$pollinfo['has_voted'] = false;
while ($row = mysql_fetch_assoc($request)) {
censorText($row['label']);
$pollOptions[$row['id_choice']] = $row;
$realtotal += $row['votes'];
$pollinfo['has_voted'] |= $row['voted_this'] != -1;
}
mysql_free_result($request);
// If this is a guest we need to do our best to work out if they have voted, and what they voted for.
if ($user_info['is_guest'] && $pollinfo['guest_vote'] && allowedTo('poll_vote')) {
if (!empty($_COOKIE['guest_poll_vote']) && preg_match('~^[0-9,;]+$~', $_COOKIE['guest_poll_vote']) && strpos($_COOKIE['guest_poll_vote'], ';' . $topicinfo['id_poll'] . ',') !== false) {
// ;id,timestamp,[vote,vote...]; etc
$guestinfo = explode(';', $_COOKIE['guest_poll_vote']);
// Find the poll we're after.
foreach ($guestinfo as $i => $guestvoted) {
$guestvoted = explode(',', $guestvoted);
if ($guestvoted[0] == $topicinfo['id_poll']) {
break;
}
}
// Has the poll been reset since guest voted?
if ($pollinfo['reset_poll'] > $guestvoted[1]) {
// Remove the poll info from the cookie to allow guest to vote again
unset($guestinfo[$i]);
if (!empty($guestinfo)) {
$_COOKIE['guest_poll_vote'] = ';' . implode(';', $guestinfo);
} else {
unset($_COOKIE['guest_poll_vote']);
}
} else {
// What did they vote for?
unset($guestvoted[0], $guestvoted[1]);
foreach ($pollOptions as $choice => $details) {
$pollOptions[$choice]['voted_this'] = in_array($choice, $guestvoted) ? 1 : -1;
$pollinfo['has_voted'] |= $pollOptions[$choice]['voted_this'] != -1;
}
unset($choice, $details, $guestvoted);
}
unset($guestinfo, $guestvoted, $i);
}
}
// Set up the basic poll information.
$context['poll'] = array('id' => $topicinfo['id_poll'], 'image' => 'normal_' . (empty($pollinfo['voting_locked']) ? 'poll' : 'locked_poll'), 'question' => parse_bbc($pollinfo['question']), 'total_votes' => $pollinfo['total'], 'change_vote' => !empty($pollinfo['change_vote']), 'is_locked' => !empty($pollinfo['voting_locked']), 'options' => array(), 'lock' => allowedTo('poll_lock_any') || $context['user']['started'] && allowedTo('poll_lock_own'), 'edit' => allowedTo('poll_edit_any') || $context['user']['started'] && allowedTo('poll_edit_own'), 'allowed_warning' => $pollinfo['max_votes'] > 1 ? sprintf($txt['poll_options6'], min(count($pollOptions), $pollinfo['max_votes'])) : '', 'is_expired' => !empty($pollinfo['expire_time']) && $pollinfo['expire_time'] < time(), 'expire_time' => !empty($pollinfo['expire_time']) ? timeformat($pollinfo['expire_time']) : 0, 'has_voted' => !empty($pollinfo['has_voted']), 'starter' => array('id' => $pollinfo['id_member'], 'name' => $row['poster_name'], 'href' => $pollinfo['id_member'] == 0 ? '' : $scripturl . '?action=profile;u=' . $pollinfo['id_member'], 'link' => $pollinfo['id_member'] == 0 ? $row['poster_name'] : '<a href="' . $scripturl . '?action=profile;u=' . $pollinfo['id_member'] . '">' . $row['poster_name'] . '</a>'));
// Make the lock and edit permissions defined above more directly accessible.
$context['allow_lock_poll'] = $context['poll']['lock'];
$context['allow_edit_poll'] = $context['poll']['edit'];
// You're allowed to vote if:
// 1. the poll did not expire, and
// 2. you're either not a guest OR guest voting is enabled... and
// 3. you're not trying to view the results, and
// 4. the poll is not locked, and
// 5. you have the proper permissions, and
// 6. you haven't already voted before.
$context['allow_vote'] = !$context['poll']['is_expired'] && (!$user_info['is_guest'] || $pollinfo['guest_vote'] && allowedTo('poll_vote')) && empty($pollinfo['voting_locked']) && allowedTo('poll_vote') && !$context['poll']['has_voted'];
// You're allowed to view the results if:
// 1. you're just a super-nice-guy, or
// 2. anyone can see them (hide_results == 0), or
// 3. you can see them after you voted (hide_results == 1), or
// 4. you've waited long enough for the poll to expire. (whether hide_results is 1 or 2.)
$context['allow_poll_view'] = allowedTo('moderate_board') || $pollinfo['hide_results'] == 0 || $pollinfo['hide_results'] == 1 && $context['poll']['has_voted'] || $context['poll']['is_expired'];
$context['poll']['show_results'] = $context['allow_poll_view'] && (isset($_REQUEST['viewresults']) || isset($_REQUEST['viewResults']));
$context['show_view_results_button'] = $context['allow_vote'] && (!$context['allow_poll_view'] || !$context['poll']['show_results'] || !$context['poll']['has_voted']);
// You're allowed to change your vote if:
// 1. the poll did not expire, and
// 2. you're not a guest... and
// 3. the poll is not locked, and
// 4. you have the proper permissions, and
// 5. you have already voted, and
// 6. the poll creator has said you can!
$context['allow_change_vote'] = !$context['poll']['is_expired'] && !$user_info['is_guest'] && empty($pollinfo['voting_locked']) && allowedTo('poll_vote') && $context['poll']['has_voted'] && $context['poll']['change_vote'];
// You're allowed to return to voting options if:
// 1. you are (still) allowed to vote.
// 2. you are currently seeing the results.
$context['allow_return_vote'] = $context['allow_vote'] && $context['poll']['show_results'];
// Calculate the percentages and bar lengths...
$divisor = $realtotal == 0 ? 1 : $realtotal;
// Determine if a decimal point is needed in order for the options to add to 100%.
$precision = $realtotal == 100 ? 0 : 1;
// Now look through each option, and...
foreach ($pollOptions as $i => $option) {
// First calculate the percentage, and then the width of the bar...
$bar = round($option['votes'] * 100 / $divisor, $precision);
$barWide = $bar == 0 ? 1 : floor($bar * 8 / 3);
// Now add it to the poll's contextual theme data.
$context['poll']['options'][$i] = array('id' => 'options-' . $i, 'percent' => $bar, 'votes' => $option['votes'], 'voted_this' => $option['voted_this'] != -1, 'bar' => '<span style="white-space: nowrap;"><img src="' . $settings['images_url'] . '/poll_' . ($context['right_to_left'] ? 'right' : 'left') . '.gif" alt="" /><img src="' . $settings['images_url'] . '/poll_middle.gif" width="' . $barWide . '" height="12" alt="-" /><img src="' . $settings['images_url'] . '/poll_' . ($context['right_to_left'] ? 'left' : 'right') . '.gif" alt="" /></span>', 'bar_ndt' => $bar > 0 ? '<div class="bar" style="width: ' . ($bar * 3.5 + 4) . 'px;"></div>' : '', 'bar_width' => $barWide, 'option' => parse_bbc($option['label']), 'vote_button' => '<input type="' . ($pollinfo['max_votes'] > 1 ? 'checkbox' : 'radio') . '" name="options[]" id="options-' . $i . '" value="' . $i . '" class="input_' . ($pollinfo['max_votes'] > 1 ? 'check' : 'radio') . '" />');
}
}
// Calculate the fastest way to get the messages!
$ascending = empty($options['view_newest_first']);
$start = $_REQUEST['start'];
$limit = $context['messages_per_page'];
$firstIndex = 0;
if ($start >= $context['total_visible_posts'] / 2 && $context['messages_per_page'] != -1) {
$ascending = !$ascending;
$limit = $context['total_visible_posts'] <= $start + $limit ? $context['total_visible_posts'] - $start : $limit;
$start = $context['total_visible_posts'] <= $start + $limit ? 0 : $context['total_visible_posts'] - $start - $limit;
$firstIndex = $limit - 1;
}
if (!isset($_REQUEST['perma'])) {
// Get each post and poster in this topic.
$request = smf_db_query('
SELECT id_msg, id_member, approved
FROM {db_prefix}messages
WHERE id_topic = {int:current_topic}' . (!$modSettings['postmod_active'] || allowedTo('approve_posts') ? '' : (!empty($modSettings['db_mysql_group_by_fix']) ? '' : '
GROUP BY id_msg') . '
HAVING (approved = {int:is_approved}' . ($user_info['is_guest'] ? '' : ' OR id_member = {int:current_member}') . ')') . '
ORDER BY id_msg ' . ($ascending ? '' : 'DESC') . ($context['messages_per_page'] == -1 ? '' : '
LIMIT ' . $start . ', ' . $limit), array('current_member' => $user_info['id'], 'current_topic' => $topic, 'is_approved' => 1, 'blank_id_member' => 0));
$messages = array();
$all_posters = array();
while ($row = mysql_fetch_assoc($request)) {
if (!empty($row['id_member'])) {
$all_posters[$row['id_msg']] = $row['id_member'];
}
$messages[] = $row['id_msg'];
}
mysql_free_result($request);
$posters[$context['topic_first_message']] = $context['topic_starter_id'];
$posters = array_unique($all_posters);
} else {
$request = smf_db_query('
SELECT id_member, approved
FROM {db_prefix}messages
WHERE id_msg = {int:id_msg}', array('id_msg' => $virtual_msg));
list($id_member, $approved) = mysql_fetch_row($request);
mysql_free_result($request);
EoS_Smarty::loadTemplate('topic/topic_singlepost');
//loadTemplate('DisplaySingle');
$context['sub_template'] = isset($_REQUEST['xml']) ? 'single_post_xml' : 'single_post';
if (isset($_REQUEST['xml'])) {
$context['template_layers'] = array();
header('Content-Type: text/xml; charset=UTF-8');
}
$messages = array($virtual_msg);
$posters[$virtual_msg] = $id_member;
}
// Guests can't mark topics read or for notifications, just can't sorry.
if (!$user_info['is_guest']) {
$mark_at_msg = max($messages);
if ($mark_at_msg >= $topicinfo['id_last_msg']) {
$mark_at_msg = $modSettings['maxMsgID'];
}
if ($mark_at_msg >= $topicinfo['new_from']) {
smf_db_insert($topicinfo['new_from'] == 0 ? 'ignore' : 'replace', '{db_prefix}log_topics', array('id_member' => 'int', 'id_topic' => 'int', 'id_msg' => 'int'), array($user_info['id'], $topic, $mark_at_msg), array('id_member', 'id_topic'));
}
// Check for notifications on this topic OR board.
$request = smf_db_query('
SELECT sent, id_topic
FROM {db_prefix}log_notify
WHERE (id_topic = {int:current_topic} OR id_board = {int:current_board})
AND id_member = {int:current_member}
LIMIT 2', array('current_board' => $board, 'current_member' => $user_info['id'], 'current_topic' => $topic));
$do_once = true;
while ($row = mysql_fetch_assoc($request)) {
// Find if this topic is marked for notification...
if (!empty($row['id_topic'])) {
$context['is_marked_notify'] = true;
}
// Only do this once, but mark the notifications as "not sent yet" for next time.
if (!empty($row['sent']) && $do_once) {
smf_db_query('
UPDATE {db_prefix}log_notify
SET sent = {int:is_not_sent}
WHERE (id_topic = {int:current_topic} OR id_board = {int:current_board})
AND id_member = {int:current_member}', array('current_board' => $board, 'current_member' => $user_info['id'], 'current_topic' => $topic, 'is_not_sent' => 0));
$do_once = false;
}
}
// Have we recently cached the number of new topics in this board, and it's still a lot?
if (isset($_REQUEST['topicseen']) && isset($_SESSION['topicseen_cache'][$board]) && $_SESSION['topicseen_cache'][$board] > 5) {
$_SESSION['topicseen_cache'][$board]--;
} elseif (isset($_REQUEST['topicseen'])) {
// Use the mark read tables... and the last visit to figure out if this should be read or not.
$request = smf_db_query('
SELECT COUNT(*)
FROM {db_prefix}topics AS t
LEFT JOIN {db_prefix}log_boards AS lb ON (lb.id_board = {int:current_board} AND lb.id_member = {int:current_member})
LEFT JOIN {db_prefix}log_topics AS lt ON (lt.id_topic = t.id_topic AND lt.id_member = {int:current_member})
WHERE t.id_board = {int:current_board}
AND t.id_last_msg > IFNULL(lb.id_msg, 0)
AND t.id_last_msg > IFNULL(lt.id_msg, 0)' . (empty($_SESSION['id_msg_last_visit']) ? '' : '
AND t.id_last_msg > {int:id_msg_last_visit}'), array('current_board' => $board, 'current_member' => $user_info['id'], 'id_msg_last_visit' => (int) $_SESSION['id_msg_last_visit']));
list($numNewTopics) = mysql_fetch_row($request);
mysql_free_result($request);
// If there're no real new topics in this board, mark the board as seen.
if (empty($numNewTopics)) {
$_REQUEST['boardseen'] = true;
} else {
$_SESSION['topicseen_cache'][$board] = $numNewTopics;
}
} elseif (isset($_SESSION['topicseen_cache'][$board])) {
$_SESSION['topicseen_cache'][$board]--;
}
// Mark board as seen if we came using last post link from BoardIndex. (or other places...)
if (isset($_REQUEST['boardseen'])) {
smf_db_insert('replace', '{db_prefix}log_boards', array('id_msg' => 'int', 'id_member' => 'int', 'id_board' => 'int'), array($modSettings['maxMsgID'], $user_info['id'], $board), array('id_member', 'id_board'));
}
}
$attachments = array();
// deal with possible sticky posts and different postbit layouts for
// the first post
// topic.id_layout meanings: bit 0-6 > layout id, bit 7 > first post sticky on every page.
// don't blame me for using bit magic here. I'm a C guy and a 8bits can store more than just one bool :P
$layout = (int) ($topicinfo['id_layout'] & 0x7f);
$postbit_classes =& EoS_Smarty::getConfigInstance()->getPostbitClasses();
// set defaults...
$context['postbit_callbacks'] = array('firstpost' => 'template_postbit_normal', 'post' => 'template_postbit_normal');
$context['postbit_template_class'] = array('firstpost' => $postbit_classes['normal'], 'post' => $postbit_classes['normal']);
if ($topicinfo['id_layout']) {
$this_start = isset($_REQUEST['perma']) ? 0 : (int) $_REQUEST['start'];
if ((int) $topicinfo['id_layout'] & 0x80) {
if ($this_start > 0) {
array_unshift($messages, intval($topicinfo['id_first_msg']));
}
$context['postbit_callbacks']['firstpost'] = $layout == 0 ? 'template_postbit_normal' : ($layout == 2 ? 'template_postbit_clean' : 'template_postbit_lean');
$context['postbit_callbacks']['post'] = $layout == 2 ? 'template_postbit_comment' : 'template_postbit_normal';
$context['postbit_template_class']['firstpost'] = $layout == 0 ? $postbit_classes['normal'] : ($layout == 2 ? $postbit_classes['article'] : $postbit_classes['lean']);
$context['postbit_template_class']['post'] = $layout == 2 ? $postbit_classes['commentstyle'] : $postbit_classes['normal'];
} elseif ($layout) {
$context['postbit_callbacks']['firstpost'] = $layout == 0 || $this_start != 0 ? 'template_postbit_normal' : ($layout == 2 ? 'template_postbit_clean' : 'template_postbit_lean');
$context['postbit_callbacks']['post'] = $layout == 2 ? 'template_postbit_comment' : 'template_postbit_normal';
$context['postbit_template_class']['firstpost'] = $layout == 0 || $this_start != 0 ? $postbit_classes['normal'] : ($layout == 2 ? $postbit_classes['article'] : $postbit_classes['lean']);
$context['postbit_template_class']['post'] = $layout == 2 ? $postbit_classes['commentstyle'] : $postbit_classes['normal'];
}
}
// now we know which display template we need
if (!isset($_REQUEST['perma'])) {
EoS_Smarty::loadTemplate($layout > 1 ? 'topic/topic_page' : 'topic/topic');
}
/*
if($user_info['is_admin']) {
EoS_Smarty::init();
if(!isset($_REQUEST['perma']))
EoS_Smarty::loadTemplate($layout > 1 ? 'topic_page' : 'topic');
}
else {
if(!isset($_REQUEST['perma']))
loadTemplate($layout > 1 ? 'DisplayPage' : 'Display');
loadTemplate('Postbit');
}
*/
// If there _are_ messages here... (probably an error otherwise :!)
if (!empty($messages)) {
// Fetch attachments.
if (!empty($modSettings['attachmentEnable']) && allowedTo('view_attachments')) {
$request = smf_db_query('
SELECT
a.id_attach, a.id_folder, a.id_msg, a.filename, a.file_hash, IFNULL(a.size, 0) AS filesize, a.downloads, a.approved,
a.width, a.height' . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : ',
IFNULL(thumb.id_attach, 0) AS id_thumb, thumb.width AS thumb_width, thumb.height AS thumb_height') . '
FROM {db_prefix}attachments AS a' . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : '
LEFT JOIN {db_prefix}attachments AS thumb ON (thumb.id_attach = a.id_thumb)') . '
WHERE a.id_msg IN ({array_int:message_list})
AND a.attachment_type = {int:attachment_type}', array('message_list' => $messages, 'attachment_type' => 0, 'is_approved' => 1));
$temp = array();
while ($row = mysql_fetch_assoc($request)) {
if (!$row['approved'] && $modSettings['postmod_active'] && !allowedTo('approve_posts') && (!isset($all_posters[$row['id_msg']]) || $all_posters[$row['id_msg']] != $user_info['id'])) {
continue;
}
$temp[$row['id_attach']] = $row;
if (!isset($attachments[$row['id_msg']])) {
$attachments[$row['id_msg']] = array();
}
}
mysql_free_result($request);
// This is better than sorting it with the query...
ksort($temp);
foreach ($temp as $row) {
$attachments[$row['id_msg']][] = $row;
}
}
// What? It's not like it *couldn't* be only guests in this topic...
if (!isset($posters[$context['topic_starter_id']])) {
$posters[] = $context['topic_starter_id'];
}
if (!empty($posters)) {
loadMemberData($posters);
}
if (!isset($user_profile[$context['topic_starter_id']])) {
$context['topicstarter']['name'] = $topicinfo['poster_name'];
$context['topicstarter']['id'] = 0;
$context['topicstarter']['group'] = $txt['guest_title'];
$context['topicstarter']['link'] = $topicinfo['poster_name'];
$context['topicstarter']['email'] = $topicinfo['poster_email'];
$context['topicstarter']['show_email'] = showEmailAddress(true, 0);
$context['topicstarter']['is_guest'] = true;
$context['topicstarter']['avatar'] = array();
} else {
loadMemberContext($context['topic_starter_id'], true);
$context['topicstarter'] =& $memberContext[$context['topic_starter_id']];
}
$context['topicstarter']['start_time'] = timeformat($topicinfo['first_post_time']);
$sql_what = '
m.id_msg, m.icon, m.subject, m.poster_time, m.poster_ip, m.id_member, m.modified_time, m.modified_name, m.body, mc.body AS cached_body,
m.smileys_enabled, m.poster_name, m.poster_email, m.approved, m.locked,' . (!empty($modSettings['karmaMode']) ? 'c.likes_count, c.like_status, c.updated AS like_updated, l.rtype AS liked,' : '0 AS likes_count, 0 AS like_status, 0 AS like_updated, 0 AS liked,') . '
m.id_msg_modified < {int:new_from} AS is_read';
$sql_from_tables = '
FROM {db_prefix}messages AS m';
$sql_from_joins = (!empty($modSettings['karmaMode']) ? '
LEFT JOIN {db_prefix}likes AS l ON (l.id_msg = m.id_msg AND l.ctype = 1 AND l.id_user = {int:id_user})
LEFT JOIN {db_prefix}like_cache AS c ON (c.id_msg = m.id_msg AND c.ctype = 1)' : '') . '
LEFT JOIN {db_prefix}messages_cache AS mc on mc.id_msg = m.id_msg AND mc.style = {int:style} AND mc.lang = {int:lang}';
$sql_array = array('message_list' => $messages, 'new_from' => $topicinfo['new_from'], 'style' => $user_info['smiley_set_id'], 'lang' => $user_info['language_id'], 'id_user' => $user_info['id']);
HookAPI::callHook('display_messagerequest', array(&$sql_what, &$sql_from_tables, &$sql_from_joins, &$sql_array));
$messages_request = smf_db_query('
SELECT ' . $sql_what . ' ' . $sql_from_tables . $sql_from_joins . '
WHERE m.id_msg IN ({array_int:message_list})
ORDER BY m.id_msg' . (empty($options['view_newest_first']) ? '' : ' DESC'), $sql_array);
// Go to the last message if the given time is beyond the time of the last message.
if (isset($context['start_from']) && $context['start_from'] >= $topicinfo['num_replies']) {
$context['start_from'] = $topicinfo['num_replies'];
}
// Since the anchor information is needed on the top of the page we load these variables beforehand.
$context['first_message'] = isset($messages[$firstIndex]) ? $messages[$firstIndex] : $messages[0];
if (empty($options['view_newest_first'])) {
$context['first_new_message'] = isset($context['start_from']) && $_REQUEST['start'] == $context['start_from'];
} else {
$context['first_new_message'] = isset($context['start_from']) && $_REQUEST['start'] == $topicinfo['num_replies'] - $context['start_from'];
}
} else {
$messages_request = false;
$context['first_message'] = 0;
$context['first_new_message'] = false;
}
$context['jump_to'] = array('label' => addslashes(un_htmlspecialchars($txt['jump_to'])), 'board_name' => htmlspecialchars(strtr(strip_tags($board_info['name']), array('&' => '&'))), 'child_level' => $board_info['child_level']);
// Set the callback. (do you REALIZE how much memory all the messages would take?!?)
$context['get_message'] = 'prepareDisplayContext';
// Now set all the wonderful, wonderful permissions... like moderation ones...
$common_permissions = array('can_approve' => 'approve_posts', 'can_ban' => 'manage_bans', 'can_sticky' => 'make_sticky', 'can_merge' => 'merge_any', 'can_split' => 'split_any', 'calendar_post' => 'calendar_post', 'can_mark_notify' => 'mark_any_notify', 'can_send_topic' => 'send_topic', 'can_send_pm' => 'pm_send', 'can_report_moderator' => 'report_any', 'can_moderate_forum' => 'moderate_forum', 'can_issue_warning' => 'issue_warning', 'can_restore_topic' => 'move_any', 'can_restore_msg' => 'move_any');
foreach ($common_permissions as $contextual => $perm) {
$context[$contextual] = allowedTo($perm);
}
// Permissions with _any/_own versions. $context[YYY] => ZZZ_any/_own.
$anyown_permissions = array('can_move' => 'move', 'can_lock' => 'lock', 'can_delete' => 'remove', 'can_add_poll' => 'poll_add', 'can_remove_poll' => 'poll_remove', 'can_reply' => 'post_reply', 'can_reply_unapproved' => 'post_unapproved_replies');
foreach ($anyown_permissions as $contextual => $perm) {
$context[$contextual] = allowedTo($perm . '_any') || $context['user']['started'] && allowedTo($perm . '_own');
}
$context['can_add_tags'] = $context['user']['started'] && allowedTo('smftags_add') || allowedTo('smftags_manage');
$context['can_delete_tags'] = $context['user']['started'] && allowedTo('smftags_del') || allowedTo('smftags_manage');
$context['can_moderate_board'] = allowedTo('moderate_board');
$context['can_modify_any'] = allowedTo('modify_any');
$context['can_modify_replies'] = allowedTo('modify_replies');
$context['can_modify_own'] = allowedTo('modify_own');
$context['can_delete_any'] = allowedTo('delete_any');
$context['can_delete_replies'] = allowedTo('delete_replies');
$context['can_delete_own'] = allowedTo('delete_own');
$context['use_share'] = !$user_info['possibly_robot'] && allowedTo('use_share') && ($context['user']['is_guest'] || (empty($options['use_share_bar']) ? 1 : !$options['use_share_bar']));
$context['can_unapprove'] = $context['can_approve'] && !empty($modSettings['postmod_active']);
$context['can_profile_view_any'] = allowedTo('profile_view_any');
$context['can_profile_view_own'] = allowedTo('profile_view_own');
$context['is_banned_from_topic'] = !$user_info['is_admin'] && !$context['can_moderate_forum'] && !$context['can_moderate_board'] && (!empty($context['topic_banned_members']) ? in_array($user_info['id'], $context['topic_banned_members']) : false);
$context['banned_notice'] = $context['is_banned_from_topic'] ? $txt['topic_banned_notice'] : '';
// Cleanup all the permissions with extra stuff...
$context['can_mark_notify'] &= !$context['user']['is_guest'];
$context['can_sticky'] &= !empty($modSettings['enableStickyTopics']);
$context['calendar_post'] &= !empty($modSettings['cal_enabled']);
$context['can_add_poll'] &= $modSettings['pollMode'] == '1' && $topicinfo['id_poll'] <= 0;
$context['can_remove_poll'] &= $modSettings['pollMode'] == '1' && $topicinfo['id_poll'] > 0;
$context['can_reply'] &= empty($topicinfo['locked']) || allowedTo('moderate_board');
$context['can_reply_unapproved'] &= $modSettings['postmod_active'] && (empty($topicinfo['locked']) || allowedTo('moderate_board'));
$context['can_issue_warning'] &= in_array('w', $context['admin_features']) && $modSettings['warning_settings'][0] == 1;
// Handle approval flags...
$context['can_reply_approved'] = $context['can_reply'];
$context['can_reply'] |= $context['can_reply_unapproved'];
$context['can_quote'] = $context['can_reply'] && (empty($modSettings['disabledBBC']) || !in_array('quote', explode(',', $modSettings['disabledBBC'])));
$context['can_mark_unread'] = !$user_info['is_guest'] && $settings['show_mark_read'];
$context['can_send_topic'] = (!$modSettings['postmod_active'] || $topicinfo['approved']) && allowedTo('send_topic');
// Start this off for quick moderation - it will be or'd for each post.
$context['can_remove_post'] = allowedTo('delete_any') || allowedTo('delete_replies') && $context['user']['started'];
// Can restore topic? That's if the topic is in the recycle board and has a previous restore state.
$context['can_restore_topic'] &= !empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] == $board && !empty($topicinfo['id_previous_board']);
$context['can_restore_msg'] &= !empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] == $board && !empty($topicinfo['id_previous_topic']);
if ($context['is_banned_from_topic']) {
$context['can_add_tags'] = $context['can_delete_tags'] = $context['can_modify_any'] = $context['can_modify_replies'] = $context['can_modify_own'] = $context['can_delete_any'] = $context['can_delete_replies'] = $context['can_delete_own'] = $context['can_lock'] = $context['can_sticky'] = $context['calendar_post'] = $context['can_add_poll'] = $context['can_remove_poll'] = $context['can_reply'] = $context['can_reply_unapproved'] = $context['can_quote'] = $context['can_remove_post'] = false;
}
// Load up the "double post" sequencing magic.
if (!empty($options['display_quick_reply'])) {
checkSubmitOnce('register');
$context['name'] = isset($_SESSION['guest_name']) ? $_SESSION['guest_name'] : '';
$context['email'] = isset($_SESSION['guest_email']) ? $_SESSION['guest_email'] : '';
}
// todo: drafts -> plugin
$context['can_save_draft'] = false;
//$context['can_reply'] && !$context['user']['is_guest'] && in_array('dr', $context['admin_features']) && !empty($options['use_drafts']) && allowedTo('drafts_allow');
$context['can_autosave_draft'] = false;
//$context['can_save_draft'] && !empty($modSettings['enableAutoSaveDrafts']) && allowedTo('drafts_autosave_allow');
enqueueThemeScript('topic', 'scripts/topic.js', true);
if ($context['can_autosave_draft']) {
enqueueThemeScript('drafts', 'scripts/drafts.js', true);
}
$context['can_moderate_member'] = $context['can_issue_warning'] || $context['can_moderate_board'];
$context['topic_has_banned_members_msg'] = $context['topic_banned_members_count'] > 0 && $context['can_moderate_board'] ? sprintf($txt['topic_has_bans_msg'], URL::parse('?action=moderate;area=topicbans;sa=bytopic;t=' . $topic)) : '';
if (EoS_Smarty::isActive()) {
if (isset($context['poll'])) {
$context['poll_buttons'] = array('vote' => array('test' => 'allow_return_vote', 'text' => 'poll_return_vote', 'image' => 'poll_options.gif', 'lang' => true, 'url' => $scripturl . '?topic=' . $context['current_topic'] . '.' . $context['start']), 'results' => array('test' => 'show_view_results_button', 'text' => 'poll_results', 'image' => 'poll_results.gif', 'lang' => true, 'url' => $scripturl . '?topic=' . $context['current_topic'] . '.' . $context['start'] . ';viewresults'), 'change_vote' => array('test' => 'allow_change_vote', 'text' => 'poll_change_vote', 'image' => 'poll_change_vote.gif', 'lang' => true, 'url' => $scripturl . '?action=vote;topic=' . $context['current_topic'] . '.' . $context['start'] . ';poll=' . $context['poll']['id'] . ';' . $context['session_var'] . '=' . $context['session_id']), 'lock' => array('test' => 'allow_lock_poll', 'text' => !$context['poll']['is_locked'] ? 'poll_lock' : 'poll_unlock', 'image' => 'poll_lock.gif', 'lang' => true, 'url' => $scripturl . '?action=lockvoting;topic=' . $context['current_topic'] . '.' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id']), 'edit' => array('test' => 'allow_edit_poll', 'text' => 'poll_edit', 'image' => 'poll_edit.gif', 'lang' => true, 'url' => $scripturl . '?action=editpoll;topic=' . $context['current_topic'] . '.' . $context['start']), 'remove_poll' => array('test' => 'can_remove_poll', 'text' => 'poll_remove', 'image' => 'admin_remove_poll.gif', 'lang' => true, 'custom' => 'onclick="return Eos_Confirm(\'\', \'' . $txt['poll_remove_warn'] . '\', $(this).attr(\'href\'));"', 'url' => $scripturl . '?action=removepoll;topic=' . $context['current_topic'] . '.' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id']));
}
$context['normal_buttons'] = array('reply' => array('test' => 'can_reply', 'text' => 'reply', 'custom' => 'onclick="return oQuickReply.quote(0);" ', 'image' => 'reply.gif', 'lang' => true, 'url' => $scripturl . '?action=post;topic=' . $context['current_topic'] . '.' . $context['start'] . ';last_msg=' . $context['topic_last_message'], 'active' => true), 'add_poll' => array('test' => 'can_add_poll', 'text' => 'add_poll', 'image' => 'add_poll.gif', 'lang' => true, 'url' => $scripturl . '?action=editpoll;add;topic=' . $context['current_topic'] . '.' . $context['start']), 'mark_unread' => array('test' => 'can_mark_unread', 'text' => 'mark_unread', 'image' => 'markunread.gif', 'lang' => true, 'url' => $scripturl . '?action=markasread;sa=topic;t=' . $context['mark_unread_time'] . ';topic=' . $context['current_topic'] . '.' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id']));
HookAPI::callHook('integrate_display_buttons', array(&$context['normal_buttons']));
$remove_url = $scripturl . '?action=removetopic2;topic=' . $context['current_topic'] . '.0;' . $context['session_var'] . '=' . $context['session_id'];
$context['mod_buttons'] = array('move' => array('test' => 'can_move', 'text' => 'move_topic', 'image' => 'admin_move.gif', 'lang' => true, 'url' => $scripturl . '?action=movetopic;topic=' . $context['current_topic'] . '.0'), 'delete' => array('test' => 'can_delete', 'text' => 'remove_topic', 'image' => 'admin_rem.gif', 'lang' => true, 'custom' => 'onclick="return Eos_Confirm(\'\',\'' . $txt['are_sure_remove_topic'] . '\',\'' . $remove_url . '\');"', 'url' => $remove_url), 'lock' => array('test' => 'can_lock', 'text' => empty($context['is_locked']) ? 'set_lock' : 'set_unlock', 'image' => 'admin_lock.gif', 'lang' => true, 'url' => $scripturl . '?action=lock;topic=' . $context['current_topic'] . '.' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id']), 'sticky' => array('test' => 'can_sticky', 'text' => empty($context['is_sticky']) ? 'set_sticky' : 'set_nonsticky', 'image' => 'admin_sticky.gif', 'lang' => true, 'url' => $scripturl . '?action=sticky;topic=' . $context['current_topic'] . '.' . $context['start'] . ';' . $context['session_var'] . '=' . $context['session_id']), 'merge' => array('test' => 'can_merge', 'text' => 'merge', 'image' => 'merge.gif', 'lang' => true, 'url' => $scripturl . '?action=mergetopics;board=' . $context['current_board'] . '.0;from=' . $context['current_topic']), 'calendar' => array('test' => 'calendar_post', 'text' => 'calendar_link', 'image' => 'linktocal.gif', 'lang' => true, 'url' => $scripturl . '?action=post;calendar;msg=' . $context['topic_first_message'] . ';topic=' . $context['current_topic'] . '.0'));
// Restore topic. eh? No monkey business.
if ($context['can_restore_topic']) {
$context['mod_buttons'][] = array('text' => 'restore_topic', 'image' => '', 'lang' => true, 'url' => $scripturl . '?action=restoretopic;topics=' . $context['current_topic'] . ';' . $context['session_var'] . '=' . $context['session_id']);
}
// Allow adding new mod buttons easily.
HookAPI::callHook('integrate_mod_buttons', array(&$context['mod_buttons']));
$context['message_ids'] = $messages;
$context['perma_request'] = isset($_REQUEST['perma']) ? true : false;
$context['mod_buttons_style'] = array('id' => 'moderationbuttons_strip', 'class' => 'buttonlist');
$context['full_members_viewing_list'] = empty($context['view_members_list']) ? '0 ' . $txt['members'] : implode(', ', $context['view_members_list']) . (empty($context['view_num_hidden']) || $context['can_moderate_forum'] ? '' : ' (+ ' . $context['view_num_hidden'] . ' ' . $txt['hidden'] . ')');
}
fetchNewsItems($board, $topic);
HookAPI::callHook('display_general', array());
/*
* $message is always available in templates as global variable
* prepareDisplayContext() just repopulates it and is called from
* the topic display template via $SUPPORT object callback.
*/
EoS_Smarty::getSmartyInstance()->assignByRef('message', $output);
}
function Post2()
{
global $board, $topic, $txt, $modSettings, $sourcedir, $context;
global $user_info, $board_info, $options, $smcFunc;
// Sneaking off, are we?
if (empty($_POST) && empty($topic)) {
redirectexit('action=post;board=' . $board . '.0');
} elseif (empty($_POST) && !empty($topic)) {
redirectexit('action=post;topic=' . $topic . '.0');
}
// No need!
$context['robot_no_index'] = true;
// If we came from WYSIWYG then turn it back into BBC regardless.
if (!empty($_REQUEST['message_mode']) && isset($_REQUEST['message'])) {
require_once $sourcedir . '/Subs-Editor.php';
$_REQUEST['message'] = html_to_bbc($_REQUEST['message']);
// We need to unhtml it now as it gets done shortly.
$_REQUEST['message'] = un_htmlspecialchars($_REQUEST['message']);
// We need this for everything else.
$_POST['message'] = $_REQUEST['message'];
}
// Previewing? Go back to start.
if (isset($_REQUEST['preview'])) {
return Post();
}
// Prevent double submission of this form.
checkSubmitOnce('check');
// No errors as yet.
$post_errors = array();
// If the session has timed out, let the user re-submit their form.
if (checkSession('post', '', false) != '') {
$post_errors[] = 'session_timeout';
}
// Wrong verification code?
if (!$user_info['is_admin'] && !$user_info['is_mod'] && !empty($modSettings['posts_require_captcha']) && ($user_info['posts'] < $modSettings['posts_require_captcha'] || $user_info['is_guest'] && $modSettings['posts_require_captcha'] == -1)) {
require_once $sourcedir . '/Subs-Editor.php';
$verificationOptions = array('id' => 'post');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
$post_errors = array_merge($post_errors, $context['require_verification']);
}
}
require_once $sourcedir . '/Subs-Post.php';
loadLanguage('Post');
// If this isn't a new topic load the topic info that we need.
if (!empty($topic)) {
$request = $smcFunc['db_query']('', '
SELECT locked, is_sticky, id_poll, approved, id_first_msg, id_last_msg, id_member_started, id_board
FROM {db_prefix}topics
WHERE id_topic = {int:current_topic}
LIMIT 1', array('current_topic' => $topic));
$topic_info = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
// Though the topic should be there, it might have vanished.
if (!is_array($topic_info)) {
fatal_lang_error('topic_doesnt_exist');
}
// Did this topic suddenly move? Just checking...
if ($topic_info['id_board'] != $board) {
fatal_lang_error('not_a_topic');
}
}
// Replying to a topic?
if (!empty($topic) && !isset($_REQUEST['msg'])) {
// Don't allow a post if it's locked.
if ($topic_info['locked'] != 0 && !allowedTo('moderate_board')) {
fatal_lang_error('topic_locked', false);
}
// Sorry, multiple polls aren't allowed... yet. You should stop giving me ideas :P.
if (isset($_REQUEST['poll']) && $topic_info['id_poll'] > 0) {
unset($_REQUEST['poll']);
}
// Do the permissions and approval stuff...
$becomesApproved = true;
if ($topic_info['id_member_started'] != $user_info['id']) {
if ($modSettings['postmod_active'] && allowedTo('post_unapproved_replies_any') && !allowedTo('post_reply_any')) {
$becomesApproved = false;
} else {
isAllowedTo('post_reply_any');
}
} elseif (!allowedTo('post_reply_any')) {
if ($modSettings['postmod_active'] && allowedTo('post_unapproved_replies_own') && !allowedTo('post_reply_own')) {
$becomesApproved = false;
} else {
isAllowedTo('post_reply_own');
}
}
if (isset($_POST['lock'])) {
// Nothing is changed to the lock.
if (empty($topic_info['locked']) && empty($_POST['lock']) || !empty($_POST['lock']) && !empty($topic_info['locked'])) {
unset($_POST['lock']);
} elseif (!allowedTo(array('lock_any', 'lock_own')) || !allowedTo('lock_any') && $user_info['id'] != $topic_info['id_member_started']) {
unset($_POST['lock']);
} elseif (!allowedTo('lock_any')) {
// You cannot override a moderator lock.
if ($topic_info['locked'] == 1) {
unset($_POST['lock']);
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 2;
}
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 1;
}
}
// So you wanna (un)sticky this...let's see.
if (isset($_POST['sticky']) && (empty($modSettings['enableStickyTopics']) || $_POST['sticky'] == $topic_info['is_sticky'] || !allowedTo('make_sticky'))) {
unset($_POST['sticky']);
}
// If the number of replies has changed, if the setting is enabled, go back to Post() - which handles the error.
if (empty($options['no_new_reply_warning']) && isset($_POST['last_msg']) && $topic_info['id_last_msg'] > $_POST['last_msg']) {
$_REQUEST['preview'] = true;
return Post();
}
$posterIsGuest = $user_info['is_guest'];
} elseif (empty($topic)) {
// Now don't be silly, new topics will get their own id_msg soon enough.
unset($_REQUEST['msg'], $_POST['msg'], $_GET['msg']);
// Do like, the permissions, for safety and stuff...
$becomesApproved = true;
if ($modSettings['postmod_active'] && !allowedTo('post_new') && allowedTo('post_unapproved_topics')) {
$becomesApproved = false;
} else {
isAllowedTo('post_new');
}
if (isset($_POST['lock'])) {
// New topics are by default not locked.
if (empty($_POST['lock'])) {
unset($_POST['lock']);
} elseif (!allowedTo(array('lock_any', 'lock_own'))) {
unset($_POST['lock']);
} else {
$_POST['lock'] = allowedTo('lock_any') ? 1 : 2;
}
}
if (isset($_POST['sticky']) && (empty($modSettings['enableStickyTopics']) || empty($_POST['sticky']) || !allowedTo('make_sticky'))) {
unset($_POST['sticky']);
}
$posterIsGuest = $user_info['is_guest'];
} elseif (isset($_REQUEST['msg']) && !empty($topic)) {
$_REQUEST['msg'] = (int) $_REQUEST['msg'];
$request = $smcFunc['db_query']('', '
SELECT id_member, poster_name, poster_email, poster_time, approved
FROM {db_prefix}messages
WHERE id_msg = {int:id_msg}
LIMIT 1', array('id_msg' => $_REQUEST['msg']));
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('cant_find_messages', false);
}
$row = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
if (!empty($topic_info['locked']) && !allowedTo('moderate_board')) {
fatal_lang_error('topic_locked', false);
}
if (isset($_POST['lock'])) {
// Nothing changes to the lock status.
if (empty($_POST['lock']) && empty($topic_info['locked']) || !empty($_POST['lock']) && !empty($topic_info['locked'])) {
unset($_POST['lock']);
} elseif (!allowedTo(array('lock_any', 'lock_own')) || !allowedTo('lock_any') && $user_info['id'] != $topic_info['id_member_started']) {
unset($_POST['lock']);
} elseif (!allowedTo('lock_any')) {
// You're not allowed to break a moderator's lock.
if ($topic_info['locked'] == 1) {
unset($_POST['lock']);
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 2;
}
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 1;
}
}
// Change the sticky status of this topic?
if (isset($_POST['sticky']) && (!allowedTo('make_sticky') || $_POST['sticky'] == $topic_info['is_sticky'])) {
unset($_POST['sticky']);
}
if ($row['id_member'] == $user_info['id'] && !allowedTo('modify_any')) {
if ((!$modSettings['postmod_active'] || $row['approved']) && !empty($modSettings['edit_disable_time']) && $row['poster_time'] + ($modSettings['edit_disable_time'] + 5) * 60 < time()) {
fatal_lang_error('modify_post_time_passed', false);
} elseif ($topic_info['id_member_started'] == $user_info['id'] && !allowedTo('modify_own')) {
isAllowedTo('modify_replies');
} else {
isAllowedTo('modify_own');
}
} elseif ($topic_info['id_member_started'] == $user_info['id'] && !allowedTo('modify_any')) {
isAllowedTo('modify_replies');
// If you're modifying a reply, I say it better be logged...
$moderationAction = true;
} else {
isAllowedTo('modify_any');
// Log it, assuming you're not modifying your own post.
if ($row['id_member'] != $user_info['id']) {
$moderationAction = true;
}
}
$posterIsGuest = empty($row['id_member']);
// Can they approve it?
$can_approve = allowedTo('approve_posts');
$becomesApproved = $modSettings['postmod_active'] ? $can_approve && !$row['approved'] ? !empty($_REQUEST['approve']) ? 1 : 0 : $row['approved'] : 1;
$approve_has_changed = $row['approved'] != $becomesApproved;
if (!allowedTo('moderate_forum') || !$posterIsGuest) {
$_POST['guestname'] = $row['poster_name'];
$_POST['email'] = $row['poster_email'];
}
}
// If the poster is a guest evaluate the legality of name and email.
if ($posterIsGuest) {
$_POST['guestname'] = !isset($_POST['guestname']) ? '' : trim($_POST['guestname']);
$_POST['email'] = !isset($_POST['email']) ? '' : trim($_POST['email']);
if ($_POST['guestname'] == '' || $_POST['guestname'] == '_') {
$post_errors[] = 'no_name';
}
if ($smcFunc['strlen']($_POST['guestname']) > 25) {
$post_errors[] = 'long_name';
}
if (empty($modSettings['guest_post_no_email'])) {
// Only check if they changed it!
if (!isset($row) || $row['poster_email'] != $_POST['email']) {
if (!allowedTo('moderate_forum') && (!isset($_POST['email']) || $_POST['email'] == '')) {
$post_errors[] = 'no_email';
}
if (!allowedTo('moderate_forum') && preg_match('~^[0-9A-Za-z=_+\\-/][0-9A-Za-z=_\'+\\-/\\.]*@[\\w\\-]+(\\.[\\w\\-]+)*(\\.[\\w]{2,6})$~', $_POST['email']) == 0) {
$post_errors[] = 'bad_email';
}
}
// Now make sure this email address is not banned from posting.
isBannedEmail($_POST['email'], 'cannot_post', sprintf($txt['you_are_post_banned'], $txt['guest_title']));
}
// In case they are making multiple posts this visit, help them along by storing their name.
if (empty($post_errors)) {
$_SESSION['guest_name'] = $_POST['guestname'];
$_SESSION['guest_email'] = $_POST['email'];
}
}
// Check the subject and message.
if (!isset($_POST['subject']) || $smcFunc['htmltrim']($smcFunc['htmlspecialchars']($_POST['subject'])) === '') {
$post_errors[] = 'no_subject';
}
if (!isset($_POST['message']) || $smcFunc['htmltrim']($smcFunc['htmlspecialchars']($_POST['message']), ENT_QUOTES) === '') {
$post_errors[] = 'no_message';
} elseif (!empty($modSettings['max_messageLength']) && $smcFunc['strlen']($_POST['message']) > $modSettings['max_messageLength']) {
$post_errors[] = 'long_message';
} else {
// Prepare the message a bit for some additional testing.
$_POST['message'] = $smcFunc['htmlspecialchars']($_POST['message'], ENT_QUOTES);
// Preparse code. (Zef)
if ($user_info['is_guest']) {
$user_info['name'] = $_POST['guestname'];
}
preparsecode($_POST['message']);
// Let's see if there's still some content left without the tags.
if ($smcFunc['htmltrim'](strip_tags(parse_bbc($_POST['message'], false), '<img>')) === '' && (!allowedTo('admin_forum') || strpos($_POST['message'], '[html]') === false)) {
$post_errors[] = 'no_message';
}
}
if (isset($_POST['calendar']) && !isset($_REQUEST['deleteevent']) && $smcFunc['htmltrim']($_POST['evtitle']) === '') {
$post_errors[] = 'no_event';
}
// You are not!
if (isset($_POST['message']) && strtolower($_POST['message']) == 'i am the administrator.' && !$user_info['is_admin']) {
fatal_error('Knave! Masquerader! Charlatan!', false);
}
// Validate the poll...
if (isset($_REQUEST['poll']) && $modSettings['pollMode'] == '1') {
if (!empty($topic) && !isset($_REQUEST['msg'])) {
fatal_lang_error('no_access', false);
}
// This is a new topic... so it's a new poll.
if (empty($topic)) {
isAllowedTo('poll_post');
} elseif ($user_info['id'] == $topic_info['id_member_started'] && !allowedTo('poll_add_any')) {
isAllowedTo('poll_add_own');
} else {
isAllowedTo('poll_add_any');
}
if (!isset($_POST['question']) || trim($_POST['question']) == '') {
$post_errors[] = 'no_question';
}
$_POST['options'] = empty($_POST['options']) ? array() : htmltrim__recursive($_POST['options']);
// Get rid of empty ones.
foreach ($_POST['options'] as $k => $option) {
if ($option == '') {
unset($_POST['options'][$k], $_POST['options'][$k]);
}
}
// What are you going to vote between with one choice?!?
if (count($_POST['options']) < 2) {
$post_errors[] = 'poll_few';
}
}
if ($posterIsGuest) {
// If user is a guest, make sure the chosen name isn't taken.
require_once $sourcedir . '/Subs-Members.php';
if (isReservedName($_POST['guestname'], 0, true, false) && (!isset($row['poster_name']) || $_POST['guestname'] != $row['poster_name'])) {
$post_errors[] = 'bad_name';
}
} elseif (!isset($_REQUEST['msg'])) {
$_POST['guestname'] = $user_info['username'];
$_POST['email'] = $user_info['email'];
}
// Any mistakes?
if (!empty($post_errors)) {
loadLanguage('Errors');
// Previewing.
$_REQUEST['preview'] = true;
$context['post_error'] = array('messages' => array());
foreach ($post_errors as $post_error) {
$context['post_error'][$post_error] = true;
if ($post_error == 'long_message') {
$txt['error_' . $post_error] = sprintf($txt['error_' . $post_error], $modSettings['max_messageLength']);
}
$context['post_error']['messages'][] = $txt['error_' . $post_error];
}
return Post();
}
// Make sure the user isn't spamming the board.
if (!isset($_REQUEST['msg'])) {
spamProtection('post');
}
// At about this point, we're posting and that's that.
ignore_user_abort(true);
@set_time_limit(300);
// Add special html entities to the subject, name, and email.
$_POST['subject'] = strtr($smcFunc['htmlspecialchars']($_POST['subject']), array("\r" => '', "\n" => '', "\t" => ''));
$_POST['guestname'] = htmlspecialchars($_POST['guestname']);
$_POST['email'] = htmlspecialchars($_POST['email']);
// At this point, we want to make sure the subject isn't too long.
if ($smcFunc['strlen']($_POST['subject']) > 100) {
$_POST['subject'] = $smcFunc['substr']($_POST['subject'], 0, 100);
}
// Make the poll...
if (isset($_REQUEST['poll'])) {
// Make sure that the user has not entered a ridiculous number of options..
if (empty($_POST['poll_max_votes']) || $_POST['poll_max_votes'] <= 0) {
$_POST['poll_max_votes'] = 1;
} elseif ($_POST['poll_max_votes'] > count($_POST['options'])) {
$_POST['poll_max_votes'] = count($_POST['options']);
} else {
$_POST['poll_max_votes'] = (int) $_POST['poll_max_votes'];
}
$_POST['poll_expire'] = (int) $_POST['poll_expire'];
$_POST['poll_expire'] = $_POST['poll_expire'] > 9999 ? 9999 : ($_POST['poll_expire'] < 0 ? 0 : $_POST['poll_expire']);
// Just set it to zero if it's not there..
if (!isset($_POST['poll_hide'])) {
$_POST['poll_hide'] = 0;
} else {
$_POST['poll_hide'] = (int) $_POST['poll_hide'];
}
$_POST['poll_change_vote'] = isset($_POST['poll_change_vote']) ? 1 : 0;
$_POST['poll_guest_vote'] = isset($_POST['poll_guest_vote']) ? 1 : 0;
// Make sure guests are actually allowed to vote generally.
if ($_POST['poll_guest_vote']) {
require_once $sourcedir . '/Subs-Members.php';
$allowedVoteGroups = groupsAllowedTo('poll_vote', $board);
if (!in_array(-1, $allowedVoteGroups['allowed'])) {
$_POST['poll_guest_vote'] = 0;
}
}
// If the user tries to set the poll too far in advance, don't let them.
if (!empty($_POST['poll_expire']) && $_POST['poll_expire'] < 1) {
fatal_lang_error('poll_range_error', false);
} elseif (empty($_POST['poll_expire']) && $_POST['poll_hide'] == 2) {
$_POST['poll_hide'] = 1;
}
// Clean up the question and answers.
$_POST['question'] = htmlspecialchars($_POST['question']);
$_POST['question'] = $smcFunc['truncate']($_POST['question'], 255);
$_POST['question'] = preg_replace('~&#(\\d{4,5}|[2-9]\\d{2,4}|1[2-9]\\d);~', '&#$1;', $_POST['question']);
$_POST['options'] = htmlspecialchars__recursive($_POST['options']);
}
// Check if they are trying to delete any current attachments....
if (isset($_REQUEST['msg'], $_POST['attach_del']) && (allowedTo('post_attachment') || $modSettings['postmod_active'] && allowedTo('post_unapproved_attachments'))) {
$del_temp = array();
foreach ($_POST['attach_del'] as $i => $dummy) {
$del_temp[$i] = (int) $dummy;
}
require_once $sourcedir . '/ManageAttachments.php';
$attachmentQuery = array('attachment_type' => 0, 'id_msg' => (int) $_REQUEST['msg'], 'not_id_attach' => $del_temp);
removeAttachments($attachmentQuery);
}
// ...or attach a new file...
if (isset($_FILES['attachment']['name']) || !empty($_SESSION['temp_attachments']) && empty($_POST['from_qr'])) {
// Verify they can post them!
if (!$modSettings['postmod_active'] || !allowedTo('post_unapproved_attachments')) {
isAllowedTo('post_attachment');
}
// Make sure we're uploading to the right place.
if (!empty($modSettings['currentAttachmentUploadDir'])) {
if (!is_array($modSettings['attachmentUploadDir'])) {
$modSettings['attachmentUploadDir'] = unserialize($modSettings['attachmentUploadDir']);
}
// The current directory, of course!
$current_attach_dir = $modSettings['attachmentUploadDir'][$modSettings['currentAttachmentUploadDir']];
} else {
$current_attach_dir = $modSettings['attachmentUploadDir'];
}
// If this isn't a new post, check the current attachments.
if (isset($_REQUEST['msg'])) {
$request = $smcFunc['db_query']('', '
SELECT COUNT(*), SUM(size)
FROM {db_prefix}attachments
WHERE id_msg = {int:id_msg}
AND attachment_type = {int:attachment_type}', array('id_msg' => (int) $_REQUEST['msg'], 'attachment_type' => 0));
list($quantity, $total_size) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
} else {
$quantity = 0;
$total_size = 0;
}
if (!empty($_SESSION['temp_attachments'])) {
foreach ($_SESSION['temp_attachments'] as $attachID => $name) {
if (preg_match('~^post_tmp_' . $user_info['id'] . '_\\d+$~', $attachID) == 0) {
continue;
}
if (!empty($_POST['attach_del']) && !in_array($attachID, $_POST['attach_del'])) {
unset($_SESSION['temp_attachments'][$attachID]);
@unlink($current_attach_dir . '/' . $attachID);
continue;
}
$_FILES['attachment']['tmp_name'][] = $attachID;
$_FILES['attachment']['name'][] = $name;
$_FILES['attachment']['size'][] = filesize($current_attach_dir . '/' . $attachID);
list($_FILES['attachment']['width'][], $_FILES['attachment']['height'][]) = @getimagesize($current_attach_dir . '/' . $attachID);
unset($_SESSION['temp_attachments'][$attachID]);
}
}
if (!isset($_FILES['attachment']['name'])) {
$_FILES['attachment']['tmp_name'] = array();
}
$attachIDs = array();
foreach ($_FILES['attachment']['tmp_name'] as $n => $dummy) {
if ($_FILES['attachment']['name'][$n] == '') {
continue;
}
// Have we reached the maximum number of files we are allowed?
$quantity++;
if (!empty($modSettings['attachmentNumPerPostLimit']) && $quantity > $modSettings['attachmentNumPerPostLimit']) {
checkSubmitOnce('free');
fatal_lang_error('attachments_limit_per_post', false, array($modSettings['attachmentNumPerPostLimit']));
}
// Check the total upload size for this post...
$total_size += $_FILES['attachment']['size'][$n];
if (!empty($modSettings['attachmentPostLimit']) && $total_size > $modSettings['attachmentPostLimit'] * 1024) {
checkSubmitOnce('free');
fatal_lang_error('file_too_big', false, array($modSettings['attachmentPostLimit']));
}
$attachmentOptions = array('post' => isset($_REQUEST['msg']) ? $_REQUEST['msg'] : 0, 'poster' => $user_info['id'], 'name' => $_FILES['attachment']['name'][$n], 'tmp_name' => $_FILES['attachment']['tmp_name'][$n], 'size' => $_FILES['attachment']['size'][$n], 'approved' => !$modSettings['postmod_active'] || allowedTo('post_attachment'));
if (createAttachment($attachmentOptions)) {
$attachIDs[] = $attachmentOptions['id'];
if (!empty($attachmentOptions['thumb'])) {
$attachIDs[] = $attachmentOptions['thumb'];
}
} else {
if (in_array('could_not_upload', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_lang_error('attach_timeout', 'critical');
}
if (in_array('too_large', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_lang_error('file_too_big', false, array($modSettings['attachmentSizeLimit']));
}
if (in_array('bad_extension', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_error($attachmentOptions['name'] . '.<br />' . $txt['cant_upload_type'] . ' ' . $modSettings['attachmentExtensions'] . '.', false);
}
if (in_array('directory_full', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_lang_error('ran_out_of_space', 'critical');
}
if (in_array('bad_filename', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_error(basename($attachmentOptions['name']) . '.<br />' . $txt['restricted_filename'] . '.', 'critical');
}
if (in_array('taken_filename', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_lang_error('filename_exists');
}
if (in_array('bad_attachment', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_lang_error('bad_attachment');
}
}
}
}
// Make the poll...
if (isset($_REQUEST['poll'])) {
// Create the poll.
$smcFunc['db_insert']('', '{db_prefix}polls', array('question' => 'string-255', 'hide_results' => 'int', 'max_votes' => 'int', 'expire_time' => 'int', 'id_member' => 'int', 'poster_name' => 'string-255', 'change_vote' => 'int', 'guest_vote' => 'int'), array($_POST['question'], $_POST['poll_hide'], $_POST['poll_max_votes'], empty($_POST['poll_expire']) ? 0 : time() + $_POST['poll_expire'] * 3600 * 24, $user_info['id'], $_POST['guestname'], $_POST['poll_change_vote'], $_POST['poll_guest_vote']), array('id_poll'));
$id_poll = $smcFunc['db_insert_id']('{db_prefix}polls', 'id_poll');
// Create each answer choice.
$i = 0;
$pollOptions = array();
foreach ($_POST['options'] as $option) {
$pollOptions[] = array($id_poll, $i, $option);
$i++;
}
$smcFunc['db_insert']('insert', '{db_prefix}poll_choices', array('id_poll' => 'int', 'id_choice' => 'int', 'label' => 'string-255'), $pollOptions, array('id_poll', 'id_choice'));
} else {
$id_poll = 0;
}
// Creating a new topic?
$newTopic = empty($_REQUEST['msg']) && empty($topic);
$_POST['icon'] = !empty($attachIDs) && $_POST['icon'] == 'xx' ? 'clip' : $_POST['icon'];
// Collect all parameters for the creation or modification of a post.
$msgOptions = array('id' => empty($_REQUEST['msg']) ? 0 : (int) $_REQUEST['msg'], 'subject' => $_POST['subject'], 'body' => $_POST['message'], 'icon' => preg_replace('~[\\./\\\\*:"\'<>]~', '', $_POST['icon']), 'smileys_enabled' => !isset($_POST['ns']), 'attachments' => empty($attachIDs) ? array() : $attachIDs, 'approved' => $becomesApproved);
$topicOptions = array('id' => empty($topic) ? 0 : $topic, 'board' => $board, 'poll' => isset($_REQUEST['poll']) ? $id_poll : null, 'lock_mode' => isset($_POST['lock']) ? (int) $_POST['lock'] : null, 'sticky_mode' => isset($_POST['sticky']) && !empty($modSettings['enableStickyTopics']) ? (int) $_POST['sticky'] : null, 'mark_as_read' => true, 'is_approved' => !$modSettings['postmod_active'] || empty($topic) || !empty($board_info['cur_topic_approved']));
$posterOptions = array('id' => $user_info['id'], 'name' => $_POST['guestname'], 'email' => $_POST['email'], 'update_post_count' => !$user_info['is_guest'] && !isset($_REQUEST['msg']) && $board_info['posts_count']);
// This is an already existing message. Edit it.
if (!empty($_REQUEST['msg'])) {
// Have admins allowed people to hide their screwups?
if (time() - $row['poster_time'] > $modSettings['edit_wait_time'] || $user_info['id'] != $row['id_member']) {
$msgOptions['modify_time'] = time();
$msgOptions['modify_name'] = $user_info['name'];
}
// This will save some time...
if (empty($approve_has_changed)) {
unset($msgOptions['approved']);
}
modifyPost($msgOptions, $topicOptions, $posterOptions);
} else {
createPost($msgOptions, $topicOptions, $posterOptions);
if (isset($topicOptions['id'])) {
$topic = $topicOptions['id'];
}
}
// Editing or posting an event?
if (isset($_POST['calendar']) && (!isset($_REQUEST['eventid']) || $_REQUEST['eventid'] == -1)) {
require_once $sourcedir . '/Subs-Calendar.php';
// Make sure they can link an event to this post.
canLinkEvent();
// Insert the event.
$eventOptions = array('board' => $board, 'topic' => $topic, 'title' => $_POST['evtitle'], 'member' => $user_info['id'], 'start_date' => sprintf('%04d-%02d-%02d', $_POST['year'], $_POST['month'], $_POST['day']), 'span' => isset($_POST['span']) && $_POST['span'] > 0 ? min((int) $modSettings['cal_maxspan'], (int) $_POST['span'] - 1) : 0);
insertEvent($eventOptions);
} elseif (isset($_POST['calendar'])) {
$_REQUEST['eventid'] = (int) $_REQUEST['eventid'];
// Validate the post...
require_once $sourcedir . '/Subs-Calendar.php';
validateEventPost();
// If you're not allowed to edit any events, you have to be the poster.
if (!allowedTo('calendar_edit_any')) {
// Get the event's poster.
$request = $smcFunc['db_query']('', '
SELECT id_member
FROM {db_prefix}calendar
WHERE id_event = {int:id_event}', array('id_event' => $_REQUEST['eventid']));
$row2 = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
// Silly hacker, Trix are for kids. ...probably trademarked somewhere, this is FAIR USE! (parody...)
isAllowedTo('calendar_edit_' . ($row2['id_member'] == $user_info['id'] ? 'own' : 'any'));
}
// Delete it?
if (isset($_REQUEST['deleteevent'])) {
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}calendar
WHERE id_event = {int:id_event}', array('id_event' => $_REQUEST['eventid']));
} else {
$span = !empty($modSettings['cal_allowspan']) && !empty($_REQUEST['span']) ? min((int) $modSettings['cal_maxspan'], (int) $_REQUEST['span'] - 1) : 0;
$start_time = mktime(0, 0, 0, (int) $_REQUEST['month'], (int) $_REQUEST['day'], (int) $_REQUEST['year']);
$smcFunc['db_query']('', '
UPDATE {db_prefix}calendar
SET end_date = {date:end_date},
start_date = {date:start_date},
title = {string:title}
WHERE id_event = {int:id_event}', array('end_date' => strftime('%Y-%m-%d', $start_time + $span * 86400), 'start_date' => strftime('%Y-%m-%d', $start_time), 'id_event' => $_REQUEST['eventid'], 'title' => $smcFunc['htmlspecialchars']($_REQUEST['evtitle'], ENT_QUOTES)));
}
updateSettings(array('calendar_updated' => time()));
}
// Marking read should be done even for editing messages....
// Mark all the parents read. (since you just posted and they will be unread.)
if (!$user_info['is_guest'] && !empty($board_info['parent_boards'])) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}log_boards
SET id_msg = {int:id_msg}
WHERE id_member = {int:current_member}
AND id_board IN ({array_int:board_list})', array('current_member' => $user_info['id'], 'board_list' => array_keys($board_info['parent_boards']), 'id_msg' => $modSettings['maxMsgID']));
}
// Turn notification on or off. (note this just blows smoke if it's already on or off.)
if (!empty($_POST['notify']) && allowedTo('mark_any_notify')) {
$smcFunc['db_insert']('ignore', '{db_prefix}log_notify', array('id_member' => 'int', 'id_topic' => 'int', 'id_board' => 'int'), array($user_info['id'], $topic, 0), array('id_member', 'id_topic', 'id_board'));
} elseif (!$newTopic) {
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}log_notify
WHERE id_member = {int:current_member}
AND id_topic = {int:current_topic}', array('current_member' => $user_info['id'], 'current_topic' => $topic));
}
// Log an act of moderation - modifying.
if (!empty($moderationAction)) {
logAction('modify', array('topic' => $topic, 'message' => (int) $_REQUEST['msg'], 'member' => $row['id_member'], 'board' => $board));
}
if (isset($_POST['lock']) && $_POST['lock'] != 2) {
logAction('lock', array('topic' => $topicOptions['id'], 'board' => $topicOptions['board']));
}
if (isset($_POST['sticky']) && !empty($modSettings['enableStickyTopics'])) {
logAction('sticky', array('topic' => $topicOptions['id'], 'board' => $topicOptions['board']));
}
// Notify any members who have notification turned on for this topic - only do this if it's going to be approved(!)
if ($becomesApproved) {
if ($newTopic) {
$notifyData = array('body' => $_POST['message'], 'subject' => $_POST['subject'], 'name' => $user_info['name'], 'poster' => $user_info['id'], 'msg' => $msgOptions['id'], 'board' => $board, 'topic' => $topic);
notifyMembersBoard($notifyData);
} elseif (empty($_REQUEST['msg'])) {
// Only send it to everyone if the topic is approved, otherwise just to the topic starter if they want it.
if ($topic_info['approved']) {
sendNotifications($topic, 'reply');
} else {
sendNotifications($topic, 'reply', array(), $topic_info['id_member_started']);
}
}
}
// Returning to the topic?
if (!empty($_REQUEST['goback'])) {
// Mark the board as read.... because it might get confusing otherwise.
$smcFunc['db_query']('', '
UPDATE {db_prefix}log_boards
SET id_msg = {int:maxMsgID}
WHERE id_member = {int:current_member}
AND id_board = {int:current_board}', array('current_board' => $board, 'current_member' => $user_info['id'], 'maxMsgID' => $modSettings['maxMsgID']));
}
if ($board_info['num_topics'] == 0) {
cache_put_data('board-' . $board, null, 120);
}
if (!empty($_POST['announce_topic'])) {
redirectexit('action=announce;sa=selectgroup;topic=' . $topic . (!empty($_POST['move']) && allowedTo('move_any') ? ';move' : '') . (empty($_REQUEST['goback']) ? '' : ';goback'));
}
if (!empty($_POST['move']) && allowedTo('move_any')) {
redirectexit('action=movetopic;topic=' . $topic . '.0' . (empty($_REQUEST['goback']) ? '' : ';goback'));
}
// Return to post if the mod is on.
if (isset($_REQUEST['msg']) && !empty($_REQUEST['goback'])) {
redirectexit('topic=' . $topic . '.msg' . $_REQUEST['msg'] . '#msg' . $_REQUEST['msg'], $context['browser']['is_ie']);
} elseif (!empty($_REQUEST['goback'])) {
redirectexit('topic=' . $topic . '.new#new', $context['browser']['is_ie']);
} else {
redirectexit('board=' . $board . '.0');
}
}
/**
* Handles moving a topic into the helpdesk.
*
* After checking permissions, and so on, begin to actually move posts.
*
* Broadly this is done using {@link shd_create_ticket_post()}, which has hooks specifically to deal with post modification times (written in specifically to ease this function's workload)
*
* Operations:
* - get the topic information (and checking topic access permission in the process)
* - identify the status of the topic (new/with staff/with user)
* - create the new ticket from these details
* - assuming there are replies, query for them
* - step through and repost
* - send the notification PM if we're doing that
* - update the attachments table
* - update the action log
* - remove the topic from the forum
*
* @see shd_topictoticket()
* @since 1.0
*/
function shd_topictoticket2()
{
global $smcFunc, $context, $txt, $modSettings, $scripturl, $sourcedir;
checkSession();
checkSubmitOnce('check');
$_REQUEST['dept'] = isset($_REQUEST['dept']) ? (int) $_REQUEST['dept'] : 0;
if (empty($_REQUEST['dept'])) {
$_REQUEST['dept'] = -1;
}
// which is never a valid department!
if (!shd_allowed_to('shd_topic_to_ticket', $_REQUEST['dept']) || !empty($modSettings['shd_helpdesk_only']) || !empty($modSettings['shd_disable_tickettotopic'])) {
fatal_lang_error('shd_cannot_move_topic', false);
}
if (empty($_REQUEST['topic'])) {
fatal_lang_error('shd_no_topic');
}
$context['topic_id'] = (int) $_REQUEST['topic'];
// Just in case, are they cancelling?
if (isset($_REQUEST['cancel'])) {
redirectexit('topic=' . $context['topic_id']);
}
if (isset($_POST['send_pm']) && (!isset($_POST['pm_content']) || trim($_POST['pm_content']) == '')) {
fatal_lang_error('shd_move_no_pm_topic', false);
}
require_once $sourcedir . '/sd_source/Subs-SimpleDeskPost.php';
// Fetch the topic information.
$request = shd_db_query('', '
SELECT m.subject, t.id_board, t.id_member_started, m.body, t.id_first_msg, m.smileys_enabled, t.id_member_updated, t.num_replies,
m.poster_email, m.poster_name, m.poster_ip, m.poster_time, m.modified_time, m.modified_name, m.id_msg
FROM {db_prefix}topics AS t
INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
INNER JOIN {db_prefix}boards AS b ON (t.id_board = b.id_board)
WHERE {query_see_board} AND t.id_topic = {int:topic}
LIMIT 1', array('topic' => $context['topic_id']));
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('shd_move_ticket_not_created');
} else {
list($subject, $board, $owner, $body, $firstmsg, $smileys_enabled, $memberupdated, $numreplies, $postername, $posteremail, $posterip, $postertime, $modified_time, $modified_name, $smf_id_msg) = $smcFunc['db_fetch_row']($request);
}
$smcFunc['db_free_result']($request);
// Figure out what the status of the ticket should be.
$status = shd_determine_status('topictoticket', $owner, $memberupdated, $numreplies, $_REQUEST['dept']);
// Are we changing the subject?
$old_subject = $subject;
$subject = !empty($_POST['change_subject']) && !empty($_POST['subject']) ? $_POST['subject'] : $subject;
// Just before we do this, make sure we call any hooks. $context and $_POST have lots of interesting things for us.
call_integration_hook('shd_hook_topictoticket');
// All okay, it seems. Let's go create the ticket.
$msg_assoc = array();
$msgOptions = array('body' => $body, 'smileys_enabled' => !empty($smileys_enabled) ? 1 : 0, 'modified' => array('time' => $modified_time, 'name' => $modified_name), 'time' => $postertime);
$ticketOptions = array('dept' => $_REQUEST['dept'], 'subject' => $subject, 'mark_as_read' => false, 'private' => false, 'status' => $status, 'urgency' => 0, 'assigned' => 0);
$posterOptions = array('id' => $owner, 'name' => $postername, 'email' => $posteremail, 'ip' => $posterip);
shd_create_ticket_post($msgOptions, $ticketOptions, $posterOptions);
$msg_assoc[$smf_id_msg] = $msgOptions['id'];
// Ticket created, let's dig out the replies and post them in the ticket, if there are any.
if (isset($ticketOptions['id'])) {
$request = shd_db_query('', '
SELECT body, id_member, poster_time, poster_name, poster_email, poster_ip, smileys_enabled, id_msg
FROM {db_prefix}messages
WHERE id_topic = {int:topic}
AND id_msg != {int:topic_msg}', array('topic' => $context['topic_id'], 'topic_msg' => $firstmsg));
$num_replies = $smcFunc['db_num_rows']($request) + 1;
// Plus one since we want to count the main ticket post as well.
// The ID of the ticket we created
$ticket = $ticketOptions['id'];
if ($smcFunc['db_num_rows']($request) != 0) {
// Now loop through each reply and post it. Hopefully there aren't too many. *looks at clock*
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$msgOptions = array('body' => $row['body'], 'smileys_enabled' => !empty($row['smileys_enabled']) ? 1 : 0);
$ticketOptions = array('id' => $ticket, 'mark_as_read' => false);
$posterOptions = array('id' => $row['id_member'], 'name' => !empty($row['poster_name']) ? $row['poster_name'] : '', 'email' => !empty($row['poster_email']) ? $row['poster_email'] : '', 'ip' => !empty($row['poster_ip']) ? $row['poster_ip'] : '');
shd_create_ticket_post($msgOptions, $ticketOptions, $posterOptions);
$msg_assoc[$row['id_msg']] = $msgOptions['id'];
}
}
// Ticket: check; Replies: check; Notfiy the topic starter, if desired.
if (isset($_POST['send_pm'])) {
require_once $sourcedir . '/Subs-Post.php';
$request = shd_db_query('pm_find_username', '
SELECT id_member, real_name
FROM {db_prefix}members
WHERE id_member = {int:user}
LIMIT 1', array('user' => $owner));
list($userid, $username) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
// Fix the content
$replacements = array('{user}' => $username, '{subject}' => $old_subject, '{link}' => $scripturl . '?action=helpdesk;sa=ticket;ticket=' . $ticket);
$message = str_replace(array_keys($replacements), array_values($replacements), $_POST['pm_content']);
$recipients = array('to' => array($owner), 'bcc' => array());
sendpm($recipients, $txt['shd_ticket_moved_subject_topic'], un_htmlspecialchars($message));
}
// And now for something completely different: attachments
if (!empty($msg_assoc)) {
// 1. Get all the attachments for these messages from the attachments table
$attachIDs = array();
$query = shd_db_query('', '
SELECT id_attach, id_msg
FROM {db_prefix}attachments
WHERE id_msg IN ({array_int:smf_msgs})', array('smf_msgs' => array_keys($msg_assoc)));
while ($row = $smcFunc['db_fetch_assoc']($query)) {
$attachIDs[] = $row;
}
$smcFunc['db_free_result']($query);
if (!empty($attachIDs)) {
// 2. Do the switch
// 2.1. Add them to SD's tables
$array = array();
foreach ($attachIDs as $attach) {
$array[] = array($attach['id_attach'], $ticket, $msg_assoc[$attach['id_msg']]);
}
$smcFunc['db_insert']('replace', '{db_prefix}helpdesk_attachments', array('id_attach' => 'int', 'id_ticket' => 'int', 'id_msg' => 'int'), $array, array('id_attach'));
// 2.2. "Remove" them from SMF's table
shd_db_query('', '
UPDATE {db_prefix}attachments
SET id_msg = 0
WHERE id_msg IN ({array_int:smf_msgs})', array('smf_msgs' => array_keys($msg_assoc)));
}
}
// Now we'll add this to the log.
$log_params = array('subject' => $subject, 'ticket' => $ticket);
shd_log_action('topictoticket', $log_params);
// Update post counts.
$request = shd_db_query('', '
SELECT id_member
FROM {db_prefix}messages
WHERE id_topic = {int:topic}', array('topic' => $context['topic_id']));
$posters = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
if (!isset($posters[$row['id_member']])) {
$posters[$row['id_member']] = 0;
}
$posters[$row['id_member']]++;
}
$smcFunc['db_free_result']($request);
foreach ($posters as $id_member => $posts) {
updateMemberData($id_member, array('posts' => 'posts - ' . $posts));
}
// Lastly, delete the topic from the database.
shd_db_query('', '
DELETE FROM {db_prefix}topics
WHERE id_topic = {int:topic}
LIMIT 1', array('topic' => $context['topic_id']));
// And the replies, too.
shd_db_query('', '
DELETE FROM {db_prefix}messages
WHERE id_topic = {int:topic}', array('topic' => $context['topic_id']));
// Update the stats.
require_once $sourcedir . '/Subs-Post.php';
updateStats('message');
updateStats('topic');
updateLastMessages($board);
// Update board post counts.
shd_db_query('', '
UPDATE {db_prefix}boards
SET num_topics = num_topics - 1,
num_posts = num_posts - {int:num_posts}
WHERE id_board = {int:board}', array('board' => $board, 'num_posts' => $num_replies));
} else {
fatal_lang_error('shd_move_ticket_not_created', false);
}
// Send them to the ticket.
redirectexit('action=helpdesk;sa=ticket;ticket=' . $ticket);
}
/**
* Apply another type of (avatar, language, etc.) package.
*/
public function action_install2()
{
global $txt, $context, $boardurl, $scripturl, $modSettings;
// Make sure we don't install this mod twice.
checkSubmitOnce('check');
checkSession();
// If there's no file, what are we installing?
if (!isset($_REQUEST['package']) || $_REQUEST['package'] == '') {
redirectexit('action=admin;area=packages');
}
$context['filename'] = $_REQUEST['package'];
// If this is an uninstall, we'll have an id.
$context['install_id'] = isset($_REQUEST['pid']) ? (int) $_REQUEST['pid'] : 0;
require_once SUBSDIR . '/Package.subs.php';
require_once SUBSDIR . '/Themes.subs.php';
// @todo Perhaps do it in steps, if necessary?
$context['uninstalling'] = $_REQUEST['sa'] == 'uninstall2';
// Set up the linktree for other.
$context['linktree'][count($context['linktree']) - 1] = array('url' => $scripturl . '?action=admin;area=packages;sa=browse', 'name' => $context['uninstalling'] ? $txt['uninstall'] : $txt['extracting']);
$context['page_title'] .= ' - ' . ($context['uninstalling'] ? $txt['uninstall'] : $txt['extracting']);
$context['sub_template'] = 'extract_package';
if (!file_exists(BOARDDIR . '/packages/' . $context['filename'])) {
fatal_lang_error('package_no_file', false);
}
// Load up the package FTP information?
create_chmod_control(array(), array('destination_url' => $scripturl . '?action=admin;area=packages;sa=' . $_REQUEST['sa'] . ';package=' . $_REQUEST['package']));
// Make sure temp directory exists and is empty!
if (file_exists(BOARDDIR . '/packages/temp')) {
deltree(BOARDDIR . '/packages/temp', false);
} else {
mktree(BOARDDIR . '/packages/temp', 0777);
}
// Let the unpacker do the work.
if (is_file(BOARDDIR . '/packages/' . $context['filename'])) {
$context['extracted_files'] = read_tgz_file(BOARDDIR . '/packages/' . $context['filename'], BOARDDIR . '/packages/temp');
if (!file_exists(BOARDDIR . '/packages/temp/package-info.xml')) {
foreach ($context['extracted_files'] as $file) {
if (basename($file['filename']) == 'package-info.xml') {
$context['base_path'] = dirname($file['filename']) . '/';
break;
}
}
}
if (!isset($context['base_path'])) {
$context['base_path'] = '';
}
} elseif (is_dir(BOARDDIR . '/packages/' . $context['filename'])) {
copytree(BOARDDIR . '/packages/' . $context['filename'], BOARDDIR . '/packages/temp');
$context['extracted_files'] = listtree(BOARDDIR . '/packages/temp');
$context['base_path'] = '';
} else {
fatal_lang_error('no_access', false);
}
// Are we installing this into any custom themes?
$custom_themes = array(1);
$known_themes = explode(',', $modSettings['knownThemes']);
if (!empty($_POST['custom_theme'])) {
foreach ($_POST['custom_theme'] as $tid) {
if (in_array($tid, $known_themes)) {
$custom_themes[] = (int) $tid;
}
}
}
// Now load up the paths of the themes that we need to know about.
$theme_paths = getThemesPathbyID($custom_themes);
$themes_installed = array(1);
// Are there any theme copying that we want to take place?
$context['theme_copies'] = array('require-file' => array(), 'require-dir' => array());
if (!empty($_POST['theme_changes'])) {
foreach ($_POST['theme_changes'] as $change) {
if (empty($change)) {
continue;
}
$theme_data = unserialize(base64_decode($change));
if (empty($theme_data['type'])) {
continue;
}
$themes_installed[] = $theme_data['id'];
$context['theme_copies'][$theme_data['type']][$theme_data['orig']][] = $theme_data['future'];
}
}
// Get the package info...
$packageInfo = getPackageInfo($context['filename']);
if (!is_array($packageInfo)) {
fatal_lang_error($packageInfo);
}
$packageInfo['filename'] = $context['filename'];
// Set the type of extraction...
$context['extract_type'] = isset($packageInfo['type']) ? $packageInfo['type'] : 'modification';
// Create a backup file to roll back to! (but if they do this more than once, don't run it a zillion times.)
if (!empty($modSettings['package_make_full_backups']) && (!isset($_SESSION['last_backup_for']) || $_SESSION['last_backup_for'] != $context['filename'] . ($context['uninstalling'] ? '$$' : '$'))) {
$_SESSION['last_backup_for'] = $context['filename'] . ($context['uninstalling'] ? '$$' : '$');
// @todo Internationalize this?
package_create_backup(($context['uninstalling'] ? 'backup_' : 'before_') . strtok($context['filename'], '.'));
}
// The mod isn't installed.... unless proven otherwise.
$context['is_installed'] = false;
// Is it actually installed?
$package_installed = isPackageInstalled($packageInfo['id']);
// Wait, it's not installed yet!
// @todo Replace with a better error message!
if (!isset($package_installed['old_version']) && $context['uninstalling']) {
deltree(BOARDDIR . '/packages/temp');
fatal_error('Hacker?', false);
} elseif ($context['uninstalling']) {
$install_log = parsePackageInfo($packageInfo['xml'], false, 'uninstall');
// Gadzooks! There's no uninstaller at all!?
if (empty($install_log)) {
fatal_lang_error('package_uninstall_cannot', false);
}
// They can only uninstall from what it was originally installed into.
foreach ($theme_paths as $id => $data) {
if ($id != 1 && !in_array($id, $package_installed['old_themes'])) {
unset($theme_paths[$id]);
}
}
} elseif (isset($package_installed['old_version']) && $package_installed['old_version'] != $packageInfo['version']) {
// Look for an upgrade...
$install_log = parsePackageInfo($packageInfo['xml'], false, 'upgrade', $package_installed['old_version']);
// There was no upgrade....
if (empty($install_log)) {
$context['is_installed'] = true;
} else {
// Upgrade previous themes only!
foreach ($theme_paths as $id => $data) {
if ($id != 1 && !in_array($id, $package_installed['old_themes'])) {
unset($theme_paths[$id]);
}
}
}
} elseif (isset($package_installed['old_version']) && $package_installed['old_version'] == $packageInfo['version']) {
$context['is_installed'] = true;
}
if (!isset($package_installed['old_version']) || $context['is_installed']) {
$install_log = parsePackageInfo($packageInfo['xml'], false, 'install');
}
$context['install_finished'] = false;
// We're gonna be needing the table db functions! ...Sometimes.
$table_installer = db_table();
// @todo Make a log of any errors that occurred and output them?
if (!empty($install_log)) {
$failed_steps = array();
$failed_count = 0;
foreach ($install_log as $action) {
$failed_count++;
if ($action['type'] == 'modification' && !empty($action['filename'])) {
if ($action['boardmod']) {
$mod_actions = parseBoardMod(file_get_contents(BOARDDIR . '/packages/temp/' . $context['base_path'] . $action['filename']), false, $action['reverse'], $theme_paths);
} else {
$mod_actions = parseModification(file_get_contents(BOARDDIR . '/packages/temp/' . $context['base_path'] . $action['filename']), false, $action['reverse'], $theme_paths);
}
// Any errors worth noting?
foreach ($mod_actions as $key => $action) {
if ($action['type'] == 'failure') {
$failed_steps[] = array('file' => $action['filename'], 'large_step' => $failed_count, 'sub_step' => $key, 'theme' => 1);
}
// Gather the themes we installed into.
if (!empty($action['is_custom'])) {
$themes_installed[] = $action['is_custom'];
}
}
} elseif ($action['type'] == 'code' && !empty($action['filename'])) {
// This is just here as reference for what is available.
global $txt, $modSettings, $context;
// Now include the file and be done with it ;).
if (file_exists(BOARDDIR . '/packages/temp/' . $context['base_path'] . $action['filename'])) {
require BOARDDIR . '/packages/temp/' . $context['base_path'] . $action['filename'];
}
} elseif ($action['type'] == 'credits') {
// Time to build the billboard
$credits_tag = array('url' => $action['url'], 'license' => $action['license'], 'copyright' => $action['copyright'], 'title' => $action['title']);
} elseif ($action['type'] == 'hook' && isset($action['hook'], $action['function'])) {
if ($action['reverse']) {
remove_integration_function($action['hook'], $action['function'], $action['include_file']);
} else {
add_integration_function($action['hook'], $action['function'], $action['include_file']);
}
} elseif ($action['type'] == 'database' && !empty($action['filename']) && (!$context['uninstalling'] || !empty($_POST['do_db_changes']))) {
// These can also be there for database changes.
global $txt, $modSettings, $context;
// Let the file work its magic ;)
if (file_exists(BOARDDIR . '/packages/temp/' . $context['base_path'] . $action['filename'])) {
require BOARDDIR . '/packages/temp/' . $context['base_path'] . $action['filename'];
}
} elseif ($action['type'] == 'redirect' && !empty($action['redirect_url'])) {
$context['redirect_url'] = $action['redirect_url'];
$context['redirect_text'] = !empty($action['filename']) && file_exists(BOARDDIR . '/packages/temp/' . $context['base_path'] . $action['filename']) ? file_get_contents(BOARDDIR . '/packages/temp/' . $context['base_path'] . $action['filename']) : ($context['uninstalling'] ? $txt['package_uninstall_done'] : $txt['package_installed_done']);
$context['redirect_timeout'] = $action['redirect_timeout'];
// Parse out a couple of common urls.
$urls = array('$boardurl' => $boardurl, '$scripturl' => $scripturl, '$session_var' => $context['session_var'], '$session_id' => $context['session_id']);
$context['redirect_url'] = strtr($context['redirect_url'], $urls);
}
}
package_flush_cache();
// First, ensure this change doesn't get removed by putting a stake in the ground (So to speak).
package_put_contents(BOARDDIR . '/packages/installed.list', time());
// See if this is already installed
$is_upgrade = false;
$old_db_changes = array();
$package_check = isPackageInstalled($packageInfo['id']);
// Change the installed state as required.
if (!empty($package_check['install_state'])) {
if ($context['uninstalling']) {
setPackageState($package_check['package_id']);
} else {
// not uninstalling so must be an upgrade
$is_upgrade = true;
$old_db_changes = empty($package_check['db_changes']) ? array() : $package_check['db_changes'];
}
}
// Assuming we're not uninstalling, add the entry.
if (!$context['uninstalling']) {
// Any db changes from older version?
$table_log = $table_installer->package_log();
if (!empty($old_db_changes)) {
$db_package_log = empty($table_log) ? $old_db_changes : array_merge($old_db_changes, $table_log);
} else {
$db_package_log = $table_log;
}
// If there are some database changes we might want to remove then filter them out.
if (!empty($db_package_log)) {
// We're really just checking for entries which are create table AND add columns (etc).
$tables = array();
usort($db_package_log, array($this, '_sort_table_first'));
foreach ($db_package_log as $k => $log) {
if ($log[0] == 'remove_table') {
$tables[] = $log[1];
} elseif (in_array($log[1], $tables)) {
unset($db_package_log[$k]);
}
}
$package_installed['db_changes'] = serialize($db_package_log);
} else {
$package_installed['db_changes'] = '';
}
// What themes did we actually install?
$themes_installed = array_unique($themes_installed);
$themes_installed = implode(',', $themes_installed);
// What failed steps?
$failed_step_insert = serialize($failed_steps);
// Credits tag?
$credits_tag = empty($credits_tag) ? '' : serialize($credits_tag);
// Add to the log packages
addPackageLog($packageInfo, $failed_step_insert, $themes_installed, $package_installed['db_changes'], $is_upgrade, $credits_tag);
}
$context['install_finished'] = true;
}
// If there's database changes - and they want them removed - let's do it last!
if (!empty($package_installed['db_changes']) && !empty($_POST['do_db_changes'])) {
foreach ($package_installed['db_changes'] as $change) {
if ($change[0] == 'remove_table' && isset($change[1])) {
$table_installer->db_drop_table($change[1]);
} elseif ($change[0] == 'remove_column' && isset($change[2])) {
$table_installer->db_remove_column($change[1], $change[2]);
} elseif ($change[0] == 'remove_index' && isset($change[2])) {
$table_installer->db_remove_index($change[1], $change[2]);
}
}
}
// Clean house... get rid of the evidence ;).
if (file_exists(BOARDDIR . '/packages/temp')) {
deltree(BOARDDIR . '/packages/temp');
}
// Log what we just did.
logAction($context['uninstalling'] ? 'uninstall_package' : (!empty($is_upgrade) ? 'upgrade_package' : 'install_package'), array('package' => Util::htmlspecialchars($packageInfo['name']), 'version' => Util::htmlspecialchars($packageInfo['version'])), 'admin');
// Just in case, let's clear the whole cache to avoid anything going up the swanny.
clean_cache();
// Restore file permissions?
create_chmod_control(array(), array(), true);
}
function action_attach_image()
{
global $image, $modSettings, $sourcedir, $context, $user_info;
require_once 'include/Subs-Post.php';
if (isset($_FILES['attachment']['name'])) {
// Verify they can post them!
if (!$modSettings['postmod_active'] || !allowedTo('post_unapproved_attachments')) {
isAllowedTo('post_attachment');
}
// Make sure we're uploading to the right place.
if (!empty($modSettings['currentAttachmentUploadDir'])) {
if (!is_array($modSettings['attachmentUploadDir'])) {
$modSettings['attachmentUploadDir'] = unserialize($modSettings['attachmentUploadDir']);
}
// The current directory, of course!
$current_attach_dir = $modSettings['attachmentUploadDir'][$modSettings['currentAttachmentUploadDir']];
} else {
$current_attach_dir = $modSettings['attachmentUploadDir'];
}
// prepare for attach image
$tmp_name = 'post_tmp_' . $user_info['id'] . '_' . rand(1, 1000);
$destination = $current_attach_dir . '/' . $tmp_name;
$fp = fopen($destination, 'w');
$size = @filesize($destination);
fwrite($fp, $image);
fclose($fp);
$_FILES['attachment']['tmp_name'][] = $tmp_name;
$_FILES['attachment']['size'][] = $size ? $size : strlen($image);
$quantity = 0;
$total_size = 0;
if (!isset($_FILES['attachment']['name'])) {
$_FILES['attachment']['tmp_name'] = array();
}
$attachIDs = array();
foreach ($_FILES['attachment']['tmp_name'] as $n => $dummy) {
if ($_FILES['attachment']['name'][$n] == '') {
continue;
}
// Have we reached the maximum number of files we are allowed?
$quantity++;
if (!empty($modSettings['attachmentNumPerPostLimit']) && $quantity > $modSettings['attachmentNumPerPostLimit']) {
checkSubmitOnce('free');
fatal_lang_error('attachments_limit_per_post', false, array($modSettings['attachmentNumPerPostLimit']));
}
// Check the total upload size for this post...
$total_size += $_FILES['attachment']['size'][$n];
if (!empty($modSettings['attachmentPostLimit']) && $total_size > $modSettings['attachmentPostLimit'] * 1024) {
checkSubmitOnce('free');
fatal_lang_error('file_too_big', false, array($modSettings['attachmentPostLimit']));
}
$attachmentOptions = array('post' => 0, 'poster' => $user_info['id'], 'name' => $_FILES['attachment']['name'][$n], 'tmp_name' => $_FILES['attachment']['tmp_name'][$n], 'size' => $_FILES['attachment']['size'][$n], 'approved' => !$modSettings['postmod_active'] || allowedTo('post_attachment'));
if (createAttachment($attachmentOptions)) {
$attachIDs[] = $attachmentOptions['id'];
if (!empty($attachmentOptions['thumb'])) {
$attachIDs[] = $attachmentOptions['thumb'];
}
} else {
if (in_array('could_not_upload', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_lang_error('attach_timeout', 'critical');
}
if (in_array('too_large', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_lang_error('file_too_big', false, array($modSettings['attachmentSizeLimit']));
}
if (in_array('bad_extension', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_error($attachmentOptions['name'] . ".\n" . $txt['cant_upload_type'] . ' ' . $modSettings['attachmentExtensions'] . '.', false);
}
if (in_array('directory_full', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_lang_error('ran_out_of_space', 'critical');
}
if (in_array('bad_filename', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_error(basename($attachmentOptions['name']) . ".\n" . $txt['restricted_filename'] . '.', 'critical');
}
if (in_array('taken_filename', $attachmentOptions['errors'])) {
checkSubmitOnce('free');
fatal_lang_error('filename_exists');
}
}
}
$context['attachids'] = $attachIDs;
}
}
function EditPoll2()
{
global $txt, $topic, $board, $context;
global $modSettings, $user_info, $smcFunc, $sourcedir;
// Sneaking off, are we?
if (empty($_POST)) {
redirectexit('action=editpoll;topic=' . $topic . '.0');
}
if (checkSession('post', '', false) != '') {
$poll_errors[] = 'session_timeout';
}
if (isset($_POST['preview'])) {
return EditPoll();
}
// HACKERS (!!) can't edit :P.
if (empty($topic)) {
fatal_lang_error('no_access', false);
}
// Is this a new poll, or editing an existing?
$isEdit = isset($_REQUEST['add']) ? 0 : 1;
// Get the starter and the poll's ID - if it's an edit.
$request = smf_db_query('
SELECT t.id_member_started, t.id_poll, p.id_member AS poll_starter, p.expire_time
FROM {db_prefix}topics AS t
LEFT JOIN {db_prefix}polls AS p ON (p.id_poll = t.id_poll)
WHERE t.id_topic = {int:current_topic}
LIMIT 1', array('current_topic' => $topic));
if (mysql_num_rows($request) == 0) {
fatal_lang_error('no_board');
}
$bcinfo = mysql_fetch_assoc($request);
mysql_free_result($request);
// Check their adding/editing is valid.
if (!$isEdit && !empty($bcinfo['id_poll'])) {
fatal_lang_error('poll_already_exists');
} elseif ($isEdit && empty($bcinfo['id_poll'])) {
fatal_lang_error('poll_not_found');
}
// Check if they have the power to add or edit the poll.
if ($isEdit && !allowedTo('poll_edit_any')) {
isAllowedTo('poll_edit_' . ($user_info['id'] == $bcinfo['id_member_started'] || $bcinfo['poll_starter'] != 0 && $user_info['id'] == $bcinfo['poll_starter'] ? 'own' : 'any'));
} elseif (!$isEdit && !allowedTo('poll_add_any')) {
isAllowedTo('poll_add_' . ($user_info['id'] == $bcinfo['id_member_started'] ? 'own' : 'any'));
}
$optionCount = 0;
// Ensure the user is leaving a valid amount of options - there must be at least two.
foreach ($_POST['options'] as $k => $option) {
if (trim($option) != '') {
$optionCount++;
}
}
if ($optionCount < 2) {
$poll_errors[] = 'poll_few';
}
// Also - ensure they are not removing the question.
if (trim($_POST['question']) == '') {
$poll_errors[] = 'no_question';
}
// Got any errors to report?
if (!empty($poll_errors)) {
loadLanguage('Errors');
// Previewing.
$_POST['preview'] = true;
$context['poll_error'] = array('messages' => array());
foreach ($poll_errors as $poll_error) {
$context['poll_error'][$poll_error] = true;
$context['poll_error']['messages'][] = $txt['error_' . $poll_error];
}
return EditPoll();
}
// Prevent double submission of this form.
checkSubmitOnce('check');
// Now we've done all our error checking, let's get the core poll information cleaned... question first.
$_POST['question'] = commonAPI::htmlspecialchars($_POST['question']);
$_POST['question'] = commonAPI::truncate($_POST['question'], 255);
$_POST['poll_hide'] = (int) $_POST['poll_hide'];
$_POST['poll_expire'] = isset($_POST['poll_expire']) ? (int) $_POST['poll_expire'] : 0;
$_POST['poll_change_vote'] = isset($_POST['poll_change_vote']) ? 1 : 0;
$_POST['poll_guest_vote'] = isset($_POST['poll_guest_vote']) ? 1 : 0;
// Make sure guests are actually allowed to vote generally.
if ($_POST['poll_guest_vote']) {
require_once $sourcedir . '/lib/Subs-Members.php';
$allowedGroups = groupsAllowedTo('poll_vote', $board);
if (!in_array(-1, $allowedGroups['allowed'])) {
$_POST['poll_guest_vote'] = 0;
}
}
// Ensure that the number options allowed makes sense, and the expiration date is valid.
if (!$isEdit || allowedTo('moderate_board')) {
$_POST['poll_expire'] = $_POST['poll_expire'] > 9999 ? 9999 : ($_POST['poll_expire'] < 0 ? 0 : $_POST['poll_expire']);
if (empty($_POST['poll_expire']) && $_POST['poll_hide'] == 2) {
$_POST['poll_hide'] = 1;
} elseif (!$isEdit || $_POST['poll_expire'] != ceil($bcinfo['expire_time'] <= time() ? -1 : ($bcinfo['expire_time'] - time()) / (3600 * 24))) {
$_POST['poll_expire'] = empty($_POST['poll_expire']) ? '0' : time() + $_POST['poll_expire'] * 3600 * 24;
} else {
$_POST['poll_expire'] = $bcinfo['expire_time'];
}
if (empty($_POST['poll_max_votes']) || $_POST['poll_max_votes'] <= 0) {
$_POST['poll_max_votes'] = 1;
} else {
$_POST['poll_max_votes'] = (int) $_POST['poll_max_votes'];
}
}
// If we're editing, let's commit the changes.
if ($isEdit) {
smf_db_query('
UPDATE {db_prefix}polls
SET question = {string:question}, change_vote = {int:change_vote},' . (allowedTo('moderate_board') ? '
hide_results = {int:hide_results}, expire_time = {int:expire_time}, max_votes = {int:max_votes},
guest_vote = {int:guest_vote}' : '
hide_results = CASE WHEN expire_time = {int:expire_time_zero} AND {int:hide_results} = 2 THEN 1 ELSE {int:hide_results} END') . '
WHERE id_poll = {int:id_poll}', array('change_vote' => $_POST['poll_change_vote'], 'hide_results' => $_POST['poll_hide'], 'expire_time' => !empty($_POST['poll_expire']) ? $_POST['poll_expire'] : 0, 'max_votes' => !empty($_POST['poll_max_votes']) ? $_POST['poll_max_votes'] : 0, 'guest_vote' => $_POST['poll_guest_vote'], 'expire_time_zero' => 0, 'id_poll' => $bcinfo['id_poll'], 'question' => $_POST['question']));
} else {
// Create the poll.
smf_db_insert('', '{db_prefix}polls', array('question' => 'string-255', 'hide_results' => 'int', 'max_votes' => 'int', 'expire_time' => 'int', 'id_member' => 'int', 'poster_name' => 'string-255', 'change_vote' => 'int', 'guest_vote' => 'int'), array($_POST['question'], $_POST['poll_hide'], $_POST['poll_max_votes'], $_POST['poll_expire'], $user_info['id'], $user_info['username'], $_POST['poll_change_vote'], $_POST['poll_guest_vote']), array('id_poll'));
// Set the poll ID.
$bcinfo['id_poll'] = smf_db_insert_id('{db_prefix}polls', 'id_poll');
// Link the poll to the topic
smf_db_query('
UPDATE {db_prefix}topics
SET id_poll = {int:id_poll}
WHERE id_topic = {int:current_topic}', array('current_topic' => $topic, 'id_poll' => $bcinfo['id_poll']));
}
// Get all the choices. (no better way to remove all emptied and add previously non-existent ones.)
$request = smf_db_query('
SELECT id_choice
FROM {db_prefix}poll_choices
WHERE id_poll = {int:id_poll}', array('id_poll' => $bcinfo['id_poll']));
$choices = array();
while ($row = mysql_fetch_assoc($request)) {
$choices[] = $row['id_choice'];
}
mysql_free_result($request);
$delete_options = array();
foreach ($_POST['options'] as $k => $option) {
// Make sure the key is numeric for sanity's sake.
$k = (int) $k;
// They've cleared the box. Either they want it deleted, or it never existed.
if (trim($option) == '') {
// They want it deleted. Bye.
if (in_array($k, $choices)) {
$delete_options[] = $k;
}
// Skip the rest...
continue;
}
// Dress the option up for its big date with the database.
$option = commonAPI::htmlspecialchars($option);
// If it's already there, update it. If it's not... add it.
if (in_array($k, $choices)) {
smf_db_query('
UPDATE {db_prefix}poll_choices
SET label = {string:option_name}
WHERE id_poll = {int:id_poll}
AND id_choice = {int:id_choice}', array('id_poll' => $bcinfo['id_poll'], 'id_choice' => $k, 'option_name' => $option));
} else {
smf_db_insert('', '{db_prefix}poll_choices', array('id_poll' => 'int', 'id_choice' => 'int', 'label' => 'string-255', 'votes' => 'int'), array($bcinfo['id_poll'], $k, $option, 0), array());
}
}
// I'm sorry, but... well, no one was choosing you. Poor options, I'll put you out of your misery.
if (!empty($delete_options)) {
smf_db_query('
DELETE FROM {db_prefix}log_polls
WHERE id_poll = {int:id_poll}
AND id_choice IN ({array_int:delete_options})', array('delete_options' => $delete_options, 'id_poll' => $bcinfo['id_poll']));
smf_db_query('
DELETE FROM {db_prefix}poll_choices
WHERE id_poll = {int:id_poll}
AND id_choice IN ({array_int:delete_options})', array('delete_options' => $delete_options, 'id_poll' => $bcinfo['id_poll']));
}
// Shall I reset the vote count, sir?
if (isset($_POST['resetVoteCount'])) {
smf_db_query('
UPDATE {db_prefix}polls
SET num_guest_voters = {int:no_votes}, reset_poll = {int:time}
WHERE id_poll = {int:id_poll}', array('no_votes' => 0, 'id_poll' => $bcinfo['id_poll'], 'time' => time()));
smf_db_query('
UPDATE {db_prefix}poll_choices
SET votes = {int:no_votes}
WHERE id_poll = {int:id_poll}', array('no_votes' => 0, 'id_poll' => $bcinfo['id_poll']));
smf_db_query('
DELETE FROM {db_prefix}log_polls
WHERE id_poll = {int:id_poll}', array('id_poll' => $bcinfo['id_poll']));
}
// Off we go.
redirectexit('topic=' . $topic . '.' . $_REQUEST['start']);
}
function Display()
{
global $scripturl, $txt, $db_prefix, $modSettings, $context, $settings;
global $options, $sourcedir, $user_info, $ID_MEMBER, $board_info, $topic;
global $board, $attachments, $messages_request, $language;
// What are you gonna display if these are empty?!
if (empty($topic)) {
fatal_lang_error('smf232', false);
}
// Load the proper template and/or sub template.
if (WIRELESS) {
$context['sub_template'] = WIRELESS_PROTOCOL . '_display';
} else {
loadTemplate('Display');
}
// Not only does a prefetch make things slower for the server, but it makes it impossible to know if they read it.
if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch') {
ob_end_clean();
header('HTTP/1.1 403 Prefetch Forbidden');
die;
}
// Find the previous or next topic. Make a fuss if there are no more.
if (isset($_REQUEST['prev_next']) && ($_REQUEST['prev_next'] == 'prev' || $_REQUEST['prev_next'] == 'next')) {
// No use in calculating the next topic if there's only one.
if ($board_info['num_topics'] > 1) {
// Just prepare some variables that are used in the query.
$gt_lt = $_REQUEST['prev_next'] == 'prev' ? '>' : '<';
$order = $_REQUEST['prev_next'] == 'prev' ? '' : ' DESC';
$request = db_query("\n\t\t\t\tSELECT t2.ID_TOPIC\n\t\t\t\tFROM ({$db_prefix}topics AS t, {$db_prefix}topics AS t2)\n\t\t\t\tWHERE t.ID_TOPIC = {$topic}" . (empty($modSettings['enableStickyTopics']) ? "\n\t\t\t\t\tAND t2.ID_LAST_MSG {$gt_lt} t.ID_LAST_MSG" : "\n\t\t\t\t\tAND ((t2.ID_LAST_MSG {$gt_lt} t.ID_LAST_MSG AND t2.isSticky {$gt_lt}= t.isSticky) OR t2.isSticky {$gt_lt} t.isSticky)") . "\n\t\t\t\t\tAND t2.ID_BOARD = {$board}\n\t\t\t\tORDER BY" . (empty($modSettings['enableStickyTopics']) ? '' : " t2.isSticky{$order},") . " t2.ID_LAST_MSG{$order}\n\t\t\t\tLIMIT 1", __FILE__, __LINE__);
// No more left.
if (mysql_num_rows($request) == 0) {
mysql_free_result($request);
// Roll over - if we're going prev, get the last - otherwise the first.
$request = db_query("\n\t\t\t\t\tSELECT ID_TOPIC\n\t\t\t\t\tFROM {$db_prefix}topics\n\t\t\t\t\tWHERE ID_BOARD = {$board}\n\t\t\t\t\tORDER BY" . (empty($modSettings['enableStickyTopics']) ? '' : " isSticky{$order},") . " ID_LAST_MSG{$order}\n\t\t\t\t\tLIMIT 1", __FILE__, __LINE__);
}
// Now you can be sure $topic is the ID_TOPIC to view.
list($topic) = mysql_fetch_row($request);
mysql_free_result($request);
$context['current_topic'] = $topic;
}
// Go to the newest message on this topic.
$_REQUEST['start'] = 'new';
// Duplicate link! Tell the robots not to link this.
$context['robot_no_index'] = true;
}
// Add 1 to the number of views of this topic.
if (empty($_SESSION['last_read_topic']) || $_SESSION['last_read_topic'] != $topic) {
db_query("\n\t\t\tUPDATE {$db_prefix}topics\n\t\t\tSET numViews = numViews + 1\n\t\t\tWHERE ID_TOPIC = {$topic}\n\t\t\tLIMIT 1", __FILE__, __LINE__);
$_SESSION['last_read_topic'] = $topic;
}
// Get all the important topic info.
$request = db_query("\n\t\tSELECT\n\t\t\tt.numReplies, t.numViews, t.locked, ms.subject, t.isSticky, t.ID_POLL,\n\t\t\tt.ID_MEMBER_STARTED, t.ID_FIRST_MSG, t.ID_LAST_MSG,\n\t\t\t" . ($user_info['is_guest'] ? '0' : 'IFNULL(lt.ID_MSG, -1) + 1') . " AS new_from\n\t\tFROM ({$db_prefix}topics AS t, {$db_prefix}messages AS ms)" . ($user_info['is_guest'] ? '' : "\n\t\t\tLEFT JOIN {$db_prefix}log_topics AS lt ON (lt.ID_TOPIC = {$topic} AND lt.ID_MEMBER = {$ID_MEMBER})") . "\n\t\tWHERE t.ID_TOPIC = {$topic}\n\t\t\tAND ms.ID_MSG = t.ID_FIRST_MSG\n\t\tLIMIT 1", __FILE__, __LINE__);
if (mysql_num_rows($request) == 0) {
fatal_lang_error(472, false);
}
$topicinfo = mysql_fetch_assoc($request);
mysql_free_result($request);
// The start isn't a number; it's information about what to do, where to go.
if (!is_numeric($_REQUEST['start'])) {
// Redirect to the page and post with new messages, originally by Omar Bazavilvazo.
if ($_REQUEST['start'] == 'new') {
// Guests automatically go to the last topic.
if ($user_info['is_guest']) {
$context['start_from'] = $topicinfo['numReplies'];
$_REQUEST['start'] = empty($options['view_newest_first']) ? $context['start_from'] : 0;
} else {
// Find the earliest unread message in the topic. (the use of topics here is just for both tables.)
$request = db_query("\n\t\t\t\t\tSELECT IFNULL(lt.ID_MSG, IFNULL(lmr.ID_MSG, -1)) + 1 AS new_from\n\t\t\t\t\tFROM {$db_prefix}topics AS t\n\t\t\t\t\t\tLEFT JOIN {$db_prefix}log_topics AS lt ON (lt.ID_TOPIC = {$topic} AND lt.ID_MEMBER = {$ID_MEMBER})\n\t\t\t\t\t\tLEFT JOIN {$db_prefix}log_mark_read AS lmr ON (lmr.ID_BOARD = {$board} AND lmr.ID_MEMBER = {$ID_MEMBER})\n\t\t\t\t\tWHERE t.ID_TOPIC = {$topic}\n\t\t\t\t\tLIMIT 1", __FILE__, __LINE__);
list($new_from) = mysql_fetch_row($request);
mysql_free_result($request);
// Fall through to the next if statement.
$_REQUEST['start'] = 'msg' . $new_from;
}
}
// Start from a certain time index, not a message.
if (substr($_REQUEST['start'], 0, 4) == 'from') {
$timestamp = (int) substr($_REQUEST['start'], 4);
if ($timestamp === 0) {
$_REQUEST['start'] = 0;
} else {
// Find the number of messages posted before said time...
$request = db_query("\n\t\t\t\t\tSELECT COUNT(*)\n\t\t\t\t\tFROM {$db_prefix}messages\n\t\t\t\t\tWHERE posterTime < {$timestamp}\n\t\t\t\t\t\tAND ID_TOPIC = {$topic}", __FILE__, __LINE__);
list($context['start_from']) = mysql_fetch_row($request);
mysql_free_result($request);
// Handle view_newest_first options, and get the correct start value.
$_REQUEST['start'] = empty($options['view_newest_first']) ? $context['start_from'] : $topicinfo['numReplies'] - $context['start_from'];
}
} elseif (substr($_REQUEST['start'], 0, 3) == 'msg') {
$virtual_msg = (int) substr($_REQUEST['start'], 3);
if ($virtual_msg >= $topicinfo['ID_LAST_MSG']) {
$context['start_from'] = $topicinfo['numReplies'];
} elseif ($virtual_msg <= $topicinfo['ID_FIRST_MSG']) {
$context['start_from'] = 0;
} else {
// Find the start value for that message......
$request = db_query("\n\t\t\t\t\tSELECT COUNT(*)\n\t\t\t\t\tFROM {$db_prefix}messages\n\t\t\t\t\tWHERE ID_MSG < {$virtual_msg}\n\t\t\t\t\t\tAND ID_TOPIC = {$topic}", __FILE__, __LINE__);
list($context['start_from']) = mysql_fetch_row($request);
mysql_free_result($request);
}
// We need to reverse the start as well in this case.
$_REQUEST['start'] = empty($options['view_newest_first']) ? $context['start_from'] : $topicinfo['numReplies'] - $context['start_from'];
$context['robot_no_index'] = true;
}
}
// Create a previous next string if the selected theme has it as a selected option.
$context['previous_next'] = $modSettings['enablePreviousNext'] ? '<a href="' . $scripturl . '?topic=' . $topic . '.0;prev_next=prev#new">' . $txt['previous_next_back'] . '</a> <a href="' . $scripturl . '?topic=' . $topic . '.0;prev_next=next#new">' . $txt['previous_next_forward'] . '</a>' : '';
// Check if spellchecking is both enabled and actually working. (for quick reply.)
$context['show_spellchecking'] = !empty($modSettings['enableSpellChecking']) && function_exists('pspell_new');
// Censor the title...
censorText($topicinfo['subject']);
$context['page_title'] = $topicinfo['subject'];
$context['num_replies'] = $topicinfo['numReplies'];
$context['topic_first_message'] = $topicinfo['ID_FIRST_MSG'];
// Is this topic sticky, or can it even be?
$topicinfo['isSticky'] = empty($modSettings['enableStickyTopics']) ? '0' : $topicinfo['isSticky'];
// Default this topic to not marked for notifications... of course...
$context['is_marked_notify'] = false;
// Guests can't mark topics read or for notifications, just can't sorry.
if (!$user_info['is_guest']) {
// Mark the topic as read :)
if (!empty($topicinfo['new_from'])) {
db_query("\n\t\t\t\tUPDATE {$db_prefix}log_topics\n\t\t\t\tSET ID_MSG = {$modSettings['maxMsgID']}\n\t\t\t\tWHERE ID_MEMBER = {$ID_MEMBER}\n\t\t\t\t\tAND ID_TOPIC = {$topic}\n\t\t\t\tLIMIT 1", __FILE__, __LINE__);
$flag = db_affected_rows() !== 0;
}
if (empty($flag)) {
db_query("\n\t\t\t\tREPLACE INTO {$db_prefix}log_topics\n\t\t\t\t\t(ID_MSG, ID_MEMBER, ID_TOPIC)\n\t\t\t\tVALUES ({$modSettings['maxMsgID']}, {$ID_MEMBER}, {$topic})", __FILE__, __LINE__);
}
// Check for notifications on this topic OR board.
$request = db_query("\n\t\t\tSELECT sent, ID_TOPIC\n\t\t\tFROM {$db_prefix}log_notify\n\t\t\tWHERE (ID_TOPIC = {$topic} OR ID_BOARD = {$board})\n\t\t\t\tAND ID_MEMBER = {$ID_MEMBER}\n\t\t\tLIMIT 2", __FILE__, __LINE__);
$do_once = true;
while ($row = mysql_fetch_assoc($request)) {
// Find if this topic is marked for notification...
if (!empty($row['ID_TOPIC'])) {
$context['is_marked_notify'] = true;
}
// Only do this once, but mark the notifications as "not sent yet" for next time.
if (!empty($row['sent']) && $do_once) {
db_query("\n\t\t\t\t\tUPDATE {$db_prefix}log_notify\n\t\t\t\t\tSET sent = 0\n\t\t\t\t\tWHERE (ID_TOPIC = {$topic} OR ID_BOARD = {$board})\n\t\t\t\t\t\tAND ID_MEMBER = {$ID_MEMBER}\n\t\t\t\t\tLIMIT 2", __FILE__, __LINE__);
$do_once = false;
}
}
// Have we recently cached the number of new topics in this board, and it's still a lot?
if (isset($_REQUEST['topicseen']) && isset($_SESSION['topicseen_cache'][$board]) && $_SESSION['topicseen_cache'][$board] > 5) {
$_SESSION['topicseen_cache'][$board]--;
} elseif (isset($_REQUEST['topicseen'])) {
// Use the mark read tables... and the last visit to figure out if this should be read or not.
$request = db_query("\n\t\t\t\tSELECT COUNT(*)\n\t\t\t\tFROM {$db_prefix}topics AS t\n\t\t\t\t\tLEFT JOIN {$db_prefix}log_boards AS lb ON (lb.ID_BOARD = {$board} AND lb.ID_MEMBER = {$ID_MEMBER})\n\t\t\t\t\tLEFT JOIN {$db_prefix}log_topics AS lt ON (lt.ID_TOPIC = t.ID_TOPIC AND lt.ID_MEMBER = {$ID_MEMBER})\n\t\t\t\tWHERE t.ID_BOARD = {$board}\n\t\t\t\t\tAND t.ID_LAST_MSG > IFNULL(lb.ID_MSG, 0)\n\t\t\t\t\tAND t.ID_LAST_MSG > IFNULL(lt.ID_MSG, 0)" . (empty($_SESSION['ID_MSG_LAST_VISIT']) ? '' : "\n\t\t\t\t\tAND t.ID_LAST_MSG > {$_SESSION['ID_MSG_LAST_VISIT']}"), __FILE__, __LINE__);
list($numNewTopics) = mysql_fetch_row($request);
mysql_free_result($request);
// If there're no real new topics in this board, mark the board as seen.
if (empty($numNewTopics)) {
$_REQUEST['boardseen'] = true;
} else {
$_SESSION['topicseen_cache'][$board] = $numNewTopics;
}
} elseif (isset($_SESSION['topicseen_cache'][$board])) {
$_SESSION['topicseen_cache'][$board]--;
}
// Mark board as seen if we came using last post link from BoardIndex. (or other places...)
if (isset($_REQUEST['boardseen'])) {
db_query("\n\t\t\t\tREPLACE INTO {$db_prefix}log_boards\n\t\t\t\t\t(ID_MSG, ID_MEMBER, ID_BOARD)\n\t\t\t\tVALUES ({$modSettings['maxMsgID']}, {$ID_MEMBER}, {$board})", __FILE__, __LINE__);
}
}
// Let's get nosey, who is viewing this topic?
if (!empty($settings['display_who_viewing'])) {
// Start out with no one at all viewing it.
$context['view_members'] = array();
$context['view_members_list'] = array();
$context['view_num_hidden'] = 0;
// Search for members who have this topic set in their GET data.
$request = db_query("\n\t\t\tSELECT\n\t\t\t\tlo.ID_MEMBER, lo.logTime, mem.realName, mem.memberName, mem.showOnline,\n\t\t\t\tmg.onlineColor, mg.ID_GROUP, mg.groupName\n\t\t\tFROM {$db_prefix}log_online AS lo\n\t\t\t\tLEFT JOIN {$db_prefix}members AS mem ON (mem.ID_MEMBER = lo.ID_MEMBER)\n\t\t\t\tLEFT JOIN {$db_prefix}membergroups AS mg ON (mg.ID_GROUP = IF(mem.ID_GROUP = 0, mem.ID_POST_GROUP, mem.ID_GROUP))\n\t\t\tWHERE INSTR(lo.url, 's:5:\"topic\";i:{$topic};') OR lo.session = '" . ($user_info['is_guest'] ? 'ip' . $user_info['ip'] : session_id()) . "'", __FILE__, __LINE__);
while ($row = mysql_fetch_assoc($request)) {
if (empty($row['ID_MEMBER'])) {
continue;
}
if (!empty($row['onlineColor'])) {
$link = '<a href="' . $scripturl . '?action=profile;u=' . $row['ID_MEMBER'] . '" style="color: ' . $row['onlineColor'] . ';">' . $row['realName'] . '</a>';
} else {
$link = '<a href="' . $scripturl . '?action=profile;u=' . $row['ID_MEMBER'] . '">' . $row['realName'] . '</a>';
}
$is_buddy = in_array($row['ID_MEMBER'], $user_info['buddies']);
if ($is_buddy) {
$link = '<b>' . $link . '</b>';
}
// Add them both to the list and to the more detailed list.
if (!empty($row['showOnline']) || allowedTo('moderate_forum')) {
$context['view_members_list'][$row['logTime'] . $row['memberName']] = empty($row['showOnline']) ? '<i>' . $link . '</i>' : $link;
}
$context['view_members'][$row['logTime'] . $row['memberName']] = array('id' => $row['ID_MEMBER'], 'username' => $row['memberName'], 'name' => $row['realName'], 'group' => $row['ID_GROUP'], 'href' => $scripturl . '?action=profile;u=' . $row['ID_MEMBER'], 'link' => $link, 'is_buddy' => $is_buddy, 'hidden' => empty($row['showOnline']));
if (empty($row['showOnline'])) {
$context['view_num_hidden']++;
}
}
// The number of guests is equal to the rows minus the ones we actually used ;).
$context['view_num_guests'] = mysql_num_rows($request) - count($context['view_members']);
mysql_free_result($request);
// Sort the list.
krsort($context['view_members']);
krsort($context['view_members_list']);
}
// If all is set, but not allowed... just unset it.
if (isset($_REQUEST['all']) && empty($modSettings['enableAllMessages'])) {
unset($_REQUEST['all']);
} elseif (isset($_REQUEST['all'])) {
$_REQUEST['start'] = -1;
}
// Construct the page index, allowing for the .START method...
$context['page_index'] = constructPageIndex($scripturl . '?topic=' . $topic . '.%d', $_REQUEST['start'], $topicinfo['numReplies'] + 1, $modSettings['defaultMaxMessages'], true);
$context['start'] = $_REQUEST['start'];
// This is information about which page is current, and which page we're on - in case you don't like the constructed page index. (again, wireles..)
$context['page_info'] = array('current_page' => $_REQUEST['start'] / $modSettings['defaultMaxMessages'] + 1, 'num_pages' => floor($topicinfo['numReplies'] / $modSettings['defaultMaxMessages']) + 1);
// Figure out all the link to the next/prev/first/last/etc. for wireless mainly.
$context['links'] = array('first' => $_REQUEST['start'] >= $modSettings['defaultMaxMessages'] ? $scripturl . '?topic=' . $topic . '.0' : '', 'prev' => $_REQUEST['start'] >= $modSettings['defaultMaxMessages'] ? $scripturl . '?topic=' . $topic . '.' . ($_REQUEST['start'] - $modSettings['defaultMaxMessages']) : '', 'next' => $_REQUEST['start'] + $modSettings['defaultMaxMessages'] < $topicinfo['numReplies'] + 1 ? $scripturl . '?topic=' . $topic . '.' . ($_REQUEST['start'] + $modSettings['defaultMaxMessages']) : '', 'last' => $_REQUEST['start'] + $modSettings['defaultMaxMessages'] < $topicinfo['numReplies'] + 1 ? $scripturl . '?topic=' . $topic . '.' . floor($topicinfo['numReplies'] / $modSettings['defaultMaxMessages']) * $modSettings['defaultMaxMessages'] : '', 'up' => $scripturl . '?board=' . $board . '.0');
// If they are viewing all the posts, show all the posts, otherwise limit the number.
if (!empty($modSettings['enableAllMessages']) && $topicinfo['numReplies'] + 1 > $modSettings['defaultMaxMessages'] && $topicinfo['numReplies'] + 1 < $modSettings['enableAllMessages']) {
if (isset($_REQUEST['all'])) {
// No limit! (actually, there is a limit, but...)
$modSettings['defaultMaxMessages'] = -1;
$context['page_index'] .= empty($modSettings['compactTopicPagesEnable']) ? '<b>' . $txt[190] . '</b> ' : '[<b>' . $txt[190] . '</b>] ';
// Set start back to 0...
$_REQUEST['start'] = 0;
} else {
$context['page_index'] .= ' <a href="' . $scripturl . '?topic=' . $topic . '.0;all">' . $txt[190] . '</a> ';
}
}
// Build the link tree.
$context['linktree'][] = array('url' => $scripturl . '?topic=' . $topic . '.0', 'name' => $topicinfo['subject'], 'extra_before' => $settings['linktree_inline'] ? $txt[118] . ': ' : '');
// Build a list of this board's moderators.
$context['moderators'] =& $board_info['moderators'];
$context['link_moderators'] = array();
if (!empty($board_info['moderators'])) {
// Add a link for each moderator...
foreach ($board_info['moderators'] as $mod) {
$context['link_moderators'][] = '<a href="' . $scripturl . '?action=profile;u=' . $mod['id'] . '" title="' . $txt[62] . '">' . $mod['name'] . '</a>';
}
// And show it after the board's name.
$context['linktree'][count($context['linktree']) - 2]['extra_after'] = ' (' . (count($context['link_moderators']) == 1 ? $txt[298] : $txt[299]) . ': ' . implode(', ', $context['link_moderators']) . ')';
}
// Information about the current topic...
$context['is_locked'] = $topicinfo['locked'];
$context['is_sticky'] = $topicinfo['isSticky'];
$context['is_very_hot'] = $topicinfo['numReplies'] >= $modSettings['hotTopicVeryPosts'];
$context['is_hot'] = $topicinfo['numReplies'] >= $modSettings['hotTopicPosts'];
// We don't want to show the poll icon in the topic class here, so pretend it's not one.
$context['is_poll'] = false;
determineTopicClass($context);
$context['is_poll'] = $topicinfo['ID_POLL'] > 0 && $modSettings['pollMode'] == '1' && allowedTo('poll_view');
// Did this user start the topic or not?
$context['user']['started'] = $ID_MEMBER == $topicinfo['ID_MEMBER_STARTED'] && !$user_info['is_guest'];
$context['topic_starter_id'] = $topicinfo['ID_MEMBER_STARTED'];
// Set the topic's information for the template.
$context['subject'] = $topicinfo['subject'];
$context['num_views'] = $topicinfo['numViews'];
$context['mark_unread_time'] = $topicinfo['new_from'];
// For quick reply we need a response prefix in the default forum language.
if (!isset($context['response_prefix']) && !($context['response_prefix'] = cache_get_data('response_prefix'))) {
if ($language === $user_info['language']) {
$context['response_prefix'] = $txt['response_prefix'];
} else {
loadLanguage('index', $language, false);
$context['response_prefix'] = $txt['response_prefix'];
loadLanguage('index');
}
cache_put_data('response_prefix', $context['response_prefix'], 600);
}
// If we want to show event information in the topic, prepare the data.
if (allowedTo('calendar_view') && !empty($modSettings['cal_showInTopic']) && !empty($modSettings['cal_enabled'])) {
// First, try create a better time format, ignoring the "time" elements.
if (preg_match('~%[AaBbCcDdeGghjmuYy](?:[^%]*%[AaBbCcDdeGghjmuYy])*~', $user_info['time_format'], $matches) == 0 || empty($matches[0])) {
$date_string = $user_info['time_format'];
} else {
$date_string = $matches[0];
}
// Any calendar information for this topic?
$request = db_query("\n\t\t\tSELECT cal.ID_EVENT, cal.startDate, cal.endDate, cal.title, cal.ID_MEMBER, mem.realName\n\t\t\tFROM {$db_prefix}calendar AS cal\n\t\t\t\tLEFT JOIN {$db_prefix}members AS mem ON (mem.ID_MEMBER = cal.ID_MEMBER)\n\t\t\tWHERE cal.ID_TOPIC = {$topic}\n\t\t\tORDER BY startDate", __FILE__, __LINE__);
$context['linked_calendar_events'] = array();
while ($row = mysql_fetch_assoc($request)) {
// Prepare the dates for being formatted.
$startDate = sscanf($row['startDate'], '%04d-%02d-%02d');
$startDate = mktime(12, 0, 0, $startDate[1], $startDate[2], $startDate[0]);
$endDate = sscanf($row['endDate'], '%04d-%02d-%02d');
$endDate = mktime(12, 0, 0, $endDate[1], $endDate[2], $endDate[0]);
$context['linked_calendar_events'][] = array('id' => $row['ID_EVENT'], 'title' => $row['title'], 'can_edit' => allowedTo('calendar_edit_any') || $row['ID_MEMBER'] == $ID_MEMBER && allowedTo('calendar_edit_own'), 'modify_href' => $scripturl . '?action=post;msg=' . $topicinfo['ID_FIRST_MSG'] . ';topic=' . $topic . '.0;calendar;eventid=' . $row['ID_EVENT'] . ';sesc=' . $context['session_id'], 'start_date' => timeformat($startDate, $date_string), 'start_timestamp' => forum_time(true, $startDate), 'end_date' => timeformat($endDate, $date_string), 'end_timestamp' => forum_time(true, $startDate), 'is_last' => false);
}
mysql_free_result($request);
if (!empty($context['linked_calendar_events'])) {
$context['linked_calendar_events'][count($context['linked_calendar_events']) - 1]['is_last'] = true;
}
}
// Create the poll info if it exists.
if ($context['is_poll']) {
// Get the question and if it's locked.
$request = db_query("\n\t\t\tSELECT\n\t\t\t\tp.question, p.votingLocked, p.hideResults, p.expireTime, p.maxVotes, p.changeVote,\n\t\t\t\tp.ID_MEMBER, IFNULL(mem.realName, p.posterName) AS posterName,\n\t\t\t\tCOUNT(DISTINCT lp.ID_MEMBER) AS total\n\t\t\tFROM {$db_prefix}polls AS p\n\t\t\t\tLEFT JOIN {$db_prefix}log_polls AS lp ON (lp.ID_POLL = p.ID_POLL)\n\t\t\t\tLEFT JOIN {$db_prefix}members AS mem ON (mem.ID_MEMBER = p.ID_MEMBER)\n\t\t\tWHERE p.ID_POLL = {$topicinfo['ID_POLL']}\n\t\t\tGROUP BY p.ID_POLL\n\t\t\tLIMIT 1", __FILE__, __LINE__);
$pollinfo = mysql_fetch_assoc($request);
mysql_free_result($request);
// Get all the options, and calculate the total votes.
$request = db_query("\n\t\t\tSELECT pc.ID_CHOICE, pc.label, pc.votes, IFNULL(lp.ID_CHOICE, -1) AS votedThis\n\t\t\tFROM {$db_prefix}poll_choices AS pc\n\t\t\t\tLEFT JOIN {$db_prefix}log_polls AS lp ON (lp.ID_CHOICE = pc.ID_CHOICE AND lp.ID_POLL = {$topicinfo['ID_POLL']} AND lp.ID_MEMBER = {$ID_MEMBER})\n\t\t\tWHERE pc.ID_POLL = {$topicinfo['ID_POLL']}", __FILE__, __LINE__);
$pollOptions = array();
$realtotal = 0;
$pollinfo['has_voted'] = false;
while ($row = mysql_fetch_assoc($request)) {
censorText($row['label']);
$pollOptions[$row['ID_CHOICE']] = $row;
$realtotal += $row['votes'];
$pollinfo['has_voted'] |= $row['votedThis'] != -1;
}
mysql_free_result($request);
// Set up the basic poll information.
$context['poll'] = array('id' => $topicinfo['ID_POLL'], 'image' => 'normal_' . (empty($pollinfo['votingLocked']) ? 'poll' : 'locked_poll'), 'question' => parse_bbc($pollinfo['question']), 'total_votes' => $pollinfo['total'], 'change_vote' => !empty($pollinfo['changeVote']), 'is_locked' => !empty($pollinfo['votingLocked']), 'options' => array(), 'lock' => allowedTo('poll_lock_any') || $context['user']['started'] && allowedTo('poll_lock_own'), 'edit' => allowedTo('poll_edit_any') || $context['user']['started'] && allowedTo('poll_edit_own'), 'allowed_warning' => $pollinfo['maxVotes'] > 1 ? sprintf($txt['poll_options6'], $pollinfo['maxVotes']) : '', 'is_expired' => !empty($pollinfo['expireTime']) && $pollinfo['expireTime'] < time(), 'expire_time' => !empty($pollinfo['expireTime']) ? timeformat($pollinfo['expireTime']) : 0, 'has_voted' => !empty($pollinfo['has_voted']), 'starter' => array('id' => $pollinfo['ID_MEMBER'], 'name' => $row['posterName'], 'href' => $pollinfo['ID_MEMBER'] == 0 ? '' : $scripturl . '?action=profile;u=' . $pollinfo['ID_MEMBER'], 'link' => $pollinfo['ID_MEMBER'] == 0 ? $row['posterName'] : '<a href="' . $scripturl . '?action=profile;u=' . $pollinfo['ID_MEMBER'] . '">' . $row['posterName'] . '</a>'));
// You're allowed to vote if:
// 1. the poll did not expire, and
// 2. you're not a guest... and
// 3. you're not trying to view the results, and
// 4. the poll is not locked, and
// 5. you have the proper permissions, and
// 6. you haven't already voted before.
$context['allow_vote'] = !$context['poll']['is_expired'] && !$user_info['is_guest'] && empty($pollinfo['votingLocked']) && allowedTo('poll_vote') && !$context['poll']['has_voted'];
// You're allowed to view the results if:
// 1. you're just a super-nice-guy, or
// 2. anyone can see them (hideResults == 0), or
// 3. you can see them after you voted (hideResults == 1), or
// 4. you've waited long enough for the poll to expire. (whether hideResults is 1 or 2.)
$context['allow_poll_view'] = allowedTo('moderate_board') || $pollinfo['hideResults'] == 0 || $pollinfo['hideResults'] == 1 && $context['poll']['has_voted'] || $context['poll']['is_expired'];
$context['poll']['show_results'] = $context['allow_poll_view'] && isset($_REQUEST['viewResults']);
// You're allowed to change your vote if:
// 1. the poll did not expire, and
// 2. you're not a guest... and
// 3. the poll is not locked, and
// 4. you have the proper permissions, and
// 5. you have already voted, and
// 6. the poll creator has said you can!
$context['allow_change_vote'] = !$context['poll']['is_expired'] && !$user_info['is_guest'] && empty($pollinfo['votingLocked']) && allowedTo('poll_vote') && $context['poll']['has_voted'] && $context['poll']['change_vote'];
// Calculate the percentages and bar lengths...
$divisor = $realtotal == 0 ? 1 : $realtotal;
// Determine if a decimal point is needed in order for the options to add to 100%.
$precision = $realtotal == 100 ? 0 : 1;
// Now look through each option, and...
foreach ($pollOptions as $i => $option) {
// First calculate the percentage, and then the width of the bar...
$bar = round($option['votes'] * 100 / $divisor, $precision);
$barWide = $bar == 0 ? 1 : floor($bar * 8 / 3);
// Now add it to the poll's contextual theme data.
$context['poll']['options'][$i] = array('id' => 'options-' . $i, 'percent' => $bar, 'votes' => $option['votes'], 'voted_this' => $option['votedThis'] != -1, 'bar' => '<span style="white-space: nowrap;"><img src="' . $settings['images_url'] . '/poll_left.gif" alt="" /><img src="' . $settings['images_url'] . '/poll_middle.gif" width="' . $barWide . '" height="12" alt="-" /><img src="' . $settings['images_url'] . '/poll_right.gif" alt="" /></span>', 'bar_width' => $barWide, 'option' => parse_bbc($option['label']), 'vote_button' => '<input type="' . ($pollinfo['maxVotes'] > 1 ? 'checkbox' : 'radio') . '" name="options[]" id="options-' . $i . '" value="' . $i . '" class="check" />');
}
}
// Calculate the fastest way to get the messages!
$ascending = empty($options['view_newest_first']);
$start = $_REQUEST['start'];
$limit = $modSettings['defaultMaxMessages'];
$firstIndex = 0;
if ($start > $topicinfo['numReplies'] / 2 && $modSettings['defaultMaxMessages'] != -1) {
$ascending = !$ascending;
$limit = $topicinfo['numReplies'] < $start + $limit ? $topicinfo['numReplies'] - $start + 1 : $limit;
$start = $topicinfo['numReplies'] < $start + $limit ? 0 : $topicinfo['numReplies'] - $start - $limit + 1;
$firstIndex = $limit - 1;
}
// Get each post and poster in this topic.
$request = db_query("\n\t\tSELECT ID_MSG, ID_MEMBER\n\t\tFROM {$db_prefix}messages\n\t\tWHERE ID_TOPIC = {$topic}\n\t\tORDER BY ID_MSG " . ($ascending ? '' : 'DESC') . ($modSettings['defaultMaxMessages'] == -1 ? '' : "\n\t\tLIMIT {$start}, {$limit}"), __FILE__, __LINE__);
$messages = array();
$posters = array();
while ($row = mysql_fetch_assoc($request)) {
if (!empty($row['ID_MEMBER'])) {
$posters[] = $row['ID_MEMBER'];
}
$messages[] = $row['ID_MSG'];
}
mysql_free_result($request);
$posters = array_unique($posters);
$attachments = array();
// If there _are_ messages here... (probably an error otherwise :!)
if (!empty($messages)) {
// Fetch attachments.
if (!empty($modSettings['attachmentEnable']) && allowedTo('view_attachments')) {
$request = db_query("\n\t\t\t\tSELECT\n\t\t\t\t\ta.ID_ATTACH, a.ID_MSG, a.filename, IFNULL(a.size, 0) AS filesize, a.downloads,\n\t\t\t\t\ta.width, a.height" . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : ",\n\t\t\t\t\tIFNULL(thumb.ID_ATTACH, 0) AS ID_THUMB, thumb.width AS thumb_width, thumb.height AS thumb_height") . "\n\t\t\t\tFROM {$db_prefix}attachments AS a" . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : "\n\t\t\t\t\tLEFT JOIN {$db_prefix}attachments AS thumb ON (thumb.ID_ATTACH = a.ID_THUMB)") . "\n\t\t\t\tWHERE a.ID_MSG IN (" . implode(',', $messages) . ")\n\t\t\t\t\tAND a.attachmentType = 0", __FILE__, __LINE__);
$temp = array();
while ($row = mysql_fetch_assoc($request)) {
$temp[$row['ID_ATTACH']] = $row;
if (!isset($attachments[$row['ID_MSG']])) {
$attachments[$row['ID_MSG']] = array();
}
}
mysql_free_result($request);
// This is better than sorting it with the query...
ksort($temp);
foreach ($temp as $row) {
$attachments[$row['ID_MSG']][] = $row;
}
}
// What? It's not like it *couldn't* be only guests in this topic...
if (!empty($posters)) {
loadMemberData($posters);
}
$messages_request = db_query("\n\t\t\tSELECT\n\t\t\t\tID_MSG, icon, subject, posterTime, posterIP, ID_MEMBER, modifiedTime, modifiedName, body,\n\t\t\t\tsmileysEnabled, posterName, posterEmail,\n\t\t\t\tID_MSG_MODIFIED < {$topicinfo['new_from']} AS isRead\n\t\t\tFROM {$db_prefix}messages\n\t\t\tWHERE ID_MSG IN (" . implode(',', $messages) . ")\n\t\t\tORDER BY ID_MSG" . (empty($options['view_newest_first']) ? '' : ' DESC'), __FILE__, __LINE__);
// Go to the last message if the given time is beyond the time of the last message.
if (isset($context['start_from']) && $context['start_from'] >= $topicinfo['numReplies']) {
$context['start_from'] = $topicinfo['numReplies'];
}
// Since the anchor information is needed on the top of the page we load these variables beforehand.
$context['first_message'] = isset($messages[$firstIndex]) ? $messages[$firstIndex] : $messages[0];
if (empty($options['view_newest_first'])) {
$context['first_new_message'] = isset($context['start_from']) && $_REQUEST['start'] == $context['start_from'];
} else {
$context['first_new_message'] = isset($context['start_from']) && $_REQUEST['start'] == $topicinfo['numReplies'] - $context['start_from'];
}
} else {
$messages_request = false;
$context['first_message'] = 0;
$context['first_new_message'] = false;
}
// Load the "Jump to" list...
loadJumpTo();
// Set the callback. (do you REALIZE how much memory all the messages would take?!?)
$context['get_message'] = 'prepareDisplayContext';
// Basic settings.... may be converted over at some point.
$context['allow_hide_email'] = !empty($modSettings['allow_hideEmail']) || $user_info['is_guest'] && !empty($modSettings['guest_hideContacts']);
// Now set all the wonderful, wonderful permissions... like moderation ones...
$common_permissions = array('can_sticky' => 'make_sticky', 'can_merge' => 'merge_any', 'can_split' => 'split_any', 'calendar_post' => 'calendar_post', 'can_mark_notify' => 'mark_any_notify', 'can_send_topic' => 'send_topic', 'can_send_pm' => 'pm_send', 'can_report_moderator' => 'report_any', 'can_moderate_forum' => 'moderate_forum');
foreach ($common_permissions as $contextual => $perm) {
$context[$contextual] = allowedTo($perm);
}
// Permissions with _any/_own versions. $context[YYY] => ZZZ_any/_own.
$anyown_permissions = array('can_move' => 'move', 'can_lock' => 'lock', 'can_delete' => 'remove', 'can_add_poll' => 'poll_add', 'can_remove_poll' => 'poll_remove', 'can_reply' => 'post_reply');
foreach ($anyown_permissions as $contextual => $perm) {
$context[$contextual] = allowedTo($perm . '_any') || $context['user']['started'] && allowedTo($perm . '_own');
}
// Cleanup all the permissions with extra stuff...
$context['can_mark_notify'] &= !$context['user']['is_guest'];
$context['can_sticky'] &= !empty($modSettings['enableStickyTopics']);
$context['calendar_post'] &= !empty($modSettings['cal_enabled']);
$context['can_add_poll'] &= $modSettings['pollMode'] == '1' && $topicinfo['ID_POLL'] <= 0;
$context['can_remove_poll'] &= $modSettings['pollMode'] == '1' && $topicinfo['ID_POLL'] > 0;
$context['can_reply'] &= empty($topicinfo['locked']) || allowedTo('moderate_board');
$board_count = 0;
foreach ($context['jump_to'] as $id => $cat) {
$board_count += count($context['jump_to'][$id]['boards']);
}
$context['can_move'] &= $board_count > 1;
// Start this off for quick moderation - it will be or'd for each post.
$context['can_remove_post'] = allowedTo('delete_any') || allowedTo('delete_replies') && $context['user']['started'];
// Load up the "double post" sequencing magic.
if (!empty($options['display_quick_reply'])) {
checkSubmitOnce('register');
}
}
function MoveTopic2()
{
global $txt, $board, $topic, $scripturl, $sourcedir, $modSettings, $context;
global $board, $language, $user_info, $smcFunc;
if (empty($topic)) {
fatal_lang_error('no_access', false);
}
// You can't choose to have a redirection topic and use an empty reason.
if (isset($_POST['postRedirect']) && (!isset($_POST['reason']) || trim($_POST['reason']) == '')) {
fatal_lang_error('movetopic_no_reason', false);
}
// Make sure this form hasn't been submitted before.
checkSubmitOnce('check');
$request = $smcFunc['db_query']('', '
SELECT id_member_started, id_first_msg, approved
FROM {db_prefix}topics
WHERE id_topic = {int:current_topic}
LIMIT 1', array('current_topic' => $topic));
list($id_member_started, $id_first_msg, $context['is_approved']) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
// Can they see it?
if (!$context['is_approved']) {
isAllowedTo('approve_posts');
}
// Can they move topics on this board?
if (!allowedTo('move_any')) {
if ($id_member_started == $user_info['id']) {
isAllowedTo('move_own');
$boards = array_merge(boardsAllowedTo('move_own'), boardsAllowedTo('move_any'));
} else {
isAllowedTo('move_any');
}
} else {
$boards = boardsAllowedTo('move_any');
}
// If this topic isn't approved don't let them move it if they can't approve it!
if ($modSettings['postmod_active'] && !$context['is_approved'] && !allowedTo('approve_posts')) {
// Only allow them to move it to other boards they can't approve it in.
$can_approve = boardsAllowedTo('approve_posts');
$boards = array_intersect($boards, $can_approve);
}
checkSession();
require_once $sourcedir . '/Subs-Post.php';
// The destination board must be numeric.
$_POST['toboard'] = (int) $_POST['toboard'];
// Make sure they can see the board they are trying to move to (and get whether posts count in the target board).
$request = $smcFunc['db_query']('', '
SELECT b.count_posts, b.name, m.subject
FROM {db_prefix}boards AS b
INNER JOIN {db_prefix}topics AS t ON (t.id_topic = {int:current_topic})
INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
WHERE {query_see_board}
AND b.id_board = {int:to_board}
AND b.redirect = {string:blank_redirect}
LIMIT 1', array('current_topic' => $topic, 'to_board' => $_POST['toboard'], 'blank_redirect' => ''));
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('no_board');
}
list($pcounter, $board_name, $subject) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
// Remember this for later.
$_SESSION['move_to_topic'] = $_POST['toboard'];
// Rename the topic...
if (isset($_POST['reset_subject'], $_POST['custom_subject']) && $_POST['custom_subject'] != '') {
$_POST['custom_subject'] = strtr($smcFunc['htmltrim']($smcFunc['htmlspecialchars']($_POST['custom_subject'])), array("\r" => '', "\n" => '', "\t" => ''));
// Keep checking the length.
if ($smcFunc['strlen']($_POST['custom_subject']) > 100) {
$_POST['custom_subject'] = $smcFunc['substr']($_POST['custom_subject'], 0, 100);
}
// If it's still valid move onwards and upwards.
if ($_POST['custom_subject'] != '') {
if (isset($_POST['enforce_subject'])) {
// Get a response prefix, but in the forum's default language.
if (!isset($context['response_prefix']) && !($context['response_prefix'] = cache_get_data('response_prefix'))) {
if ($language === $user_info['language']) {
$context['response_prefix'] = $txt['response_prefix'];
} else {
loadLanguage('index', $language, false);
$context['response_prefix'] = $txt['response_prefix'];
loadLanguage('index');
}
cache_put_data('response_prefix', $context['response_prefix'], 600);
}
$smcFunc['db_query']('', '
UPDATE {db_prefix}messages
SET subject = {string:subject}
WHERE id_topic = {int:current_topic}', array('current_topic' => $topic, 'subject' => $context['response_prefix'] . $_POST['custom_subject']));
}
$smcFunc['db_query']('', '
UPDATE {db_prefix}messages
SET subject = {string:custom_subject}
WHERE id_msg = {int:id_first_msg}', array('id_first_msg' => $id_first_msg, 'custom_subject' => $_POST['custom_subject']));
// Fix the subject cache.
updateStats('subject', $topic, $_POST['custom_subject']);
}
}
// Create a link to this in the old board.
//!!! Does this make sense if the topic was unapproved before? I'd just about say so.
if (isset($_POST['postRedirect'])) {
// Should be in the boardwide language.
if ($user_info['language'] != $language) {
loadLanguage('index', $language);
}
$_POST['reason'] = $smcFunc['htmlspecialchars']($_POST['reason'], ENT_QUOTES);
preparsecode($_POST['reason']);
// Add a URL onto the message.
$_POST['reason'] = strtr($_POST['reason'], array($txt['movetopic_auto_board'] => '[url=' . $scripturl . '?board=' . $_POST['toboard'] . '.0]' . $board_name . '[/url]', $txt['movetopic_auto_topic'] => '[iurl]' . $scripturl . '?topic=' . $topic . '.0[/iurl]'));
$msgOptions = array('subject' => $txt['moved'] . ': ' . $subject, 'body' => $_POST['reason'], 'icon' => 'moved', 'smileys_enabled' => 1);
$topicOptions = array('board' => $board, 'lock_mode' => 1, 'mark_as_read' => true);
$posterOptions = array('id' => $user_info['id'], 'update_post_count' => empty($pcounter));
createPost($msgOptions, $topicOptions, $posterOptions);
}
$request = $smcFunc['db_query']('', '
SELECT count_posts
FROM {db_prefix}boards
WHERE id_board = {int:current_board}
LIMIT 1', array('current_board' => $board));
list($pcounter_from) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
if ($pcounter_from != $pcounter) {
$request = $smcFunc['db_query']('', '
SELECT id_member
FROM {db_prefix}messages
WHERE id_topic = {int:current_topic}
AND approved = {int:is_approved}', array('current_topic' => $topic, 'is_approved' => 1));
$posters = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
if (!isset($posters[$row['id_member']])) {
$posters[$row['id_member']] = 0;
}
$posters[$row['id_member']]++;
}
$smcFunc['db_free_result']($request);
foreach ($posters as $id_member => $posts) {
// The board we're moving from counted posts, but not to.
if (empty($pcounter_from)) {
updateMemberData($id_member, array('posts' => 'posts - ' . $posts));
} else {
updateMemberData($id_member, array('posts' => 'posts + ' . $posts));
}
}
}
// Do the move (includes statistics update needed for the redirect topic).
moveTopics($topic, $_POST['toboard']);
// Log that they moved this topic.
if (!allowedTo('move_own') || $id_member_started != $user_info['id']) {
logAction('move', array('topic' => $topic, 'board_from' => $board, 'board_to' => $_POST['toboard']));
}
// Notify people that this topic has been moved?
sendNotifications($topic, 'move');
// Why not go back to the original board in case they want to keep moving?
if (!isset($_REQUEST['goback'])) {
redirectexit('board=' . $board . '.0');
} else {
redirectexit('topic=' . $topic . '.0');
}
}
function shd_admin_canned_movereplycat()
{
global $context, $smcFunc, $txt, $sourcedir, $scripturl;
// Before we go any further, establish that the user specified a reply to move and that there is at least one category not including the one the reply is in.
$_REQUEST['reply'] = isset($_REQUEST['reply']) ? (int) $_REQUEST['reply'] : 0;
if (empty($_REQUEST['reply']) || $_REQUEST['reply'] < 0) {
fatal_lang_error('shd_admin_cannedreplies_thereplyisalie', false);
}
$query = $smcFunc['db_query']('', '
SELECT id_cat, reply_order
FROM {db_prefix}helpdesk_cannedreplies
WHERE id_reply = {int:reply}', array('reply' => $_REQUEST['reply']));
if ($smcFunc['db_num_rows']($query) == 0) {
fatal_lang_error('shd_admin_cannedreplies_thereplyisalie', false);
}
list($current_cat, $current_reply_pos) = $smcFunc['db_fetch_row']($query);
$smcFunc['db_free_result']($query);
// So, the reply exists. Now to check categories. We need to verify it regardless of calling context here, so might as well get the entire table.
$context['cannedreply_cats'] = array();
$query = $smcFunc['db_query']('', '
SELECT id_cat, cat_name
FROM {db_prefix}helpdesk_cannedreplies_cats
WHERE id_cat != {int:current_cat}
ORDER BY cat_order', array('current_cat' => $current_cat));
if ($smcFunc['db_num_rows']($query) == 0) {
fatal_lang_error('shd_admin_cannedreplies_onlyonecat', false);
}
while ($row = $smcFunc['db_fetch_assoc']($query)) {
$context['cannedreply_cats'][$row['id_cat']] = $row['cat_name'];
}
$smcFunc['db_free_result']($query);
// So, either we're moving, or we're displaying the form. Either way, it's time to make that decision.
if (empty($_GET['part']) || $_GET['part'] != '2') {
$context['page_title'] = $txt['shd_admin_cannedreplies_move_between_cat'];
$context['sub_template'] = 'shd_move_reply_cat';
checkSubmitOnce('register');
} else {
// OK, so they're moving. We know the reply exists, we know the possible list of departments they can move to.
// 1. Is the new department valid?
$_REQUEST['newcat'] = isset($_REQUEST['newcat']) ? (int) $_REQUEST['newcat'] : 0;
if (!isset($context['cannedreply_cats'][$_REQUEST['newcat']])) {
fatal_lang_error('shd_admin_cannedreplies_destnoexist', false);
}
// 1a. Everything is valid, just double check it's not a random double submission.
checkSubmitOnce('check');
// 2. Everything's OK. Figure out where the reply will move to in the new category.
$query = $smcFunc['db_query']('', '
SELECT MAX(reply_order)
FROM {db_prefix}helpdesk_cannedreplies
WHERE id_cat = {int:newcat}', array('newcat' => $_REQUEST['newcat']));
list($newpos) = $smcFunc['db_fetch_row']($query);
$smcFunc['db_free_result']($query);
// 3. Move the reply.
$smcFunc['db_query']('', '
UPDATE {db_prefix}helpdesk_cannedreplies
SET id_cat = {int:newcat},
reply_order = {int:newpos}
WHERE id_reply = {int:reply}', array('newcat' => $_REQUEST['newcat'], 'newpos' => (int) $newpos + 1, 'reply' => $_REQUEST['reply']));
// 4. Shunt the rest back down.
$smcFunc['db_query']('', '
UPDATE {db_prefix}helpdesk_cannedreplies
SET reply_order = reply_order - 1
WHERE id_cat = {int:current_cat}
AND reply_order > {int:current_pos}', array('current_cat' => $current_cat, 'current_pos' => $current_reply_pos));
// 5. Scram.
redirectexit('action=admin;area=helpdesk_cannedreplies');
}
}
function Display()
{
global $scripturl, $txt, $modSettings, $context, $settings;
global $options, $sourcedir, $user_info, $board_info, $topic, $board;
global $attachments, $messages_request, $topicinfo, $language, $smcFunc;
// What are you gonna display if these are empty?!
if (empty($topic)) {
fatal_lang_error('no_board', false);
}
// Load the proper template and/or sub template.
if (WIRELESS) {
$context['sub_template'] = WIRELESS_PROTOCOL . '_display';
} else {
loadTemplate('Display');
}
// Not only does a prefetch make things slower for the server, but it makes it impossible to know if they read it.
if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch') {
ob_end_clean();
header('HTTP/1.1 403 Prefetch Forbidden');
die;
}
// How much are we sticking on each page?
$context['messages_per_page'] = empty($modSettings['disableCustomPerPage']) && !empty($options['messages_per_page']) && !WIRELESS ? $options['messages_per_page'] : $modSettings['defaultMaxMessages'];
// Let's do some work on what to search index.
if (count($_GET) > 2) {
foreach ($_GET as $k => $v) {
if (!in_array($k, array('topic', 'board', 'start', session_name()))) {
$context['robot_no_index'] = true;
}
}
}
if (!empty($_REQUEST['start']) && (!is_numeric($_REQUEST['start']) || $_REQUEST['start'] % $context['messages_per_page'] != 0)) {
$context['robot_no_index'] = true;
}
// Find the previous or next topic. Make a fuss if there are no more.
if (isset($_REQUEST['prev_next']) && ($_REQUEST['prev_next'] == 'prev' || $_REQUEST['prev_next'] == 'next')) {
// No use in calculating the next topic if there's only one.
if ($board_info['num_topics'] > 1) {
// Just prepare some variables that are used in the query.
$gt_lt = $_REQUEST['prev_next'] == 'prev' ? '>' : '<';
$order = $_REQUEST['prev_next'] == 'prev' ? '' : ' DESC';
$request = $smcFunc['db_query']('', '
SELECT t2.id_topic
FROM {db_prefix}topics AS t
INNER JOIN {db_prefix}topics AS t2 ON (' . (empty($modSettings['enableStickyTopics']) ? '
t2.id_last_msg ' . $gt_lt . ' t.id_last_msg' : '
(t2.id_last_msg ' . $gt_lt . ' t.id_last_msg AND t2.is_sticky ' . $gt_lt . '= t.is_sticky) OR t2.is_sticky ' . $gt_lt . ' t.is_sticky') . ')
WHERE t.id_topic = {int:current_topic}
AND t2.id_board = {int:current_board}' . (!$modSettings['postmod_active'] || allowedTo('approve_posts') ? '' : '
AND (t2.approved = {int:is_approved} OR (t2.id_member_started != {int:id_member_started} AND t2.id_member_started = {int:current_member}))') . '
ORDER BY' . (empty($modSettings['enableStickyTopics']) ? '' : ' t2.is_sticky' . $order . ',') . ' t2.id_last_msg' . $order . '
LIMIT 1', array('current_board' => $board, 'current_member' => $user_info['id'], 'current_topic' => $topic, 'is_approved' => 1, 'id_member_started' => 0));
// No more left.
if ($smcFunc['db_num_rows']($request) == 0) {
$smcFunc['db_free_result']($request);
// Roll over - if we're going prev, get the last - otherwise the first.
$request = $smcFunc['db_query']('', '
SELECT id_topic
FROM {db_prefix}topics
WHERE id_board = {int:current_board}' . (!$modSettings['postmod_active'] || allowedTo('approve_posts') ? '' : '
AND (approved = {int:is_approved} OR (id_member_started != {int:id_member_started} AND id_member_started = {int:current_member}))') . '
ORDER BY' . (empty($modSettings['enableStickyTopics']) ? '' : ' is_sticky' . $order . ',') . ' id_last_msg' . $order . '
LIMIT 1', array('current_board' => $board, 'current_member' => $user_info['id'], 'is_approved' => 1, 'id_member_started' => 0));
}
// Now you can be sure $topic is the id_topic to view.
list($topic) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
$context['current_topic'] = $topic;
}
// Go to the newest message on this topic.
$_REQUEST['start'] = 'new';
}
// Add 1 to the number of views of this topic.
if (empty($_SESSION['last_read_topic']) || $_SESSION['last_read_topic'] != $topic) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}topics
SET num_views = num_views + 1
WHERE id_topic = {int:current_topic}', array('current_topic' => $topic));
$_SESSION['last_read_topic'] = $topic;
}
// Get all the important topic info.
$request = $smcFunc['db_query']('', '
SELECT
t.num_replies, t.num_views, t.locked, ms.subject, t.is_sticky, t.id_poll,
t.id_member_started, t.id_first_msg, t.id_last_msg, t.approved, t.unapproved_posts,
' . ($user_info['is_guest'] ? 't.id_last_msg + 1' : 'IFNULL(lt.id_msg, IFNULL(lmr.id_msg, -1)) + 1') . ' AS new_from
' . (!empty($modSettings['recycle_board']) && $modSettings['recycle_board'] == $board ? ', id_previous_board, id_previous_topic' : '') . '
FROM {db_prefix}topics AS t
INNER JOIN {db_prefix}messages AS ms ON (ms.id_msg = t.id_first_msg)' . ($user_info['is_guest'] ? '' : '
LEFT JOIN {db_prefix}log_topics AS lt ON (lt.id_topic = {int:current_topic} AND lt.id_member = {int:current_member})
LEFT JOIN {db_prefix}log_mark_read AS lmr ON (lmr.id_board = {int:current_board} AND lmr.id_member = {int:current_member})') . '
WHERE t.id_topic = {int:current_topic}
LIMIT 1', array('current_member' => $user_info['id'], 'current_topic' => $topic, 'current_board' => $board));
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('not_a_topic', false);
}
$topicinfo = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
$context['real_num_replies'] = $context['num_replies'] = $topicinfo['num_replies'];
$context['topic_first_message'] = $topicinfo['id_first_msg'];
$context['topic_last_message'] = $topicinfo['id_last_msg'];
// Add up unapproved replies to get real number of replies...
if ($modSettings['postmod_active'] && allowedTo('approve_posts')) {
$context['real_num_replies'] += $topicinfo['unapproved_posts'] - ($topicinfo['approved'] ? 0 : 1);
}
// If this topic has unapproved posts, we need to work out how many posts the user can see, for page indexing.
if ($modSettings['postmod_active'] && $topicinfo['unapproved_posts'] && !$user_info['is_guest'] && !allowedTo('approve_posts')) {
$request = $smcFunc['db_query']('', '
SELECT COUNT(id_member) AS my_unapproved_posts
FROM {db_prefix}messages
WHERE id_topic = {int:current_topic}
AND id_member = {int:current_member}
AND approved = 0', array('current_topic' => $topic, 'current_member' => $user_info['id']));
list($myUnapprovedPosts) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
$context['total_visible_posts'] = $context['num_replies'] + $myUnapprovedPosts + ($topicinfo['approved'] ? 1 : 0);
} else {
$context['total_visible_posts'] = $context['num_replies'] + $topicinfo['unapproved_posts'] + ($topicinfo['approved'] ? 1 : 0);
}
// When was the last time this topic was replied to? Should we warn them about it?
$request = $smcFunc['db_query']('', '
SELECT poster_time
FROM {db_prefix}messages
WHERE id_msg = {int:id_last_msg}
LIMIT 1', array('id_last_msg' => $topicinfo['id_last_msg']));
list($lastPostTime) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
$context['oldTopicError'] = !empty($modSettings['oldTopicDays']) && $lastPostTime + $modSettings['oldTopicDays'] * 86400 < time() && empty($sticky);
// The start isn't a number; it's information about what to do, where to go.
if (!is_numeric($_REQUEST['start'])) {
// Redirect to the page and post with new messages, originally by Omar Bazavilvazo.
if ($_REQUEST['start'] == 'new') {
// Guests automatically go to the last post.
if ($user_info['is_guest']) {
$context['start_from'] = $context['total_visible_posts'] - 1;
$_REQUEST['start'] = empty($options['view_newest_first']) ? $context['start_from'] : 0;
} else {
// Find the earliest unread message in the topic. (the use of topics here is just for both tables.)
$request = $smcFunc['db_query']('', '
SELECT IFNULL(lt.id_msg, IFNULL(lmr.id_msg, -1)) + 1 AS new_from
FROM {db_prefix}topics AS t
LEFT JOIN {db_prefix}log_topics AS lt ON (lt.id_topic = {int:current_topic} AND lt.id_member = {int:current_member})
LEFT JOIN {db_prefix}log_mark_read AS lmr ON (lmr.id_board = {int:current_board} AND lmr.id_member = {int:current_member})
WHERE t.id_topic = {int:current_topic}
LIMIT 1', array('current_board' => $board, 'current_member' => $user_info['id'], 'current_topic' => $topic));
list($new_from) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
// Fall through to the next if statement.
$_REQUEST['start'] = 'msg' . $new_from;
}
}
// Start from a certain time index, not a message.
if (substr($_REQUEST['start'], 0, 4) == 'from') {
$timestamp = (int) substr($_REQUEST['start'], 4);
if ($timestamp === 0) {
$_REQUEST['start'] = 0;
} else {
// Find the number of messages posted before said time...
$request = $smcFunc['db_query']('', '
SELECT COUNT(*)
FROM {db_prefix}messages
WHERE poster_time < {int:timestamp}
AND id_topic = {int:current_topic}' . ($modSettings['postmod_active'] && $topicinfo['unapproved_posts'] && !allowedTo('approve_posts') ? '
AND (approved = {int:is_approved}' . ($user_info['is_guest'] ? '' : ' OR id_member = {int:current_member}') . ')' : ''), array('current_topic' => $topic, 'current_member' => $user_info['id'], 'is_approved' => 1, 'timestamp' => $timestamp));
list($context['start_from']) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
// Handle view_newest_first options, and get the correct start value.
$_REQUEST['start'] = empty($options['view_newest_first']) ? $context['start_from'] : $context['total_visible_posts'] - $context['start_from'] - 1;
}
} elseif (substr($_REQUEST['start'], 0, 3) == 'msg') {
$virtual_msg = (int) substr($_REQUEST['start'], 3);
if (!$topicinfo['unapproved_posts'] && $virtual_msg >= $topicinfo['id_last_msg']) {
$context['start_from'] = $context['total_visible_posts'] - 1;
} elseif (!$topicinfo['unapproved_posts'] && $virtual_msg <= $topicinfo['id_first_msg']) {
$context['start_from'] = 0;
} else {
// Find the start value for that message......
$request = $smcFunc['db_query']('', '
SELECT COUNT(*)
FROM {db_prefix}messages
WHERE id_msg < {int:virtual_msg}
AND id_topic = {int:current_topic}' . ($modSettings['postmod_active'] && $topicinfo['unapproved_posts'] && !allowedTo('approve_posts') ? '
AND (approved = {int:is_approved}' . ($user_info['is_guest'] ? '' : ' OR id_member = {int:current_member}') . ')' : ''), array('current_member' => $user_info['id'], 'current_topic' => $topic, 'virtual_msg' => $virtual_msg, 'is_approved' => 1, 'no_member' => 0));
list($context['start_from']) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
}
// We need to reverse the start as well in this case.
$_REQUEST['start'] = empty($options['view_newest_first']) ? $context['start_from'] : $context['total_visible_posts'] - $context['start_from'] - 1;
}
}
// Create a previous next string if the selected theme has it as a selected option.
$context['previous_next'] = $modSettings['enablePreviousNext'] ? '<a href="' . $scripturl . '?topic=' . $topic . '.0;prev_next=prev#new">' . $txt['previous_next_back'] . '</a> <a href="' . $scripturl . '?topic=' . $topic . '.0;prev_next=next#new">' . $txt['previous_next_forward'] . '</a>' : '';
// Check if spellchecking is both enabled and actually working. (for quick reply.)
$context['show_spellchecking'] = !empty($modSettings['enableSpellChecking']) && function_exists('pspell_new');
// Do we need to show the visual verification image?
$context['require_verification'] = !$user_info['is_mod'] && !$user_info['is_admin'] && !empty($modSettings['posts_require_captcha']) && ($user_info['posts'] < $modSettings['posts_require_captcha'] || $user_info['is_guest'] && $modSettings['posts_require_captcha'] == -1);
if ($context['require_verification']) {
require_once $sourcedir . '/Subs-Editor.php';
$verificationOptions = array('id' => 'post');
$context['require_verification'] = create_control_verification($verificationOptions);
$context['visual_verification_id'] = $verificationOptions['id'];
}
// Are we showing signatures - or disabled fields?
$context['signature_enabled'] = substr($modSettings['signature_settings'], 0, 1) == 1;
$context['disabled_fields'] = isset($modSettings['disabled_profile_fields']) ? array_flip(explode(',', $modSettings['disabled_profile_fields'])) : array();
// Censor the title...
censorText($topicinfo['subject']);
$context['page_title'] = $topicinfo['subject'];
// Is this already an article?
$request = $smcFunc['db_query']('', '
SELECT id_message
FROM {db_prefix}sp_articles
WHERE id_message = {int:message}', array('message' => $context['topic_first_message']));
list($context['topic_is_article']) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
// Is this topic sticky, or can it even be?
$topicinfo['is_sticky'] = empty($modSettings['enableStickyTopics']) ? '0' : $topicinfo['is_sticky'];
// Default this topic to not marked for notifications... of course...
$context['is_marked_notify'] = false;
// Did we report a post to a moderator just now?
$context['report_sent'] = isset($_GET['reportsent']);
// Let's get nosey, who is viewing this topic?
if (!empty($settings['display_who_viewing'])) {
// Start out with no one at all viewing it.
$context['view_members'] = array();
$context['view_members_list'] = array();
$context['view_num_hidden'] = 0;
// Search for members who have this topic set in their GET data.
$request = $smcFunc['db_query']('', '
SELECT
lo.id_member, lo.log_time, mem.real_name, mem.member_name, mem.show_online,
mg.online_color, mg.id_group, mg.group_name
FROM {db_prefix}log_online AS lo
LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = lo.id_member)
LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = CASE WHEN mem.id_group = {int:reg_id_group} THEN mem.id_post_group ELSE mem.id_group END)
WHERE INSTR(lo.url, {string:in_url_string}) > 0 OR lo.session = {string:session}', array('reg_id_group' => 0, 'in_url_string' => 's:5:"topic";i:' . $topic . ';', 'session' => $user_info['is_guest'] ? 'ip' . $user_info['ip'] : session_id()));
while ($row = $smcFunc['db_fetch_assoc']($request)) {
if (empty($row['id_member'])) {
continue;
}
if (!empty($row['online_color'])) {
$link = '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '" style="color: ' . $row['online_color'] . ';">' . $row['real_name'] . '</a>';
} else {
$link = '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>';
}
$is_buddy = in_array($row['id_member'], $user_info['buddies']);
if ($is_buddy) {
$link = '<strong>' . $link . '</strong>';
}
// Add them both to the list and to the more detailed list.
if (!empty($row['show_online']) || allowedTo('moderate_forum')) {
$context['view_members_list'][$row['log_time'] . $row['member_name']] = empty($row['show_online']) ? '<em>' . $link . '</em>' : $link;
}
$context['view_members'][$row['log_time'] . $row['member_name']] = array('id' => $row['id_member'], 'username' => $row['member_name'], 'name' => $row['real_name'], 'group' => $row['id_group'], 'href' => $scripturl . '?action=profile;u=' . $row['id_member'], 'link' => $link, 'is_buddy' => $is_buddy, 'hidden' => empty($row['show_online']));
if (empty($row['show_online'])) {
$context['view_num_hidden']++;
}
}
// The number of guests is equal to the rows minus the ones we actually used ;).
$context['view_num_guests'] = $smcFunc['db_num_rows']($request) - count($context['view_members']);
$smcFunc['db_free_result']($request);
// Sort the list.
krsort($context['view_members']);
krsort($context['view_members_list']);
}
// If all is set, but not allowed... just unset it.
$can_show_all = !empty($modSettings['enableAllMessages']) && $context['total_visible_posts'] > $context['messages_per_page'] && $context['total_visible_posts'] < $modSettings['enableAllMessages'];
if (isset($_REQUEST['all']) && !$can_show_all) {
unset($_REQUEST['all']);
} elseif (isset($_REQUEST['all'])) {
$_REQUEST['start'] = -1;
}
// Construct the page index, allowing for the .START method...
$context['page_index'] = constructPageIndex($scripturl . '?topic=' . $topic . '.%1$d', $_REQUEST['start'], $context['total_visible_posts'], $context['messages_per_page'], true);
$context['start'] = $_REQUEST['start'];
// This is information about which page is current, and which page we're on - in case you don't like the constructed page index. (again, wireles..)
$context['page_info'] = array('current_page' => $_REQUEST['start'] / $context['messages_per_page'] + 1, 'num_pages' => floor(($context['total_visible_posts'] - 1) / $context['messages_per_page']) + 1);
// Figure out all the link to the next/prev/first/last/etc. for wireless mainly.
$context['links'] = array('first' => $_REQUEST['start'] >= $context['messages_per_page'] ? $scripturl . '?topic=' . $topic . '.0' : '', 'prev' => $_REQUEST['start'] >= $context['messages_per_page'] ? $scripturl . '?topic=' . $topic . '.' . ($_REQUEST['start'] - $context['messages_per_page']) : '', 'next' => $_REQUEST['start'] + $context['messages_per_page'] < $context['total_visible_posts'] ? $scripturl . '?topic=' . $topic . '.' . ($_REQUEST['start'] + $context['messages_per_page']) : '', 'last' => $_REQUEST['start'] + $context['messages_per_page'] < $context['total_visible_posts'] ? $scripturl . '?topic=' . $topic . '.' . floor($context['total_visible_posts'] / $context['messages_per_page']) * $context['messages_per_page'] : '', 'up' => $scripturl . '?board=' . $board . '.0');
// If they are viewing all the posts, show all the posts, otherwise limit the number.
if ($can_show_all) {
if (isset($_REQUEST['all'])) {
// No limit! (actually, there is a limit, but...)
$context['messages_per_page'] = -1;
$context['page_index'] .= empty($modSettings['compactTopicPagesEnable']) ? '<strong>' . $txt['all'] . '</strong> ' : '[<strong>' . $txt['all'] . '</strong>] ';
// Set start back to 0...
$_REQUEST['start'] = 0;
} else {
$context['page_index'] .= ' <a href="' . $scripturl . '?topic=' . $topic . '.0;all">' . $txt['all'] . '</a> ';
}
}
// Build the link tree.
$context['linktree'][] = array('url' => $scripturl . '?topic=' . $topic . '.0', 'name' => $topicinfo['subject'], 'extra_before' => $settings['linktree_inline'] ? $txt['topic'] . ': ' : '');
// Build a list of this board's moderators.
$context['moderators'] =& $board_info['moderators'];
$context['link_moderators'] = array();
if (!empty($board_info['moderators'])) {
// Add a link for each moderator...
foreach ($board_info['moderators'] as $mod) {
$context['link_moderators'][] = '<a href="' . $scripturl . '?action=profile;u=' . $mod['id'] . '" title="' . $txt['board_moderator'] . '">' . $mod['name'] . '</a>';
}
// And show it after the board's name.
$context['linktree'][count($context['linktree']) - 2]['extra_after'] = ' (' . (count($context['link_moderators']) == 1 ? $txt['moderator'] : $txt['moderators']) . ': ' . implode(', ', $context['link_moderators']) . ')';
}
// Information about the current topic...
$context['is_locked'] = $topicinfo['locked'];
$context['is_sticky'] = $topicinfo['is_sticky'];
$context['is_very_hot'] = $topicinfo['num_replies'] >= $modSettings['hotTopicVeryPosts'];
$context['is_hot'] = $topicinfo['num_replies'] >= $modSettings['hotTopicPosts'];
$context['is_approved'] = $topicinfo['approved'];
// We don't want to show the poll icon in the topic class here, so pretend it's not one.
$context['is_poll'] = false;
determineTopicClass($context);
$context['is_poll'] = $topicinfo['id_poll'] > 0 && $modSettings['pollMode'] == '1' && allowedTo('poll_view');
// Did this user start the topic or not?
$context['user']['started'] = $user_info['id'] == $topicinfo['id_member_started'] && !$user_info['is_guest'];
$context['topic_starter_id'] = $topicinfo['id_member_started'];
// Set the topic's information for the template.
$context['subject'] = $topicinfo['subject'];
$context['num_views'] = $topicinfo['num_views'];
$context['mark_unread_time'] = $topicinfo['new_from'];
// Set a canonical URL for this page.
$context['canonical_url'] = $scripturl . '?topic=' . $topic . '.' . $context['start'];
// For quick reply we need a response prefix in the default forum language.
if (!isset($context['response_prefix']) && !($context['response_prefix'] = cache_get_data('response_prefix', 600))) {
if ($language === $user_info['language']) {
$context['response_prefix'] = $txt['response_prefix'];
} else {
loadLanguage('index', $language, false);
$context['response_prefix'] = $txt['response_prefix'];
loadLanguage('index');
}
cache_put_data('response_prefix', $context['response_prefix'], 600);
}
// If we want to show event information in the topic, prepare the data.
if (allowedTo('calendar_view') && !empty($modSettings['cal_showInTopic']) && !empty($modSettings['cal_enabled'])) {
// First, try create a better time format, ignoring the "time" elements.
if (preg_match('~%[AaBbCcDdeGghjmuYy](?:[^%]*%[AaBbCcDdeGghjmuYy])*~', $user_info['time_format'], $matches) == 0 || empty($matches[0])) {
$date_string = $user_info['time_format'];
} else {
$date_string = $matches[0];
}
// Any calendar information for this topic?
$request = $smcFunc['db_query']('', '
SELECT cal.id_event, cal.start_date, cal.end_date, cal.title, cal.id_member, mem.real_name
FROM {db_prefix}calendar AS cal
LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = cal.id_member)
WHERE cal.id_topic = {int:current_topic}
ORDER BY start_date', array('current_topic' => $topic));
$context['linked_calendar_events'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
// Prepare the dates for being formatted.
$start_date = sscanf($row['start_date'], '%04d-%02d-%02d');
$start_date = mktime(12, 0, 0, $start_date[1], $start_date[2], $start_date[0]);
$end_date = sscanf($row['end_date'], '%04d-%02d-%02d');
$end_date = mktime(12, 0, 0, $end_date[1], $end_date[2], $end_date[0]);
$context['linked_calendar_events'][] = array('id' => $row['id_event'], 'title' => $row['title'], 'can_edit' => allowedTo('calendar_edit_any') || $row['id_member'] == $user_info['id'] && allowedTo('calendar_edit_own'), 'modify_href' => $scripturl . '?action=post;msg=' . $topicinfo['id_first_msg'] . ';topic=' . $topic . '.0;calendar;eventid=' . $row['id_event'] . ';' . $context['session_var'] . '=' . $context['session_id'], 'start_date' => timeformat($start_date, $date_string, 'none'), 'start_timestamp' => $start_date, 'end_date' => timeformat($end_date, $date_string, 'none'), 'end_timestamp' => $end_date, 'is_last' => false);
}
$smcFunc['db_free_result']($request);
if (!empty($context['linked_calendar_events'])) {
$context['linked_calendar_events'][count($context['linked_calendar_events']) - 1]['is_last'] = true;
}
}
// Create the poll info if it exists.
if ($context['is_poll']) {
// Get the question and if it's locked.
$request = $smcFunc['db_query']('', '
SELECT
p.question, p.voting_locked, p.hide_results, p.expire_time, p.max_votes, p.change_vote,
p.guest_vote, p.id_member, IFNULL(mem.real_name, p.poster_name) AS poster_name, p.num_guest_voters, p.reset_poll
FROM {db_prefix}polls AS p
LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = p.id_member)
WHERE p.id_poll = {int:id_poll}
LIMIT 1', array('id_poll' => $topicinfo['id_poll']));
$pollinfo = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
$request = $smcFunc['db_query']('', '
SELECT COUNT(DISTINCT id_member) AS total
FROM {db_prefix}log_polls
WHERE id_poll = {int:id_poll}
AND id_member != {int:not_guest}', array('id_poll' => $topicinfo['id_poll'], 'not_guest' => 0));
list($pollinfo['total']) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
// Total voters needs to include guest voters
$pollinfo['total'] += $pollinfo['num_guest_voters'];
// Get all the options, and calculate the total votes.
$request = $smcFunc['db_query']('', '
SELECT pc.id_choice, pc.label, pc.votes, IFNULL(lp.id_choice, -1) AS voted_this
FROM {db_prefix}poll_choices AS pc
LEFT JOIN {db_prefix}log_polls AS lp ON (lp.id_choice = pc.id_choice AND lp.id_poll = {int:id_poll} AND lp.id_member = {int:current_member} AND lp.id_member != {int:not_guest})
WHERE pc.id_poll = {int:id_poll}', array('current_member' => $user_info['id'], 'id_poll' => $topicinfo['id_poll'], 'not_guest' => 0));
$pollOptions = array();
$realtotal = 0;
$pollinfo['has_voted'] = false;
while ($row = $smcFunc['db_fetch_assoc']($request)) {
censorText($row['label']);
$pollOptions[$row['id_choice']] = $row;
$realtotal += $row['votes'];
$pollinfo['has_voted'] |= $row['voted_this'] != -1;
}
$smcFunc['db_free_result']($request);
// If this is a guest we need to do our best to work out if they have voted, and what they voted for.
if ($user_info['is_guest'] && $pollinfo['guest_vote'] && allowedTo('poll_vote')) {
if (!empty($_COOKIE['guest_poll_vote']) && preg_match('~^[0-9,;]+$~', $_COOKIE['guest_poll_vote']) && strpos($_COOKIE['guest_poll_vote'], ';' . $topicinfo['id_poll'] . ',') !== false) {
// ;id,timestamp,[vote,vote...]; etc
$guestinfo = explode(';', $_COOKIE['guest_poll_vote']);
// Find the poll we're after.
foreach ($guestinfo as $i => $guestvoted) {
$guestvoted = explode(',', $guestvoted);
if ($guestvoted[0] == $topicinfo['id_poll']) {
break;
}
}
// Has the poll been reset since guest voted?
if ($pollinfo['reset_poll'] > $guestvoted[1]) {
// Remove the poll info from the cookie to allow guest to vote again
unset($guestinfo[$i]);
if (!empty($guestinfo)) {
$_COOKIE['guest_poll_vote'] = ';' . implode(';', $guestinfo);
} else {
unset($_COOKIE['guest_poll_vote']);
}
} else {
// What did they vote for?
unset($guestvoted[0], $guestvoted[1]);
foreach ($pollOptions as $choice => $details) {
$pollOptions[$choice]['voted_this'] = in_array($choice, $guestvoted) ? 1 : -1;
$pollinfo['has_voted'] |= $pollOptions[$choice]['voted_this'] != -1;
}
unset($choice, $details, $guestvoted);
}
unset($guestinfo, $guestvoted, $i);
}
}
// Set up the basic poll information.
$context['poll'] = array('id' => $topicinfo['id_poll'], 'image' => 'normal_' . (empty($pollinfo['voting_locked']) ? 'poll' : 'locked_poll'), 'question' => parse_bbc($pollinfo['question']), 'total_votes' => $pollinfo['total'], 'change_vote' => !empty($pollinfo['change_vote']), 'is_locked' => !empty($pollinfo['voting_locked']), 'options' => array(), 'lock' => allowedTo('poll_lock_any') || $context['user']['started'] && allowedTo('poll_lock_own'), 'edit' => allowedTo('poll_edit_any') || $context['user']['started'] && allowedTo('poll_edit_own'), 'allowed_warning' => $pollinfo['max_votes'] > 1 ? sprintf($txt['poll_options6'], min(count($pollOptions), $pollinfo['max_votes'])) : '', 'is_expired' => !empty($pollinfo['expire_time']) && $pollinfo['expire_time'] < time(), 'expire_time' => !empty($pollinfo['expire_time']) ? timeformat($pollinfo['expire_time']) : 0, 'has_voted' => !empty($pollinfo['has_voted']), 'starter' => array('id' => $pollinfo['id_member'], 'name' => $row['poster_name'], 'href' => $pollinfo['id_member'] == 0 ? '' : $scripturl . '?action=profile;u=' . $pollinfo['id_member'], 'link' => $pollinfo['id_member'] == 0 ? $row['poster_name'] : '<a href="' . $scripturl . '?action=profile;u=' . $pollinfo['id_member'] . '">' . $row['poster_name'] . '</a>'));
// Make the lock and edit permissions defined above more directly accessible.
$context['allow_lock_poll'] = $context['poll']['lock'];
$context['allow_edit_poll'] = $context['poll']['edit'];
// You're allowed to vote if:
// 1. the poll did not expire, and
// 2. you're either not a guest OR guest voting is enabled... and
// 3. you're not trying to view the results, and
// 4. the poll is not locked, and
// 5. you have the proper permissions, and
// 6. you haven't already voted before.
$context['allow_vote'] = !$context['poll']['is_expired'] && (!$user_info['is_guest'] || $pollinfo['guest_vote'] && allowedTo('poll_vote')) && empty($pollinfo['voting_locked']) && allowedTo('poll_vote') && !$context['poll']['has_voted'];
// You're allowed to view the results if:
// 1. you're just a super-nice-guy, or
// 2. anyone can see them (hide_results == 0), or
// 3. you can see them after you voted (hide_results == 1), or
// 4. you've waited long enough for the poll to expire. (whether hide_results is 1 or 2.)
$context['allow_poll_view'] = allowedTo('moderate_board') || $pollinfo['hide_results'] == 0 || $pollinfo['hide_results'] == 1 && $context['poll']['has_voted'] || $context['poll']['is_expired'];
$context['poll']['show_results'] = $context['allow_poll_view'] && (isset($_REQUEST['viewresults']) || isset($_REQUEST['viewResults']));
$context['show_view_results_button'] = $context['allow_vote'] && (!$context['allow_poll_view'] || !$context['poll']['show_results'] || !$context['poll']['has_voted']);
// You're allowed to change your vote if:
// 1. the poll did not expire, and
// 2. you're not a guest... and
// 3. the poll is not locked, and
// 4. you have the proper permissions, and
// 5. you have already voted, and
// 6. the poll creator has said you can!
$context['allow_change_vote'] = !$context['poll']['is_expired'] && !$user_info['is_guest'] && empty($pollinfo['voting_locked']) && allowedTo('poll_vote') && $context['poll']['has_voted'] && $context['poll']['change_vote'];
// You're allowed to return to voting options if:
// 1. you are (still) allowed to vote.
// 2. you are currently seeing the results.
$context['allow_return_vote'] = $context['allow_vote'] && $context['poll']['show_results'];
// Calculate the percentages and bar lengths...
$divisor = $realtotal == 0 ? 1 : $realtotal;
// Determine if a decimal point is needed in order for the options to add to 100%.
$precision = $realtotal == 100 ? 0 : 1;
// Now look through each option, and...
foreach ($pollOptions as $i => $option) {
// First calculate the percentage, and then the width of the bar...
$bar = round($option['votes'] * 100 / $divisor, $precision);
$barWide = $bar == 0 ? 1 : floor($bar * 8 / 3);
// Now add it to the poll's contextual theme data.
$context['poll']['options'][$i] = array('id' => 'options-' . $i, 'percent' => $bar, 'votes' => $option['votes'], 'voted_this' => $option['voted_this'] != -1, 'bar' => '<span style="white-space: nowrap;"><img src="' . $settings['images_url'] . '/poll_' . ($context['right_to_left'] ? 'right' : 'left') . '.gif" alt="" /><img src="' . $settings['images_url'] . '/poll_middle.gif" width="' . $barWide . '" height="12" alt="-" /><img src="' . $settings['images_url'] . '/poll_' . ($context['right_to_left'] ? 'left' : 'right') . '.gif" alt="" /></span>', 'bar_ndt' => $bar > 0 ? '<div class="bar" style="width: ' . ($bar * 3.5 + 4) . 'px;"><div style="width: ' . $bar * 3.5 . 'px;"></div></div>' : '', 'bar_width' => $barWide, 'option' => parse_bbc($option['label']), 'vote_button' => '<input type="' . ($pollinfo['max_votes'] > 1 ? 'checkbox' : 'radio') . '" name="options[]" id="options-' . $i . '" value="' . $i . '" class="input_' . ($pollinfo['max_votes'] > 1 ? 'check' : 'radio') . '" />');
}
}
// Calculate the fastest way to get the messages!
$ascending = empty($options['view_newest_first']);
$start = $_REQUEST['start'];
$limit = $context['messages_per_page'];
$firstIndex = 0;
if ($start >= $context['total_visible_posts'] / 2 && $context['messages_per_page'] != -1) {
$ascending = !$ascending;
$limit = $context['total_visible_posts'] <= $start + $limit ? $context['total_visible_posts'] - $start : $limit;
$start = $context['total_visible_posts'] <= $start + $limit ? 0 : $context['total_visible_posts'] - $start - $limit;
$firstIndex = $limit - 1;
}
// Get each post and poster in this topic.
$request = $smcFunc['db_query']('display_get_post_poster', '
SELECT id_msg, id_member, approved
FROM {db_prefix}messages
WHERE id_topic = {int:current_topic}' . (!$modSettings['postmod_active'] || allowedTo('approve_posts') ? '' : (!empty($modSettings['db_mysql_group_by_fix']) ? '' : '
GROUP BY id_msg') . '
HAVING (approved = {int:is_approved}' . ($user_info['is_guest'] ? '' : ' OR id_member = {int:current_member}') . ')') . '
ORDER BY id_msg ' . ($ascending ? '' : 'DESC') . ($context['messages_per_page'] == -1 ? '' : '
LIMIT ' . $start . ', ' . $limit), array('current_member' => $user_info['id'], 'current_topic' => $topic, 'is_approved' => 1, 'blank_id_member' => 0));
$messages = array();
$all_posters = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
if (!empty($row['id_member'])) {
$all_posters[$row['id_msg']] = $row['id_member'];
}
$messages[] = $row['id_msg'];
}
$smcFunc['db_free_result']($request);
$posters = array_unique($all_posters);
// Guests can't mark topics read or for notifications, just can't sorry.
if (!$user_info['is_guest']) {
$mark_at_msg = max($messages);
if ($mark_at_msg >= $topicinfo['id_last_msg']) {
$mark_at_msg = $modSettings['maxMsgID'];
}
if ($mark_at_msg >= $topicinfo['new_from']) {
$smcFunc['db_insert']($topicinfo['new_from'] == 0 ? 'ignore' : 'replace', '{db_prefix}log_topics', array('id_member' => 'int', 'id_topic' => 'int', 'id_msg' => 'int'), array($user_info['id'], $topic, $mark_at_msg), array('id_member', 'id_topic'));
}
// Check for notifications on this topic OR board.
$request = $smcFunc['db_query']('', '
SELECT sent, id_topic
FROM {db_prefix}log_notify
WHERE (id_topic = {int:current_topic} OR id_board = {int:current_board})
AND id_member = {int:current_member}
LIMIT 2', array('current_board' => $board, 'current_member' => $user_info['id'], 'current_topic' => $topic));
$do_once = true;
while ($row = $smcFunc['db_fetch_assoc']($request)) {
// Find if this topic is marked for notification...
if (!empty($row['id_topic'])) {
$context['is_marked_notify'] = true;
}
// Only do this once, but mark the notifications as "not sent yet" for next time.
if (!empty($row['sent']) && $do_once) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}log_notify
SET sent = {int:is_not_sent}
WHERE (id_topic = {int:current_topic} OR id_board = {int:current_board})
AND id_member = {int:current_member}', array('current_board' => $board, 'current_member' => $user_info['id'], 'current_topic' => $topic, 'is_not_sent' => 0));
$do_once = false;
}
}
// Have we recently cached the number of new topics in this board, and it's still a lot?
if (isset($_REQUEST['topicseen']) && isset($_SESSION['topicseen_cache'][$board]) && $_SESSION['topicseen_cache'][$board] > 5) {
$_SESSION['topicseen_cache'][$board]--;
} elseif (isset($_REQUEST['topicseen'])) {
// Use the mark read tables... and the last visit to figure out if this should be read or not.
$request = $smcFunc['db_query']('', '
SELECT COUNT(*)
FROM {db_prefix}topics AS t
LEFT JOIN {db_prefix}log_boards AS lb ON (lb.id_board = {int:current_board} AND lb.id_member = {int:current_member})
LEFT JOIN {db_prefix}log_topics AS lt ON (lt.id_topic = t.id_topic AND lt.id_member = {int:current_member})
WHERE t.id_board = {int:current_board}
AND t.id_last_msg > IFNULL(lb.id_msg, 0)
AND t.id_last_msg > IFNULL(lt.id_msg, 0)' . (empty($_SESSION['id_msg_last_visit']) ? '' : '
AND t.id_last_msg > {int:id_msg_last_visit}'), array('current_board' => $board, 'current_member' => $user_info['id'], 'id_msg_last_visit' => (int) $_SESSION['id_msg_last_visit']));
list($numNewTopics) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
// If there're no real new topics in this board, mark the board as seen.
if (empty($numNewTopics)) {
$_REQUEST['boardseen'] = true;
} else {
$_SESSION['topicseen_cache'][$board] = $numNewTopics;
}
} elseif (isset($_SESSION['topicseen_cache'][$board])) {
$_SESSION['topicseen_cache'][$board]--;
}
// Mark board as seen if we came using last post link from BoardIndex. (or other places...)
if (isset($_REQUEST['boardseen'])) {
$smcFunc['db_insert']('replace', '{db_prefix}log_boards', array('id_msg' => 'int', 'id_member' => 'int', 'id_board' => 'int'), array($modSettings['maxMsgID'], $user_info['id'], $board), array('id_member', 'id_board'));
}
}
$attachments = array();
// If there _are_ messages here... (probably an error otherwise :!)
if (!empty($messages)) {
// Fetch attachments.
if (!empty($modSettings['attachmentEnable']) && allowedTo('view_attachments')) {
$request = $smcFunc['db_query']('', '
SELECT
a.id_attach, a.id_folder, a.id_msg, a.filename, a.file_hash, IFNULL(a.size, 0) AS filesize, a.downloads, a.approved,
a.width, a.height' . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : ',
IFNULL(thumb.id_attach, 0) AS id_thumb, thumb.width AS thumb_width, thumb.height AS thumb_height') . '
FROM {db_prefix}attachments AS a' . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : '
LEFT JOIN {db_prefix}attachments AS thumb ON (thumb.id_attach = a.id_thumb)') . '
WHERE a.id_msg IN ({array_int:message_list})
AND a.attachment_type = {int:attachment_type}', array('message_list' => $messages, 'attachment_type' => 0, 'is_approved' => 1));
$temp = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
if (!$row['approved'] && $modSettings['postmod_active'] && !allowedTo('approve_posts') && (!isset($all_posters[$row['id_msg']]) || $all_posters[$row['id_msg']] != $user_info['id'])) {
continue;
}
$temp[$row['id_attach']] = $row;
if (!isset($attachments[$row['id_msg']])) {
$attachments[$row['id_msg']] = array();
}
}
$smcFunc['db_free_result']($request);
// This is better than sorting it with the query...
ksort($temp);
foreach ($temp as $row) {
$attachments[$row['id_msg']][] = $row;
}
}
// What? It's not like it *couldn't* be only guests in this topic...
if (!empty($posters)) {
loadMemberData($posters);
}
$messages_request = $smcFunc['db_query']('', '
SELECT
id_msg, icon, subject, poster_time, poster_ip, id_member, modified_time, modified_name, body,
smileys_enabled, poster_name, poster_email, approved,
id_msg_modified < {int:new_from} AS is_read
FROM {db_prefix}messages
WHERE id_msg IN ({array_int:message_list})
ORDER BY id_msg' . (empty($options['view_newest_first']) ? '' : ' DESC'), array('message_list' => $messages, 'new_from' => $topicinfo['new_from']));
// Go to the last message if the given time is beyond the time of the last message.
if (isset($context['start_from']) && $context['start_from'] >= $topicinfo['num_replies']) {
$context['start_from'] = $topicinfo['num_replies'];
}
// Since the anchor information is needed on the top of the page we load these variables beforehand.
$context['first_message'] = isset($messages[$firstIndex]) ? $messages[$firstIndex] : $messages[0];
if (empty($options['view_newest_first'])) {
$context['first_new_message'] = isset($context['start_from']) && $_REQUEST['start'] == $context['start_from'];
} else {
$context['first_new_message'] = isset($context['start_from']) && $_REQUEST['start'] == $topicinfo['num_replies'] - $context['start_from'];
}
} else {
$messages_request = false;
$context['first_message'] = 0;
$context['first_new_message'] = false;
}
$context['jump_to'] = array('label' => addslashes(un_htmlspecialchars($txt['jump_to'])), 'board_name' => htmlspecialchars(strtr(strip_tags($board_info['name']), array('&' => '&'))), 'child_level' => $board_info['child_level']);
// Set the callback. (do you REALIZE how much memory all the messages would take?!?)
$context['get_message'] = 'prepareDisplayContext';
// Now set all the wonderful, wonderful permissions... like moderation ones...
$common_permissions = array('can_approve' => 'approve_posts', 'can_ban' => 'manage_bans', 'can_sticky' => 'make_sticky', 'can_merge' => 'merge_any', 'can_split' => 'split_any', 'calendar_post' => 'calendar_post', 'can_mark_notify' => 'mark_any_notify', 'can_send_topic' => 'send_topic', 'can_send_pm' => 'pm_send', 'can_report_moderator' => 'report_any', 'can_moderate_forum' => 'moderate_forum', 'can_issue_warning' => 'issue_warning', 'can_restore_topic' => 'move_any', 'can_restore_msg' => 'move_any');
foreach ($common_permissions as $contextual => $perm) {
$context[$contextual] = allowedTo($perm);
}
// Permissions with _any/_own versions. $context[YYY] => ZZZ_any/_own.
$anyown_permissions = array('can_move' => 'move', 'can_lock' => 'lock', 'can_delete' => 'remove', 'can_add_poll' => 'poll_add', 'can_remove_poll' => 'poll_remove', 'can_reply' => 'post_reply', 'can_reply_unapproved' => 'post_unapproved_replies');
foreach ($anyown_permissions as $contextual => $perm) {
$context[$contextual] = allowedTo($perm . '_any') || $context['user']['started'] && allowedTo($perm . '_own');
}
// Cleanup all the permissions with extra stuff...
$context['can_mark_notify'] &= !$context['user']['is_guest'];
$context['can_sticky'] &= !empty($modSettings['enableStickyTopics']);
$context['calendar_post'] &= !empty($modSettings['cal_enabled']);
$context['can_add_poll'] &= $modSettings['pollMode'] == '1' && $topicinfo['id_poll'] <= 0;
$context['can_remove_poll'] &= $modSettings['pollMode'] == '1' && $topicinfo['id_poll'] > 0;
$context['can_reply'] &= empty($topicinfo['locked']) || allowedTo('moderate_board');
$context['can_reply_unapproved'] &= $modSettings['postmod_active'] && (empty($topicinfo['locked']) || allowedTo('moderate_board'));
$context['can_issue_warning'] &= in_array('w', $context['admin_features']) && $modSettings['warning_settings'][0] == 1;
// Handle approval flags...
$context['can_reply_approved'] = $context['can_reply'];
$context['can_reply'] |= $context['can_reply_unapproved'];
$context['can_quote'] = $context['can_reply'] && (empty($modSettings['disabledBBC']) || !in_array('quote', explode(',', $modSettings['disabledBBC'])));
$context['can_mark_unread'] = !$user_info['is_guest'] && $settings['show_mark_read'];
$context['can_send_topic'] = (!$modSettings['postmod_active'] || $topicinfo['approved']) && allowedTo('send_topic');
// Start this off for quick moderation - it will be or'd for each post.
$context['can_remove_post'] = allowedTo('delete_any') || allowedTo('delete_replies') && $context['user']['started'];
// Can restore topic? That's if the topic is in the recycle board and has a previous restore state.
$context['can_restore_topic'] &= !empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] == $board && !empty($topicinfo['id_previous_board']);
$context['can_restore_msg'] &= !empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] == $board && !empty($topicinfo['id_previous_topic']);
// Wireless shows a "more" if you can do anything special.
if (WIRELESS && WIRELESS_PROTOCOL != 'wap') {
$context['wireless_more'] = $context['can_sticky'] || $context['can_lock'] || allowedTo('modify_any');
$context['wireless_moderate'] = isset($_GET['moderate']) ? ';moderate' : '';
}
// Load up the "double post" sequencing magic.
if (!empty($options['display_quick_reply'])) {
checkSubmitOnce('register');
$context['name'] = isset($_SESSION['guest_name']) ? $_SESSION['guest_name'] : '';
$context['email'] = isset($_SESSION['guest_email']) ? $_SESSION['guest_email'] : '';
}
}
/**
* Loads all the data and sets all the options for displaying a ticket.
*
* This function does a lot of work in setting up a ticket to be displayed:
* <ul>
* <li>Invokes shd_load_ticket() to get the principle data</li>
* <li>Creates $context['ticket'] to hold the data block, some of which is derived from the return of shd_load_ticket():
* <ul>
* <li>id: regular numeric ticket id</li>
* <li>display_id: zero padded ticket id (e.g. 00001)</li>
* <li>subject: censored version of the subject</li>
* <li>first_msg: id of the opening post that forms the ticket body</li>
* <li>body: formatted (parsed for smileys and bbcode) version of the ticket post</li>
* <li>id_member: user id of the ticket's poster</li>
* <li>id_member_assigned: user id of the ticket's assigned user</li>
* <li>member: hash array of the ticket poster's details:
* <ul>
* <li>id: their user id</li>
* <li>name: the name stated in the ticket post for that use</li>
* <li>link: link to the profile of the user</li>
* </ul>
* </li>
* <li>assigned: hash array of the assignee of the ticket:
* <ul>
* <li>id: their user id</li>
* <li>name: name of the assignee, or 'Unassigned'</li>
* <li>link: a full HTML link to their profile, or 'Unassigned' in red text</li>
* </ul>
* </li>
* <li>assigned_self: boolean, whether the ticket is assigned to the current user or not</li>
* <li>ticket_opener: boolean, whether the current user is the user who opened this ticket</li>
* <li>urgency: hash array
* <ul>
* <li>level: numeric identifier of current ticket urgency</li>
* <li>label: the HTML label of the urgency, including being in red for "Very High" or above</li>
* <li>increase: Boolean, whether the current ticket urgency can be increased given the current ticket state and user permissions</li>
* <li>decrease: Boolean, whether the current ticket urgency can be increased given the current ticket state and user permissions</li>
* </ul>
* </li>
* <li>status: hash array
* <ul>
* <li>level: numeric, current status identifier</li>
* <li>label: string representing the current status</li>
* </ul>
* <li>num_replies: the number of replies to the ticket so far</li>
* <li>deleted_replies: how many deleted replies in this ticket</li>
* <li>poster_time: formatted string containing the time the ticket was opened</li>
* <li>privacy: hash array
* <ul>
* <li>label: current label to be used with the privacy item</li>
* <li>can_change: Boolean, whether the user's permission with this ticket allows us to edit the ticket privacy</li>
* </ul>
* </li>
* <li>closed: Boolean, represents whether this ticket is closed (used a lot with the navigation menu)</li>
* <li>deleted: Boolean, represents whether this ticket is deleted (used a lot with the navigation menu)</li>
* <li>ip_address: IP address logged at the time the ticket was opened; if moderate_forum_members permission is available, this will be a link to the track IP area</li>
* <li>modified: if the ticket has been modified, also get the modified details:
* <ul>
* <li>id: user id who edited the ticket (not always available)</li>
* <li>time: formatted string of the time the post was edited</li>
* <li>timestamp: raw timestamp of the time the post was edited</li>
* <li>name: user name of the editing user; if we have a definite user id, this should contain the current name, falling back to the previously stored name</li>
* <li>link: if we have a known, valid user id for the post's editor, this will contain a link to their profile, with the link text using their current display name; alternatively it will contain a regular string which is the username stored with the edit.</li>
* </ul>
* </li>
* <li>display_recycle: Either holds the $txt identifier of the message to apply as a warning, or false if displaying of recycling stuff in this ticket isn't appropriate (either for permissions or just because of no deleted replies, or we're just in regular ticket view)</li>
* </ul>
* </li>
* <li>define the page index with SMF's constructPageIndex</li>
* <li>query for all the ids of messages we might display, followed by querying for the message details themselves, pushing that query resource to $reply_request so we can use it in shd_view_replies() later</li>
* <li>load details of all the users applicable for posts in this page</li>
* <li>request all the visible attachments from {@link shd_display_load_attachments()}</li>
* <li>since we are viewing this ticket, mark it read</li>
* <li>set up the breadcrumb trail</li>
* <li>set up the ticket navigation menu</li>
* <li>call in the editor component from SimpleDesk-Post.php and friends, ready for Quick Reply</li>
* <li>invoke the different Javascript objects that are applicable on the page:
* <ul>
* <li>privacy changer</li>
* <li>urgency changer</li>
* <li>quick reply / quote / go advanced</li>
* </ul>
* </li>
* </ul>
*
* @see shd_prepare_ticket_context()
* @since 1.0
*/
function shd_view_ticket()
{
global $context, $txt, $scripturl, $settings, $reply_request, $smcFunc, $modSettings, $memberContext, $sourcedir, $user_info, $options;
loadTemplate('sd_template/SimpleDesk-Display');
$context['template_layers'][] = 'shd_display_nojs';
$ticketinfo = shd_load_ticket();
// How much are we sticking on each page?
$context['messages_per_page'] = empty($modSettings['disableCustomPerPage']) && !empty($options['messages_per_page']) && !WIRELESS ? $options['messages_per_page'] : $modSettings['defaultMaxMessages'];
censorText($ticketinfo['subject']);
censorText($ticketinfo['body']);
$context['user_list'] = array();
// as we go along, build a list of users who are relevant
$context['ticket'] = array('id' => $context['ticket_id'], 'dept' => $ticketinfo['dept'], 'dept_name' => $ticketinfo['dept_name'], 'display_id' => str_pad($context['ticket_id'], $modSettings['shd_zerofill'], '0', STR_PAD_LEFT), 'subject' => $ticketinfo['subject'], 'first_msg' => $ticketinfo['id_first_msg'], 'body' => shd_format_text($ticketinfo['body'], $ticketinfo['smileys_enabled'], 'shd_reply_' . $ticketinfo['id_first_msg']), 'id_member' => $ticketinfo['id_member'], 'id_member_assigned' => $ticketinfo['assigned_id'], 'member' => array('id' => $ticketinfo['starter_id'], 'name' => $ticketinfo['starter_name'], 'link' => shd_profile_link($ticketinfo['starter_name'], $ticketinfo['starter_id'])), 'assigned' => array('id' => $ticketinfo['assigned_id'], 'name' => $ticketinfo['assigned_id'] > 0 ? $ticketinfo['assigned_name'] : $txt['shd_unassigned'], 'link' => $ticketinfo['assigned_id'] > 0 ? shd_profile_link($ticketinfo['assigned_name'], $ticketinfo['assigned_id']) : '<span class="error">' . $txt['shd_unassigned'] . '</span>'), 'assigned_self' => $ticketinfo['assigned_id'] == $user_info['id'], 'ticket_opener' => $ticketinfo['starter_id'] == $user_info['id'], 'urgency' => array('level' => $ticketinfo['urgency'], 'label' => $ticketinfo['urgency'] > TICKET_URGENCY_HIGH ? '<span class="error">' . $txt['shd_urgency_' . $ticketinfo['urgency']] . '</span>' : $txt['shd_urgency_' . $ticketinfo['urgency']]), 'status' => array('level' => $ticketinfo['status'], 'label' => $txt['shd_status_' . $ticketinfo['status']]), 'num_replies' => $ticketinfo['num_replies'], 'deleted_replies' => $ticketinfo['deleted_replies'], 'poster_time' => timeformat($ticketinfo['poster_time']), 'privacy' => array('label' => $ticketinfo['private'] ? $txt['shd_ticket_private'] : $txt['shd_ticket_notprivate'], 'can_change' => shd_allowed_to('shd_alter_privacy_any', $ticketinfo['dept']) || shd_allowed_to('shd_alter_privacy_own', $ticketinfo['dept']) && $ticketinfo['id_member'] == $user_info['id']), 'closed' => $ticketinfo['closed'], 'deleted' => $ticketinfo['deleted']);
// Fix the departmental link since we know we're inside a department now.
if ($context['shd_multi_dept']) {
$context['shd_department'] = $context['ticket']['dept'];
$context['shd_dept_link'] = ';dept=' . $context['ticket']['dept'];
}
// IP address next
$context['link_ip_address'] = allowedTo('moderate_forum');
// for trackip access
if (shd_allowed_to('shd_view_ip_any', $context['ticket']['dept']) || $context['ticket']['ticket_opener'] && shd_allowed_to('shd_view_ip_own', $context['ticket']['dept'])) {
$context['ticket']['ip_address'] = $context['link_ip_address'] ? '<a href="' . $scripturl . '?action=trackip;searchip=' . $ticketinfo['starter_ip'] . '">' . $ticketinfo['starter_ip'] . '</a>' : $ticketinfo['starter_ip'];
}
// Stuff concerning whether the ticket is deleted or not
// Display recycling stuff if: ticket is deleted (if we can see it, we can see the bin) OR ticket has deleted replies and we can see the bin and we requested to see them
$context['ticket']['display_recycle_replies'] = true;
if ($context['ticket']['deleted']) {
$context['ticket']['display_recycle'] = $txt['shd_ticket_has_been_deleted'];
} elseif ($context['ticket']['deleted_replies'] > 0) {
if (shd_allowed_to('shd_access_recyclebin', $context['ticket']['dept'])) {
$context['ticket']['display_recycle'] = $txt['shd_ticket_replies_deleted'];
$ticketlink = $scripturl . '?action=helpdesk;sa=ticket;ticket=' . $context['ticket_id'] . (isset($_REQUEST['recycle']) ? '' : ';recycle');
$context['ticket']['display_recycle'] .= ' ' . sprintf(isset($_REQUEST['recycle']) ? $txt['shd_ticket_replies_deleted_view'] : $txt['shd_ticket_replies_deleted_link'], $ticketlink);
$context['ticket']['display_recycle_replies'] = isset($_REQUEST['recycle']);
} else {
$context['ticket']['display_recycle_replies'] = false;
}
} else {
$context['ticket']['display_recycle'] = false;
$context['ticket']['display_recycle_replies'] = false;
}
// Ticket privacy
$context['ticket']['privacy']['can_change'] = $context['ticket']['privacy']['can_change'] && (!$context['ticket']['closed'] && !$context['ticket']['deleted']);
if (empty($modSettings['shd_privacy_display']) || $modSettings['shd_privacy_display'] == 'smart') {
$context['display_private'] = shd_allowed_to('shd_view_ticket_private_any', $context['ticket']['dept']) || shd_allowed_to(array('shd_alter_privacy_own', 'shd_alter_privacy_any'), $context['ticket']['dept']) || $ticketinfo['private'];
} else {
$context['display_private'] = true;
}
if ($ticketinfo['modified_time'] > 0) {
$context['ticket']['modified'] = array('id' => $ticketinfo['modified_id'], 'name' => $ticketinfo['modified_name'], 'link' => shd_profile_link($ticketinfo['modified_name'], $ticketinfo['modified_id']), 'timestamp' => $ticketinfo['modified_time'], 'time' => timeformat($ticketinfo['modified_time']));
}
$context['ticket']['urgency'] += shd_can_alter_urgency($ticketinfo['urgency'], $ticketinfo['starter_id'], $ticketinfo['closed'], $ticketinfo['deleted'], $context['ticket']['dept']);
$context['total_visible_posts'] = empty($context['display_recycle']) ? $context['ticket']['num_replies'] : (int) $context['ticket']['num_replies'] + (int) $context['ticket']['deleted_replies'];
// OK, before we go crazy, we might need to alter the ticket start. If we're in descending order (non default), we need to reverse it.
if (!empty($context['shd_preferences']['display_order']) && $context['shd_preferences']['display_order'] == 'desc') {
if (empty($context['ticket_start_natural'])) {
$context['ticket_start_from'] = $context['total_visible_posts'] - (empty($context['ticket_start']) ? $context['total_visible_posts'] : $context['ticket_start']);
} else {
$context['ticket_start_from'] = $context['ticket_start'];
}
$context['ticket_sort'] = 'DESC';
} else {
$context['ticket_start_from'] = $context['ticket_start'];
$context['ticket_sort'] = 'ASC';
}
$context['page_index'] = shd_no_expand_pageindex($scripturl . '?action=helpdesk;sa=ticket;ticket=' . $context['ticket_id'] . '.%1$d' . (isset($_REQUEST['recycle']) ? ';recycle' : '') . '#replies', $context['ticket_start_from'], $context['total_visible_posts'], $context['messages_per_page'], true);
$context['get_replies'] = 'shd_prepare_ticket_context';
$query = shd_db_query('', '
SELECT id_msg, id_member, modified_member
FROM {db_prefix}helpdesk_ticket_replies
WHERE id_ticket = {int:ticket}
AND id_msg > {int:first_msg}' . (!empty($context['ticket']['display_recycle_replies']) ? '' : '
AND message_status = {int:msg_status}') . '
ORDER BY id_msg {raw:sort}' . ($context['messages_per_page'] == -1 ? '' : '
LIMIT ' . $context['ticket_start_from'] . ', ' . $context['messages_per_page']), array('ticket' => $context['ticket_id'], 'first_msg' => $ticketinfo['id_first_msg'], 'msg_status' => MSG_STATUS_NORMAL, 'sort' => $context['ticket_sort']));
$context['ticket_messages'] = array();
$posters = array();
while ($row = $smcFunc['db_fetch_assoc']($query)) {
if (!empty($row['id_member'])) {
$posters[] = $row['id_member'];
}
if (!empty($row['modified_member'])) {
$posters[] = $row['modified_member'];
}
$context['ticket_messages'][] = $row['id_msg'];
}
$smcFunc['db_free_result']($query);
// We might want the OP's avatar, add 'em to the list -- just in case.
$posters[] = $context['ticket']['id_member'];
$posters = array_unique($posters);
$context['shd_is_staff'] = array();
// Get the poster data
if (!empty($posters)) {
loadMemberData($posters);
// Are they current team members?
$team = array_intersect($posters, shd_members_allowed_to('shd_staff', $context['ticket']['dept']));
foreach ($team as $member) {
$context['shd_is_staff'][$member] = true;
}
}
if (!empty($context['ticket_messages'])) {
$reply_request = shd_db_query('', '
SELECT
id_msg, poster_time, poster_ip, id_member, modified_time, modified_name, modified_member, body,
smileys_enabled, poster_name, poster_email, message_status
FROM {db_prefix}helpdesk_ticket_replies
WHERE id_msg IN ({array_int:message_list})' . (!empty($context['ticket']['display_recycle']) ? '' : '
AND message_status IN ({array_int:msg_normal})') . '
ORDER BY id_msg {raw:sort}', array('message_list' => $context['ticket_messages'], 'msg_normal' => array(MSG_STATUS_NORMAL), 'sort' => $context['ticket_sort']));
} else {
$reply_request = false;
$context['first_message'] = 0;
$context['first_new_message'] = false;
}
// Load all the custom fields
// First, get all the values that could apply to the current context. We'll deal with what's active/inactive and where it all goes shortly.
$query = shd_db_query('', '
SELECT cfv.id_post, cfv.id_field, cfv.value, cfv.post_type
FROM {db_prefix}helpdesk_custom_fields_values AS cfv
WHERE (cfv.id_post = {int:ticket} AND cfv.post_type = 1)' . (!empty($context['ticket_messages']) ? '
OR (cfv.id_post IN ({array_int:msgs}) AND cfv.post_type = 2)' : ''), array('ticket' => $context['ticket_id'], 'msgs' => $context['ticket_messages']));
$field_values = array();
while ($row = $smcFunc['db_fetch_assoc']($query)) {
$field_values[$row['post_type'] == CFIELD_TICKET ? 'ticket' : $row['id_post']][$row['id_field']] = $row;
}
$smcFunc['db_free_result']($query);
// Set up the storage.
$context['custom_fields_replies'] = array();
$context['ticket']['custom_fields'] = array('details' => array(), 'information' => array(), 'prefix' => array(), 'prefixfilter' => array());
$context['ticket_form']['custom_fields_context'] = 'reply';
$context['ticket_form']['custom_fields'] = array();
$query = shd_db_query('', '
SELECT cf.id_field, cf.active, cf.field_order, cf.field_name, cf.field_desc, cf.field_loc, cf.icon,
cf.field_type, cf.default_value, cf.bbc, cf.can_see, cf.can_edit, cf.field_length,
cf.field_options, cf.display_empty, cfd.required, cf.placement
FROM {db_prefix}helpdesk_custom_fields AS cf
INNER JOIN {db_prefix}helpdesk_custom_fields_depts AS cfd ON (cf.id_field = cfd.id_field AND cfd.id_dept = {int:dept})
WHERE cf.active = 1
ORDER BY cf.field_order', array('dept' => $context['ticket']['dept']));
// Loop through all fields and figure out where they should be.
$is_staff = shd_allowed_to('shd_staff', $context['ticket']['dept']);
$is_admin = shd_allowed_to('admin_helpdesk', $context['ticket']['dept']);
// this includes forum admins
$placements = array(CFIELD_PLACE_DETAILS => 'details', CFIELD_PLACE_INFO => 'information', CFIELD_PLACE_PREFIX => 'prefix', CFIELD_PLACE_PREFIXFILTER => 'prefixfilter');
while ($row = $smcFunc['db_fetch_assoc']($query)) {
list($user_see, $staff_see) = explode(',', $row['can_see']);
list($user_edit, $staff_edit) = explode(',', $row['can_edit']);
if ($is_admin) {
$editable = true;
} elseif ($is_staff) {
if ($staff_see == 0) {
continue;
}
$editable = $staff_edit == 1;
} elseif ($user_see == 1) {
$editable = $user_edit == 1;
} else {
continue;
}
// If this is going to be displayed for the individual ticket, we need to figure out where it should go.
if ($row['field_loc'] & CFIELD_TICKET) {
$pos = $placements[$row['placement']];
}
$field = array('id' => $row['id_field'], 'name' => $row['field_name'], 'desc' => parse_bbc($row['field_desc'], false), 'icon' => $row['icon'], 'type' => $row['field_type'], 'default_value' => $row['field_type'] == CFIELD_TYPE_LARGETEXT ? explode(',', $row['default_value']) : $row['default_value'], 'options' => !empty($row['field_options']) ? unserialize($row['field_options']) : array(), 'display_empty' => !empty($row['required']) ? true : !empty($row['display_empty']), 'bbc' => !empty($row['bbc']) && ($row['field_type'] == CFIELD_TYPE_TEXT || $row['field_type'] == CFIELD_TYPE_LARGETEXT) && $row['placement'] != CFIELD_PLACE_PREFIX, 'editable' => !empty($editable));
if (!empty($field['options']) && empty($field['options']['inactive'])) {
$field['options']['inactive'] = array();
}
if (in_array($field['type'], array(CFIELD_TYPE_RADIO, CFIELD_TYPE_SELECT, CFIELD_TYPE_MULTI))) {
foreach ($field['options'] as $k => $v) {
if ($k != 'inactive' && strpos($v, '[') !== false) {
$field['options'][$k] = parse_bbc($v, false);
}
}
}
if ($row['field_loc'] & CFIELD_REPLY && $field['editable']) {
$context['ticket_form']['custom_fields']['reply'][$field['id']] = $field;
}
// Add fields to the master list, getting any values as we go.
if ($row['field_loc'] & CFIELD_TICKET && (!empty($field_values['ticket'][$row['id_field']]['post_type']) && $field_values['ticket'][$row['id_field']]['post_type'] == CFIELD_TICKET || $field['display_empty'])) {
if (isset($field_values['ticket'][$row['id_field']])) {
$field['value'] = $field['bbc'] ? shd_format_text($field_values['ticket'][$row['id_field']]['value']) : $field_values['ticket'][$row['id_field']]['value'];
}
$context['ticket']['custom_fields'][$pos][$row['id_field']] = $field;
}
if ($row['field_loc'] & CFIELD_REPLY) {
foreach ($field_values as $dest => $field_details) {
unset($field['value']);
if ($dest == 'ticket' || !isset($field_details[$row['id_field']]) || $field_details[$row['id_field']]['post_type'] != CFIELD_REPLY) {
continue;
}
$field['value'] = $field['bbc'] ? shd_format_text($field_details[$row['id_field']]['value']) : $field_details[$row['id_field']]['value'];
$context['custom_fields_replies'][$dest][$row['id_field']] = $field;
}
// We also need to attach the field to replies didn't get the field added, in the event that the field should be displayed by default.
if ($field['display_empty']) {
foreach ($context['ticket_messages'] as $msg) {
if (!isset($context['custom_fields_replies'][$msg][$row['id_field']])) {
$field['value'] = '';
$context['custom_fields_replies'][$msg][$row['id_field']] = $field;
}
}
}
}
}
$smcFunc['db_free_result']($query);
// Grab the avatar for the poster
$context['ticket']['poster_avatar'] = empty($context['ticket']['member']['id']) ? array() : (loadMemberContext($context['ticket']['id_member']) ? $memberContext[$context['ticket']['id_member']]['avatar'] : array());
// Before we grab attachments, also make sure we get any from the first msg (i.e. the ticket)
$context['ticket_messages'][] = $context['ticket']['first_msg'];
shd_display_load_attachments();
// Mark read goes here
if (!empty($user_info['id'])) {
$smcFunc['db_insert']('replace', '{db_prefix}helpdesk_log_read', array('id_ticket' => 'int', 'id_member' => 'int', 'id_msg' => 'int'), array($context['ticket_id'], $user_info['id'], $ticketinfo['id_last_msg']), array('id_member', 'id_topic'));
}
// Template stuff
$context['sub_template'] = 'viewticket';
$ticketname = '';
if (!empty($context['ticket']['custom_fields']['prefix'])) {
$ticketname = '[' . $context['ticket']['display_id'] . '] ';
$fields = '';
foreach ($context['ticket']['custom_fields']['prefix'] as $field) {
if (empty($field['value'])) {
continue;
}
if ($field['type'] == CFIELD_TYPE_CHECKBOX) {
$fields .= !empty($field['value']) ? $txt['yes'] . ' ' : $txt['no'] . ' ';
} elseif ($field['type'] == CFIELD_TYPE_SELECT || $field['type'] == CFIELD_TYPE_RADIO) {
$fields .= trim(strip_tags($field['options'][$field['value']])) . ' ';
} elseif ($field['type'] == CFIELD_TYPE_MULTI) {
$values = explode(',', $field['value']);
foreach ($values as $value) {
$fields .= trim(strip_tags($field['options'][$value])) . ' ';
}
} else {
$fields .= $field['value'] . ' ';
}
}
$fields = trim($fields);
$ticketname .= (!empty($fields) ? '[' . trim($fields) . '] ' : '') . $context['ticket']['subject'];
} else {
$ticketname = '[' . $context['ticket']['display_id'] . '] ' . $context['ticket']['subject'];
}
$context['page_title'] = $txt['shd_helpdesk'] . ' ' . $ticketname;
// If we're in a department, display that.
if ($context['shd_multi_dept']) {
$context['linktree'][] = array('url' => $scripturl . '?' . $context['shd_home'] . $context['shd_dept_link'], 'name' => $context['ticket']['dept_name']);
}
// Build the link tree. If the ticket is recycled, display 'Recycle bin'.
if ($context['ticket']['status']['level'] == TICKET_STATUS_DELETED) {
$context['linktree'][] = array('url' => $scripturl . '?action=helpdesk;sa=recyclebin' . $context['shd_dept_link'], 'name' => $txt['shd_recycle_bin']);
} elseif ($context['ticket']['status']['level'] == TICKET_STATUS_CLOSED) {
$context['linktree'][] = array('url' => $scripturl . '?action=helpdesk;sa=closedtickets' . $context['shd_dept_link'], 'name' => $txt['shd_tickets_closed']);
}
// Lastly add the ticket name and link to the linktree.
$context['linktree'][] = array('url' => $scripturl . '?action=helpdesk;sa=ticket;ticket=' . $context['ticket_id'], 'name' => $ticketname);
// Ticket navigation / permission
$context['can_move_dept'] = !empty($context['shd_multi_dept']) && (shd_allowed_to('shd_move_dept_any', $context['ticket']['dept']) || $context['ticket']['ticket_opener'] && shd_allowed_to('shd_move_dept_own', $context['ticket']['dept']));
$context['can_reply'] = !$context['ticket']['closed'] && !$context['ticket']['deleted'] && (shd_allowed_to('shd_reply_ticket_any', $context['ticket']['dept']) || $context['ticket']['ticket_opener'] && shd_allowed_to('shd_reply_ticket_own', $context['ticket']['dept']));
// needs perms - calc'd here because we use it in display template too
$context['can_quote'] = $context['can_reply'] && !empty($modSettings['shd_allow_ticket_bbc']);
$context['can_go_advanced'] = !empty($modSettings['shd_allow_ticket_bbc']) || !empty($modSettings['allow_ticket_smileys']) || shd_allowed_to('shd_post_attachment', $context['ticket']['dept']);
$context['shd_can_move_to_topic'] = empty($modSettings['shd_disable_tickettotopic']) && shd_allowed_to('shd_ticket_to_topic', $context['ticket']['dept']) && empty($modSettings['shd_helpdesk_only']);
$context['can_solve'] = !$context['ticket']['closed'] && !$context['ticket']['deleted'] && (shd_allowed_to('shd_resolve_ticket_any', $context['ticket']['dept']) || shd_allowed_to('shd_resolve_ticket_own', $context['ticket']['dept']) && $context['ticket']['ticket_opener']);
$context['can_unsolve'] = $context['ticket']['closed'] && (shd_allowed_to('shd_unresolve_ticket_any', $context['ticket']['dept']) || shd_allowed_to('shd_unresolve_ticket_own', $context['ticket']['dept']) && $context['ticket']['ticket_opener']);
$context['can_silent_update'] = $context['can_reply'] && shd_allowed_to('shd_silent_update', $context['ticket']['dept']);
// And off we go
$context['ticket_navigation'] = array();
$context['ticket_navigation'][] = array('url' => $scripturl . '?action=helpdesk;sa=editticket;ticket=' . $context['ticket']['id'] . ';' . $context['session_var'] . '=' . $context['session_id'], 'icon' => 'edit', 'alt' => '*', 'display' => !$context['ticket']['closed'] && !$context['ticket']['deleted'] && (shd_allowed_to('shd_edit_ticket_any', $context['ticket']['dept']) || $context['ticket']['ticket_opener'] && shd_allowed_to('shd_edit_ticket_own', $context['ticket']['dept'])), 'text' => 'shd_ticket_edit');
$context['ticket_navigation'][] = array('url' => $scripturl . '?action=helpdesk;sa=markunread;ticket=' . $context['ticket']['id'] . ';' . $context['session_var'] . '=' . $context['session_id'], 'icon' => 'unread', 'alt' => '*', 'display' => !$context['ticket']['closed'] && !$context['ticket']['deleted'], 'text' => 'shd_ticket_markunread');
$context['ticket_navigation'][] = array('url' => $scripturl . '?action=helpdesk;sa=resolveticket;ticket=' . $context['ticket']['id'] . ';' . $context['session_var'] . '=' . $context['session_id'], 'icon' => 'resolved', 'alt' => '*', 'display' => $context['can_solve'], 'text' => 'shd_ticket_resolved');
$context['ticket_navigation'][] = array('url' => $scripturl . '?action=helpdesk;sa=resolveticket;ticket=' . $context['ticket']['id'] . ';' . $context['session_var'] . '=' . $context['session_id'], 'icon' => 'unresolved', 'alt' => '*', 'display' => $context['can_unsolve'], 'text' => 'shd_ticket_unresolved');
// This is always going to be a pain. But it should be possible to contextualise it nicely.
// And while this isn't quite as nicely formatted as a single nice array definition,
// imagine trying to debug the display and text options later if it were done with nested ternaries... *shudder*
$context['ajax_assign'] = false;
$assign_nav = array('url' => $scripturl . '?action=helpdesk;sa=assign;ticket=' . $context['ticket']['id'] . ';' . $context['session_var'] . '=' . $context['session_id'], 'icon' => 'assign', 'alt' => '*', 'text' => '', 'display' => false);
if (shd_allowed_to('shd_assign_ticket_any', $context['ticket']['dept'])) {
$assign_nav['display'] = shd_allowed_to('shd_staff', $context['ticket']['dept']) && !$context['ticket']['closed'] && !$context['ticket']['deleted'];
$assign_nav['text'] = empty($context['ticket']['id_member_assigned']) ? 'shd_ticket_assign' : 'shd_ticket_reassign';
$context['ajax_assign'] = $assign_nav['display'];
} elseif (shd_allowed_to('shd_assign_ticket_own', $context['ticket']['dept'])) {
$assign_nav['display'] = !$context['ticket']['closed'] && !$context['ticket']['deleted'] && shd_allowed_to('shd_staff', $context['ticket']['dept']) && (empty($context['ticket']['id_member_assigned']) || $context['ticket']['assigned_self']);
// either not assigned or assigned to self
$assign_nav['text'] = $context['ticket']['assigned_self'] ? 'shd_ticket_unassign' : 'shd_ticket_assign_self';
}
$context['ticket_navigation'][] = $assign_nav;
$context['ticket_navigation'][] = array('url' => $scripturl . '?action=helpdesk;sa=deleteticket;ticket=' . $context['ticket']['id'] . ';' . $context['session_var'] . '=' . $context['session_id'], 'icon' => 'delete', 'alt' => '*', 'display' => !$context['ticket']['closed'] && !$context['ticket']['deleted'] && (shd_allowed_to('shd_delete_ticket_any', $context['ticket']['dept']) || shd_allowed_to('shd_delete_ticket_own', $context['ticket']['dept']) && $context['ticket']['ticket_opener']), 'text' => 'shd_ticket_delete', 'onclick' => 'return confirm(' . JavaScriptEscape($txt['shd_delete_confirm']) . ');');
$context['ticket_navigation'][] = array('url' => $scripturl . '?action=helpdesk;sa=restoreticket;ticket=' . $context['ticket']['id'] . ';' . $context['session_var'] . '=' . $context['session_id'], 'icon' => 'restore', 'alt' => '*', 'display' => $context['ticket']['deleted'] && (shd_allowed_to('shd_restore_ticket_any', $context['ticket']['dept']) || shd_allowed_to('shd_restore_ticket_own', $context['ticket']['dept']) && $context['ticket']['ticket_opener']), 'text' => 'shd_ticket_restore');
$context['ticket_navigation'][] = array('url' => $scripturl . '?action=helpdesk;sa=permadelete;ticket=' . $context['ticket']['id'] . ';' . $context['session_var'] . '=' . $context['session_id'], 'icon' => 'delete', 'alt' => '*', 'display' => $context['ticket']['deleted'] && shd_allowed_to('shd_delete_recycling', $context['ticket']['dept']), 'text' => 'shd_delete_permanently', 'onclick' => 'return confirm(' . JavaScriptEscape($txt['shd_delete_permanently_confirm']) . ');');
$context['ticket_navigation'][] = array('url' => $scripturl . '?action=helpdesk;sa=movedept;ticket=' . $context['ticket']['id'] . ';' . $context['session_var'] . '=' . $context['session_id'], 'icon' => 'movedept', 'alt' => '*', 'display' => $context['can_move_dept'], 'text' => 'shd_move_dept');
$context['ticket_navigation'][] = array('url' => $scripturl . '?action=helpdesk;sa=tickettotopic;ticket=' . $context['ticket']['id'] . ';' . $context['session_var'] . '=' . $context['session_id'], 'icon' => 'tickettotopic', 'alt' => '*', 'display' => $context['shd_can_move_to_topic'] && !$context['ticket']['closed'] && !$context['ticket']['deleted'] && ($context['ticket']['deleted_replies'] == 0 || shd_allowed_to('shd_access_recyclebin', $context['ticket']['dept'])), 'text' => 'shd_ticket_move_to_topic');
// While we're at it, set up general navigation for this ticket. We'll sort out access to the action log later.
$context['navigation']['replies'] = array('text' => 'shd_go_to_replies', 'lang' => true, 'url' => '#replies');
$context['navigation']['ticketlog'] = array('text' => 'shd_go_to_action_log', 'test' => 'display_ticket_log', 'lang' => true, 'url' => '#ticket_log_header');
// If we are going SMF style with the navigation, we need to rework the structure a wee bit.
// No sense making a new array, mind, just fix up the existing one a touch, and don't do this on the master as we don't always need it.
if (empty($modSettings['shd_ticketnav_style']) || !in_array($modSettings['shd_ticketnav_style'], array('sd', 'sdcompact', 'smf'))) {
$modSettings['shd_ticketnav_style'] = 'sd';
}
if ($modSettings['shd_ticketnav_style'] == 'smf') {
foreach ($context['ticket_navigation'] as $key => $button) {
$context['can_' . $button['text']] = $button['display'];
$context['ticket_navigation'][$key] += array('lang' => true, 'test' => 'can_' . $button['text'], 'image' => 'shd_ticket_' . $button['icon'] . '.png');
}
}
// Quick reply stuffs
require_once $sourcedir . '/sd_source/SimpleDesk-Post.php';
require_once $sourcedir . '/Subs-Editor.php';
loadTemplate('sd_template/SimpleDesk-Post');
$context['ticket_form']['ticket'] = $context['ticket_id'];
$context['ticket_form']['num_allowed_attachments'] = empty($modSettings['attachmentNumPerPostLimit']) || $modSettings['shd_attachments_mode'] == 'ticket' ? -1 : $modSettings['attachmentNumPerPostLimit'];
$context['ticket_form']['do_attach'] = shd_allowed_to('shd_post_attachment', $context['ticket']['dept']);
$context['ticket_form']['num_replies'] = $context['ticket']['num_replies'];
$context['ticket_form']['disable_smileys'] = empty($modSettings['shd_allow_ticket_smileys']);
shd_posting_additional_options();
if ($context['can_reply']) {
shd_load_canned_replies();
}
$context['can_ping'] = $context['can_reply'] && shd_allowed_to('shd_singleton_email', $context['ticket']['dept']);
// Set up the fancy editor
shd_postbox('shd_message', '', array('post_button' => $txt['shd_reply_ticket']));
// Lastly, our magic AJAX stuff ;D and we know we already made html_headers exist in SimpleDesk.php, score!
$context['html_headers'] .= '
<script type="text/javascript"><!-- // --><![CDATA[
var sSessI = "' . $context['session_id'] . '";
var sSessV = "' . $context['session_var'] . '";';
if ($context['ticket']['privacy']['can_change']) {
$context['html_headers'] .= '
var shd_ajax_problem = ' . JavaScriptEscape($txt['shd_ajax_problem']) . ';
var privacyCtl = new shd_privacyControl({
ticket: ' . $context['ticket_id'] . ',
sUrl: smf_scripturl + "?action=helpdesk;sa=ajax;op=privacy;ticket=' . $context['ticket_id'] . '",
sSession: sSessV + "=" + sSessI,
sSrcA: "privlink",
sDestSpan: "privacy"
});';
}
if ($context['ticket']['urgency']['increase'] || $context['ticket']['urgency']['decrease']) {
$context['html_headers'] .= '
var urgencyCtl = new shd_urgencyControl({
ticket: ' . $context['ticket_id'] . ',
sUrl: smf_scripturl + "?action=helpdesk;sa=ajax;op=urgency;ticket=' . $context['ticket_id'] . ';change=",
sSession: sSessV + "=" + sSessI,
sDestSpan: "urgency",
aButtons: ["up", "down"],
aButtonOps: { up: "increase", down: "decrease" }
});';
}
if (!empty($options['display_quick_reply'])) {
$context['html_headers'] .= '
var oQuickReply = new QuickReply({
bDefaultCollapsed: ' . (!empty($options['display_quick_reply']) && $options['display_quick_reply'] == 2 ? 'false' : 'true') . ',
iTicketId: ' . $context['ticket_id'] . ',
iStart: ' . $context['start'] . ',
sScriptUrl: smf_scripturl,
sImagesUrl: "' . $settings['images_url'] . '",
sContainerId: "quickReplyOptions",
sImageId: "quickReplyExpand",
sImageCollapsed: "collapse.png",
sImageExpanded: "expand.png",
sJumpAnchor: "quickreply",
sHeaderId: "quickreplyheader",
sFooterId: "quickreplyfooter"
});';
}
$context['html_headers'] .= '
var oCustomFields = new CustomFields({
sImagesUrl: "' . $settings['images_url'] . '",
sContainerId: "additional_info",
sImageId: "shd_custom_fields_swap",
sImageCollapsed: "collapse.png",
sImageExpanded: "expand.png",
sHeaderId: "additionalinfoheader",
sFooterId: "additional_info_footer",
});';
if (!empty($options['display_quick_reply']) && $context['can_go_advanced']) {
$context['html_headers'] .= '
function goAdvanced()
{
document.getElementById("shd_bbcbox").style.display = ' . (!empty($modSettings['shd_allow_ticket_bbc']) ? '""' : '"none"') . ';
document.getElementById("shd_smileybox").style.display = ' . (!empty($modSettings['shd_allow_ticket_smileys']) ? '""' : '"none"') . ';
document.getElementById("shd_attach_container").style.display = ' . (!empty($context['ticket_form']['do_attach']) ? '""' : '"none"') . ';
document.getElementById("shd_goadvancedbutton").style.display = "none";' . (!empty($context['controls']['richedit']['shd_message']['rich_active']) ? '
oEditorHandle_shd_message.toggleView(true);' : '') . '
}
';
}
$context['html_headers'] .= '
// ]' . ']></script>';
$context['shd_display'] = true;
$context['controls']['richedit']['shd_message']['rich_active'] = 0;
// we don't want it by default!
// Register this form in the session variables.
checkSubmitOnce('register');
// Should we load and display this ticket's action log?
$context['display_ticket_log'] = !empty($modSettings['shd_display_ticket_logs']) && (shd_allowed_to('shd_view_ticket_logs_any', $context['ticket']['dept']) || shd_allowed_to('shd_view_ticket_logs_own', $context['ticket']['dept']) && $context['ticket']['ticket_opener']);
// If yes, go ahead and load the log entries (Re-using a couple of functions from the ACP)
if (!empty($context['display_ticket_log'])) {
require_once $sourcedir . '/sd_source/Subs-SimpleDeskAdmin.php';
$context['ticket_log'] = shd_load_action_log_entries(-1, 10, '', '', 'la.id_ticket = ' . $context['ticket_id']);
$context['ticket_log_count'] = shd_count_action_log_entries('la.id_ticket = ' . $context['ticket_id']);
$context['ticket_full_log'] = allowedTo('admin_forum') || shd_allowed_to('admin_helpdesk', 0);
}
// What about related tickets?
$context['create_relationships'] = shd_allowed_to('shd_create_relationships', $context['ticket']['dept']);
$context['display_relationships'] = (shd_allowed_to('shd_view_relationships', $context['ticket']['dept']) || $context['create_relationships']) && empty($modSettings['shd_disable_relationships']);
$context['delete_relationships'] = shd_allowed_to('shd_delete_relationships', $context['ticket']['dept']);
if (!empty($context['display_relationships'])) {
shd_load_relationships($context['ticket_id']);
if ($context['relationships_count'] == 0 && empty($context['create_relationships'])) {
$context['display_relationships'] = false;
}
}
// And, of course, notifications. If we can see the ticket, we can do something with notifications.
$context['display_notifications'] = array('show' => false, 'preferences' => array(), 'can_change' => shd_allowed_to(array('shd_view_profile_own', 'shd_view_profile_any'), 0) && shd_allowed_to(array('shd_view_preferences_own', 'shd_view_preferences_any'), 0), 'can_monitor' => shd_allowed_to('shd_monitor_ticket_any', $context['ticket']['dept']) || $context['ticket']['ticket_opener'] && shd_allowed_to('shd_monitor_ticket_own', $context['ticket']['dept']), 'is_monitoring' => false, 'can_ignore' => shd_allowed_to('shd_ignore_ticket_any', $context['ticket']['dept']) || $context['ticket']['ticket_opener'] && shd_allowed_to('shd_ignore_ticket_own', $context['ticket']['dept']), 'is_ignoring' => false);
$notify_state = NOTIFY_PREFS;
$query = $smcFunc['db_query']('', '
SELECT notify_state
FROM {db_prefix}helpdesk_notify_override
WHERE id_member = {int:user}
AND id_ticket = {int:ticket}', array('user' => $context['user']['id'], 'ticket' => $context['ticket_id']));
if ($smcFunc['db_num_rows']($query) != 0) {
list($notify_state) = $smcFunc['db_fetch_row']($query);
}
$smcFunc['db_free_result']($query);
$context['display_notifications']['is_monitoring'] = $notify_state == NOTIFY_ALWAYS;
$context['display_notifications']['is_ignoring'] = $notify_state == NOTIFY_NEVER;
if ($notify_state != NOTIFY_NEVER) {
if ($context['ticket']['ticket_opener'] && !empty($context['shd_preferences']['notify_new_reply_own'])) {
$context['display_notifications']['preferences'][] = 'yourticket';
}
if ($context['ticket']['assigned_self'] && !empty($context['shd_preferences']['notify_new_reply_assigned'])) {
$context['display_notifications']['preferences'][] = 'assignedyou';
}
if (!empty($context['shd_preferences']['notify_new_reply_previous'])) {
// We need to query to see if we've replied here before - but we don't need to check ticket access.
$query = $smcFunc['db_query']('', '
SELECT COUNT(hdtr.id_msg)
FROM {db_prefix}helpdesk_tickets AS hdt
INNER JOIN {db_prefix}helpdesk_ticket_replies AS hdtr ON (hdt.id_ticket = hdtr.id_ticket)
WHERE hdt.id_ticket = {int:ticket}
AND hdtr.id_member = {int:user}
AND hdtr.id_msg != hdt.id_first_msg', array('ticket' => $context['ticket_id'], 'user' => $context['user']['id']));
list($count) = $smcFunc['db_fetch_row']($query);
$smcFunc['db_free_result']($query);
if (!empty($count)) {
$context['display_notifications']['preferences'][] = 'priorreply';
}
}
if (!empty($context['shd_preferences']['notify_new_reply_any'])) {
$context['display_notifications']['preferences'][] = 'anyreply';
}
}
if (!empty($context['display_notifications']['preferences']) || $context['display_notifications']['can_monitor'] || $context['display_notifications']['can_ignore'] || $context['display_notifications']['can_change']) {
$context['display_notifications']['show'] = true;
}
}