alertMessage($alertmessage, $LANG_GF02['msg182'], $promptform);
} else {
$poster = DB_getItem($_TABLES['gf_topic'], "name", "id='{$fortopicid}'");
$postdate = COM_getUserDateTimeFormat(DB_getItem($_TABLES['gf_topic'], "date", "id='{$fortopicid}'"));
$promptform .= '<div style="padding-top:10px;">' . $LANG_GF03['splitheading'] . '<br>';
$promptform .= '<input type="radio" name="splittype" value="remaining" CHECKED>' . $LANG_GF03['splitopt1'] . '<br>';
$promptform .= '<input type="radio" name="splittype" value="single">' . $LANG_GF03['splitopt2'] . '</div>';
$promptform .= '</div><div style="padding:20 0 5 20px;">';
$promptform .= '<input type="submit" NAME="submit" VALUE="' . $LANG_GF03['movetopic'] . '">';
$promptform .= ' <INPUT TYPE="submit" NAME="submit" VALUE="' . $LANG_GF01['CANCEL'] . '"></div>';
$promptform .= '</FORM></div>';
$alertmessage = sprintf($LANG_GF03['splittopicmsg'], $topictitle, $poster, $postdate[0]);
alertMessage($alertmessage, $LANG_GF02['msg182'], $promptform);
}
}
} elseif ($modfunction == 'banip' and forum_modPermission($forum, $_USER['uid'], 'mod_ban') and $fortopicid != 0) {
$iptobansql = DB_query("SELECT ip FROM {$_TABLES['gf_topic']} WHERE id='{$fortopicid}'");
$forumpostipnum = DB_fetchArray($iptobansql);
if ($forumpostipnum['ip'] == '') {
alertMessage($LANG_GF02['msg174']);
exit;
}
$alertmessage = '<p>' . $LANG_GF02['msg68'] . '</p><p>';
$alertmessage .= sprintf($LANG_GF02['msg69'], $forumpostipnum['ip']) . '</p>';
$promptform = '<p><FORM ACTION="' . $_CONF['site_url'] . '/forum/moderation.php" METHOD="POST">';
$promptform .= '<INPUT TYPE="hidden" NAME="hostip" VALUE="' . $forumpostipnum['ip'] . '">';
$promptform .= '<INPUT TYPE="hidden" NAME="confirmbanip" VALUE="1">';
$promptform .= '<INPUT TYPE="hidden" NAME="forum" VALUE="' . $forum . '">';
$promptform .= '<INPUT TYPE="hidden" NAME="fortopicid" VALUE="' . $fortopicid . '">';
$promptform .= '<CENTER><INPUT TYPE="submit" NAME="submit" VALUE="' . $LANG_GF01['CONFIRM'] . '">';
$promptform .= ' <INPUT TYPE="submit" NAME="submit" VALUE="' . $LANG_GF01['CANCEL'] . '">';
function forum_getmodFunctions($showtopic)
{
global $_USER, $_TABLES, $LANG_GF03, $LANG_GF01, $page;
$retval = '';
$options = '';
if (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_edit')) {
$options .= '<OPTION VALUE="editpost">' . $LANG_GF03['edit'];
if ($showtopic['locked'] == 1) {
$options .= '<OPTION VALUE="lockedpost">' . $LANG_GF03['lockedpost'];
}
}
if (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_delete')) {
$options .= '<OPTION VALUE="deletepost">' . $LANG_GF03['delete'];
}
if (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_ban')) {
$options .= '<OPTION VALUE="banip">' . $LANG_GF03['ban'];
}
if ($showtopic['pid'] == 0) {
if (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_move')) {
$options .= '<OPTION VALUE="movetopic">' . $LANG_GF03['move'];
}
} elseif (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_move')) {
$options .= '<OPTION VALUE="movetopic">' . $LANG_GF03['split'];
}
if ($options != '') {
$retval .= '<FORM ACTION="moderation.php" METHOD="POST" style="margin:0px;"><SELECT NAME="modfunction">';
$retval .= $options;
if ($showtopic['pid'] == 0) {
$msgpid = $showtopic['id'];
$top = "yes";
} else {
$msgpid = $showtopic['pid'];
$top = "no";
}
$retval .= '</SELECT><INPUT TYPE="hidden" NAME="fortopicid" VALUE="' . $showtopic['id'] . '">';
$retval .= '<INPUT TYPE="hidden" NAME="forum" VALUE="' . $showtopic['forum'] . '">';
$retval .= '<INPUT TYPE="hidden" NAME="msgpid" VALUE="' . $msgpid . '">';
$retval .= '<INPUT TYPE="hidden" NAME="top" VALUE="' . $top . '">';
$retval .= '<INPUT TYPE="hidden" NAME="page" VALUE="' . $page . '">';
$retval .= ' <INPUT TYPE="submit" NAME="submit" VALUE="' . $LANG_GF01['GO'] . '!">';
$retval .= '</FORM>';
}
return $retval;
}
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software Foundation, |
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
// | |
// +---------------------------------------------------------------------------+
//
require_once "../lib-common.php";
// Path to your lib-common.php
require_once $_CONF['path_html'] . 'forum/include/gf_format.php';
$deleteid = COM_applyFilter($_GET['id'], true);
$topic = COM_applyFilter($_GET['topic'], true);
COM_errorLog("topic:{$topic}");
$query = DB_query("SELECT uid,forum,date FROM {$_TABLES['gf_topic']} WHERE id={$topic}");
$edittopic = DB_fetchArray($query, false);
$editAllowed = false;
if (forum_modPermission($edittopic['forum'], $_USER['uid'], 'mod_edit')) {
$editAllowed = true;
} elseif ($edittopic['uid'] > 1 and $edittopic['uid'] == $_USER['uid']) {
// User is trying to edit their topic post - this is allowed
if ($edittopic['date'] > 0) {
if ($CONF_FORUM['allowed_editwindow'] > 0) {
// Check if edit timeframe is still valid
$t2 = $CONF_FORUM['allowed_editwindow'];
$time = time();
if (time() - $t2 < $edittopic['date']) {
$editAllowed = true;
}
} else {
$editAllowed = true;
}
}
}
}
$topiclisting->set_var('cat_name', $category['cat_name']);
$topiclisting->set_var('category_id', $category['id']);
$topiclisting->set_var('forum_name', $category['forum_name']);
$topiclisting->set_var('forum_id', $forum);
$topiclisting->set_var('imgset', $CONF_FORUM['imgset']);
$topiclisting->set_var('LANG_TOPIC', $LANG_GF01['TOPICSUBJECT']);
$topiclisting->set_var('LANG_STARTEDBY', $LANG_GF01['STARTEDBY']);
$topiclisting->set_var('LANG_REPLIES', $LANG_GF01['REPLIES']);
$topiclisting->set_var('LANG_VIEWS', $LANG_GF01['VIEWS']);
$topiclisting->set_var('LANG_LASTPOST', $LANG_GF01['LASTPOST']);
$topiclisting->set_var('LANG_AUTHOR', $LANG_GF01['AUTHOR']);
$topiclisting->set_var('LANG_MSG05', $LANG_GF01['LASTPOST']);
$topiclisting->set_var('LANG_newforumposts', $LANG_GF02['msg113']);
if ($category['is_readonly'] == 0 or forum_modPermission($forum, $_USER['uid'], 'mod_edit')) {
$topiclisting->set_var('LANG_newtopic', $LANG_GF01['NEWTOPIC']);
$topiclisting->set_var('newtopiclinktext', $LANG_GF09['newtopic']);
$topiclisting->set_var('newtopiclinkimg', gf_getImage('post_newtopic'));
$topiclisting->set_var('newtopiclink', "{$_CONF['site_url']}/forum/createtopic.php?method=newtopic&forum={$forum}");
$topiclisting->parse('newtopic_link', 'newtopic_link');
} else {
$topiclisting->set_var('LANG_newtopic', '');
$topiclisting->set_var('newtopiclink', '#');
}
$displaypostpages = $LANG_GF01['PAGES'] . ':';
// FIXME: is this used anywhere?
while ($record = DB_fetchArray($topicResults, false)) {
if ($record['replies'] + 1 <= $CONF_FORUM['show_posts_perpage']) {
$displaypageslink = "";
$gotomsg = "";
function forum_getmodFunctions($showtopic)
{
global $_USER, $_CONF, $_TABLES, $LANG_GF03, $LANG_GF01, $page;
$retval = '';
$options = '';
if (COM_isAnonUser()) {
return $retval;
}
if (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_edit')) {
$options .= '<option value="editpost">' . $LANG_GF03['edit'] . '</option>';
if ($showtopic['locked'] == 1) {
$options .= '<option value="lockedpost">' . $LANG_GF03['lockedpost'] . '</option>';
}
}
if (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_delete')) {
$options .= '<option value="deletepost">' . $LANG_GF03['delete'] . '</option>';
}
if (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_ban')) {
$options .= '<option value="banippost">' . $LANG_GF03['banippost'] . '</option>';
}
if (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_ban')) {
if (function_exists('BAN_for_plugins_check_access') and BAN_for_plugins_check_access()) {
$iptobansql = DB_query("SELECT ip FROM {$_TABLES['forum_topic']} WHERE id='{$showtopic['id']}'");
$forumpostipnum = DB_fetchArray($iptobansql);
$ip_address = $forumpostipnum['ip'];
if ($ip_address != '') {
if (BAN_for_plugins_ban_found($ip_address)) {
$options .= '<option value="banip">' . $LANG_GF03['banipremove'] . '</option>';
} else {
$options .= '<option value="banip">' . $LANG_GF03['banip'] . '</option>';
}
}
}
}
if ($showtopic['pid'] == 0) {
if (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_move')) {
$options .= '<option value="movetopic">' . $LANG_GF03['move'] . '</option>';
}
} elseif (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_move')) {
$options .= '<option value="movetopic">' . $LANG_GF03['split'] . '</option>';
}
if ($options != '') {
$retval .= '<select name="modfunction">';
$retval .= $options;
if ($showtopic['pid'] == 0) {
$msgpid = $showtopic['id'];
$top = "yes";
} else {
$msgpid = $showtopic['pid'];
$top = "no";
}
$retval .= '</select> ';
$retval .= '<input type="submit" name="submit" value="' . $LANG_GF01['GO'] . '!"' . XHTML . '>';
$retval .= '<input type="hidden" name="fortopicid" value="' . $showtopic['id'] . '"' . XHTML . '>';
$retval .= '<input type="hidden" name="forum" value="' . $showtopic['forum'] . '"' . XHTML . '>';
$retval .= '<input type="hidden" name="msgpid" value="' . $msgpid . '"' . XHTML . '>';
$retval .= '<input type="hidden" name="top" value="' . $top . '"' . XHTML . '>';
$retval .= '<input type="hidden" name="page" value="' . $page . '"' . XHTML . '>';
}
return $retval;
}
function forum_getmodFunctions($showtopic)
{
global $_USER, $_CONF, $_TABLES, $LANG_GF03, $LANG_GF01, $page;
$retval = '';
$options = '';
if (COM_isAnonUser()) {
return $retval;
}
if (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_edit')) {
$options .= '<option value="editpost">' . $LANG_GF03['edit'] . '</option>';
if ($showtopic['locked'] == 1) {
$options .= '<option value="lockedpost">' . $LANG_GF03['lockedpost'] . '</option>';
}
}
if (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_delete')) {
$options .= '<option value="deletepost">' . $LANG_GF03['delete'] . '</option>';
}
if (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_ban')) {
$options .= '<option value="banip">' . $LANG_GF03['ban'] . '</option>';
}
if ($showtopic['pid'] == 0) {
if (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_move')) {
$options .= '<option value="movetopic">' . $LANG_GF03['move'] . '</option>';
}
} elseif (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_move')) {
$options .= '<option value="movetopic">' . $LANG_GF03['split'] . '</option>';
}
if ($options != '') {
$retval .= '<form action="' . $_CONF['site_url'] . '/forum/moderation.php" method="post" style="margin:0px;"><div><select name="modfunction">';
$retval .= $options;
if ($showtopic['pid'] == 0) {
$msgpid = $showtopic['id'];
$top = "yes";
} else {
$msgpid = $showtopic['pid'];
$top = "no";
}
$retval .= '</select> ';
$retval .= '<input type="submit" name="submit" value="' . $LANG_GF01['GO'] . '!"' . XHTML . '>';
$retval .= '<input type="hidden" name="fortopicid" value="' . $showtopic['id'] . '"' . XHTML . '>';
$retval .= '<input type="hidden" name="forum" value="' . $showtopic['forum'] . '"' . XHTML . '>';
$retval .= '<input type="hidden" name="msgpid" value="' . $msgpid . '"' . XHTML . '>';
$retval .= '<input type="hidden" name="top" value="' . $top . '"' . XHTML . '>';
$retval .= '<input type="hidden" name="page" value="' . $page . '"' . XHTML . '>';
$retval .= '</div></form>';
}
return $retval;
}
while ($topicRec = DB_fetchArray($result)) {
//$intervalTime = $mytimer->stopTimer();
//COM_errorLog("Topic Display Time: $intervalTime");
if ($CONF_FORUM['show_anonymous_posts'] == 0 and $topicRec['uid'] == 1) {
$display .= '<div class="pluginAlert" style="padding:10px;margin:10px;">' . $LANG_GF02['msg300'] . '</div>';
break;
//Do nothing - but this way I don't always have to do this check
} else {
$display .= showtopic($topicRec, $mode, $onetwo, $page);
$onetwo = $onetwo == 1 ? 2 : 1;
}
}
if ($mode != 'preview') {
$topic_footer = COM_newTemplate($CONF_FORUM['path_layout'] . 'forum/layout');
$topic_footer->set_file(array('topicfooter' => 'topicfooter.thtml', 'new' => 'links/newtopic.thtml', 'reply' => 'links/replytopic.thtml'));
if ($viewtopic['is_readonly'] == 0 or forum_modPermission($viewtopic['forum'], $_USER['uid'], 'mod_edit')) {
$newtopiclink = "{$_CONF['site_url']}/forum/createtopic.php?method=newtopic&forum={$forum}";
$newtopiclinktext = $LANG_GF09['newtopic'];
$topic_footer->set_var('layout_url', $CONF_FORUM['layout_url']);
$topicDisplayTime = $mytimer->stopTimer();
$topic_footer->set_var('page_generated_time', sprintf($LANG_GF02['msg179'], $topicDisplayTime));
$topic_footer->set_var('newtopiclink', $newtopiclink);
$topic_footer->set_var('newtopiclinkimg', gf_getImage('post_newtopic'));
$topic_footer->set_var('newtopiclinktext', $newtopiclinktext);
$topic_footer->set_var('LANG_newtopic', $LANG_GF01['NEWTOPIC']);
$topic_footer->parse('newtopic_link', 'new');
if ($viewtopic['locked'] != 1) {
$replytopiclink = "{$_CONF['site_url']}/forum/createtopic.php?method=postreply&forum={$forum}&id={$replytopic_id}";
$topic_footer->set_var('replytopiclink', $replytopiclink);
$topic_footer->set_var('replytopiclinkimg', gf_getImage('post_reply'));
$topic_footer->set_var('replytopiclinktext', $LANG_GF09['replytopic']);
function FF_saveTopic($forumData, $postData, $action)
{
global $_CONF, $_TABLES, $_FF_CONF, $_USER, $LANG03, $LANG_GF01, $LANG_GF02;
$retval = '';
$uploadErrors = '';
$msg = '';
$errorMessages = '';
$email = '';
$forumfiles = array();
$okToSave = true;
$dt = new Date('now', $_USER['tzid']);
$date = $dt->toUnix();
$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
if (COM_isAnonUser()) {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
// verify postmode is allowed
if (strtolower($postData['postmode']) == 'html') {
if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) {
$postData['postmode'] = 'html';
} else {
$postData['postmode'] = 'text';
}
}
// is forum readonly?
if ($forumData['is_readonly'] == 1) {
// Check if this user has moderation rights now to allow a post to a locked topic
if (!forum_modPermission($forumData['forum'], $uid, 'mod_edit')) {
_ff_accessError();
}
}
if ($action == 'saveedit') {
// does the forum match the forum id of the posted data?
if ($forumData['forum'] != 0 && $forumData['forum'] != $postData['forum']) {
_ff_accessError();
}
$editid = COM_applyFilter($postData['editid'], true);
$forum = COM_applyFilter($postData['forum'], true);
$editAllowed = false;
if (forum_modPermission($forumData['forum'], $_USER['uid'], 'mod_edit')) {
$editAllowed = true;
} else {
if ($_FF_CONF['allowed_editwindow'] > 0) {
$t1 = DB_getItem($_TABLES['ff_topic'], 'date', "id=" . (int) $postData['id']);
$t2 = $_FF_CONF['allowed_editwindow'];
$time = time();
if (time() - $t2 < $t1) {
$editAllowed = true;
}
} else {
$editAllowed = true;
}
}
if ($postData['editpid'] < 1 && trim($postData['subject']) == '') {
$retval .= FF_BlockMessage('', $LANG_GF02['msg18'], false);
$okToSave = false;
} elseif (!$editAllowed) {
$link = $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . (int) $postData['$id'];
$retval .= _ff_alertMessage('', $LANG_GF02['msg189'], sprintf($LANG_GF02['msg187'], $link));
$okToSave = false;
}
} else {
if (!COM_isAnonUser() && $_FF_CONF['use_sfs']) {
$email = isset($_USER['email']) ? $_USER['email'] : '';
}
}
if (isset($postData['name']) && $postData['name'] != '') {
$name = _ff_preparefordb(@htmlspecialchars(strip_tags(trim(COM_checkWords(USER_sanitizeName($postData['name'])))), ENT_QUOTES, COM_getEncodingt()), 'text');
$name = urldecode($name);
} else {
$okToSave = false;
$errorMessages .= $LANG_GF02['invalid_name'] . '<br />';
}
// speed limit check
if (!SEC_hasRights('forum.edit')) {
COM_clearSpeedlimit($_FF_CONF['post_speedlimit'], 'forum');
$last = COM_checkSpeedlimit('forum');
if ($last > 0) {
$errorMessages .= sprintf($LANG_GF01['SPEEDLIMIT'], $last, $_FF_CONF['post_speedlimit']) . '<br/>';
$okToSave = false;
}
}
// standard edit checks
if (strlen(trim($postData['name'])) < $_FF_CONF['min_username_length'] || strlen(trim($postData['subject'])) < $_FF_CONF['min_subject_length'] || strlen(trim($postData['comment'])) < $_FF_CONF['min_comment_length']) {
$errorMessages .= $LANG_GF02['msg18'] . '<br/>';
$okToSave = false;
}
// CAPTCHA check
if (function_exists('plugin_itemPreSave_captcha') && $okToSave == true) {
if (!isset($postData['captcha'])) {
$postData['captcha'] = '';
}
$msg = plugin_itemPreSave_captcha('forum', $postData['captcha']);
if ($msg != '') {
$errorMessages .= $msg . '<br/>';
$okToSave = false;
}
}
// spamx check
if ($_FF_CONF['use_spamx_filter'] == 1 && $okToSave == true) {
// Check for SPAM
$spamcheck = '<h1>' . $postData['subject'] . '</h1><p>' . $postData['comment'] . '</p>';
$result = PLG_checkforSpam($spamcheck, $_CONF['spamx']);
// Now check the result and redirect to index.php if spam action was taken
if ($result > 0) {
// then tell them to get lost ...
$errorMessages .= $LANG_GF02['spam_detected'];
$okToSave = false;
}
}
if ($_FF_CONF['use_sfs'] == 1 && COM_isAnonUser() && function_exists('plugin_itemPreSave_spamx')) {
$spamCheckData = array('username' => $postData['name'], 'email' => $email, 'ip' => $REMOTE_ADDR);
$msg = plugin_itemPreSave_spamx('forum', $spamCheckData);
if ($msg) {
$errorMessages .= $msg;
$okToSave = false;
}
}
if ($okToSave == false) {
$retval .= _ff_alertMessage($errorMessages, $LANG_GF01['ERROR'], ' ');
return array(false, $retval);
}
if ($okToSave == true) {
if (!isset($postData['postmode_switch'])) {
$postData['postmode_switch'] = 0;
}
$postmode = _ff_chkpostmode($postData['postmode'], $postData['postmode_switch']);
// validate postmode
if ($postmode == 'html' || $postmode == 'HTML') {
if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) {
$postmode = 'html';
} else {
$postmode = 'text';
}
}
$subject = _ff_preparefordb(strip_tags($postData['subject']), 'text');
$comment = _ff_preparefordb($postData['comment'], $postmode);
$mood = isset($postData['mood']) ? COM_applyFilter($postData['mood']) : '';
$id = COM_applyFilter($postData['id'], true);
$forum = COM_applyFilter($postData['forum'], true);
$notify = isset($postData['notify']) ? COM_applyFilter($postData['notify']) : '';
$status = 0;
if (isset($postData['disable_bbcode']) && $postData['disable_bbcode'] == 1) {
$status += DISABLE_BBCODE;
}
if (isset($postData['disable_smilies']) && $postData['disable_smilies'] == 1) {
$status += DISABLE_SMILIES;
}
if (isset($postData['disable_urlparse']) && $postData['disable_urlparse'] == 1) {
$status += DISABLE_URLPARSE;
}
// If user has moderator edit rights only
$locked = 0;
$sticky = 0;
if (isset($postData['modedit']) && $postData['modedit'] == 1) {
if (isset($postData['locked_switch']) && $postData['locked_switch'] == 1) {
$locked = 1;
}
if (isset($postData['sticky_switch']) && $postData['sticky_switch'] == 1) {
$sticky = 1;
}
}
if ($action == 'savetopic') {
$fields = "forum,name,email,date,lastupdated,subject,comment,postmode,ip,mood,uid,pid,sticky,locked,status";
$sql = "INSERT INTO {$_TABLES['ff_topic']} ({$fields}) ";
$sql .= "VALUES (" . (int) $forum . "," . "'" . DB_escapeString($name) . "'," . "'" . DB_escapeString($email) . "'," . "'" . DB_escapeString($date) . "'," . "'" . DB_escapeString($date) . "'," . "'" . $subject . "'," . "'" . $comment . "'," . "'" . DB_escapeString($postmode) . "'," . "'" . DB_escapeString($REMOTE_ADDR) . "'," . "'" . DB_escapeString($mood) . "'," . (int) $uid . "," . "0," . (int) $sticky . "," . (int) $locked . "," . (int) $status . ")";
DB_query($sql);
// Find the id of the last inserted topic
list($lastid) = DB_fetchArray(DB_query("SELECT max(id) FROM {$_TABLES['ff_topic']} "));
$savedPostID = $lastid;
$topicPID = $lastid;
/* Check for any uploaded files - during add of new topic */
$uploadErrors = _ff_check4files($lastid);
// Check and see if there are no [file] bbcode tags in content and reset the show_inline value
// This is needed in case user had used the file bbcode tag and then removed it
$imagerecs = '';
$imagerecs = implode(',', $forumfiles);
$sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $lastid . " ";
if ($imagerecs != '') {
$sql .= "AND id NOT IN ({$imagerecs})";
}
DB_query($sql);
// Update forums record
DB_query("UPDATE {$_TABLES['ff_forums']} SET post_count=post_count+1, topic_count=topic_count+1, last_post_rec=" . (int) $lastid . " WHERE forum_id=" . (int) $forum);
if (DB_Count($_TABLES['ff_attachments'], 'topic_id', (int) $lastid)) {
DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=1 WHERE id=" . (int) $lastid);
}
DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topicPID . " and time > 0");
} else {
if ($action == 'savereply') {
$fields = "name,email,date,subject,comment,postmode,ip,mood,uid,pid,forum,status";
$sql = "INSERT INTO {$_TABLES['ff_topic']} ({$fields}) ";
$sql .= "VALUES (" . "'" . DB_escapeString($name) . "'," . "'" . DB_escapeString($email) . "'," . "'" . DB_escapeString($date) . "'," . "'{$subject}'," . "'{$comment}'," . "'" . DB_escapeString($postmode) . "'," . "'" . DB_escapeString($REMOTE_ADDR) . "'," . "'" . DB_escapeString($mood) . "'," . (int) $uid . "," . (int) $id . "," . (int) $forum . "," . (int) $status . ")";
DB_query($sql);
// Find the id of the last inserted topic
list($lastid) = DB_fetchArray(DB_query("SELECT max(id) FROM {$_TABLES['ff_topic']} "));
$savedPostID = $lastid;
$topicPID = $id;
/* Check for any uploaded files - during adding reply post */
$uploadErrors = _ff_check4files($lastid);
// Check and see if there are no [file] bbcode tags in content and reset the show_inline value
// This is needed in case user had used the file bbcode tag and then removed it
$imagerecs = '';
$imagerecs = implode(',', $forumfiles);
$sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $lastid;
if ($imagerecs != '') {
$sql .= " AND id NOT IN ({$imagerecs})";
}
DB_query($sql);
DB_query("UPDATE {$_TABLES['ff_topic']} SET replies=replies+1, lastupdated='" . DB_escapeString($date) . "',last_reply_rec=" . (int) $lastid . " WHERE id=" . (int) $id);
DB_query("UPDATE {$_TABLES['ff_forums']} SET post_count=post_count+1, last_post_rec=" . (int) $lastid . " WHERE forum_id=" . (int) $forum);
if (DB_Count($_TABLES['ff_attachments'], 'topic_id', (int) $lastid)) {
DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=1 WHERE id=" . (int) $id);
}
DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topicPID . " and time > 0");
} elseif ($action == 'saveedit') {
$sql = "UPDATE {$_TABLES['ff_topic']} SET " . "subject='{$subject}'," . "comment='{$comment}'," . "postmode='" . DB_escapeString($postmode) . "'," . "mood='" . DB_escapeString($mood) . "'," . "sticky=" . (int) $sticky . "," . "locked=" . (int) $locked . "," . "status=" . (int) $status . " " . "WHERE (id=" . (int) $editid . ")";
DB_query($sql);
/* Check for any uploaded files - during save of edit */
$uploadErrors = _ff_check4files($editid);
// Check and see if there are no [file] bbcode tags in content and reset the show_inline value
// This is needed in case user had used the file bbcode tag and then removed it
$imagerecs = '';
$imagerecs = implode(',', $forumfiles);
$sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $editid . " ";
if ($imagerecs != '') {
$sql .= "AND id NOT IN ({$imagerecs})";
}
DB_query($sql);
$topicPID = DB_getITEM($_TABLES['ff_topic'], "pid", "id=" . (int) $editid);
if ($topicPID == 0) {
$topicPID = $editid;
}
$savedPostID = $editid;
if ($postData['silentedit'] != 1) {
DB_query("UPDATE {$_TABLES['ff_topic']} SET lastupdated='" . DB_escapeString($date) . "' WHERE id=" . (int) $topicPID);
//Remove any lastviewed records in the log so that the new updated topic indicator will appear
DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topicPID . " and time > 0");
}
if (DB_Count($_TABLES['ff_attachments'], 'topic_id', (int) $editid)) {
DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=1 WHERE id=" . (int) $topicPID);
}
$topicparent = $topicPID;
}
}
COM_updateSpeedLimit('forum');
PLG_itemSaved($savedPostID, 'forum');
CACHE_remove_instance('forumcb');
if (!COM_isAnonUser()) {
//NOTIFY - Checkbox variable in form set to "on" when checked and they don't already have subscribed to forum or topic
$nid = -$topicPID;
$currentForumNotifyRecID = (int) DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category='" . DB_escapeString($forum) . "' AND id=0 AND uid=" . (int) $uid);
$currentTopicNotifyRecID = (int) DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category='" . DB_escapeString($forum) . "' AND id='" . DB_escapeString($topicPID) . "' AND uid=" . (int) $uid);
$currentTopicUnNotifyRecID = (int) DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category='" . DB_escapeString($forum) . "' AND id='" . DB_escapeString($nid) . "' AND uid=" . (int) $uid);
$forum_name = DB_getItem($_TABLES['ff_forums'], 'forum_name', 'forum_id=' . (int) $forum);
$topic_name = $subject;
if ($notify == 'on' and ($currentForumNotifyRecID < 1 and $currentTopicNotifyRecID < 1)) {
$sql = "INSERT INTO {$_TABLES['subscriptions']} (type,category,category_desc,id,id_desc,uid,date_added) ";
$sql .= "VALUES ('forum','" . DB_escapeString($forum) . "','" . DB_escapeString($forum_name) . "','" . DB_escapeString($topicPID) . "','" . $subject . "'," . (int) $uid . ",now() )";
DB_query($sql);
} elseif ($notify == 'on' and $currentTopicUnNotifyRecID > 1) {
// Had un-subcribed to topic and now wants to subscribe
DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE sub_id=" . (int) $currentTopicUnNotifyRecID);
} elseif ($notify == '' and $currentTopicNotifyRecID > 1) {
// Subscribed to topic - but does not want to be notified anymore
DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $uid . " AND category='" . DB_escapeString($forum) . "' and id = '" . DB_escapeString($topicPID) . "'");
} elseif ($notify == '' and $currentForumNotifyRecID > 1) {
// Subscribed to forum - but does not want to be notified about this topic
DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $uid . " AND category='" . DB_escapeString($forum) . "' and id = '" . DB_escapeString($topicPID) . "'");
DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $uid . " AND category='" . DB_escapeString($forum) . "' and id = '" . DB_escapeString($nid) . "'");
DB_query("INSERT INTO {$_TABLES['subscriptions']} (type,category,category_desc,id,id_desc,uid,date_added) VALUES ('forum','" . DB_escapeString($forum) . "','" . DB_escapeString($forum_name) . "','" . DB_escapeString($nid) . "','" . $subject . "'," . (int) $uid . ",now() )");
}
}
if ($action != 'saveedit') {
_ff_chknotifications($forum, $savedPostID, $uid);
}
$link = $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $topicPID . '&topic=' . $savedPostID . '#' . $savedPostID;
if ($uploadErrors != '') {
$autorefresh = false;
} else {
$autorefresh = true;
}
$retval .= FF_statusMessage($uploadErrors . $LANG_GF02['msg19'], $link, $LANG_GF02['msg19'], false, '', $autorefresh);
} else {
$retval .= _ff_alertMessage($LANG_GF02['msg18']);
}
return array(true, $retval);
}
$topicnavbar->set_var('hidden_method', '');
$topicnavbar->set_var('page', $page);
$topicnavbar->set_var('LANG_bhelp', $LANG_GF01['b_help']);
$topicnavbar->set_var('LANG_ihelp', $LANG_GF01['i_help']);
$topicnavbar->set_var('LANG_uhelp', $LANG_GF01['u_help']);
$topicnavbar->set_var('LANG_qhelp', $LANG_GF01['q_help']);
$topicnavbar->set_var('LANG_chelp', $LANG_GF01['c_help']);
$topicnavbar->set_var('LANG_lhelp', $LANG_GF01['l_help']);
$topicnavbar->set_var('LANG_ohelp', $LANG_GF01['o_help']);
$topicnavbar->set_var('LANG_phelp', $LANG_GF01['p_help']);
$topicnavbar->set_var('LANG_whelp', $LANG_GF01['w_help']);
$topicnavbar->set_var('LANG_ahelp', $LANG_GF01['a_help']);
$topicnavbar->set_var('LANG_shelp', $LANG_GF01['s_help']);
$topicnavbar->set_var('LANG_fhelp', $LANG_GF01['f_help']);
$topicnavbar->set_var('LANG_hhelp', $LANG_GF01['h_help']);
if (!COM_isAnonUser() and forum_modPermission($forum, $_USER['uid'], 'mod_edit')) {
$editmoderator = TRUE;
$topicnavbar->set_var('hidden_modedit', '1');
} else {
$topicnavbar->set_var('hidden_modedit', '0');
$editmoderator = FALSE;
}
if ($method == 'newtopic') {
$postmessage = $LANG_GF02['PostTopic'];
$topicnavbar->set_var('hidden_method', 'newtopic');
$editpid = 0;
} elseif ($method == 'postreply') {
$postmessage = $LANG_GF02['PostReply'];
$topicnavbar->set_var('hidden_method', 'postreply');
if ($preview != 'Preview') {
$subject = $LANG_GF01['RE'] . $subject;
$move_to_topic = isset($_POST['mergetopic']) ? COM_applyFilter($_POST['mergetopic'], true) : 0;
$splittype = '';
$move_to_forum = DB_getItem($_TABLES['ff_topic'], 'forum', 'id=' . (int) $move_to_topic);
if ($move_to_forum == '') {
moderator_error(ACCESS_DENIED);
}
if (!forum_modPermission($move_to_forum, $_USER['uid'], 'mod_move')) {
moderator_error(ACCESS_DENIED);
}
if ($splittype != 'single' && $splittype != 'remaining') {
$splittype = '';
}
$pageBody .= moderator_mergePost($topic_id, $topic_parent_id, $forum_id, $move_to_forum, $move_to_topic, $splittype);
break;
case 'confirmbanip':
if (!forum_modPermission($forum_id, $_USER['uid'], 'mod_ban')) {
moderator_error(ACCESS_DENIED);
}
if ($topic_id == 0) {
moderator_error(ERROR_TOPIC_ID);
}
$hostip = isset($_POST['hostip']) ? COM_applyFilter($_POST['hostip']) : '';
$pageBody .= moderator_banIP($topic_id, $topic_parent_id, $forum_id, $hostip);
break;
default:
$pageBody .= alertMessage($LANG_GF02['msg71'], '', '', true);
break;
}
}
// Display Common headers
$display = FF_siteHeader();
$topicnavbar->set_var('hidden_method', '');
$topicnavbar->set_var('page', $page);
$topicnavbar->set_var('LANG_bhelp', $LANG_GF01['b_help']);
$topicnavbar->set_var('LANG_ihelp', $LANG_GF01['i_help']);
$topicnavbar->set_var('LANG_uhelp', $LANG_GF01['u_help']);
$topicnavbar->set_var('LANG_qhelp', $LANG_GF01['q_help']);
$topicnavbar->set_var('LANG_chelp', $LANG_GF01['c_help']);
$topicnavbar->set_var('LANG_lhelp', $LANG_GF01['l_help']);
$topicnavbar->set_var('LANG_ohelp', $LANG_GF01['o_help']);
$topicnavbar->set_var('LANG_phelp', $LANG_GF01['p_help']);
$topicnavbar->set_var('LANG_whelp', $LANG_GF01['w_help']);
$topicnavbar->set_var('LANG_ahelp', $LANG_GF01['a_help']);
$topicnavbar->set_var('LANG_shelp', $LANG_GF01['s_help']);
$topicnavbar->set_var('LANG_fhelp', $LANG_GF01['f_help']);
$topicnavbar->set_var('LANG_hhelp', $LANG_GF01['h_help']);
if (!COM_isAnonUser() and forum_modPermission($forum, $_USER['uid'], 'mod_edit') or SEC_inGroup('Root')) {
$editmoderator = TRUE;
$topicnavbar->set_var('hidden_modedit', '1');
} else {
$topicnavbar->set_var('hidden_modedit', '0');
$editmoderator = FALSE;
}
if ($method == 'newtopic') {
$postmessage = $LANG_GF02['PostTopic'];
$topicnavbar->set_var('hidden_method', 'newtopic');
$editpid = 0;
} elseif ($method == 'postreply') {
$postmessage = $LANG_GF02['PostReply'];
$topicnavbar->set_var('hidden_method', 'postreply');
if ($preview != 'Preview') {
$subject = $LANG_GF01['RE'] . $subject;
if (!in_array('forum', $_PLUGINS)) {
exit;
}
USES_forum_functions();
USES_forum_format();
$deleteid = COM_applyFilter($_GET['id'], true);
$topic = COM_applyFilter($_GET['topic'], true);
$query = DB_query("SELECT uid,forum,date FROM {$_TABLES['ff_topic']} WHERE id=" . (int) $topic);
$edittopic = DB_fetchArray($query, false);
$editAllowed = false;
if (COM_isAnonUser()) {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
if (forum_modPermission($edittopic['forum'], $uid, 'mod_edit')) {
$editAllowed = true;
} elseif ($edittopic['uid'] > 1 and $edittopic['uid'] == $uid) {
// User is trying to edit their topic post - this is allowed
if ($edittopic['date'] > 0) {
if ($_FF_CONF['allowed_editwindow'] > 0) {
// Check if edit timeframe is still valid
$t2 = $_FF_CONF['allowed_editwindow'];
$time = time();
if (time() - $t2 < $edittopic['date']) {
$editAllowed = true;
}
} else {
$editAllowed = true;
}
}
