function sp_pop_topic_page($forumid) { $page = 1; $check = sp_get_cache('bookmark'); # if no record then resort to page 1 if ($check == '') { return $page; } $check = explode('@', $check); # is it the same forum? if ($check[0] == $forumid) { $page = $check[1]; } return $page; }
function sp_groupview_query($groupids = '', $idOrder = false) { global $spThisUser; # can we get the results from the cache? $records = array(); if (empty($spThisUser->inspect['q_spGroupView'])) { $records = sp_get_cache('group'); } if (!$records) { $WHERE = ''; if (!empty($groupids)) { $gcount = count($groupids); $done = 0; foreach ($groupids as $id) { $WHERE .= '(' . SFGROUPS . ".group_id={$id})"; $done++; if ($done < $gcount) { $WHERE .= ' OR '; } } } $this->groupViewStatus = empty($groupids) ? 'no data' : 'no access'; # retrieve group and forum records $spdb = new spdbComplex(); $spdb->table = SFGROUPS; $spdb->fields = SFGROUPS . '.group_id, group_name, group_desc, group_rss, group_icon, group_message, forum_id, forum_name, forum_slug, forum_desc, forum_status, forum_disabled, forum_icon, forum_icon_new, forum_icon_locked, forum_rss_private, post_id, post_id_held, topic_count, post_count, post_count_held, parent, children'; $spdb->join = array(SFFORUMS . ' ON ' . SFGROUPS . '.group_id = ' . SFFORUMS . '.group_id'); $spdb->where = $WHERE; $spdb->orderby = 'group_seq, forum_seq'; $spdb = apply_filters('sph_groupview_query', $spdb, $this); if (!empty($spThisUser->inspect['q_spGroupView'])) { $spdb->inspect = 'spGroupView'; $spdb->show = true; $spThisUser->inspect['q_spGroupView'] = false; } $records = $spdb->select(); if ($records) { sp_add_cache('group', $records); } } $g = ''; if ($records) { # Set status initially to 'no access' in case current user can view no forums $this->groupViewStatus = 'no access'; $gidx = 0; $fidx = 0; $sidx = 0; $cparent = 0; $subPostId = 0; # define array to collect data $p = array(); $g = array(); foreach ($records as $r) { $groupid = $r->group_id; $forumid = $r->forum_id; if (sp_can_view($forumid, 'forum-title')) { if ($gidx == 0 || $g[$gidx]->group_id != $groupid) { # reset status to 'data' $this->groupViewStatus = 'data'; $gidx = $groupid; $fidx = 0; $g[$gidx] = new stdClass(); $g[$gidx]->group_id = $r->group_id; $g[$gidx]->group_name = sp_filter_title_display($r->group_name); $g[$gidx]->group_desc = sp_filter_title_display($r->group_desc); $g[$gidx]->group_rss = esc_url($r->group_rss); $g[$gidx]->group_icon = sanitize_file_name($r->group_icon); $g[$gidx]->group_message = sp_filter_text_display($r->group_message); $g[$gidx]->group_rss_active = 0; $g[$gidx] = apply_filters('sph_groupview_group_records', $g[$gidx], $r); } if (isset($r->forum_id)) { # Is this a subform? if ($r->parent != 0) { $sidx = $r->forum_id; $g[$gidx]->forums[$cparent]->subforums[$sidx] = new stdClass(); $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_id = $r->forum_id; $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_name = sp_filter_title_display($r->forum_name); $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_slug = $r->forum_slug; $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_icon = sanitize_file_name($r->forum_icon); $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_icon_new = sanitize_file_name($r->forum_icon_new); $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_icon_locked = sanitize_file_name($r->forum_icon_locked); $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_disabled = $r->forum_disabled; $g[$gidx]->forums[$cparent]->subforums[$sidx]->forum_permalink = sp_build_url($r->forum_slug, '', 1, 0); $g[$gidx]->forums[$cparent]->subforums[$sidx]->topic_count = $r->topic_count; $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_count = $r->post_count; $g[$gidx]->forums[$cparent]->subforums[$sidx]->parent = $r->parent; $g[$gidx]->forums[$cparent]->subforums[$sidx]->children = $r->children; $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id = $r->post_id; $g[$gidx]->forums[$cparent]->subforums[$sidx]->unread = 0; # check if we can look at posts in moderation - if not swap for 'held' values if (!sp_get_auth('moderate_posts', $r->forum_id)) { $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_count = $r->post_count_held; $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id = $r->post_id_held; } # See if any forums are in the current users newpost list if ($spThisUser->member && isset($spThisUser->newposts['forums'])) { $c = 0; if ($spThisUser->newposts['forums']) { foreach ($spThisUser->newposts['forums'] as $fnp) { if ($fnp == $sidx) { $c++; } } } # set the subforum unread count $g[$gidx]->forums[$cparent]->subforums[$sidx]->unread = $c; } # Update top parent counts with subforum counts $g[$gidx]->forums[$cparent]->topic_count_sub += $g[$gidx]->forums[$cparent]->subforums[$sidx]->topic_count; $g[$gidx]->forums[$cparent]->post_count_sub += $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_count; # and what about the most recent post? Is this in a subforum? if ($g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id > $g[$gidx]->forums[$cparent]->post_id && $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id > $subPostId) { # store the alternative forum id in case we need to display the topic data for this one if inc. subs $g[$gidx]->forums[$cparent]->forum_id_sub = $r->forum_id; # add the last post in subforum to the list for stats retrieval $subPostId = $g[$gidx]->forums[$cparent]->subforums[$sidx]->post_id; $p[$r->forum_id] = $subPostId; } } else { # it's a top level forum $subPostId = 0; $fidx = $forumid; $g[$gidx]->forums[$fidx] = new stdClass(); $g[$gidx]->forums[$fidx]->forum_id = $r->forum_id; $g[$gidx]->forums[$fidx]->forum_id_sub = 0; $g[$gidx]->forums[$fidx]->forum_name = sp_filter_title_display($r->forum_name); $g[$gidx]->forums[$fidx]->forum_slug = $r->forum_slug; $g[$gidx]->forums[$fidx]->forum_permalink = sp_build_url($r->forum_slug, '', 1, 0); $g[$gidx]->forums[$fidx]->forum_desc = sp_filter_title_display($r->forum_desc); $g[$gidx]->forums[$fidx]->forum_status = $r->forum_status; $g[$gidx]->forums[$fidx]->forum_disabled = $r->forum_disabled; $g[$gidx]->forums[$fidx]->forum_icon = sanitize_file_name($r->forum_icon); $g[$gidx]->forums[$fidx]->forum_icon_new = sanitize_file_name($r->forum_icon_new); $g[$gidx]->forums[$fidx]->forum_icon_locked = sanitize_file_name($r->forum_icon_locked); $g[$gidx]->forums[$fidx]->forum_rss_private = $r->forum_rss_private; $g[$gidx]->forums[$fidx]->post_id = $r->post_id; $g[$gidx]->forums[$fidx]->topic_count = $r->topic_count; $g[$gidx]->forums[$fidx]->topic_count_sub = $r->topic_count; $g[$gidx]->forums[$fidx]->post_count = $r->post_count; $g[$gidx]->forums[$fidx]->post_count_sub = $r->post_count; $g[$gidx]->forums[$fidx]->parent = $r->parent; $g[$gidx]->forums[$fidx]->children = $r->children; $g[$gidx]->forums[$fidx]->unread = 0; if (empty($g[$gidx]->forums[$fidx]->post_id)) { $g[$gidx]->forums[$fidx]->post_id = 0; } # Can the user create new topics or should we lock the forum? $g[$gidx]->forums[$fidx]->start_topics = sp_get_auth('start_topics', $r->forum_id); # check if we can look at posts in moderation - if not swap for 'held' values if (!sp_get_auth('moderate_posts', $r->forum_id)) { $g[$gidx]->forums[$fidx]->post_id = $r->post_id_held; $g[$gidx]->forums[$fidx]->post_count = $r->post_count_held; $g[$gidx]->forums[$fidx]->post_count_sub = $r->post_count_held; $thisPostid = $r->post_id_held; } else { $thisPostid = $r->post_id; } # See if any forums are in the current users newpost list if ($spThisUser->member && isset($spThisUser->newposts['forums'])) { $c = 0; if ($spThisUser->newposts['forums']) { foreach ($spThisUser->newposts['forums'] as $fnp) { if ($fnp == $fidx) { $c++; } } } $g[$gidx]->forums[$fidx]->unread = $c; } if (empty($r->children)) { $cparent = 0; } else { $cparent = $fidx; $sidx = 0; } # Build post id array for collecting stats at the end if (!empty($thisPostid)) { $p[$fidx] = $thisPostid; } $g[$gidx]->forums[$fidx] = apply_filters('sph_groupview_forum_records', $g[$gidx]->forums[$fidx], $r); } # Build special Group level flag on whether to show group RSS button or not (based on any forum in group having RSS access if (sp_get_auth('view_forum', $r->forum_id) && !$r->forum_rss_private) { $g[$gidx]->group_rss_active = 1; } } } } } if ($this->includeStats == true) { # Go grab the forum stats and data if (!empty($p)) { $stats = $this->sp_groupview_stats_query($p); if ($stats) { foreach ($g as $gr) { foreach ($gr->forums as $f) { if (!empty($stats[$f->forum_id])) { $s = $stats[$f->forum_id]; $f->topic_id = $s->topic_id; $f->topic_name = sp_filter_title_display($s->topic_name); $f->topic_slug = $s->topic_slug; $f->post_id = $s->post_id; $f->post_permalink = sp_build_url($f->forum_slug, $s->topic_slug, 0, $s->post_id, $s->post_index); $f->post_date = $s->post_date; $f->post_status = $s->post_status; $f->post_index = $s->post_index; # see if we can display the tooltip if (sp_can_view($f->forum_id, 'post-content', $spThisUser->ID, $s->user_id, $s->topic_id, $s->post_id)) { $f->post_tip = $s->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($s->post_content, $s->post_status); } else { $f->post_tip = ''; } $f->user_id = $s->user_id; $f->display_name = sp_filter_name_display($s->display_name); $f->guest_name = sp_filter_name_display($s->guest_name); } # do we need to record a possible subforum substitute topic? $fsub = $f->forum_id_sub; if ($fsub != 0 && !empty($stats[$fsub])) { $s = $stats[$fsub]; $f->topic_id_sub = $s->topic_id; $f->topic_name_sub = sp_filter_title_display($s->topic_name); $f->topic_slug_sub = $s->topic_slug; $f->post_id_sub = $s->post_id; $f->post_permalink_sub = sp_build_url($f->subforums[$fsub]->forum_slug, $s->topic_slug, 0, $s->post_id, $s->post_index); $f->post_date_sub = $s->post_date; $f->post_status_sub = $s->post_status; $f->post_index_sub = $s->post_index; # see if we can display the tooltip if (sp_can_view($fsub, 'post-content', $spThisUser->ID, $s->user_id, $s->topic_id, $s->post_id)) { $f->post_tip_sub = $s->post_status ? sp_text('Post awaiting moderation') : sp_filter_tooltip_display($s->post_content, $s->post_status); } else { $f->post_tip_sub = ''; } $f->user_id_sub = $s->user_id; $f->display_name_sub = sp_filter_name_display($s->display_name); $f->guest_name_sub = sp_filter_name_display($s->guest_name); } $f = apply_filters('sph_groupview_stats_records', $f, $s); } } unset($stats); } } } # Do we need to re-order IDs based on passed in IDs if ($groupids && $idOrder) { $n = array(); foreach ($groupids as $gid) { if (array_key_exists($gid, $g)) { $n[$gid] = $g[$gid]; } } $g = $n; unset($n); } return $g; }
function sp_render_add_topic_form($args) { global $spVars, $spGlobals, $spThisForum, $spThisUser, $spGuestCookie; include_once SF_PLUGIN_DIR . '/forum/content/forms/sp-form-components.php'; $toolbar = $spGlobals['display']['editor']['toolbar']; $defs = array('tagClass' => 'spForm', 'hide' => 1, 'controlFieldset' => 'spEditorFieldset', 'controlInput' => 'spControl', 'controlSubmit' => 'spSubmit', 'controlOrder' => 'cancel|save', 'maxTitleLength' => 200, 'labelHeading' => sp_text('Add Topic'), 'labelGuestName' => sp_text('Guest name (required)'), 'labelGuestEmail' => sp_text('Guest email (required)'), 'labelModerateAll' => sp_text('NOTE: new posts are subject to administrator approval before being displayed'), 'labelModerateOnce' => sp_text('NOTE: first posts are subject to administrator approval before being displayed'), 'labelTopicName' => sp_text('Topic name'), 'labelSmileys' => sp_text('Smileys'), 'labelOptions' => sp_text('Options'), 'labelOptionLock' => sp_text('Lock this topic'), 'labelOptionPin' => sp_text('Pin this post'), 'labelOptionTime' => sp_text('Edit post timestamp'), 'labelMath' => sp_text('Math Required'), 'labelMathSum' => sp_text('What is the sum of'), 'labelPostButtonReady' => sp_text('Submit Topic'), 'labelPostButtonMath' => sp_text('Do Math To Save'), 'labelPostCancel' => sp_text('Cancel'), 'tipSmileysButton' => sp_text('Open/Close to Add a Smiley'), 'tipOptionsButton' => sp_text('Open/Close to select Posting Options'), 'tipSubmitButton' => sp_text('Save the New Topic'), 'tipCancelButton' => sp_text('Cancel the New Topic')); $a = wp_parse_args($args, $defs); extract($a, EXTR_SKIP); # sanitize $tagClass = esc_attr($tagClass); $hide = (int) $hide; $controlFieldset = esc_attr($controlFieldset); $controlInput = esc_attr($controlInput); $maxTitleLength = (int) $maxTitleLength; $labelHeading = sp_filter_title_display($labelHeading); $labelGuestName = sp_filter_title_display($labelGuestName); $labelGuestEmail = sp_filter_title_display($labelGuestEmail); $labelModerateAll = sp_filter_title_display($labelModerateAll); $labelModerateOnce = sp_filter_title_display($labelModerateOnce); $labelTopicName = sp_filter_title_display($labelTopicName); # Check for a failure package in case this is a redirect $f = sp_get_cache('post'); if (isset($f['guestname']) ? $guestnameval = $f['guestname'] : ($guestnameval = $spGuestCookie->guest_name)) { } if (isset($f['guestemail']) ? $guestemailval = $f['guestemail'] : ($guestemailval = $spGuestCookie->guest_email)) { } if (isset($f['newtopicname']) ? $topicnameval = $f['newtopicname'] : ($topicnameval = '')) { } if (isset($f['postitem']) ? $postitemval = $f['postitem'] : ($postitemval = '')) { } if (isset($f['message']) ? $failmessage = $f['message'] : ($failmessage = '')) { } $captchaValue = sp_get_option('captcha-value'); $out = ''; # Grab above editor message if there is one $postmsg = sp_get_option('sfpostmsg'); # Grab in-editor message if one $inEdMsg = sp_filter_text_display(sp_get_option('sfeditormsg')); if ($hide ? $hide = ' style="display:none;"' : ($hide = '')) { } $out .= '<div id="spPostForm"' . $hide . '>' . "\n"; $out .= "<form class='{$tagClass}' action='" . SFHOMEURL . "index.php?sp_ahah=post&sfnonce=" . wp_create_nonce('forum-ahah') . "' method='post' id='addtopic' name='addtopic' onsubmit='return spjValidatePostForm(this, {$spThisUser->guest}, 1, \"" . sp_paint_file_icon(SPTHEMEICONSURL, 'sp_Success.png') . "\");'>\n"; $out .= sp_create_nonce('forum-userform_addtopic'); $out .= '<div class="spEditor">' . "\n"; $out = apply_filters('sph_topic_editor_top', $out, $spThisForum); $out .= "<fieldset class='{$controlFieldset}'>\n"; $out .= "<legend>{$labelHeading}: " . $spThisForum->forum_name . "</legend>\n"; $out .= "<input type='hidden' name='action' value='topic' />\n"; $out .= "<input type='hidden' name='forumid' value='{$spThisForum->forum_id}' />\n"; $out .= "<input type='hidden' name='forumslug' value='{$spThisForum->forum_slug}' />\n"; $out .= "<input type='hidden' name='captcha' value='{$captchaValue}' />\n"; # input field that plugins can use $out .= "<input type='hidden' id='spEditorCustomValue' name='spEditorCustomValue' value='' />\n"; # plugins can add before the header $out = apply_filters('sph_topic_before_editor_header', $out, $spThisForum, $a); $tout = ''; $tout .= '<div class="spEditorSection">'; # let plugins add stuff at top of editor header $tout = apply_filters('sph_topic_editor_header_top', $tout, $spThisForum, $a); if (!empty($postmsg['sfpostmsgtopic'])) { $tout .= '<div class="spEditorMessage">' . sp_filter_text_display($postmsg['sfpostmsgtext']) . '</div>' . "\n"; } # create an empty div to allow plugins to add something $tout .= '<div id="spEditorCustomDiv"></div>'; if ($spThisUser->guest) { $tout .= '<div class="spEditorSectionLeft">' . "\n"; $tout .= "<div class='spEditorTitle'>{$labelGuestName}:\n"; $tout .= "<input type='text' tabindex='100' class='{$controlInput}' name='guestname' value='{$guestnameval}' /></div>\n"; $tout .= '</div>' . "\n"; $sfguests = sp_get_option('sfguests'); if ($sfguests['reqemail']) { $tout .= '<div class="spEditorSectionRight">' . "\n"; $tout .= "<div class='spEditorTitle'>{$labelGuestEmail}:\n"; $tout .= "<input type='text' tabindex='101' class='{$controlInput}' name='guestemail' value='{$guestemailval}' /></div>\n"; $tout .= '</div>' . "\n"; } $tout .= '<div class="spClear"></div>' . "\n"; } if (!sp_get_auth('bypass_moderation', $spThisForum->forum_id)) { $tout .= "<p class='spLabelSmall'>{$labelModerateAll}</p>\n"; } elseif (!sp_get_auth('bypass_moderation_once', $spThisForum->forum_id)) { $tout .= "<p class='spLabelSmall'>{$labelModerateOnce}</p>\n"; } $tout2 = ''; $tout2 .= "<div class='spEditorTitle'>{$labelTopicName}: \n"; $tout2 .= "<input id='spTopicTitle' type='text' tabindex='102' class='{$controlInput}' maxlength='{$maxTitleLength}' name='newtopicname' value='{$topicnameval}'/>\n"; $tout2 = apply_filters('sph_topic_editor_name', $tout2, $a); $tout2 .= '</div>' . "\n"; $tout .= apply_filters('sph_topic_editor_title', $tout2, $spThisForum, $a); # let plugins add stuff at bottom of editor header $tout = apply_filters('sph_topic_editor_header_bottom', $tout, $spThisForum, $a); $tout .= '</div>' . "\n"; # allow plugins to filter just the header $out .= apply_filters('sph_topic_editor_header', $tout, $spThisForum, $a); # do we have content? Or just add any inline message if (empty($postitemval)) { $postitemval = $inEdMsg; } # Display the selected editor $tout = ''; $tout .= '<div id="spEditorContent">' . "\n"; $tout .= sp_setup_editor(103, $postitemval); $tout .= '</div>' . "\n"; # allow plugins to filter the editor content $out .= apply_filters('sph_topic_editor_content', $tout, $spThisForum, $a); # define area above toolbar for plugins to add components $section = apply_filters('sph_topic_editor_above_toolbar', '', $spThisForum, $a); if (!empty($section)) { $tout = ''; $tout .= '<div class="spEditorSection">'; $tout .= $section; $tout .= '</div>' . "\n"; $out .= apply_filters('sph_topic_editor_above_toolbar_end', $tout, $spThisForum, $a); } # DEFINE NEW FAILURE AREA HERE # define validation failure notice area $out .= "<div class='spClear'></div>\n"; $out .= "<div id='spPostNotifications'>{$failmessage}</div>\n"; # TOOLBAR # define toolbar - submit buttons on right, plugin extensions on left $toolbarRight = apply_filters('sph_topic_editor_toolbar_submit', '', $spThisForum, $a, 'toolbar'); $toolbarLeft = apply_filters('sph_topic_editor_toolbar_buttons', '', $spThisForum, $a, 'toolbar'); if (!empty($toolbarRight) || !empty($toolbarLeft)) { # Submit section $tout = ''; $tout .= '<div class="spEditorSection spEditorToolbar">'; $tout .= $toolbarRight; # toolbar for plugins to add buttons $tout .= $toolbarLeft; $out .= apply_filters('sph_topic_editor_toolbar', $tout, $spThisForum, $a, 'toolbar'); $out .= '<div style="clear:both"></div>'; $out .= '</div>' . "\n"; } # START SMILEYS/OPTIONS # let plugins add stuff at top of editor footer $tout = ''; $tout = apply_filters('sph_topic_editor_footer_top', $tout, $spThisForum, $a); # smileys and options $tout = apply_filters('sp_topic_editor_inline_footer', $tout, $spThisForum, $a, 'inline'); # let plugins add stuff at end of editor footer $tout = apply_filters('sph_topic_editor_footer_bottom', $tout, $spThisForum, $a); # plugins can remove or adjust whole footer $out .= apply_filters('sph_topic_editor_footer', $tout, $spThisForum, $a); # allow plugins to insert stuff after editor footer $out = apply_filters('sph_topic_editor_after_footer', $out, $spThisForum, $a); # START SUBMIT SECTION # define submit section of no toolbar in use if (!$toolbar) { $out .= '<div class="spEditorSubmit">' . "\n"; $out = apply_filters('sph_topic_editor_submit_top', $out, $spThisForum, $a); # let plugins add/remove the controls area $tout = apply_filters('sp_topic_editor_inline_submit', '', $spThisForum, $a, 'inline'); # let plugins add stuff at end of editor submit bottom $out .= apply_filters('sph_topic_editor_submit_bottom', $tout, $spThisForum, $a); $out .= '</div>' . "\n"; } # close it up $out .= '</fieldset>' . "\n"; $out = apply_filters('sph_topic_editor_bottom', $out, $spThisForum, $a); $out .= '</div>' . "\n"; $out .= '</form>' . "\n"; $out .= '</div>' . "\n"; # let plugins add stuff beneath the editor $out = apply_filters('sph_topic_editor_beneath', $out, $spThisForum, $a); return $out; }
function sp_post_display_processing($pageview) { global $spThisTopic; if ($pageview == 'topic' && !empty($spThisTopic)) { $tid = sp_get_cache('topic'); if (empty($tid) || $tid != $spThisTopic->topic_id) { sp_update_opened($spThisTopic->topic_id); sp_add_cache('topic', $spThisTopic->topic_id); } } }
function validateData() { $this->abort = false; $this->newpost['action'] = $this->action; # Check flood control (done here vice validatePermission() so we can use the return to post feature) if (!sp_get_auth('bypass_flood_control', $this->newpost['forumid'], $this->userid)) { $flood = sp_get_cache('floodcontrol'); if (!empty($flood) && time() < $flood) { $this->abort = true; $this->message = sp_text('Flood control exceeded, please slow down - Post cannot be saved yet'); return; } } # Check topic name if (empty($this->newpost['topicname'])) { $this->abort = true; $this->message = sp_text('No topic name has been entered and post cannot be saved'); return; } else { $this->newpost['topicname'] = sp_filter_title_save($this->newpost['topicname'], SFTOPICS, 'topic_name'); } # Check Post Content if (empty($this->newpost['postcontent'])) { $this->abort = true; $this->message = sp_text('No topic post has been entered and post cannot be saved'); return; } else { $this->newpost['postcontent_unescaped'] = sp_filter_content_save($this->newpost['postcontent'], 'new', false, SFPOSTS, 'post_content'); $this->newpost['postcontent'] = sp_filter_content_save($this->newpost['postcontent'], 'new', true, SFPOSTS, 'post_content'); } # Check and set user names/ids etc if ($this->guest) { $sfguests = sp_get_option('sfguests'); if (empty($this->newpost['guestname']) || (empty($this->newpost['guestemail']) || !is_email($this->newpost['guestemail'])) && $sfguests['reqemail']) { $this->abort = true; $this->message = sp_text('Guest name and valid email address required'); return; } # force maximum lengths $this->newpost['guestname'] = substr(sp_filter_name_save($this->newpost['guestname']), 0, 20); $this->newpost['guestemail'] = substr(sp_filter_email_save($this->newpost['guestemail']), 0, 50); $this->newpost['postername'] = $this->newpost['guestname']; $this->newpost['posteremail'] = $this->newpost['guestemail']; # check for blacklisted guest name $blockedGuest = sp_get_option('guest-name'); if (!empty($blockedGuest)) { $names = explode(',', $blockedGuest); foreach ($names as $name) { if (strtolower(trim($name)) == strtolower($this->newpost['guestname'])) { $this->abort = true; $this->message = sp_text('The guest name you have chosen is not allowed on this site'); return; } } } # check that the guest name is not the same as a current user $checkdupe = spdb_table(SFMEMBERS, "display_name='" . $this->newpost['guestname'] . "'", 'display_name'); if (!empty($checkdupe)) { $this->abort = true; $this->message = sp_text('This user name already belongs to a forum member'); return; } } # Check if links allowed or if maxmium links have been exceeded $sffilters = sp_get_option('sffilters'); if (!$this->admin) { $links = $this->count_links(); if (sp_get_auth('create_links', $this->newpost['forumid'], $this->userid)) { if ($sffilters['sfmaxlinks'] > 0 && $links > $sffilters['sfmaxlinks']) { $this->abort = true; $this->message = sp_text('Maximum number of allowed links exceeded') . ': ' . $sffilters['sfmaxlinks'] . ' ' . sp_text('allowed'); return; } } else { if ($links > 0) { $this->abort = true; $this->message = sp_text('You are not allowed to put links in post content'); return; } } } # Check if maxmium smileys have been exceeded if (!$this->admin) { if (isset($sffilters['sfmaxsmileys']) && $sffilters['sfmaxsmileys'] > 0 && $this->count_smileys() > $sffilters['sfmaxsmileys']) { $this->abort = true; $this->message = sp_text('Maximum number of allowed smileys exceeded') . ': ' . $sffilters['sfmaxsmileys'] . ' ' . sp_text('allowed'); return; } } # Check for duplicate post of option is set if ($this->member && $sffilters['sfdupemember'] == true || $this->guest && $sffilters['sfdupeguest'] == true) { # But not admin or moderator if (!$this->admin && !$this->moderator) { $dupecheck = spdb_table(SFPOSTS, 'forum_id = ' . $this->newpost['forumid'] . ' AND topic_id=' . $this->newpost['topicid'] . " AND post_content='" . $this->newpost['postcontent'] . "' AND poster_ip='" . $this->newpost['posterip'] . "'", 'row', '', '', ARRAY_A); if ($dupecheck) { $this->abort = true; $this->message = sp_text('Duplicate post refused'); return; } } } # Establish moderation status $bypassAll = sp_get_auth('bypass_moderation', $this->newpost['forumid'], $this->userid); $bypassOnce = sp_get_auth('bypass_moderation_once', $this->newpost['forumid'], $this->userid); if ($bypassAll == true && $bypassOnce == true) { $this->newpost['poststatus'] = 0; } else { if ($bypassAll == false && $bypassOnce == false) { $this->newpost['poststatus'] = 1; } else { if ($bypassAll == true && $bypassOnce == false) { $this->newpost['poststatus'] = 1; if ($this->member) { $prior = spdb_table(SFPOSTS, 'user_id=' . $this->newpost['userid'] . ' AND post_status=0', 'row', '', '1'); if ($prior) { $this->newpost['poststatus'] = 0; } } else { if ($this->guest) { $prior = spdb_table(SFPOSTS, "guest_name='" . $this->newpost['guestname'] . "' AND guest_email='" . $this->newpost['guestemail'] . "' AND post_status=0", 'row', '', '1'); if ($prior) { $this->newpost['poststatus'] = 0; } } } } else { $this->newpost['poststatus'] = 1; } } } # Finally one or two other data items if ($this->action == 'topic') { $this->newpost['topicslug'] = sp_create_slug($this->newpost['topicname'], true, SFTOPICS, 'topic_slug'); } else { $this->newpost['emailprefix'] = 'Re: '; } $this->newpost['groupname'] = sp_get_group_name_from_forum($this->newpost['forumid']); if (empty($this->newpost['forumname'])) { $this->newpost['forumname'] = spdb_table(SFFORUMS, "forum_slug='" . $this->newpost['forumslug'] . "'", 'forum_name'); } $this->newpost = apply_filters('sph_post_data_validation', $this->newpost); do_action('sph_pre_post_create', $this->newpost); $this->newpost = apply_filters('sph_new_forum_post', $this->newpost); }
function sp_searchview_control($count) { global $spVars; $searchType = $spVars['searchtype']; $searchInclude = $spVars['searchinclude']; # (LIMIT) how many topics per page? if (!$count) { $count = 30; } $this->searchShow = $count; if ($spVars['searchpage'] == 1) { $startlimit = 0; } else { $startlimit = ($spVars['searchpage'] - 1) * $count; } # For this page? $this->limit = $startlimit . ', ' . $count; # (WHERE) All or specific forum? if ($spVars['forumslug'] == 'all') { # create forumIds list and where clause $forumIds = sp_user_visible_forums('post-content'); if (empty($forumIds)) { return; } $this->forumWhere = 'forum_id IN (' . implode(',', $forumIds) . ') '; } else { # check we can see this forum and create where clause if (!sp_get_auth('view_forum', $spVars['forumid'])) { return; } $this->forumWhere = 'forum_id=' . $spVars['forumid']; } if (empty($spVars['searchvalue'])) { return ''; } if ($searchType == 4 || $searchType == 5) { $this->searchTermRaw = sp_get_member_item((int) $spVars['searchvalue'], 'display_name'); } else { $this->searchTermRaw = $spVars['searchvalue']; } $this->searchTerm = $this->sp_construct_search_term($spVars['searchvalue'], $searchType, $searchInclude); # if search type is 1,2 or 3 (i.e., normal data searches) and we are looking for page 1 then we need to run # the query. Note - if posts and titles then we need to run it twice! # If we are not loading page 1 however then we can grab the results from the cache. # For all other searchtypes - just rin the standard routine if ($searchType > 3) { $r = $this->sp_searchview_query($searchType, $searchInclude); return $r; } if ($spVars['searchpage'] == 1 && $spVars['newsearch'] == true) { $r = $this->sp_searchview_query($searchType, $searchInclude); # Remove dupes and re-sort if ($r) { $r = array_unique($r); rsort($r, SORT_NUMERIC); # Now hive off into a transient $d = array(); $d['url'] = $this->searchPermalink; $d['page'] = $spVars['searchpage']; $t = array(); $t[0] = $d; $t[1] = $r; sp_add_cache('search', $t); } } else { # Get the data from the cache if not page 1 for first time $r = sp_get_cache('search'); if ($r) { $d = $r[0]; $r = $r[1]; $d['url'] = $this->searchPermalink; $d['page'] = $spVars['searchpage']; $t = array(); $t[0] = $d; $t[1] = $r; # update the transient with the new url sp_add_cache('search', $t); } } # Now work out which part of the $r array to return if ($r) { $spVars['searchresults'] = count($r); $this->searchCount = $spVars['searchresults']; $this->searchInclude = $searchInclude; $this->searchType = $searchType; return array_slice($r, $startlimit, $count); } }
function sp_SearchForm($args = '') { global $spGlobals, $spDevice, $spVars; $defs = array('tagId' => 'spSearchForm', 'tagClass' => 'spSearchSection', 'icon' => 'sp_Search.png', 'iconClass' => 'spIcon', 'inputClass' => 'spControl', 'inputWidth' => 20, 'submitId' => 'spSearchButton', 'submitId2' => 'spSearchButton2', 'submitClass' => 'spButton', 'submitClass2' => 'spButton', 'advSearchLinkClass' => 'spLink', 'advSearchLink' => '', 'advSearchId' => 'spSearchFormAdvanced', 'advSearchClass' => 'spSearchFormAdvanced', 'searchIncludeDef' => 1, 'searchScope' => 1, 'submitLabel' => '', 'advancedLabel' => '', 'lastSearchLabel' => '', 'toolTip' => '', 'labelLegend' => '', 'labelScope' => '', 'labelCurrent' => '', 'labelAll' => '', 'labelMatch' => sp_text('Match'), 'labelMatchAny' => '', 'labelMatchAll' => '', 'labelMatchPhrase' => '', 'labelOptions' => '', 'labelPostTitles' => '', 'labelPostsOnly' => '', 'labelTitlesOnly' => '', 'labelWildcards' => '', 'labelMatchAnyChars' => '', 'labelMatchOneChar' => '', 'labelMinLength' => '', 'labelMemberSearch' => '', 'labelTopicsPosted' => '', 'labelTopicsStarted' => '', 'echo' => 1); $a = wp_parse_args($args, $defs); $a = apply_filters('sph_SearchForm_args', $a); extract($a, EXTR_SKIP); # sanitize before use $tagId = esc_attr($tagId); $tagClass = esc_attr($tagClass); $icon = sanitize_file_name($icon); $iconClass = esc_attr($iconClass); $inputClass = esc_attr($inputClass); $inputWidth = (int) $inputWidth; $submitId = esc_attr($submitId); $submitClass = esc_attr($submitClass); $advSearchLinkClass = esc_attr($advSearchLinkClass); $advSearchLink = esc_url($advSearchLink); $advSearchId = esc_attr($advSearchId); $advSearchClass = esc_attr($advSearchClass); $searchIncludeDef = (int) $searchIncludeDef; $searchScope = (int) $searchScope; $echo = (int) $echo; if (!empty($submitLabel)) { $submitLabel = sp_filter_title_display($submitLabel); } if (!empty($advancedLabel)) { $advancedLabel = sp_filter_title_display($advancedLabel); } if (!empty($lastSearchLabel)) { $lastSearchLabel = sp_filter_title_display($lastSearchLabel); } if (!empty($toolTip)) { $toolTip = esc_attr($toolTip); } # render the search form and advanced link $out = "<form id='{$tagId}' action='" . SFHOMEURL . "index.php?sp_ahah=search&sfnonce=" . wp_create_nonce('forum-ahah') . "' method='post' name='sfsearch' onsubmit='return spjValidateSearch(\"form\", {$spGlobals['mysql']['search']['min']});'>"; $out .= "<div class='{$tagClass}'>"; # Add a close button if using a mobile phone if ($spDevice == 'mobile') { $out .= "<div class='spRight'>"; $out .= "<a id='spPanelClose' href='#' onclick='spjResetMobileMenu();'></a>"; $out .= "</div>"; } $terms = isset($spVars['searchvalue']) && $spVars['searchtype'] != 4 && $spVars['searchtype'] != 5 ? $spVars['searchvalue'] : ''; $out .= "<input type='text' id='searchvalue' class='{$inputClass}' size='{$inputWidth}' name='searchvalue' value='{$terms}' placeholder='{$submitLabel}...' />"; $out .= "<a rel='nofollow' id='{$submitId}' class='{$submitClass} vtip' title='{$toolTip}' onclick='spjValidateSearch(this, \"{$submitId}\", \"link\", {$spGlobals['mysql']['search']['min']});'>"; if (!empty($icon)) { $out .= "<img class='{$iconClass}' src='" . sp_find_icon(SPTHEMEICONSURL, $icon) . "' alt=''/>"; } $out .= "{$submitLabel}</a>"; $out .= sp_InsertBreak('echo=0'); $out .= "<a class='{$advSearchLinkClass}' "; if (!empty($advSearchLink)) { $out .= "href='{$advSearchLink}'>"; } else { $out .= "href='javascript:void(0);' onclick='spjToggleLayer(\"{$advSearchId}\");'>"; } $out .= "{$advancedLabel}</a>"; # are the search results we can return to? if (!isset($_GET['search']) && !empty($lastSearchLabel)) { $r = sp_get_cache('search'); if ($r) { $p = $r[0]['page']; $url = $r[0]['url'] . "&search={$p}"; $out .= "<span class='spSearchLinkSep'>|</span>"; $out .= "<a class='{$advSearchLinkClass}' rel='nofollow' href='{$url}'>{$lastSearchLabel}</a>"; } } $out .= "</div>\n"; $out .= sp_InsertBreak('echo=0'); $out .= "<div id='{$advSearchId}' class='{$advSearchClass}'>" . sp_inline_search_form($a) . '</div>'; $out .= "</form>\n"; # finish it up $out = apply_filters('sph_SearchForm', $out, $a); if ($echo) { echo $out; } else { return $out; } }