/** * Approve Post/Topic */ function approve_post($post_id_list, $id, $mode) { global $db, $template, $user, $config; global $phpEx, $phpbb_root_path; if (!check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve'))) { trigger_error('NOT_AUTHORISED'); } $redirect = request_var('redirect', build_url(array('quickmod'))); $success_msg = ''; $s_hidden_fields = build_hidden_fields(array('i' => $id, 'mode' => $mode, 'post_id_list' => $post_id_list, 'action' => 'approve', 'redirect' => $redirect)); $post_info = get_post_data($post_id_list, 'm_approve'); if (confirm_box(true)) { $notify_poster = isset($_REQUEST['notify_poster']) ? true : false; // If Topic -> total_topics = total_topics+1, total_posts = total_posts+1, forum_topics = forum_topics+1, forum_posts = forum_posts+1 // If Post -> total_posts = total_posts+1, forum_posts = forum_posts+1, topic_replies = topic_replies+1 $total_topics = $total_posts = 0; $forum_topics_posts = $topic_approve_sql = $topic_replies_sql = $post_approve_sql = $topic_id_list = $forum_id_list = $approve_log = array(); $user_posts_sql = $post_approved_list = array(); $update_forum_information = false; foreach ($post_info as $post_id => $post_data) { if ($post_data['post_approved']) { $post_approved_list[] = $post_id; continue; } $topic_id_list[$post_data['topic_id']] = 1; if ($post_data['forum_id']) { $forum_id_list[$post_data['forum_id']] = 1; } // User post update (we do not care about topic or post, since user posts are strictly connected to posts) // But we care about forums where post counts get not increased. ;) if ($post_data['post_postcount']) { $user_posts_sql[$post_data['poster_id']] = empty($user_posts_sql[$post_data['poster_id']]) ? 1 : $user_posts_sql[$post_data['poster_id']] + 1; } // Topic or Post. ;) if ($post_data['topic_first_post_id'] == $post_id) { if ($post_data['forum_id']) { if (!isset($forum_topics_posts[$post_data['forum_id']])) { $forum_topics_posts[$post_data['forum_id']] = array('forum_posts' => 0, 'forum_topics' => 0); } $total_topics++; $forum_topics_posts[$post_data['forum_id']]['forum_topics']++; } $topic_approve_sql[] = $post_data['topic_id']; $approve_log[] = array('type' => 'topic', 'post_subject' => $post_data['post_subject'], 'forum_id' => $post_data['forum_id'], 'topic_id' => $post_data['topic_id']); } else { $approve_log[] = array('type' => 'post', 'post_subject' => $post_data['post_subject'], 'forum_id' => $post_data['forum_id'], 'topic_id' => $post_data['topic_id']); } if ($post_data['topic_replies_real'] > 0) { if (!isset($topic_replies_sql[$post_data['topic_id']])) { $topic_replies_sql[$post_data['topic_id']] = 0; } $topic_replies_sql[$post_data['topic_id']]++; } if ($post_data['forum_id']) { if (!isset($forum_topics_posts[$post_data['forum_id']])) { $forum_topics_posts[$post_data['forum_id']] = array('forum_posts' => 0, 'forum_topics' => 0); } $total_posts++; $forum_topics_posts[$post_data['forum_id']]['forum_posts']++; // Increment by topic_replies if we approve a topic... // This works because we do not adjust the topic_replies when re-approving a topic after an edit. if ($post_data['topic_first_post_id'] == $post_id && $post_data['topic_replies']) { $total_posts += $post_data['topic_replies']; $forum_topics_posts[$post_data['forum_id']]['forum_posts'] += $post_data['topic_replies']; } } $post_approve_sql[] = $post_id; // If the post is newer than the last post information stored we need to update the forum information if ($post_data['post_time'] >= $post_data['forum_last_post_time']) { $update_forum_information = true; } } $post_id_list = array_values(array_diff($post_id_list, $post_approved_list)); for ($i = 0, $size = sizeof($post_approved_list); $i < $size; $i++) { unset($post_info[$post_approved_list[$i]]); } if (sizeof($topic_approve_sql)) { $sql = 'UPDATE ' . TOPICS_TABLE . ' SET topic_approved = 1 WHERE ' . $db->sql_in_set('topic_id', $topic_approve_sql); $db->sql_query($sql); } if (sizeof($post_approve_sql)) { $sql = 'UPDATE ' . POSTS_TABLE . ' SET post_approved = 1 WHERE ' . $db->sql_in_set('post_id', $post_approve_sql); $db->sql_query($sql); } foreach ($approve_log as $log_data) { add_log('mod', $log_data['forum_id'], $log_data['topic_id'], $log_data['type'] == 'topic' ? 'LOG_TOPIC_APPROVED' : 'LOG_POST_APPROVED', $log_data['post_subject']); } if (sizeof($topic_replies_sql)) { foreach ($topic_replies_sql as $topic_id => $num_replies) { $sql = 'UPDATE ' . TOPICS_TABLE . "\n\t\t\t\t\tSET topic_replies = topic_replies + {$num_replies}\n\t\t\t\t\tWHERE topic_id = {$topic_id}"; $db->sql_query($sql); } } if (sizeof($forum_topics_posts)) { foreach ($forum_topics_posts as $forum_id => $row) { $sql = 'UPDATE ' . FORUMS_TABLE . ' SET '; $sql .= $row['forum_topics'] ? "forum_topics = forum_topics + {$row['forum_topics']}" : ''; $sql .= $row['forum_topics'] && $row['forum_posts'] ? ', ' : ''; $sql .= $row['forum_posts'] ? "forum_posts = forum_posts + {$row['forum_posts']}" : ''; $sql .= " WHERE forum_id = {$forum_id}"; $db->sql_query($sql); } } if (sizeof($user_posts_sql)) { // Try to minimize the query count by merging users with the same post count additions $user_posts_update = array(); foreach ($user_posts_sql as $user_id => $user_posts) { $user_posts_update[$user_posts][] = $user_id; } foreach ($user_posts_update as $user_posts => $user_id_ary) { $sql = 'UPDATE ' . USERS_TABLE . ' SET user_posts = user_posts + ' . $user_posts . ' WHERE ' . $db->sql_in_set('user_id', $user_id_ary); $db->sql_query($sql); } } if ($total_topics) { set_config_count('num_topics', $total_topics, true); } if ($total_posts) { set_config_count('num_posts', $total_posts, true); } unset($topic_approve_sql, $topic_replies_sql, $post_approve_sql); update_post_information('topic', array_keys($topic_id_list)); if ($update_forum_information) { update_post_information('forum', array_keys($forum_id_list)); } unset($topic_id_list, $forum_id_list); $messenger = new messenger(); // Notify Poster? if ($notify_poster) { foreach ($post_info as $post_id => $post_data) { if ($post_data['poster_id'] == ANONYMOUS) { continue; } $email_template = $post_data['post_id'] == $post_data['topic_first_post_id'] && $post_data['post_id'] == $post_data['topic_last_post_id'] ? 'topic_approved' : 'post_approved'; $messenger->template($email_template, $post_data['user_lang']); $messenger->to($post_data['user_email'], $post_data['username']); $messenger->im($post_data['user_jabber'], $post_data['username']); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($post_data['username']), 'POST_SUBJECT' => htmlspecialchars_decode(censor_text($post_data['post_subject'])), 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($post_data['topic_title'])), 'U_VIEW_TOPIC' => generate_board_url() . "/viewtopic.{$phpEx}?f={$post_data['forum_id']}&t={$post_data['topic_id']}&e=0", 'U_VIEW_POST' => generate_board_url() . "/viewtopic.{$phpEx}?f={$post_data['forum_id']}&t={$post_data['topic_id']}&p={$post_id}&e={$post_id}")); $messenger->send($post_data['user_notify_type']); } } $messenger->save_queue(); // Send out normal user notifications $email_sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']); foreach ($post_info as $post_id => $post_data) { if ($post_id == $post_data['topic_first_post_id'] && $post_id == $post_data['topic_last_post_id']) { // Forum Notifications user_notification('post', $post_data['topic_title'], $post_data['topic_title'], $post_data['forum_name'], $post_data['forum_id'], $post_data['topic_id'], $post_id); } else { // Topic Notifications user_notification('reply', $post_data['post_subject'], $post_data['topic_title'], $post_data['forum_name'], $post_data['forum_id'], $post_data['topic_id'], $post_id); } } if (sizeof($post_id_list) == 1) { $post_data = $post_info[$post_id_list[0]]; $post_url = append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", "f={$post_data['forum_id']}&t={$post_data['topic_id']}&p={$post_data['post_id']}") . '#p' . $post_data['post_id']; } unset($post_info); if ($total_topics) { $success_msg = $total_topics == 1 ? 'TOPIC_APPROVED_SUCCESS' : 'TOPICS_APPROVED_SUCCESS'; } else { $success_msg = sizeof($post_id_list) + sizeof($post_approved_list) == 1 ? 'POST_APPROVED_SUCCESS' : 'POSTS_APPROVED_SUCCESS'; } } else { $show_notify = false; foreach ($post_info as $post_data) { if ($post_data['poster_id'] == ANONYMOUS) { continue; } else { $show_notify = true; break; } } $template->assign_vars(array('S_NOTIFY_POSTER' => $show_notify, 'S_APPROVE' => true)); confirm_box(false, 'APPROVE_POST' . (sizeof($post_id_list) == 1 ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html'); } $redirect = request_var('redirect', "index.{$phpEx}"); $redirect = reapply_sid($redirect); if (!$success_msg) { redirect($redirect); } else { meta_refresh(3, $redirect); // If approving one post, also give links back to post... $add_message = ''; if (sizeof($post_id_list) == 1 && !empty($post_url)) { $add_message = '<br /><br />' . sprintf($user->lang['RETURN_POST'], '<a href="' . $post_url . '">', '</a>'); } trigger_error($user->lang[$success_msg] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], "<a href=\"{$redirect}\">", '</a>') . $add_message); } }
break; case 'delete': case 'poll_delete': if ($error_msg != '') { message_die(GENERAL_MESSAGE, $error_msg); } delete_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id); break; } if ($error_msg == '') { if ($mode != 'editpost') { $user_id = $mode == 'reply' || $mode == 'newtopic' ? $userdata['user_id'] : $post_data['poster_id']; update_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $user_id); } if ($error_msg == '' && $mode != 'poll_delete') { user_notification($mode, $post_data, $post_info['topic_title'], $forum_id, $topic_id, $post_id, $notify_user); } if ($mode == 'newtopic' || $mode == 'reply') { $tracking_topics = !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) : array(); $tracking_forums = !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) : array(); if (count($tracking_topics) + count($tracking_forums) == 100 && empty($tracking_topics[$topic_id])) { asort($tracking_topics); unset($tracking_topics[key($tracking_topics)]); } $tracking_topics[$topic_id] = time(); setcookie($board_config['cookie_name'] . '_t', serialize($tracking_topics), 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); } $template->assign_vars(array('META' => $return_meta)); message_die(GENERAL_MESSAGE, $return_message); } }
/** * Submit Post * @todo Split up and create lightweight, simple API for this. */ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $update_message = true, $update_search_index = true) { global $db, $auth, $user, $config, $phpEx, $template, $phpbb_root_path; // We do not handle erasing posts here if ($mode == 'delete') { return false; } $current_time = time(); if ($mode == 'post') { $post_mode = 'post'; $update_message = true; } else { if ($mode != 'edit') { $post_mode = 'reply'; $update_message = true; } else { if ($mode == 'edit') { $post_mode = $data['topic_replies_real'] == 0 ? 'edit_topic' : ($data['topic_first_post_id'] == $data['post_id'] ? 'edit_first_post' : ($data['topic_last_post_id'] == $data['post_id'] ? 'edit_last_post' : 'edit')); } } } // First of all make sure the subject and topic title are having the correct length. // To achieve this without cutting off between special chars we convert to an array and then count the elements. $subject = truncate_string($subject); $data['topic_title'] = truncate_string($data['topic_title']); // Collect some basic information about which tables and which rows to update/insert $sql_data = $topic_row = array(); $poster_id = $mode == 'edit' ? $data['poster_id'] : (int) $user->data['user_id']; // Retrieve some additional information if not present if ($mode == 'edit' && (!isset($data['post_approved']) || !isset($data['topic_approved']) || $data['post_approved'] === false || $data['topic_approved'] === false)) { $sql = 'SELECT p.post_approved, t.topic_type, t.topic_replies, t.topic_replies_real, t.topic_approved FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p WHERE t.topic_id = p.topic_id AND p.post_id = ' . $data['post_id']; $result = $db->sql_query($sql); $topic_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $data['topic_approved'] = $topic_row['topic_approved']; $data['post_approved'] = $topic_row['post_approved']; } // This variable indicates if the user is able to post or put into the queue - it is used later for all code decisions regarding approval // The variable name should be $post_approved, because it indicates if the post is approved or not $post_approval = 1; // Check the permissions for post approval. Moderators are not affected. if (!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id'])) { // Post not approved, but in queue $post_approval = 0; } // Mods are able to force approved/unapproved posts. True means the post is approved, false the post is unapproved if (isset($data['force_approved_state'])) { $post_approval = $data['force_approved_state'] ? 1 : 0; } // Start the transaction here $db->sql_transaction('begin'); // Collect Information switch ($post_mode) { case 'post': case 'reply': $sql_data[POSTS_TABLE]['sql'] = array('forum_id' => $topic_type == POST_GLOBAL ? 0 : $data['forum_id'], 'poster_id' => (int) $user->data['user_id'], 'icon_id' => $data['icon_id'], 'poster_ip' => $user->ip, 'post_time' => $current_time, 'post_approved' => $post_approval, 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'post_username' => !$user->data['is_registered'] ? $username : '', 'post_subject' => $subject, 'post_text' => $data['message'], 'post_checksum' => $data['message_md5'], 'post_attachment' => !empty($data['attachment_data']) ? 1 : 0, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'post_postcount' => $auth->acl_get('f_postcount', $data['forum_id']) ? 1 : 0, 'post_edit_locked' => $data['post_edit_locked']); break; case 'edit_first_post': case 'edit': case 'edit_last_post': case 'edit_topic': // If edit reason is given always display edit info // If editing last post then display no edit info // If m_edit permission then display no edit info // If normal edit display edit info // Display edit info if edit reason given or user is editing his post, which is not the last within the topic. if ($data['post_edit_reason'] || !$auth->acl_get('m_edit', $data['forum_id']) && ($post_mode == 'edit' || $post_mode == 'edit_first_post')) { $data['post_edit_reason'] = truncate_string($data['post_edit_reason'], 255, 255, false); $sql_data[POSTS_TABLE]['sql'] = array('post_edit_time' => $current_time, 'post_edit_reason' => $data['post_edit_reason'], 'post_edit_user' => (int) $data['post_edit_user']); $sql_data[POSTS_TABLE]['stat'][] = 'post_edit_count = post_edit_count + 1'; } else { if (!$data['post_edit_reason'] && $mode == 'edit' && $auth->acl_get('m_edit', $data['forum_id'])) { $sql_data[POSTS_TABLE]['sql'] = array('post_edit_reason' => ''); } } // If the person editing this post is different to the one having posted then we will add a log entry stating the edit // Could be simplified by only adding to the log if the edit is not tracked - but this may confuse admins/mods if ($user->data['user_id'] != $poster_id) { $log_subject = $subject ? $subject : $data['topic_title']; add_log('mod', $data['forum_id'], $data['topic_id'], 'LOG_POST_EDITED', $log_subject, !empty($username) ? $username : $user->lang['GUEST']); } if (!isset($sql_data[POSTS_TABLE]['sql'])) { $sql_data[POSTS_TABLE]['sql'] = array(); } $sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array('forum_id' => $topic_type == POST_GLOBAL ? 0 : $data['forum_id'], 'poster_id' => $data['poster_id'], 'icon_id' => $data['icon_id'], 'post_approved' => !$post_approval ? 0 : $data['post_approved'], 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'post_username' => $username && $data['poster_id'] == ANONYMOUS ? $username : '', 'post_subject' => $subject, 'post_checksum' => $data['message_md5'], 'post_attachment' => !empty($data['attachment_data']) ? 1 : 0, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'post_edit_locked' => $data['post_edit_locked'])); if ($update_message) { $sql_data[POSTS_TABLE]['sql']['post_text'] = $data['message']; } break; } $post_approved = $sql_data[POSTS_TABLE]['sql']['post_approved']; $topic_row = array(); // And the topic ladies and gentlemen switch ($post_mode) { case 'post': $sql_data[TOPICS_TABLE]['sql'] = array('topic_poster' => (int) $user->data['user_id'], 'topic_time' => $current_time, 'topic_last_view_time' => $current_time, 'forum_id' => $topic_type == POST_GLOBAL ? 0 : $data['forum_id'], 'icon_id' => $data['icon_id'], 'topic_approved' => $post_approval, 'topic_title' => $subject, 'topic_first_poster_name' => !$user->data['is_registered'] && $username ? $username : ($user->data['user_id'] != ANONYMOUS ? $user->data['username'] : ''), 'topic_first_poster_colour' => $user->data['user_colour'], 'topic_type' => $topic_type, 'topic_time_limit' => $topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE ? $data['topic_time_limit'] * 86400 : 0, 'topic_attachment' => !empty($data['attachment_data']) ? 1 : 0); if (isset($poll['poll_options']) && !empty($poll['poll_options'])) { $poll_start = $poll['poll_start'] ? $poll['poll_start'] : $current_time; $poll_length = $poll['poll_length'] * 86400; if ($poll_length < 0) { $poll_start = $poll_start + $poll_length; if ($poll_start < 0) { $poll_start = 0; } $poll_length = 1; } $sql_data[TOPICS_TABLE]['sql'] = array_merge($sql_data[TOPICS_TABLE]['sql'], array('poll_title' => $poll['poll_title'], 'poll_start' => $poll_start, 'poll_max_options' => $poll['poll_max_options'], 'poll_length' => $poll_length, 'poll_vote_change' => $poll['poll_vote_change'])); } $sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = {$current_time}" . ($auth->acl_get('f_postcount', $data['forum_id']) && $post_approval ? ', user_posts = user_posts + 1' : ''); if ($topic_type != POST_GLOBAL) { if ($post_approval) { $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + 1'; } $sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . ($post_approval ? ', forum_topics = forum_topics + 1' : ''); } break; case 'reply': $sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_view_time = ' . $current_time . ', topic_replies_real = topic_replies_real + 1, topic_bumped = 0, topic_bumper = 0' . ($post_approval ? ', topic_replies = topic_replies + 1' : '') . (!empty($data['attachment_data']) || isset($data['topic_attachment']) && $data['topic_attachment'] ? ', topic_attachment = 1' : ''); $sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = {$current_time}" . ($auth->acl_get('f_postcount', $data['forum_id']) && $post_approval ? ', user_posts = user_posts + 1' : ''); if ($post_approval && $topic_type != POST_GLOBAL) { $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + 1'; } break; case 'edit_topic': case 'edit_first_post': if (isset($poll['poll_options'])) { $poll_start = $poll['poll_start'] || empty($poll['poll_options']) ? $poll['poll_start'] : $current_time; $poll_length = $poll['poll_length'] * 86400; if ($poll_length < 0) { $poll_start = $poll_start + $poll_length; if ($poll_start < 0) { $poll_start = 0; } $poll_length = 1; } } $sql_data[TOPICS_TABLE]['sql'] = array('forum_id' => $topic_type == POST_GLOBAL ? 0 : $data['forum_id'], 'icon_id' => $data['icon_id'], 'topic_approved' => !$post_approval ? 0 : $data['topic_approved'], 'topic_title' => $subject, 'topic_first_poster_name' => $username, 'topic_type' => $topic_type, 'topic_time_limit' => $topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE ? $data['topic_time_limit'] * 86400 : 0, 'poll_title' => isset($poll['poll_options']) ? $poll['poll_title'] : '', 'poll_start' => isset($poll['poll_options']) ? $poll_start : 0, 'poll_max_options' => isset($poll['poll_options']) ? $poll['poll_max_options'] : 1, 'poll_length' => isset($poll['poll_options']) ? $poll_length : 0, 'poll_vote_change' => isset($poll['poll_vote_change']) ? $poll['poll_vote_change'] : 0, 'topic_last_view_time' => $current_time, 'topic_attachment' => !empty($data['attachment_data']) ? 1 : (isset($data['topic_attachment']) ? $data['topic_attachment'] : 0)); // Correctly set back the topic replies and forum posts... only if the topic was approved before and now gets disapproved if (!$post_approval && $data['topic_approved']) { // Do we need to grab some topic informations? if (!sizeof($topic_row)) { $sql = 'SELECT topic_type, topic_replies, topic_replies_real, topic_approved FROM ' . TOPICS_TABLE . ' WHERE topic_id = ' . $data['topic_id']; $result = $db->sql_query($sql); $topic_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); } // If this is the only post remaining we do not need to decrement topic_replies. // Also do not decrement if first post - then the topic_replies will not be adjusted if approving the topic again. // If this is an edited topic or the first post the topic gets completely disapproved later on... $sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics = forum_topics - 1'; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts - ' . ($topic_row['topic_replies'] + 1); set_config_count('num_topics', -1, true); set_config_count('num_posts', ($topic_row['topic_replies'] + 1) * -1, true); // Only decrement this post, since this is the one non-approved now if ($auth->acl_get('f_postcount', $data['forum_id'])) { $sql_data[USERS_TABLE]['stat'][] = 'user_posts = user_posts - 1'; } } break; case 'edit': case 'edit_last_post': // Correctly set back the topic replies and forum posts... but only if the post was approved before. if (!$post_approval && $data['post_approved']) { $sql_data[TOPICS_TABLE]['stat'][] = 'topic_replies = topic_replies - 1, topic_last_view_time = ' . $current_time; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts - 1'; set_config_count('num_posts', -1, true); if ($auth->acl_get('f_postcount', $data['forum_id'])) { $sql_data[USERS_TABLE]['stat'][] = 'user_posts = user_posts - 1'; } } break; } // Submit new topic if ($post_mode == 'post') { $sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_data[TOPICS_TABLE]['sql']); $db->sql_query($sql); $data['topic_id'] = $db->sql_nextid(); $sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array('topic_id' => $data['topic_id'])); unset($sql_data[TOPICS_TABLE]['sql']); } // Submit new post if ($post_mode == 'post' || $post_mode == 'reply') { if ($post_mode == 'reply') { $sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array('topic_id' => $data['topic_id'])); } $sql = 'INSERT INTO ' . POSTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_data[POSTS_TABLE]['sql']); $db->sql_query($sql); $data['post_id'] = $db->sql_nextid(); if ($post_mode == 'post') { $sql_data[TOPICS_TABLE]['sql'] = array('topic_first_post_id' => $data['post_id'], 'topic_last_post_id' => $data['post_id'], 'topic_last_post_time' => $current_time, 'topic_last_poster_id' => (int) $user->data['user_id'], 'topic_last_poster_name' => !$user->data['is_registered'] && $username ? $username : ($user->data['user_id'] != ANONYMOUS ? $user->data['username'] : ''), 'topic_last_poster_colour' => $user->data['user_colour'], 'topic_last_post_subject' => (string) $subject); } unset($sql_data[POSTS_TABLE]['sql']); } $make_global = false; // Are we globalising or unglobalising? if ($post_mode == 'edit_first_post' || $post_mode == 'edit_topic') { if (!sizeof($topic_row)) { $sql = 'SELECT topic_type, topic_replies, topic_replies_real, topic_approved, topic_last_post_id FROM ' . TOPICS_TABLE . ' WHERE topic_id = ' . $data['topic_id']; $result = $db->sql_query($sql); $topic_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); } // globalise/unglobalise? if ($topic_row['topic_type'] != POST_GLOBAL && $topic_type == POST_GLOBAL || $topic_row['topic_type'] == POST_GLOBAL && $topic_type != POST_GLOBAL) { if (!empty($sql_data[FORUMS_TABLE]['stat']) && implode('', $sql_data[FORUMS_TABLE]['stat'])) { $db->sql_query('UPDATE ' . FORUMS_TABLE . ' SET ' . implode(', ', $sql_data[FORUMS_TABLE]['stat']) . ' WHERE forum_id = ' . $data['forum_id']); } $make_global = true; $sql_data[FORUMS_TABLE]['stat'] = array(); } // globalise if ($topic_row['topic_type'] != POST_GLOBAL && $topic_type == POST_GLOBAL) { // Decrement topic/post count $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts - ' . ($topic_row['topic_replies_real'] + 1); $sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real - 1' . ($topic_row['topic_approved'] ? ', forum_topics = forum_topics - 1' : ''); // Update forum_ids for all posts $sql = 'UPDATE ' . POSTS_TABLE . ' SET forum_id = 0 WHERE topic_id = ' . $data['topic_id']; $db->sql_query($sql); } else { if ($topic_row['topic_type'] == POST_GLOBAL && $topic_type != POST_GLOBAL) { // Increment topic/post count $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + ' . ($topic_row['topic_replies_real'] + 1); $sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . ($topic_row['topic_approved'] ? ', forum_topics = forum_topics + 1' : ''); // Update forum_ids for all posts $sql = 'UPDATE ' . POSTS_TABLE . ' SET forum_id = ' . $data['forum_id'] . ' WHERE topic_id = ' . $data['topic_id']; $db->sql_query($sql); } } } // Update the topics table if (isset($sql_data[TOPICS_TABLE]['sql'])) { $sql = 'UPDATE ' . TOPICS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_data[TOPICS_TABLE]['sql']) . ' WHERE topic_id = ' . $data['topic_id']; $db->sql_query($sql); } // Update the posts table if (isset($sql_data[POSTS_TABLE]['sql'])) { $sql = 'UPDATE ' . POSTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_data[POSTS_TABLE]['sql']) . ' WHERE post_id = ' . $data['post_id']; $db->sql_query($sql); } // Update Poll Tables if (isset($poll['poll_options'])) { $cur_poll_options = array(); if ($mode == 'edit') { $sql = 'SELECT * FROM ' . POLL_OPTIONS_TABLE . ' WHERE topic_id = ' . $data['topic_id'] . ' ORDER BY poll_option_id'; $result = $db->sql_query($sql); $cur_poll_options = array(); while ($row = $db->sql_fetchrow($result)) { $cur_poll_options[] = $row; } $db->sql_freeresult($result); } $sql_insert_ary = array(); for ($i = 0, $size = sizeof($poll['poll_options']); $i < $size; $i++) { if (strlen(trim($poll['poll_options'][$i]))) { if (empty($cur_poll_options[$i])) { // If we add options we need to put them to the end to be able to preserve votes... $sql_insert_ary[] = array('poll_option_id' => (int) sizeof($cur_poll_options) + 1 + sizeof($sql_insert_ary), 'topic_id' => (int) $data['topic_id'], 'poll_option_text' => (string) $poll['poll_options'][$i]); } else { if ($poll['poll_options'][$i] != $cur_poll_options[$i]) { $sql = 'UPDATE ' . POLL_OPTIONS_TABLE . "\n\t\t\t\t\t\tSET poll_option_text = '" . $db->sql_escape($poll['poll_options'][$i]) . "'\n\t\t\t\t\t\tWHERE poll_option_id = " . $cur_poll_options[$i]['poll_option_id'] . ' AND topic_id = ' . $data['topic_id']; $db->sql_query($sql); } } } } $db->sql_multi_insert(POLL_OPTIONS_TABLE, $sql_insert_ary); if (sizeof($poll['poll_options']) < sizeof($cur_poll_options)) { $sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . ' WHERE poll_option_id > ' . sizeof($poll['poll_options']) . ' AND topic_id = ' . $data['topic_id']; $db->sql_query($sql); } // If edited, we would need to reset votes (since options can be re-ordered above, you can't be sure if the change is for changing the text or adding an option if ($mode == 'edit' && sizeof($poll['poll_options']) != sizeof($cur_poll_options)) { $db->sql_query('DELETE FROM ' . POLL_VOTES_TABLE . ' WHERE topic_id = ' . $data['topic_id']); $db->sql_query('UPDATE ' . POLL_OPTIONS_TABLE . ' SET poll_option_total = 0 WHERE topic_id = ' . $data['topic_id']); } } // Submit Attachments if (!empty($data['attachment_data']) && $data['post_id'] && in_array($mode, array('post', 'reply', 'quote', 'edit'))) { $space_taken = $files_added = 0; $orphan_rows = array(); foreach ($data['attachment_data'] as $pos => $attach_row) { $orphan_rows[(int) $attach_row['attach_id']] = array(); } if (sizeof($orphan_rows)) { $sql = 'SELECT attach_id, filesize, physical_filename FROM ' . ATTACHMENTS_TABLE . ' WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan_rows)) . ' AND is_orphan = 1 AND poster_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $orphan_rows = array(); while ($row = $db->sql_fetchrow($result)) { $orphan_rows[$row['attach_id']] = $row; } $db->sql_freeresult($result); } foreach ($data['attachment_data'] as $pos => $attach_row) { if ($attach_row['is_orphan'] && !isset($orphan_rows[$attach_row['attach_id']])) { continue; } if (!$attach_row['is_orphan']) { // update entry in db if attachment already stored in db and filespace $sql = 'UPDATE ' . ATTACHMENTS_TABLE . "\n\t\t\t\t\tSET attach_comment = '" . $db->sql_escape($attach_row['attach_comment']) . "'\n\t\t\t\t\tWHERE attach_id = " . (int) $attach_row['attach_id'] . ' AND is_orphan = 0'; $db->sql_query($sql); } else { // insert attachment into db if (!@file_exists($phpbb_root_path . $config['upload_path'] . '/' . utf8_basename($orphan_rows[$attach_row['attach_id']]['physical_filename']))) { continue; } $space_taken += $orphan_rows[$attach_row['attach_id']]['filesize']; $files_added++; $attach_sql = array('post_msg_id' => $data['post_id'], 'topic_id' => $data['topic_id'], 'is_orphan' => 0, 'poster_id' => $poster_id, 'attach_comment' => $attach_row['attach_comment']); $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $attach_sql) . ' WHERE attach_id = ' . $attach_row['attach_id'] . ' AND is_orphan = 1 AND poster_id = ' . $user->data['user_id']; $db->sql_query($sql); } } if ($space_taken && $files_added) { set_config_count('upload_dir_size', $space_taken, true); set_config_count('num_files', $files_added, true); } } // we need to update the last forum information // only applicable if the topic is not global and it is approved // we also check to make sure we are not dealing with globaling the latest topic (pretty rare but still needs to be checked) if ($topic_type != POST_GLOBAL && !$make_global && ($post_approved || !$data['post_approved'])) { // the last post makes us update the forum table. This can happen if... // We make a new topic // We reply to a topic // We edit the last post in a topic and this post is the latest in the forum (maybe) // We edit the only post in the topic // We edit the first post in the topic and all the other posts are not approved if (($post_mode == 'post' || $post_mode == 'reply') && $post_approved) { $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = ' . $data['post_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($subject) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = ' . $current_time; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = ' . (int) $user->data['user_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape(!$user->data['is_registered'] && $username ? $username : ($user->data['user_id'] != ANONYMOUS ? $user->data['username'] : '')) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = '" . $db->sql_escape($user->data['user_colour']) . "'"; } else { if ($post_mode == 'edit_last_post' || $post_mode == 'edit_topic' || $post_mode == 'edit_first_post' && !$data['topic_replies']) { // this does not _necessarily_ mean that we must update the info again, // it just means that we might have to $sql = 'SELECT forum_last_post_id, forum_last_post_subject FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . (int) $data['forum_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // this post is the latest post in the forum, better update if ($row['forum_last_post_id'] == $data['post_id']) { // If post approved and subject changed, or poster is anonymous, we need to update the forum_last* rows if ($post_approved && ($row['forum_last_post_subject'] !== $subject || $data['poster_id'] == ANONYMOUS)) { // the post's subject changed if ($row['forum_last_post_subject'] !== $subject) { $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_subject = \'' . $db->sql_escape($subject) . '\''; } // Update the user name if poster is anonymous... just in case an admin changed it if ($data['poster_id'] == ANONYMOUS) { $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape($username) . "'"; } } else { if ($data['post_approved'] !== $post_approved) { // we need a fresh change of socks, everything has become invalidated $sql = 'SELECT MAX(topic_last_post_id) as last_post_id FROM ' . TOPICS_TABLE . ' WHERE forum_id = ' . (int) $data['forum_id'] . ' AND topic_approved = 1'; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // any posts left in this forum? if (!empty($row['last_post_id'])) { $sql = 'SELECT p.post_id, p.post_subject, p.post_time, p.poster_id, p.post_username, u.user_id, u.username, u.user_colour FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE p.poster_id = u.user_id AND p.post_id = ' . (int) $row['last_post_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // salvation, a post is found! jam it into the forums table $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = ' . (int) $row['post_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($row['post_subject']) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = ' . (int) $row['post_time']; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = ' . (int) $row['poster_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape($row['poster_id'] == ANONYMOUS ? $row['post_username'] : $row['username']) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = '" . $db->sql_escape($row['user_colour']) . "'"; } else { // just our luck, the last topic in the forum has just been turned unapproved... $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = 0'; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = ''"; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = 0'; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = 0'; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = ''"; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = ''"; } } } } } } } else { if ($make_global) { // somebody decided to be a party pooper, we must recalculate the whole shebang (maybe) $sql = 'SELECT forum_last_post_id FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . (int) $data['forum_id']; $result = $db->sql_query($sql); $forum_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // we made a topic global, go get new data if ($topic_row['topic_type'] != POST_GLOBAL && $topic_type == POST_GLOBAL && $forum_row['forum_last_post_id'] == $topic_row['topic_last_post_id']) { // we need a fresh change of socks, everything has become invalidated $sql = 'SELECT MAX(topic_last_post_id) as last_post_id FROM ' . TOPICS_TABLE . ' WHERE forum_id = ' . (int) $data['forum_id'] . ' AND topic_approved = 1'; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // any posts left in this forum? if (!empty($row['last_post_id'])) { $sql = 'SELECT p.post_id, p.post_subject, p.post_time, p.poster_id, p.post_username, u.user_id, u.username, u.user_colour FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE p.poster_id = u.user_id AND p.post_id = ' . (int) $row['last_post_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // salvation, a post is found! jam it into the forums table $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = ' . (int) $row['post_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($row['post_subject']) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = ' . (int) $row['post_time']; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = ' . (int) $row['poster_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape($row['poster_id'] == ANONYMOUS ? $row['post_username'] : $row['username']) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = '" . $db->sql_escape($row['user_colour']) . "'"; } else { // just our luck, the last topic in the forum has just been globalized... $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = 0'; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = ''"; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = 0'; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = 0'; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = ''"; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = ''"; } } else { if ($topic_row['topic_type'] == POST_GLOBAL && $topic_type != POST_GLOBAL && $forum_row['forum_last_post_id'] < $topic_row['topic_last_post_id']) { // this post has a higher id, it is newer $sql = 'SELECT p.post_id, p.post_subject, p.post_time, p.poster_id, p.post_username, u.user_id, u.username, u.user_colour FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE p.poster_id = u.user_id AND p.post_id = ' . (int) $topic_row['topic_last_post_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // salvation, a post is found! jam it into the forums table $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = ' . (int) $row['post_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($row['post_subject']) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = ' . (int) $row['post_time']; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = ' . (int) $row['poster_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape($row['poster_id'] == ANONYMOUS ? $row['post_username'] : $row['username']) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = '" . $db->sql_escape($row['user_colour']) . "'"; } } } } // topic sync time! // simply, we update if it is a reply or the last post is edited if ($post_approved) { // reply requires the whole thing if ($post_mode == 'reply') { $sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_post_id = ' . (int) $data['post_id']; $sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_poster_id = ' . (int) $user->data['user_id']; $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_poster_name = '" . $db->sql_escape(!$user->data['is_registered'] && $username ? $username : ($user->data['user_id'] != ANONYMOUS ? $user->data['username'] : '')) . "'"; $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_poster_colour = '" . ($user->data['user_id'] != ANONYMOUS ? $db->sql_escape($user->data['user_colour']) : '') . "'"; $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_post_subject = '" . $db->sql_escape($subject) . "'"; $sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_post_time = ' . (int) $current_time; } else { if ($post_mode == 'edit_last_post' || $post_mode == 'edit_topic' || $post_mode == 'edit_first_post' && !$data['topic_replies']) { // only the subject can be changed from edit $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_post_subject = '" . $db->sql_escape($subject) . "'"; // Maybe not only the subject, but also changing anonymous usernames. ;) if ($data['poster_id'] == ANONYMOUS) { $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_poster_name = '" . $db->sql_escape($username) . "'"; } } } } else { if (!$data['post_approved'] && ($post_mode == 'edit_last_post' || $post_mode == 'edit_topic' || $post_mode == 'edit_first_post' && !$data['topic_replies'])) { // like having the rug pulled from under us $sql = 'SELECT MAX(post_id) as last_post_id FROM ' . POSTS_TABLE . ' WHERE topic_id = ' . (int) $data['topic_id'] . ' AND post_approved = 1'; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // any posts left in this forum? if (!empty($row['last_post_id'])) { $sql = 'SELECT p.post_id, p.post_subject, p.post_time, p.poster_id, p.post_username, u.user_id, u.username, u.user_colour FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE p.poster_id = u.user_id AND p.post_id = ' . (int) $row['last_post_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // salvation, a post is found! jam it into the topics table $sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_post_id = ' . (int) $row['post_id']; $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_post_subject = '" . $db->sql_escape($row['post_subject']) . "'"; $sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_post_time = ' . (int) $row['post_time']; $sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_poster_id = ' . (int) $row['poster_id']; $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_poster_name = '" . $db->sql_escape($row['poster_id'] == ANONYMOUS ? $row['post_username'] : $row['username']) . "'"; $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_poster_colour = '" . $db->sql_escape($row['user_colour']) . "'"; } } } // Update total post count, do not consider moderated posts/topics if ($post_approval) { if ($post_mode == 'post') { set_config_count('num_topics', 1, true); set_config_count('num_posts', 1, true); } if ($post_mode == 'reply') { set_config_count('num_posts', 1, true); } } // Update forum stats $where_sql = array(POSTS_TABLE => 'post_id = ' . $data['post_id'], TOPICS_TABLE => 'topic_id = ' . $data['topic_id'], FORUMS_TABLE => 'forum_id = ' . $data['forum_id'], USERS_TABLE => 'user_id = ' . $poster_id); foreach ($sql_data as $table => $update_ary) { if (isset($update_ary['stat']) && implode('', $update_ary['stat'])) { $sql = "UPDATE {$table} SET " . implode(', ', $update_ary['stat']) . ' WHERE ' . $where_sql[$table]; $db->sql_query($sql); } } // Delete topic shadows (if any exist). We do not need a shadow topic for an global announcement if ($make_global) { $sql = 'DELETE FROM ' . TOPICS_TABLE . ' WHERE topic_moved_id = ' . $data['topic_id']; $db->sql_query($sql); } // Committing the transaction before updating search index $db->sql_transaction('commit'); // Delete draft if post was loaded... $draft_id = request_var('draft_loaded', 0); if ($draft_id) { $sql = 'DELETE FROM ' . DRAFTS_TABLE . "\n\t\t\tWHERE draft_id = {$draft_id}\n\t\t\t\tAND user_id = {$user->data['user_id']}"; $db->sql_query($sql); } // Index message contents if ($update_search_index && $data['enable_indexing']) { // Select the search method and do some additional checks to ensure it can actually be utilised $search_type = basename($config['search_type']); if (!file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx)) { trigger_error('NO_SUCH_SEARCH_MODULE'); } if (!class_exists($search_type)) { include "{$phpbb_root_path}includes/search/{$search_type}.{$phpEx}"; } $error = false; $search = new $search_type($error); if ($error) { trigger_error($error); } $search->index($mode, $data['post_id'], $data['message'], $subject, $poster_id, $topic_type == POST_GLOBAL ? 0 : $data['forum_id']); } // Topic Notification, do not change if moderator is changing other users posts... if ($user->data['user_id'] == $poster_id) { if (!$data['notify_set'] && $data['notify']) { $sql = 'INSERT INTO ' . TOPICS_WATCH_TABLE . ' (user_id, topic_id) VALUES (' . $user->data['user_id'] . ', ' . $data['topic_id'] . ')'; $db->sql_query($sql); } else { if (($config['email_enable'] || $config['jab_enable']) && $data['notify_set'] && !$data['notify']) { $sql = 'DELETE FROM ' . TOPICS_WATCH_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . ' AND topic_id = ' . $data['topic_id']; $db->sql_query($sql); } } } if ($mode == 'post' || $mode == 'reply' || $mode == 'quote') { // Mark this topic as posted to markread('post', $data['forum_id'], $data['topic_id']); } // Mark this topic as read // We do not use post_time here, this is intended (post_time can have a date in the past if editing a message) markread('topic', $topic_type == POST_GLOBAL ? 0 : $data['forum_id'], $data['topic_id'], time()); // if ($config['load_db_lastread'] && $user->data['is_registered']) { $sql = 'SELECT mark_time FROM ' . FORUMS_TRACK_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . ' AND forum_id = ' . ($topic_type == POST_GLOBAL ? 0 : $data['forum_id']); $result = $db->sql_query($sql); $f_mark_time = (int) $db->sql_fetchfield('mark_time'); $db->sql_freeresult($result); } else { if ($config['load_anon_lastread'] || $user->data['is_registered']) { $f_mark_time = false; } } if ($config['load_db_lastread'] && $user->data['is_registered'] || $config['load_anon_lastread'] || $user->data['is_registered']) { // Update forum info if ($topic_type == POST_GLOBAL) { $sql = 'SELECT MAX(topic_last_post_time) as forum_last_post_time FROM ' . TOPICS_TABLE . ' WHERE forum_id = 0'; } else { $sql = 'SELECT forum_last_post_time FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . $data['forum_id']; } $result = $db->sql_query($sql); $forum_last_post_time = (int) $db->sql_fetchfield('forum_last_post_time'); $db->sql_freeresult($result); update_forum_tracking_info($topic_type == POST_GLOBAL ? 0 : $data['forum_id'], $forum_last_post_time, $f_mark_time, false); } // Send Notifications if (($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_approval) { user_notification($mode, $subject, $data['topic_title'], $data['forum_name'], $data['forum_id'], $data['topic_id'], $data['post_id']); } $params = $add_anchor = ''; if ($post_approval) { $params .= '&t=' . $data['topic_id']; if ($mode != 'post') { $params .= '&p=' . $data['post_id']; $add_anchor = '#p' . $data['post_id']; } } else { if ($mode != 'post' && $post_mode != 'edit_first_post' && $post_mode != 'edit_topic') { $params .= '&t=' . $data['topic_id']; } } $url = !$params ? "{$phpbb_root_path}viewforum.{$phpEx}" : "{$phpbb_root_path}viewtopic.{$phpEx}"; $url = append_sid($url, 'f=' . $data['forum_id'] . $params) . $add_anchor; return $url; }
function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $update_message = true) { global $_CLASS, $config; // We do not handle erasing posts here if ($mode == 'delete') { return; } $current_time = gmtime(); if ($mode == 'post') { $post_mode = 'post'; $update_message = true; } else { if ($mode != 'edit') { $post_mode = 'reply'; $update_message = true; } else { if ($mode == 'edit') { $post_mode = $data['topic_first_post_id'] == $data['topic_last_post_id'] ? 'edit_topic' : ($data['topic_first_post_id'] == $data['post_id'] ? 'edit_first_post' : ($data['topic_last_post_id'] == $data['post_id'] ? 'edit_last_post' : 'edit')); } } } // Collect some basic informations about which tables and which rows to update/insert $sql_data = array(); $poster_id = $mode == 'edit' ? $data['poster_id'] : (int) $_CLASS['core_user']->data['user_id']; // Collect Informations switch ($post_mode) { case 'post': case 'reply': $sql_data[FORUMS_POSTS_TABLE]['sql'] = array('forum_id' => $topic_type == POST_GLOBAL ? 0 : $data['forum_id'], 'poster_id' => (int) $_CLASS['core_user']->data['user_id'], 'icon_id' => $data['icon_id'], 'poster_ip' => $_CLASS['core_user']->ip, 'post_time' => $current_time, 'post_approved' => $_CLASS['auth']->acl_get('f_moderate', $data['forum_id']) && !$_CLASS['auth']->acl_get('m_approve') ? 0 : 1, 'enable_bbcode' => $data['enable_bbcode'], 'enable_html' => $data['enable_html'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'post_username' => !$_CLASS['core_user']->is_user ? stripslashes($username) : '', 'post_subject' => $subject, 'post_text' => $data['message'], 'post_checksum' => $data['message_md5'], 'post_attachment' => isset($data['filename_data']['physical_filename']) && sizeof($data['filename_data']) ? 1 : 0, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'post_edit_locked' => $data['post_edit_locked']); break; case 'edit_first_post': case 'edit': if (!$_CLASS['auth']->acl_gets('m_', 'a_') || $data['post_edit_reason']) { $sql_data[FORUMS_POSTS_TABLE]['sql'] = array('post_edit_time' => $current_time); $sql_data[FORUMS_POSTS_TABLE]['stat'][] = 'post_edit_count = post_edit_count + 1'; } case 'edit_last_post': case 'edit_topic': if (($post_mode == 'edit_last_post' || $post_mode == 'edit_topic') && $data['post_edit_reason']) { $sql_data[FORUMS_POSTS_TABLE]['sql'] = array('post_edit_time' => $current_time); $sql_data[FORUMS_POSTS_TABLE]['stat'][] = 'post_edit_count = post_edit_count + 1'; } if (!isset($sql_data[FORUMS_POSTS_TABLE]['sql'])) { $sql_data[FORUMS_POSTS_TABLE]['sql'] = array(); } $sql_data[FORUMS_POSTS_TABLE]['sql'] = array_merge($sql_data[FORUMS_POSTS_TABLE]['sql'], array('forum_id' => $topic_type == POST_GLOBAL ? 0 : $data['forum_id'], 'poster_id' => $data['poster_id'], 'icon_id' => $data['icon_id'], 'post_approved' => $_CLASS['auth']->acl_get('f_moderate', $data['forum_id']) && !$_CLASS['auth']->acl_get('m_approve') ? 0 : 1, 'enable_bbcode' => $data['enable_bbcode'], 'enable_html' => $data['enable_html'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'post_username' => $username && $data['poster_id'] == ANONYMOUS ? stripslashes($username) : '', 'post_subject' => $subject, 'post_edit_reason' => $data['post_edit_reason'], 'post_edit_user' => (int) $data['post_edit_user'], 'post_checksum' => $data['message_md5'], 'post_attachment' => isset($data['filename_data']['physical_filename']) && sizeof($data['filename_data']) ? 1 : 0, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'post_edit_locked' => $data['post_edit_locked'])); if ($update_message) { $sql_data[FORUMS_POSTS_TABLE]['sql']['post_text'] = $data['message']; } break; } // And the topic ladies and gentlemen switch ($post_mode) { case 'post': $sql_data[FORUMS_TOPICS_TABLE]['sql'] = array('topic_poster' => (int) $_CLASS['core_user']->data['user_id'], 'topic_time' => $current_time, 'forum_id' => $topic_type == POST_GLOBAL ? 0 : $data['forum_id'], 'icon_id' => $data['icon_id'], 'topic_approved' => $_CLASS['auth']->acl_get('f_moderate', $data['forum_id']) && !$_CLASS['auth']->acl_get('m_approve') ? 0 : 1, 'topic_title' => $subject, 'topic_first_poster_name' => !$_CLASS['core_user']->is_user && $username ? stripslashes($username) : $_CLASS['core_user']->data['username'], 'topic_type' => $topic_type, 'topic_time_limit' => $topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE ? $data['topic_time_limit'] * 86400 : 0, 'topic_status' => $data['topic_status'], 'topic_attachment' => isset($data['filename_data']['physical_filename']) && sizeof($data['filename_data']) ? 1 : 0, 'topic_replies_real' => 0, 'topic_replies' => 0, 'topic_views' => 0); if (isset($poll['poll_options']) && !empty($poll['poll_options'])) { $sql_data[FORUMS_TOPICS_TABLE]['sql'] = array_merge($sql_data[TOPICS_TABLE]['sql'], array('poll_title' => $poll['poll_title'], 'poll_start' => $poll['poll_start'] ? $poll['poll_start'] : $current_time, 'poll_max_options' => $poll['poll_max_options'], 'poll_length' => $poll['poll_length'] * 86400, 'poll_vote_change' => $poll['poll_vote_change'])); } $sql_data[USERS_TABLE]['stat'][] = "user_last_post_time = {$current_time}" . ($_CLASS['auth']->acl_get('f_postcount', $data['forum_id']) ? ', user_posts = user_posts + 1' : ''); if ($topic_type != POST_GLOBAL) { if (!$_CLASS['auth']->acl_get('f_moderate', $data['forum_id']) || $_CLASS['auth']->acl_get('m_approve')) { $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + 1'; } $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . (!$_CLASS['auth']->acl_get('f_moderate', $data['forum_id']) || $_CLASS['auth']->acl_get('m_approve') ? ', forum_topics = forum_topics + 1' : ''); } break; case 'reply': $sql_data[FORUMS_TOPICS_TABLE]['stat'][] = 'topic_replies_real = topic_replies_real + 1, topic_bumped = 0, topic_bumper = 0' . (!$_CLASS['auth']->acl_get('f_moderate', $data['forum_id']) || $_CLASS['auth']->acl_get('m_approve') ? ', topic_replies = topic_replies + 1' : ''); $sql_data[USERS_TABLE]['stat'][] = "user_last_post_time = {$current_time}" . ($_CLASS['auth']->acl_get('f_postcount', $data['forum_id']) ? ', user_posts = user_posts + 1' : ''); if ((!$_CLASS['auth']->acl_get('f_moderate', $data['forum_id']) || $_CLASS['auth']->acl_get('m_approve')) && $topic_type != POST_GLOBAL) { $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + 1'; } break; case 'edit_topic': case 'edit_first_post': $sql_data[FORUMS_TOPICS_TABLE]['sql'] = array('forum_id' => $topic_type == POST_GLOBAL ? 0 : $data['forum_id'], 'icon_id' => $data['icon_id'], 'topic_approved' => $_CLASS['auth']->acl_get('f_moderate', $data['forum_id']) && !$_CLASS['auth']->acl_get('m_approve') ? 0 : 1, 'topic_title' => $subject, 'topic_first_poster_name' => stripslashes($username), 'topic_type' => $topic_type, 'topic_time_limit' => $topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE ? $data['topic_time_limit'] * 86400 : 0, 'poll_title' => $poll['poll_options'] ? $poll['poll_title'] : '', 'poll_start' => $poll['poll_options'] ? $poll['poll_start'] ? $poll['poll_start'] : $current_time : 0, 'poll_max_options' => $poll['poll_options'] ? $poll['poll_max_options'] : 1, 'poll_length' => $poll['poll_options'] ? $poll['poll_length'] * 86400 : 0, 'poll_vote_change' => $poll['poll_vote_change'], 'topic_attachment' => $post_mode == 'edit_topic' ? isset($data['filename_data']['physical_filename']) && sizeof($data['filename_data']) ? 1 : 0 : $data['topic_attachment']); break; } $_CLASS['core_db']->transaction(); // Submit new topic if ($post_mode == 'post') { $sql = 'INSERT INTO ' . FORUMS_TOPICS_TABLE . ' ' . $_CLASS['core_db']->sql_build_array('INSERT', $sql_data[FORUMS_TOPICS_TABLE]['sql']); $_CLASS['core_db']->query($sql); $data['topic_id'] = $_CLASS['core_db']->insert_id(FORUMS_TOPICS_TABLE, 'topic_id'); $sql_data[FORUMS_POSTS_TABLE]['sql'] = array_merge($sql_data[FORUMS_POSTS_TABLE]['sql'], array('topic_id' => $data['topic_id'])); unset($sql_data[FORUMS_TOPICS_TABLE]['sql']); } // Submit new post if ($post_mode == 'post' || $post_mode == 'reply') { if ($post_mode == 'reply') { $sql_data[FORUMS_POSTS_TABLE]['sql'] = array_merge($sql_data[FORUMS_POSTS_TABLE]['sql'], array('topic_id' => $data['topic_id'])); } $sql = 'INSERT INTO ' . FORUMS_POSTS_TABLE . ' ' . $_CLASS['core_db']->sql_build_array('INSERT', $sql_data[FORUMS_POSTS_TABLE]['sql']); $_CLASS['core_db']->query($sql); $data['post_id'] = $_CLASS['core_db']->insert_id(FORUMS_POSTS_TABLE, 'post_id'); if ($post_mode == 'post') { $sql_data[FORUMS_TOPICS_TABLE]['sql'] = array('topic_first_post_id' => $data['post_id'], 'topic_last_post_id' => $data['post_id'], 'topic_last_post_time' => $current_time, 'topic_last_poster_id' => (int) $_CLASS['core_user']->data['user_id'], 'topic_last_poster_name' => !$_CLASS['core_user']->is_user && $username ? $username : $_CLASS['core_user']->data['username']); } unset($sql_data[FORUMS_POSTS_TABLE]['sql']); } $make_global = false; // Are we globalising or unglobalising? if ($post_mode == 'edit_first_post' || $post_mode == 'edit_topic') { $sql = 'SELECT topic_type, topic_replies_real, topic_approved FROM ' . FORUMS_TOPICS_TABLE . ' WHERE topic_id = ' . $data['topic_id']; $result = $_CLASS['core_db']->query($sql); $row = $_CLASS['core_db']->fetch_row_assoc($result); $_CLASS['core_db']->free_result($result); // globalise if ($row['topic_type'] != POST_GLOBAL && $topic_type == POST_GLOBAL) { // Decrement topic/post count $make_global = true; $sql_data[FORUMS_FORUMS_TABLE]['stat'] = array(); $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts - ' . ($row['topic_replies_real'] + 1); $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real - 1' . ($row['topic_approved'] ? ', forum_topics = forum_topics - 1' : ''); // Update forum_ids for all posts $sql = 'UPDATE ' . POSTS_TABLE . ' SET forum_id = 0 WHERE topic_id = ' . $data['topic_id']; $_CLASS['core_db']->query($sql); } else { if ($row['topic_type'] == POST_GLOBAL && $topic_type != POST_GLOBAL) { // Increment topic/post count $make_global = true; $sql_data[FORUMS_FORUMS_TABLE]['stat'] = array(); $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + ' . ($row['topic_replies_real'] + 1); $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . ($row['topic_approved'] ? ', forum_topics = forum_topics + 1' : ''); // Update forum_ids for all posts $sql = 'UPDATE ' . FORUMS_POSTS_TABLE . ' SET forum_id = ' . $data['forum_id'] . ' WHERE topic_id = ' . $data['topic_id']; $_CLASS['core_db']->query($sql); } } } // Update the topics table if (isset($sql_data[FORUMS_TOPICS_TABLE]['sql'])) { $_CLASS['core_db']->query('UPDATE ' . FORUMS_TOPICS_TABLE . ' SET ' . $_CLASS['core_db']->sql_build_array('UPDATE', $sql_data[FORUMS_TOPICS_TABLE]['sql']) . ' WHERE topic_id = ' . $data['topic_id']); } // Update the posts table if (isset($sql_data[FORUMS_POSTS_TABLE]['sql'])) { $_CLASS['core_db']->query('UPDATE ' . FORUMS_POSTS_TABLE . ' SET ' . $_CLASS['core_db']->sql_build_array('UPDATE', $sql_data[FORUMS_POSTS_TABLE]['sql']) . ' WHERE post_id = ' . $data['post_id']); } // Update Poll Tables if (isset($poll['poll_options']) && !empty($poll['poll_options'])) { $cur_poll_options = array(); if ($poll['poll_start'] && $mode == 'edit') { $sql = 'SELECT * FROM ' . FORUMS_POLL_OPTIONS_TABLE . ' WHERE topic_id = ' . $data['topic_id'] . ' ORDER BY poll_option_id'; $result = $_CLASS['core_db']->query($sql); while ($cur_poll_options[] = $_CLASS['core_db']->fetch_row_assoc($result)) { } $_CLASS['core_db']->free_result($result); } $size = sizeof($poll['poll_options']); for ($i = 0, $size; $i < $size; $i++) { if (trim($poll['poll_options'][$i])) { if (!$cur_poll_options[$i]) { $sql = 'INSERT INTO ' . FORUMS_POLL_OPTIONS_TABLE . " (poll_option_id, topic_id, poll_option_text)\n\t\t\t\t\t\tVALUES ({$i}, " . $data['topic_id'] . ", '" . $_CLASS['core_db']->sql_escape($poll['poll_options'][$i]) . "')"; $_CLASS['core_db']->query($sql); } else { if ($poll['poll_options'][$i] != $cur_poll_options[$i]) { $sql = "UPDATE " . FORUMS_POLL_OPTIONS_TABLE . "\n\t\t\t\t\t\tSET poll_option_text = '" . $_CLASS['core_db']->sql_escape($poll['poll_options'][$i]) . "'\n\t\t\t\t\t\tWHERE poll_option_id = " . $cur_poll_options[$i]['poll_option_id'] . "\n\t\t\t\t\t\t\tAND topic_id = " . $data['topic_id']; $_CLASS['core_db']->query($sql); } } } } if (sizeof($poll['poll_options']) < sizeof($cur_poll_options)) { $sql = 'DELETE FROM ' . FORUMS_POLL_OPTIONS_TABLE . ' WHERE poll_option_id >= ' . sizeof($poll['poll_options']) . ' AND topic_id = ' . $data['topic_id']; $_CLASS['core_db']->query($sql); } } // Submit Attachments if (sizeof($data['attachment_data']) && $data['post_id'] && in_array($mode, array('post', 'reply', 'quote', 'edit'))) { $space_taken = $files_added = 0; foreach ($data['attachment_data'] as $pos => $attach_row) { if ($attach_row['attach_id']) { // update entry in db if attachment already stored in db and filespace $sql = 'UPDATE ' . FORUMS_ATTACHMENTS_TABLE . "\n\t\t\t\t\tSET comment = '" . $_CLASS['core_db']->sql_escape($attach_row['comment']) . "'\n\t\t\t\t\tWHERE attach_id = " . (int) $attach_row['attach_id']; $_CLASS['core_db']->query($sql); } else { // insert attachment into db if (!@file_exists($config['upload_path'] . '/' . basename($attach_row['physical_filename']))) { continue; } $attach_sql = array('post_msg_id' => $data['post_id'], 'topic_id' => $data['topic_id'], 'in_message' => 0, 'poster_id' => $poster_id, 'physical_filename' => basename($attach_row['physical_filename']), 'real_filename' => basename($attach_row['real_filename']), 'comment' => $attach_row['comment'], 'extension' => $attach_row['extension'], 'mimetype' => $attach_row['mimetype'], 'filesize' => $attach_row['filesize'], 'filetime' => $attach_row['filetime'], 'thumbnail' => $attach_row['thumbnail']); $sql = 'INSERT INTO ' . FORUMS_ATTACHMENTS_TABLE . ' ' . $_CLASS['core_db']->sql_build_array('INSERT', $attach_sql); $_CLASS['core_db']->query($sql); $space_taken += $attach_row['filesize']; $files_added++; } } if (sizeof($data['attachment_data'])) { $sql = 'UPDATE ' . FORUMS_POSTS_TABLE . ' SET post_attachment = 1 WHERE post_id = ' . $data['post_id']; $_CLASS['core_db']->query($sql); $sql = 'UPDATE ' . FORUMS_TOPICS_TABLE . ' SET topic_attachment = 1 WHERE topic_id = ' . $data['topic_id']; $_CLASS['core_db']->query($sql); } set_config('upload_dir_size', $config['upload_dir_size'] + $space_taken, true); set_config('num_files', $config['num_files'] + $files_added, true); } $_CLASS['core_db']->transaction('commit'); if ($post_mode == 'post' || $post_mode == 'reply' || $post_mode == 'edit_last_post') { if ($topic_type != POST_GLOBAL) { $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = implode(', ', update_last_post_information('forum', $data['forum_id'])); } $update = update_last_post_information('topic', $data['topic_id']); if (sizeof($update)) { $sql_data[FORUMS_TOPICS_TABLE]['stat'][] = implode(', ', $update); } } if ($make_global) { $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = implode(', ', update_last_post_information('forum', $data['forum_id'])); } if ($post_mode == 'edit_topic') { $update = update_last_post_information('topic', $data['topic_id']); if (sizeof($update)) { $sql_data[FORUMS_TOPICS_TABLE]['stat'][] = implode(', ', $update); } } // Update total post count, do not consider moderated posts/topics if (!$_CLASS['auth']->acl_get('f_moderate', $data['forum_id']) || $_CLASS['auth']->acl_get('m_approve')) { if ($post_mode == 'post') { set_config('num_topics', $config['num_topics'] + 1, true); set_config('num_posts', $config['num_posts'] + 1, true); } if ($post_mode == 'reply') { set_config('num_posts', $config['num_posts'] + 1, true); } } // Update forum stats $_CLASS['core_db']->transaction(); $where_sql = array(FORUMS_POSTS_TABLE => 'post_id = ' . $data['post_id'], FORUMS_TOPICS_TABLE => 'topic_id = ' . $data['topic_id'], FORUMS_FORUMS_TABLE => 'forum_id = ' . $data['forum_id'], USERS_TABLE => 'user_id = ' . $_CLASS['core_user']->data['user_id']); foreach ($sql_data as $table => $update_ary) { if (isset($update_ary['stat']) && implode('', $update_ary['stat'])) { $_CLASS['core_db']->query("UPDATE {$table} SET " . implode(', ', $update_ary['stat']) . ' WHERE ' . $where_sql[$table]); } } // Delete topic shadows (if any exist). We do not need a shadow topic for an global announcement if ($make_global) { $_CLASS['core_db']->query('DELETE FROM ' . FORUMS_TOPICS_TABLE . ' WHERE topic_moved_id = ' . $data['topic_id']); } // Fulltext parse if ($update_message && $data['enable_indexing']) { $search = new fulltext_search(); $result = $search->add($mode, $data['post_id'], $data['message'], $subject); } $_CLASS['core_db']->transaction('commit'); // Delete draft if post was loaded... $draft_id = request_var('draft_loaded', 0); if ($draft_id) { $_CLASS['core_db']->query('DELETE FROM ' . DRAFTS_TABLE . " WHERE draft_id = {$draft_id} AND user_id = " . $_CLASS['core_user']->data['user_id']); } // Topic Notification if (!$data['notify_set'] && $data['notify']) { $sql = 'INSERT INTO ' . FORUMS_TOPICS_WATCH_TABLE . ' (user_id, topic_id) VALUES (' . $_CLASS['core_user']->data['user_id'] . ', ' . $data['topic_id'] . ')'; $_CLASS['core_db']->query($sql); } else { if ($data['notify_set'] && !$data['notify']) { $sql = 'DELETE FROM ' . FORUMS_TOPICS_WATCH_TABLE . ' WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . ' AND topic_id = ' . $data['topic_id']; $_CLASS['core_db']->query($sql); } } // Mark this topic as read and posted to. markread('topic', $data['forum_id'], $data['topic_id'], $data['post_time']); // Send Notifications if ($mode != 'edit' && $mode != 'delete' && (!$_CLASS['auth']->acl_get('f_moderate', $data['forum_id']) || $_CLASS['auth']->acl_get('m_approve'))) { user_notification($mode, stripslashes($subject), stripslashes($data['topic_title']), stripslashes($data['forum_name']), $data['forum_id'], $data['topic_id'], $data['post_id']); } if ($mode == 'post') { $url = !$_CLASS['auth']->acl_get('f_moderate', $data['forum_id']) || $_CLASS['auth']->acl_get('m_approve') ? generate_link('Forums&file=viewtopic&f=' . $data['forum_id'] . '&t=' . $data['topic_id']) : generate_link('Forums&file=viewforum&f=' . $data['forum_id']); } else { $url = !$_CLASS['auth']->acl_get('f_moderate', $data['forum_id']) || $_CLASS['auth']->acl_get('m_approve') ? generate_link("Forums&file=viewtopic&f={$data['forum_id']}&t={$data['topic_id']}&p={$data['post_id']}#{$data['post_id']}") : generate_link("Forums&file=viewtopic&f={$data['forum_id']}&t={$data['topic_id']}"); } $_CLASS['core_display']->meta_refresh(3, $url); $message = $_CLASS['auth']->acl_get('f_moderate', $data['forum_id']) && !$_CLASS['auth']->acl_get('m_approve') ? $mode == 'edit' ? 'POST_EDITED_MOD' : 'POST_STORED_MOD' : ($mode == 'edit' ? 'POST_EDITED' : 'POST_STORED'); $message = $_CLASS['core_user']->lang[$message] . (!$_CLASS['auth']->acl_get('f_moderate', $data['forum_id']) || $_CLASS['auth']->acl_get('m_approve') ? '<br /><br />' . sprintf($_CLASS['core_user']->lang['VIEW_MESSAGE'], '<a href="' . $url . '">', '</a>') : '') . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_FORUM'], '<a href="' . generate_link('Forums&file=viewforum&f=' . $data['forum_id']) . '">', '</a>'); trigger_error($message); }
/** * Approve Post/Topic */ function approve_post($post_id_list, $mode) { global $db, $template, $user, $config; global $phpEx, $phpbb_root_path; if (!($forum_id = check_ids($post_id_list, POSTS_TABLE, 'post_id', 'm_approve'))) { trigger_error('NOT_AUTHORIZED'); } $redirect = request_var('redirect', $user->data['session_page']); $success_msg = ''; $s_hidden_fields = build_hidden_fields(array('i' => 'queue', 'mode' => $mode, 'post_id_list' => $post_id_list, 'f' => $forum_id, 'action' => 'approve', 'redirect' => $redirect)); if (confirm_box(true)) { $notify_poster = isset($_REQUEST['notify_poster']) ? true : false; $post_info = get_post_data($post_id_list, 'm_approve'); // If Topic -> total_topics = total_topics+1, total_posts = total_posts+1, forum_topics = forum_topics+1, forum_posts = forum_posts+1 // If Post -> total_posts = total_posts+1, forum_posts = forum_posts+1, topic_replies = topic_replies+1 $total_topics = $total_posts = $forum_topics = $forum_posts = 0; $topic_approve_sql = $topic_replies_sql = $post_approve_sql = $topic_id_list = array(); foreach ($post_info as $post_id => $post_data) { $topic_id_list[$post_data['topic_id']] = 1; // Topic or Post. ;) if ($post_data['topic_first_post_id'] == $post_id) { if ($post_data['forum_id']) { $total_topics++; $forum_topics++; } $topic_approve_sql[] = $post_data['topic_id']; } else { if (!isset($topic_replies_sql[$post_data['topic_id']])) { $topic_replies_sql[$post_data['topic_id']] = 1; } else { $topic_replies_sql[$post_data['topic_id']]++; } } if ($post_data['forum_id']) { $total_posts++; $forum_posts++; } $post_approve_sql[] = $post_id; } if (sizeof($topic_approve_sql)) { $sql = 'UPDATE ' . TOPICS_TABLE . ' SET topic_approved = 1 WHERE topic_id IN (' . implode(', ', $topic_approve_sql) . ')'; $db->sql_query($sql); } if (sizeof($post_approve_sql)) { $sql = 'UPDATE ' . POSTS_TABLE . ' SET post_approved = 1 WHERE post_id IN (' . implode(', ', $post_approve_sql) . ')'; $db->sql_query($sql); } if (sizeof($topic_replies_sql)) { foreach ($topic_replies_sql as $topic_id => $num_replies) { $sql = 'UPDATE ' . TOPICS_TABLE . "\n\t\t\t\t\tSET topic_replies = topic_replies + {$num_replies}\n\t\t\t\t\tWHERE topic_id = {$topic_id}"; $db->sql_query($sql); } } if ($forum_topics || $forum_posts) { $sql = 'UPDATE ' . FORUMS_TABLE . ' SET '; $sql .= $forum_topics ? "forum_topics = forum_topics + {$forum_topics}" : ''; $sql .= $forum_topics && $forum_posts ? ', ' : ''; $sql .= $forum_posts ? "forum_posts = forum_posts + {$forum_posts}" : ''; $sql .= " WHERE forum_id = {$forum_id}"; $db->sql_query($sql); } if ($total_topics) { set_config('num_topics', $config['num_topics'] + $total_topics, true); } if ($total_posts) { set_config('num_posts', $config['num_posts'] + $total_posts, true); } unset($topic_approve_sql, $topic_replies_sql, $post_approve_sql); update_post_information('topic', array_keys($topic_id_list)); update_post_information('forum', $forum_id); unset($topic_id_list); $messenger = new messenger(); // Notify Poster? if ($notify_poster) { $email_sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']); foreach ($post_info as $post_id => $post_data) { if ($post_data['poster_id'] == ANONYMOUS) { continue; } $email_template = $post_data['post_id'] == $post_data['topic_first_post_id'] && $post_data['post_id'] == $post_data['topic_last_post_id'] ? 'topic_approved' : 'post_approved'; $messenger->template($email_template, $post_data['user_lang']); $messenger->replyto($config['board_email']); $messenger->to($post_data['user_email'], $post_data['username']); $messenger->im($post_data['user_jabber'], $post_data['username']); $messenger->assign_vars(array('EMAIL_SIG' => $email_sig, 'SITENAME' => $config['sitename'], 'USERNAME' => html_entity_decode($post_data['username']), 'POST_SUBJECT' => html_entity_decode(censor_text($post_data['post_subject'])), 'TOPIC_TITLE' => html_entity_decode(censor_text($post_data['topic_title'])), 'U_VIEW_TOPIC' => generate_board_url() . "/viewtopic.{$phpEx}?f={$forum_id}&t={$post_data['topic_id']}&e=0", 'U_VIEW_POST' => generate_board_url() . "/viewtopic.{$phpEx}?f={$forum_id}&t={$post_data['topic_id']}&p={$post_id}&e={$post_id}")); $messenger->send($post_data['user_notify_type']); $messenger->reset(); } $messenger->save_queue(); } // Send out normal user notifications $email_sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']); foreach ($post_info as $post_id => $post_data) { if ($post_id == $post_data['topic_first_post_id'] && $post_id == $post_data['topic_last_post_id']) { // Forum Notifications user_notification('post', $post_data['topic_title'], $post_data['topic_title'], $post_data['forum_name'], $forum_id, $post_data['topic_id'], $post_id); } else { // Topic Notifications user_notification('reply', $post_data['post_subject'], $post_data['topic_title'], $post_data['forum_name'], $forum_id, $post_data['topic_id'], $post_id); } } unset($post_info); if ($forum_topics) { $success_msg = $forum_topics == 1 ? 'TOPIC_APPROVED_SUCCESS' : 'TOPICS_APPROVED_SUCCESS'; } else { $success_msg = sizeof($post_id_list) == 1 ? 'POST_APPROVED_SUCCESS' : 'POSTS_APPROVED_SUCCESS'; } } else { $template->assign_vars(array('S_NOTIFY_POSTER' => true, 'S_APPROVE' => true)); confirm_box(false, 'APPROVE_POST' . (sizeof($post_id_list) == 1 ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html'); } $redirect = request_var('redirect', "index.{$phpEx}"); $redirect = reapply_sid($redirect); if (!$success_msg) { redirect($redirect); } else { meta_refresh(3, $redirect); trigger_error($user->lang[$success_msg] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], "<a href=\"{$redirect}\">", '</a>')); } }
function _submit(&$sync) { global $config, $db, $auth, $user; if ($sync === false) { //submit() was called directly so we need to sync after it $sync = new syncer(); $exec_sync = true; } else { //submit() was called by topic->submit(), sync there when everything is done $exec_sync = false; } if (!$this->post_id) { //new post, set some default values if not set yet if (!$this->poster_id) { $this->poster_id = $user->data['user_id']; } if (!$this->poster_ip) { $this->poster_ip = $user->ip; } if (!$this->post_time) { $this->post_time = time(); } } $this->post_subject = truncate_string($this->post_subject); $sql_data = array('poster_id' => $this->poster_id, 'poster_ip' => $this->poster_ip, 'topic_id' => $this->topic_id, 'forum_id' => $this->forum_id, 'post_username' => $this->post_username, 'icon_id' => $this->icon_id, 'post_time' => $this->post_time, 'post_postcount' => $this->post_postcount ? 1 : 0, 'post_visibility' => $this->post_visibility, 'post_reported' => $this->post_reported ? 1 : 0, 'enable_bbcode' => $this->enable_bbcode ? 1 : 0, 'enable_smilies' => $this->enable_smilies ? 1 : 0, 'enable_magic_url' => $this->enable_magic_url ? 1 : 0, 'enable_sig' => $this->enable_sig ? 1 : 0, 'post_subject' => $this->post_subject, 'bbcode_bitfield' => 0, 'bbcode_uid' => '', 'post_text' => $this->post_text, 'post_checksum' => md5($this->post_text), 'post_edit_time' => $this->post_edit_time, 'post_edit_reason' => $this->post_edit_reason, 'post_edit_user' => $this->post_edit_user, 'post_edit_count' => $this->post_edit_count, 'post_edit_locked' => $this->post_edit_locked, 'post_delete_time' => $this->post_delete_time, 'post_delete_reason' => $this->post_delete_reason, 'post_delete_user' => $this->post_delete_user); $flags = ''; generate_text_for_storage($sql_data['post_text'], $sql_data['bbcode_uid'], $sql_data['bbcode_bitfield'], $flags, $this->enable_bbcode, $this->enable_magic_url, $this->enable_smilies); if ($this->post_id && $this->topic_id) { //edit $sql = "SELECT p.*, t.topic_first_post_id, t.topic_last_post_id, t.topic_approved, t.topic_replies\n\t\t\t\t\tFROM " . POSTS_TABLE . " p\n\t\t\t\t\tLEFT JOIN " . TOPICS_TABLE . " t ON (t.topic_id = p.topic_id)\n\t\t\t\t\tWHERE p.post_id=" . intval($this->post_id); //$sql = "SELECT * FROM " . POSTS_TABLE . " WHERE post_id=" . intval($this->post_id); $result = $db->sql_query($sql); $post_data = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$post_data) { trigger_error("post_id={$this->post_id}, but that post does not exist", E_USER_ERROR); } //check first/last post $is_first_post = $post_data['post_id'] == $post_data['topic_first_post_id']; $is_last_post = $post_data['post_id'] == $post_data['topic_last_post_id']; $db->sql_transaction('begin'); $sql = "UPDATE " . POSTS_TABLE . " SET " . $db->sql_build_array('UPDATE', $sql_data) . " WHERE post_id=" . $this->post_id; $db->sql_query($sql); if ($this->topic_id != $post_data['topic_id']) { //merge into new topic //get new topic's forum id and first/last post time $sql = "SELECT forum_id, topic_time, topic_last_post_time\n\t\t\t\t\t\tFROM " . TOPICS_TABLE . "\n\t\t\t\t\t\tWHERE topic_id = {$this->topic_id}"; $result = $db->sql_query($sql); $new_topic_data = $db->sql_fetchrow($result); if (!$new_topic_data) { trigger_error("attempted to merge post {$this->post_id} into topic {$this->topic_id}, but that topic does not exist", E_USER_ERROR); } //sync forum_posts //TODO if ($new_topic_data['forum_id'] != $post_data['forum_id']) { $sync->add('forum', $post_data['forum_id'], 'forum_posts', $this->post_approved ? -1 : 0); $sync->add('forum', $new_topic_data['forum_id'], 'forum_posts', $this->post_approved ? 1 : 0); if ($this->forum_id != $new_topic_data['forum_id']) { //user changed topic_id but not forum_id, so we saved the wrong one above. correct it via sync $this->forum_id = $new_topic_data['forum_id']; $sync->set('post', $this->post_id, 'forum_id', $this->forum_id); } } //sync old topic $sync->add('topic', $post_data['topic_id'], 'topic_replies', $this->post_approved ? -1 : 0); $sync->add('topic', $post_data['topic_id'], 'topic_replies_real', -1); $sync->check_topic_empty($post_data['topic_id']); //sync new topic $sync->add('topic', $this->topic_id, 'topic_replies', $this->post_approved ? 1 : 0); $sync->add('topic', $this->topic_id, 'topic_replies_real', 1); //sync topic_reported and topic_attachment if applicable if ($post_data['post_reported']) { $sync->topic_reported($post_data['topic_id']); } if ($post_data['post_attachment']) { $sync->topic_attachment($post_data['topic_id']); } if ($this->post_reported) { $sync->topic_reported($this->topic_id); } if ($this->post_attachment) { $sync->topic_attachment($this->topic_id); } if ($is_first_post) { //this was the first post in the old topic, sync it $sync->topic_first_post($post_data['topic_id']); $is_first_post = false; //unset since we dont know status for new topic yet } if ($is_last_post) { //this was the last post in the old topic, sync it $sync->topic_last_post($post_data['topic_id']); $sync->forum_last_post($post_data['forum_id']); $is_last_post = false; //unset since we dont know status for new topic yet } if ($this->post_time <= $new_topic_data['topic_time']) { //this will be the first post in the new topic, sync it $sync->topic_first_post($this->topic_id); $is_first_post = true; } if ($this->post_time >= $new_topic_data['topic_last_post_time']) { //this will be the last post in the new topic, sync it $sync->topic_last_post($this->topic_id); $sync->forum_last_post($this->topic_id); $is_last_post = true; } } elseif ($is_first_post) { $sync->set('topic', $this->topic_id, array('icon_id' => $this->icon_id, 'topic_approved' => $this->post_approved, 'topic_title' => $this->post_subject, 'topic_poster' => $this->poster_id, 'topic_time' => $this->post_time)); } //check if some statistics relevant flags have been changed if ($this->post_approved != $post_data['post_approved']) { //if topic_id was changed, we've already updated it above. if ($this->topic_id == $post_data['topic_id']) { if ($is_first_post) { //first post -> approve/disapprove whole topic if not yet done (should only happen when directly storing the post) if ($this->post_approved != $post_data['topic_approved']) { $sync->add('forum', $this->forum_id, 'forum_topics', $this->post_approved ? 1 : -1); $sync->add('forum', $this->forum_id, 'forum_posts', $this->post_approved ? 1 + $post_data['topic_replies'] : -(1 + $post_data['topic_replies'])); $sync->forum_last_post($this->forum_id); //and the total topics+posts set_config('num_topics', $this->post_approved ? $config['num_topics'] + 1 : $config['num_topics'] - 1, true); set_config('num_posts', $this->post_approved ? $config['num_posts'] + (1 + $post_data['topic_replies']) : $config['num_posts'] - (1 + $post_data['topic_replies']), true); } } else { //reply $sync->add('topic', $this->topic_id, 'topic_replies', $this->post_approved ? 1 : -1); $sync->add('forum', $this->forum_id, 'forum_posts', $this->post_approved ? 1 : -1); } } //update total posts if (!$is_first_post) { set_config('num_posts', $this->post_approved ? $config['num_posts'] + 1 : $config['num_posts'] - 1, true); } } /*if($this->post_postcount != $post_data['post_postcount'] && $this->poster_id != ANONYMOUS) { //increase or decrease user_posts $sync->add('user', $this->poster_id, 'user_posts', $this->post_approved ? 1 : -1); }*/ if ($this->poster_id != $post_data['poster_id'] || $this->post_postcount != $post_data['post_postcount']) { if ($post_data['post_postcount'] && $post_data['poster_id'] != ANONYMOUS) { $sync->add('user', $post_data['poster_id'], 'user_posts', -1); } if ($this->post_postcount && $this->poster_id != ANONYMOUS) { $sync->add('user', $this->poster_id, 'user_posts', 1); } } if ($is_first_post) { $sync->topic_first_post($this->topic_id); } if ($is_last_post) { $sync->topic_last_post($this->topic_id); $sync->forum_last_post($this->forum_id); } reindex('edit', $this->post_id, $sql_data['post_text'], $this->post_subject, $this->poster_id, $this->forum_id); $db->sql_transaction('commit'); } elseif ($this->topic_id) { //reply $sql = "SELECT t.*, f.forum_name\n\t\t\t\t\tFROM " . TOPICS_TABLE . " t\n\t\t\t\t\tLEFT JOIN " . FORUMS_TABLE . " f ON (f.forum_id = t.forum_id)\n\t\t\t\t\tWHERE t.topic_id=" . intval($this->topic_id); $result = $db->sql_query($sql); $topic_data = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$topic_data) { trigger_error("topic_id={$this->topic_id}, but that topic does not exist", E_USER_ERROR); } //we need topic_id and forum_id $this->forum_id = $topic_data['forum_id']; $sql_data['forum_id'] = $this->forum_id; $sql_data['topic_id'] = $this->topic_id; //make sure we have a post_subject (empty subjects are bad for e.g. approving) if ($this->post_subject == '') { $this->post_subject = 'Re: ' . $topic_data['topic_title']; } $db->sql_transaction('begin'); //insert post $sql = "INSERT INTO " . POSTS_TABLE . " " . $db->sql_build_array('INSERT', $sql_data); $db->sql_query($sql); $this->post_id = $db->sql_nextid(); //update topic if (!$sync->new_topic_flag) { $sync->add('topic', $this->topic_id, 'topic_replies', $this->post_approved ? 1 : 0); $sync->add('topic', $this->topic_id, 'topic_replies_real', 1); $sync->set('topic', $this->topic_id, 'topic_bumped', 0); $sync->set('topic', $this->topic_id, 'topic_bumper', 0); } else { $sync->topic_first_post($this->topic_id); $sync->new_topic_flag = false; } $sync->topic_last_post($this->topic_id); //update forum if ($this->forum_id != 0) { $sync->add('forum', $this->forum_id, 'forum_posts', $this->post_approved ? 1 : 0); $sync->forum_last_post($this->forum_id); } if ($this->post_postcount) { //increase user_posts... $sync->add('user', $this->poster_id, 'user_posts', 1); } if ($this->post_approved) { //...and total posts set_config('num_posts', $config['num_posts'] + 1, true); } reindex('reply', $this->post_id, $sql_data['post_text'], $this->post_subject, $this->poster_id, $this->forum_id); $db->sql_transaction('commit'); // Mark this topic as posted to markread('post', $this->forum_id, $this->topic_id, $this->post_time, $this->poster_id); // Mark this topic as read // We do not use post_time here, this is intended (post_time can have a date in the past if editing a message) markread('topic', $this->forum_id, $this->topic_id, time()); // if ($config['load_db_lastread'] && $user->data['is_registered']) { $sql = 'SELECT mark_time FROM ' . FORUMS_TRACK_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . ' AND forum_id = ' . $this->forum_id; $result = $db->sql_query($sql); $f_mark_time = (int) $db->sql_fetchfield('mark_time'); $db->sql_freeresult($result); } else { if ($config['load_anon_lastread'] || $user->data['is_registered']) { $f_mark_time = false; } } if ($config['load_db_lastread'] && $user->data['is_registered'] || $config['load_anon_lastread'] || $user->data['is_registered']) { // Update forum info $sql = 'SELECT forum_last_post_time FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . $this->forum_id; $result = $db->sql_query($sql); $forum_last_post_time = (int) $db->sql_fetchfield('forum_last_post_time'); $db->sql_freeresult($result); update_forum_tracking_info($this->forum_id, $forum_last_post_time, $f_mark_time, false); } // Send Notifications user_notification('reply', $this->post_subject, $topic_data['topic_title'], $topic_data['forum_name'], $this->forum_id, $this->topic_id, $this->post_id); } else { //new topic $this->_topic = topic::from_post($this); $this->_topic->submit(true); //PHP4 Compatibility: if (version_compare(PHP_VERSION, '5.0.0', '<')) { $this->topic_id = $this->_topic->topic_id; $this->post_id = $this->_topic->topic_first_post_id; } $exec_sync = false; } foreach ($this->attachments as $attachment) { $attachment->post_msg_id = $this->post_id; $attachment->topic_id = $this->topic_id; $attachment->poster_id = $this->poster_id; $attachment->in_message = 0; $attachment->is_orphan = 0; $attachment->submit(); } if ($exec_sync) { $sync->execute(); } /*if($sync_topic) { if($this->_topic) { $this->_topic->sync(); } else { sync('topic', 'topic_id', $this->topic_id); } }*/ }
function insert_post($message, $subject, $forum_id, $user_id, $user_name, $user_attach_sig, $topic_id = NULL, $topic_type = POST_NORMAL, $do_notification = false, $notify_user = false, $current_time = 0, $error_die_function = '', $html_on = 0, $bbcode_on = 1, $smilies_on = 1) { global $db, $board_config, $user_ip; // initialise some variables $topic_vote = 0; $mode = 'reply'; $bbcode_uid = $bbcode_on ? make_bbcode_uid() : ''; $error_die_function = $error_die_function == '' ? "message_die" : $error_die_function; $current_time = $current_time == 0 ? time() : $current_time; // parse the message and the subject (belt & braces :) $message = addslashes(unprepare_message($message)); $message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on, $bbcode_uid); $subject = addslashes(str_replace('"', '"', trim($subject))); $username = addslashes(unprepare_message(trim($user_name))); // fix for \" in username - wineknow.com $username = str_replace("\\\"", "\"", $username); // if this is a new topic then insert the topic details if (is_null($topic_id)) { $mode = 'newtopic'; $sql = "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote) VALUES ('{$subject}', " . $user_id . ", {$current_time}, {$forum_id}, " . TOPIC_UNLOCKED . ", {$topic_type}, {$topic_vote})"; if (!$db->sql_query($sql, BEGIN_TRANSACTION)) { $error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } $topic_id = $db->sql_nextid(); } // insert the post details using the topic id $sql = "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig) VALUES ({$topic_id}, {$forum_id}, " . $user_id . ", '{$username}', {$current_time}, '{$user_ip}', {$bbcode_on}, {$html_on}, {$smilies_on}, {$user_attach_sig})"; if (!$db->sql_query($sql, BEGIN_TRANSACTION)) { $error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } $post_id = $db->sql_nextid(); // insert the actual post text for our new post $sql = "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, bbcode_uid, post_text) VALUES ({$post_id}, '{$subject}', '{$bbcode_uid}', '{$message}')"; if (!$db->sql_query($sql, BEGIN_TRANSACTION)) { $error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } // update the post counts etc. $newpostsql = $mode == 'newtopic' ? ',forum_topics = forum_topics + 1' : ''; $sql = "UPDATE " . FORUMS_TABLE . " SET \n forum_posts = forum_posts + 1,\n forum_last_post_id = {$post_id}\n {$newpostsql} \t\n WHERE forum_id = {$forum_id}"; if (!$db->sql_query($sql, BEGIN_TRANSACTION)) { $error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } // update the first / last post ids for the topic $first_post_sql = $mode == 'newtopic' ? ", topic_first_post_id = {$post_id} " : ' , topic_replies=topic_replies+1'; $sql = "UPDATE " . TOPICS_TABLE . " SET \n topic_last_post_id = {$post_id} \n {$first_post_sql}\n WHERE topic_id = {$topic_id}"; if (!$db->sql_query($sql, BEGIN_TRANSACTION)) { $error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } // update the user's post count and commit the transaction $sql = "UPDATE " . USERS_TABLE . " SET \n user_posts = user_posts + 1\n WHERE user_id = {$user_id}"; if (!$db->sql_query($sql, END_TRANSACTION)) { $error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } // add the search words for our new post switch ($board_config['version']) { case '.0.0': case '.0.1': case '.0.2': case '.0.3': add_search_words($post_id, stripslashes($message), stripslashes($subject)); break; default: add_search_words('', $post_id, stripslashes($message), stripslashes($subject)); break; } // do we need to do user notification if ($mode == 'reply' && $do_notification) { // DP bugfix (critical): $userdata['user_id'] must be set; otherwise, // user_notification() will generate a bad SQL query and die. global $userdata; $userdata['user_id'] = $user_id; // DP bugfix (minor): We should pass the topic title, not the post subject, // as the third param to user_notification. $sql = "SELECT topic_title FROM " . TOPICS_TABLE . " WHERE topic_id = {$topic_id}"; if (!($result = $db->sql_query($sql))) { $error_die_function(GENERAL_ERROR, 'Error getting topic_title', '', __LINE__, __FILE__, $sql); } list($topic_title) = $db->sql_fetchrow($result); $post_data = array(); user_notification($mode, $post_data, $topic_title, $forum_id, $topic_id, $post_id, $notify_user); } // if all is well then return the id of our new post return array('post_id' => $post_id, 'topic_id' => $topic_id); }
case 'editpost': case 'newtopic': case 'reply': $username = !empty($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : ''; $subject = !empty($HTTP_POST_VARS['subject']) ? trim($HTTP_POST_VARS['subject']) : ''; $message = !empty($HTTP_POST_VARS['message']) ? $HTTP_POST_VARS['message'] : ''; $poll_title = isset($HTTP_POST_VARS['poll_title']) && $is_auth['auth_pollcreate'] ? $HTTP_POST_VARS['poll_title'] : ''; $poll_options = isset($HTTP_POST_VARS['poll_option_text']) && $is_auth['auth_pollcreate'] ? $HTTP_POST_VARS['poll_option_text'] : ''; $poll_length = isset($HTTP_POST_VARS['poll_length']) && $is_auth['auth_pollcreate'] ? $HTTP_POST_VARS['poll_length'] : ''; $bbcode_uid = ''; prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $message, $poll_title, $poll_options, $poll_length); if ($error_msg == '') { $topic_type = $topic_type != $post_data['topic_type'] && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] ? $post_data['topic_type'] : $topic_type; submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, str_replace("\\'", "''", $username), str_replace("\\'", "''", $subject), str_replace("\\'", "''", $message), str_replace("\\'", "''", $poll_title), $poll_options, $poll_length); if ($error_msg == '') { user_notification($mode, $post_data, $forum_id, $topic_id, $post_id, $notify_user); } } break; case 'delete': case 'poll_delete': delete_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id); break; } if ($error_msg == '') { if ($mode != 'editpost') { $user_id = $mode == 'reply' || $mode == 'newtopic' ? $userdata['user_id'] : $post_data['poster_id']; update_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $user_id); } if ($mode == 'newtopic' || $mode == 'reply') { $tracking_topics = !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) : array();
if ($last_msg == $message) { $this->ajax_die($lang['DOUBLE_POST_ERROR']); } } } if ($bb_cfg['max_smilies']) { $count_smilies = substr_count(bbcode2html($message), '<img class="smile" src="' . $bb_cfg['smilies_path']); if ($count_smilies > $bb_cfg['max_smilies']) { $this->ajax_die(sprintf($lang['MAX_SMILIES_PER_POST'], $bb_cfg['max_smilies'])); } } DB()->sql_query("INSERT INTO " . BB_POSTS . " (topic_id, forum_id, poster_id, post_time, poster_ip) VALUES ({$topic_id}, " . $post['forum_id'] . ", " . $userdata['user_id'] . ", '" . TIMENOW . "', '" . USER_IP . "')"); $post_id = DB()->sql_nextid(); DB()->sql_query("INSERT INTO " . BB_POSTS_TEXT . " (post_id, post_text) VALUES ({$post_id}, '" . DB()->escape($message) . "')"); update_post_stats('reply', $post, $post['forum_id'], $topic_id, $post_id, $userdata['user_id']); $s_message = str_replace('\\n', "\n", $message); $s_topic_title = str_replace('\\n', "\n", $post['topic_title']); add_search_words($post_id, stripslashes($s_message), stripslashes($s_topic_title)); update_post_html(array('post_id' => $post_id, 'post_text' => $message)); if ($bb_cfg['topic_notify_enabled']) { $notify = !empty($this->request['notify']); user_notification('reply', $post, $post['topic_title'], $post['forum_id'], $topic_id, $notify); } // Update atom feed update_atom('topic', (int) $this->request['topic_id']); $this->response['redirect'] = make_url(POST_URL . "{$post_id}#{$post_id}"); break; default: $this->ajax_die('empty type'); break; }
/** * Submit Post */ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $update_message = true) { global $config, $_CORE_CONFIG, $_CLASS; // We do not handle erasing posts here if ($mode == 'delete') { return false; } $current_time = $_CLASS['core_user']->time; if ($mode == 'post') { $post_mode = 'post'; $update_message = true; } else { if ($mode != 'edit') { $post_mode = 'reply'; $update_message = true; } else { if ($mode == 'edit') { $post_mode = $data['topic_first_post_id'] == $data['topic_last_post_id'] ? 'edit_topic' : ($data['topic_first_post_id'] == $data['post_id'] ? 'edit_first_post' : ($data['topic_last_post_id'] == $data['post_id'] ? 'edit_last_post' : 'edit')); } } } // Collect some basic informations about which tables and which rows to update/insert $sql_data = array(); $poster_id = $mode == 'edit' ? $data['poster_id'] : (int) $_CLASS['core_user']->data['user_id']; // Collect Informations switch ($post_mode) { case 'post': case 'reply': $sql_data[FORUMS_POSTS_TABLE]['sql'] = array('forum_id' => $topic_type == POST_GLOBAL ? 0 : $data['forum_id'], 'poster_id' => (int) $_CLASS['core_user']->data['user_id'], 'icon_id' => $data['icon_id'], 'poster_ip' => $_CLASS['core_user']->ip, 'post_time' => $current_time, 'post_approved' => !$_CLASS['forums_auth']->acl_get('f_noapprove', $data['forum_id']) && !$_CLASS['forums_auth']->acl_get('m_approve', $data['forum_id']) ? 0 : 1, 'enable_html' => $data['enable_html'], 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'post_username' => !$_CLASS['core_user']->is_user ? $username : '', 'post_subject' => $subject, 'post_text' => $data['message'], 'post_checksum' => $data['message_md5'], 'post_attachment' => empty($data['attachment_data']) ? 0 : 1, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'post_postcount' => $_CLASS['forums_auth']->acl_get('f_postcount', $data['forum_id']) ? 1 : 0, 'post_edit_locked' => $data['post_edit_locked']); break; case 'edit_first_post': case 'edit': if (!$_CLASS['forums_auth']->acl_get('m_edit', $data['forum_id']) || $data['post_edit_reason']) { $sql_data[FORUMS_POSTS_TABLE]['sql'] = array('post_edit_time' => $current_time); $sql_data[FORUMS_POSTS_TABLE]['stat'][] = 'post_edit_count = post_edit_count + 1'; } // no break // no break case 'edit_last_post': case 'edit_topic': if (($post_mode == 'edit_last_post' || $post_mode == 'edit_topic') && $data['post_edit_reason']) { $sql_data[FORUMS_POSTS_TABLE]['sql'] = array('post_edit_time' => $current_time); $sql_data[FORUMS_POSTS_TABLE]['stat'][] = 'post_edit_count = post_edit_count + 1'; } if (!isset($sql_data[FORUMS_POSTS_TABLE]['sql'])) { $sql_data[FORUMS_POSTS_TABLE]['sql'] = array(); } $sql_data[FORUMS_POSTS_TABLE]['sql'] = array_merge($sql_data[FORUMS_POSTS_TABLE]['sql'], array('forum_id' => $topic_type == POST_GLOBAL ? 0 : $data['forum_id'], 'poster_id' => $data['poster_id'], 'icon_id' => $data['icon_id'], 'post_approved' => !$_CLASS['forums_auth']->acl_get('f_noapprove', $data['forum_id']) && !$_CLASS['forums_auth']->acl_get('m_approve', $data['forum_id']) ? 0 : 1, 'enable_html' => $data['enable_html'], 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'post_username' => $username && $data['poster_id'] == ANONYMOUS ? $username : '', 'post_subject' => $subject, 'post_edit_reason' => $data['post_edit_reason'], 'post_edit_user' => (int) $data['post_edit_user'], 'post_checksum' => $data['message_md5'], 'post_attachment' => empty($data['attachment_data']) ? 0 : 1, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'post_edit_locked' => $data['post_edit_locked'])); if ($update_message) { $sql_data[FORUMS_POSTS_TABLE]['sql']['post_text'] = $data['message']; } break; } // And the topic ladies and gentlemen switch ($post_mode) { case 'post': $sql_data[FORUMS_TOPICS_TABLE]['sql'] = array('topic_poster' => (int) $_CLASS['core_user']->data['user_id'], 'topic_time' => $current_time, 'forum_id' => $topic_type == POST_GLOBAL ? 0 : $data['forum_id'], 'icon_id' => $data['icon_id'], 'topic_approved' => !$_CLASS['forums_auth']->acl_get('f_noapprove', $data['forum_id']) && !$_CLASS['forums_auth']->acl_get('m_approve', $data['forum_id']) ? 0 : 1, 'topic_title' => $subject, 'topic_first_poster_name' => !$_CLASS['core_user']->is_user && $username ? $username : ($_CLASS['core_user']->data['user_id'] != ANONYMOUS ? $_CLASS['core_user']->data['username'] : ''), 'topic_type' => $topic_type, 'topic_time_limit' => $topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE ? $data['topic_time_limit'] * 86400 : 0, 'topic_attachment' => empty($data['attachment_data']) ? 0 : 1, 'topic_status' => 0, 'topic_replies_real' => 0, 'topic_replies' => 0, 'topic_views' => 0, 'topic_moved_id' => 0); if (isset($poll['poll_options']) && !empty($poll['poll_options'])) { $sql_data[FORUMS_TOPICS_TABLE]['sql'] = array_merge($sql_data[FORUMS_TOPICS_TABLE]['sql'], array('poll_title' => $poll['poll_title'], 'poll_start' => $poll['poll_start'] ? $poll['poll_start'] : $current_time, 'poll_max_options' => $poll['poll_max_options'], 'poll_length' => $poll['poll_length'] * 86400, 'poll_vote_change' => $poll['poll_vote_change'])); } $sql_data[CORE_USERS_TABLE]['stat'][] = "user_last_post_time = {$current_time}" . ($_CLASS['forums_auth']->acl_get('f_postcount', $data['forum_id']) ? ', user_posts = user_posts + 1' : ''); if ($topic_type != POST_GLOBAL) { if ($_CLASS['forums_auth']->acl_get('f_noapprove', $data['forum_id']) || $_CLASS['forums_auth']->acl_get('m_approve', $data['forum_id'])) { $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + 1'; } $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . ($_CLASS['forums_auth']->acl_get('f_noapprove', $data['forum_id']) || $_CLASS['forums_auth']->acl_get('m_approve', $data['forum_id']) ? ', forum_topics = forum_topics + 1' : ''); } break; case 'reply': $sql_data[FORUMS_TOPICS_TABLE]['stat'][] = 'topic_replies_real = topic_replies_real + 1, topic_bumped = 0, topic_bumper = 0' . ($_CLASS['forums_auth']->acl_get('f_noapprove', $data['forum_id']) || $_CLASS['forums_auth']->acl_get('m_approve', $data['forum_id']) ? ', topic_replies = topic_replies + 1' : ''); $sql_data[CORE_USERS_TABLE]['stat'][] = "user_last_post_time = {$current_time}" . ($_CLASS['forums_auth']->acl_get('f_postcount', $data['forum_id']) ? ', user_posts = user_posts + 1' : ''); if (($_CLASS['forums_auth']->acl_get('f_noapprove', $data['forum_id']) || $_CLASS['forums_auth']->acl_get('m_approve', $data['forum_id'])) && $topic_type != POST_GLOBAL) { $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + 1'; } break; case 'edit_topic': case 'edit_first_post': $sql_data[FORUMS_TOPICS_TABLE]['sql'] = array('forum_id' => $topic_type == POST_GLOBAL ? 0 : $data['forum_id'], 'icon_id' => $data['icon_id'], 'topic_approved' => !$_CLASS['forums_auth']->acl_get('f_noapprove', $data['forum_id']) && !$_CLASS['forums_auth']->acl_get('m_approve', $data['forum_id']) ? 0 : 1, 'topic_title' => $subject, 'topic_first_poster_name' => $username, 'topic_type' => $topic_type, 'topic_time_limit' => $topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE ? $data['topic_time_limit'] * 86400 : 0, 'poll_title' => isset($poll['poll_options']) ? $poll['poll_title'] : '', 'poll_start' => isset($poll['poll_options']) ? $poll['poll_start'] ? $poll['poll_start'] : $current_time : 0, 'poll_max_options' => isset($poll['poll_options']) ? $poll['poll_max_options'] : 1, 'poll_length' => isset($poll['poll_options']) ? $poll['poll_length'] * 86400 : 0, 'poll_vote_change' => isset($poll['poll_vote_change']) ? $poll['poll_vote_change'] : 0, 'topic_attachment' => empty($data['attachment_data']) ? 0 : 1); break; } $_CLASS['core_db']->transaction(); // Submit new topic if ($post_mode === 'post') { $sql = 'INSERT INTO ' . FORUMS_TOPICS_TABLE . ' ' . $_CLASS['core_db']->sql_build_array('INSERT', $sql_data[FORUMS_TOPICS_TABLE]['sql']); $_CLASS['core_db']->query($sql); $data['topic_id'] = $_CLASS['core_db']->insert_id(FORUMS_TOPICS_TABLE, 'topic_id'); $sql_data[FORUMS_POSTS_TABLE]['sql'] = array_merge($sql_data[FORUMS_POSTS_TABLE]['sql'], array('topic_id' => $data['topic_id'])); unset($sql_data[FORUMS_TOPICS_TABLE]['sql']); } // Submit new post if ($post_mode === 'post' || $post_mode === 'reply') { if ($post_mode === 'reply') { $sql_data[FORUMS_POSTS_TABLE]['sql'] = array_merge($sql_data[FORUMS_POSTS_TABLE]['sql'], array('topic_id' => $data['topic_id'])); } $_CLASS['core_db']->sql_query_build('INSERT', $sql_data[FORUMS_POSTS_TABLE]['sql'], FORUMS_POSTS_TABLE); unset($sql_data[FORUMS_POSTS_TABLE]['sql']); $data['post_id'] = $_CLASS['core_db']->insert_id(FORUMS_POSTS_TABLE, 'post_id'); if ($post_mode === 'post') { $sql_data[FORUMS_TOPICS_TABLE]['sql'] = array('topic_first_post_id' => $data['post_id'], 'topic_last_post_id' => $data['post_id'], 'topic_last_post_time' => $current_time, 'topic_last_poster_id' => (int) $_CLASS['core_user']->data['user_id'], 'topic_last_poster_name' => !$_CLASS['core_user']->is_user && $username ? $username : ($_CLASS['core_user']->data['user_id'] != ANONYMOUS ? $_CLASS['core_user']->data['username'] : '')); } } $make_global = false; // Are we globalising or unglobalising? if ($post_mode === 'edit_first_post' || $post_mode === 'edit_topic') { $sql = 'SELECT topic_type, topic_replies_real, topic_approved FROM ' . FORUMS_TOPICS_TABLE . ' WHERE topic_id = ' . $data['topic_id']; $result = $_CLASS['core_db']->query($sql); $row = $_CLASS['core_db']->fetch_row_assoc($result); $_CLASS['core_db']->free_result($result); // globalise if ($row['topic_type'] != POST_GLOBAL && $topic_type == POST_GLOBAL) { // Decrement topic/post count $make_global = true; $sql_data[FORUMS_FORUMS_TABLE]['stat'] = array(); $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts - ' . ($row['topic_replies_real'] + 1); $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real - 1' . ($row['topic_approved'] ? ', forum_topics = forum_topics - 1' : ''); // Update forum_ids for all posts $sql = 'UPDATE ' . FORUMS_POSTS_TABLE . ' SET forum_id = 0 WHERE topic_id = ' . $data['topic_id']; $_CLASS['core_db']->query($sql); } else { if ($row['topic_type'] == POST_GLOBAL && $topic_type != POST_GLOBAL) { // Increment topic/post count $make_global = true; $sql_data[FORUMS_FORUMS_TABLE]['stat'] = array(); $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + ' . ($row['topic_replies_real'] + 1); $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . ($row['topic_approved'] ? ', forum_topics = forum_topics + 1' : ''); // Update forum_ids for all posts $sql = 'UPDATE ' . FORUMS_POSTS_TABLE . ' SET forum_id = ' . $data['forum_id'] . ' WHERE topic_id = ' . $data['topic_id']; $_CLASS['core_db']->query($sql); } } } // Update the topics table if (isset($sql_data[FORUMS_TOPICS_TABLE]['sql'])) { $sql = 'UPDATE ' . FORUMS_TOPICS_TABLE . ' SET ' . $_CLASS['core_db']->sql_build_array('UPDATE', $sql_data[FORUMS_TOPICS_TABLE]['sql']) . ' WHERE topic_id = ' . $data['topic_id']; $_CLASS['core_db']->query($sql); } // Update the posts table if (isset($sql_data[FORUMS_POSTS_TABLE]['sql'])) { $sql = 'UPDATE ' . FORUMS_POSTS_TABLE . ' SET ' . $_CLASS['core_db']->sql_build_array('UPDATE', $sql_data[FORUMS_POSTS_TABLE]['sql']) . ' WHERE post_id = ' . $data['post_id']; $_CLASS['core_db']->query($sql); } // Update Poll Tables if (isset($poll['poll_options']) && !empty($poll['poll_options'])) { $cur_poll_options = array(); if ($poll['poll_start'] && $mode == 'edit') { $sql = 'SELECT * FROM ' . FORUMS_POLL_OPTIONS_TABLE . ' WHERE topic_id = ' . $data['topic_id'] . ' ORDER BY poll_option_id'; $result = $_CLASS['core_db']->query($sql); $cur_poll_options = array(); while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) { $cur_poll_options[] = $row; } $_CLASS['core_db']->free_result($result); } $sql_insert_ary = array(); for ($i = 0, $size = sizeof($poll['poll_options']); $i < $size; $i++) { if (trim($poll['poll_options'][$i])) { if (empty($cur_poll_options[$i])) { $sql_insert_ary[] = array('poll_option_id' => (int) $i, 'topic_id' => (int) $data['topic_id'], 'poll_option_text' => (string) $poll['poll_options'][$i], 'poll_option_total' => 0); } else { if ($poll['poll_options'][$i] != $cur_poll_options[$i]) { $sql = "UPDATE " . FORUMS_POLL_OPTIONS_TABLE . "\r\n\t\t\t\t\t\tSET poll_option_text = '" . $_CLASS['core_db']->escape($poll['poll_options'][$i]) . "'\r\n\t\t\t\t\t\tWHERE poll_option_id = " . $cur_poll_options[$i]['poll_option_id'] . "\r\n\t\t\t\t\t\t\tAND topic_id = " . $data['topic_id']; $_CLASS['core_db']->query($sql); } } } } if (!empty($sql_insert_ary)) { $_CLASS['core_db']->sql_query_build('MULTI_INSERT', $sql_insert_ary, FORUMS_POLL_OPTIONS_TABLE); unset($sql_insert_ary); } if (count($poll['poll_options']) < count($cur_poll_options)) { $sql = 'DELETE FROM ' . FORUMS_POLL_OPTIONS_TABLE . ' WHERE poll_option_id >= ' . count($poll['poll_options']) . ' AND topic_id = ' . $data['topic_id']; $_CLASS['core_db']->query($sql); } } // Submit Attachments if (count($data['attachment_data']) && $data['post_id'] && in_array($mode, array('post', 'reply', 'quote', 'edit'))) { $space_taken = $files_added = $files_updated = 0; $orphan_rows = array(); foreach ($data['attachment_data'] as $pos => $attach_row) { $orphan_rows[(int) $attach_row['attach_id']] = array(); } if (sizeof($orphan_rows)) { $sql = 'SELECT attach_id, filesize, physical_filename FROM ' . FORUMS_ATTACHMENTS_TABLE . ' WHERE attach_id IN (' . implode(', ', array_keys($orphan_rows)) . ') AND is_orphan = 1 AND poster_id = ' . $_CLASS['core_user']->data['user_id']; $result = $_CLASS['core_db']->query($sql); $orphan_rows = array(); while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) { $orphan_rows[$row['attach_id']] = $row; } $_CLASS['core_db']->free_result($result); } foreach ($data['attachment_data'] as $pos => $attach_row) { if ($attach_row['is_orphan'] && !in_array($attach_row['attach_id'], array_keys($orphan_rows))) { continue; } if (!$attach_row['is_orphan']) { // update entry in db if attachment already stored in db and filespace $sql = 'UPDATE ' . FORUMS_ATTACHMENTS_TABLE . "\r\n\t\t\t\t\tSET attach_comment = '" . $_CLASS['core_db']->escape($attach_row['attach_comment']) . "'\r\n\t\t\t\t\tWHERE attach_id = " . (int) $attach_row['attach_id'] . ' AND is_orphan = 0'; $_CLASS['core_db']->query($sql); } else { // insert attachment into db if (!@file_exists(SITE_FILE_ROOT . $config['upload_path'] . '/' . basename($orphan_rows[$attach_row['attach_id']]['physical_filename']))) { continue; } $space_taken += $orphan_rows[$attach_row['attach_id']]['filesize']; $files_added++; $attach_sql = array('post_msg_id' => $data['post_id'], 'topic_id' => $data['topic_id'], 'is_orphan' => 0, 'poster_id' => $poster_id, 'attach_comment' => $attach_row['attach_comment']); $sql = 'UPDATE ' . FORUMS_ATTACHMENTS_TABLE . ' SET ' . $_CLASS['core_db']->sql_build_array('UPDATE', $attach_sql) . ' WHERE attach_id = ' . $attach_row['attach_id'] . ' AND is_orphan = 1 AND poster_id = ' . $user->data['user_id']; $_CLASS['core_db']->query($sql); } } if ($files_updated || $files_added) { set_config('upload_dir_size', $config['upload_dir_size'] + $space_taken, true); set_config('num_files', $config['num_files'] + $files_added, true); } } $_CLASS['core_db']->transaction('commit'); if ($post_mode === 'post' || $post_mode === 'reply' || $post_mode === 'edit_last_post') { if ($topic_type != POST_GLOBAL) { $update_sql = update_post_information('forum', $data['forum_id'], true); if (sizeof($update_sql)) { $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = implode(', ', $update_sql[$data['forum_id']]); } } $update_sql = update_post_information('topic', $data['topic_id'], true); if (sizeof($update_sql)) { $sql_data[FORUMS_TOPICS_TABLE]['stat'][] = implode(', ', $update_sql[$data['topic_id']]); } } if ($make_global) { $update_sql = update_post_information('forum', $data['forum_id'], true); if (sizeof($update_sql)) { $sql_data[FORUMS_FORUMS_TABLE]['stat'][] = implode(', ', $update_sql[$data['forum_id']]); } } if ($post_mode === 'edit_topic') { $update_sql = update_post_information('topic', $data['topic_id'], true); if (sizeof($update_sql)) { $sql_data[FORUMS_TOPICS_TABLE]['stat'][] = implode(', ', $update_sql[$data['topic_id']]); } } // Update total post count, do not consider moderated posts/topics if ($_CLASS['forums_auth']->acl_get('f_noapprove', $data['forum_id']) || $_CLASS['forums_auth']->acl_get('m_approve', $data['forum_id'])) { if ($post_mode === 'post') { set_config('num_topics', $config['num_topics'] + 1, true); set_config('num_posts', $config['num_posts'] + 1, true); } if ($post_mode === 'reply') { set_config('num_posts', $config['num_posts'] + 1, true); } } // Update forum stats $_CLASS['core_db']->transaction(); $where_sql = array(FORUMS_POSTS_TABLE => 'post_id = ' . $data['post_id'], FORUMS_TOPICS_TABLE => 'topic_id = ' . $data['topic_id'], FORUMS_FORUMS_TABLE => 'forum_id = ' . $data['forum_id'], CORE_USERS_TABLE => 'user_id = ' . $_CLASS['core_user']->data['user_id']); foreach ($sql_data as $table => $update_ary) { if (isset($update_ary['stat']) && implode('', $update_ary['stat'])) { $_CLASS['core_db']->query("UPDATE {$table} SET " . implode(', ', $update_ary['stat']) . ' WHERE ' . $where_sql[$table]); } } // Delete topic shadows (if any exist). We do not need a shadow topic for an global announcement if ($make_global) { $sql = 'DELETE FROM ' . FORUMS_TOPICS_TABLE . ' WHERE topic_moved_id = ' . $data['topic_id']; $_CLASS['core_db']->query($sql); } // Index message contents if (false && $update_message && $data['enable_indexing']) { // Select the search method and do some additional checks to ensure it can actually be utilised $search_type = basename($config['search_type']); if (!file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx)) { trigger_error('NO_SUCH_SEARCH_MODULE'); } require "{$phpbb_root_path}includes/search/{$search_type}.{$phpEx}"; $error = false; $search = new $search_type($error); if ($error) { trigger_error($error); } $search->index($mode, $data['post_id'], $data['message'], $subject, $poster_id, $topic_type == POST_GLOBAL ? 0 : $data['forum_id']); } $_CLASS['core_db']->transaction('commit'); // Delete draft if post was loaded... $draft_id = request_var('draft_loaded', 0); if ($draft_id) { $sql = 'DELETE FROM ' . FORUMS_DRAFTS_TABLE . "\r\n\t\t\tWHERE draft_id = {$draft_id}\r\n\t\t\t\tAND user_id = {$_CLASS['core_user']->data['user_id']}"; $_CLASS['core_db']->query($sql); } // Topic Notification, do not change if moderator is changing other users posts... if ($_CLASS['core_user']->data['user_id'] == $poster_id) { if (!$data['notify_set'] && $data['notify']) { $notify_sql = array('user_id' => $_CLASS['core_user']->data['user_id'], 'forum_id' => $data['forum_id'], 'topic_id' => $data['topic_id'], 'notify_type' => $poster_id, 'notify_status' => 0); $_CLASS['core_db']->sql_query_build('INSERT', $notify_sql, FORUMS_WATCH_TABLE); unset($notify_sql); } else { if ($data['notify_set'] && !$data['notify']) { $sql = 'DELETE FROM ' . FORUMS_TOPICS_WATCH_TABLE . ' WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . ' AND topic_id = ' . $data['topic_id']; $_CLASS['core_db']->query($sql); } } } if ($mode == 'post' || $mode == 'reply' || $mode == 'quote') { // Mark this topic as posted to markread('post', $data['forum_id'], $data['topic_id'], $data['post_time']); } // Mark this topic as read // We do not use post_time here, this is intended (post_time can have a date in the past if editing a message) markread('topic', $data['forum_id'], $data['topic_id'], $_CLASS['core_user']->time); // Send Notifications if ($mode !== 'edit' && $mode !== 'delete' && ($_CLASS['forums_auth']->acl_get('f_noapprove', $data['forum_id']) || $_CLASS['forums_auth']->acl_get('m_approve', $data['forum_id']))) { user_notification($mode, $subject, $data['topic_title'], $data['forum_name'], $data['forum_id'], $data['topic_id'], $data['post_id']); } if ($mode === 'post') { $url = $_CLASS['forums_auth']->acl_get('f_noapprove', $data['forum_id']) || $_CLASS['forums_auth']->acl_get('m_approve', $data['forum_id']) ? generate_link('forums&file=viewtopic&f=' . $data['forum_id'] . '&t=' . $data['topic_id']) : generate_link('forums&file=viewforum&f=' . $data['forum_id']); } else { $url = $_CLASS['forums_auth']->acl_get('f_noapprove', $data['forum_id']) || $_CLASS['forums_auth']->acl_get('m_approve', $data['forum_id']) ? generate_link("forums&file=viewtopic&f={$data['forum_id']}&t={$data['topic_id']}&p={$data['post_id']}") . "#p{$data['post_id']}" : generate_link("forums&file=viewtopic&f={$data['forum_id']}&t={$data['topic_id']}"); } return $url; }
/** * Add a reply to this topic. * * */ public function addReply($message) { global $phpbb_root_path, $phpEx, $user_ip, $userdata, $db, $themes_id, $board_config, $template, $theme, $lang, $page_title, $SID, $html_entities_match, $html_entities_replace, $user_ip, $attachment_mod, $unhtml_specialchars_match, $unhtml_specialchars_replace; require_once $phpbb_root_path . 'includes/bbcode.' . $phpEx; require_once $phpbb_root_path . 'includes/functions_post.' . $phpEx; $forum_id = $this->getForumId(); $topic_id = $this->getTopicId(); $message = addslashes($message); $post_id = null; $poll_id = null; $attach_sig = 0; $mode = 'reply'; $post_data = array('first_post' => 0, 'last_post' => false, 'has_poll' => false, 'edit_poll' => false); $bbcode_on = '1'; $html_on = '0'; $smilies_on = '1'; $error_msg = ''; $username = ''; $bbcode_uid = ''; $subject = ''; $poll_title = ''; $poll_options = ''; $poll_length = '0'; $poll_length_h = '0'; $poll_length = $poll_length * 24; $poll_length = $poll_length_h + $poll_length; $poll_length = 0; $max_vote = ''; $hide_vote = ''; $tothide_vote = ''; prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $message, $poll_title, $poll_options, $poll_length, $max_vote, $hide_vote, $tothide_vote); if ($error_msg == '') { $topic_type = 0; submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, str_replace("\\'", "''", $username), str_replace("\\'", "''", $subject), str_replace("\\'", "''", $message), str_replace("\\'", "''", $poll_title), $poll_options, $poll_length, $max_vote, $hide_vote, $tothide_vote); } if ($error_msg == '') { $user_id = $userdata['user_id']; update_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $user_id); //$attachment_mod['posting']->insert_attachment($post_id); if ($error_msg == '') { $notify_user = true; user_notification($mode, $post_data, $this->getTopicTitle(), $forum_id, $topic_id, $post_id, $notify_user); } $tracking_topics = !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) : array(); $tracking_forums = !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) : array(); if (count($tracking_topics) + count($tracking_forums) == 100 && empty($tracking_topics[$topic_id])) { asort($tracking_topics); unset($tracking_topics[key($tracking_topics)]); } $tracking_topics[$topic_id] = time(); setcookie($board_config['cookie_name'] . '_t', serialize($tracking_topics), 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); return $post_id; } else { message_die(GENERAL_ERROR, 'An error occured when posting a reply.'); } }
/** * Approve Post/Topic */ function approve_post($post_id_list, $mode) { global $_CLASS, $_CORE_CONFIG, $config; $forum_id = request_var('f', 0); if (!check_ids($post_id_list, FORUMS_POSTS_TABLE, 'post_id', 'm_approve')) { trigger_error('NOT_AUTHORIZED'); } $redirect = get_variable('redirect', 'POST', $_CLASS['core_user']->data['session_url']); $success_msg = ''; $s_hidden_fields = build_hidden_fields(array('i' => 'queue', 'f' => $forum_id, 'mode' => $mode, 'post_id_list' => $post_id_list, 'action' => 'approve', 'redirect' => $redirect)); $_CLASS['core_template']->assign_array(array('S_NOTIFY_POSTER' => true, 'S_APPROVE' => true)); if (display_confirmation($_CLASS['core_user']->get_lang('APPROVE_POST' . (sizeof($post_id_list) == 1 ? '' : 'S')), $s_hidden_fields, 'modules/forums/mcp_approve.html')) { $notify_poster = isset($_REQUEST['notify_poster']) ? true : false; $post_info = get_post_data($post_id_list, 'm_approve'); // If Topic -> total_topics = total_topics+1, total_posts = total_posts+1, forum_topics = forum_topics+1, forum_posts = forum_posts+1 // If Post -> total_posts = total_posts+1, forum_posts = forum_posts+1, topic_replies = topic_replies+1 $total_topics = $total_posts = $forum_topics = $forum_posts = 0; $topic_approve_sql = $topic_replies_sql = $post_approve_sql = $topic_id_list = array(); foreach ($post_info as $post_id => $post_data) { $topic_id_list[$post_data['topic_id']] = 1; // Topic or Post. ;) if ($post_data['topic_first_post_id'] == $post_id) { if ($post_data['forum_id']) { $total_topics++; $forum_topics++; } $topic_approve_sql[] = $post_data['topic_id']; } else { if (!isset($topic_replies_sql[$post_data['topic_id']])) { $topic_replies_sql[$post_data['topic_id']] = 1; } else { $topic_replies_sql[$post_data['topic_id']]++; } } if ($post_data['forum_id']) { $total_posts++; $forum_posts++; } $post_approve_sql[] = $post_id; } if (sizeof($topic_approve_sql)) { $sql = 'UPDATE ' . FORUMS_TOPICS_TABLE . ' SET topic_approved = 1 WHERE topic_id IN (' . implode(', ', $topic_approve_sql) . ')'; $_CLASS['core_db']->query($sql); } if (sizeof($post_approve_sql)) { $sql = 'UPDATE ' . FORUMS_POSTS_TABLE . ' SET post_approved = 1 WHERE post_id IN (' . implode(', ', $post_approve_sql) . ')'; $_CLASS['core_db']->query($sql); } if (sizeof($topic_replies_sql)) { foreach ($topic_replies_sql as $topic_id => $num_replies) { $sql = 'UPDATE ' . FORUMS_TOPICS_TABLE . "\n\t\t\t\t\tSET topic_replies = topic_replies + {$num_replies}\n\t\t\t\t\tWHERE topic_id = {$topic_id}"; $_CLASS['core_db']->query($sql); } } if ($forum_topics || $forum_posts) { $sql = 'UPDATE ' . FORUMS_FORUMS_TABLE . ' SET '; $sql .= $forum_topics ? "forum_topics = forum_topics + {$forum_topics}" : ''; $sql .= $forum_topics && $forum_posts ? ', ' : ''; $sql .= $forum_posts ? "forum_posts = forum_posts + {$forum_posts}" : ''; $sql .= " WHERE forum_id = {$forum_id}"; $_CLASS['core_db']->query($sql); } if ($total_topics) { set_config('num_topics', $config['num_topics'] + $total_topics, true); } if ($total_posts) { set_config('num_posts', $config['num_posts'] + $total_posts, true); } unset($topic_approve_sql, $topic_replies_sql, $post_approve_sql); update_post_information('topic', array_keys($topic_id_list)); update_post_information('forum', $forum_id); unset($topic_id_list); // Notify Poster? if ($notify_poster) { require_once SITE_FILE_ROOT . 'includes/mailer.php'; $mailer = new core_mailer(); foreach ($post_info as $post_id => $post_data) { if ($post_data['poster_id'] == ANONYMOUS) { continue; } $post_data['post_subject'] = censor_text($post_data['post_subject'], true); $post_data['topic_title'] = censor_text($post_data['topic_title'], true); if ($post_data['post_id'] == $post_data['topic_first_post_id'] && $post_data['post_id'] == $post_data['topic_last_post_id']) { $email_template = 'topic_approved.txt'; $subject = 'Topic Approved - ' . $post_data['topic_title']; } else { $email_template = 'post_approved.txt'; $subject = 'Post Approved - ' . $post_data['post_subject']; } $mailer->to($post_data['user_email'], $post_data['username']); //$mailer->reply_to($_CORE_CONFIG['email']['site_email']); $mailer->subject($subject); //$messenger->im($post_data['user_jabber'], $post_data['username']); $_CLASS['core_template']->assign_array(array('SITENAME' => $_CORE_CONFIG['global']['site_name'], 'USERNAME' => $post_data['username'], 'POST_SUBJECT' => $post_data['post_subject'], 'TOPIC_TITLE' => $post_data['topic_title'], 'U_VIEW_TOPIC' => generate_link("forums&file=viewtopic&t={$post_data['topic_id']}&e=0"), 'U_VIEW_POST' => generate_link("forums&file=viewtopic&p={$post_id}&e={$post_id}"))); $mailer->message = trim($_CLASS['core_template']->display('email/forums/' . $email_template, true)); $mailer->send(); } } // Send out normal user notifications foreach ($post_info as $post_id => $post_data) { if ($post_id == $post_data['topic_first_post_id'] && $post_id == $post_data['topic_last_post_id']) { // Forum Notifications user_notification('post', $post_data['topic_title'], $post_data['topic_title'], $post_data['forum_name'], $forum_id, $post_data['topic_id'], $post_id); } else { // Topic Notifications user_notification('reply', $post_data['post_subject'], $post_data['topic_title'], $post_data['forum_name'], $forum_id, $post_data['topic_id'], $post_id); } } unset($post_info); if ($forum_topics) { $success_msg = $forum_topics == 1 ? 'TOPIC_APPROVED_SUCCESS' : 'TOPICS_APPROVED_SUCCESS'; } else { $success_msg = sizeof($post_id_list) == 1 ? 'POST_APPROVED_SUCCESS' : 'POSTS_APPROVED_SUCCESS'; } } $redirect = request_var('redirect', generate_link('forums')); if (!$success_msg) { url_redirect($redirect); } else { $_CLASS['core_display']->meta_refresh(3, $redirect); trigger_error($_CLASS['core_user']->lang[$success_msg] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>') . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_FORUM'], '<a href="' . generate_link('forums&file=viewforum&f=' . $forum_id) . '">', '</a>')); } }