if ($currentUser->isLogged()) { // Valida i campi di input validate_num($_POST['topic_id']); $topic = new Topic($_POST['topic_id']); $message = db_escape(Charset::Utf8ToDB($_POST['message'])); if (!Forum::IsUserFlooding($currentUser)) { if (!$topic['locked']) { // Trova il forum_id $values = DB::FindOne("SELECT argument FROM forum_posts WHERE id = {$_POST['topic_id']}"); $forum_id = $values['argument']; exequery(sprintf("INSERT INTO forum_posts (user_id, root_topic, argument, message, type, post_date, last_post_date, ip) \n VALUES(%d, %d, %d, '%s', %d, %d, %d, '%s')", $currentUser['id'], $_POST['topic_id'], $forum_id, $message, Forum::TYPE_POST, time(), time(), get_ip())); $id = DB::LastId(); $post = new ForumPost($id); Forum::UpdateTopicAfterReply($_POST['topic_id']); Forum::IncPostCountForUser($currentUser); Forum::AddReplyNotifications($post['id']); $response->set("post_html", $post->render("forum/post.html")); $response->setSuccess(true); } else { $response->setError("Il topic e' stato chiuso dal moderatore."); } } else { $response->setError("Attendi almeno " . Forum::FLOOD_SECONDS_LIMIT . " secondi tra un post e l'altro."); } } else { $response->setError("Non sei loggato."); } } else { $response->setError($av->getLastError()); } $response->send();
echo $topic->renderPollForm(); } else { echo $topic->renderPollResults(); } ?> </div> <?php } // end topic->isPoll() ?> <?php while ($values = mysqli_fetch_array($q, MYSQLI_ASSOC)) { $post = new ForumPost($values); echo $post->render("forum/post.html"); } ?> </div> <!-- /forum-thread --> <div style="text-align: right;"> <input type="button" value="Rispondi" id="btn-forum-reply" /> </div> <div class="center"> <?php $formBuilder = new FormBuilder("frm-forum-reply", "/restful/forum/reply.php"); $fields = array(); $fields[] = array("id" => "message", "type" => "textarea", "validation" => "required,Devi scrivere un messaggio"); $formBuilder->addValue("topic_id", $topic["id"]);