"><?php
echo $ForumName;
?>
</a> >
<?php
echo $ThreadTitle;
?>
</div>
<div class="linkbox">
<?php
echo $Pages;
?>
</div>
<?php
if (!$ThreadInfo['IsLocked'] || check_perms('site_moderate_forums')) {
if (Forums::check_forumperm($ForumID, 'Write') && !$LoggedUser['DisablePosting']) {
View::parse('generic/reply/quickreply.php', array('InputTitle' => 'Post reply', 'InputName' => 'thread', 'InputID' => $ThreadID, 'ForumID' => $ForumID, 'TextareaCols' => 90));
}
}
if (check_perms('site_moderate_forums')) {
G::$DB->query("\n\t\t\tSELECT ID, AuthorID, AddedTime, Body\n\t\t\tFROM forums_topic_notes\n\t\t\tWHERE TopicID = {$ThreadID}\n\t\t\tORDER BY ID ASC");
$Notes = G::$DB->to_array();
?>
<br />
<h3 id="thread_notes">Thread notes</h3> <a href="#" onclick="$('#thread_notes_table').gtoggle(); return false;" class="brackets">Toggle</a>
<form action="forums.php" method="post">
<input type="hidden" name="action" value="take_topic_notes" />
<input type="hidden" name="auth" value="<?php
echo $LoggedUser['AuthKey'];
?>
" />
}
$ForumName = display_str($Forums[$ForumID]['Name']);
if (!Forums::check_forumperm($ForumID)) {
error(403);
}
// Start printing
View::show_header('Forums > ' . $Forums[$ForumID]['Name'], '', $IsDonorForum ? 'donor' : '');
?>
<div class="thin">
<h2><a href="forums.php">Forums</a> > <?php
echo $ForumName;
?>
</h2>
<div class="linkbox">
<?php
if (Forums::check_forumperm($ForumID, 'Write') && Forums::check_forumperm($ForumID, 'Create')) {
?>
<a href="forums.php?action=new&forumid=<?php
echo $ForumID;
?>
" class="brackets">New thread</a>
<?php
}
?>
<a href="#" onclick="$('#searchforum').gtoggle(); this.innerHTML = (this.innerHTML == 'Search this forum' ? 'Hide search' : 'Search this forum'); return false;" class="brackets">Search this forum</a>
<div id="searchforum" class="hidden center">
<div style="display: inline-block;">
<h3>Search this forum:</h3>
<form class="search_form" name="forum" action="forums.php" method="get">
<table cellpadding="6" cellspacing="1" border="0" class="layout border">
<tr>
if (isset($_GET['pp'])) {
$PerPage = $_GET['pp'];
} elseif (isset($LoggedUser['PostsPerPage'])) {
$PerPage = $LoggedUser['PostsPerPage'];
} else {
$PerPage = POSTS_PER_PAGE;
}
//---------- Get some data to start processing
// Thread information, constant across all pages
$ThreadInfo = Forums::get_thread_info($ThreadID, true, true);
if ($ThreadInfo === null) {
json_die('failure', 'no such thread exists');
}
$ForumID = $ThreadInfo['ForumID'];
// Make sure they're allowed to look at the page
if (!Forums::check_forumperm($ForumID)) {
print json_encode(array('status' => 'failure'));
die;
}
//Post links utilize the catalogue & key params to prevent issues with custom posts per page
if ($ThreadInfo['Posts'] > $PerPage) {
if (isset($_GET['post']) && is_number($_GET['post'])) {
$PostNum = $_GET['post'];
} elseif (isset($_GET['postid']) && is_number($_GET['postid'])) {
$DB->query("\n\t\t\tSELECT COUNT(ID)\n\t\t\tFROM forums_posts\n\t\t\tWHERE TopicID = {$ThreadID}\n\t\t\t\tAND ID <= {$_GET['postid']}");
list($PostNum) = $DB->next_record();
} else {
$PostNum = 1;
}
} else {
$PostNum = 1;
}
$Body = $_POST['body'];
if (!empty($LoggedUser['DisablePosting'])) {
error('Your posting privileges have been removed.');
}
$TopicID = $_POST['thread'];
$ThreadInfo = Forums::get_thread_info($TopicID);
if ($ThreadInfo === null) {
error(404);
}
$ForumID = $ThreadInfo['ForumID'];
$SQLTime = sqltime();
if (!Forums::check_forumperm($ForumID)) {
error(403);
}
if (!Forums::check_forumperm($ForumID, 'Write') || $LoggedUser['DisablePosting'] || $ThreadInfo['IsLocked'] == '1' && !check_perms('site_moderate_forums')) {
error(403);
}
if (isset($_POST['subscribe']) && Subscriptions::has_subscribed($TopicID) === false) {
Subscriptions::subscribe($TopicID);
}
//Now lets handle the special case of merging posts, we can skip bumping the thread and all that fun
if ($ThreadInfo['LastPostAuthorID'] == $LoggedUser['ID'] && (!check_perms('site_forums_double_post') && !in_array($ForumID, $ForumsDoublePost) || isset($_POST['merge']))) {
//Get the id for this post in the database to append
$DB->query("\n\t\tSELECT ID, Body\n\t\tFROM forums_posts\n\t\tWHERE TopicID = '{$TopicID}'\n\t\t\tAND AuthorID = '" . $LoggedUser['ID'] . "'\n\t\tORDER BY ID DESC\n\t\tLIMIT 1");
list($PostID, $OldBody) = $DB->next_record(MYSQLI_NUM, false);
//Edit the post
$DB->query("\n\t\tUPDATE forums_posts\n\t\tSET\n\t\t\tBody = CONCAT(Body,'\n\n" . db_string($Body) . "'),\n\t\t\tEditedUserID = '" . $LoggedUser['ID'] . "',\n\t\t\tEditedTime = '{$SQLTime}'\n\t\tWHERE ID = '{$PostID}'");
//Store edit history
$DB->query("\n\t\tINSERT INTO comments_edits\n\t\t\t(Page, PostID, EditUser, EditTime, Body)\n\t\tVALUES\n\t\t\t('forums', {$PostID}, " . $LoggedUser['ID'] . ", '{$SQLTime}', '" . db_string($OldBody) . "')");
$Cache->delete_value("forums_edits_{$PostID}");
/*
New post page
This is the page that's loaded if someone wants to make a new topic.
Information to be expected in $_GET:
forumid: The ID of the forum that it's being posted in
*/
$ForumID = $_GET['forumid'];
if (!is_number($ForumID)) {
error(404);
}
$Forum = Forums::get_forum_info($ForumID);
if ($Forum === false) {
error(404);
}
if (!Forums::check_forumperm($ForumID, 'Write') || !Forums::check_forumperm($ForumID, 'Create')) {
error(403);
}
View::show_header('Forums > ' . $Forum['Name'] . ' > New Topic', 'comments,bbcode,jquery.validate,form_validate');
?>
<div class="thin">
<h2><a href="forums.php">Forums</a> > <a href="forums.php?action=viewforum&forumid=<?php
echo $ForumID;
?>
"><?php
echo $Forum['Name'];
?>
</a> > <span id="newthreadtitle">New Topic</span></h2>
<div class="hidden" id="newthreadpreview">
<div class="linkbox">
<div class="center">
</td>
</tr>
<tr>
<td><strong>Forums:</strong></td>
<td>
<table id="forum_search_cat_list" class="cat_list layout">
<?php
// List of forums
$Open = false;
$LastCategoryID = -1;
$Columns = 0;
$i = 0;
foreach ($Forums as $Forum) {
if (!Forums::check_forumperm($Forum['ID'])) {
continue;
}
$Columns++;
if ($Forum['CategoryID'] != $LastCategoryID) {
$LastCategoryID = $Forum['CategoryID'];
if ($Open) {
if ($Columns % 5) {
?>
<td colspan="<?php
echo 5 - $Columns % 5;
?>
"></td>
<?php
}
?>
error('Your posting privileges have been removed.');
}
// Variables for database input
$UserID = $LoggedUser['ID'];
$Body = $_POST['body'];
//Don't URL Decode
$PostID = $_POST['post'];
$Key = $_POST['key'];
$SQLTime = sqltime();
$DoPM = isset($_POST['pm']) ? $_POST['pm'] : 0;
// Mainly
$DB->query("\n\tSELECT\n\t\tp.Body,\n\t\tp.AuthorID,\n\t\tp.TopicID,\n\t\tt.IsLocked,\n\t\tt.ForumID,\n\t\tf.MinClassWrite,\n\t\tCEIL((\n\t\t\tSELECT COUNT(p2.ID)\n\t\t\tFROM forums_posts AS p2\n\t\t\tWHERE p2.TopicID = p.TopicID\n\t\t\t\tAND p2.ID <= '{$PostID}'\n\t\t\t) / " . POSTS_PER_PAGE . "\n\t\t) AS Page\n\tFROM forums_posts AS p\n\t\tJOIN forums_topics AS t ON p.TopicID = t.ID\n\t\tJOIN forums AS f ON t.ForumID = f.ID\n\tWHERE p.ID = '{$PostID}'");
list($OldBody, $AuthorID, $TopicID, $IsLocked, $ForumID, $MinClassWrite, $Page) = $DB->next_record();
// Make sure they aren't trying to edit posts they shouldn't
// We use die() here instead of error() because whatever we spit out is displayed to the user in the box where his forum post is
if (!Forums::check_forumperm($ForumID, 'Write') || $IsLocked && !check_perms('site_moderate_forums')) {
error('Either the thread is locked, or you lack the permission to edit this post.', true);
}
if ($UserID != $AuthorID && !check_perms('site_moderate_forums')) {
error(403, true);
}
if ($LoggedUser['DisablePosting']) {
error('Your posting privileges have been removed.', true);
}
if (!$DB->has_results()) {
error(404, true);
}
// Send a PM to the user to notify them of the edit
if ($UserID != $AuthorID && $DoPM) {
$PMSubject = "Your post #{$PostID} has been edited";
$PMurl = site_url() . "forums.php?action=viewthread&postid={$PostID}#post{$PostID}";
