/** * Insert a post into the database. * * @return array Array of new post details, pid and visibility. */ function insert_post() { global $db, $mybb, $plugins, $cache, $lang; $post =& $this->data; // Yes, validating is required. if (!$this->get_validated()) { die("The post needs to be validated before inserting it into the DB."); } if (count($this->get_errors()) > 0) { die("The post is not valid."); } // Fetch the thread $thread = get_thread($post['tid']); $closed = $thread['closed']; // This post is being saved as a draft. if ($post['savedraft']) { $visible = -2; } else { // Automatic subscription to the thread if ($post['options']['subscriptionmethod'] != "" && $post['uid'] > 0) { switch ($post['options']['subscriptionmethod']) { case "pm": $notification = 2; break; case "email": $notification = 1; break; default: $notification = 0; } require_once MYBB_ROOT . "inc/functions_user.php"; add_subscribed_thread($post['tid'], $notification, $post['uid']); } // Perform any selected moderation tools. $ismod = is_moderator($post['fid'], "", $post['uid']); if ($ismod) { $lang->load($this->language_file, true); $modoptions = $post['modoptions']; $modlogdata['fid'] = $thread['fid']; $modlogdata['tid'] = $thread['tid']; if (!isset($modoptions['closethread'])) { $modoptions['closethread'] = $closed; } $modoptions_update = array(); // Close the thread. if ($modoptions['closethread'] == 1 && $thread['closed'] != 1) { $modoptions_update['closed'] = $closed = 0; log_moderator_action($modlogdata, $lang->thread_closed); } // Open the thread. if ($modoptions['closethread'] != 1 && $thread['closed'] == 1) { $modoptions_update['closed'] = $closed = 1; log_moderator_action($modlogdata, $lang->thread_opened); } if (!isset($modoptions['stickthread'])) { $modoptions['stickthread'] = $thread['sticky']; } // Stick the thread. if ($modoptions['stickthread'] == 1 && $thread['sticky'] != 1) { $modoptions_update['sticky'] = 1; log_moderator_action($modlogdata, $lang->thread_stuck); } // Unstick the thread. if ($modoptions['stickthread'] != 1 && $thread['sticky']) { $modoptions_update['sticky'] = 0; log_moderator_action($modlogdata, $lang->thread_unstuck); } // Execute moderation options. if ($modoptions_update) { $db->update_query('threads', $modoptions_update, "tid='{$thread['tid']}'"); } } // Fetch the forum this post is being made in $forum = get_forum($post['fid']); // Decide on the visibility of this post. $forumpermissions = forum_permissions($post['fid'], $post['uid']); if ($forumpermissions['modposts'] == 1 && !$ismod) { $visible = 0; } else { $visible = 1; } // Are posts from this user being moderated? Change visibility if ($mybb->user['uid'] == $post['uid'] && $mybb->user['moderateposts'] == 1) { $visible = 0; } } if (!isset($post['pid'])) { $post['pid'] = 0; } $post['pid'] = (int) $post['pid']; $post['uid'] = (int) $post['uid']; if ($post['pid'] > 0) { $query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'"); $draft_check = $db->fetch_field($query, "tid"); } else { $draft_check = false; } if ($this->method != "update" && $visible == 1) { $double_post = $this->verify_post_merge(); // Only combine if they are both invisible (mod queue'd forum) or both visible if ($double_post !== true && $double_post['visible'] == $visible) { $this->pid = $double_post['pid']; $post['message'] = $double_post['message'] .= "\n" . $mybb->settings['postmergesep'] . "\n" . $post['message']; $update_query = array("message" => $db->escape_string($double_post['message'])); $update_query['edituid'] = (int) $post['uid']; $update_query['edittime'] = TIME_NOW; $query = $db->update_query("posts", $update_query, "pid='" . $double_post['pid'] . "'"); if ($draft_check) { $db->delete_query("posts", "pid='" . $post['pid'] . "'"); } if ($post['posthash']) { // Assign any uploaded attachments with the specific posthash to the merged post. $post['posthash'] = $db->escape_string($post['posthash']); $query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='0' AND visible='1' AND posthash='{$post['posthash']}'"); $attachmentcount = $db->fetch_field($query, "attachmentcount"); if ($attachmentcount > 0) { // Update forum count update_thread_counters($post['tid'], array('attachmentcount' => "+{$attachmentcount}")); } $attachmentassign = array("pid" => $double_post['pid'], "posthash" => ''); $db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}' AND pid='0'"); } // Return the post's pid and whether or not it is visible. $this->return_values = array("pid" => $double_post['pid'], "visible" => $visible, "merge" => true); $plugins->run_hooks("datahandler_post_insert_merge", $this); return $this->return_values; } } if ($visible == 1 && $thread['visible'] == 1) { $now = TIME_NOW; // Yes, the value to the lastpost key in this array has single quotes within double quotes. It's not a bug. $update_array = array('lastpost' => "'{$now}'"); if ($forum['usepostcounts'] != 0) { $update_array['postnum'] = 'postnum+1'; } $db->update_query("users", $update_array, "uid='{$post['uid']}'", 1, true); } // Are we updating a post which is already a draft? Perhaps changing it into a visible post? if ($draft_check) { // Update a post that is a draft $this->post_update_data = array("subject" => $db->escape_string($post['subject']), "icon" => (int) $post['icon'], "uid" => $post['uid'], "username" => $db->escape_string($post['username']), "dateline" => (int) $post['dateline'], "message" => $db->escape_string($post['message']), "ipaddress" => $db->escape_binary($post['ipaddress']), "includesig" => $post['options']['signature'], "smilieoff" => $post['options']['disablesmilies'], "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_post", $this); $db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'"); $this->pid = $post['pid']; } else { // Insert the post. $this->post_insert_data = array("tid" => (int) $post['tid'], "replyto" => (int) $post['replyto'], "fid" => (int) $post['fid'], "subject" => $db->escape_string($post['subject']), "icon" => (int) $post['icon'], "uid" => $post['uid'], "username" => $db->escape_string($post['username']), "dateline" => $post['dateline'], "message" => $db->escape_string($post['message']), "ipaddress" => $db->escape_binary($post['ipaddress']), "includesig" => $post['options']['signature'], "smilieoff" => $post['options']['disablesmilies'], "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_post", $this); $this->pid = $db->insert_query("posts", $this->post_insert_data); } // Assign any uploaded attachments with the specific posthash to the newly created post. if ($post['posthash']) { $post['posthash'] = $db->escape_string($post['posthash']); $attachmentassign = array("pid" => $this->pid, "posthash" => ''); $db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}' AND pid='0'"); } $thread_update = array(); if ($visible == 1 && $thread['visible'] == 1) { $thread = get_thread($post['tid']); require_once MYBB_ROOT . 'inc/class_parser.php'; $parser = new Postparser(); $done_users = array(); $subject = $parser->parse_badwords($thread['subject']); $parser_options = array('me_username' => $post['username'], 'filter_badwords' => 1); $excerpt = $parser->text_parse_message($post['message'], $parser_options); $excerpt = my_substr($excerpt, 0, $mybb->settings['subscribeexcerpt']) . $lang->emailbit_viewthread; // Fetch any users subscribed to this thread receiving instant notification and queue up their subscription notices $query = $db->query("\n\t\t\t\tSELECT u.username, u.email, u.uid, u.language, u.loginkey, u.salt, u.regdate, s.subscriptionkey, s.notification\n\t\t\t\tFROM " . TABLE_PREFIX . "threadsubscriptions s\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=s.uid)\n\t\t\t\tWHERE (s.notification='1' OR s.notification='2') AND s.tid='{$post['tid']}'\n\t\t\t\tAND s.uid != '{$post['uid']}'\n\t\t\t\tAND u.lastactive>'{$thread['lastpost']}'\n\t\t\t"); $args = array('this' => &$this, 'done_users' => &$done_users, 'users' => array()); while ($subscribedmember = $db->fetch_array($query)) { if ($done_users[$subscribedmember['uid']]) { continue; } $args['users'][$subscribedmember['uid']] = (int) $subscribedmember['uid']; $done_users[$subscribedmember['uid']] = 1; $forumpermissions = forum_permissions($thread['fid'], $subscribedmember['uid']); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { continue; } if ($thread['uid'] != $subscribedmember['uid'] && $forumpermissions['canonlyviewownthread'] == 1 && !is_moderator($thread['fid'], "", $subscribedmember['uid'])) { // User isn't a moderator or the author of the thread... continue; } if ($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language'])) { $uselang = $subscribedmember['language']; } elseif ($mybb->settings['orig_bblanguage']) { $uselang = $mybb->settings['orig_bblanguage']; } else { $uselang = "english"; } if ($uselang == $mybb->settings['bblanguage']) { if ($subscribedmember['notification'] == 1) { $emailsubject = $lang->emailsubject_subscription; $emailmessage = $lang->email_subscription; } } else { if ($subscribedmember['notification'] == 1) { if (!isset($langcache[$uselang]['emailsubject_subscription'])) { $userlang = new MyLanguage(); $userlang->set_path(MYBB_ROOT . "inc/languages"); $userlang->set_language($uselang); $userlang->load("messages"); $langcache[$uselang]['emailsubject_subscription'] = $userlang->emailsubject_subscription; $langcache[$uselang]['email_subscription'] = $userlang->email_subscription; unset($userlang); } $emailsubject = $langcache[$uselang]['emailsubject_subscription']; $emailmessage = $langcache[$uselang]['email_subscription']; } } if ($subscribedmember['notification'] == 1) { $emailsubject = $lang->sprintf($emailsubject, $subject); $post_code = md5($subscribedmember['loginkey'] . $subscribedmember['salt'] . $subscribedmember['regdate']); $emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $post['username'], $mybb->settings['bbname'], $subject, $excerpt, $mybb->settings['bburl'], str_replace("&", "&", get_thread_link($thread['tid'], 0, "newpost")), $thread['tid'], $subscribedmember['subscriptionkey'], $post_code); $new_email = array("mailto" => $db->escape_string($subscribedmember['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject), "message" => $db->escape_string($emailmessage), "headers" => ''); $db->insert_query("mailqueue", $new_email); unset($userlang); $queued_email = 1; } elseif ($subscribedmember['notification'] == 2) { $post_code = md5($subscribedmember['loginkey'] . $subscribedmember['salt'] . $subscribedmember['regdate']); $pm = array('subject' => array('pmsubject_subscription', $subject), 'message' => array('pm_subscription', $subscribedmember['username'], $post['username'], $subject, $excerpt, $mybb->settings['bburl'], str_replace("&", "&", get_thread_link($thread['tid'], 0, "newpost")), $thread['tid'], $subscribedmember['subscriptionkey'], $post_code), 'touid' => $subscribedmember['uid'], 'language' => $subscribedmember['language'], 'language_file' => 'messages'); send_pm($pm, -1, true); } } $plugins->run_hooks('datahandler_post_insert_subscribed', $args); // Have one or more emails been queued? Update the queue count if (isset($queued_email) && $queued_email == 1) { $cache->update_mailqueue(); } $thread_update = array('replies' => '+1'); // Update forum count update_last_post($post['tid']); update_forum_counters($post['fid'], array("posts" => "+1")); update_forum_lastpost($thread['fid']); } else { if ($visible == 0) { // Update the unapproved posts count for the current thread and current forum $thread_update = array('unapprovedposts' => '+1'); update_thread_counters($post['tid'], array("unapprovedposts" => "+1")); update_forum_counters($post['fid'], array("unapprovedposts" => "+1")); } else { if ($thread['visible'] == 0) { // Update the unapproved posts count for the current forum $thread_update = array('replies' => '+1'); update_forum_counters($post['fid'], array("unapprovedposts" => "+1")); } else { if ($thread['visible'] == -1) { // Update the unapproved posts count for the current forum $thread_update = array('replies' => '+1'); update_forum_counters($post['fid'], array("deletedposts" => "+1")); } } } } $query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='{$this->pid}' AND visible='1'"); $attachmentcount = $db->fetch_field($query, "attachmentcount"); if ($attachmentcount > 0) { $thread_update['attachmentcount'] = "+{$attachmentcount}"; } update_thread_counters($post['tid'], $thread_update); // Return the post's pid and whether or not it is visible. $this->return_values = array("pid" => $this->pid, "visible" => $visible, "closed" => $closed); $plugins->run_hooks("datahandler_post_insert_post_end", $this); return $this->return_values; }