}
if ($topic_pid != 0) {
$showtopic = $topic_pid;
}
if (empty($show) and $FF_userprefs['postsperpage'] > 0) {
$show = $FF_userprefs['postsperpage'];
} elseif (empty($show)) {
$show = 20;
}
$sql = "SELECT a.forum,a.pid,a.locked,a.subject,a.replies,b.forum_cat,b.forum_name,b.is_readonly,b.grp_id,b.rating_post,c.cat_name,c.id ";
$sql .= "FROM {$_TABLES['ff_topic']} a ";
$sql .= "LEFT JOIN {$_TABLES['ff_forums']} b ON b.forum_id=a.forum ";
$sql .= "LEFT JOIN {$_TABLES['ff_categories']} c on c.id=b.forum_cat ";
$sql .= "WHERE a.id=" . (int) $showtopic;
$viewtopic = DB_fetchArray(DB_query($sql), false);
$canPost = _ff_canPost($viewtopic);
$replies = $viewtopic['replies'];
$numpages = ceil(($replies + 1) / $show);
if ($page > $numpages) {
$page = $numpages;
}
if ($_FF_CONF['use_censor']) {
$viewtopic['subject'] = COM_checkWords($viewtopic['subject']);
}
$topicTemplate = new Template($_CONF['path'] . 'plugins/forum/templates/');
$topicTemplate->set_file('topictemplate', 'topic_full.thtml');
if (!$iframe) {
$topicTemplate->set_var('full', 1);
} else {
if ($iframe) {
$topicTemplate->set_var('iframe', 1);
$sql = "SELECT topic.*,lp.name AS lpname,lp.id AS lpid FROM {$_TABLES['ff_topic']} topic LEFT JOIN {$_TABLES['ff_topic']} lp ON topic.last_reply_rec=lp.id WHERE topic.forum = " . (int) $forum . " AND topic.pid = 0 AND topic.uid > 1 ";
} else {
$sql = "SELECT topic.*,lp.name AS lpname,lp.id AS lpid FROM {$_TABLES['ff_topic']} topic LEFT JOIN {$_TABLES['ff_topic']} lp ON topic.last_reply_rec=lp.id WHERE topic.forum=" . (int) $forum . " AND topic.pid = 0 ";
}
$sql .= "ORDER BY topic.sticky DESC, {$sortOrder}, topic.id DESC LIMIT {$offset}, {$show}";
$topicResults = DB_query($sql);
$totalresults = DB_numRows($topicResults);
// Retrieve forum details and category name
$sql = "SELECT forum.forum_name,forum.forum_id AS forum, category.cat_name,category.id,forum.is_readonly,forum.grp_id,forum.rating_post,forum.rating_view FROM {$_TABLES['ff_forums']} forum ";
$sql .= "LEFT JOIN {$_TABLES['ff_categories']} category on category.id=forum.forum_cat ";
$sql .= "WHERE forum.forum_id = " . (int) $forum;
$category = DB_fetchArray(DB_query($sql));
if ($totalresults < 1 && $skipForum == false) {
$errMsg .= '<div class="pluginAlert" style="padding:10px;margin:10px;">' . $LANG_GF02['msg05'] . '</div>';
}
$canPost = _ff_canPost($category);
$subscribe = '';
$forumsubscribed = '';
if (!COM_isAnonUser() && $skipForum == false) {
// Check for user subscription status
$sub_check = PLG_isSubscribed('forum', $forum, 0, $uid);
if ($sub_check == false) {
$subscribelinkimg = '<img src="' . _ff_getImage('forumnotify_on') . '" style="vertical-align:middle;" alt="' . $LANG_GF01['FORUMSUBSCRIBE'] . '" title="' . $LANG_GF01['FORUMSUBSCRIBE'] . '"/>';
$subscribelink = $_CONF['site_url'] . '/forum/index.php?op=subscribe&forum=' . $forum;
$subcribelanguage = $LANG_GF01['FORUMSUBSCRIBE'];
$sub_option = 'subscribe_forum';
} else {
$subscribelinkimg = '<img src="' . _ff_getImage('forumnotify_off') . '" alt="' . $LANG_GF01['FORUMUNSUBSCRIBE'] . '" title="' . $LANG_GF01['FORUMUNSUBSCRIBE'] . '" style="vertical-align:middle;"/>';
$subscribelink = $_CONF['site_url'] . '/forum/notify.php?filter=2';
$subcribelanguage = $LANG_GF01['FORUMUNSUBSCRIBE'];
$sub_option = 'unsubscribe_forum';
$forum = isset($_REQUEST['forum']) ? COM_applyFilter($_REQUEST['forum'], true) : 0;
$page = isset($_REQUEST['page']) ? COM_applyFilter($_REQUEST['page'], true) : 0;
if ((int) $forum == 0 && (int) $id != 0) {
$forum = DB_getItem($_TABLES['ff_topic'], 'forum', 'id=' . (int) $id);
}
$result = DB_query("SELECT forum_id AS forum,forum_cat,is_readonly,grp_id,rating_post FROM {$_TABLES['ff_forums']} WHERE forum_id=" . (int) $forum);
if (DB_numRows($result) == 0) {
_ff_accessError();
}
$forumData = DB_fetchArray($result, false);
$forumData['referer'] = $referer;
$forumData['page'] = $page;
/**
* Validate if user can post to this specific forum
*/
if (!_ff_canPost($forumData)) {
_ff_accessError();
}
$body = '';
if (COM_isAnonUser()) {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
// purge any tokens we created for the advanced editor
$urlfor = 'advancededitor';
if ($uid == 1) {
$urlfor = 'advancededitor' . md5($REMOTE_ADDR);
}
DB_query("DELETE FROM {$_TABLES['tokens']} WHERE owner_id=" . (int) $uid . " AND urlfor='" . $urlfor . "'", 1);
switch ($mode) {
