} if ($topic_pid != 0) { $showtopic = $topic_pid; } if (empty($show) and $FF_userprefs['postsperpage'] > 0) { $show = $FF_userprefs['postsperpage']; } elseif (empty($show)) { $show = 20; } $sql = "SELECT a.forum,a.pid,a.locked,a.subject,a.replies,b.forum_cat,b.forum_name,b.is_readonly,b.grp_id,b.rating_post,c.cat_name,c.id "; $sql .= "FROM {$_TABLES['ff_topic']} a "; $sql .= "LEFT JOIN {$_TABLES['ff_forums']} b ON b.forum_id=a.forum "; $sql .= "LEFT JOIN {$_TABLES['ff_categories']} c on c.id=b.forum_cat "; $sql .= "WHERE a.id=" . (int) $showtopic; $viewtopic = DB_fetchArray(DB_query($sql), false); $canPost = _ff_canPost($viewtopic); $replies = $viewtopic['replies']; $numpages = ceil(($replies + 1) / $show); if ($page > $numpages) { $page = $numpages; } if ($_FF_CONF['use_censor']) { $viewtopic['subject'] = COM_checkWords($viewtopic['subject']); } $topicTemplate = new Template($_CONF['path'] . 'plugins/forum/templates/'); $topicTemplate->set_file('topictemplate', 'topic_full.thtml'); if (!$iframe) { $topicTemplate->set_var('full', 1); } else { if ($iframe) { $topicTemplate->set_var('iframe', 1);
$sql = "SELECT topic.*,lp.name AS lpname,lp.id AS lpid FROM {$_TABLES['ff_topic']} topic LEFT JOIN {$_TABLES['ff_topic']} lp ON topic.last_reply_rec=lp.id WHERE topic.forum = " . (int) $forum . " AND topic.pid = 0 AND topic.uid > 1 "; } else { $sql = "SELECT topic.*,lp.name AS lpname,lp.id AS lpid FROM {$_TABLES['ff_topic']} topic LEFT JOIN {$_TABLES['ff_topic']} lp ON topic.last_reply_rec=lp.id WHERE topic.forum=" . (int) $forum . " AND topic.pid = 0 "; } $sql .= "ORDER BY topic.sticky DESC, {$sortOrder}, topic.id DESC LIMIT {$offset}, {$show}"; $topicResults = DB_query($sql); $totalresults = DB_numRows($topicResults); // Retrieve forum details and category name $sql = "SELECT forum.forum_name,forum.forum_id AS forum, category.cat_name,category.id,forum.is_readonly,forum.grp_id,forum.rating_post,forum.rating_view FROM {$_TABLES['ff_forums']} forum "; $sql .= "LEFT JOIN {$_TABLES['ff_categories']} category on category.id=forum.forum_cat "; $sql .= "WHERE forum.forum_id = " . (int) $forum; $category = DB_fetchArray(DB_query($sql)); if ($totalresults < 1 && $skipForum == false) { $errMsg .= '<div class="pluginAlert" style="padding:10px;margin:10px;">' . $LANG_GF02['msg05'] . '</div>'; } $canPost = _ff_canPost($category); $subscribe = ''; $forumsubscribed = ''; if (!COM_isAnonUser() && $skipForum == false) { // Check for user subscription status $sub_check = PLG_isSubscribed('forum', $forum, 0, $uid); if ($sub_check == false) { $subscribelinkimg = '<img src="' . _ff_getImage('forumnotify_on') . '" style="vertical-align:middle;" alt="' . $LANG_GF01['FORUMSUBSCRIBE'] . '" title="' . $LANG_GF01['FORUMSUBSCRIBE'] . '"/>'; $subscribelink = $_CONF['site_url'] . '/forum/index.php?op=subscribe&forum=' . $forum; $subcribelanguage = $LANG_GF01['FORUMSUBSCRIBE']; $sub_option = 'subscribe_forum'; } else { $subscribelinkimg = '<img src="' . _ff_getImage('forumnotify_off') . '" alt="' . $LANG_GF01['FORUMUNSUBSCRIBE'] . '" title="' . $LANG_GF01['FORUMUNSUBSCRIBE'] . '" style="vertical-align:middle;"/>'; $subscribelink = $_CONF['site_url'] . '/forum/notify.php?filter=2'; $subcribelanguage = $LANG_GF01['FORUMUNSUBSCRIBE']; $sub_option = 'unsubscribe_forum';
$forum = isset($_REQUEST['forum']) ? COM_applyFilter($_REQUEST['forum'], true) : 0; $page = isset($_REQUEST['page']) ? COM_applyFilter($_REQUEST['page'], true) : 0; if ((int) $forum == 0 && (int) $id != 0) { $forum = DB_getItem($_TABLES['ff_topic'], 'forum', 'id=' . (int) $id); } $result = DB_query("SELECT forum_id AS forum,forum_cat,is_readonly,grp_id,rating_post FROM {$_TABLES['ff_forums']} WHERE forum_id=" . (int) $forum); if (DB_numRows($result) == 0) { _ff_accessError(); } $forumData = DB_fetchArray($result, false); $forumData['referer'] = $referer; $forumData['page'] = $page; /** * Validate if user can post to this specific forum */ if (!_ff_canPost($forumData)) { _ff_accessError(); } $body = ''; if (COM_isAnonUser()) { $uid = 1; } else { $uid = $_USER['uid']; } // purge any tokens we created for the advanced editor $urlfor = 'advancededitor'; if ($uid == 1) { $urlfor = 'advancededitor' . md5($REMOTE_ADDR); } DB_query("DELETE FROM {$_TABLES['tokens']} WHERE owner_id=" . (int) $uid . " AND urlfor='" . $urlfor . "'", 1); switch ($mode) {