$errors = array_merge($errors, $pmdm->errors);
if (!empty($errors)) {
define('PMPREVIEW', 1);
$preview = construct_errors($errors);
// this will take the preview's place
$_REQUEST['do'] = 'newpm';
} else {
if ($vbulletin->GPC['preview'] != '') {
define('PMPREVIEW', 1);
$foruminfo = array('forumid' => 'privatemessage', 'allowicons' => $vbulletin->options['privallowicons']);
$preview = process_post_preview($pm);
$_REQUEST['do'] = 'newpm';
} else {
// everything's good!
$pmdm->save();
clear_autosave_text('vBForum_PrivateMessage', 0, $pm['pmid'], $vbulletin->userinfo['userid']);
// force pm counters to be rebuilt
$vbulletin->userinfo['pmunread'] = -1;
build_pm_counters();
($hook = vBulletinHook::fetch_hook('private_insertpm_complete')) ? eval($hook) : false;
$vbulletin->url = 'private.php' . $vbulletin->session->vars['sessionurl_q'];
print_standard_redirect('pm_messagesent');
}
}
}
// ############################### start new pm ###############################
// form for creating a new private message
if ($_REQUEST['do'] == 'newpm') {
if ($permissions['pmquota'] < 1) {
print_no_permission();
} else {
}
}
}
($hook = vBulletinHook::fetch_hook('calendar_update_complete')) ? eval($hook) : false;
if ($visible) {
$vbulletin->url = 'calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&e={$eventid}&day=" . $eventdata->info['occurdate'];
print_standard_redirect('redirect_calendaraddevent');
} else {
$vbulletin->url = 'calendar.php?' . $vbulletin->session->vars['sessionurl'] . "c={$calendarinfo['calendarid']}";
print_standard_redirect('redirect_calendarmoderated', true, true);
}
} else {
// Update event
$eventdata->set_existing($eventinfo);
$eventdata->save();
clear_autosave_text('vBForum_Calendar', $eventinfo['eventid'], 0, $vbulletin->userinfo['userid']);
($hook = vBulletinHook::fetch_hook('calendar_update_complete')) ? eval($hook) : false;
$vbulletin->url = 'calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&e={$eventinfo['eventid']}&day=" . $eventdata->info['occurdate'];
print_standard_redirect('redirect_calendarupdateevent');
}
}
// ############################################################################
// ######################## DELETE EVENT REMINDER #############################
// ############################################################################
if ($_REQUEST['do'] == 'deletereminder') {
if (!$vbulletin->userinfo['userid']) {
print_no_permission();
}
if (!$eventinfo['eventid']) {
eval(standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink'])));
}
$preview = construct_errors($dataman->errors);
$_GET['do'] = 'message';
}
} else {
if ($vbulletin->GPC['preview'] or $vbulletin->GPC['advanced']) {
define('MESSAGEPREVIEW', true);
if ($vbulletin->GPC['preview']) {
$preview = process_picture_comment_preview($message);
}
$_GET['do'] = 'message';
} else {
$commentid = $dataman->save();
if ($commentinfo) {
clear_autosave_text('vBForum_PictureComment', $commentinfo['commentid'], 0, $vbulletin->userinfo['userid']);
} else {
clear_autosave_text('vBForum_PictureComment', 0, $pictureinfo['attachmentid'], $vbulletin->userinfo['userid']);
}
if ($commentinfo and $comentinfo['postuserid'] != $vbulletin->userinfo['userid'] and can_moderate(0, 'caneditpicturecomments')) {
require_once DIR . '/includes/functions_log_error.php';
log_moderator_action($pictureinfo, 'pc_by_x_on_y_edited', array($commentinfo['postusername'], fetch_trimmed_title($pictureinfo['caption'], 50)));
}
if ($vbulletin->GPC['ajax']) {
require_once DIR . '/includes/class_xml.php';
$xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
$xml->add_group('commentbits');
$state = array('visible');
$state_or = array();
if (fetch_user_picture_message_perm('canmoderatemessages', $pictureinfo)) {
$state[] = 'moderation';
} else {
if ($vbulletin->userinfo['userid']) {
/**
* Creates a new post
*
* @param string 'thread' for the first post in a new thread, 'reply' otherwise
* @param array Forum Information
* @param array Thread Information
* @param array Post Information for the "Parent" post
* @param array Post Information for the post being created
* @param array (return) Array of errors
*
*/
function build_new_post($type = 'thread', $foruminfo, $threadinfo, $postinfo, &$post, &$errors)
{
//NOTE: permissions are not checked in this function
// $post is passed by reference, so that any changes (wordwrap, censor, etc) here are reflected on the copy outside the function
// $post[] includes:
// title, iconid, message, parseurl, email, signature, preview, disablesmilies, rating
// $errors will become any error messages that come from the checks before preview kicks in
global $vbulletin, $vbphrase, $forumperms;
// ### PREPARE OPTIONS AND CHECK VALID INPUT ###
$post['disablesmilies'] = intval($post['disablesmilies']);
$post['enablesmilies'] = $post['disablesmilies'] ? 0 : 1;
$post['folderid'] = intval($post['folderid']);
$post['emailupdate'] = intval($post['emailupdate']);
$post['rating'] = intval($post['rating']);
$post['podcastsize'] = intval($post['podcastsize']);
// Make sure the posthash is valid
if (md5($post['poststarttime'] . $vbulletin->userinfo['userid'] . $vbulletin->userinfo['salt']) != $post['posthash']) {
$post['posthash'] = 'invalid posthash';
// don't phrase me
}
// OTHER SANITY CHECKS
$threadinfo['threadid'] = intval($threadinfo['threadid']);
// Doublepost //
$dp_flag = false;
// create data manager
if ($type == 'thread') {
$dataman =& datamanager_init('Thread_FirstPost', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
$dataman->set('prefixid', $post['prefixid']);
} else {
$dataman =& datamanager_init('Post', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
$dupehash = md5($foruminfo['forumid'] . $post['title'] . $post['message'] . $vbulletin->userinfo['userid'] . $type);
// Doublepost Check //
if ($vbulletin->options['dp_timespan'] and VB_API !== true and $cutoff = TIMENOW - $vbulletin->options['dp_timespan'] * 60 and $threadinfo['lastpost'] > $cutoff and !$post['preview'] and $threadinfo['lastposter'] == $vbulletin->userinfo['username'] and !($foruminfo['options'] & $vbulletin->bf_misc_forumoptions['bypassdp']) and !($vbulletin->userinfo['permissions']['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['bypassdoublepost']) and $doublepost = $vbulletin->db->query_first("\n\t\t\t\tSELECT post.*, posthash.userid AS dupe_userid\n\t\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "posthash AS posthash ON (\n\t\t\t\t\tposthash.threadid = {$threadinfo['threadid']}\n\t\t\t\t\t\tAND\n\t\t\t\t\tposthash.dupehash = '" . $vbulletin->db->escape_string($dupehash) . "'\n\t\t\t\t\t\tAND\n\t\t\t\t\tposthash.userid = {$vbulletin->userinfo['userid']}\n\t\t\t\t\t\tAND\n\t\t\t\t\tposthash.dateline > " . (TIMENOW - 300) . "\n\t\t\t\t)\n\t\t\t\tWHERE\n\t\t\t\t\tpost.visible = 1\n\t\t\t\t\t\tAND\n\t\t\t\t\tpost.postid = " . $threadinfo['lastpostid'] . "\n\t\t\t\t\t\tAND\n\t\t\t\t\tpost.threadid = " . $threadinfo['threadid'] . "\n\t\t\t\tLIMIT 1\t") and $attach = $vbulletin->db->query_first("\n\t\t\t\tSELECT count(attachmentid) AS attach\n\t\t\t\tFROM " . TABLE_PREFIX . "attachment\n\t\t\t\tWHERE state = 'visible'\n\t\t\t\tAND posthash = '" . $post['posthash'] . "'") and ($vbulletin->options['attachlimit'] == 0 or $attach['attach'] + $doublepost['attach'] <= $vbulletin->options['attachlimit'])) {
$cstate = $vbulletin->options['dp_color'] ? 1 : 0;
$minchar = intval($vbulletin->options['postminchars']) <= 0 ? 1 : intval($vbulletin->options['postminchars']);
if (vbstrlen(strip_bbcode($post['message'], $vbulletin->options['ignorequotechars'])) < $minchar) {
require_once DIR . '/includes/functions_misc.php';
$errors[] = construct_phrase(fetch_phrase('tooshort', 'error'), $minchar);
return false;
}
if ($doublepost['dupe_userid']) {
require_once DIR . '/includes/functions_misc.php';
$errors[] = fetch_phrase('duplicate_post', 'error');
return false;
}
switch ($vbulletin->options['dp_spacer']) {
case 1:
// None
$cstate = 2;
break;
case 2:
// Custom
$spacer = $vbulletin->options['dp_text'];
break;
default:
$spacer = $vbphrase['dp_spacer_default'];
break;
}
switch ($cstate) {
case 1:
// Coloured spacer
$spacer = "\n\n" . '[COLOR="' . $vbulletin->options['dp_color'] . '"]' . $spacer . '[/COLOR]' . "\n\n";
break;
case 2:
// No spacer.
$spacer = "\n\n";
break;
default:
$spacer = "\n\n" . $spacer . "\n\n";
break;
}
$dp_flag = true;
$id = $doublepost['postid'];
// Need to set valid values for later //
$doublepost['signature'] = $doublepost['showsignature'];
$doublepost['disablesmilies'] = intval($doublepost['disablesmilies']);
$doublepost['enablesmilies'] = $doublepost['disablesmilies'] ? 0 : 1;
$doublepost['folderid'] = intval($doublepost['folderid']);
$doublepost['emailupdate'] = intval($doublepost['emailupdate']);
$doublepost['rating'] = intval($doublepost['rating']);
$doublepost['podcastsize'] = intval($doublepost['podcastsize']);
$doublepost['doublepost'] = $dp_flag;
$doublepost['posthash'] = $post['posthash'];
$doublepost['oldmessage'] = $post['message'];
$doublepost['message'] = $doublepost['pagetext'] . $spacer . $post['message'];
$post = $doublepost;
unset($doublepost);
$dataman->set_existing($post);
if ($vbulletin->options['dp_bump']) {
$post['dateline'] = TIMENOW;
$dataman->set('dateline', $post['dateline']);
}
} else {
$dp_flag = false;
}
}
// set info
$dataman->set_info('dpflag', $dp_flag);
$dataman->set_info('preview', $post['preview']);
$dataman->set_info('parseurl', $post['parseurl']);
$dataman->set_info('posthash', $post['posthash']);
$dataman->set_info('forum', $foruminfo);
$dataman->set_info('thread', $threadinfo);
if (!$vbulletin->GPC['fromquickreply']) {
$dataman->set_info('show_title_error', true);
}
if ($foruminfo['podcast'] and (!empty($post['podcasturl']) or !empty($post['podcastexplicit']) or !empty($post['podcastauthor']) or !empty($post['podcastsubtitle']) or !empty($post['podcastkeywords']))) {
$dataman->set_info('podcastexplicit', $post['podcastexplicit']);
$dataman->set_info('podcastauthor', $post['podcastauthor']);
$dataman->set_info('podcastkeywords', $post['podcastkeywords']);
$dataman->set_info('podcastsubtitle', $post['podcastsubtitle']);
$dataman->set_info('podcasturl', $post['podcasturl']);
if ($post['podcastsize']) {
$dataman->set_info('podcastsize', $post['podcastsize']);
}
}
// set options
$dataman->setr('showsignature', $post['signature']);
$dataman->setr('allowsmilie', $post['enablesmilies']);
$dataman->setr('htmlstate', $post['htmlstate']);
// set data
$dataman->setr('userid', $vbulletin->userinfo['userid']);
if ($vbulletin->userinfo['userid'] == 0) {
$dataman->setr('username', $post['username']);
}
$dataman->setr('title', $post['title']);
$dataman->setr('pagetext', $post['message']);
$dataman->setr('iconid', $post['iconid']);
// see if post has to be moderated or if poster in a mod
if (($foruminfo['moderatenewthread'] and $type == 'thread' or $foruminfo['moderatenewpost'] and $type == 'reply' or !($forumperms & $vbulletin->bf_ugp_forumpermissions['followforummoderation'])) and !can_moderate($foruminfo['forumid']) or $type == 'reply' and ($postinfo['postid'] and !$postinfo['visible'] and !empty($postinfo['specifiedpost']) or !$threadinfo['visible'])) {
// note: specified post comes from a variable passed into newreply.php
$dataman->set('visible', 0);
$post['visible'] = 0;
} else {
$dataman->set('visible', 1);
$post['visible'] = 1;
}
if ($type != 'thread') {
if ($dp_flag) {
$parentid = $post['parentid'];
} else {
if ($postinfo['postid']) {
// get parentid of the new post
// we're not posting a new thread, so make this post a child of the first post in the thread
if (!empty($threadinfo['firstpostid'])) {
//we have the postid in the thread table (firstpostid)
$parentid = $threadinfo['firstpostid'];
} else {
//for some reason it might not be available in the $threadinfo array, need to fetch it
$getfirstpost = $vbulletin->db->query_first("SELECT postid FROM " . TABLE_PREFIX . "post WHERE threadid={$threadinfo['threadid']} ORDER BY dateline LIMIT 1");
$parentid = $getfirstpost['postid'];
}
} else {
$parentid = $postinfo['postid'];
}
}
$dataman->setr('parentid', $parentid);
$dataman->setr('threadid', $threadinfo['threadid']);
} else {
$dataman->setr('forumid', $foruminfo['forumid']);
}
$errors = array();
// done!
($hook = vBulletinHook::fetch_hook('newpost_process')) ? eval($hook) : false;
if ($vbulletin->GPC['fromquickreply'] and $post['preview']) {
$errors = array();
return;
}
if (fetch_require_hvcheck('post') and !$post['preview']) {
require_once DIR . '/includes/class_humanverify.php';
$verify =& vB_HumanVerify::fetch_library($vbulletin);
if (!$verify->verify_token($post['humanverify'])) {
$dataman->error($verify->fetch_error());
}
}
if ($dataman->info['podcastsize']) {
$post['podcastsize'] = $dataman->info['podcastsize'];
}
// check if this forum requires a prefix
if ($type == 'thread' and !$dataman->fetch_field('prefixid') and $foruminfo['options'] & $vbulletin->bf_misc_forumoptions['prefixrequired']) {
// only require a prefix if we actually have options for this forum
require_once DIR . '/includes/functions_prefix.php';
if (fetch_prefix_array($foruminfo['forumid'])) {
$dataman->error('thread_prefix_required');
}
}
if ($type == 'thread' and $post['taglist']) {
$threadinfo['postuserid'] = $vbulletin->userinfo['userid'];
require_once DIR . '/includes/class_taggablecontent.php';
$content = vB_Taggable_Content_Item::create($vbulletin, "vBForum_Thread", $dataman->thread['threadid'], $threadinfo);
$limits = $content->fetch_tag_limits();
$content->filter_tag_list_content_limits($post['taglist'], $limits, $tag_errors, true, false);
if ($tag_errors) {
foreach ($tag_errors as $error) {
$dataman->error($error);
}
}
$dataman->setr('taglist', $post['taglist']);
}
if ($type == 'reply' and $vbulletin->GPC['return_node']) {
$dataman->set_info('nodeid', $vbulletin->GPC['return_node']);
}
$dataman->pre_save();
$errors = array_merge($errors, $dataman->errors);
if ($post['preview']) {
return;
}
// ### DUPE CHECK ###
$dupehash = md5($foruminfo['forumid'] . $post['title'] . $post['message'] . $vbulletin->userinfo['userid'] . $type);
$prevpostfound = false;
$prevpostthreadid = 0;
if ($prevpost = $vbulletin->db->query_first("\n\t\tSELECT posthash.threadid, thread.title\n\t\tFROM " . TABLE_PREFIX . "posthash AS posthash\n\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread ON (thread.threadid = posthash.threadid)\n\t\tWHERE posthash.userid = " . $vbulletin->userinfo['userid'] . " AND\n\t\t\tposthash.dupehash = '" . $vbulletin->db->escape_string($dupehash) . "' AND\n\t\t\tposthash.dateline > " . (TIMENOW - 300) . "\n\t")) {
if ($type == 'thread' and $prevpost['threadid'] == 0 or $type == 'reply' and $prevpost['threadid'] == $threadinfo['threadid']) {
$prevpostfound = true;
$prevpostthreadid = $prevpost['threadid'];
}
}
// Redirect user to forumdisplay since this is a duplicate post
if ($prevpostfound) {
if ($type == 'thread') {
$vbulletin->url = fetch_seo_url('forum', $foruminfo);
print_standard_redirect('redirect_duplicatethread', true, true);
} else {
// with ajax quick reply we need to use the error system
if ($vbulletin->GPC['ajax']) {
$dataman->error('duplicate_post');
$errors = $dataman->errors;
return;
} else {
$vbulletin->url = fetch_seo_url('thread', $prevpost, array('goto' => 'newpost'));
if ($post['ajaxqrfailed']) {
// ajax qr failed. While this is a dupe, most likely the user didn't
// see the initial post, so act like it went through.
print_standard_redirect('redirect_postthanks');
} else {
print_standard_redirect('redirect_duplicatepost', true, true);
}
}
}
}
if (sizeof($errors) > 0) {
return;
}
if ($post['doublepost']) {
$dataman->save();
} else {
$id = $dataman->save();
}
if ($type == 'thread') {
$post['threadid'] = $id;
$threadinfo =& $dataman->thread;
$post['postid'] = $dataman->fetch_field('firstpostid');
clear_autosave_text('vBForum_Thread', 0, 0, $vbulletin->userinfo['userid']);
} else {
$post['postid'] = $id;
if ($vbulletin->GPC_exists['return_node'] and intval($vbulletin->GPC['return_node'])) {
clear_autosave_text('vBCms_ArticleComment', 0, $vbulletin->GPC['return_node'], $vbulletin->userinfo['userid']);
} else {
clear_autosave_text('vBForum_Post', 0, $threadinfo['threadid'], $vbulletin->userinfo['userid']);
}
}
post_vb_api_details('vBForum_Post', $post['postid']);
$post['visible'] = $dataman->fetch_field('visible');
$set_open_status = false;
$set_sticky_status = false;
if ($vbulletin->GPC['openclose'] and ($threadinfo['postuserid'] != 0 and $threadinfo['postuserid'] == $vbulletin->userinfo['userid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'] or can_moderate($threadinfo['forumid'], 'canopenclose'))) {
$set_open_status = true;
}
if ($vbulletin->GPC['stickunstick'] and can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
$set_sticky_status = true;
}
if ($set_open_status or $set_sticky_status) {
$thread =& datamanager_init('Thread', $vbulletin, ERRTYPE_SILENT, 'threadpost');
if ($type == 'thread') {
$thread->set_existing($dataman->thread);
if ($set_open_status) {
$post['postpoll'] = false;
}
} else {
$thread->set_existing($threadinfo);
}
if ($set_open_status) {
$thread->set('open', $thread->fetch_field('open') == 1 ? 0 : 1);
}
if ($set_sticky_status) {
$thread->set('sticky', $thread->fetch_field('sticky') == 1 ? 0 : 1);
}
$thread->save();
}
if ($type == 'thread') {
require_once DIR . '/includes/class_taggablecontent.php';
$content = vB_Taggable_Content_Item::create($vbulletin, "vBForum_Thread", $dataman->thread['threadid'], $threadinfo);
$limits = $content->fetch_tag_limits();
$content->add_tags_to_content($post['taglist'], $limits);
}
// ### DO THREAD RATING ###
build_thread_rating($post['rating'], $foruminfo, $threadinfo);
// ### DO EMAIL NOTIFICATION ###
if ($post['visible'] and $type != 'thread' and !in_coventry($vbulletin->userinfo['userid'], true)) {
exec_send_notification($threadinfo['threadid'], $vbulletin->userinfo['userid'], $post['postid']);
}
// ### DO THREAD SUBSCRIPTION ###
if ($vbulletin->userinfo['userid'] != 0) {
require_once DIR . '/includes/functions_misc.php';
$post['emailupdate'] = verify_subscription_choice($post['emailupdate'], $vbulletin->userinfo, 9999);
($hook = vBulletinHook::fetch_hook('newpost_subscribe')) ? eval($hook) : false;
if (!$threadinfo['issubscribed'] and $post['emailupdate'] != 9999) {
// user is not subscribed to this thread so insert it
/*insert query*/
$vbulletin->db->query_write("INSERT IGNORE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", {$threadinfo['threadid']}, {$post['emailupdate']}, {$post['folderid']}, 1)");
} else {
// User is subscribed, see if they changed the settings for this thread
if ($post['emailupdate'] == 9999) {
// Remove this subscription, user chose 'No Subscription'
$vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "subscribethread WHERE threadid = {$threadinfo['threadid']} AND userid = " . $vbulletin->userinfo['userid']);
} else {
if ($threadinfo['emailupdate'] != $post['emailupdate'] or $threadinfo['folderid'] != $post['folderid']) {
// User changed the settings so update the current record
/*insert query*/
$vbulletin->db->query_write("REPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", {$threadinfo['threadid']}, {$post['emailupdate']}, {$post['folderid']}, 1)");
}
}
}
}
($hook = vBulletinHook::fetch_hook('newpost_complete')) ? eval($hook) : false;
}
$vbulletin->GPC['message'] = fetch_no_shouting_text($vbulletin->GPC['message']);
if (vbstrlen($vbulletin->GPC['message']) > $vbulletin->options['postmaxchars'] and $vbulletin->options['postmaxchars'] != 0) {
eval(standard_error(fetch_error('toolong', $postlength, $vbulletin->options['postmaxchars'])));
}
if (vbstrlen($vbulletin->GPC['message']) < $vbulletin->options['postminchars'] or $vbulletin->GPC['message'] == '') {
eval(standard_error(fetch_error('tooshort', $vbulletin->options['postminchars'])));
}
($hook = vBulletinHook::fetch_hook('usernote_donote')) ? eval($hook) : false;
if ($vbulletin->GPC['usernoteid']) {
// Edited note.
$db->query_write("\n\t\t\tUPDATE " . TABLE_PREFIX . "usernote\n\t\t\tSET message = '" . $db->escape_string($vbulletin->GPC['message']) . "',\n\t\t\t\ttitle = '" . $db->escape_string($vbulletin->GPC['title']) . "',\n\t\t\t\tallowsmilies = {$allowsmilies}\n\t\t\tWHERE usernoteid = " . $vbulletin->GPC['usernoteid'] . "\n\t\t");
clear_autosave_text('vBForum_UserNote', $noteinfo['usernoteid'], 0, $vbulletin->userinfo['userid']);
} else {
/*insert query*/
$db->query_write("\n\t\t\tINSERT INTO " . TABLE_PREFIX . "usernote (message, dateline, userid, posterid, title, allowsmilies)\n\t\t\tVALUES ('" . $db->escape_string($vbulletin->GPC['message']) . "', " . TIMENOW . ", {$userinfo['userid']}, " . $vbulletin->userinfo['userid'] . ", '" . $db->escape_string($vbulletin->GPC['title']) . "', {$allowsmilies})\n\t\t");
clear_autosave_text('vBForum_UserNote', 0, $userinfo['userid'], $vbulletin->userinfo['userid']);
}
if (!$canview) {
$vbulletin->url = fetch_seo_url('member', $userinfo);
} else {
$vbulletin->url = 'usernote.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewuser&u={$userinfo['userid']}";
}
print_standard_redirect(array('redirect_usernoteaddevent', $userinfo['username']));
}
// ############################### Start Add User Note ##########################
if ($_REQUEST['do'] == 'newnote') {
if (!$canpost) {
print_no_permission();
}
if (empty($checked['parseurl'])) {
$checked['parseurl'] = 'checked="checked"';
} else {
$anncdata->set('userid', $vbulletin->userinfo['userid']);
}
$vbulletin->GPC['enddate']['hour'] = 23;
$vbulletin->GPC['enddate']['minute'] = 59;
$vbulletin->GPC['enddate']['second'] = 59;
$anncdata->set('title', $vbulletin->GPC['title']);
$anncdata->set('pagetext', $vbulletin->GPC['message']);
$anncdata->set('forumid', $vbulletin->GPC['forumid']);
$anncdata->set('startdate', $vbulletin->GPC['startdate']);
$anncdata->set('enddate', $vbulletin->GPC['enddate']);
foreach ($vbulletin->bf_misc_announcementoptions as $key => $val) {
$anncdata->set_bitfield('announcementoptions', $key, $vbulletin->GPC['options']["{$key}"]);
}
$announcementid = $anncdata->save();
clear_autosave_text('vBForum_Announcement', $announcementinfo['announcementid'], 0, $vbulletin->userinfo['userid']);
if ($announcementinfo) {
if ($vbulletin->GPC['reset_views']) {
$db->query_write("DELETE FROM " . TABLE_PREFIX . "announcementread WHERE announcementid = {$announcementinfo['announcementid']}");
}
$announcementid = $announcementinfo['announcementid'];
}
$title = $anncdata->fetch_field('title');
$vbulletin->url = 'announcement.php?' . $vbulletin->session->vars['sessionurl'] . "a={$announcementid}";
print_standard_redirect(array('saved_announcement', $title));
}
// #############################################################################
// edit an announcement
if ($_REQUEST['do'] == 'edit') {
require_once DIR . '/includes/functions_misc.php';
require_once DIR . '/includes/functions_editor.php';
unset($postattach['bycontent'][0]);
}
$edit['postid'] = $postinfo['postid'];
// ### PREVIEW POST ###
$postpreview = process_post_preview($edit, $postinfo['userid'], $postattach['bycontent'][$postinfo['postid']], $postattach['byattachment']);
$previewpost = true;
$_REQUEST['do'] = 'editpost';
} else {
if ($vbulletin->GPC['advanced']) {
// Don't display preview on QuickEdit->Advanced as parseurl is turned off and so the preview won't be correct unless the post originally had checked to not parse links
// If you turn on parseurl then the opposite happens and you have to go unparse your links if that is what you want. Compromise
$_REQUEST['do'] = 'editpost';
} else {
// ### POST HAS NO ERRORS ###
$dataman->save();
clear_autosave_text('vBForum_Post', $postinfo['postid'], 0, $vbulletin->userinfo['userid']);
$update_edit_log = true;
// don't show edited by AND reason unchanged - don't update edit log
if (!($permissions['genericoptions'] & $vbulletin->bf_ugp_genericoptions['showeditedby']) and $edit['reason'] == $postinfo['edit_reason']) {
$update_edit_log = false;
}
if ($update_edit_log) {
// ug perm: show edited by
if ($postinfo['dateline'] < TIMENOW - $vbulletin->options['noeditedbytime'] * 60 or !empty($edit['reason'])) {
// save the postedithistory
if ($vbulletin->options['postedithistory']) {
// insert original post on first edit
if (!$db->query_first("SELECT postedithistoryid FROM " . TABLE_PREFIX . "postedithistory WHERE original = 1 AND postid = " . $postinfo['postid'])) {
$db->query_write("\n\t\t\t\t\t\t\tINSERT INTO " . TABLE_PREFIX . "postedithistory\n\t\t\t\t\t\t\t\t(postid, userid, username, title, iconid, dateline, reason, original, pagetext)\n\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t\t({$postinfo['postid']},\n\t\t\t\t\t\t\t\t" . $postinfo['userid'] . ",\n\t\t\t\t\t\t\t\t'" . $db->escape_string($postinfo['username']) . "',\n\t\t\t\t\t\t\t\t'" . $db->escape_string($postinfo['title']) . "',\n\t\t\t\t\t\t\t\t{$postinfo['iconid']},\n\t\t\t\t\t\t\t\t" . $postinfo['dateline'] . ",\n\t\t\t\t\t\t\t\t'',\n\t\t\t\t\t\t\t\t1,\n\t\t\t\t\t\t\t\t'" . $db->escape_string($postinfo['pagetext']) . "')\n\t\t\t\t\t\t");
}
// insert the new version
} else {
define('MESSAGEPREVIEW', true);
require_once DIR . '/includes/functions_newpost.php';
$preview = construct_errors($dataman->errors);
$_GET['do'] = 'message';
}
} else {
if ($vbulletin->GPC['preview'] or $vbulletin->GPC['advanced']) {
define('MESSAGEPREVIEW', true);
if ($vbulletin->GPC['preview']) {
$preview = process_visitor_message_preview($message);
}
$_GET['do'] = 'message';
} else {
$vmid = $dataman->save();
clear_autosave_text('vBForum_VisitorMessage', $messageinfo ? $messageinfo['vmid'] : 0, $messageinfo ? 0 : $userinfo['userid'], $vbulletin->userinfo['userid']);
if ($messageinfo and $messageinfo['postuserid'] != $vbulletin->userinfo['userid'] and can_moderate(0, 'caneditvisitormessages')) {
require_once DIR . '/includes/functions_log_error.php';
log_moderator_action($messageinfo, 'vm_by_x_for_y_edited', array($messageinfo['postusername'], $userinfo['username']));
}
if ($vbulletin->GPC['fromconverse']) {
$userinfo2 = verify_id('user', $vbulletin->GPC['u2'], 1, 1);
}
if ($vbulletin->GPC['ajax']) {
require_once DIR . '/includes/class_xml.php';
$xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
$xml->add_group('commentbits');
$read_ids = array();
require_once DIR . '/includes/class_bbcode.php';
require_once DIR . '/includes/class_visitormessage.php';
$bbcode = new vB_BbCodeParser($vbulletin, fetch_tag_list());
}
} else {
if ($vbulletin->GPC['preview'] or $vbulletin->GPC['advanced']) {
define('MESSAGEPREVIEW', true);
$preview = process_group_message_preview($message);
$_GET['do'] = 'message';
} else {
$gmid = $dataman->save();
if ($discussion) {
if ($messageinfo) {
clear_autosave_text('vBForum_SocialGroupMessage', $messageinfo['gmid'], 0, $vbulletin->userinfo['userid']);
} else {
clear_autosave_text('vBForum_SocialGroupMessage', 0, $discussion['discussionid'], $vbulletin->userinfo['userid']);
}
} else {
clear_autosave_text('vBForum_SocialGroupDiscussion', 0, 0, $vbulletin->userinfo['userid']);
}
if ($messageinfo) {
$gmid = $messageinfo['gmid'];
}
if ($messageinfo and !$group['is_owner'] and can_moderate(0, 'caneditgroupmessages')) {
require_once DIR . '/includes/functions_log_error.php';
log_moderator_action($messageinfo, 'gm_by_x_in_y_for_z_edited', array($messageinfo['postusername'], $discussion['title'], $group['name']));
}
if ($vbulletin->GPC['ajax'] and (!$edit_discussion or $messageinfo['gmid'])) {
require_once DIR . '/includes/class_xml.php';
$xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
$xml->add_group('commentbits');
require_once DIR . '/includes/class_groupmessage.php';
// create message collection
$collection_factory = new vB_Group_Collection_Factory($vbulletin, $group);
$pmdm->pre_save();
if (!empty($pmdm->errors)) {
define('PMPREVIEW', 1);
$preview = construct_errors($pmdm->errors);
// this will take the preview's place
} else {
if ($vbulletin->GPC['preview'] != '') {
define('PMPREVIEW', 1);
$old_finfo = $foruminfo;
$foruminfo = array('forumid' => 'privatemessage');
$preview = process_post_preview($pm);
$foruminfo = $old_finfo;
} else {
// everything's good!
$pmdm->save();
clear_autosave_text('vBForum_Infraction', 0, $userinfo['userid'], $vbulletin->userinfo['userid']);
($hook = vBulletinHook::fetch_hook('private_insertpm_complete')) ? eval($hook) : false;
$postmessage =& $vbulletin->GPC['message'];
}
}
unset($pmdm);
} else {
if ($showemail) {
if (empty($vbulletin->GPC['message']) and $vbulletin->options['uimessage'] and !$nocontact) {
$errors[] = 'nomessagetouser';
}
if (!empty($errors)) {
// include useful functions
require_once DIR . '/includes/functions_newpost.php';
$postpreview = construct_errors(array_map('fetch_error', $errors));
define('PMPREVIEW', 1);
$templater = vB_Template::create('newpost_preview');
$templater->register('errorlist', $errorlist);
$templater->register('newpost', $newpost);
$templater->register('post', $post);
$templater->register('previewmessage', $previewmessage);
$preview = $templater->render();
$_REQUEST['do'] = 'editsignature';
$preview_error_signature = $signature;
} else {
// init user data manager
$userdata =& datamanager_init('User', $vbulletin, ERRTYPE_STANDARD);
$userdata->set_existing($vbulletin->userinfo);
$userdata->set('signature', $signature);
($hook = vBulletinHook::fetch_hook('profile_updatesignature_complete')) ? eval($hook) : false;
$userdata->save();
clear_autosave_text('vBForum_Signature', 0, 0, $vbulletin->userinfo['userid']);
if ($redirectsig) {
$vbulletin->url = 'profile.php?' . $vbulletin->session->vars['sessionurl'] . 'do=editsignature&url=' . $vbulletin->url . '#sigpic';
} else {
$vbulletin->url = 'usercp.php' . $vbulletin->session->vars['sessionurl_q'];
}
print_standard_redirect(array('redirect_updatethanks', $vbulletin->userinfo['username']));
}
}
// ############################### start update profile pic###########################
if ($_POST['do'] == 'updatesigpic') {
if (!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canusesignature'])) {
eval(standard_error(fetch_error('nosignaturepermission')));
}
if (!($permissions['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['cansigpic'])) {
print_no_permission();
