if ($type == 'new') { //new topic //add bonus KPS("+", $starttopic_bonus, $userid); //---- Create topic sql_query("INSERT INTO topics (userid, forumid, subject, onlyauthor) VALUES({$userid}, {$forumid}, " . sqlesc($subject) . ",{$onlyauthor})") or sqlerr(__FILE__, __LINE__); $topicid = mysql_insert_id() or stderr($lang_forums['std_error'], $lang_forums['std_no_topic_id_returned']); sql_query("UPDATE forums SET topiccount=topiccount+1, postcount=postcount+1 WHERE id=" . sqlesc($forumid)); } else { //add bonus KPS("+", $makepost_bonus, $userid); sql_query("UPDATE forums SET postcount=postcount+1 WHERE id=" . sqlesc($forumid)); } //引用多层处理 if ($type == "quote") { $body = quote_sub($body); } sql_query("INSERT INTO posts (topicid, userid, added, body, ori_body) VALUES ({$topicid}, {$userid}, " . sqlesc($date) . ", " . sqlesc($body) . ", " . sqlesc($body) . ")") or sqlerr(__FILE__, __LINE__); $postid = mysql_insert_id() or die($lang_forums['std_post_id_not_available']); //引用回复提醒 $res1 = sql_query("SELECT forumid, userid, subject FROM topics WHERE id=" . sqlesc($topicid) . " LIMIT 1") or sqlerr(__FILE__, __LINE__); $row1 = mysql_fetch_array($res1); if (!$row1) { die; } else { $forumid = $row1['forumid']; $userid = $row1['userid']; $subject = $row1['subject']; } if ($type == "quote") { $quotenum = 0 + $_POST['quotenum'];
$arr = mysql_fetch_array($res); if (!$arr) { stderr($lang_comment['std_error'], $lang_comment['std_invalid_id']); } if ($arr["user"] != $CURUSER["id"] && get_user_class() < $commanage_class) { stderr($lang_comment['std_error'], $lang_comment['std_permission_denied']); } if ($_SERVER["REQUEST_METHOD"] == "POST") { $text = $_POST["body"]; $returnto = htmlspecialchars($_POST["returnto"]) ? $_POST["returnto"] : htmlspecialchars($_SERVER["HTTP_REFERER"]); if ($text == "") { stderr($lang_comment['std_error'], $lang_comment['std_comment_body_empty']); } $text = sqlesc($text); //引用多层处理 $text = quote_sub($text); $editdate = sqlesc(date("Y-m-d H:i:s")); sql_query("UPDATE comments SET text={$text}, editdate={$editdate}, editedby={$CURUSER['id']} WHERE id=" . sqlesc($commentid)) or sqlerr(__FILE__, __LINE__); if ($type == "torrent") { $Cache->delete_value('torrent_' . $arr['parent_id'] . '_last_comment_content'); } elseif ($type == "offer") { $Cache->delete_value('offer_' . $arr['parent_id'] . '_last_comment_content'); } header("Location: {$returnto}"); die; } $parent_id = $arr["parent_id"]; if ($type == "torrent") { $url = "details.php?id={$parent_id}"; } else { if ($type == "offer") {