function poll_close($tid) { if (!($db = db::get())) { return false; } if (!is_numeric($tid)) { return false; } if (!($table_prefix = get_table_prefix())) { return false; } $sql = "SELECT FROM_UID FROM `{$table_prefix}POST` WHERE TID = '{$tid}' AND PID = 1"; if (!($result = $db->query($sql))) { return false; } if (($t_fid = thread_get_folder_fid($tid)) && $result->num_rows > 0) { $poll_data = $result->fetch_assoc(); if ($_SESSION['UID'] == $poll_data['FROM_UID'] || session::check_perm(USER_PERM_FOLDER_MODERATE, $t_fid)) { $closes_datetime = date(MYSQL_DATETIME_MIDNIGHT, time()); $sql = "UPDATE LOW_PRIORITY `{$table_prefix}POLL` SET "; $sql .= "CLOSES = CAST('{$closes_datetime}' AS DATETIME) "; $sql .= "WHERE TID = '{$tid}'"; if (!$db->query($sql)) { return false; } } } return true; }
light_html_email_confirmation_error(); exit; } if (!session::check_perm(USER_PERM_POST_CREATE, $fid)) { light_html_draw_error(gettext("You cannot reply to posts in this folder")); } $new_thread = false; } else { if (isset($_POST['reply_to']) && validate_msg($_POST['reply_to'])) { list($tid, $reply_to_pid) = explode(".", $_POST['reply_to']); if (isset($_POST['return_msg']) && validate_msg($_POST['return_msg'])) { $return_msg = $_POST['return_msg']; } else { $return_msg = $_POST['reply_to']; } if (!($fid = thread_get_folder_fid($tid))) { light_html_draw_error(gettext("The requested thread could not be found or access was denied.")); } if (session::check_perm(USER_PERM_EMAIL_CONFIRM, 0)) { light_html_email_confirmation_error(); exit; } if (!session::check_perm(USER_PERM_POST_CREATE, $fid)) { light_html_draw_error(gettext("You cannot reply to posts in this folder")); } if (sizeof($attachments) > 0 && !session::check_perm(USER_PERM_POST_ATTACHMENTS | USER_PERM_POST_READ, $fid)) { $error_msg_array[] = gettext("You cannot post attachments in this folder. Remove attachments to continue."); $valid = false; } if (sizeof($attachments) > 0 && !attachments_check_post_space($_SESSION['UID'], $attachments)) { $max_post_attachment_space = forum_get_setting('attachments_max_post_space', 'is_numeric', 1048576);
} } else { if (isset($_POST['delete_messages'])) { $valid = true; if (isset($_POST['process']) && is_array($_POST['process'])) { $process_messages = array_filter($_POST['process'], 'validate_msg'); } else { $process_messages = array(); } if (sizeof($process_messages) > 0) { if (isset($_POST['delete_confirm']) && $_POST['delete_confirm'] == 'Y') { foreach ($process_messages as $process_message) { $delete_fid = null; $process_valid = true; list($delete_tid, $delete_pid) = explode(".", $process_message); if ($process_valid && !($delete_fid = thread_get_folder_fid($delete_tid))) { $process_valid = false; } if ($process_valid && !session::check_perm(USER_PERM_POST_EDIT | USER_PERM_POST_READ, $delete_fid)) { $process_valid = false; } if ($process_valid && !session::check_perm(USER_PERM_FOLDER_MODERATE, $delete_fid)) { $process_valid = false; } if ($process_valid && !($thread_data = thread_get($delete_tid, false, false, true))) { $process_valid = false; } if ($process_valid && !($preview_message = messages_get($delete_tid, $delete_pid, 1))) { $process_valid = false; } if ($process_valid && isset($preview_message['APPROVED'])) {