function gf_resyncforum($id)
{
global $_CONF, $_TABLES;
COM_errorLog("Re-Syncing Forum id:{$id}");
// Update all the Topics lastupdated timestamp to that of the last posted comment
$topicsQuery = DB_query("SELECT id FROM {$_TABLES['gf_topic']} WHERE forum={$id} and pid=0");
$topicCount = DB_numRows($topicsQuery);
if ($topicCount > 0) {
$lastTopicQuery = DB_query("SELECT MAX(id) as maxid FROM {$_TABLES['gf_topic']} WHERE forum={$id}");
$lasttopic = DB_fetchArray($lastTopicQuery);
DB_query("UPDATE {$_TABLES['gf_forums']} SET last_post_rec = {$lasttopic['maxid']} WHERE forum_id={$id}");
$postCount = DB_Count($_TABLES['gf_topic'], 'forum', $id);
// Update the forum definition record to know the number of topics and number of posts
DB_query("UPDATE {$_TABLES['gf_forums']} SET topic_count={$topicCount}, post_count={$postCount} WHERE forum_id={$id}");
$recCount = 0;
while ($trecord = DB_fetchArray($topicsQuery)) {
$recCount++;
// Retrieve the oldest post records for this topic and update the lastupdated time in the parent topic record
$lsql = DB_query("SELECT MAX(id)as maxid FROM {$_TABLES['gf_topic']} WHERE pid={$trecord['id']}");
$lastrec = DB_fetchArray($lsql);
if ($lastrec['maxid'] != NULL) {
$postCount = DB_count($_TABLES['gf_topic'], 'forum', $id);
$latest = DB_getITEM($_TABLES['gf_topic'], date, "id={$lastrec['maxid']}");
DB_query("UPDATE {$_TABLES['gf_topic']} SET lastupdated = '{$latest}' where id='{$trecord['id']}'");
// Update the parent topic record to know the id of the Last Reply
DB_query("UPDATE {$_TABLES['gf_topic']} SET last_reply_rec = {$lastrec['maxid']} where id='{$trecord['id']}'");
} else {
$latest = DB_getITEM($_TABLES['gf_topic'], date, "id={$trecord['id']}");
DB_query("UPDATE {$_TABLES['gf_topic']} SET lastupdated = '{$latest}' WHERE id='{$trecord['id']}'");
}
// Recalculate and Update the number of replies
$numreplies = DB_Count($_TABLES['gf_topic'], "pid", $trecord['id']);
DB_query("UPDATE {$_TABLES['gf_topic']} SET replies = '{$numreplies}' WHERE id='{$trecord['id']}'");
}
COM_errorLog("{$recCount} Topic Records Updated");
} else {
DB_query("UPDATE {$_TABLES['gf_forums']} SET topic_count=0, post_count=0 WHERE forum_id={$id}");
COM_errorLog("No topic records to resync");
}
}
function _ff_migrateComments($forum, $sid, $parent)
{
global $verbose, $_TABLES, $_CONF, $migratedcomments;
$sql = DB_query("SELECT sid,date,uid,title,comment from {$_TABLES['comments']} WHERE sid = '" . DB_escapeString($sid) . "' ORDER BY date ASC");
$num_comments = DB_numRows($sql);
$i = 0;
while (list($sid, $commentdate, $uid, $subject, $comment) = DB_fetchArray($sql)) {
$sqlid = DB_query("SELECT id from {$_TABLES['ff_topic']} ORDER BY id desc LIMIT 1");
list($lastid) = DB_fetchArray($sqlid);
$comment = prepareStringForDB($comment);
$subject = prepareStringForDB($subject);
$postmode = "html";
$name = DB_getITEM($_TABLES['users'], 'username', "uid=" . (int) $uid);
$email = DB_getITEM($_TABLES['users'], 'email', "uid=" . (int) $uid);
$website = DB_getITEM($_TABLES['users'], 'homepage', "uid=" . (int) $uid);
$datetime = explode(" ", $commentdate);
$date = explode("-", $datetime[0]);
$time = explode(":", $datetime[1]);
$year = $date[0] > 1969 ? $date[0] : "2001";
$month = $date[1];
$day = $date[2];
$hour = $time[0];
$min = $time[1];
$timestamp = mktime($hour, $min, 0, $month, $day, $year);
$lastupdated = $timestamp;
$migratedcomments++;
DB_query("INSERT INTO {$_TABLES['ff_topic']} (forum,name,date,lastupdated, email, website, subject, comment, postmode, ip, mood, uid, pid, sticky, locked)\n VALUES (" . (int) $forum . ",'" . DB_escapeString($name) . "','{$timestamp}','{$lastupdated}','" . DB_escapeString($email) . "','" . DB_escapeString($website) . "','{$subject}','{$comment}','" . DB_escapeString($postmode) . "','',''," . (int) $uid . "," . (int) $parent . ",'0','0')");
$i++;
}
DB_query("UPDATE {$_TABLES['ff_topic']} SET replies = {$num_comments} WHERE id=" . (int) $parent);
return $num_comments;
}
// Remove any lastviewed records in the log so that the new updated topic indicator will appear
DB_query("DELETE FROM {$_TABLES['gf_log']} WHERE topic='{$moveid}'");
$link = "{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$moveid}";
forum_statusMessage($LANG_GF02['msg163'], $link, $LANG_GF02['msg163']);
}
gf_siteFooter();
exit;
}
}
if ($modfunction == 'deletepost' and forum_modPermission($forum, $_USER['uid'], 'mod_delete') and $fortopicid != 0) {
if ($top == 'yes') {
$alertmessage = $LANG_GF02['msg65'] . "<p>";
} else {
$alertmessage = '';
}
$subject = DB_getITEM($_TABLES['gf_topic'], "subject", "id='{$msgpid}'");
$alertmessage .= sprintf($LANG_GF02['msg64'], $fortopicid, $subject);
$promptform = '<p><FORM ACTION="' . $_CONF['site_url'] . '/forum/moderation.php" METHOD="POST">';
$promptform .= '<INPUT TYPE="hidden" NAME="modconfirmdelete" VALUE="1">';
$promptform .= '<INPUT TYPE="hidden" NAME="msgid" VALUE="' . $fortopicid . '">';
$promptform .= '<INPUT TYPE="hidden" NAME="forum" VALUE="' . $forum . '">';
$promptform .= '<INPUT TYPE="hidden" NAME="msgpid" VALUE="' . $msgpid . '">';
$promptform .= '<INPUT TYPE="hidden" NAME="top" VALUE="' . $top . '">';
$promptform .= '<CENTER><INPUT TYPE="submit" NAME="submit" VALUE="' . $LANG_GF01['CONFIRM'] . '"> ';
$promptform .= '<INPUT TYPE="submit" NAME="submit" VALUE="' . $LANG_GF01['CANCEL'] . '"></CENTER>';
$promptform .= '</CENTER></FORM></p>';
alertMessage($alertmessage, $LANG_GF02['msg182'], $promptform);
} elseif ($modfunction == 'editpost' and forum_modPermission($forum, $_USER['uid'], 'mod_edit') and $fortopicid != 0) {
$page = COM_applyFilter($_REQUEST['page'], true);
echo COM_refresh("createtopic.php?method=edit&id={$fortopicid}&page={$page}");
echo $LANG_GF02['msg110'];
}
if (DB_count($_TABLES[messenger_dist], 'msg_id', $id) == 0) {
DB_query("DELETE FROM {$_TABLES['messenger_msg']} WHERE (id = '{$id}')");
}
messenger_statusMessage($LANG_MSG['msgdelsuccess'], $phpself . '?folder=' . $folder, $LANG_MSG['msgreturn']);
exit;
} else {
echo COM_startBlock($LANG_MSG['ERROR']);
echo $LANG_MSG['msgdelerr'];
echo COM_endBlock("blockfooter-system.thtml");
exit;
}
}
if ($mode == 'archive') {
// Check that user has rights
$source = DB_getITEM($_TABLES['messenger_msg'], "source_uid", "id='{$id}'");
if ($source = $uid || SEC_hasRights('messenger.edit')) {
DB_query("UPDATE {$_TABLES['messenger_dist']} SET archive='1' WHERE msg_id='{$id}'");
messenger_statusMessage($LANG_MSG['msgarchive'], $phpself . '?folder=' . $folder, $LANG_MSG['msgreturn']);
} else {
messenger_statusMessage($LANG_MSG['err02'], $phpself . '?folder=' . $folder, $LANG_MSG['msgreturn']);
}
exit;
}
if ($action == 'delall') {
if ($folder == 'ARCHIVE') {
$delquery = DB_query("SELECT id FROM {$_TABLES['messenger_msg']} LEFT JOIN {$_TABLES['messenger_dist']} ON id = msg_id WHERE (target_uid='{$uid}' AND archive='1') ");
} else {
$delquery = DB_query("SELECT id FROM {$_TABLES['messenger_msg']} LEFT JOIN {$_TABLES['messenger_dist']} ON id = msg_id WHERE (target_uid='{$uid}' AND archive='0') ");
}
while (list($id) = DB_fetchARRAY($delquery)) {
} elseif ($notifytype == '3') {
$sql .= " AND topic_id < '0'";
} else {
$sql .= " AND topic_id > '0'";
}
$sql .= " ORDER BY forum_id ASC, date_added DESC";
$notifications = DB_query($sql);
$nrows = DB_numRows($notifications);
$numpages = ceil($nrows / $show);
$offset = ($page - 1) * $show;
$base_url = $_CONF['site_url'] . "/forum/notify.php?filter={$notifytype}&forum={$forum}&show={$show}";
$sql .= " LIMIT {$offset}, {$show}";
$notifications = DB_query($sql);
$i = 1;
while (list($notify_recid, $forum_id, $topic_id, $date_added) = DB_fetchARRAY($notifications)) {
$forum_name = DB_getITEM($_TABLES['gf_forums'], "forum_name", "forum_id='{$forum_id}'");
$is_forum = '';
if ($topic_id == '0') {
$subject = '';
$is_forum = $LANG_GF02['msg138'];
$topic_link = '<a href="' . $_CONF['site_url'] . '/forum/index.php?forum=' . $forum_id . '" title="' . $subject . '">' . $subject . '</a>';
} else {
if ($topic_id < 0) {
$neg_subscription = true;
$topic_id = -$topic_id;
} else {
$neg_subscription = false;
}
$result = DB_query("SELECT subject,name,replies,views,uid,id FROM {$_TABLES['gf_topic']} WHERE id = '{$topic_id}'");
$A = DB_fetchArray($result);
if ($A['subject'] == '') {
function modDownloadS()
{
global $_CONF, $_TABLES, $myts, $eh, $filemgmt_SnapStore, $filemgmt_FileStore, $_FMDOWNLOAD;
if (defined('DEMO_MODE')) {
redirect_header($_CONF['site_admin_url'] . "/plugins/filemgmt/index.php", 10, 'Uploads and file edits are disabled in demo mode');
exit;
}
$cid = $_POST["cid"];
if ($_POST["url"] || $_POST["url"] != "") {
$fileurl = COM_applyFilter($_POST['url']);
$url = rawurlencode($myts->makeTboxData4Save($_POST['url']));
}
$silentEdit = isset($_POST['silentedit']) ? COM_applyFilter($_POST['silentedit'], true) : 0;
$submitter = (int) COM_applyFilter($_POST['owner_id'], true);
$currentfile = DB_getITEM($_TABLES['filemgmt_filedetail'], 'url', "lid=" . intval($_POST['lid']));
$currentfileFQN = $filemgmt_FileStore . $myts->makeTboxData4Save(rawurldecode($currentfile));
$newfile = rawurlencode($myts->makeTboxData4Save($_FILES['newfile']['name']));
if ($newfile != '') {
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
$upload->setFieldName('newfile');
$upload->setPath($filemgmt_FileStore);
$upload->setAllowAnyMimeType(true);
// allow any file type
$upload->setMaxFileSize(100000000);
$upload->uploadFiles();
if ($upload->areErrors()) {
$errmsg = "Upload Error: " . $upload->printErrors(false);
COM_errorLog($errmsg);
$eh->show("1106");
} else {
$url = rawurlencode($myts->makeTboxData4Save($upload->_currentFile['name']));
$size = $myts->makeTboxData4Save($upload->_currentFile['size']);
$pos = strrpos($newfile, '.') + 1;
$fileExtension = strtolower(substr($newfile, $pos));
if (array_key_exists($fileExtension, $_FMDOWNLOAD)) {
if ($_FMDOWNLOAD[$fileExtension] == 'reject') {
COM_errorLOG("AddNewFile - New Upload file is rejected by config rule:{$uploadfilename}");
$eh->show("1109");
} else {
$fileExtension = $_FMDOWNLOAD[$fileExtension];
$pos = strrpos($url, '.') + 1;
$url = strtolower(substr($url, 0, $pos)) . $fileExtension;
$pos2 = strrpos($newfile, '.') + 1;
$filename = substr($newfile, 0, $pos2) . $fileExtension;
$rc = @copy($filemgmt_FileStore . $newfile, $filemgmt_FileStore . $filename);
if ($rc === false) {
$errmsg = "Upload Error: Unable to copy new file";
COM_errorLog($errmsg);
$eh->show("1106");
}
@unlink($filemgmt_FileStore . $newfile);
}
}
DB_query("UPDATE {$_TABLES['filemgmt_filedetail']} SET url='{$url}',size=" . $size . " WHERE lid=" . intval($_POST['lid']));
if ($currentfile != $newfile) {
@unlink($filemgmt_FileStore . $currentfile);
}
}
} else {
if (!empty($fileurl)) {
$size = (int) COM_applyFilter($_POST['size'], true);
$size = $myts->makeTboxData4Save($size);
$url = DB_escapeString($fileurl);
$lid = (int) COM_applyFilter($_POST['lid'], true);
DB_query("UPDATE {$_TABLES['filemgmt_filedetail']} SET url='{$url}',size=" . $size . " WHERE lid=" . (int) $lid);
}
}
$currentsnapfile = DB_getITEM($_TABLES['filemgmt_filedetail'], 'logourl', "lid=" . intval($_POST['lid']));
$currentSnapFQN = $filemgmt_SnapStore . $myts->makeTboxData4Save(rawurldecode($currentsnapfile));
$newsnapfile = rawurlencode($myts->makeTboxData4Save($_FILES['newfileshot']['name']));
if ($newsnapfile != '') {
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
$upload->setFieldName('newfileshot');
$upload->setPath($filemgmt_SnapStore);
$upload->setAllowAnyMimeType(false);
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxDimensions(640, 480);
$upload->setAutomaticResize(true);
$upload->setMaxFileSize(100000000);
$upload->uploadFiles();
if ($upload->areErrors()) {
$errmsg = "Upload Error: " . $upload->printErrors(false);
COM_errorLog($errmsg);
$eh->show("1106");
} else {
$logourl = rawurlencode($myts->makeTboxData4Save($upload->_currentFile['name']));
$lid = (int) COM_applyFilter($_POST['lid'], true);
DB_query("UPDATE {$_TABLES['filemgmt_filedetail']} SET logourl='{$logourl}' WHERE lid=" . $lid);
if ($currentsnapfile != $newfile) {
@unlink($filemgmt_SnapStore . $currentsnapfile);
}
}
} elseif (isset($_POST['deletesnap'])) {
if (file_exists($currentSnapFQN) && !is_dir($currentSnapFQN)) {
$lid = (int) COM_applyFilter($_POST['lid'], true);
$err = @unlink($currentSnapFQN);
DB_query("UPDATE {$_TABLES['filemgmt_filedetail']} SET logourl='' WHERE lid=" . $lid);
COM_errorLOG("Delete repository snapfile:{$currentSnapFQN}.");
}
}
$title = $myts->makeTboxData4Save($_POST['title']);
$homepage = $myts->makeTboxData4Save($_POST['homepage']);
$version = $myts->makeTboxData4Save($_POST['version']);
$description = $myts->makeTareaData4Save($_POST['description']);
$lid = (int) COM_applyFilter($_POST['lid'], true);
$cid = DB_escapeString($cid);
$commentoption = DB_escapeString(COM_applyFilter($_POST['commentoption']));
if ($silentEdit) {
DB_query("UPDATE {$_TABLES['filemgmt_filedetail']} SET cid='{$cid}', title='{$title}', url='{$url}', homepage='{$homepage}', version='{$version}', status=1, comments='{$commentoption}', submitter={$submitter} WHERE lid=" . $lid);
} else {
DB_query("UPDATE {$_TABLES['filemgmt_filedetail']} SET cid='{$cid}', title='{$title}', url='{$url}', homepage='{$homepage}', version='{$version}', status=1, date=" . time() . ", comments='{$commentoption}', submitter={$submitter} WHERE lid=" . $lid);
}
DB_query("UPDATE {$_TABLES['filemgmt_filedesc']} SET description='{$description}' WHERE lid=" . $lid);
PLG_itemSaved($lid, 'filemgmt');
CACHE_remove_instance('whatsnew');
redirect_header("{$_CONF['site_url']}/filemgmt/index.php", 2, _MD_DBUPDATED);
exit;
}
}
$sql = "UPDATE {$_TABLES['gf_topic']} SET subject='{$subject}',comment='{$comment}',postmode='{$postmode}', ";
$sql .= "mood='{$mood}', sticky='{$sticky}', locked='{$locked}' WHERE (id='{$editid}')";
DB_query($sql);
/* Check for any uploaded files - during save of edit */
gf_check4files($editid);
// Check and see if there are no [file] bbcode tags in content and reset the show_inline value
// This is needed in case user had used the file bbcode tag and then removed it
$imagerecs = '';
$imagerecs = implode(',', $forumfiles);
$sql = "UPDATE {$_TABLES['gf_attachments']} SET show_inline = 0 WHERE topic_id={$editid} ";
if ($imagerecs != '') {
$sql .= "AND id NOT IN ({$imagerecs})";
}
DB_query($sql);
$topicparent = DB_getITEM($_TABLES['gf_topic'], "pid", "id='{$editid}'");
if ($topicparent == 0) {
$topicparent = $editid;
}
//NOTIFY - Checkbox variable in form set to "on" when checked and they have not already subscribed to forum
$notifyRecID = DB_getItem($_TABLES['gf_watch'], 'id', "forum_id='{$forum}' AND topic_id='{$topicparent}' AND uid='{$uid}'");
if ($notify == 'on' and $notifyRecID < 1) {
DB_query("INSERT INTO {$_TABLES['gf_watch']} (forum_id,topic_id,uid,date_added) VALUES ('{$forum}','{$topicparent}','{$_USER['uid']}',now() )");
} elseif ($notify == '' and $notifyRecID > 1) {
DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE id={$notifyRecID}");
}
// if user has un-checked the Silent option then they want to have user alerted of the edit and update the topic timestamp
if ($_POST['silentedit'] != 1) {
DB_query("UPDATE {$_TABLES['gf_topic']} SET lastupdated = {$date} WHERE id={$topicparent}");
//Remove any lastviewed records in the log so that the new updated topic indicator will appear
DB_query("DELETE FROM {$_TABLES['gf_log']} WHERE topic='{$topicparent}' and time > 0");
$topicResults = DB_query($sql);
$totalresults = DB_numRows($topicResults);
// Retrieve Forum details and Category name
$sql = "SELECT forum.forum_name,category.id,category.cat_name,forum.is_readonly FROM {$_TABLES['forum_forums']} forum ";
$sql .= "LEFT JOIN {$_TABLES['forum_categories']} category ON category.id=forum.forum_cat ";
$sql .= "WHERE forum.forum_id = {$forum}";
$category = DB_fetchArray(DB_query($sql));
if ($totalresults < 1) {
$LANG_MSG05 = $LANG_GF02['msg05'];
$topiclisting->set_var('records_message', $LANG_GF02['msg05']);
$topiclisting->parse('no_records_message', 'no_records_message');
}
$subscribelink = '';
if (!COM_isAnonUser()) {
// Check for user subscription status
$sub_check = DB_getITEM($_TABLES['forum_watch'], "id", "forum_id='{$forum}' AND topic_id=0 AND uid='{$_USER['uid']}'");
if ($sub_check == '') {
$subscribelink = "{$_CONF['site_url']}/forum/index.php?op=subscribe&forum={$forum}";
$topiclisting->set_var('subscribelink', $subscribelink);
$topiclisting->set_var('subscribelinktext', $LANG_GF01['FORUMSUBSCRIBE']);
$topiclisting->set_var('LANG_subscribe', $LANG_GF01['FORUMSUBSCRIBE']);
$topiclisting->set_var('LANG_subscribe_state', $LANG_GF01['FORUMSUBSCRIBE_FALSE']);
$topiclisting->parse('subscribeforum_link', 'subscribeforum_link');
} else {
$subscribelink = "{$_CONF['site_url']}/forum/notify.php?filter=2";
$topiclisting->set_var('subscribelink', $subscribelink);
$topiclisting->set_var('subscribelinktext', $LANG_GF01['FORUMUNSUBSCRIBE']);
$topiclisting->set_var('LANG_subscribe', $LANG_GF01['FORUMUNSUBSCRIBE']);
$topiclisting->set_var('LANG_subscribe_state', $LANG_GF01['FORUMSUBSCRIBE_TRUE']);
$topiclisting->parse('subscribeforum_link', 'subscribeforum_link');
}
function gf_updateLastPost($forumid, $topicparent = 0)
{
global $_TABLES;
if ($topicparent == 0) {
// Get the last topic in this forum
$query = DB_query("SELECT MAX(id)as maxid FROM {$_TABLES['gf_topic']} WHERE forum={$forumid}");
list($topicparent) = DB_fetchArray($query);
if ($topicparent > 0) {
$lastrecid = $topicparent;
DB_query("UPDATE {$_TABLES['gf_forums']} SET last_post_rec={$lastrecid} WHERE forum_id={$forumid}");
}
} else {
$query = DB_query("SELECT MAX(id)as maxid FROM {$_TABLES['gf_topic']} WHERE pid={$topicparent}");
list($lastrecid) = DB_fetchArray($query);
}
if ($lastrecid == NULL and $topicparent > 0) {
$topicdatecreated = DB_getITEM($_TABLES['gf_topic'], date, "id={$topicparent}");
DB_query("UPDATE {$_TABLES['gf_topic']} SET last_reply_rec={$topicparent}, lastupdated='{$topicdatecreated}' WHERE id={$topicparent}");
} elseif ($topicparent > 0) {
$topicdatecreated = DB_getITEM($_TABLES['gf_topic'], date, "id={$lastrecid}");
DB_query("UPDATE {$_TABLES['gf_topic']} SET last_reply_rec={$lastrecid}, lastupdated={$topicdatecreated} WHERE id={$topicparent}");
}
if ($topicparent > 0) {
// Recalculate and Update the number of replies
$numreplies = DB_Count($_TABLES['gf_topic'], "pid", $topicparent);
DB_query("UPDATE {$_TABLES['gf_topic']} SET replies = '{$numreplies}' WHERE id={$topicparent}");
}
}
function FF_saveTopic($forumData, $postData, $action)
{
global $_CONF, $_TABLES, $_FF_CONF, $_USER, $LANG03, $LANG_GF01, $LANG_GF02;
$retval = '';
$uploadErrors = '';
$msg = '';
$errorMessages = '';
$email = '';
$forumfiles = array();
$okToSave = true;
$dt = new Date('now', $_USER['tzid']);
$date = $dt->toUnix();
$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
if (COM_isAnonUser()) {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
// verify postmode is allowed
if (strtolower($postData['postmode']) == 'html') {
if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) {
$postData['postmode'] = 'html';
} else {
$postData['postmode'] = 'text';
}
}
// is forum readonly?
if ($forumData['is_readonly'] == 1) {
// Check if this user has moderation rights now to allow a post to a locked topic
if (!forum_modPermission($forumData['forum'], $uid, 'mod_edit')) {
_ff_accessError();
}
}
if ($action == 'saveedit') {
// does the forum match the forum id of the posted data?
if ($forumData['forum'] != 0 && $forumData['forum'] != $postData['forum']) {
_ff_accessError();
}
$editid = COM_applyFilter($postData['editid'], true);
$forum = COM_applyFilter($postData['forum'], true);
$editAllowed = false;
if (forum_modPermission($forumData['forum'], $_USER['uid'], 'mod_edit')) {
$editAllowed = true;
} else {
if ($_FF_CONF['allowed_editwindow'] > 0) {
$t1 = DB_getItem($_TABLES['ff_topic'], 'date', "id=" . (int) $postData['id']);
$t2 = $_FF_CONF['allowed_editwindow'];
$time = time();
if (time() - $t2 < $t1) {
$editAllowed = true;
}
} else {
$editAllowed = true;
}
}
if ($postData['editpid'] < 1 && trim($postData['subject']) == '') {
$retval .= FF_BlockMessage('', $LANG_GF02['msg18'], false);
$okToSave = false;
} elseif (!$editAllowed) {
$link = $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . (int) $postData['$id'];
$retval .= _ff_alertMessage('', $LANG_GF02['msg189'], sprintf($LANG_GF02['msg187'], $link));
$okToSave = false;
}
} else {
if (!COM_isAnonUser() && $_FF_CONF['use_sfs']) {
$email = isset($_USER['email']) ? $_USER['email'] : '';
}
}
if (isset($postData['name']) && $postData['name'] != '') {
$name = _ff_preparefordb(@htmlspecialchars(strip_tags(trim(COM_checkWords(USER_sanitizeName($postData['name'])))), ENT_QUOTES, COM_getEncodingt()), 'text');
$name = urldecode($name);
} else {
$okToSave = false;
$errorMessages .= $LANG_GF02['invalid_name'] . '<br />';
}
// speed limit check
if (!SEC_hasRights('forum.edit')) {
COM_clearSpeedlimit($_FF_CONF['post_speedlimit'], 'forum');
$last = COM_checkSpeedlimit('forum');
if ($last > 0) {
$errorMessages .= sprintf($LANG_GF01['SPEEDLIMIT'], $last, $_FF_CONF['post_speedlimit']) . '<br/>';
$okToSave = false;
}
}
// standard edit checks
if (strlen(trim($postData['name'])) < $_FF_CONF['min_username_length'] || strlen(trim($postData['subject'])) < $_FF_CONF['min_subject_length'] || strlen(trim($postData['comment'])) < $_FF_CONF['min_comment_length']) {
$errorMessages .= $LANG_GF02['msg18'] . '<br/>';
$okToSave = false;
}
// CAPTCHA check
if (function_exists('plugin_itemPreSave_captcha') && $okToSave == true) {
if (!isset($postData['captcha'])) {
$postData['captcha'] = '';
}
$msg = plugin_itemPreSave_captcha('forum', $postData['captcha']);
if ($msg != '') {
$errorMessages .= $msg . '<br/>';
$okToSave = false;
}
}
// spamx check
if ($_FF_CONF['use_spamx_filter'] == 1 && $okToSave == true) {
// Check for SPAM
$spamcheck = '<h1>' . $postData['subject'] . '</h1><p>' . $postData['comment'] . '</p>';
$result = PLG_checkforSpam($spamcheck, $_CONF['spamx']);
// Now check the result and redirect to index.php if spam action was taken
if ($result > 0) {
// then tell them to get lost ...
$errorMessages .= $LANG_GF02['spam_detected'];
$okToSave = false;
}
}
if ($_FF_CONF['use_sfs'] == 1 && COM_isAnonUser() && function_exists('plugin_itemPreSave_spamx')) {
$spamCheckData = array('username' => $postData['name'], 'email' => $email, 'ip' => $REMOTE_ADDR);
$msg = plugin_itemPreSave_spamx('forum', $spamCheckData);
if ($msg) {
$errorMessages .= $msg;
$okToSave = false;
}
}
if ($okToSave == false) {
$retval .= _ff_alertMessage($errorMessages, $LANG_GF01['ERROR'], ' ');
return array(false, $retval);
}
if ($okToSave == true) {
if (!isset($postData['postmode_switch'])) {
$postData['postmode_switch'] = 0;
}
$postmode = _ff_chkpostmode($postData['postmode'], $postData['postmode_switch']);
// validate postmode
if ($postmode == 'html' || $postmode == 'HTML') {
if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) {
$postmode = 'html';
} else {
$postmode = 'text';
}
}
$subject = _ff_preparefordb(strip_tags($postData['subject']), 'text');
$comment = _ff_preparefordb($postData['comment'], $postmode);
$mood = isset($postData['mood']) ? COM_applyFilter($postData['mood']) : '';
$id = COM_applyFilter($postData['id'], true);
$forum = COM_applyFilter($postData['forum'], true);
$notify = isset($postData['notify']) ? COM_applyFilter($postData['notify']) : '';
$status = 0;
if (isset($postData['disable_bbcode']) && $postData['disable_bbcode'] == 1) {
$status += DISABLE_BBCODE;
}
if (isset($postData['disable_smilies']) && $postData['disable_smilies'] == 1) {
$status += DISABLE_SMILIES;
}
if (isset($postData['disable_urlparse']) && $postData['disable_urlparse'] == 1) {
$status += DISABLE_URLPARSE;
}
// If user has moderator edit rights only
$locked = 0;
$sticky = 0;
if (isset($postData['modedit']) && $postData['modedit'] == 1) {
if (isset($postData['locked_switch']) && $postData['locked_switch'] == 1) {
$locked = 1;
}
if (isset($postData['sticky_switch']) && $postData['sticky_switch'] == 1) {
$sticky = 1;
}
}
if ($action == 'savetopic') {
$fields = "forum,name,email,date,lastupdated,subject,comment,postmode,ip,mood,uid,pid,sticky,locked,status";
$sql = "INSERT INTO {$_TABLES['ff_topic']} ({$fields}) ";
$sql .= "VALUES (" . (int) $forum . "," . "'" . DB_escapeString($name) . "'," . "'" . DB_escapeString($email) . "'," . "'" . DB_escapeString($date) . "'," . "'" . DB_escapeString($date) . "'," . "'" . $subject . "'," . "'" . $comment . "'," . "'" . DB_escapeString($postmode) . "'," . "'" . DB_escapeString($REMOTE_ADDR) . "'," . "'" . DB_escapeString($mood) . "'," . (int) $uid . "," . "0," . (int) $sticky . "," . (int) $locked . "," . (int) $status . ")";
DB_query($sql);
// Find the id of the last inserted topic
list($lastid) = DB_fetchArray(DB_query("SELECT max(id) FROM {$_TABLES['ff_topic']} "));
$savedPostID = $lastid;
$topicPID = $lastid;
/* Check for any uploaded files - during add of new topic */
$uploadErrors = _ff_check4files($lastid);
// Check and see if there are no [file] bbcode tags in content and reset the show_inline value
// This is needed in case user had used the file bbcode tag and then removed it
$imagerecs = '';
$imagerecs = implode(',', $forumfiles);
$sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $lastid . " ";
if ($imagerecs != '') {
$sql .= "AND id NOT IN ({$imagerecs})";
}
DB_query($sql);
// Update forums record
DB_query("UPDATE {$_TABLES['ff_forums']} SET post_count=post_count+1, topic_count=topic_count+1, last_post_rec=" . (int) $lastid . " WHERE forum_id=" . (int) $forum);
if (DB_Count($_TABLES['ff_attachments'], 'topic_id', (int) $lastid)) {
DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=1 WHERE id=" . (int) $lastid);
}
DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topicPID . " and time > 0");
} else {
if ($action == 'savereply') {
$fields = "name,email,date,subject,comment,postmode,ip,mood,uid,pid,forum,status";
$sql = "INSERT INTO {$_TABLES['ff_topic']} ({$fields}) ";
$sql .= "VALUES (" . "'" . DB_escapeString($name) . "'," . "'" . DB_escapeString($email) . "'," . "'" . DB_escapeString($date) . "'," . "'{$subject}'," . "'{$comment}'," . "'" . DB_escapeString($postmode) . "'," . "'" . DB_escapeString($REMOTE_ADDR) . "'," . "'" . DB_escapeString($mood) . "'," . (int) $uid . "," . (int) $id . "," . (int) $forum . "," . (int) $status . ")";
DB_query($sql);
// Find the id of the last inserted topic
list($lastid) = DB_fetchArray(DB_query("SELECT max(id) FROM {$_TABLES['ff_topic']} "));
$savedPostID = $lastid;
$topicPID = $id;
/* Check for any uploaded files - during adding reply post */
$uploadErrors = _ff_check4files($lastid);
// Check and see if there are no [file] bbcode tags in content and reset the show_inline value
// This is needed in case user had used the file bbcode tag and then removed it
$imagerecs = '';
$imagerecs = implode(',', $forumfiles);
$sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $lastid;
if ($imagerecs != '') {
$sql .= " AND id NOT IN ({$imagerecs})";
}
DB_query($sql);
DB_query("UPDATE {$_TABLES['ff_topic']} SET replies=replies+1, lastupdated='" . DB_escapeString($date) . "',last_reply_rec=" . (int) $lastid . " WHERE id=" . (int) $id);
DB_query("UPDATE {$_TABLES['ff_forums']} SET post_count=post_count+1, last_post_rec=" . (int) $lastid . " WHERE forum_id=" . (int) $forum);
if (DB_Count($_TABLES['ff_attachments'], 'topic_id', (int) $lastid)) {
DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=1 WHERE id=" . (int) $id);
}
DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topicPID . " and time > 0");
} elseif ($action == 'saveedit') {
$sql = "UPDATE {$_TABLES['ff_topic']} SET " . "subject='{$subject}'," . "comment='{$comment}'," . "postmode='" . DB_escapeString($postmode) . "'," . "mood='" . DB_escapeString($mood) . "'," . "sticky=" . (int) $sticky . "," . "locked=" . (int) $locked . "," . "status=" . (int) $status . " " . "WHERE (id=" . (int) $editid . ")";
DB_query($sql);
/* Check for any uploaded files - during save of edit */
$uploadErrors = _ff_check4files($editid);
// Check and see if there are no [file] bbcode tags in content and reset the show_inline value
// This is needed in case user had used the file bbcode tag and then removed it
$imagerecs = '';
$imagerecs = implode(',', $forumfiles);
$sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $editid . " ";
if ($imagerecs != '') {
$sql .= "AND id NOT IN ({$imagerecs})";
}
DB_query($sql);
$topicPID = DB_getITEM($_TABLES['ff_topic'], "pid", "id=" . (int) $editid);
if ($topicPID == 0) {
$topicPID = $editid;
}
$savedPostID = $editid;
if ($postData['silentedit'] != 1) {
DB_query("UPDATE {$_TABLES['ff_topic']} SET lastupdated='" . DB_escapeString($date) . "' WHERE id=" . (int) $topicPID);
//Remove any lastviewed records in the log so that the new updated topic indicator will appear
DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topicPID . " and time > 0");
}
if (DB_Count($_TABLES['ff_attachments'], 'topic_id', (int) $editid)) {
DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=1 WHERE id=" . (int) $topicPID);
}
$topicparent = $topicPID;
}
}
COM_updateSpeedLimit('forum');
PLG_itemSaved($savedPostID, 'forum');
CACHE_remove_instance('forumcb');
if (!COM_isAnonUser()) {
//NOTIFY - Checkbox variable in form set to "on" when checked and they don't already have subscribed to forum or topic
$nid = -$topicPID;
$currentForumNotifyRecID = (int) DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category='" . DB_escapeString($forum) . "' AND id=0 AND uid=" . (int) $uid);
$currentTopicNotifyRecID = (int) DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category='" . DB_escapeString($forum) . "' AND id='" . DB_escapeString($topicPID) . "' AND uid=" . (int) $uid);
$currentTopicUnNotifyRecID = (int) DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category='" . DB_escapeString($forum) . "' AND id='" . DB_escapeString($nid) . "' AND uid=" . (int) $uid);
$forum_name = DB_getItem($_TABLES['ff_forums'], 'forum_name', 'forum_id=' . (int) $forum);
$topic_name = $subject;
if ($notify == 'on' and ($currentForumNotifyRecID < 1 and $currentTopicNotifyRecID < 1)) {
$sql = "INSERT INTO {$_TABLES['subscriptions']} (type,category,category_desc,id,id_desc,uid,date_added) ";
$sql .= "VALUES ('forum','" . DB_escapeString($forum) . "','" . DB_escapeString($forum_name) . "','" . DB_escapeString($topicPID) . "','" . $subject . "'," . (int) $uid . ",now() )";
DB_query($sql);
} elseif ($notify == 'on' and $currentTopicUnNotifyRecID > 1) {
// Had un-subcribed to topic and now wants to subscribe
DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE sub_id=" . (int) $currentTopicUnNotifyRecID);
} elseif ($notify == '' and $currentTopicNotifyRecID > 1) {
// Subscribed to topic - but does not want to be notified anymore
DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $uid . " AND category='" . DB_escapeString($forum) . "' and id = '" . DB_escapeString($topicPID) . "'");
} elseif ($notify == '' and $currentForumNotifyRecID > 1) {
// Subscribed to forum - but does not want to be notified about this topic
DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $uid . " AND category='" . DB_escapeString($forum) . "' and id = '" . DB_escapeString($topicPID) . "'");
DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $uid . " AND category='" . DB_escapeString($forum) . "' and id = '" . DB_escapeString($nid) . "'");
DB_query("INSERT INTO {$_TABLES['subscriptions']} (type,category,category_desc,id,id_desc,uid,date_added) VALUES ('forum','" . DB_escapeString($forum) . "','" . DB_escapeString($forum_name) . "','" . DB_escapeString($nid) . "','" . $subject . "'," . (int) $uid . ",now() )");
}
}
if ($action != 'saveedit') {
_ff_chknotifications($forum, $savedPostID, $uid);
}
$link = $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $topicPID . '&topic=' . $savedPostID . '#' . $savedPostID;
if ($uploadErrors != '') {
$autorefresh = false;
} else {
$autorefresh = true;
}
$retval .= FF_statusMessage($uploadErrors . $LANG_GF02['msg19'], $link, $LANG_GF02['msg19'], false, '', $autorefresh);
} else {
$retval .= _ff_alertMessage($LANG_GF02['msg18']);
}
return array(true, $retval);
}
} else {
DB_query("UPDATE {$_TABLES['ff_forums']} SET last_post_rec = 0 WHERE forum_id={$id}");
}
// Update the forum definition record to know the number of topics
$postCount = DB_Count($_TABLES['ff_topic'], 'forum', $id);
// Update the forum definition record to know the number of posts
if ($postCount == NULL || $postCount == '') {
$postCount = 0;
}
DB_query("UPDATE {$_TABLES['ff_forums']} SET post_count = '{$postCount}' WHERE forum_id={$id}");
$topicsQuery = DB_query("SELECT id FROM {$_TABLES['ff_topic']} WHERE forum={$id} and pid=0");
while ($trecord = DB_fetchArray($topicsQuery)) {
// Retrieve the oldest post records for this topic and update the lastupdated time in the parent topic record
$lsql = DB_query("SELECT MAX(id)as maxid FROM {$_TABLES['ff_topic']} WHERE pid={$trecord['id']}");
$lastrec = DB_fetchArray($lsql);
if ($lastrec['maxid'] != NULL) {
$postCount = DB_count($_TABLES['ff_topic'], 'forum', $id);
$latest = DB_getITEM($_TABLES['ff_topic'], 'date', "id={$lastrec['maxid']}");
DB_query("UPDATE {$_TABLES['ff_topic']} SET lastupdated = '{$latest}' where id='{$trecord['id']}'");
} else {
$latest = DB_getITEM($_TABLES['ff_topic'], 'date', "id={$trecord['id']}");
DB_query("UPDATE {$_TABLES['ff_topic']} SET lastupdated = '{$latest}' WHERE id='{$trecord['id']}'");
}
// Recalculate and Update the number of replies
$numreplies = DB_Count($_TABLES['ff_topic'], "pid", $trecord['id']);
DB_query("UPDATE {$_TABLES['ff_topic']} SET replies = '{$numreplies}' WHERE id='{$trecord['id']}'");
}
}
$display .= COM_endBlock();
$display .= FF_siteFooter();
echo $display;
function migrateComments($forum, $sid, $parent)
{
global $verbose, $_TABLES, $_CONF, $migratedcomments;
$sql = DB_query("SELECT sid,date,uid,title,comment from {$_TABLES['comments']} WHERE sid = '" . $sid . "' ORDER BY date ASC");
$num_comments = DB_numROWS($sql);
if ($verbose) {
echo "Found {$num_comments} Comments to migrate for this topic";
}
$i = 0;
while (list($sid, $commentdate, $uid, $subject, $comment) = DB_fetchARRAY($sql)) {
$sqlid = DB_query("SELECT id from {$_TABLES['gf_topic']} ORDER BY id desc LIMIT 1");
list($lastid) = DB_fetchARRAY($sqlid);
$comment = prepareStringForDB($comment);
$subject = prepareStringForDB($subject);
$postmode = "HTML";
$name = DB_getITEM($_TABLES['users'], 'username', "uid={$uid}");
$email = DB_getITEM($_TABLES['users'], 'email', "uid={$uid}");
$website = DB_getITEM($_TABLES['users'], 'homepage', "uid={$uid}");
$datetime = explode(" ", $commentdate);
$date = explode("-", $datetime[0]);
$time = explode(":", $datetime[1]);
$year = $date[0] > 1969 ? $date[0] : "2001";
$month = $date[1];
$day = $date[2];
$hour = $time[0];
$min = $time[1];
$timestamp = mktime($hour, $min, 0, $month, $day, $year);
$lastupdated = $timestamp;
$migratedcomments++;
DB_query("INSERT INTO {$_TABLES['gf_topic']} (forum,name,date,lastupdated, email, website, subject, comment, postmode, ip, mood, uid, pid, sticky, locked)\r\n VALUES ('{$forum}','{$name}','{$timestamp}','{$lastupdated}','{$email}','{$website}','{$subject}','{$comment}','{$postmode}','','','{$uid}','{$parent}','0','0')");
$i++;
}
DB_query("UPDATE {$_TABLES['gf_topic']} SET replies = {$num_comments} WHERE id={$parent}");
return $num_comments;
}
$chk_move = "checked=\"checked\"";
} else {
$chk_move = "";
}
if ($M['mod_stick'] == "1") {
$chk_stick = "checked=\"checked\"";
} else {
$chk_stick = "";
}
$moderators->set_var('id', $M['mod_id']);
if (isset($_POST['filtermode']) && $_POST['filtermode'] == 'group') {
$moderators->set_var('name', DB_getItem($_TABLES['groups'], 'grp_name', "grp_id='{$M['mod_groupid']}'"));
} else {
$moderators->set_var('name', $M['mod_username']);
}
$moderators->set_var('forum', DB_getITEM($_TABLES['ff_forums'], "forum_name", "forum_id={$M['mod_forum']}"));
$moderators->set_var('delete_yes', $chk_delete);
$moderators->set_var('ban_yes', $chk_ban);
$moderators->set_var('edit_yes', $chk_edit);
$moderators->set_var('move_yes', $chk_move);
$moderators->set_var('stick_yes', $chk_stick);
$moderators->set_var('cssid', $i % 2 + 1);
$moderators->parse('moderator_records', 'mod_record', true);
$i++;
}
$moderators->parse('output', 'moderators');
$display .= $moderators->finish($moderators->get_var('output'));
}
}
$display .= COM_endBlock();
$display .= FF_adminfooter();
