<td class="forum_head" align="left" valign="middle">' . (empty($arr_post['post_history']) ? '' . $lang['fe_first_post'] . '' : '' . $lang['fe_post_edited'] . '') . ' By: ' . print_user_stuff($CURUSER) . ' On: ' . date('l jS \\of F Y h:i:s A', TIME_NOW) . ' GMT ' . ($post_title !== '' ? ' ' . $lang['fe_title'] . ': <span style="font-weight: bold;">' . $post_title . '</span>' : '') . ($icon !== '' ? ' <img src="' . $INSTALLER09['pic_base_url'] . 'smilies/' . $icon . '.gif" alt="' . $icon . '" title="' . $icon . '" />' : '') . '</td>
<tr>
<td class="two" align="left" valign="top" width="120px">' . (empty($arr_post['post_history']) ? ($can_edit ? '<span style="white-space:nowrap;">Desc: ' . ($arr_post['topic_desc'] !== '' ? 'yes' : 'none') . '</span><br />' : '') . '<span style="white-space:nowrap;">' . $lang['fe_title'] . ': ' . ($arr_post['post_title'] !== '' ? 'yes' : 'none') . '</span><br /><span style="white-space:nowrap;">' . $lang['fe_icon'] . ': ' . ($arr_post['icon'] !== '' ? 'yes' : 'none') . '</span><br /><span style="white-space:nowrap;">' . $lang['ep_bb_code'] . ': ' . ($arr_post['bbcode'] !== 'yes' ? 'off' : 'on') . '</span><br />' : ($can_edit ? '<span style="white-space:nowrap;">Topic Name: ' . (isset($_POST['topic_name']) && $_POST['topic_name'] !== $arr_post['topic_name'] ? $changed : $not_changed) . '</span><br /><span style="white-space:nowrap;">Desc: ' . (isset($_POST['topic_desc']) && $_POST['topic_desc'] !== $arr_post['topic_desc'] ? $changed : $not_changed) . '</span><br />' : '') . '<span style="white-space:nowrap;">' . $lang['fe_title'] . ': ' . (isset($_POST['post_title']) && $_POST['post_title'] !== $arr_post['post_title'] ? $changed : $not_changed) . '</span><br /><span style="white-space:nowrap;">' . $lang['fe_icon'] . ': ' . (isset($_POST['icon']) && $_POST['icon'] !== $arr_post['icon'] ? $changed : $not_changed) . '</span><br /><span style="white-space:nowrap;">' . $lang['ep_bb_code'] . ': ' . (isset($_POST['show_bbcode']) && $_POST['show_bbcode'] !== $arr_post['bbcode'] ? $changed : $not_changed) . '</span><br /><span style="white-space:nowrap;">' . $lang['fe_body'] . ': ' . (isset($_POST['body']) && $_POST['body'] !== $arr_post['body'] ? $changed : $not_changed) . '</span><br />') . '
</td>
<td class="one" align="left" valign="top">' . ($arr_post['bbcode'] == 'yes' ? format_comment($arr_post['body']) : format_comment_no_bbcode($arr_post['body'])) . '</td>
</tr>
</table><br />' . $arr_post['post_history'];
//=== let the sysop have the power to not show they edited their own post if they wish...
if ($show_edited_by == 'no' && $CURUSER['class'] == UC_MAX) {
$edit_reason = htmlsafechars($arr_post['edit_reason']);
$edited_by = htmlsafechars($arr_post['edited_by']);
$edit_date = (int) $arr_post['edit_date'];
$post_history = htmlsafechars($arr_post['post_history']);
}
sql_query('UPDATE posts SET body = ' . sqlesc($body) . ', icon = ' . sqlesc($icon) . ', post_title = ' . sqlesc($post_title) . ', bbcode = ' . sqlesc($show_bbcode) . ', edit_reason = ' . sqlesc($edit_reason) . ', edited_by = ' . sqlesc($edited_by) . ', edit_date = ' . sqlesc($edit_date) . ', post_history = ' . sqlesc($post_history) . ' WHERE id = ' . sqlesc($post_id));
clr_forums_cache($post_id);
$mc1->delete_value('forum_posts_' . $CURUSER['id']);
//=== update topic stuff
if ($can_edit) {
sql_query('UPDATE topics SET topic_name = ' . sqlesc($topic_name) . ', topic_desc = ' . sqlesc($topic_desc) . ' WHERE id = ' . sqlesc($topic_id));
}
//=== stuff for file uploads
if ($CURUSER['class'] >= $min_upload_class) {
while (list($key, $name) = each($_FILES['attachment']['name'])) {
if (!empty($name)) {
$size = intval($_FILES['attachment']['size'][$key]);
$type = $_FILES['attachment']['type'][$key];
//=== make sure file is kosher
$accepted_file_types = array('application/zip', 'application/x-zip', 'application/rar', 'application/x-rar');
$extension_error = $size_error = 0;
//=== allowed file types (2 checks) but still can't really trust it
$quoted_member = $arr_quote['username'] == '' ? '' . $lang['pr_lost_member'] . '' : htmlsafechars($arr_quote['username']);
}
//==
$body = '[quote=' . $quoted_member . ($quote > 0 ? ' | post=' . $quote : '') . ($key > 0 ? ' | key=' . $key : '') . ']' . htmlsafechars($arr_quote['body']) . '[/quote]';
if ($arr_quote['staff_lock'] != 0) {
stderr($lang['gl_error'], '' . $lang['pr_this_post_is_staff_locked_nomod_nodel'] . '');
}
}
if (isset($_POST['button']) && $_POST['button'] == 'Post') {
//=== make sure they are posting something
if ($body === '') {
stderr($lang['gl_error'], $lang['fe_no_body_txt']);
}
$ip = $CURUSER['ip'] == '' ? htmlsafechars($_SERVER['REMOTE_ADDR']) : $CURUSER['ip'];
sql_query('INSERT INTO `posts` (`topic_id`, `user_id`, `added`, `body`, `icon`, `post_title`, `bbcode`, `ip` , `anonymous`) VALUES (' . sqlesc($topic_id) . ', ' . sqlesc($CURUSER['id']) . ', ' . TIME_NOW . ', ' . sqlesc($body) . ', ' . sqlesc($icon) . ', ' . sqlesc($post_title) . ', ' . sqlesc($bb_code) . ', ' . sqlesc($ip) . ', ' . sqlesc($anonymous) . ')');
clr_forums_cache($arr['real_forum_id']);
$mc1->delete_value('forum_posts_' . $CURUSER['id']);
$post_id = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res;
sql_query('UPDATE topics SET last_post=' . sqlesc($post_id) . ', post_count = post_count + 1 WHERE id=' . sqlesc($topic_id));
sql_query('UPDATE `forums` SET post_count = post_count +1 WHERE id =' . sqlesc($arr['real_forum_id']));
sql_query("UPDATE usersachiev SET forumposts=forumposts+1 WHERE id=" . sqlesc($CURUSER['id'])) or sqlerr(__FILE__, __LINE__);
if ($INSTALLER09['autoshout_on'] == 1) {
$message = $CURUSER['username'] . " " . $lang['pr_replied_to_topic'] . " [url={$INSTALLER09['baseurl']}/forums.php?action=view_topic&topic_id={$topic_id}&page=last]{$topic_name}[/url]";
if (!in_array($arr['real_forum_id'], $INSTALLER09['staff_forums'])) {
autoshout($message);
$mc1->delete_value('shoutbox_');
}
}
if ($INSTALLER09['seedbonus_on'] == 1) {
sql_query("UPDATE users SET seedbonus = seedbonus+" . sqlesc($INSTALLER09['bonus_per_post']) . " WHERE id = " . sqlesc($CURUSER['id']) . "") or sqlerr(__FILE__, __LINE__);
$update['seedbonus'] = $CURUSER['seedbonus'] + $INSTALLER09['bonus_per_post'];
//=== get post count of topic
$res_count = sql_query('SELECT post_count, forum_id, poll_id FROM topics WHERE id = ' . sqlesc($topic_id));
$arr_count = mysqli_fetch_assoc($res_count);
//=== delete all the stuff
sql_query('DELETE FROM subscriptions WHERE topic_id = ' . sqlesc($topic_id));
sql_query('DELETE FROM forum_poll WHERE id = ' . sqlesc($arr_count['poll_id']));
sql_query('DELETE FROM forum_poll_votes WHERE poll_id = ' . sqlesc($arr_count['poll_id']));
sql_query('DELETE FROM topics WHERE id = ' . sqlesc($topic_id));
sql_query('DELETE FROM posts WHERE topic_id = ' . sqlesc($topic_id));
clr_forums_cache($topic_id);
//=== should I delete attachments? or let the members have a management page? or do it in cleanup?
sql_query('UPDATE forums SET post_count = post_count - ' . sqlesc($arr_count['post_count']) . ', topic_count = topic_count - 1 WHERE id = ' . sqlesc($arr_count['forum_id']));
header('Location: forums.php');
die;
}
break;
//=== un_delete_topic
//=== un_delete_topic
case 'un_delete_topic':
sql_query('UPDATE topics SET status = \'ok\' WHERE id = ' . sqlesc($topic_id));
//=== get post count of topic
$res_count = sql_query('SELECT post_count FROM topics WHERE id = ' . sqlesc($topic_id));
$arr_count = mysqli_fetch_row($res_count);
//=== should I delete attachments? or let the members have a management page? or do it in cleanup?
sql_query('UPDATE forums SET post_count = post_count + ' . sqlesc($arr_count[0]) . ', topic_count = topic_count + 1 WHERE id = ' . sqlesc($arr_count['forum_id']));
clr_forums_cache($topic_id);
header('Location: forums.php?action=view_topic&topic_id=' . $topic_id);
die;
break;
}
//=== ends switch
