include INCLUDES . "rewrites/" . $rewrite_name . "_rewrite_info.php";
}
$rewrite_query = dbquery("SELECT rewrite_id FROM " . DB_PERMALINK_REWRITE . " WHERE rewrite_name='" . $rewrite_name . "' LIMIT 1");
if (dbrows($rewrite_query) > 0) {
$rewrite_id = dbarray(dbquery("SELECT rewrite_id FROM " . DB_PERMALINK_REWRITE . " WHERE rewrite_name='" . $rewrite_name . "' LIMIT 1"));
$result = dbquery("DELETE FROM " . DB_PERMALINK_REWRITE . " WHERE rewrite_id=" . $rewrite_id['rewrite_id']);
$result = dbquery("DELETE FROM " . DB_PERMALINK_METHOD . " WHERE pattern_type=" . $rewrite_id['rewrite_id']);
}
/**
* Reinsert Data (Copied from Enable)
*/
$result = dbquery("INSERT INTO " . DB_PERMALINK_REWRITE . " (rewrite_name) VALUES ('" . $rewrite_name . "')");
if (!$result) {
$error = 1;
}
$last_insert_id = dblastid();
if (isset($pattern) && is_array($pattern)) {
foreach ($pattern as $source => $target) {
$result = dbquery("INSERT INTO " . DB_PERMALINK_METHOD . " (pattern_type, pattern_source, pattern_target, pattern_cat) VALUES ('" . $last_insert_id . "', '" . $source . "', '" . $target . "', 'normal')");
if (!$result) {
$error = 1;
}
}
}
if (isset($alias_pattern) && is_array($alias_pattern)) {
foreach ($alias_pattern as $source => $target) {
$result = dbquery("INSERT INTO " . DB_PERMALINK_METHOD . " (pattern_type, pattern_source, pattern_target, pattern_cat) VALUES ('" . $last_insert_id . "', '" . $source . "', '" . $target . "', 'alias')");
if (!$result) {
$error = 1;
}
}
/**
* @param $comment_type - abbr or short ID
* @param $comment_db - Current Application DB - DB_BLOG for example.
* @param $comment_col - current sql primary key column - 'blog_id' for example
* @param $comment_item_id - current sql primary key value '$_GET['blog_id']' for example
* @param $clink - current page link 'FUSION_SELF' is ok.
*/
function showcomments($comment_type, $comment_db, $comment_col, $comment_item_id, $clink)
{
global $settings, $locale, $userdata, $aidlink;
$link = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "");
$link = preg_replace("^(&|\\?)c_action=(edit|delete)&comment_id=\\d*^", "", $link);
$_GET['comment'] = isset($_GET['comment']) && isnum($_GET['comment']) ? $_GET['comment'] : 0;
$cpp = $settings['comments_per_page'];
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
$result = dbquery("DELETE FROM " . DB_COMMENTS . "\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "'"));
}
redirect($clink . ($settings['comments_sorting'] == "ASC" ? "" : "&c_start=0"));
}
if ($settings['comments_enabled'] == "1") {
if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
if (!iMEMBER && $settings['guestpost'] == 1) {
if (!isset($_POST['comment_name'])) {
redirect($link);
}
if (isnum($_POST['comment_name'])) {
$_POST['comment_name'] = '';
}
$_CAPTCHA_IS_VALID = FALSE;
include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_check.php";
if (!isset($_POST['captcha_code']) || $_CAPTCHA_IS_VALID == FALSE) {
redirect($link);
}
}
$comment_data = array('comment_id' => isset($_GET['comment_id']) && isnum($_GET['comment_id']) ? $_GET['comment_id'] : 0, 'comment_name' => iMEMBER ? $userdata['user_id'] : form_sanitizer($_POST['comment_name'], '', 'comment_name'), 'comment_message' => form_sanitizer($_POST['comment_message'], '', 'comment_message'), 'comment_datestamp' => time(), 'comment_item_id' => $comment_item_id, 'comment_type' => $comment_type, 'comment_cat' => 0, 'comment_ip' => USER_IP, 'comment_ip_type' => USER_IP_TYPE, 'comment_hidden' => 0);
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && $comment_data['comment_id']) {
$comment_updated = FALSE;
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $comment_data['comment_id'] . "' \n\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tAND comment_type='" . $comment_type . "' \n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "' \n\t\t\t\tAND comment_hidden='0'")) {
dbquery_insert(DB_COMMENTS, $comment_data, 'update');
if ($comment_data['comment_message']) {
$result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message='" . $comment_data['comment_message'] . "'\n \t\t\t\t\t\t\t\t\t WHERE comment_id='" . $_GET['comment_id'] . "' " . (iADMIN ? "" : "AND comment_name='" . $userdata['user_id'] . "'"));
if ($result) {
$comment_updated = TRUE;
}
}
}
if ($comment_updated) {
if ($settings['comments_sorting'] == "ASC") {
$c_operator = "<=";
} else {
$c_operator = ">=";
}
$c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_id" . $c_operator . "'" . $comment_data['comment_id'] . "'\n\t\t\t\t\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\n\t\t\t\t\t\t\t\tAND comment_type='" . $comment_type . "'");
$c_start = (ceil($c_count / $cpp) - 1) * $cpp;
}
redirect($clink . "&c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
} else {
if (!dbcount("(" . $comment_col . ")", $comment_db, $comment_col . "='" . $comment_item_id . "'")) {
redirect(BASEDIR . "index.php");
}
$id = 0;
if ($comment_data['comment_name'] && $comment_data['comment_message']) {
require_once INCLUDES . "flood_include.php";
if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
dbquery_insert(DB_COMMENTS, $comment_data, 'save');
$id = dblastid();
}
}
if ($settings['comments_sorting'] == "ASC") {
$c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "'");
$c_start = (ceil($c_count / $cpp) - 1) * $cpp;
} else {
$c_start = 0;
}
//if (!$settings['site_seo']) {
redirect($clink . "&c_start=" . $c_start . "#c" . $id);
//}
}
}
$c_arr = array("c_con" => array(), "c_info" => array("c_makepagenav" => FALSE, "admin_link" => FALSE));
$c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'");
if (!isset($_GET['c_start']) && $c_rows > $cpp) {
$_GET['c_start'] = (ceil($c_rows / $cpp) - 1) * $cpp;
}
if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
$_GET['c_start'] = 0;
}
$result = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcm.comment_datestamp,\n\t\t\t\t\ttcu.user_id, tcu.user_name, tcu.user_avatar, tcu.user_status\n\t\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\t\tWHERE comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'\n\t\t\t\t\tORDER BY comment_datestamp " . $settings['comments_sorting'] . " LIMIT " . $_GET['c_start'] . "," . $cpp);
if (dbrows($result) > 0) {
$i = $settings['comments_sorting'] == "ASC" ? $_GET['c_start'] + 1 : $c_rows - $_GET['c_start'];
if ($c_rows > $cpp) {
$c_arr['c_info']['c_makepagenav'] = makepagenav($_GET['c_start'], $cpp, $c_rows, 3, $clink . "&", "c_start");
}
while ($data = dbarray($result)) {
$c_arr['c_con'][$i]['comment_id'] = $data['comment_id'];
$c_arr['c_con'][$i]['edit_dell'] = FALSE;
$c_arr['c_con'][$i]['i'] = $i;
if ($data['user_name']) {
$c_arr['c_con'][$i]['comment_name'] = profile_link($data['comment_name'], $data['user_name'], $data['user_status'], 'strong text-dark');
} else {
$c_arr['c_con'][$i]['comment_name'] = $data['comment_name'];
}
$c_arr['c_con'][$i]['user_avatar'] = display_avatar($data, '35px', '', true, 'img-rounded');
$c_arr['c_con'][$i]['user'] = array('user_id' => $data['user_id'], 'user_name' => $data['user_name'], 'user_avatar' => $avatar = $data['user_avatar'] !== '' && file_exists(IMAGES . 'avatars/' . $data['user_avatar']) ? IMAGES . 'avatars/' . $data['user_avatar'] : IMAGES . "avatars/noavatar50.png", 'user_status' => $data['user_status']);
$c_arr['c_con'][$i]['comment_datestamp'] = showdate('shortdate', $data['comment_datestamp']);
$c_arr['c_con'][$i]['comment_time'] = timer($data['comment_datestamp']);
$c_arr['c_con'][$i]['comment_message'] = "<!--comment_message-->\n" . nl2br(parseubb(parsesmileys($data['comment_message'])));
if (iADMIN && checkrights("C") || iMEMBER && $data['comment_name'] == $userdata['user_id'] && isset($data['user_name'])) {
$edit_link = clean_request('c_action=edit&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false) . "#edit_comment";
$delete_link = clean_request('c_action=delete&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false);
$c_arr['c_con'][$i]['edit_link'] = array('link' => $edit_link, 'name' => $locale['c108']);
$c_arr['c_con'][$i]['delete_link'] = array('link' => $delete_link, 'name' => $locale['c109']);
$c_arr['c_con'][$i]['edit_dell'] = "<!--comment_actions-->\n";
$c_arr['c_con'][$i]['edit_dell'] .= "<div class='btn-group'>";
$c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $edit_link . "'>";
$c_arr['c_con'][$i]['edit_dell'] .= $locale['c108'] . "</a>\n";
$c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $delete_link . "' onclick=\"return confirm('" . $locale['c110'] . "');\">";
$c_arr['c_con'][$i]['edit_dell'] .= "<i class='fa fa-trash'></i> " . $locale['c109'] . "</a>";
$c_arr['c_con'][$i]['edit_dell'] .= "</div>\n";
}
$settings['comments_sorting'] == "ASC" ? $i++ : $i--;
}
if (iADMIN && checkrights("C")) {
$c_arr['c_info']['admin_link'] = "<!--comment_admin-->\n";
$c_arr['c_info']['admin_link'] .= "<a href='" . ADMIN . "comments.php" . $aidlink . "&ctype=" . $comment_type . "&comment_item_id=" . $comment_item_id . "'>" . $locale['c106'] . "</a>";
}
}
opentable($locale['c102']);
$comment_message = "";
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
$eresult = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcu.user_name\n\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "' AND comment_item_id='" . $comment_item_id . "'\n\t\t\t\tAND comment_type='" . $comment_type . "' AND comment_hidden='0'");
if (dbrows($eresult) > 0) {
$edata = dbarray($eresult);
if (iADMIN && checkrights("C") || iMEMBER && $edata['comment_name'] == $userdata['user_id'] && isset($edata['user_name'])) {
$clink .= "&c_action=edit&comment_id=" . $edata['comment_id'];
$comment_message = $edata['comment_message'];
}
} else {
$comment_message = "";
}
}
if (iMEMBER || $settings['guestposts'] == "1") {
require_once INCLUDES . "bbcode_include.php";
echo "<a id='edit_comment' name='edit_comment'></a>\n";
echo openform('inputform', 'post', $clink, array('class' => 'm-b-20', 'max_tokens' => 1));
if (iGUEST) {
echo form_text('comment_name', $locale['c104'], '', array('max_length' => 30));
}
echo form_textarea('comment_message', '', $comment_message, array('required' => 1, 'autosize' => 1, 'form_name' => 'inputform', 'bbcode' => 1));
if (iGUEST && (!isset($_CAPTCHA_HIDE_INPUT) || isset($_CAPTCHA_HIDE_INPUT) && !$_CAPTCHA_HIDE_INPUT)) {
$_CAPTCHA_HIDE_INPUT = FALSE;
echo "<div style='width:360px; margin:10px auto;'>";
echo $locale['global_150'] . "<br />\n";
include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_display.php";
if (!$_CAPTCHA_HIDE_INPUT) {
echo "<br />\n<label for='captcha_code'>" . $locale['global_151'] . "</label>";
echo "<br />\n<input type='text' id='captcha_code' name='captcha_code' class='textbox' autocomplete='off' style='width:100px' />\n";
}
echo "</div>\n";
}
echo form_button('post_comment', $comment_message ? $locale['c103'] : $locale['c102'], $comment_message ? $locale['c103'] : $locale['c102'], array('class' => 'btn-success m-t-10'));
echo closeform();
} else {
echo "<div class='well'>\n";
echo $locale['c105'] . "\n";
echo "</div>\n";
}
closetable();
echo "<a id='comments' name='comments'></a>";
render_comments($c_arr['c_con'], $c_arr['c_info']);
}
}
public function render_poll_form($edit = 0)
{
global $locale, $defender;
$poll_field = '';
// Build Polls Info.
$thread_data = $this->thread_info['thread'];
if ($edit ? $this->getThreadPermission("can_edit_poll") : $this->getThreadPermission("can_create_poll")) {
// if permitted to create new poll.
$data = array('thread_id' => $thread_data['thread_id'], 'forum_poll_title' => isset($_POST['forum_poll_title']) ? form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title') : '', 'forum_poll_start' => time(), 'forum_poll_length' => 2, 'forum_poll_votes' => 0);
// counter of lengths
$option_data[1] = "";
$option_data[2] = "";
// calculate poll lengths
if (isset($_POST['poll_options'])) {
// callback on post.
foreach ($_POST['poll_options'] as $i => $value) {
$option_data[$i] = form_sanitizer($value, '', "poll_options[{$i}]");
}
// reindex the whole array with blank values.
if ($defender->safe()) {
$option_data = array_values(array_filter($option_data));
array_unshift($option_data, NULL);
unset($option_data[0]);
$data['forum_poll_length'] = count($option_data);
}
}
// add a Blank Poll option
if (isset($_POST['add_poll_option']) && $defender->safe()) {
array_push($option_data, '');
}
if ($edit) {
$result = dbquery("SELECT * FROM " . DB_FORUM_POLLS . " WHERE thread_id='" . $thread_data['thread_id'] . "'");
if (dbrows($result) > 0) {
if (isset($_POST['update_poll']) || isset($_POST['add_poll_option'])) {
$load = FALSE;
$data += dbarray($result);
// append if not available.
} else {
$load = TRUE;
$data = dbarray($result);
// call
}
if (isset($_POST['update_poll'])) {
$data = array('thread_id' => $thread_data['thread_id'], 'forum_poll_title' => form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title'), 'forum_poll_start' => $data['forum_poll_start'], 'forum_poll_length' => $data['forum_poll_length']);
dbquery_insert(DB_FORUM_POLLS, $data, 'update', array('primary_key' => 'thread_id', 'no_unique' => TRUE));
$i = 1;
// populate data for matches
$poll_result = dbquery("SELECT forum_poll_option_id FROM " . DB_FORUM_POLL_OPTIONS . " WHERE thread_id='" . $thread_data['thread_id'] . "'");
while ($_data = dbarray($poll_result)) {
$_poll[$_data['forum_poll_option_id']] = $_data;
// Prune the emptied fields AND field is not required.
if (empty($option_data[$_data['forum_poll_option_id']]) && $defender->safe()) {
dbquery("DELETE FROM " . DB_FORUM_POLL_OPTIONS . " WHERE thread_id='" . $thread_data['thread_id'] . "' AND forum_poll_option_id='" . $_data['forum_poll_option_id'] . "'");
}
}
foreach ($option_data as $option_text) {
if ($option_text) {
if ($defender->safe()) {
if (isset($_poll[$i])) {
// has record
dbquery("UPDATE " . DB_FORUM_POLL_OPTIONS . " SET forum_poll_option_text='" . $option_text . "' WHERE thread_id='" . $thread_data['thread_id'] . "' AND forum_poll_option_id='" . $i . "'");
} else {
// no record - create
$array = array('thread_id' => $thread_data['thread_id'], 'forum_poll_option_id' => $i, 'forum_poll_option_text' => $option_text, 'forum_poll_option_votes' => 0);
dbquery_insert(DB_FORUM_POLL_OPTIONS, $array, 'save');
}
}
$i++;
}
}
if ($defender->safe()) {
redirect(INFUSIONS . "forum/postify.php?post=editpoll&error=0&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id']);
}
}
// how to make sure values containing options votes
$poll_field['openform'] = openform('pollform', 'post', INFUSIONS . 'forum/viewthread.php?action=editpoll&forum_id=' . $_GET['forum_id'] . '&thread_id=' . $_GET['thread_id']);
$poll_field['openform'] .= "<div class='text-info m-b-20 m-t-10'>" . $locale['forum_0613'] . "</div>\n";
$poll_field['poll_field'] = form_text('forum_poll_title', $locale['forum_0604'], $data['forum_poll_title'], array('max_length' => 255, 'placeholder' => $locale['forum_0604a'], 'inline' => TRUE, 'required' => TRUE));
if ($load == FALSE) {
for ($i = 1; $i <= count($option_data); $i++) {
$poll_field['poll_field'] .= form_text("poll_options[{$i}]", sprintf($locale['forum_0606'], $i), $option_data[$i], array('max_length' => 255, 'placeholder' => $locale['forum_0605'], 'inline' => 1, 'required' => $i <= 2 ? TRUE : FALSE));
}
} else {
$result = dbquery("SELECT forum_poll_option_text, forum_poll_option_votes FROM " . DB_FORUM_POLL_OPTIONS . " WHERE thread_id='" . $_GET['thread_id'] . "' ORDER BY forum_poll_option_id ASC");
$i = 1;
while ($_pdata = dbarray($result)) {
$poll_field['poll_field'] .= form_text("poll_options[{$i}]", $locale['forum_0605'] . ' ' . $i, $_pdata['forum_poll_option_text'], array('max_length' => 255, 'placeholder' => 'Poll Options', 'inline' => 1, 'required' => $i <= 2 or $_pdata['forum_poll_option_votes'] ? TRUE : FALSE));
$i++;
}
}
$poll_field['poll_field'] .= "<div class='col-xs-12 col-sm-offset-3'>\n";
$poll_field['poll_field'] .= form_button('add_poll_option', $locale['forum_0608'], $locale['forum_0608'], array('class' => 'btn-primary btn-sm'));
$poll_field['poll_field'] .= "</div>\n";
$poll_field['poll_button'] = form_button('update_poll', $locale['forum_2013'], $locale['forum_2013'], array('class' => 'btn-default'));
$poll_field['closeform'] = closeform();
} else {
redirect(INFUSIONS . 'forum/index.php');
// redirect because the poll id is not available.
}
} else {
// Save New Poll
if (isset($_POST['add_poll'])) {
dbquery_insert(DB_FORUM_POLLS, $data, 'save');
$data['forum_poll_id'] = dblastid();
$i = 1;
foreach ($option_data as $option_text) {
if ($option_text) {
$data['forum_poll_option_id'] = $i;
$data['forum_poll_option_text'] = $option_text;
$data['forum_poll_option_votes'] = 0;
dbquery_insert(DB_FORUM_POLL_OPTIONS, $data, 'save');
$i++;
}
}
if ($defender->safe()) {
dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_poll='1' WHERE thread_id='" . $thread_data['thread_id'] . "'");
redirect(INFUSIONS . "forum/postify.php?post=newpoll&error=0&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id']);
}
}
// blank poll - no poll on edit or new thread
$poll_field['openform'] = openform('pollform', 'post', INFUSIONS . 'forum/viewthread.php?action=newpoll&forum_id=' . $_GET['forum_id'] . '&thread_id=' . $_GET['thread_id'], array('max_tokens' => 1));
$poll_field['poll_field'] = form_text('forum_poll_title', $locale['forum_0604'], $data['forum_poll_title'], array('max_length' => 255, 'placeholder' => $locale['forum_0604a'], 'inline' => TRUE, 'required' => TRUE));
for ($i = 1; $i <= count($option_data); $i++) {
$poll_field['poll_field'] .= form_text("poll_options[{$i}]", sprintf($locale['forum_0606'], $i), $option_data[$i], array('max_length' => 255, 'placeholder' => $locale['forum_0605'], 'inline' => 1, 'required' => $i <= 2 ? TRUE : FALSE));
}
$poll_field['poll_field'] .= "<div class='col-xs-12 col-sm-offset-3'>\n";
$poll_field['poll_field'] .= form_button('add_poll_option', $locale['forum_0608'], $locale['forum_0608'], array('class' => 'btn-primary btn-sm'));
$poll_field['poll_field'] .= "</div>\n";
$poll_field['poll_button'] = form_button('add_poll', $locale['forum_2011'], $locale['forum_2011'], array('class' => 'btn-success btn-md'));
$poll_field['closeform'] = closeform();
}
$info = array('title' => $locale['forum_0366'], 'description' => $locale['forum_2000'] . $thread_data['thread_subject'], 'field' => $poll_field);
pollform($info);
} else {
redirect(FORUM . "index.php");
}
}
} else {
dbquery("INSERT INTO " . $insertdbrow);
$last_id = dblastid();
}
}
}
if ($inf['mlt_insertdbrow'] && is_array($inf['mlt_insertdbrow'])) {
foreach (fusion_get_enabled_languages() as $current_language => $language_translations) {
if (isset($mlt_insertdbrow[$current_language])) {
$last_id = 0;
foreach ($mlt_insertdbrow[$current_language] as $insertdbrow) {
if (stristr($insertdbrow, "{last_id}") && !empty($last_id)) {
dbquery("INSERT INTO " . str_replace("{last_id}", $last_id, $insertdbrow));
} else {
dbquery("INSERT INTO " . $insertdbrow);
$last_id = dblastid();
}
}
}
}
}
dbquery("INSERT INTO " . DB_INFUSIONS . " (inf_title, inf_folder, inf_version) VALUES ('" . $inf['title'] . "', '" . $inf['folder'] . "', '" . $inf['version'] . "')");
}
}
}
//redirect(FUSION_SELF);
}
if ($folder = filter_input(INPUT_POST, 'defuse')) {
$result = dbquery("SELECT inf_folder FROM " . DB_INFUSIONS . " WHERE inf_folder=:folder", array(':folder' => $folder));
$data = dbarray($result);
$inf = fusion_load_infusion($folder);
/**
* MYSQL update and save forum
*/
private function set_forumDB()
{
global $aidlink;
// Save_permission
if (isset($_POST['save_permission'])) {
$this->data['forum_id'] = form_sanitizer($_POST['forum_id'], '', 'forum_id');
$this->data = self::get_forum($this->data['forum_id']);
if (!empty($this->data)) {
$this->data['forum_access'] = form_sanitizer($_POST['forum_access'], USER_LEVEL_PUBLIC, 'forum_access');
$this->data['forum_post'] = form_sanitizer($_POST['forum_post'], USER_LEVEL_MEMBER, 'forum_post');
$this->data['forum_reply'] = form_sanitizer($_POST['forum_reply'], USER_LEVEL_MEMBER, 'forum_reply');
$this->data['forum_post_ratings'] = form_sanitizer($_POST['forum_post_ratings'], USER_LEVEL_MEMBER, 'forum_post_ratings');
$this->data['forum_poll'] = form_sanitizer($_POST['forum_poll'], USER_LEVEL_MEMBER, 'forum_poll');
$this->data['forum_vote'] = form_sanitizer($_POST['forum_vote'], USER_LEVEL_MEMBER, 'forum_vote');
$this->data['forum_answer_threshold'] = form_sanitizer($_POST['forum_answer_threshold'], 0, 'forum_answer_threshold');
$this->data['forum_attach'] = form_sanitizer($_POST['forum_attach'], USER_LEVEL_MEMBER, 'forum_attach');
$this->data['forum_attach_download'] = form_sanitizer($_POST['forum_attach_download'], USER_LEVEL_PUBLIC, 'forum_attach_download');
$this->data['forum_mods'] = isset($_POST['forum_mods']) ? form_sanitizer($_POST['forum_mods'], '', 'forum_mods') : "";
dbquery_insert(DB_FORUMS, $this->data, 'update');
addnotice('success', self::$locale['forum_notice_10']);
if (\defender::safe()) {
redirect(FUSION_SELF . $aidlink . $this->ext);
}
}
}
if (isset($_POST['save_forum'])) {
$this->data = array('forum_id' => form_sanitizer($_POST['forum_id'], 0, 'forum_id'), 'forum_name' => form_sanitizer($_POST['forum_name'], '', 'forum_name'), 'forum_description' => form_sanitizer($_POST['forum_description'], '', 'forum_description'), 'forum_cat' => form_sanitizer($_POST['forum_cat'], 0, 'forum_cat'), 'forum_type' => form_sanitizer($_POST['forum_type'], '', 'forum_type'), 'forum_language' => form_sanitizer($_POST['forum_language'], '', 'forum_language'), 'forum_alias' => form_sanitizer($_POST['forum_alias'], '', 'forum_alias'), 'forum_meta' => form_sanitizer($_POST['forum_meta'], '', 'forum_meta'), 'forum_rules' => form_sanitizer($_POST['forum_rules'], '', 'forum_rules'), 'forum_image_enable' => isset($_POST['forum_image_enable']) ? 1 : 0, 'forum_merge' => isset($_POST['forum_merge']) ? 1 : 0, 'forum_allow_attach' => isset($_POST['forum_allow_attach']) ? 1 : 0, 'forum_quick_edit' => isset($_POST['forum_quick_edit']) ? 1 : 0, 'forum_allow_poll' => isset($_POST['forum_allow_poll']) ? 1 : 0, 'forum_poll' => USER_LEVEL_MEMBER, 'forum_users' => isset($_POST['forum_users']) ? 1 : 0, 'forum_lock' => isset($_POST['forum_lock']) ? 1 : 0, 'forum_permissions' => isset($_POST['forum_permissions']) ? form_sanitizer($_POST['forum_permissions'], 0, 'forum_permissions') : 0, 'forum_order' => isset($_POST['forum_order']) ? form_sanitizer($_POST['forum_order']) : '', 'forum_branch' => get_hkey(DB_FORUMS, 'forum_id', 'forum_cat', $this->data['forum_cat']), 'forum_image' => '', 'forum_mods' => "");
$this->data['forum_alias'] = $this->data['forum_alias'] ? str_replace(' ', '-', $this->data['forum_alias']) : '';
// Checks for unique forum alias
if ($this->data['forum_alias']) {
if ($this->data['forum_id']) {
$alias_check = dbcount("('alias_id')", DB_PERMALINK_ALIAS, "alias_url='" . $this->data['forum_alias'] . "' AND alias_item_id !='" . $this->data['forum_id'] . "'");
} else {
$alias_check = dbcount("('alias_id')", DB_PERMALINK_ALIAS, "alias_url='" . $this->data['forum_alias'] . "'");
}
if ($alias_check) {
\defender::stop();
addNotice('warning', self::$locale['forum_error_6']);
}
}
// check forum name unique
$this->data['forum_name'] = $this->check_validForumName($this->data['forum_name'], $this->data['forum_id']);
// Uploads or copy forum image or use back the forum image existing
if (!empty($_FILES) && is_uploaded_file($_FILES['forum_image']['tmp_name'])) {
$upload = form_sanitizer($_FILES['forum_image'], '', 'forum_image');
if ($upload['error'] == 0) {
if (!empty($upload['thumb1_name'])) {
$this->data['forum_image'] = $upload['thumb1_name'];
} else {
$this->data['forum_image'] = $upload['image_name'];
}
}
} elseif (isset($_POST['forum_image_url']) && $_POST['forum_image_url'] != "") {
require_once INCLUDES . "photo_functions_include.php";
// if forum_image_header is not empty
$type_opts = array('0' => BASEDIR, '1' => '');
// the url
$this->data['forum_image'] = $type_opts[intval($_POST['forum_image_header'])] . form_sanitizer($_POST['forum_image_url'], '', 'forum_image_url');
$upload = copy_file($this->data['forum_image'], FORUM . "images/");
if ($upload['error'] == TRUE) {
\defender::stop();
addNotice('danger', self::$locale['forum_error_9']);
} else {
$this->data['forum_image'] = $upload['name'];
}
} else {
$this->data['forum_image'] = isset($_POST['forum_image']) ? form_sanitizer($_POST['forum_image'], '', 'forum_image') : "";
}
if (!$this->data['forum_id']) {
$this->data += array('forum_access' => USER_LEVEL_PUBLIC, 'forum_post' => USER_LEVEL_MEMBER, 'forum_reply' => USER_LEVEL_MEMBER, 'forum_post_ratings' => USER_LEVEL_MEMBER, 'forum_poll' => USER_LEVEL_MEMBER, 'forum_vote' => USER_LEVEL_MEMBER, 'forum_mods' => "");
}
// Set last order
if (!$this->data['forum_order']) {
$this->data['forum_order'] = dbresult(dbquery("SELECT MAX(forum_order) FROM " . DB_FORUMS . " " . (multilang_table("FO") ? "WHERE forum_language='" . LANGUAGE . "' AND" : "WHERE") . " forum_cat='" . $this->data['forum_cat'] . "'"), 0) + 1;
}
if (\defender::safe()) {
if ($this->verify_forum($this->data['forum_id'])) {
$result = dbquery_order(DB_FORUMS, $this->data['forum_order'], 'forum_order', $this->data['forum_id'], 'forum_id', $this->data['forum_cat'], 'forum_cat', 1, 'forum_language', 'update');
if ($result) {
dbquery_insert(DB_FORUMS, $this->data, 'update');
}
addNotice('success', self::$locale['forum_notice_9']);
redirect(FUSION_SELF . $aidlink . $this->ext);
} else {
$new_forum_id = 0;
$result = dbquery_order(DB_FORUMS, $this->data['forum_order'], 'forum_order', FALSE, FALSE, $this->data['forum_cat'], 'forum_cat', 1, 'forum_language', 'save');
if ($result) {
dbquery_insert(DB_FORUMS, $this->data, 'save');
$new_forum_id = dblastid();
}
if ($this->data['forum_cat'] == 0) {
redirect(FUSION_SELF . $aidlink . "&action=p_edit&forum_id=" . $new_forum_id . "&parent_id=0");
} else {
switch ($this->data['forum_type']) {
case '1':
addNotice('success', self::$locale['forum_notice_1']);
break;
case '2':
addNotice('success', self::$locale['forum_notice_2']);
break;
case '3':
addNotice('success', self::$locale['forum_notice_3']);
break;
case '4':
addNotice('success', self::$locale['forum_notice_4']);
break;
}
redirect(FUSION_SELF . $aidlink . $this->ext);
}
}
}
}
}
/**
* New thread
*/
public function set_newThreadInfo()
{
$userdata = fusion_get_userdata();
$locale = fusion_get_locale("", FORUM_LOCALE);
$locale += fusion_get_locale("", FORUM_TAGS_LOCALE);
$forum_settings = ForumServer::get_forum_settings();
// @todo: Reduce lines and optimize further
if (iMEMBER) {
// New thread directly to a specified forum
if (!empty($_GET['forum_id']) && ForumServer::verify_forum($_GET['forum_id'])) {
add_to_title($locale['forum_0000']);
add_to_meta("description", $locale['forum_0000']);
add_breadcrumb(array("link" => FORUM . "index.php", "title" => $locale['forum_0000']));
add_to_title($locale['global_201'] . $locale['forum_0057']);
$forum_data = dbarray(dbquery("SELECT f.*, f2.forum_name AS forum_cat_name\n\t\t\t\tFROM " . DB_FORUMS . " f\n\t\t\t\tLEFT JOIN " . DB_FORUMS . " f2 ON f.forum_cat=f2.forum_id\n\t\t\t\tWHERE f.forum_id='" . intval($_GET['forum_id']) . "'\n\t\t\t\tAND " . groupaccess('f.forum_access') . "\n\t\t\t\t"));
if ($forum_data['forum_type'] == 1) {
redirect(INFUSIONS . "forum/index.php");
}
// Use the new permission settings
self::setPermission($forum_data);
$forum_data['lock_edit'] = $forum_settings['forum_edit_lock'];
if (self::getPermission("can_post") && self::getPermission("can_access")) {
add_breadcrumb(array('link' => INFUSIONS . 'forum/index.php?viewforum&forum_id=' . $forum_data['forum_id'] . '&parent_id=' . $forum_data['forum_cat'], 'title' => $forum_data['forum_name']));
add_breadcrumb(array('link' => INFUSIONS . 'forum/index.php?viewforum&forum_id=' . $forum_data['forum_id'] . '&parent_id=' . $forum_data['forum_cat'], 'title' => $locale['forum_0057']));
/**
* Generate a poll form
*/
$poll_form = "";
if (self::getPermission("can_create_poll")) {
// initial data to push downwards
$pollData = array('thread_id' => 0, 'forum_poll_title' => !empty($_POST['forum_poll_title']) ? form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title') : '', 'forum_poll_start' => time(), 'forum_poll_length' => 2, 'forum_poll_votes' => 0);
// counter of lengths
$option_data[1] = "";
$option_data[2] = "";
// Do a validation if checked add_poll
if (isset($_POST['add_poll'])) {
$pollData = array('thread_id' => 0, 'forum_poll_title' => isset($_POST['forum_poll_title']) ? form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title') : '', 'forum_poll_start' => time(), 'forum_poll_length' => count($option_data), 'forum_poll_votes' => 0);
// calculate poll lengths
if (!empty($_POST['poll_options']) && is_array($_POST['poll_options'])) {
foreach ($_POST['poll_options'] as $i => $value) {
$option_data[$i] = form_sanitizer($value, '', "poll_options[{$i}]");
}
}
}
if (isset($_POST['add_poll_option']) && isset($_POST['poll_options'])) {
// reindex the whole array with blank values.
foreach ($_POST['poll_options'] as $i => $value) {
$option_data[$i] = form_sanitizer($value, '', "poll_options[{$i}]");
}
if (\defender::safe()) {
$option_data = array_values(array_filter($option_data));
array_unshift($option_data, NULL);
unset($option_data[0]);
$pollData['forum_poll_length'] = count($option_data);
}
array_push($option_data, '');
}
$poll_field = '';
$poll_field['poll_field'] = form_text('forum_poll_title', $locale['forum_0604'], $pollData['forum_poll_title'], array('max_length' => 255, 'placeholder' => $locale['forum_0604a'], 'inline' => TRUE, 'required' => TRUE));
for ($i = 1; $i <= count($option_data); $i++) {
$poll_field['poll_field'] .= form_text("poll_options[{$i}]", sprintf($locale['forum_0606'], $i), $option_data[$i], array('max_length' => 255, 'placeholder' => $locale['forum_0605'], 'inline' => TRUE, 'required' => $i <= 2 ? TRUE : FALSE));
}
$poll_field['poll_field'] .= "<div class='col-xs-12 col-sm-offset-3'>\n";
$poll_field['poll_field'] .= form_button('add_poll_option', $locale['forum_0608'], $locale['forum_0608'], array('class' => 'btn-primary btn-sm'));
$poll_field['poll_field'] .= "</div>\n";
$info = array('title' => $locale['forum_0366'], 'description' => $locale['forum_0630'], 'field' => $poll_field);
ob_start();
echo form_checkbox("add_poll", $locale['forum_0366'], isset($_POST['add_poll']) ? TRUE : FALSE, array('reverse_label' => TRUE));
echo "<div id='poll_form' class='poll-form' style='display:none;'>\n";
echo "<div class='well clearfix'>\n";
echo "<!--pre_form-->\n";
echo $info['field']['poll_field'];
echo "</div>\n";
echo "</div>\n";
$poll_form = ob_get_contents();
ob_end_clean();
}
$thread_data = array('forum_id' => $forum_data['forum_id'], 'thread_id' => 0, 'thread_subject' => isset($_POST['thread_subject']) ? form_sanitizer($_POST['thread_subject'], '', 'thread_subject') : '', 'thread_tags' => isset($_POST['thread_tags']) ? form_sanitizer($_POST['thread_tags'], '', 'thread_tags') : '', 'thread_author' => $userdata['user_id'], 'thread_views' => 0, 'thread_lastpost' => time(), 'thread_lastpostid' => 0, 'thread_lastuser' => $userdata['user_id'], 'thread_postcount' => 1, 'thread_poll' => 0, 'thread_sticky' => isset($_POST['thread_sticky']) ? 1 : 0, 'thread_locked' => isset($_POST['thread_sticky']) ? 1 : 0, 'thread_hidden' => 0);
$post_data = array('forum_id' => $forum_data['forum_id'], 'forum_cat' => $forum_data['forum_cat'], 'thread_id' => 0, 'post_id' => 0, 'post_message' => isset($_POST['post_message']) ? form_sanitizer($_POST['post_message'], '', 'post_message') : '', 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => !isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 0 : 1, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'notify_me' => isset($_POST['notify_me']) ? 1 : 0, 'post_locked' => 0);
// Execute post new thread
if (isset($_POST['post_newthread']) && \defender::safe()) {
require_once INCLUDES . "flood_include.php";
// all data is sanitized here.
if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
// have notice
if (\defender::safe()) {
// create a new thread.
dbquery_insert(DB_FORUM_THREADS, $thread_data, 'save', array('primary_key' => 'thread_id', 'keep_session' => TRUE));
$post_data['thread_id'] = dblastid();
$pollData['thread_id'] = dblastid();
dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id', 'keep_session' => TRUE));
$post_data['post_id'] = dblastid();
// Attach files if permitted
if (!empty($_FILES) && is_uploaded_file($_FILES['file_attachments']['tmp_name'][0]) && self::getPermission("can_upload_attach")) {
$upload = form_sanitizer($_FILES['file_attachments'], '', 'file_attachments');
if ($upload['error'] == 0) {
foreach ($upload['target_file'] as $arr => $file_name) {
$attach_data = array('thread_id' => $post_data['thread_id'], 'post_id' => $post_data['post_id'], 'attach_name' => $file_name, 'attach_mime' => $upload['type'][$arr], 'attach_size' => $upload['source_size'][$arr], 'attach_count' => '0');
dbquery_insert(DB_FORUM_ATTACHMENTS, $attach_data, "save", array('keep_session' => TRUE));
}
}
}
dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . intval($post_data['post_author']) . "'");
// Update stats in forum and threads
// find all parents and update them
$list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $post_data['forum_id']);
if (is_array($list_of_forums)) {
foreach ($list_of_forums as $forum_id) {
$forum_update_sql = "\n UPDATE " . DB_FORUMS . " SET forum_lastpost='" . intval($post_data['post_datestamp']) . "',\n forum_postcount=forum_postcount+1,\n forum_threadcount=forum_threadcount+1,\n forum_lastpostid='" . intval($post_data['post_id']) . "',\n forum_lastuser='******'post_author']) . "' WHERE forum_id='" . intval($forum_id) . "'\n ";
dbquery($forum_update_sql);
}
}
// update current forum
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . $post_data['post_datestamp'] . "', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $post_data['forum_id'] . "'");
// update current thread
dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost='" . $post_data['post_datestamp'] . "', thread_lastpostid='" . $post_data['post_id'] . "', thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $post_data['thread_id'] . "'");
// set notify
if ($forum_settings['thread_notify'] && isset($_POST['notify_me']) && $post_data['thread_id']) {
if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $post_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $post_data['thread_id'] . "', '" . $post_data['post_datestamp'] . "', '" . $post_data['post_author'] . "', '1')");
}
}
// Add poll if exist
if (!empty($option_data) && isset($_POST['add_poll'])) {
dbquery_insert(DB_FORUM_POLLS, $pollData, 'save');
$poll_option_data['thread_id'] = $pollData['thread_id'];
$i = 1;
foreach ($option_data as $option_text) {
if ($option_text) {
$poll_option_data['forum_poll_option_id'] = $i;
$poll_option_data['forum_poll_option_text'] = $option_text;
$poll_option_data['forum_poll_option_votes'] = 0;
dbquery_insert(DB_FORUM_POLL_OPTIONS, $poll_option_data, 'save');
$i++;
}
}
dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_poll='1' WHERE thread_id='" . $pollData['thread_id'] . "'");
}
}
if (\defender::safe()) {
redirect(INFUSIONS . "forum/postify.php?post=new&error=0&forum_id=" . intval($post_data['forum_id']) . "&parent_id=" . intval($post_data['forum_cat']) . "&thread_id=" . intval($post_data['thread_id'] . ""));
}
}
}
$this->info = array('title' => $locale['forum_0057'], 'description' => '', 'openform' => openform('input_form', 'post', FORUM . "newthread.php?forum_id=" . $post_data['forum_id'], array('enctype' => self::getPermission("can_upload_attach"))), 'closeform' => closeform(), 'forum_id_field' => '', 'thread_id_field' => '', "forum_field" => "", 'subject_field' => form_text('thread_subject', $locale['forum_0600'], $thread_data['thread_subject'], array('required' => 1, 'placeholder' => $locale['forum_2001'], 'error_text' => '', 'class' => 'm-t-20 m-b-20')), 'tags_field' => form_select('thread_tags[]', $locale['forum_tag_0100'], $thread_data['thread_tags'], array('options' => $this->tag()->get_TagOpts(TRUE), 'width' => '100%', 'multiple' => TRUE, 'delimiter' => '.', 'max_select' => 3)), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => 1, 'error_text' => '', 'autosize' => 1, 'no_resize' => 1, 'preview' => 1, 'form_name' => 'input_form', 'bbcode' => 1)), 'attachment_field' => self::getPermission("can_upload_attach") ? form_fileinput('file_attachments[]', $locale['forum_0557'], "", array('input_id' => 'file_attachments', 'upload_path' => INFUSIONS . 'forum/attachments/', 'type' => 'object', 'preview_off' => TRUE, "multiple" => TRUE, "inline" => FALSE, 'max_count' => $forum_settings['forum_attachmax_count'], 'valid_ext' => $forum_settings['forum_attachtypes'], "class" => "m-b-0")) . " <div class='m-b-20'>\n<small>\n " . sprintf($locale['forum_0559'], parsebytesize($forum_settings['forum_attachmax']), str_replace('|', ', ', $forum_settings['forum_attachtypes']), $forum_settings['forum_attachmax_count']) . "</small>\n</div>\n" : "", 'poll_form' => $poll_form, 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0', 'reverse_label' => TRUE)), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'sticky_field' => iMOD || iSUPERADMIN ? form_checkbox('thread_sticky', $locale['forum_0620'], $thread_data['thread_sticky'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'lock_field' => iMOD || iSUPERADMIN ? form_checkbox('thread_locked', $locale['forum_0621'], $thread_data['thread_locked'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'edit_reason_field' => '', 'delete_field' => '', 'hide_edit_field' => '', 'post_locked_field' => '', 'notify_field' => $forum_settings['thread_notify'] ? form_checkbox('notify_me', $locale['forum_0626'], $post_data['notify_me'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'post_buttons' => form_button('post_newthread', $locale['forum_0057'], $locale['forum_0057'], array('class' => 'btn-primary btn-sm')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default btn-sm m-l-10')), 'last_posts_reply' => '');
// add a jquery to toggle the poll form
add_to_jquery("\n if (\$('#add_poll').is(':checked')) {\n \$('#poll_form').show();\n } else {\n \$('#poll_form').hide();\n }\n \$('#add_poll').bind('click', function() {\n if (\$(this).is(':checked')) {\n \$('#poll_form').slideDown();\n } else {\n \$('#poll_form').slideUp();\n }\n });\n ");
} else {
redirect(FORUM . "index.php");
}
} else {
/*
* Quick New Forum Posting.
* Does not require to run permissions.
* Does not contain forum poll.
* Does not contain attachment
*/
if (!dbcount("(forum_id)", DB_FORUMS, "forum_type !='1'")) {
redirect(INFUSIONS . "forum/index.php");
}
if (!dbcount("(forum_id)", DB_FORUMS, "forum_language ='" . LANGUAGE . "'")) {
redirect(INFUSIONS . "forum/index.php");
}
add_breadcrumb(array("link" => FORUM . "newthread.php?forum_id=0", "title" => $locale['forum_0057']));
$thread_data = array('forum_id' => isset($_POST['forum_id']) ? form_sanitizer($_POST['forum_id'], 0, "forum_id") : 0, 'thread_id' => 0, 'thread_subject' => isset($_POST['thread_subject']) ? form_sanitizer($_POST['thread_subject'], '', 'thread_subject') : '', 'thread_tags' => isset($_POST['thread_tags']) ? form_sanitizer($_POST['thread_tags'], '', 'thread_tags') : '', 'thread_author' => $userdata['user_id'], 'thread_views' => 0, 'thread_lastpost' => time(), 'thread_lastpostid' => 0, 'thread_lastuser' => $userdata['user_id'], 'thread_postcount' => 1, 'thread_poll' => 0, 'thread_sticky' => isset($_POST['thread_sticky']) ? TRUE : FALSE, 'thread_locked' => isset($_POST['thread_sticky']) ? TRUE : FALSE, 'thread_hidden' => 0);
$post_data = array('forum_id' => isset($_POST['forum_id']) ? form_sanitizer($_POST['forum_id'], 0, "forum_id") : 0, "forum_cat" => 0, 'thread_id' => 0, 'post_id' => 0, 'post_message' => isset($_POST['post_message']) ? form_sanitizer($_POST['post_message'], '', 'post_message') : '', 'post_showsig' => isset($_POST['post_showsig']) ? TRUE : FALSE, 'post_smileys' => !isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? FALSE : TRUE, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'notify_me' => isset($_POST['notify_me']) ? TRUE : FALSE, 'post_locked' => 0);
// go for a new thread posting.
// check data
// and validate
// do not run attach, and do not run poll.
if (isset($_POST['post_newthread']) && \defender::safe()) {
require_once INCLUDES . "flood_include.php";
// all data is sanitized here.
if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
// have notice
if (ForumServer::verify_forum($thread_data['forum_id'])) {
$forum_data = dbarray(dbquery("SELECT f.*, f2.forum_name AS forum_cat_name\n FROM " . DB_FORUMS . " f\n LEFT JOIN " . DB_FORUMS . " f2 ON f.forum_cat=f2.forum_id\n WHERE f.forum_id='" . intval($thread_data['forum_id']) . "'\n AND " . groupaccess('f.forum_access') . "\n "));
if ($forum_data['forum_type'] == 1) {
redirect(INFUSIONS . "forum/index.php");
}
// Use the new permission settings
self::setPermission($forum_data);
$forum_data['lock_edit'] = $forum_settings['forum_edit_lock'];
if (self::getPermission("can_post") && self::getPermission("can_access")) {
$post_data['forum_cat'] = $forum_data['forum_cat'];
// create a new thread.
dbquery_insert(DB_FORUM_THREADS, $thread_data, 'save', array('primary_key' => 'thread_id', 'keep_session' => TRUE));
$post_data['thread_id'] = dblastid();
dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id', 'keep_session' => TRUE));
$post_data['post_id'] = dblastid();
dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . $post_data['post_author'] . "'");
// Update stats in forum and threads
// find all parents and update them
$list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $post_data['forum_id']);
foreach ($list_of_forums as $fid) {
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $fid . "'");
}
// update current forum
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost=''" . time() . "'', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $post_data['forum_id'] . "'");
// update current thread
dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost=''" . time() . "'', thread_lastpostid='" . $post_data['post_id'] . "', thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $post_data['thread_id'] . "'");
// set notify
if ($forum_settings['thread_notify'] && isset($_POST['notify_me']) && $post_data['thread_id']) {
if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $post_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $post_data['thread_id'] . "', '" . time() . "', '" . $post_data['post_author'] . "', 1)");
}
}
if (\defender::safe()) {
redirect(INFUSIONS . "forum/postify.php?post=new&error=0&forum_id=" . intval($post_data['forum_id']) . "&parent_id=" . intval($post_data['forum_cat']) . "&thread_id=" . intval($post_data['thread_id'] . ""));
}
} else {
addNotice("danger", $locale['forum_0186']);
}
} else {
addNotice("danger", $locale['forum_0187']);
redirect(INFUSIONS . "forum/index.php");
}
}
}
//Disable all parents
$disabled_opts = array();
$disable_query = "\n SELECT forum_id FROM " . DB_FORUMS . " WHERE forum_type='1'\n " . (multilang_table("FO") ? "AND forum_language='" . LANGUAGE . "'" : "") . "\n ";
$disable_query = dbquery(" {$disable_query} ");
if (dbrows($disable_query) > 0) {
while ($d_forum = dbarray($disable_query)) {
$disabled_opts = $d_forum['forum_id'];
}
}
$this->info = array('title' => $locale['forum_0057'], 'description' => '', 'openform' => openform('input_form', 'post', FORUM . "newthread.php", array('enctype' => FALSE)), 'closeform' => closeform(), 'forum_id_field' => '', 'thread_id_field' => '', 'forum_field' => form_select_tree("forum_id", $locale['forum_0395'], $thread_data['forum_id'], array("required" => TRUE, "width" => "320px", "no_root" => TRUE, "disable_opts" => $disabled_opts, "query" => multilang_table("FO") ? "WHERE forum_language='" . LANGUAGE . "'" : ""), DB_FORUMS, "forum_name", "forum_id", "forum_cat"), 'subject_field' => form_text('thread_subject', $locale['forum_0600'], $thread_data['thread_subject'], array('required' => 1, 'placeholder' => $locale['forum_2001'], 'error_text' => '', 'class' => 'm-t-20 m-b-20')), 'tags_field' => form_select('thread_tags[]', $locale['forum_tag_0100'], $thread_data['thread_tags'], array('options' => $this->tag()->get_TagOpts(), 'width' => '100%', 'multiple' => TRUE, 'delimiter' => '.', 'max_select' => 3)), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => 1, 'error_text' => '', 'autosize' => 1, 'no_resize' => 1, 'preview' => 1, 'form_name' => 'input_form', 'bbcode' => 1)), 'attachment_field' => "", 'poll_form' => "", 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0', 'reverse_label' => TRUE)), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'sticky_field' => iSUPERADMIN ? form_checkbox('thread_sticky', $locale['forum_0620'], $thread_data['thread_sticky'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'lock_field' => iSUPERADMIN ? form_checkbox('thread_locked', $locale['forum_0621'], $thread_data['thread_locked'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'edit_reason_field' => '', 'delete_field' => '', 'hide_edit_field' => '', 'post_locked_field' => '', 'notify_field' => $forum_settings['thread_notify'] ? form_checkbox('notify_me', $locale['forum_0626'], $post_data['notify_me'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'post_buttons' => form_button('post_newthread', $locale['forum_0057'], $locale['forum_0057'], array('class' => 'btn-primary btn-sm')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default btn-sm m-l-10')), 'last_posts_reply' => '');
}
} else {
redirect(INFUSIONS . 'forum/index.php');
}
}
/**
* SQL update or save data
* @param $data
* @return array
*/
protected function set_customPage($data)
{
global $aidlink, $locale;
if (isset($_POST['save'])) {
$data = array('page_id' => form_sanitizer($_POST['page_id'], 0, 'page_id'), 'page_link_cat' => form_sanitizer($_POST['page_link_cat'], 0, 'page_link_cat'), 'page_title' => form_sanitizer($_POST['page_title'], '', 'page_title'), 'page_access' => form_sanitizer($_POST['page_access'], 0, 'page_access'), 'page_content' => addslash($_POST['page_content']), 'page_keywords' => form_sanitizer($_POST['page_keywords'], '', 'page_keywords'), 'page_language' => form_sanitizer($_POST['page_language'], "", "page_language"), 'page_allow_comments' => isset($_POST['page_allow_comments']) ? 1 : 0, 'page_allow_ratings' => isset($_POST['page_allow_ratings']) ? 1 : 0);
if ($data['page_id'] == 0) {
$data += array("add_link" => isset($_POST['add_link']) ? 1 : 0, 'link_id' => form_sanitizer($_POST['link_id'], 0, 'link_id'));
}
if (self::verify_customPage($data['page_id'])) {
dbquery_insert(DB_CUSTOM_PAGES, $data, 'update');
if (\defender::safe()) {
addNotice('info', $locale['411']);
redirect(FUSION_SELF . $aidlink . "&pid=" . $data['page_id']);
}
} else {
dbquery_insert(DB_CUSTOM_PAGES, $data, 'save');
$data['page_id'] = dblastid();
if (!empty($data['add_link'])) {
self::set_customPageLinks($data);
}
if (\defender::safe()) {
addNotice('success', $locale['410']);
redirect(FUSION_SELF . $aidlink . "&pid=" . $data['page_id']);
}
}
}
return $data;
}
public function render_reply_form()
{
$thread = $this->thread();
$thread_info = $thread->get_threadInfo();
$thread_data = $thread_info['thread'];
$forum_settings = $this->get_forum_settings();
$locale = fusion_get_locale("", FORUM_LOCALE);
$userdata = fusion_get_userdata();
$this->thread_data = $thread_info['thread'];
if ((!iMOD or !iSUPERADMIN) && $thread_data['thread_locked']) {
redirect(INFUSIONS . 'forum/index.php');
}
if ($thread->getThreadPermission("can_reply")) {
add_to_title($locale['global_201'] . $locale['forum_0503']);
add_breadcrumb(array('link' => '', 'title' => $locale['forum_0503']));
// field data
$post_data = array('post_id' => 0, 'post_cat' => isset($_GET['post_id']) && isnum($_GET['post_id']) ? intval($_GET['post_id']) : 0, 'forum_id' => $thread_info['thread']['forum_id'], 'thread_id' => $thread_info['thread']['thread_id'], 'post_message' => isset($_POST['post_message']) ? form_sanitizer($_POST['post_message'], '', 'post_message') : '', 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 1 : 0, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'notify_me' => 0, 'post_locked' => $forum_settings['forum_edit_lock'] || isset($_POST['post_locked']) ? 1 : 0);
// execute form post actions
if (isset($_POST['post_reply'])) {
require_once INCLUDES . "flood_include.php";
if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
// have notice
// If you merge, the datestamp on all forum, threads, post will not be updated.
$update_forum_lastpost = FALSE;
if (\defender::safe()) {
// Prepare forum merging action
$last_post_author = dbarray(dbquery("\n SELECT post_author FROM " . DB_FORUM_POSTS . "\n WHERE thread_id='" . intval($thread_data['thread_id']) . "'\n ORDER BY post_id DESC LIMIT 1\n "));
// delete post checkbox...
// if is lastpost, update thread on the last.
if ($last_post_author['post_author'] == $post_data['post_author'] && $thread_data['forum_merge'] == TRUE) {
$last_message = dbarray(dbquery("SELECT post_id, post_message, post_datestamp FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . intval($thread_data['thread_id']) . "' ORDER BY post_id DESC"));
$post_data['post_id'] = $last_message['post_id'];
$post_data['post_message'] = $last_message['post_message'] . "\n\n" . $locale['forum_0640'] . " " . showdate("longdate", time()) . ":\n" . $post_data['post_message'];
$post_data['post_datestamp'] = $last_message['post_datestamp'];
dbquery_insert(DB_FORUM_POSTS, $post_data, 'update', array('primary_key' => 'post_id', 'keep_session' => TRUE));
} else {
$update_forum_lastpost = TRUE;
dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id', 'keep_session' => TRUE));
$post_data['post_id'] = dblastid();
dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . intval($post_data['post_author']) . "'");
}
// Attach files if permitted
if (!empty($_FILES) && is_uploaded_file($_FILES['file_attachments']['tmp_name'][0]) && $thread->getThreadPermission("can_upload_attach")) {
$upload = form_sanitizer($_FILES['file_attachments'], '', 'file_attachments');
if ($upload['error'] == 0) {
foreach ($upload['target_file'] as $arr => $file_name) {
$attach_data = array('thread_id' => intval($thread_data['thread_id']), 'post_id' => $post_data['post_id'], 'attach_name' => $file_name, 'attach_mime' => $upload['type'][$arr], 'attach_size' => $upload['source_size'][$arr], 'attach_count' => 0);
dbquery_insert(DB_FORUM_ATTACHMENTS, $attach_data, "save", array('keep_session' => TRUE));
}
}
}
// Update stats in forum and threads
if ($update_forum_lastpost == TRUE) {
// find all parents and update them
$list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), intval($thread_data['forum_id']));
foreach ($list_of_forums as $forumID) {
dbquery("\n\t\t\t\t\t\t\t\tUPDATE " . DB_FORUMS . " SET\n\t\t\t\t\t\t\t\tforum_lastpost = '" . time() . "',\n\t\t\t\t\t\t\t\tforum_postcount=forum_postcount+1,\n\t\t\t\t\t\t\t\tforum_lastpostid='" . intval($post_data['post_id']) . "',\n\t\t\t\t\t\t\t\tforum_lastuser='******'post_author']) . "'\n\t\t\t\t\t\t\t\tWHERE forum_id='" . intval($forumID) . "'\n\t\t\t\t\t\t\t\t");
}
// update current forum
dbquery("\n\t\t\t\t\t\t\tUPDATE " . DB_FORUMS . " SET\n\t\t\t\t\t\t\tforum_lastpost='" . time() . "',\n\t\t\t\t\t\t\tforum_postcount=forum_postcount+1,\n\t\t\t\t\t\t\tforum_lastpostid='" . intval($post_data['post_id']) . "',\n\t\t\t\t\t\t\tforum_lastuser='******'post_author']) . "'\n\t\t\t\t\t\t\tWHERE forum_id='" . intval($thread_data['forum_id']) . "'\n\t\t\t\t\t\t\t");
// update current thread
dbquery("\n\t\t\t\t\t\t\tUPDATE " . DB_FORUM_THREADS . " SET\n\t\t\t\t\t\t\tthread_lastpost='" . time() . "',\n\t\t\t\t\t\t\tthread_lastpostid='" . intval($post_data['post_id']) . "',\n\t\t\t\t\t\t\tthread_postcount=thread_postcount+1,\n\t\t\t\t\t\t\tthread_lastuser='******'post_author']) . "',\n\t\t\t\t\t\t\tthread_lastpost= '" . time() . "'\n\t\t\t\t\t\t\tWHERE thread_id='" . intval($thread_data['thread_id']) . "'\n\t\t\t\t\t\t\t");
}
if ($forum_settings['thread_notify'] && isset($_POST['notify_me']) && $_POST['notify_me'] == TRUE) {
if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . intval($thread_data['thread_id']) . "' AND notify_user='******'post_author']) . "'")) {
dbquery("\n INSERT INTO " . DB_FORUM_THREAD_NOTIFY . "\n (thread_id, notify_datestamp, notify_user, notify_status)\n VALUES ('" . intval($thread_data['thread_id']) . "', NOW(), '" . intval($post_data['post_author']) . "', 1)\n ");
}
}
if (\defender::safe()) {
redirect(FORUM . "postify.php?post=reply&error=0&forum_id=" . intval($post_data['forum_id']) . "&thread_id=" . intval($post_data['thread_id']) . "&post_id=" . intval($post_data['post_id']));
}
}
}
}
// template data
$form_action = INFUSIONS . "forum/viewthread.php?action=reply&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'];
if (isset($_GET['post_id'])) {
$form_action = INFUSIONS . "forum/viewthread.php?action=reply&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "&post_id=" . intval($_GET['post_id']);
}
// Quote Get
if (isset($_GET['quote']) && isnum($_GET['quote'])) {
$quote_result = dbquery("SELECT a.post_message, b.user_name\n\t\t\t\t\t\t\t\t\t\tFROM " . DB_FORUM_POSTS . " a\n\t\t\t\t\t\t\t\t\t\tINNER JOIN " . DB_USERS . " b ON a.post_author=b.user_id\n\t\t\t\t\t\t\t\t\t\tWHERE thread_id='" . intval($thread_data['thread_id']) . "' and post_id='" . intval($_GET['quote']) . "'");
if (dbrows($quote_result) > 0) {
$quote_data = dbarray($quote_result);
$post_data['post_message'] = "[quote name=" . $quote_data['user_name'] . " post=" . $_GET['quote'] . "]@" . $quote_data['user_name'] . " - " . strip_bbcodes($quote_data['post_message']) . "[/quote]" . $post_data['post_message'];
$form_action .= "&post_id=" . $_GET['post_id'] . "&quote=" . $_GET['quote'];
} else {
redirect(INFUSIONS . "forum/index.php");
}
}
$info = array('title' => $locale['forum_0503'], 'description' => $locale['forum_2000'] . $thread_data['thread_subject'], 'openform' => openform('input_form', 'post', $form_action, array('enctype' => $thread->getThreadPermission("can_upload_attach"))), 'closeform' => closeform(), 'forum_id_field' => form_hidden('forum_id', "", $post_data['forum_id']), 'thread_id_field' => form_hidden('thread_id', "", $post_data['thread_id']), "forum_field" => "", 'subject_field' => form_hidden('thread_subject', "", $thread_data['thread_subject']), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => TRUE, 'error_text' => '', 'autosize' => TRUE, 'no_resize' => TRUE, 'preview' => TRUE, 'form_name' => 'input_form', 'bbcode' => TRUE)), 'delete_field' => '', 'edit_reason_field' => '', 'attachment_field' => $thread->getThreadPermission("can_upload_attach") ? form_fileinput('file_attachments[]', $locale['forum_0557'], "", array('input_id' => 'file_attachments', 'upload_path' => INFUSIONS . 'forum/attachments/', 'type' => 'object', 'preview_off' => TRUE, "multiple" => TRUE, "inline" => FALSE, 'max_count' => $forum_settings['forum_attachmax_count'], 'valid_ext' => $forum_settings['forum_attachtypes'], "class" => "m-b-0")) . "\n\t\t\t\t\t\t\t\t <div class='m-b-20'>\n<small>" . sprintf($locale['forum_0559'], parsebytesize($forum_settings['forum_attachmax']), str_replace('|', ', ', $forum_settings['forum_attachtypes']), $forum_settings['forum_attachmax_count']) . "</small>\n</div>\n" : "", "poll_form" => "", 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0', 'reverse_label' => TRUE)), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'sticky_field' => '', 'lock_field' => '', 'hide_edit_field' => '', 'post_locked_field' => '', 'notify_field' => $forum_settings['thread_notify'] ? form_checkbox('notify_me', $locale['forum_0626'], $post_data['notify_me'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'post_buttons' => form_button('post_reply', $locale['forum_0504'], $locale['forum_0504'], array('class' => 'btn-primary')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default m-l-10')), 'last_posts_reply' => '');
// only in reply
if ($forum_settings['forum_last_posts_reply']) {
$last_post_query = "\n SELECT p.thread_id, p.post_message, p.post_smileys, p.post_author, p.post_datestamp, p.post_hidden,\n u.user_id, u.user_name, u.user_status, u.user_avatar\n FROM " . DB_FORUM_POSTS . " p\n LEFT JOIN " . DB_USERS . " u ON p.post_author = u.user_id\n WHERE p.thread_id='" . $thread_data['thread_id'] . "' AND p.post_hidden='0'\n GROUP BY p.post_id\n ORDER BY p.post_datestamp DESC LIMIT 0, " . $forum_settings['posts_per_page'];
$last_post_result = dbquery($last_post_query);
if (dbrows($last_post_result) > 0) {
$title = sprintf($locale['forum_0526'], $forum_settings['forum_last_posts_reply']);
if ($forum_settings['forum_last_posts_reply'] == "1") {
$title = $locale['forum_0525'];
}
ob_start();
echo "<p><strong>" . $title . "</strong>\n</p>\n";
echo "<table class='table table-responsive'>\n";
$i = $forum_settings['posts_per_page'];
while ($data = dbarray($last_post_result)) {
$message = $data['post_message'];
if ($data['post_smileys']) {
$message = parsesmileys($message);
}
$message = parseubb($message);
echo "<tr>\n<td class='tbl2 forum_thread_user_name' style='width:10%'><!--forum_thread_user_name-->" . profile_link($data['user_id'], $data['user_name'], $data['user_status']) . "</td>\n";
echo "<td class='tbl2 forum_thread_post_date'>\n";
echo "<div style='float:right' class='small'>\n";
echo $i . ($i == $forum_settings['forum_last_posts_reply'] ? " (" . $locale['forum_0525'] . ")" : "");
echo "</div>\n";
echo "<div class='small'>" . $locale['forum_0524'] . showdate("forumdate", $data['post_datestamp']) . "</div>\n";
echo "</td>\n";
echo "</tr>\n<tr>\n<td valign='top' class='tbl2 forum_thread_user_info' style='width:10%'>\n";
echo display_avatar($data, '50px');
echo "</td>\n<td valign='top' class='tbl1 forum_thread_user_post'>\n";
echo nl2br($message);
echo "</td>\n</tr>\n";
$i--;
}
echo "</table>\n";
$info['last_posts_reply'] = ob_get_contents();
ob_end_clean();
}
}
display_forum_postform($info);
} else {
if (fusion_get_settings("site_seo")) {
redirect(fusion_get_settings("siteurl") . "infusions/forum/index.php");
}
redirect(INFUSIONS . 'forum/index.php');
}
}
/**
* Handle post of Quick Reply Form
*/
private function handle_quick_reply()
{
$forum_settings = $this->get_forum_settings();
$locale = fusion_get_locale();
$userdata = fusion_get_userdata();
if (isset($_POST['post_quick_reply'])) {
if ($this->getThreadPermission("can_reply") && \defender::safe()) {
$this->thread_data = $this->thread_info['thread'];
require_once INCLUDES . "flood_include.php";
if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
// have notice
$post_data = array('post_id' => 0, 'forum_id' => $this->thread_data['forum_id'], 'thread_id' => $this->thread_data['thread_id'], 'post_message' => form_sanitizer($_POST['post_message'], '', 'post_message'), 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => isset($_POST['post_smileys']) || preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 1 : 0, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'post_locked' => $forum_settings['forum_edit_lock'] || isset($_POST['post_locked']) ? 1 : 0);
if (\defender::safe()) {
// post message is invalid or whatever is invalid
$update_forum_lastpost = FALSE;
// Prepare forum merging action
$last_post_author = dbarray(dbquery("SELECT post_author FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $this->thread_data['thread_id'] . "' ORDER BY post_id DESC LIMIT 1"));
if ($last_post_author['post_author'] == $post_data['post_author'] && $this->thread_data['forum_merge']) {
$last_message = dbarray(dbquery("SELECT post_id, post_message FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $this->thread_data['thread_id'] . "' ORDER BY post_id DESC"));
$post_data['post_id'] = $last_message['post_id'];
$post_data['post_message'] = $last_message['post_message'] . "\n\n" . $locale['forum_0640'] . " " . showdate("longdate", time()) . ":\n" . $post_data['post_message'];
dbquery_insert(DB_FORUM_POSTS, $post_data, 'update', array('primary_key' => 'post_id'));
} else {
$update_forum_lastpost = TRUE;
dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id'));
$post_data['post_id'] = dblastid();
dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . $post_data['post_author'] . "'");
}
// Update stats in forum and threads
if ($update_forum_lastpost) {
// find all parents and update them
$list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $this->thread_data['forum_id']);
if (!empty($list_of_forums)) {
foreach ($list_of_forums as $fid) {
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $fid . "'");
}
}
// update current forum
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $this->thread_data['forum_id'] . "'");
// update current thread
dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost='" . time() . "', thread_lastpostid='" . $post_data['post_id'] . "', thread_postcount=thread_postcount+1, thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $this->thread_data['thread_id'] . "'");
}
// set notify
if ($forum_settings['thread_notify'] == TRUE && isset($_POST['notify_me']) && $this->thread_data['thread_id']) {
if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $this->thread_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $this->thread_data['thread_id'] . "', '" . time() . "', '" . $post_data['post_author'] . "', '1')");
}
}
}
redirect(INFUSIONS . "forum/postify.php?post=reply&error=0&forum_id=" . intval($post_data['forum_id']) . "&thread_id=" . intval($post_data['thread_id']) . "&post_id=" . intval($post_data['post_id']));
}
}
}
}
$forum_data = dbarray(dbquery("SELECT f.*, f2.forum_name AS forum_cat_name\n\t\t\t\t\tFROM " . DB_FORUMS . " f\n\t\t\t\t\tLEFT JOIN " . DB_FORUMS . " f2 ON f.forum_cat=f2.forum_id\n\t\t\t\t\tWHERE f.forum_id='" . intval($thread_data['forum_id']) . "'\n\t\t\t\t\tAND " . groupaccess('f.forum_access') . "\n\t\t\t\t\t"));
if ($forum_data['forum_type'] == 1) {
redirect(INFUSIONS . "forum/index.php");
}
define_forum_mods($forum_data);
// Use the new permission settings
$forum->setForumPermission($forum_data);
$permission = $forum->getForumPermission();
$forum_data['lock_edit'] = $forum_settings['forum_edit_lock'] == 1 ? TRUE : FALSE;
if ($permission['can_post'] && $permission['can_access']) {
$post_data['forum_cat'] = $forum_data['forum_cat'];
// create a new thread.
dbquery_insert(DB_FORUM_THREADS, $thread_data, 'save', array('primary_key' => 'thread_id', 'keep_session' => TRUE));
$post_data['thread_id'] = dblastid();
dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id', 'keep_session' => TRUE));
$post_data['post_id'] = dblastid();
dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . $post_data['post_author'] . "'");
// Update stats in forum and threads
// find all parents and update them
$list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $post_data['forum_id']);
foreach ($list_of_forums as $fid) {
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $fid . "'");
}
// update current forum
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $post_data['forum_id'] . "'");
// update current thread
dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost='" . time() . "', thread_lastpostid='" . $post_data['post_id'] . "', thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $post_data['thread_id'] . "'");
// set notify
if ($forum_settings['thread_notify'] && isset($_POST['notify_me']) && $post_data['thread_id']) {
if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $post_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $post_data['thread_id'] . "', '" . time() . "', '" . $post_data['post_author'] . "', '1')");
/**
* MYSQL Row modifiers. Insert/Update/Delete
*
* @param string $table
* @param array $inputdata
* @param string $mode save|update|delete
* @param array $options
* <ul>
* <li><strong>debug (boolean)</strong>:
* If TRUE, do nothing, just show the SQL. FALSE by default</li>
* <li><strong>primary_key (string|string[])</strong>:
* Names of primary key columns. If it is empty,
* columns will detected automatically.</li>
* <li><strong>no_unique (boolean)</strong>:
* If TRUE, primary key columns will be not removed
* from $inputdata. FALSE by default.</li>
* <li><strong>keep_session (boolean)</strong>:
* If TRUE, defender will not unset field sessions.</li>
* </ul>
* @return int|FALSE
* If an error happens, it returns FALSE.
* Otherwise, if $mode is save and the primary key column is
* incremented automatically, this function returns the last inserted id.
* In other cases it always returns 0.
*/
function dbquery_insert($table, $inputdata, $mode, array $options = array())
{
$options += array('debug' => FALSE, 'primary_key' => '', 'no_unique' => FALSE, 'keep_session' => FALSE);
if (defined("FUSION_NULL")) {
if ($options['debug']) {
print_p('Fusion Null Declared. Developer, check form tokens.');
}
return FALSE;
}
global $defender;
$cresult = dbquery("SHOW COLUMNS FROM {$table}");
$columns = array();
$pkcolumns = array();
while ($cdata = dbarray($cresult)) {
$columns[] = $cdata['Field'];
if ($cdata['Key'] === 'PRI') {
$pkcolumns[$cdata['Field']] = $cdata['Field'];
}
}
if ($options['primary_key']) {
$options['primary_key'] = (array) $options['primary_key'];
$pkcolumns = array_combine($options['primary_key'], $options['primary_key']);
}
$sanitized_input = array();
$data = array_intersect_key($inputdata, array_flip($columns));
$pkvalues = array_intersect_key($data, $pkcolumns);
if (!$options['no_unique'] and $mode !== 'save') {
foreach ($pkcolumns as $c) {
unset($data[$c]);
}
}
if (!$data) {
if ($options['debug']) {
print_p('$inputdata does not contain any valid column.');
}
return FALSE;
}
$sqlPatterns = array('save' => 'INSERT INTO `{table}` SET {values}', 'update' => 'UPDATE `{table}` SET {values} WHERE {where}', 'delete' => 'DELETE FROM `{table}` WHERE {where}');
foreach ($data as $name => $value) {
$sanitized_input[] = "`{$name}` = '{$value}'";
}
if (!isset($sqlPatterns[$mode])) {
// TODO Replace die with something better. I kept the old way (Rimelek)
die;
}
$where = '';
if ($mode === 'update' or $mode === 'delete') {
$pkwhere = array();
foreach ($pkvalues as $name => $pkvalue) {
$pkwhere[] = "`{$name}`='{$pkvalue}'";
}
$where = implode(' AND ', $pkwhere);
}
$sql = strtr($sqlPatterns[$mode], array('{table}' => $table, '{values}' => implode(', ', $sanitized_input), '{where}' => $where));
$result = NULL;
if ($options['debug']) {
print_p($where);
print_p($sanitized_input);
print_p($sql);
} else {
$result = dbquery($sql);
if (!$options['keep_session']) {
//print_p('field session unset during '.$sql);
$defender->unset_field_session();
}
}
if ($result === FALSE) {
// Because dblastid() can return the id of the last record of the error log.
return FALSE;
}
return $mode === 'save' ? dblastid() : 0;
}
/**
* Display Comments
* @param $comment_type
* @param $comment_db
* @param $comment_col
* @param $comment_item_id
* @param $clink
*/
public function showComments($comment_type, $comment_db, $comment_col, $comment_item_id, $clink)
{
global $aidlink;
$locale = fusion_get_locale();
$locale += fusion_get_locale('', LOCALE . LOCALESET . "user_fields.php");
$cpp = $this->settings['comments_per_page'];
$comment_data = array('comment_id' => isset($_GET['comment_id']) && isnum($_GET['comment_id']) ? $_GET['comment_id'] : 0, 'comment_name' => '', 'comment_message' => '', 'comment_datestamp' => time(), 'comment_item_id' => $comment_item_id, 'comment_type' => $comment_type, 'comment_cat' => 0, 'comment_ip' => USER_IP, 'comment_ip_type' => USER_IP_TYPE, 'comment_hidden' => 0);
/** Delete */
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $this->userdata['user_id'] . "'")) {
$result = dbquery("\n DELETE FROM " . DB_COMMENTS . "\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\n\t\t\t\tAND comment_name='" . $this->userdata['user_id'] . "'"));
}
redirect($clink . ($this->settings['comments_sorting'] == "ASC" ? "" : "&c_start=0"));
}
if ($this->settings['comments_enabled'] == "1") {
$this->c_arr['c_info']['comments_count'] = format_word(0, $this->locale['fmt_comment']);
// Handle Comment Posts
if ((iMEMBER || $this->settings['guestposts']) && isset($_POST['post_comment'])) {
if (!iMEMBER && $this->settings['guestposts']) {
// Process Captchas
$_CAPTCHA_IS_VALID = FALSE;
include INCLUDES . "captchas/" . $this->settings['captcha'] . "/captcha_check.php";
if (!isset($_POST['captcha_code']) && $_CAPTCHA_IS_VALID == FALSE) {
\defender::stop();
addNotice("danger", $locale['u194']);
}
}
$comment_data = array('comment_id' => isset($_GET['comment_id']) && isnum($_GET['comment_id']) ? $_GET['comment_id'] : 0, 'comment_name' => iMEMBER ? $this->userdata['user_id'] : form_sanitizer($_POST['comment_name'], '', 'comment_name'), 'comment_message' => form_sanitizer($_POST['comment_message'], '', 'comment_message'), 'comment_datestamp' => time(), 'comment_item_id' => $comment_item_id, 'comment_type' => $comment_type, 'comment_cat' => form_sanitizer($_POST['comment_cat'], 0, 'comment_cat'), 'comment_ip' => USER_IP, 'comment_ip_type' => USER_IP_TYPE, 'comment_hidden' => 0);
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && $comment_data['comment_id']) {
// Update comment
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $comment_data['comment_id'] . "'\n AND comment_item_id='" . $comment_item_id . "'\n AND comment_type='" . $comment_type . "'\n AND comment_name='" . $this->userdata['user_id'] . "'\n AND comment_hidden='0'") && \defender::safe()) {
$c_name_query = "SELECT comment_name FROM " . DB_COMMENTS . " WHERE comment_id='" . $comment_data['comment_id'] . "'";
$comment_data['comment_name'] = dbresult(dbquery($c_name_query), 0);
dbquery_insert(DB_COMMENTS, $comment_data, 'update');
if ($this->settings['comments_sorting'] == "ASC") {
$c_operator = "<=";
} else {
$c_operator = ">=";
}
$c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_id" . $c_operator . "'" . $comment_data['comment_id'] . "'\n AND comment_item_id='" . $comment_item_id . "'\n AND comment_type='" . $comment_type . "'");
$c_start = (ceil($c_count / $cpp) - 1) * $cpp;
addNotice("success", $locale['global_027']);
redirect(self::format_clink($clink) . "&c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
}
} else {
// Save New comment
if (!dbcount("(" . $comment_col . ")", $comment_db, $comment_col . "='" . $comment_item_id . "'")) {
redirect(BASEDIR . "index.php");
}
if (\defender::safe()) {
$c_start = 0;
$id = 0;
if ($comment_data['comment_name'] && $comment_data['comment_message']) {
require_once INCLUDES . "flood_include.php";
if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
dbquery_insert(DB_COMMENTS, $comment_data, 'save');
$id = dblastid();
if ($this->settings['comments_sorting'] == "ASC") {
$c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "'");
$c_start = (ceil($c_count / $cpp) - 1) * $cpp;
}
}
redirect(self::format_clink($clink) . "&c_start=" . $c_start . "#c" . $id);
}
}
}
}
$c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'");
if (!isset($_GET['c_start']) && $c_rows > $cpp) {
$_GET['c_start'] = (ceil($c_rows / $cpp) - 1) * $cpp;
}
if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
$_GET['c_start'] = 0;
}
$comment_query = "\n SELECT tcm.*, tcu.user_id, tcu.user_name, tcu.user_avatar, tcu.user_status\n FROM " . DB_COMMENTS . " tcm\n LEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n WHERE comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'\n ORDER BY comment_datestamp " . $this->settings['comments_sorting'] . ", comment_cat DESC";
$query = dbquery($comment_query);
if (dbrows($query) > 0) {
$i = $this->settings['comments_sorting'] == "ASC" ? $_GET['c_start'] + 1 : $c_rows - $_GET['c_start'];
if ($c_rows > $cpp) {
$this->c_arr['c_info']['c_makepagenav'] = makepagenav($_GET['c_start'], $cpp, $c_rows, 3, $clink . "&", "c_start");
}
if (iADMIN && checkrights("C")) {
$this->c_arr['c_info']['admin_link'] = "<!--comment_admin-->\n";
$this->c_arr['c_info']['admin_link'] .= "<a href='" . ADMIN . "comments.php" . $aidlink . "&ctype=" . $comment_type . "&comment_item_id=" . $comment_item_id . "'>" . $this->locale['c106'] . "</a>";
}
while ($row = dbarray($query)) {
$actions = array("edit_dell" => "", "edit_link" => "", "delete_link" => "");
if (iADMIN && checkrights("C") || iMEMBER && $row['comment_name'] == $this->userdata['user_id'] && isset($row['user_name'])) {
$edit_link = clean_request('c_action=edit&comment_id=' . $row['comment_id'], array('c_action', 'comment_id'), false) . "#edit_comment";
$delete_link = clean_request('c_action=delete&comment_id=' . $row['comment_id'], array('c_action', 'comment_id'), false);
$comment_actions = "<!---comment_actions--><div class='btn-group'>\n <a class='btn btn-xs btn-default' href='{$edit_link}'>" . $this->locale['c108'] . "</a>\n <a class='btn btn-xs btn-default' href='{$delete_link}' onclick=\"return confirm('" . $this->locale['c110'] . "');\"><i class='fa fa-trash'></i>" . $this->locale['c109'] . "</a>\n </div><!---//comment_actions-->\n ";
$actions = array("edit_link" => array('link' => $edit_link, 'name' => $this->locale['c108']), "delete_link" => array('link' => $delete_link, 'name' => $this->locale['c109']), "edit_dell" => $comment_actions);
}
$reply_form = "";
if (isset($_GET['comment_reply']) && $_GET['comment_reply'] == $row['comment_id']) {
$locale = fusion_get_locale();
$comment_data['comment_cat'] = $row['comment_id'];
$reply_form = openform("comments_reply_form", "post", FUSION_REQUEST, array("class" => "comments_reply_form"));
if (iGUEST) {
$reply_form .= form_text('comment_name', fusion_get_locale('c104'), $comment_data['comment_name'], array('max_length' => 30));
}
$reply_form .= form_hidden("comment_cat", "", $comment_data['comment_cat']);
$reply_form .= form_textarea("comment_message", "", $comment_data['comment_message'], array("tinymce" => "simple", "type" => fusion_get_settings("tinymce_enabled") ? "tinymce" : "bbcode", "input_id" => "comment_message-" . $i, "required" => true));
if (iGUEST && (!isset($_CAPTCHA_HIDE_INPUT) || isset($_CAPTCHA_HIDE_INPUT) && !$_CAPTCHA_HIDE_INPUT)) {
$_CAPTCHA_HIDE_INPUT = FALSE;
$reply_form .= "<div class='m-t-10 m-b-10'>";
$reply_form .= "<label class='col-xs-12 col-sm-3'>" . $locale['global_150'] . "</label><div class='col-xs-12 col-sm-9'>\n";
ob_start();
include INCLUDES . "captchas/" . $this->settings['captcha'] . "/captcha_display.php";
$reply_form .= ob_get_contents();
ob_end_clean();
if (!$_CAPTCHA_HIDE_INPUT) {
$reply_form .= "<br />\n<label for='captcha_code'>" . $locale['global_151'] . "</label>";
$reply_form .= "<br />\n<input type='text' id='captcha_code' name='captcha_code' class='textbox' autocomplete='off' style='width:100px' />\n";
}
$reply_form .= "</div>\n";
$reply_form .= "</div>\n";
}
$reply_form .= form_button('post_comment', $locale['c102'], $locale['c102'], array('class' => 'btn-success m-t-10'));
$reply_form .= closeform();
}
/** formats $row */
$row = array("comment_id" => $row['comment_id'], "comment_cat" => $row['comment_cat'], "i" => $i, "user_avatar" => display_avatar($row, '50px', '', false, 'img-rounded'), "user" => array("user_id" => $row['user_id'], "user_name" => $row['user_name'], "user_avatar" => $row['user_avatar'], "status" => $row['user_status']), "reply_link" => clean_request("comment_reply=" . $row['comment_id'], array("comment_reply"), false), "reply_form" => $reply_form, "comment_datestamp" => showdate('shortdate', $row['comment_datestamp']), "comment_time" => timer($row['comment_datestamp']), "comment_message" => "<!--comment_message-->\n" . nl2br(parseubb(parsesmileys($row['comment_message']))) . "<!--//comment_message-->\n", "comment_name" => $row['user_name'] ? profile_link($row['comment_name'], $row['user_name'], $row['user_status'], 'strong text-dark') : $row['comment_name']);
$row += $actions;
$id = $row['comment_id'];
$parent_id = $row['comment_cat'] === NULL ? "0" : $row['comment_cat'];
$data[$id] = $row;
$this->c_arr['c_con'][$parent_id][$id] = $row;
$this->settings['comments_sorting'] == "ASC" ? $i++ : $i--;
}
// Paginate the array
$this->c_arr['c_con'][0] = array_chunk($this->c_arr['c_con'][0], $cpp, true);
// Pass cpp settings
$this->c_arr['c_info']['comments_per_page'] = $cpp;
$this->c_arr['c_info']['comments_count'] = format_word(number_format($i - 1, 0), $this->locale['fmt_comment']);
}
echo "<a id='comments' name='comments'></a>";
render_comments($this->c_arr['c_con'], $this->c_arr['c_info']);
render_comments_form($comment_type, $clink, $comment_item_id, isset($_CAPTCHA_HIDE_INPUT) ? $_CAPTCHA_HIDE_INPUT : FALSE);
}
}