/**
* Insert a post into the database.
*
* @return array Array of new post details, pid and visibility.
*/
function insert_post()
{
global $db, $mybb, $plugins, $cache, $lang;
$post =& $this->data;
// Yes, validating is required.
if (!$this->get_validated()) {
die("The post needs to be validated before inserting it into the DB.");
}
if (count($this->get_errors()) > 0) {
die("The post is not valid.");
}
// Fetch the thread
$thread = get_thread($post['tid']);
$closed = $thread['closed'];
// This post is being saved as a draft.
if ($post['savedraft']) {
$visible = -2;
} else {
// Automatic subscription to the thread
if ($post['options']['subscriptionmethod'] != "" && $post['uid'] > 0) {
switch ($post['options']['subscriptionmethod']) {
case "pm":
$notification = 2;
break;
case "email":
$notification = 1;
break;
default:
$notification = 0;
}
require_once MYBB_ROOT . "inc/functions_user.php";
add_subscribed_thread($post['tid'], $notification, $post['uid']);
}
// Perform any selected moderation tools.
$ismod = is_moderator($post['fid'], "", $post['uid']);
if ($ismod) {
$lang->load($this->language_file, true);
$modoptions = $post['modoptions'];
$modlogdata['fid'] = $thread['fid'];
$modlogdata['tid'] = $thread['tid'];
if (!isset($modoptions['closethread'])) {
$modoptions['closethread'] = $closed;
}
$modoptions_update = array();
// Close the thread.
if ($modoptions['closethread'] == 1 && $thread['closed'] != 1) {
$modoptions_update['closed'] = $closed = 0;
log_moderator_action($modlogdata, $lang->thread_closed);
}
// Open the thread.
if ($modoptions['closethread'] != 1 && $thread['closed'] == 1) {
$modoptions_update['closed'] = $closed = 1;
log_moderator_action($modlogdata, $lang->thread_opened);
}
if (!isset($modoptions['stickthread'])) {
$modoptions['stickthread'] = $thread['sticky'];
}
// Stick the thread.
if ($modoptions['stickthread'] == 1 && $thread['sticky'] != 1) {
$modoptions_update['sticky'] = 1;
log_moderator_action($modlogdata, $lang->thread_stuck);
}
// Unstick the thread.
if ($modoptions['stickthread'] != 1 && $thread['sticky']) {
$modoptions_update['sticky'] = 0;
log_moderator_action($modlogdata, $lang->thread_unstuck);
}
// Execute moderation options.
if ($modoptions_update) {
$db->update_query('threads', $modoptions_update, "tid='{$thread['tid']}'");
}
}
// Fetch the forum this post is being made in
$forum = get_forum($post['fid']);
// Decide on the visibility of this post.
$forumpermissions = forum_permissions($post['fid'], $post['uid']);
if ($forumpermissions['modposts'] == 1 && !$ismod) {
$visible = 0;
} else {
$visible = 1;
}
// Are posts from this user being moderated? Change visibility
if ($mybb->user['uid'] == $post['uid'] && $mybb->user['moderateposts'] == 1) {
$visible = 0;
}
}
if (!isset($post['pid'])) {
$post['pid'] = 0;
}
$post['pid'] = (int) $post['pid'];
$post['uid'] = (int) $post['uid'];
if ($post['pid'] > 0) {
$query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'");
$draft_check = $db->fetch_field($query, "tid");
} else {
$draft_check = false;
}
if ($this->method != "update" && $visible == 1) {
$double_post = $this->verify_post_merge();
// Only combine if they are both invisible (mod queue'd forum) or both visible
if ($double_post !== true && $double_post['visible'] == $visible) {
$this->pid = $double_post['pid'];
$post['message'] = $double_post['message'] .= "\n" . $mybb->settings['postmergesep'] . "\n" . $post['message'];
$update_query = array("message" => $db->escape_string($double_post['message']));
$update_query['edituid'] = (int) $post['uid'];
$update_query['edittime'] = TIME_NOW;
$query = $db->update_query("posts", $update_query, "pid='" . $double_post['pid'] . "'");
if ($draft_check) {
$db->delete_query("posts", "pid='" . $post['pid'] . "'");
}
if ($post['posthash']) {
// Assign any uploaded attachments with the specific posthash to the merged post.
$post['posthash'] = $db->escape_string($post['posthash']);
$query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='0' AND visible='1' AND posthash='{$post['posthash']}'");
$attachmentcount = $db->fetch_field($query, "attachmentcount");
if ($attachmentcount > 0) {
// Update forum count
update_thread_counters($post['tid'], array('attachmentcount' => "+{$attachmentcount}"));
}
$attachmentassign = array("pid" => $double_post['pid'], "posthash" => '');
$db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}' AND pid='0'");
}
// Return the post's pid and whether or not it is visible.
$this->return_values = array("pid" => $double_post['pid'], "visible" => $visible, "merge" => true);
$plugins->run_hooks("datahandler_post_insert_merge", $this);
return $this->return_values;
}
}
if ($visible == 1 && $thread['visible'] == 1) {
$now = TIME_NOW;
// Yes, the value to the lastpost key in this array has single quotes within double quotes. It's not a bug.
$update_array = array('lastpost' => "'{$now}'");
if ($forum['usepostcounts'] != 0) {
$update_array['postnum'] = 'postnum+1';
}
$db->update_query("users", $update_array, "uid='{$post['uid']}'", 1, true);
}
// Are we updating a post which is already a draft? Perhaps changing it into a visible post?
if ($draft_check) {
// Update a post that is a draft
$this->post_update_data = array("subject" => $db->escape_string($post['subject']), "icon" => (int) $post['icon'], "uid" => $post['uid'], "username" => $db->escape_string($post['username']), "dateline" => (int) $post['dateline'], "message" => $db->escape_string($post['message']), "ipaddress" => $db->escape_binary($post['ipaddress']), "includesig" => $post['options']['signature'], "smilieoff" => $post['options']['disablesmilies'], "visible" => $visible);
$plugins->run_hooks("datahandler_post_insert_post", $this);
$db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'");
$this->pid = $post['pid'];
} else {
// Insert the post.
$this->post_insert_data = array("tid" => (int) $post['tid'], "replyto" => (int) $post['replyto'], "fid" => (int) $post['fid'], "subject" => $db->escape_string($post['subject']), "icon" => (int) $post['icon'], "uid" => $post['uid'], "username" => $db->escape_string($post['username']), "dateline" => $post['dateline'], "message" => $db->escape_string($post['message']), "ipaddress" => $db->escape_binary($post['ipaddress']), "includesig" => $post['options']['signature'], "smilieoff" => $post['options']['disablesmilies'], "visible" => $visible);
$plugins->run_hooks("datahandler_post_insert_post", $this);
$this->pid = $db->insert_query("posts", $this->post_insert_data);
}
// Assign any uploaded attachments with the specific posthash to the newly created post.
if ($post['posthash']) {
$post['posthash'] = $db->escape_string($post['posthash']);
$attachmentassign = array("pid" => $this->pid, "posthash" => '');
$db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}' AND pid='0'");
}
$thread_update = array();
if ($visible == 1 && $thread['visible'] == 1) {
$thread = get_thread($post['tid']);
require_once MYBB_ROOT . 'inc/class_parser.php';
$parser = new Postparser();
$done_users = array();
$subject = $parser->parse_badwords($thread['subject']);
$parser_options = array('me_username' => $post['username'], 'filter_badwords' => 1);
$excerpt = $parser->text_parse_message($post['message'], $parser_options);
$excerpt = my_substr($excerpt, 0, $mybb->settings['subscribeexcerpt']) . $lang->emailbit_viewthread;
// Fetch any users subscribed to this thread receiving instant notification and queue up their subscription notices
$query = $db->query("\n\t\t\t\tSELECT u.username, u.email, u.uid, u.language, u.loginkey, u.salt, u.regdate, s.subscriptionkey, s.notification\n\t\t\t\tFROM " . TABLE_PREFIX . "threadsubscriptions s\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=s.uid)\n\t\t\t\tWHERE (s.notification='1' OR s.notification='2') AND s.tid='{$post['tid']}'\n\t\t\t\tAND s.uid != '{$post['uid']}'\n\t\t\t\tAND u.lastactive>'{$thread['lastpost']}'\n\t\t\t");
$args = array('this' => &$this, 'done_users' => &$done_users, 'users' => array());
while ($subscribedmember = $db->fetch_array($query)) {
if ($done_users[$subscribedmember['uid']]) {
continue;
}
$args['users'][$subscribedmember['uid']] = (int) $subscribedmember['uid'];
$done_users[$subscribedmember['uid']] = 1;
$forumpermissions = forum_permissions($thread['fid'], $subscribedmember['uid']);
if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) {
continue;
}
if ($thread['uid'] != $subscribedmember['uid'] && $forumpermissions['canonlyviewownthread'] == 1 && !is_moderator($thread['fid'], "", $subscribedmember['uid'])) {
// User isn't a moderator or the author of the thread...
continue;
}
if ($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language'])) {
$uselang = $subscribedmember['language'];
} elseif ($mybb->settings['orig_bblanguage']) {
$uselang = $mybb->settings['orig_bblanguage'];
} else {
$uselang = "english";
}
if ($uselang == $mybb->settings['bblanguage']) {
if ($subscribedmember['notification'] == 1) {
$emailsubject = $lang->emailsubject_subscription;
$emailmessage = $lang->email_subscription;
}
} else {
if ($subscribedmember['notification'] == 1) {
if (!isset($langcache[$uselang]['emailsubject_subscription'])) {
$userlang = new MyLanguage();
$userlang->set_path(MYBB_ROOT . "inc/languages");
$userlang->set_language($uselang);
$userlang->load("messages");
$langcache[$uselang]['emailsubject_subscription'] = $userlang->emailsubject_subscription;
$langcache[$uselang]['email_subscription'] = $userlang->email_subscription;
unset($userlang);
}
$emailsubject = $langcache[$uselang]['emailsubject_subscription'];
$emailmessage = $langcache[$uselang]['email_subscription'];
}
}
if ($subscribedmember['notification'] == 1) {
$emailsubject = $lang->sprintf($emailsubject, $subject);
$post_code = md5($subscribedmember['loginkey'] . $subscribedmember['salt'] . $subscribedmember['regdate']);
$emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $post['username'], $mybb->settings['bbname'], $subject, $excerpt, $mybb->settings['bburl'], str_replace("&", "&", get_thread_link($thread['tid'], 0, "newpost")), $thread['tid'], $subscribedmember['subscriptionkey'], $post_code);
$new_email = array("mailto" => $db->escape_string($subscribedmember['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject), "message" => $db->escape_string($emailmessage), "headers" => '');
$db->insert_query("mailqueue", $new_email);
unset($userlang);
$queued_email = 1;
} elseif ($subscribedmember['notification'] == 2) {
$post_code = md5($subscribedmember['loginkey'] . $subscribedmember['salt'] . $subscribedmember['regdate']);
$pm = array('subject' => array('pmsubject_subscription', $subject), 'message' => array('pm_subscription', $subscribedmember['username'], $post['username'], $subject, $excerpt, $mybb->settings['bburl'], str_replace("&", "&", get_thread_link($thread['tid'], 0, "newpost")), $thread['tid'], $subscribedmember['subscriptionkey'], $post_code), 'touid' => $subscribedmember['uid'], 'language' => $subscribedmember['language'], 'language_file' => 'messages');
send_pm($pm, -1, true);
}
}
$plugins->run_hooks('datahandler_post_insert_subscribed', $args);
// Have one or more emails been queued? Update the queue count
if (isset($queued_email) && $queued_email == 1) {
$cache->update_mailqueue();
}
$thread_update = array('replies' => '+1');
// Update forum count
update_last_post($post['tid']);
update_forum_counters($post['fid'], array("posts" => "+1"));
update_forum_lastpost($thread['fid']);
} else {
if ($visible == 0) {
// Update the unapproved posts count for the current thread and current forum
$thread_update = array('unapprovedposts' => '+1');
update_thread_counters($post['tid'], array("unapprovedposts" => "+1"));
update_forum_counters($post['fid'], array("unapprovedposts" => "+1"));
} else {
if ($thread['visible'] == 0) {
// Update the unapproved posts count for the current forum
$thread_update = array('replies' => '+1');
update_forum_counters($post['fid'], array("unapprovedposts" => "+1"));
} else {
if ($thread['visible'] == -1) {
// Update the unapproved posts count for the current forum
$thread_update = array('replies' => '+1');
update_forum_counters($post['fid'], array("deletedposts" => "+1"));
}
}
}
}
$query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='{$this->pid}' AND visible='1'");
$attachmentcount = $db->fetch_field($query, "attachmentcount");
if ($attachmentcount > 0) {
$thread_update['attachmentcount'] = "+{$attachmentcount}";
}
update_thread_counters($post['tid'], $thread_update);
// Return the post's pid and whether or not it is visible.
$this->return_values = array("pid" => $this->pid, "visible" => $visible, "closed" => $closed);
$plugins->run_hooks("datahandler_post_insert_post_end", $this);
return $this->return_values;
}
/**
* Insert a new private message.
*
* @return array Array of PM useful data.
*/
function insert_pm()
{
global $cache, $db, $mybb, $plugins, $lang;
// Yes, validating is required.
if (!$this->get_validated()) {
die("The PM needs to be validated before inserting it into the DB.");
}
if (count($this->get_errors()) > 0) {
die("The PM is not valid.");
}
// Assign data to common variable
$pm =& $this->data;
if (empty($pm['pmid'])) {
$pm['pmid'] = 0;
}
$pm['pmid'] = (int) $pm['pmid'];
if (empty($pm['icon']) || $pm['icon'] < 0) {
$pm['icon'] = 0;
}
$uid = 0;
if (!is_array($pm['recipients'])) {
$recipient_list = array();
} else {
// Build recipient list
foreach ($pm['recipients'] as $recipient) {
if (!empty($recipient['bcc'])) {
$recipient_list['bcc'][] = $recipient['uid'];
} else {
$recipient_list['to'][] = $recipient['uid'];
$uid = $recipient['uid'];
}
}
}
$this->pm_insert_data = array('fromid' => (int) $pm['sender']['uid'], 'folder' => $pm['folder'], 'subject' => $db->escape_string($pm['subject']), 'icon' => (int) $pm['icon'], 'message' => $db->escape_string($pm['message']), 'dateline' => TIME_NOW, 'status' => 0, 'includesig' => $pm['options']['signature'], 'smilieoff' => $pm['options']['disablesmilies'], 'receipt' => (int) $pm['options']['readreceipt'], 'readtime' => 0, 'recipients' => $db->escape_string(my_serialize($recipient_list)), 'ipaddress' => $db->escape_binary($pm['ipaddress']));
// Check if we're updating a draft or not.
$query = $db->simple_select("privatemessages", "pmid, deletetime", "folder='3' AND uid='" . (int) $pm['sender']['uid'] . "' AND pmid='{$pm['pmid']}'");
$draftcheck = $db->fetch_array($query);
// This PM was previously a draft
if ($draftcheck['pmid']) {
if ($draftcheck['deletetime']) {
// This draft was a reply to a PM
$pm['pmid'] = $draftcheck['deletetime'];
$pm['do'] = "reply";
}
// Delete the old draft as we no longer need it
$db->delete_query("privatemessages", "pmid='{$draftcheck['pmid']}'");
}
// Saving this message as a draft
if (!empty($pm['saveasdraft'])) {
$this->pm_insert_data['uid'] = $pm['sender']['uid'];
// If this is a reply, then piggyback into the deletetime to let us know in the future
if ($pm['do'] == "reply" || $pm['do'] == "replyall") {
$this->pm_insert_data['deletetime'] = $pm['pmid'];
}
$plugins->run_hooks("datahandler_pm_insert_updatedraft", $this);
$db->insert_query("privatemessages", $this->pm_insert_data);
// If this is a draft, end it here - below deals with complete messages
return array("draftsaved" => 1);
}
$this->pmid = array();
// Save a copy of the PM for each of our recipients
foreach ($pm['recipients'] as $recipient) {
// Send email notification of new PM if it is enabled for the recipient
$query = $db->simple_select("privatemessages", "dateline", "uid='" . $recipient['uid'] . "' AND folder='1'", array('order_by' => 'dateline', 'order_dir' => 'desc', 'limit' => 1));
$lastpm = $db->fetch_array($query);
if ($recipient['pmnotify'] == 1 && $recipient['lastactive'] > $lastpm['dateline']) {
if ($recipient['language'] != "" && $lang->language_exists($recipient['language'])) {
$uselang = $recipient['language'];
} elseif ($mybb->settings['bblanguage']) {
$uselang = $mybb->settings['bblanguage'];
} else {
$uselang = "english";
}
if ($uselang == $mybb->settings['bblanguage'] && !empty($lang->emailsubject_newpm)) {
$emailsubject = $lang->emailsubject_newpm;
$emailmessage = $lang->email_newpm;
} else {
$userlang = new MyLanguage();
$userlang->set_path(MYBB_ROOT . "inc/languages");
$userlang->set_language($uselang);
$userlang->load("messages");
$emailsubject = $userlang->emailsubject_newpm;
$emailmessage = $userlang->email_newpm;
}
if (!$pm['sender']['username']) {
$pm['sender']['username'] = $lang->mybb_engine;
}
require_once MYBB_ROOT . 'inc/class_parser.php';
$parser = new Postparser();
$parser_options = array('me_username' => $pm['sender']['username'], 'filter_badwords' => 1);
$pm['message'] = $parser->text_parse_message($pm['message'], $parser_options);
$emailmessage = $lang->sprintf($emailmessage, $recipient['username'], $pm['sender']['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $pm['message']);
$emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname'], $pm['subject']);
$new_email = array("mailto" => $db->escape_string($recipient['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject), "message" => $db->escape_string($emailmessage), "headers" => '');
$db->insert_query("mailqueue", $new_email);
$cache->update_mailqueue();
}
$this->pm_insert_data['uid'] = $recipient['uid'];
$this->pm_insert_data['toid'] = $recipient['uid'];
$plugins->run_hooks("datahandler_pm_insert", $this);
$this->pmid[] = $db->insert_query("privatemessages", $this->pm_insert_data);
// If PM noices/alerts are on, show!
if ($recipient['pmnotice'] == 1) {
$updated_user = array("pmnotice" => 2);
$db->update_query("users", $updated_user, "uid='{$recipient['uid']}'");
}
// Update private message count (total, new and unread) for recipient
require_once MYBB_ROOT . "/inc/functions_user.php";
update_pm_count($recipient['uid'], 7, $recipient['lastactive']);
}
// Are we replying or forwarding an existing PM?
if ($pm['pmid']) {
if ($pm['do'] == "reply" || $pm['do'] == "replyall") {
$sql_array = array('status' => 3, 'statustime' => TIME_NOW);
$db->update_query("privatemessages", $sql_array, "pmid={$pm['pmid']} AND uid={$pm['sender']['uid']}");
} elseif ($pm['do'] == "forward") {
$sql_array = array('status' => 4, 'statustime' => TIME_NOW);
$db->update_query("privatemessages", $sql_array, "pmid={$pm['pmid']} AND uid={$pm['sender']['uid']}");
}
}
// If we're saving a copy
if ($pm['options']['savecopy'] != 0) {
if (isset($recipient_list['to']) && count($recipient_list['to']) == 1) {
$this->pm_insert_data['toid'] = $uid;
} else {
$this->pm_insert_data['toid'] = 0;
}
$this->pm_insert_data['uid'] = (int) $pm['sender']['uid'];
$this->pm_insert_data['folder'] = 2;
$this->pm_insert_data['status'] = 1;
$this->pm_insert_data['receipt'] = 0;
$plugins->run_hooks("datahandler_pm_insert_savedcopy", $this);
$db->insert_query("privatemessages", $this->pm_insert_data);
// Because the sender saved a copy, update their total pm count
require_once MYBB_ROOT . "/inc/functions_user.php";
update_pm_count($pm['sender']['uid'], 1);
}
// Return back with appropriate data
$this->return_values = array("messagesent" => 1, "pmids" => $this->pmid);
$plugins->run_hooks("datahandler_pm_insert_end", $this);
return $this->return_values;
}