message($lang_common['No view']); } else { if ($pun_user['g_search'] == '0') { message($lang_search['No search permission']); } } $c2c_board_condition = ''; if ($pun_user['g_id'] == PUN_MOD) { // Fetch some info about the forum $result = $db->query('SELECT f.moderators FROM ' . $db->prefix . 'forums AS f LEFT JOIN ' . $db->prefix . 'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=' . $pun_user['g_id'] . ') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id=' . C2C_BOARD_FORUM) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error()); if (!$db->num_rows($result)) { message($lang_common['Bad request']); } $c2c_board_forum = $db->fetch_assoc($result); // Sort out who the moderators are and if we are currently a moderator (or an admin) list($is_admmod, $is_c2c_board) = get_is_admmod(C2C_BOARD_FORUM, $c2c_board_forum['moderators'], $pun_user); $is_admmod = true; if (!$is_c2c_board) { $c2c_board_condition = ' AND (f.id != ' . C2C_BOARD_FORUM . ')'; } } elseif ($pun_user['g_id'] == PUN_ADMIN) { $is_admmod = true; $is_c2c_board = true; } elseif ($pun_user['g_id'] > PUN_GUEST) { $is_admmod = false; $is_c2c_board = true; } else { $is_admmod = false; $is_c2c_board = false; } // Detect two byte character sets
$result = $db->query('SELECT f.id, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, fp.post_polls, t.subject, t.closed, t.question, t.last_post FROM ' . $db->prefix . 'topics AS t INNER JOIN ' . $db->prefix . 'forums AS f ON f.id=t.forum_id LEFT JOIN ' . $db->prefix . 'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=' . $pun_user['g_id'] . ') WHERE (fp.read_forum IS NULL OR fp.read_forum=1 OR (fp.post_replies=1 AND fp.post_topics=1)) AND t.id=' . $tid) or error('Impossible de retrouver les informations forum', __FILE__, __LINE__, $db->error()); } } else { $result = $db->query('SELECT f.id, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, fp.post_polls FROM ' . $db->prefix . 'forums AS f LEFT JOIN ' . $db->prefix . 'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=' . $pun_user['g_id'] . ') WHERE (fp.read_forum IS NULL OR fp.read_forum=1 OR (fp.post_replies=1 AND fp.post_topics=1)) AND f.id=' . $fid) or error('Impossible de retrouver les informations forum', __FILE__, __LINE__, $db->error()); } if (!$db->num_rows($result)) { message($lang_common['Bad request']); } $cur_posting = $db->fetch_assoc($result); $forum_id = $cur_posting['id']; // Is someone trying to post into a redirect forum? if ($cur_posting['redirect_url'] != '') { message($lang_common['Bad request']); } // Sort out who the moderators are and if we are currently a moderator (or an admin) list($is_admmod, $is_c2c_board) = get_is_admmod($forum_id, $cur_posting['moderators'], $pun_user); // Do we have permission to post? if (($tid && ($cur_posting['post_replies'] == '' && $pun_user['g_post_replies'] == '0' || $cur_posting['post_replies'] == '0') || $fid && (!isset($_GET['type']) && $ptype == '0') && ($cur_posting['post_topics'] == '' && $pun_user['g_post_topics'] == '0' || $cur_posting['post_topics'] == '0') || $fid && (isset($_GET['type']) || $ptype != '0') && ($cur_posting['post_polls'] == '' && $pun_user['g_post_polls'] == '0' || $cur_posting['post_polls'] == '0') || isset($cur_posting['closed']) && $cur_posting['closed'] == '1') && !$is_admmod || !$is_c2c_board) { message($lang_common['No permission']); } $is_comment = get_is_comment($forum_id); $can_edit_subject = !$is_comment || $is_admmod; // Load the post.php language file require PUN_ROOT . 'lang/' . $pun_user['language'] . '/post.php'; require PUN_ROOT . 'lang/' . $pun_user['language'] . '/polls.php'; // Start with a clean slate $errors = array(); $new_posts_error = false; $show_new = false; $last_read = 0; // Did someone just hit "Submit" or "Preview"?
require PUN_ROOT . 'include/common.php'; if ($pun_user['g_read_board'] == '0') { message($lang_common['No view']); } $pollid = isset($_POST['poll_id']) ? intval($_POST['poll_id']) : 0; if ($pollid < 1) { message($lang_common['Bad request']); } // Fetch some info about the poll $result = $db->query('SELECT f.id, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, t.subject, t.closed, poll.ptype, poll.options, poll.voters, poll.votes FROM ' . $db->prefix . 'polls AS poll RIGHT JOIN ' . $db->prefix . 'topics AS t ON poll.pollid=t.id INNER JOIN ' . $db->prefix . 'forums AS f ON f.id=t.forum_id LEFT JOIN ' . $db->prefix . 'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=' . $pun_user['g_id'] . ') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id=' . $pollid) or error('Unable to fetch topic and poll info', __FILE__, __LINE__, $db->error()); if (!$db->num_rows($result)) { message($lang_common['Bad request']); } $cur_poll = $db->fetch_assoc($result); // Sort out who the moderators are and if we are currently a moderator (or an admin) list($is_admmod, $is_c2c_board) = get_is_admmod($cur_poll['id'], $cur_poll['moderators'], $pun_user); // Do we have permission to vote? if (($cur_poll['post_replies'] == '' && $pun_user['g_post_replies'] == '0' || $cur_poll['post_replies'] == '0' || isset($cur_poll['closed']) && $cur_poll['closed'] == '1') && !$is_admmod || !$is_c2c_board) { message($lang_common['No permission']); } // Letting guests vote is silly and undermines the whole purpose of a poll if ($pun_user['is_guest']) { message($lang_common['No permission']); } // Load the polls.php language file require PUN_ROOT . 'lang/' . $pun_user['language'] . '/polls.php'; if (isset($_POST['form_sent'])) { // Make sure form_user is correct if ($pun_user['is_guest'] || $_POST['form_user'] != $pun_user['username']) { message($lang_common['Bad request']); }
} } } } // Fetch some info about the topic if (!$pun_user['is_guest']) { $result = $db->query('SELECT pf.forum_name AS parent_forum, f.parent_forum_id, t.subject, t.closed, t.num_replies, t.sticky, t.last_post, t.question, t.yes, t.no, f.id AS forum_id, f.forum_name, f.moderators, fp.post_replies, s.user_id AS is_subscribed FROM ' . $db->prefix . 'topics AS t INNER JOIN ' . $db->prefix . 'forums AS f ON f.id=t.forum_id LEFT JOIN ' . $db->prefix . 'subscriptions AS s ON (t.id=s.topic_id AND s.user_id=' . $pun_user['id'] . ') LEFT JOIN ' . $db->prefix . 'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=' . $pun_user['g_id'] . ') LEFT JOIN ' . $db->prefix . 'forums AS pf ON f.parent_forum_id=pf.id WHERE (fp.read_forum IS NULL OR fp.read_forum=1 OR fp.forum_id=1) AND t.id=' . $id . ' AND t.moved_to IS NULL') or error('Impossible de retrouver les informations de la discussion', __FILE__, __LINE__, $db->error()); } else { $result = $db->query('SELECT pf.forum_name AS parent_forum, f.parent_forum_id, t.subject, t.closed, t.num_replies, t.sticky, t.question, t.yes, t.no, f.id AS forum_id, f.forum_name, f.moderators, fp.post_replies FROM ' . $db->prefix . 'topics AS t INNER JOIN ' . $db->prefix . 'forums AS f ON f.id=t.forum_id LEFT JOIN ' . $db->prefix . 'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=' . $pun_user['g_id'] . ') LEFT JOIN ' . $db->prefix . 'forums AS pf ON f.parent_forum_id=pf.id WHERE (fp.read_forum IS NULL OR fp.read_forum=1 OR fp.forum_id=1) AND t.id=' . $id . ' AND t.moved_to IS NULL') or error('Impossible de retrouver les informations de la discussion', __FILE__, __LINE__, $db->error()); } if (!$db->num_rows($result)) { message($lang_common['Bad request']); } $cur_topic = $db->fetch_assoc($result); // Sort out who the moderators are and if we are currently a moderator (or an admin) list($is_admmod, $is_c2c_board) = get_is_admmod($cur_topic['forum_id'], $cur_topic['moderators'], $pun_user); // c2c board topic if (!$is_c2c_board) { message($lang_common['No permission']); } // If it is a comment topic, we redirect to the document if (get_is_comment($cur_topic['forum_id']) && !isset($_GET['forum'])) { $doc_param = get_doc_param($cur_topic['subject']); header('Location: ' . $doc_param[2] . $doc_param[3], true, 301); exit; } // If it is a pub forum, we don't want thatsearch engine follow links $pub_forums = explode(', ', PUB_FORUMS . ', ' . LOVE_FORUMS); $is_no_index_forum = in_array($cur_topic['forum_id'], $pub_forums); if ($is_no_index_forum) { $rel = ' rel="nofollow"';
$post_infos .= $author_name; } $author_ip_link = ' - <a href="search.php?action=search&author_id=' . $author_id . '&ip=' . $ip . '&show_as=posts">Show all posts from this author and with this IP</a>'; } message($post_infos . '<br />The IP address is: ' . $ip . '<br />The host name is: ' . @gethostbyaddr($ip) . '<br /><br /><a href="admin_users.php?show_users=' . $ip . '">Show more users for this IP</a> - <a href="search.php?action=search&ip=' . $ip . '&show_as=posts">Show all posts with this IP</a>' . $author_ip_link); } // All other functions require moderator/admin access $fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0; if ($fid < 1) { message($lang_common['Bad request']); } $forum_id = $fid; $footer_style = 'moderate'; $result = $db->query('SELECT moderators FROM ' . $db->prefix . 'forums WHERE id=' . $fid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error()); $moderators = $db->result($result); list($is_admmod, $is_c2c_board) = get_is_admmod($forum_id, $moderators, $pun_user); if (!$is_admmod) { message($lang_common['No permission']); } // Load the misc.php language file require PUN_ROOT . 'lang/' . $pun_user['language'] . '/misc.php'; // Load the movepost.php language file require PUN_ROOT . 'lang/' . $pun_user['language'] . '/movepost.php'; // All other topic moderation features require a topic id in GET if (isset($_GET['tid'])) { $tid = intval($_GET['tid']); if ($tid < 1) { message($lang_common['Bad request']); } // Fetch some info about the topic $result = $db->query('SELECT t.subject, t.num_replies, f.id AS forum_id, forum_name FROM ' . $db->prefix . 'topics AS t INNER JOIN ' . $db->prefix . 'forums AS f ON f.id=t.forum_id LEFT JOIN ' . $db->prefix . 'subscriptions AS s ON (t.id=s.topic_id AND s.user_id=' . $pun_user['id'] . ') LEFT JOIN ' . $db->prefix . 'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=' . $pun_user['g_id'] . ') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id=' . $fid . ' AND t.id=' . $tid . ' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
unset($post_ids); } else { // we presume all the posts we want to move are from the same // topic. So, for the information, we just take the first id $post_id = intval(substr($post_ids, 0, strpos($post_ids, ','))); } } else { $post_id = intval($_GET['id']); } //Find the information from the original post $result = $db->query('SELECT p.message, t.id, t.subject, t.forum_id, f.forum_name, f.moderators FROM ' . $db->prefix . 'posts as p INNER JOIN ' . $db->prefix . 'topics as t ON p.topic_id=t.id INNER JOIN ' . $db->prefix . 'forums as f ON t.forum_id=f.id WHERE p.id=' . $post_id) or error('Unable to find information for the post', __FILE__, __LINE__, $db->error()); if (!$db->num_rows($result)) { message($lang_common['Bad request']); } list($message, $old_topic_id, $subject, $old_fid, $forum_name, $moderators) = $db->fetch_row($result); list($is_admmod, $is_c2c_board) = get_is_admmod($old_fid, $moderators, $pun_user); if (!$is_admmod) { message($lang_common['No permission']); } //Same forum or new one ? if (isset($_GET['new_fid'])) { $fid = $new_fid = intval($_GET['new_fid']); if ($new_fid != $old_fid) { $new_forum = TRUE; } else { $fid = $old_fid; } } else { $fid = $old_fid; } $forum_id = $fid;
require PUN_ROOT . 'lang/' . $pun_user['language'] . '/polls.php'; $show_link_to_forum = isset($_GET['forum']) ? '&forum' : ''; $is_comment_forum = get_is_comment($id); // Fetch some info about the forum $result = $db->query('SELECT f.forum_name, f.forum_desc, pf.forum_name AS parent_forum, f.redirect_url, f.moderators, f.num_topics, f.sort_by, f.parent_forum_id, fp.post_topics, fp.post_polls FROM ' . $db->prefix . 'forums AS f LEFT JOIN ' . $db->prefix . 'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=' . $pun_user['g_id'] . ') LEFT JOIN ' . $db->prefix . 'forums AS pf ON f.parent_forum_id=pf.id WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id=' . $id) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error()); if (!$db->num_rows($result)) { message($lang_common['Bad request']); } $cur_forum = $db->fetch_assoc($result); // Is this a redirect forum? In that case, redirect! if ($cur_forum['redirect_url'] != '') { header('Location: ' . $cur_forum['redirect_url']); exit; } // Sort out who the moderators are and if we are currently a moderator (or an admin) list($is_admmod, $is_c2c_board) = get_is_admmod($id, $cur_forum['moderators'], $pun_user); // c2c board topic if (!$is_c2c_board) { message($lang_common['No permission']); } // If it is a pub forum, we don't want thatsearch engine follow links $pub_forums = explode(', ', PUB_FORUMS . ', ' . LOVE_FORUMS); $is_no_index_forum = in_array($id, $pub_forums); if ($is_no_index_forum) { $rel = ' rel="nofollow"'; } else { $rel = ''; } // Can we or can we not post new topics? if (($cur_forum['post_topics'] == '' && $pun_user['g_post_topics'] == '1' || $cur_forum['post_topics'] == '1') && !$is_comment_forum || $is_admmod) { $post_link = '<a href="post.php?fid=' . $id . '" rel="nofollow">' . $lang_forum['Post topic'] . '</a>';