function CalendarPost()
{
global $context, $txt, $db_prefix, $user_info, $sourcedir, $scripturl;
global $modSettings, $topic, $ID_MEMBER, $func;
// Well - can they?
isAllowedTo('calendar_post');
// Cast this for safety...
if (isset($_REQUEST['eventid'])) {
$_REQUEST['eventid'] = (int) $_REQUEST['eventid'];
}
// Submitting?
if (isset($_POST['sc'], $_REQUEST['eventid'])) {
checkSession();
// Validate the post...
if (!isset($_POST['link_to_board'])) {
require_once $sourcedir . '/Subs-Post.php';
calendarValidatePost();
}
// If you're not allowed to edit any events, you have to be the poster.
if ($_REQUEST['eventid'] > 0 && !allowedTo('calendar_edit_any')) {
// Get the event's poster.
$request = db_query("\n\t\t\t\tSELECT ID_MEMBER\n\t\t\t\tFROM {$db_prefix}calendar\n\t\t\t\tWHERE ID_EVENT = {$_REQUEST['eventid']}\n\t\t\t\tLIMIT 1", __FILE__, __LINE__);
list($poster) = mysql_fetch_row($request);
mysql_free_result($request);
// Finally, test if they can either edit ANY, or just their own...
if (!allowedTo('calendar_edit_any')) {
isAllowedTo('calendar_edit_' . ($poster == $ID_MEMBER ? 'own' : 'any'));
}
}
// New - and directing?
if ($_REQUEST['eventid'] == -1 && isset($_POST['link_to_board'])) {
$_REQUEST['calendar'] = 1;
require_once $sourcedir . '/Post.php';
return Post();
} elseif ($_REQUEST['eventid'] == -1) {
calendarInsertEvent(0, 0, $_POST['evtitle'], $ID_MEMBER, $_POST['month'], $_POST['day'], $_POST['year'], isset($_POST['span']) ? $_POST['span'] : null);
} elseif (isset($_REQUEST['deleteevent'])) {
db_query("\n\t\t\t\tDELETE FROM {$db_prefix}calendar\n\t\t\t\tWHERE ID_EVENT = {$_REQUEST['eventid']}\n\t\t\t\tLIMIT 1", __FILE__, __LINE__);
} else {
// Calculate the eventDate depending on span.
$span = empty($modSettings['cal_allowspan']) || empty($_POST['span']) || $_POST['span'] == 1 || empty($modSettings['cal_maxspan']) || $_POST['span'] > $modSettings['cal_maxspan'] ? 0 : min((int) $modSettings['cal_maxspan'], (int) $_POST['span'] - 1);
$start_time = mktime(0, 0, 0, (int) $_REQUEST['month'], (int) $_REQUEST['day'], (int) $_REQUEST['year']);
db_query("\n\t\t\t\tUPDATE {$db_prefix}calendar\n\t\t\t\tSET \n\t\t\t\t\tstartDate = '" . strftime('%Y-%m-%d', $start_time) . "',\n\t\t\t\t\tendDate = '" . strftime('%Y-%m-%d', $start_time + $span * 86400) . "', \n\t\t\t\t\ttitle = '" . $func['htmlspecialchars']($_REQUEST['evtitle'], ENT_QUOTES) . "'\n\t\t\t\tWHERE ID_EVENT = {$_REQUEST['eventid']}\n\t\t\t\tLIMIT 1", __FILE__, __LINE__);
}
updateStats('calendar');
// No point hanging around here now...
redirectexit($scripturl . '?action=calendar;month=' . $_POST['month'] . ';year=' . $_POST['year']);
}
// If we are not enabled... we are not enabled.
if (empty($modSettings['cal_allow_unlinked']) && empty($_REQUEST['eventid'])) {
$_REQUEST['calendar'] = 1;
require_once $sourcedir . '/Post.php';
return Post();
}
// New?
if (!isset($_REQUEST['eventid'])) {
$today = getdate();
$context['event'] = array('boards' => array(), 'board' => !empty($modSettings['cal_defaultboard']) ? $modSettings['cal_defaultboard'] : 0, 'new' => 1, 'eventid' => -1, 'year' => isset($_REQUEST['year']) ? $_REQUEST['year'] : $today['year'], 'month' => isset($_REQUEST['month']) ? $_REQUEST['month'] : $today['mon'], 'day' => isset($_REQUEST['day']) ? $_REQUEST['day'] : $today['mday'], 'title' => '', 'span' => 1);
// Get list of boards that can be posted in.
$boards = boardsAllowedTo('post_new');
if (empty($boards)) {
fatal_lang_error('cannot_post_new');
}
$request = db_query("\n\t\t\tSELECT c.name AS catName, c.ID_CAT, b.ID_BOARD, b.name AS boardName, b.childLevel\n\t\t\tFROM {$db_prefix}boards AS b\n\t\t\t\tLEFT JOIN {$db_prefix}categories AS c ON (c.ID_CAT = b.ID_CAT)\n\t\t\tWHERE {$user_info['query_see_board']}" . (in_array(0, $boards) ? '' : "\n\t\t\t\tAND b.ID_BOARD IN (" . implode(', ', $boards) . ")"), __FILE__, __LINE__);
while ($row = mysql_fetch_assoc($request)) {
$context['event']['boards'][] = array('id' => $row['ID_BOARD'], 'name' => $row['boardName'], 'childLevel' => $row['childLevel'], 'prefix' => str_repeat(' ', $row['childLevel'] * 3), 'cat' => array('id' => $row['ID_CAT'], 'name' => $row['catName']));
}
mysql_free_result($request);
} else {
$request = db_query("\n\t\t\tSELECT\n\t\t\t\tc.ID_EVENT, c.ID_BOARD, c.ID_TOPIC, MONTH(c.startDate) AS month,\n\t\t\t\tDAYOFMONTH(c.startDate) AS day, YEAR(c.startDate) AS year,\n\t\t\t\t(TO_DAYS(c.endDate) - TO_DAYS(c.startDate)) AS span, c.ID_MEMBER, c.title,\n\t\t\t\tt.ID_FIRST_MSG, t.ID_MEMBER_STARTED\n\t\t\tFROM {$db_prefix}calendar AS c\n\t\t\t\tLEFT JOIN {$db_prefix}topics AS t ON (t.ID_TOPIC = c.ID_TOPIC)\n\t\t\tWHERE c.ID_EVENT = {$_REQUEST['eventid']}", __FILE__, __LINE__);
// If nothing returned, we are in poo, poo.
if (mysql_num_rows($request) == 0) {
fatal_lang_error(1);
}
$row = mysql_fetch_assoc($request);
mysql_free_result($request);
// If it has a board, then they should be editing it within the topic.
if ($row['ID_TOPIC'] && $row['ID_FIRST_MSG']) {
// We load the board up, for a check on the board access rights...
$topic = $row['ID_TOPIC'];
loadBoard();
}
// Make sure the user is allowed to edit this event.
if ($row['ID_MEMBER'] != $ID_MEMBER) {
isAllowedTo('calendar_edit_any');
} elseif (!allowedTo('calendar_edit_any')) {
isAllowedTo('calendar_edit_own');
}
$context['event'] = array('boards' => array(), 'board' => $row['ID_BOARD'], 'new' => 0, 'eventid' => $_REQUEST['eventid'], 'year' => $row['year'], 'month' => $row['month'], 'day' => $row['day'], 'title' => $row['title'], 'span' => 1 + $row['span']);
}
$context['event']['last_day'] = (int) strftime('%d', mktime(0, 0, 0, $context['event']['month'] == 12 ? 1 : $context['event']['month'] + 1, 0, $context['event']['month'] == 12 ? $context['event']['year'] + 1 : $context['event']['year']));
// Template, sub template, etc.
loadTemplate('Calendar');
$context['sub_template'] = 'event_post';
$context['page_title'] = isset($_REQUEST['eventid']) ? $txt['calendar20'] : $txt['calendar23'];
$context['linktree'][] = array('name' => $context['page_title']);
}
/**
* The main dispatcher.
* This delegates to each area.
*/
function elk_main()
{
global $modSettings, $user_info, $topic, $board_info, $context;
// Special case: session keep-alive, output a transparent pixel.
if (isset($_GET['action']) && $_GET['action'] == 'keepalive') {
header('Content-Type: image/gif');
die("GIF89a€!ù,D;");
}
// We should set our security headers now.
frameOptionsHeader();
securityOptionsHeader();
// Load the user's cookie (or set as guest) and load their settings.
loadUserSettings();
// Load the current board's information.
loadBoard();
// Load the current user's permissions.
loadPermissions();
// Load BadBehavior before we go much further
loadBadBehavior();
// Attachments don't require the entire theme to be loaded.
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'dlattach' && (!empty($modSettings['allow_guestAccess']) && $user_info['is_guest'])) {
detectBrowser();
} else {
loadTheme();
}
// Check if the user should be disallowed access.
is_not_banned();
// If we are in a topic and don't have permission to approve it then duck out now.
if (!empty($topic) && empty($board_info['cur_topic_approved']) && !allowedTo('approve_posts') && ($user_info['id'] != $board_info['cur_topic_starter'] || $user_info['is_guest'])) {
fatal_lang_error('not_a_topic', false);
}
$no_stat_actions = array('dlattach', 'findmember', 'jsoption', 'requestmembers', 'jslocale', 'xmlpreview', 'suggest', '.xml', 'xmlhttp', 'verificationcode', 'viewquery', 'viewadminfile');
call_integration_hook('integrate_pre_log_stats', array(&$no_stat_actions));
// Do some logging, unless this is an attachment, avatar, toggle of editor buttons, theme option, XML feed etc.
if (empty($_REQUEST['action']) || !in_array($_REQUEST['action'], $no_stat_actions)) {
// I see you!
writeLog();
// Track forum statistics and hits...?
if (!empty($modSettings['hitStats'])) {
trackStats(array('hits' => '+'));
}
}
unset($no_stat_actions);
// What shall we do?
require_once SOURCEDIR . '/SiteDispatcher.class.php';
$dispatcher = new Site_Dispatcher();
// Show where we came from, and go
$context['site_action'] = $dispatcher->site_action();
$context['site_action'] = !empty($context['site_action']) ? $context['site_action'] : (isset($_REQUEST['action']) ? $_REQUEST['action'] : '');
$dispatcher->dispatch();
}
function smf_main()
{
global $modSettings, $settings, $user_info, $board, $topic, $board_info, $maintenance, $sourcedir;
// Special case: session keep-alive, output a transparent pixel.
if (isset($_GET['action']) && $_GET['action'] == 'keepalive') {
header('Content-Type: image/gif');
die("GIF89a€!ù,D;");
}
// Load the user's cookie (or set as guest) and load their settings.
loadUserSettings();
// Load the current board's information.
loadBoard();
// Load the current user's permissions.
loadPermissions();
// Attachments don't require the entire theme to be loaded.
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'dlattach' && (!empty($modSettings['allow_guestAccess']) && $user_info['is_guest'])) {
detectBrowser();
} else {
loadTheme();
}
// Check if the user should be disallowed access.
is_not_banned();
// If we are in a topic and don't have permission to approve it then duck out now.
if (!empty($topic) && empty($board_info['cur_topic_approved']) && !allowedTo('approve_posts') && ($user_info['id'] != $board_info['cur_topic_starter'] || $user_info['is_guest'])) {
fatal_lang_error('not_a_topic', false);
}
// Do some logging, unless this is an attachment, avatar, toggle of editor buttons, theme option, XML feed etc.
if (empty($_REQUEST['action']) || !in_array($_REQUEST['action'], array('dlattach', 'findmember', 'jseditor', 'jsoption', 'requestmembers', 'smstats', '.xml', 'xmlhttp', 'verificationcode', 'viewquery', 'viewsmfile'))) {
// Log this user as online.
writeLog();
// Don't track stats of portal xml actions.
if (empty($_REQUEST['action']) || $_REQUEST['action'] != 'portal' || !isset($_GET['xml'])) {
// Track forum statistics and hits...?
if (!empty($modSettings['hitStats'])) {
trackStats(array('hits' => '+'));
}
}
}
// Load SimplePortal.
sportal_init();
// Is the forum in maintenance mode? (doesn't apply to administrators.)
if (!empty($maintenance) && !allowedTo('admin_forum')) {
// You can only login.... otherwise, you're getting the "maintenance mode" display.
if (isset($_REQUEST['action']) && ($_REQUEST['action'] == 'login2' || $_REQUEST['action'] == 'logout')) {
require_once $sourcedir . '/LogInOut.php';
return $_REQUEST['action'] == 'login2' ? 'Login2' : 'Logout';
} else {
require_once $sourcedir . '/Subs-Auth.php';
return 'InMaintenance';
}
} elseif (empty($modSettings['allow_guestAccess']) && $user_info['is_guest'] && (!isset($_REQUEST['action']) || !in_array($_REQUEST['action'], array('coppa', 'login', 'login2', 'register', 'register2', 'reminder', 'activate', 'help', 'smstats', 'mailq', 'verificationcode', 'openidreturn')))) {
require_once $sourcedir . '/Subs-Auth.php';
return 'KickGuest';
} elseif (empty($_REQUEST['action'])) {
// Go catch it boy! Catch it!
$sp_action = sportal_catch_action();
if ($sp_action) {
return $sp_action;
}
// Action and board are both empty... BoardIndex!
if (empty($board) && empty($topic)) {
require_once $sourcedir . '/BoardIndex.php';
return 'BoardIndex';
} elseif (empty($topic)) {
require_once $sourcedir . '/MessageIndex.php';
return 'MessageIndex';
} else {
require_once $sourcedir . '/Display.php';
return 'Display';
}
}
// Here's the monstrous $_REQUEST['action'] array - $_REQUEST['action'] => array($file, $function).
$actionArray = array('activate' => array('Register.php', 'Activate'), 'admin' => array('Admin.php', 'AdminMain'), 'announce' => array('Post.php', 'AnnounceTopic'), 'attachapprove' => array('ManageAttachments.php', 'ApproveAttach'), 'buddy' => array('Subs-Members.php', 'BuddyListToggle'), 'calendar' => array('Calendar.php', 'CalendarMain'), 'clock' => array('Calendar.php', 'clock'), 'collapse' => array('BoardIndex.php', 'CollapseCategory'), 'coppa' => array('Register.php', 'CoppaForm'), 'credits' => array('Who.php', 'Credits'), 'deletemsg' => array('RemoveTopic.php', 'DeleteMessage'), 'display' => array('Display.php', 'Display'), 'dlattach' => array('Display.php', 'Download'), 'editpoll' => array('Poll.php', 'EditPoll'), 'editpoll2' => array('Poll.php', 'EditPoll2'), 'emailuser' => array('SendTopic.php', 'EmailUser'), 'findmember' => array('Subs-Auth.php', 'JSMembers'), 'forum' => array('BoardIndex.php', 'BoardIndex'), 'portal' => array('PortalMain.php', 'sportal_main'), 'groups' => array('Groups.php', 'Groups'), 'help' => array('Help.php', 'ShowHelp'), 'helpadmin' => array('Help.php', 'ShowAdminHelp'), 'im' => array('PersonalMessage.php', 'MessageMain'), 'jseditor' => array('Subs-Editor.php', 'EditorMain'), 'jsmodify' => array('Post.php', 'JavaScriptModify'), 'jsoption' => array('Themes.php', 'SetJavaScript'), 'lock' => array('LockTopic.php', 'LockTopic'), 'lockvoting' => array('Poll.php', 'LockVoting'), 'login' => array('LogInOut.php', 'Login'), 'login2' => array('LogInOut.php', 'Login2'), 'logout' => array('LogInOut.php', 'Logout'), 'markasread' => array('Subs-Boards.php', 'MarkRead'), 'mergetopics' => array('SplitTopics.php', 'MergeTopics'), 'mlist' => array('Memberlist.php', 'Memberlist'), 'moderate' => array('ModerationCenter.php', 'ModerationMain'), 'modifycat' => array('ManageBoards.php', 'ModifyCat'), 'modifykarma' => array('Karma.php', 'ModifyKarma'), 'movetopic' => array('MoveTopic.php', 'MoveTopic'), 'movetopic2' => array('MoveTopic.php', 'MoveTopic2'), 'notify' => array('Notify.php', 'Notify'), 'notifyboard' => array('Notify.php', 'BoardNotify'), 'openidreturn' => array('Subs-OpenID.php', 'smf_openID_return'), 'pm' => array('PersonalMessage.php', 'MessageMain'), 'post' => array('Post.php', 'Post'), 'post2' => array('Post.php', 'Post2'), 'printpage' => array('Printpage.php', 'PrintTopic'), 'profile' => array('Profile.php', 'ModifyProfile'), 'quotefast' => array('Post.php', 'QuoteFast'), 'quickmod' => array('MessageIndex.php', 'QuickModeration'), 'quickmod2' => array('Display.php', 'QuickInTopicModeration'), 'recent' => array('Recent.php', 'RecentPosts'), 'register' => array('Register.php', 'Register'), 'register2' => array('Register.php', 'Register2'), 'reminder' => array('Reminder.php', 'RemindMe'), 'removepoll' => array('Poll.php', 'RemovePoll'), 'removetopic2' => array('RemoveTopic.php', 'RemoveTopic2'), 'reporttm' => array('SendTopic.php', 'ReportToModerator'), 'requestmembers' => array('Subs-Auth.php', 'RequestMembers'), 'restoretopic' => array('RemoveTopic.php', 'RestoreTopic'), 'search' => array('Search.php', 'PlushSearch1'), 'search2' => array('Search.php', 'PlushSearch2'), 'sendtopic' => array('SendTopic.php', 'EmailUser'), 'smstats' => array('Stats.php', 'SMStats'), 'suggest' => array('Subs-Editor.php', 'AutoSuggestHandler'), 'spellcheck' => array('Subs-Post.php', 'SpellCheck'), 'splittopics' => array('SplitTopics.php', 'SplitTopics'), 'stats' => array('Stats.php', 'DisplayStats'), 'sticky' => array('LockTopic.php', 'Sticky'), 'theme' => array('Themes.php', 'ThemesMain'), 'trackip' => array('Profile-View.php', 'trackIP'), 'about:mozilla' => array('Karma.php', 'BookOfUnknown'), 'about:unknown' => array('Karma.php', 'BookOfUnknown'), 'unread' => array('Recent.php', 'UnreadTopics'), 'unreadreplies' => array('Recent.php', 'UnreadTopics'), 'verificationcode' => array('Register.php', 'VerificationCode'), 'viewprofile' => array('Profile.php', 'ModifyProfile'), 'vote' => array('Poll.php', 'Vote'), 'viewquery' => array('ViewQuery.php', 'ViewQuery'), 'viewsmfile' => array('Admin.php', 'DisplayAdminFile'), 'who' => array('Who.php', 'Who'), '.xml' => array('News.php', 'ShowXmlFeed'), 'xmlhttp' => array('Xml.php', 'XMLhttpMain'));
// Allow modifying $actionArray easily.
call_integration_hook('integrate_actions', array(&$actionArray));
if (!empty($context['disable_sp'])) {
unset($actionArray['portal'], $actionArray['forum']);
}
// Get the function and file to include - if it's not there, do the board index.
if (!isset($_REQUEST['action']) || !isset($actionArray[$_REQUEST['action']])) {
// Catch the action with the theme?
if (!empty($settings['catch_action'])) {
require_once $sourcedir . '/Themes.php';
return 'WrapAction';
}
// Fall through to the board index then...
require_once $sourcedir . '/BoardIndex.php';
return 'BoardIndex';
}
// Otherwise, it was set - so let's go to that action.
require_once $sourcedir . '/' . $actionArray[$_REQUEST['action']][0];
return $actionArray[$_REQUEST['action']][1];
}
/**
* Takes care of voting - don't worry, this is done automatically.
*/
function ssi_pollVote()
{
global $context, $sc, $topic, $board;
$pollID = isset($_POST['poll']) ? (int) $_POST['poll'] : 0;
if (empty($pollID) || !isset($_POST[$context['session_var']]) || $_POST[$context['session_var']] != $sc || empty($_POST['options'])) {
echo '<!DOCTYPE html>
<html>
<head>
<script><!-- // --><![CDATA[
history.go(-1);
// ]]></script>
</head>
<body>«</body>
</html>';
return;
}
require_once CONTROLLERDIR . '/Poll.controller.php';
require_once SUBSDIR . '/Poll.subs.php';
// We have to fake we are in a topic so that we can use the proper controller
list($topic, $board) = topicFromPoll($pollID);
loadBoard();
$poll_action = new Poll_Controller();
// The controller takes already care of redirecting properly or fail
$poll_action->action_vote();
}
function CalendarPost()
{
global $context, $txt, $user_info, $sourcedir, $scripturl;
global $modSettings, $topic, $smcFunc;
// Well - can they?
isAllowedTo('calendar_post');
// We need this for all kinds of useful functions.
require_once $sourcedir . '/Subs-Calendar.php';
// Cast this for safety...
if (isset($_REQUEST['eventid'])) {
$_REQUEST['eventid'] = (int) $_REQUEST['eventid'];
}
// Submitting?
if (isset($_POST[$context['session_var']], $_REQUEST['eventid'])) {
checkSession();
// Validate the post...
if (!isset($_POST['link_to_board'])) {
validateEventPost();
}
// If you're not allowed to edit any events, you have to be the poster.
if ($_REQUEST['eventid'] > 0 && !allowedTo('calendar_edit_any')) {
isAllowedTo('calendar_edit_' . (!empty($user_info['id']) && getEventPoster($_REQUEST['eventid']) == $user_info['id'] ? 'own' : 'any'));
}
// New - and directing?
if ($_REQUEST['eventid'] == -1 && isset($_POST['link_to_board'])) {
$_REQUEST['calendar'] = 1;
require_once $sourcedir . '/Post.php';
return Post();
} elseif ($_REQUEST['eventid'] == -1) {
$eventOptions = array('board' => 0, 'topic' => 0, 'title' => substr($_REQUEST['evtitle'], 0, 60), 'member' => $user_info['id'], 'start_date' => sprintf('%04d-%02d-%02d', $_POST['year'], $_POST['month'], $_POST['day']), 'span' => isset($_POST['span']) && $_POST['span'] > 0 ? min((int) $modSettings['cal_maxspan'], (int) $_POST['span'] - 1) : 0);
insertEvent($eventOptions);
} elseif (isset($_REQUEST['deleteevent'])) {
removeEvent($_REQUEST['eventid']);
} else {
$eventOptions = array('title' => substr($_REQUEST['evtitle'], 0, 60), 'span' => empty($modSettings['cal_allowspan']) || empty($_POST['span']) || $_POST['span'] == 1 || empty($modSettings['cal_maxspan']) || $_POST['span'] > $modSettings['cal_maxspan'] ? 0 : min((int) $modSettings['cal_maxspan'], (int) $_POST['span'] - 1), 'start_date' => strftime('%Y-%m-%d', mktime(0, 0, 0, (int) $_REQUEST['month'], (int) $_REQUEST['day'], (int) $_REQUEST['year'])));
modifyEvent($_REQUEST['eventid'], $eventOptions);
}
updateSettings(array('calendar_updated' => time()));
// No point hanging around here now...
redirectexit($scripturl . '?action=calendar;month=' . $_POST['month'] . ';year=' . $_POST['year']);
}
// If we are not enabled... we are not enabled.
if (empty($modSettings['cal_allow_unlinked']) && empty($_REQUEST['eventid'])) {
$_REQUEST['calendar'] = 1;
require_once $sourcedir . '/Post.php';
return Post();
}
// New?
if (!isset($_REQUEST['eventid'])) {
$today = getdate();
$context['event'] = array('boards' => array(), 'board' => 0, 'new' => 1, 'eventid' => -1, 'year' => isset($_REQUEST['year']) ? $_REQUEST['year'] : $today['year'], 'month' => isset($_REQUEST['month']) ? $_REQUEST['month'] : $today['mon'], 'day' => isset($_REQUEST['day']) ? $_REQUEST['day'] : $today['mday'], 'title' => '', 'span' => 1);
$context['event']['last_day'] = (int) strftime('%d', mktime(0, 0, 0, $context['event']['month'] == 12 ? 1 : $context['event']['month'] + 1, 0, $context['event']['month'] == 12 ? $context['event']['year'] + 1 : $context['event']['year']));
// Get list of boards that can be posted in.
$boards = boardsAllowedTo('post_new');
if (empty($boards)) {
fatal_lang_error('cannot_post_new', 'permission');
}
// Load the list of boards and categories in the context.
require_once $sourcedir . '/Subs-MessageIndex.php';
$boardListOptions = array('included_boards' => in_array(0, $boards) ? null : $boards, 'not_redirection' => true, 'use_permissions' => true, 'selected_board' => $modSettings['cal_defaultboard']);
$context['event']['categories'] = getBoardList($boardListOptions);
} else {
$context['event'] = getEventProperties($_REQUEST['eventid']);
if ($context['event'] === false) {
fatal_lang_error('no_access', false);
}
// If it has a board, then they should be editing it within the topic.
if (!empty($context['event']['topic']['id']) && !empty($context['event']['topic']['first_msg'])) {
// We load the board up, for a check on the board access rights...
$topic = $context['event']['topic']['id'];
loadBoard();
}
// Make sure the user is allowed to edit this event.
if ($context['event']['member'] != $user_info['id']) {
isAllowedTo('calendar_edit_any');
} elseif (!allowedTo('calendar_edit_any')) {
isAllowedTo('calendar_edit_own');
}
}
// Template, sub template, etc.
loadTemplate('Calendar');
$context['sub_template'] = 'event_post';
$context['page_title'] = isset($_REQUEST['eventid']) ? $txt['calendar_edit'] : $txt['calendar_post_event'];
$context['linktree'][] = array('name' => $context['page_title']);
}
function mob_m_merge_topic($rpcmsg)
{
global $mobdb, $func, $board, $topic, $context;
// Get the topics
$topic_1 = $rpcmsg->getScalarValParam(1);
$topic_2 = $rpcmsg->getScalarValParam(0);
if ($topic_1 == $topic_2) {
mob_error('same topic');
}
$topicinfo_1 = get_topicinfo($topic_1);
$topicinfo_2 = get_topicinfo($topic_2);
if (empty($topicinfo_1) || empty($topicinfo_2)) {
mob_error('topics not found');
}
$topic = $topic_1;
$board = $topicinfo_1['id_board'];
loadBoard();
loadPermissions();
// do_merge will check for our permissions
do_merge(array($topic_1, $topic_2));
// Return a true response
return new xmlrpcresp(new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean')), 'struct'));
}
/**
* Initialises key values for SimpleDesk.
*
* This function initialises certain key constructs for SimpleDesk, such as constants, that are used throughout
* SimpleDesk. It should be called first right up in Load.php anyway.
*
* Calling multiple times is not significantly detrimental to performance; the function is aware if it has been
* called previously.
*
* @since 2.0
*/
function shd_init()
{
global $modSettings, $sourcedir, $user_info, $context, $smcFunc;
static $called = null;
if (!empty($called)) {
return;
}
$called = true;
$context['shd_home'] = 'action=helpdesk;sa=main';
// What SD version are we on? It's now here!
define('SHD_VERSION', 'SimpleDesk 2.0 Anatidae');
// This isn't the SMF way. But for something like this, it's way way more logical and readable.
define('TICKET_STATUS_NEW', 0);
define('TICKET_STATUS_PENDING_STAFF', 1);
define('TICKET_STATUS_PENDING_USER', 2);
define('TICKET_STATUS_CLOSED', 3);
define('TICKET_STATUS_WITH_SUPERVISOR', 4);
define('TICKET_STATUS_ESCALATED', 5);
define('TICKET_STATUS_DELETED', 6);
define('TICKET_URGENCY_LOW', 0);
define('TICKET_URGENCY_MEDIUM', 1);
define('TICKET_URGENCY_HIGH', 2);
define('TICKET_URGENCY_VHIGH', 3);
define('TICKET_URGENCY_SEVERE', 4);
define('TICKET_URGENCY_CRITICAL', 5);
define('MSG_STATUS_NORMAL', 0);
define('MSG_STATUS_DELETED', 1);
// Relationship types
define('RELATIONSHIP_LINKED', 0);
define('RELATIONSHIP_DUPLICATED', 1);
define('RELATIONSHIP_ISPARENT', 2);
define('RELATIONSHIP_ISCHILD', 3);
// Custom fields, their types, positions, content type
define('CFIELD_TICKET', 1);
define('CFIELD_REPLY', 2);
define('CFIELD_PLACE_DETAILS', 1);
define('CFIELD_PLACE_INFO', 2);
define('CFIELD_PLACE_PREFIX', 3);
define('CFIELD_PLACE_PREFIXFILTER', 4);
define('CFIELD_TYPE_TEXT', 1);
define('CFIELD_TYPE_LARGETEXT', 2);
define('CFIELD_TYPE_INT', 3);
define('CFIELD_TYPE_FLOAT', 4);
define('CFIELD_TYPE_SELECT', 5);
define('CFIELD_TYPE_CHECKBOX', 6);
define('CFIELD_TYPE_RADIO', 7);
define('CFIELD_TYPE_MULTI', 8);
// Ticket notification options
define('NOTIFY_PREFS', 0);
define('NOTIFY_ALWAYS', 1);
define('NOTIFY_NEVER', 2);
// Roles and permissions
define('ROLE_USER', 1);
define('ROLE_STAFF', 2);
//define('ROLE_SUPERVISOR', 3);
define('ROLE_ADMIN', 4);
define('ROLEPERM_DISALLOW', 0);
define('ROLEPERM_ALLOW', 1);
define('ROLEPERM_DENY', 2);
// How many digits should we show for ticket numbers? Normally we pad to 5 digits, e.g. 00001 - this is how we set that width.
if (empty($modSettings['shd_zerofill']) || $modSettings['shd_zerofill'] < 0) {
$modSettings['shd_zerofill'] = 0;
}
// Load some stuff
shd_load_language('sd_language/SimpleDesk');
require_once $sourcedir . '/sd_source/Subs-SimpleDeskPermissions.php';
// Set up defaults
$defaults = array('shd_attachments_mode' => 'ticket', 'shd_ticketnav_style' => 'sd', 'shd_staff_badge' => 'nobadge', 'shd_privacy_display' => 'smart');
foreach ($defaults as $var => $val) {
if (empty($modSettings[$var])) {
$modSettings[$var] = $val;
}
}
$modSettings['helpdesk_active'] = isset($modSettings['admin_features']) ? in_array('shd', explode(',', $modSettings['admin_features'])) : false;
if ($modSettings['helpdesk_active']) {
shd_load_plugin_files('init');
shd_load_plugin_langfiles('init');
}
shd_load_user_perms();
if (!empty($modSettings['shd_maintenance_mode'])) {
if (!empty($modSettings['shd_helpdesk_only']) && !$user_info['is_admin'] && !shd_allowed_to('admin_helpdesk', 0)) {
// You can only login.... otherwise, you're getting the "maintenance mode" display. Except we have to boot up a decent amount of SMF.
if (empty($_REQUEST['action']) || $_REQUEST['action'] != 'login2' && $_REQUEST['action'] != 'logout') {
$_GET['action'] = '';
$_REQUEST['action'] = '';
$context['shd_maintenance_mode'] = true;
loadBoard();
loadPermissions();
loadTheme();
is_not_banned();
require_once $sourcedir . '/Subs-Auth.php';
InMaintenance();
obExit(null, null, false);
}
} else {
$modSettings['helpdesk_active'] &= $user_info['is_admin'] || shd_allowed_to('admin_helpdesk', 0);
}
}
// Last minute stuff
if ($modSettings['helpdesk_active']) {
// Are they actually going into the helpdesk? If they are, do we need to deal with their theme?
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'helpdesk') {
// First figure out what department they're in.
$this_dept = 0;
$depts = shd_allowed_to('access_helpdesk', false);
// Do they only have one dept? If so, that's the one.
if (count($depts) == 1) {
$this_dept = $depts[0];
} elseif (isset($_REQUEST['dept'])) {
$_REQUEST['dept'] = (int) $_REQUEST['dept'];
if (in_array($_REQUEST['dept'], $depts)) {
$this_dept = $_REQUEST['dept'];
}
} elseif (isset($_REQUEST['newdept'])) {
$_REQUEST['newdept'] = (int) $_REQUEST['newdept'];
if (in_array($_REQUEST['newdept'], $depts)) {
$this_dept = $_REQUEST['newdept'];
}
} elseif (isset($_REQUEST['ticket'])) {
$ticket = (int) $_REQUEST['ticket'];
if (!empty($ticket)) {
$query = shd_db_query('', '
SELECT hdt.id_dept, dept_name, dept_theme
FROM {db_prefix}helpdesk_tickets AS hdt
INNER JOIN {db_prefix}helpdesk_depts AS hdd ON (hdt.id_dept = hdd.id_dept)
WHERE id_ticket = {int:ticket}
AND {query_see_ticket}', array('ticket' => $ticket));
if ($row = $smcFunc['db_fetch_row']($query)) {
if (in_array($row[0], $depts)) {
list($this_dept, $context['shd_dept_name'], $theme) = $row;
}
}
$smcFunc['db_free_result']($query);
}
}
if (!empty($this_dept) && !isset($theme)) {
$context['queried_dept'] = $this_dept;
$query = $smcFunc['db_query']('', '
SELECT dept_theme
FROM {db_prefix}helpdesk_depts
WHERE id_dept = {int:dept}', array('dept' => $this_dept));
if ($row = $smcFunc['db_fetch_row']($query)) {
$theme = $row[0];
}
$smcFunc['db_free_result']($query);
}
// If for whatever reason we didn't establish a theme, see if there's a forum default one.
if (empty($theme) && !empty($modSettings['shd_theme'])) {
$theme = $modSettings['shd_theme'];
}
// Action.
if (!empty($theme)) {
// This is ever so slightly hacky. But as this function is called sufficiently early we can get away with it.
unset($_REQUEST['theme'], $modSettings['theme_allow']);
$modSettings['theme_guests'] = $theme;
}
}
}
$context['shd_plugins'] = empty($modSettings['shd_enabled_plugins']) || empty($modSettings['helpdesk_active']) ? array() : explode(',', $modSettings['shd_enabled_plugins']);
call_integration_hook('shd_hook_init');
}
function build_board($boards, $is_cat = false)
{
global $settings, $context, $user_info, $smcFunc, $boardurl, $boarddir, $modSettings, $board;
$response = array();
foreach ($boards as $id => $tt_board) {
if (empty($tt_board['id'])) {
continue;
}
$new_post = false;
if ($tt_board['new'] || $tt_board['children_new']) {
$new_post = true;
$logo_url = $settings['images_url'] . '/' . $context['theme_variant_url'] . 'on' . ($tt_board['new'] ? '' : '2') . '.png';
} elseif ($tt_board['redirect']) {
$logo_url = $settings['images_url'] . '/' . $context['theme_variant_url'] . 'redirect.png';
} else {
$logo_url = $settings['images_url'] . '/' . $context['theme_variant_url'] . 'off.png';
}
$logo_dir = str_replace($boardurl, $boarddir, $logo_url);
if (!file_exists($logo_dir) && file_exists(preg_replace('/png$/', 'gif', $logo_dir))) {
$logo_url = preg_replace('/png$/', 'gif', $logo_url);
}
$is_link_forum = isset($tt_board['redirect']) && !empty($tt_board['redirect']);
if (!$is_cat && !$user_info['is_guest']) {
$can_subscribe = allowedTo('mark_notify', $tt_board['id']);
$request = $smcFunc['db_query']('', '
SELECT sent
FROM {db_prefix}log_notify
WHERE id_board = {int:current_board}
AND id_member = {int:current_member}
LIMIT 1', array('current_board' => $tt_board['id'], 'current_member' => $user_info['id']));
$is_subscribed = $smcFunc['db_num_rows']($request) != 0;
$smcFunc['db_free_result']($request);
$board = $tt_board['id'];
loadBoard();
loadPermissions();
$can_post_new = (allowedTo('post_new') || $modSettings['postmod_active'] && allowedTo('post_unapproved_topics')) && !$is_link_forum;
$mobiquo_can_post = true;
if (isset($modSettings['boards_disable_new_topic']) && !empty($modSettings['boards_disable_new_topic'])) {
$dis_new_topic_boards = explode(',', $modSettings['boards_disable_new_topic']);
$mobiquo_can_post = !in_array($tt_board['id'], $dis_new_topic_boards);
}
$can_post = $can_post_new && $mobiquo_can_post ? true : false;
} else {
$can_subscribe = false;
$is_subscribed = false;
$can_post = false;
}
$tp_board_id = $is_cat ? preg_replace('/c/', '', $tt_board['id']) : $tt_board['id'];
$logo_url = ($tp_logo_url = tp_get_forum_icon($tp_board_id, $is_link_forum ? 'link' : ($is_cat ? 'category' : 'forum'), false, $new_post)) ? $tp_logo_url : $logo_url;
$xmlrpc_forum = array('forum_id' => new xmlrpcval($tt_board['id'], 'string'), 'forum_name' => new xmlrpcval(basic_clean($tt_board['name']), 'base64'), 'parent_id' => new xmlrpcval($tt_board['id_parent'] ? $tt_board['id_parent'] : 'c' . $tt_board['id_cat'], 'string'), 'logo_url' => new xmlrpcval($logo_url, 'string'), 'new_post' => new xmlrpcval($new_post, 'boolean'), 'url' => new xmlrpcval($tt_board['redirect'], 'string'), 'sub_only' => new xmlrpcval($is_cat, 'boolean'), 'can_subscribe' => new xmlrpcval($can_subscribe, 'boolean'), 'is_subscribed' => new xmlrpcval($is_subscribed, 'boolean'), 'is_protected' => new xmlrpcval(false, 'boolean'), 'can_post' => new xmlrpcval($can_post, 'boolean'));
if ($_GET['return_description']) {
$xmlrpc_forum['description'] = new xmlrpcval(basic_clean($tt_board['description']), 'base64');
}
if (isset($_GET['forum_id']) && (!empty($_GET['forum_id']) || $_GET['forum_id'] === 0)) {
$xmlrpc_forum['has_child'] = new xmlrpcval($tt_board['has_child'], 'boolean');
}
if (isset($tt_board['boards']) && !empty($tt_board['boards'])) {
$xmlrpc_forum['child'] = new xmlrpcval(build_board($tt_board['boards']), 'array');
}
$response[] = new xmlrpcval($xmlrpc_forum, 'struct');
}
return $response;
}
function smf_main()
{
global $modSettings, $settings, $user_info, $board, $topic, $maintenance, $sourcedir;
// Special case: session keep-alive.
if (isset($_GET['action']) && $_GET['action'] == 'keepalive') {
die;
}
// Load the user's cookie (or set as guest) and load their settings.
loadUserSettings();
// Load the current board's information.
loadBoard();
// Load the current theme. (note that ?theme=1 will also work, may be used for guest theming.)
loadTheme();
// Check if the user should be disallowed access.
// is_not_banned();
// Load the current user's permissions.
loadPermissions();
// Do some logging, unless this is an attachment, avatar, theme option or XML feed.
if (empty($_REQUEST['action']) || !in_array($_REQUEST['action'], array('dlattach', 'jsoption', '.xml'))) {
// Log this user as online.
writeLog();
// Track forum statistics and hits...?
if (!empty($modSettings['hitStats'])) {
trackStats(array('hits' => '+'));
}
}
// Is the forum in maintenance mode? (doesn't apply to administrators.)
if (!empty($maintenance) && !allowedTo('admin_forum')) {
// You can only login.... otherwise, you're getting the "maintenance mode" display.
if (isset($_REQUEST['action']) && ($_REQUEST['action'] == 'login2' || $_REQUEST['action'] == 'logout')) {
require_once $sourcedir . '/LogInOut.php';
return $_REQUEST['action'] == 'login2' ? 'Login2' : 'Logout';
} else {
require_once $sourcedir . '/Subs-Auth.php';
return 'InMaintenance';
}
} elseif (empty($modSettings['allow_guestAccess']) && $user_info['is_guest'] && (!isset($_REQUEST['action']) || !in_array($_REQUEST['action'], array('coppa', 'login', 'login2', 'register', 'register2', 'reminder', 'activate', 'smstats', 'help', 'verificationcode')))) {
require_once $sourcedir . '/Subs-Auth.php';
return 'KickGuest';
} elseif (empty($_REQUEST['action'])) {
// Action and board are both empty... BoardIndex!
if (empty($board) && empty($topic)) {
require_once $sourcedir . '/BoardIndex.php';
return 'BoardIndex';
} elseif (empty($topic)) {
require_once $sourcedir . '/MessageIndex.php';
return 'MessageIndex';
} else {
require_once $sourcedir . '/Display.php';
return 'Display';
}
}
// Here's the monstrous $_REQUEST['action'] array - $_REQUEST['action'] => array($file, $function).
$actionArray = array('activate' => array('Register.php', 'Activate'), 'admin' => array('Admin.php', 'Admin'), 'announce' => array('Post.php', 'AnnounceTopic'), 'ban' => array('ManageBans.php', 'Ban'), 'boardrecount' => array('Admin.php', 'AdminBoardRecount'), 'buddy' => array('Subs-Members.php', 'BuddyListToggle'), 'calendar' => array('Calendar.php', 'CalendarMain'), 'cleanperms' => array('Admin.php', 'CleanupPermissions'), 'collapse' => array('Subs-Boards.php', 'CollapseCategory'), 'convertentities' => array('Admin.php', 'ConvertEntities'), 'convertutf8' => array('Admin.php', 'ConvertUtf8'), 'coppa' => array('Register.php', 'CoppaForm'), 'deletemsg' => array('RemoveTopic.php', 'DeleteMessage'), 'detailedversion' => array('Admin.php', 'VersionDetail'), 'display' => array('Display.php', 'Display'), 'dlattach' => array('Display.php', 'Download'), 'dumpdb' => array('DumpDatabase.php', 'DumpDatabase2'), 'editpoll' => array('Poll.php', 'EditPoll'), 'editpoll2' => array('Poll.php', 'EditPoll2'), 'featuresettings' => array('ModSettings.php', 'ModifyFeatureSettings'), 'featuresettings2' => array('ModSettings.php', 'ModifyFeatureSettings2'), 'findmember' => array('Subs-Auth.php', 'JSMembers'), 'help' => array('Help.php', 'ShowHelp'), 'helpadmin' => array('Help.php', 'ShowAdminHelp'), 'im' => array('PersonalMessage.php', 'MessageMain'), 'jsoption' => array('Themes.php', 'SetJavaScript'), 'jsmodify' => array('Post.php', 'JavaScriptModify'), 'lock' => array('LockTopic.php', 'LockTopic'), 'lockVoting' => array('Poll.php', 'LockVoting'), 'login' => array('LogInOut.php', 'Login'), 'login2' => array('LogInOut.php', 'Login2'), 'logout' => array('LogInOut.php', 'Logout'), 'maintain' => array('Admin.php', 'Maintenance'), 'manageattachments' => array('ManageAttachments.php', 'ManageAttachments'), 'manageboards' => array('ManageBoards.php', 'ManageBoards'), 'managecalendar' => array('ManageCalendar.php', 'ManageCalendar'), 'managesearch' => array('ManageSearch.php', 'ManageSearch'), 'markasread' => array('Subs-Boards.php', 'MarkRead'), 'membergroups' => array('ManageMembergroups.php', 'ModifyMembergroups'), 'mergetopics' => array('SplitTopics.php', 'MergeTopics'), 'mlist' => array('Memberlist.php', 'Memberlist'), 'modifycat' => array('ManageBoards.php', 'ModifyCat'), 'modifykarma' => array('Karma.php', 'ModifyKarma'), 'modlog' => array('Modlog.php', 'ViewModlog'), 'movetopic' => array('MoveTopic.php', 'MoveTopic'), 'movetopic2' => array('MoveTopic.php', 'MoveTopic2'), 'news' => array('ManageNews.php', 'ManageNews'), 'notify' => array('Notify.php', 'Notify'), 'notifyboard' => array('Notify.php', 'BoardNotify'), 'optimizetables' => array('Admin.php', 'OptimizeTables'), 'packageget' => array('PackageGet.php', 'PackageGet'), 'packages' => array('Packages.php', 'Packages'), 'permissions' => array('ManagePermissions.php', 'ModifyPermissions'), 'pgdownload' => array('PackageGet.php', 'PackageGet'), 'pm' => array('PersonalMessage.php', 'MessageMain'), 'post' => array('Post.php', 'Post'), 'post2' => array('Post.php', 'Post2'), 'postsettings' => array('ManagePosts.php', 'ManagePostSettings'), 'printpage' => array('Printpage.php', 'PrintTopic'), 'profile' => array('Profile.php', 'ModifyProfile'), 'profile2' => array('Profile.php', 'ModifyProfile2'), 'quotefast' => array('Post.php', 'QuoteFast'), 'quickmod' => array('Subs-Boards.php', 'QuickModeration'), 'quickmod2' => array('Subs-Boards.php', 'QuickModeration2'), 'recent' => array('Recent.php', 'RecentPosts'), 'regcenter' => array('ManageRegistration.php', 'RegCenter'), 'register' => array('Register.php', 'Register'), 'register2' => array('Register.php', 'Register2'), 'reminder' => array('Reminder.php', 'RemindMe'), 'removetopic2' => array('RemoveTopic.php', 'RemoveTopic2'), 'removeoldtopics2' => array('RemoveTopic.php', 'RemoveOldTopics2'), 'removepoll' => array('Poll.php', 'RemovePoll'), 'repairboards' => array('RepairBoards.php', 'RepairBoards'), 'reporttm' => array('SendTopic.php', 'ReportToModerator'), 'reports' => array('Reports.php', 'ReportsMain'), 'requestmembers' => array('Subs-Auth.php', 'RequestMembers'), 'search' => array('Search.php', 'PlushSearch1'), 'search2' => array('Search.php', 'PlushSearch2'), 'sendtopic' => array('SendTopic.php', 'SendTopic'), 'serversettings' => array('ManageServer.php', 'ModifySettings'), 'serversettings2' => array('ManageServer.php', 'ModifySettings2'), 'smileys' => array('ManageSmileys.php', 'ManageSmileys'), 'smstats' => array('Stats.php', 'SMStats'), 'spellcheck' => array('Subs-Post.php', 'SpellCheck'), 'splittopics' => array('SplitTopics.php', 'SplitTopics'), 'stats' => array('Stats.php', 'DisplayStats'), 'sticky' => array('LockTopic.php', 'Sticky'), 'theme' => array('Themes.php', 'ThemesMain'), 'trackip' => array('Profile.php', 'trackIP'), 'about:mozilla' => array('Karma.php', 'BookOfUnknown'), 'about:unknown' => array('Karma.php', 'BookOfUnknown'), 'unread' => array('Recent.php', 'UnreadTopics'), 'unreadreplies' => array('Recent.php', 'UnreadTopics'), 'viewErrorLog' => array('ManageErrors.php', 'ViewErrorLog'), 'viewmembers' => array('ManageMembers.php', 'ViewMembers'), 'viewprofile' => array('Profile.php', 'ModifyProfile'), 'verificationcode' => array('Register.php', 'VerificationCode'), 'vote' => array('Poll.php', 'Vote'), 'viewquery' => array('ViewQuery.php', 'ViewQuery'), 'who' => array('Who.php', 'Who'), '.xml' => array('News.php', 'ShowXmlFeed'));
// Get the function and file to include - if it's not there, do the board index.
if (!isset($_REQUEST['action']) || !isset($actionArray[$_REQUEST['action']])) {
// Catch the action with the theme?
if (!empty($settings['catch_action'])) {
require_once $sourcedir . '/Themes.php';
return 'WrapAction';
}
// Fall through to the board index then...
require_once $sourcedir . '/BoardIndex.php';
return 'BoardIndex';
}
// Otherwise, it was set - so let's go to that action.
require_once $sourcedir . '/' . $actionArray[$_REQUEST['action']][0];
return $actionArray[$_REQUEST['action']][1];
}
function mob__get_thread($_topic = null, $post = null, $start = 0, $limit = 20, $per_page = null, $from_new = false)
{
global $mobdb, $context, $modSettings, $scripturl, $user_info, $memberContext, $user_profile, $board, $topic;
// If we are not given the topic ID, we load the start, limit and the topic
$topic = $_topic;
$position = 0;
if (is_null($topic)) {
if (is_null($post) || is_null($per_page)) {
mob_error('invalid parameters');
}
$limit = $per_page;
// Get the topic
$request = $mobdb->query('
SELECT ID_TOPIC AS id_topic
FROM {db_prefix}messages
WHERE id_msg = {int:post}', array('post' => $post));
list($topic) = $mobdb->fetch_row($request);
$mobdb->free_result($request);
// Get the start value
$request = $mobdb->query('
SELECT COUNT(*)
FROM {db_prefix}messages
WHERE id_msg < {int:msg}
AND id_topic = {int:topic}', array('topic' => $topic, 'msg' => $post));
list($start) = $mobdb->fetch_row($request);
$position = $start;
$mobdb->free_result($request);
}
// Load the topic info
$request = $mobdb->query('
SELECT t.ID_TOPIC AS id_topic, t.ID_FIRST_MSG AS id_first_msg, t.ID_LAST_MSG AS id_last_msg, t.ID_MEMBER_STARTED AS id_member_started,
' . ($user_info['is_guest'] ? '0' : 'ln.ID_TOPIC') . ' AS is_notify, t.locked, t.isSticky AS is_sticky, t.numReplies AS replies, t.numViews As views,
' . ($user_info['is_guest'] ? 't.ID_LAST_MSG + 1' : 'IFNULL(lt.ID_MSG, IFNULL(lmr.ID_MSG, -1)) + 1') . ' AS new_from,
b.id_board, b.name, m.subject
FROM {db_prefix}topics AS t
INNER JOIN {db_prefix}boards AS b ON (b.ID_BOARD = t.ID_BOARD)
INNER JOIN {db_prefix}messages AS m ON (m.ID_MSG = t.ID_FIRST_MSG)' . ($user_info['is_guest'] ? '' : '
LEFT JOIN {db_prefix}log_notify AS ln ON (ln.ID_TOPIC = t.ID_TOPIC AND ln.ID_MEMBER = {int:member})
LEFT JOIN {db_prefix}log_topics AS lt ON (lt.id_topic = {int:topic} AND lt.id_member = {int:member})
LEFT JOIN {db_prefix}log_mark_read AS lmr ON (lmr.id_board = t.ID_BOARD AND lmr.id_member = {int:member})') . '
WHERE t.ID_TOPIC = {int:topic}
LIMIT 1', array('topic' => $topic, 'member' => $user_info['id']));
if ($mobdb->num_rows($request) == 0) {
mob_error('topic not found or out of reach');
}
$topicinfo = $mobdb->fetch_assoc();
$mobdb->free_result($request);
if ($from_new) {
// Get the start value
$request = $mobdb->query('
SELECT COUNT(*)
FROM {db_prefix}messages
WHERE id_msg < {int:msg}
AND id_topic = {int:topic}', array('topic' => $topic, 'msg' => $topicinfo['new_from']));
list($start) = $mobdb->fetch_row($request);
$mobdb->free_result($request);
$position = $start;
$limit = $per_page;
}
// Emulate the permissions
$topic = $topicinfo['id_topic'];
$board = $topicinfo['id_board'];
loadBoard();
loadPermissions();
// Up the views!
if (empty($_SESSION['last_read_topic']) || $_SESSION['last_read_topic'] != $id_topic) {
$mobdb->query('
UPDATE {db_prefix}topics
SET numViews = numViews + 1
WHERE ID_TOPIC = {int:topic}', array('topic' => $topic));
}
// If this user is not a guest, mark this topic as read
if (!$user_info['is_guest']) {
$mobdb->query('
REPLACE INTO {db_prefix}log_topics
(id_member, id_topic, id_msg)
VALUES
({int:member}, {int:topic}, {int:msg})', array('member' => $user_info['id'], 'topic' => $topic, 'msg' => $modSettings['maxMsgID']));
}
// Set the last read topic
$_SESSION['last_read_topic'] = $id_topic;
// Fix the start
$start = max(0, (int) $start - (int) $start % (int) $limit);
// Load posts
$posts = array();
$id_posts = array();
$id_members = array();
$request = $mobdb->query('
SELECT m.ID_MSG AS id_msg, m.subject, m.body, m.ID_MEMBER AS id_member, m.smileysEnabled AS smileys_enabled,
m.posterName AS poster_name, m.posterTime AS poster_time, ID_MSG_MODIFIED < {int:new_from} AS is_read
FROM {db_prefix}messages AS m
WHERE m.ID_TOPIC = {int:topic}
ORDER BY m.ID_MSG ASC
LIMIT {int:start}, {int:limit}', array('topic' => $topic, 'start' => $start, 'limit' => $limit, 'new_from' => $topicinfo['new_from']));
while ($row = $mobdb->fetch_assoc($request)) {
$posts[] = $row;
$id_posts[] = $row['id_msg'];
$id_members[] = $row['id_member'];
}
$mobdb->free_result($request);
// Load all the member data and context
loadMemberData($id_members);
// Load the attachments if we need to
$attachments = array();
if (!empty($modSettings['attachmentEnable']) && allowedTo('view_attachments')) {
$request = $mobdb->query('
SELECT a.ID_ATTACH as id_attach, a.filename, thumb.id_attach AS id_thumb, a.ID_MSG AS id_msg, a.width, a.height
FROM {db_prefix}attachments AS a
LEFT JOIN {db_prefix}attachments AS thumb ON (thumb.id_attach = a.id_thumb)
WHERE a.ID_MSG IN ({array_int:msg})
AND a.attachmentType = 0', array('msg' => $id_posts));
while ($row = $mobdb->fetch_assoc($request)) {
if (empty($attachments[$row['id_msg']])) {
$attachments[$row['id_msg']] = array();
}
$attachments[$row['id_msg']][] = new xmlrpcval(array('content_type' => new xmlrpcval(!empty($row['width']) && !empty($row['height']) ? 'image' : 'other', 'string'), 'thumbnail_url' => new xmlrpcval(!empty($row['id_thumb']) ? $scripturl . '?action=dlattach;topic=' . $topic . '.0;attach=' . $row['id_thumb'] . ';image' : '', 'string'), 'url' => new xmlrpcval($scripturl . '?action=dlattach;topic=' . $topic . '.0;attach=' . $row['id_attach'], 'string')), 'struct');
}
$mobdb->free_result($request);
}
$topic_started = $topicinfo['id_member_started'] == $user_info['id'] && !$user_info['is_guest'];
// Load the posts into a proper array
foreach ($posts as $k => $post) {
loadMemberContext($post['id_member']);
$post_attachments = isset($attachments[$post['id_msg']]) ? $attachments[$post['id_msg']] : array();
$member = !empty($memberContext[$post['id_member']]) ? $memberContext[$post['id_member']] : array();
$posts[$k] = new xmlrpcval(array('post_id' => new xmlrpcval($post['id_msg'], 'string'), 'post_title' => new xmlrpcval(processSubject($post['subject']), 'base64'), 'post_content' => new xmlrpcval(processBody($post['body']), 'base64'), 'post_author_id' => new xmlrpcval(!empty($member) ? $member['id'] : 0, 'string'), 'post_author_name' => new xmlrpcval(processUsername(!empty($member) ? $member['name'] : $row['poster_name']), 'base64'), 'is_online' => new xmlrpcval(!empty($member) ? $user_profile[$post['id_member']]['isOnline'] : false, 'boolean'), 'can_edit' => new xmlrpcval((!$topicinfo['locked'] || allowedTo('moderate_board')) && (allowedTo('modify_any') || allowedTo('modify_replies') && $topic_started || allowedTo('modify_own') && $post['id_member'] == $user_info['id']), 'boolean'), 'icon_url' => new xmlrpcval($member['avatar']['href'], 'string'), 'post_time' => new xmlrpcval(mobiquo_time($post['poster_time']), 'dateTime.iso8601'), 'allow_smileys' => new xmlrpcval($post['smileys_enabled'], 'boolean'), 'attachments' => new xmlrpcval($post_attachments, 'array'), 'can_delete' => new xmlrpcval($post['id_msg'] != $topicinfo['id_first_msg'] && (allowedTo('delete_any') || allowedTo('delete_replies') && $topic_started || allowedTo('delete_own') && $user_info['id'] == $post['id_member']), 'boolean'), 'can_approve' => new xmlrpcval(false, 'boolean'), 'can_stick' => new xmlrpcval(allowedTo('make_sticky'), 'boolean'), 'can_move' => new xmlrpcval($topicinfo['id_first_msg'] != $post['id_msg'] && (allowedTo('move_any') || $topic_started && allowedTo('move_own')), 'boolean'), 'can_ban' => new xmlrpcval(allowedTo('manage_bans'), 'boolean')), 'struct');
}
// Return the topic
return new xmlrpcresp(new xmlrpcval(array('total_post_num' => new xmlrpcval($topicinfo['replies'] + 1, 'int'), 'forum_id' => new xmlrpcval($topicinfo['id_board'], 'string'), 'forum_name' => new xmlrpcval(processSubject($topicinfo['name']), 'base64'), 'topic_id' => new xmlrpcval($topicinfo['id_topic'], 'string'), 'topic_title' => new xmlrpcval(processSubject($topicinfo['subject']), 'base64'), 'view_number' => new xmlrpcval($topicinfo['views'], 'int'), 'is_subscribed' => new xmlrpcval($topicinfo['is_notify'], 'boolean'), 'can_subscribe' => new xmlrpcval(allowedTo('mark_notify') && !$user_info['is_guest'], 'boolean'), 'is_closed' => new xmlrpcval($topicinfo['locked'], 'boolean'), 'can_reply' => new xmlrpcval(allowedTo('post_reply_any') || allowedTo('post_reply_own') && $topic_started, 'boolean'), 'can_delete' => new xmlrpcval(allowedTo('remove_any') || $topic_started && allowedTo('remove_own'), 'boolean'), 'can_close' => new xmlrpcval(allowedTo('lock_any') || $topic_started && allowedTo('lock_own'), 'boolean'), 'can_approve' => new xmlrpcval(false, 'boolean'), 'can_stick' => new xmlrpcval(allowedTo('make_sticky'), 'boolean'), 'can_move' => new xmlrpcval(allowedTo('move_any') || $topic_started && allowedTo('move_own'), 'boolean'), 'can_rename' => new xmlrpcval(allowedTo('modify_any') || $topic_started && allowedTo('modify_own'), 'boolean'), 'can_ban' => new xmlrpcval(allowedTo('manage_bans'), 'boolean'), 'position' => new xmlrpcval($position, 'int'), 'posts' => new xmlrpcval($posts, 'array')), 'struct'));
}
function smf_main()
{
global $modSettings, $settings, $user_info, $board, $topic, $board_info, $maintenance, $sourcedir, $request_name, $txt, $user_settings, $mobiquo_config, $topic_per_page, $limit_num;
// Load the user's cookie (or set as guest) and load their settings.
loadUserSettings();
// Load the current board's information.
loadBoard();
// Load the current user's permissions.
loadPermissions();
// Attachments don't require the entire theme to be loaded.
loadTheme();
header('Mobiquo_is_login:'******'context']['user']['is_logged'] ? 'true' : 'false'));
// Check if the user should be disallowed access.
if (!in_array($request_name, array('get_config', 'login'))) {
is_not_banned();
}
// If we are in a topic and don't have permission to approve it then duck out now.
if (!empty($topic) && empty($board_info['cur_topic_approved']) && !allowedTo('approve_posts') && ($user_info['id'] != $board_info['cur_topic_starter'] || $user_info['is_guest'])) {
//fatal_lang_error('not_a_topic', false);
get_error('The topic is not approved');
}
// Do some logging, unless this is an attachment, avatar, toggle of editor buttons, theme option, XML feed etc.
if (empty($_REQUEST['action']) || !in_array($_REQUEST['action'], array('dlattach', 'findmember', 'jseditor', 'jsoption', 'requestmembers', 'smstats', '.xml', 'xmlhttp', 'verificationcode', 'viewquery', 'viewsmfile'))) {
// Log this user as online.
writeLog();
// Track forum statistics and hits...?
if (!empty($modSettings['hitStats'])) {
trackStats(array('hits' => '+'));
}
}
// Is the forum in maintenance mode? (doesn't apply to administrators.)
if (!empty($maintenance) && !allowedTo('admin_forum')) {
if ($request_name != 'get_config' && $request_name != 'login') {
get_error($txt['maintain_mode_on']);
}
} elseif (empty($modSettings['allow_guestAccess']) && $user_info['is_guest'] && (!isset($_REQUEST['action']) || !in_array($_REQUEST['action'], array('push_content_check', 'user_subscription', 'set_api_key', 'reset_push_slug', 'prefetch_account', 'update_password', 'forget_password', 'sign_in', 'coppa', 'login', 'login2', 'register', 'register2', 'reminder', 'activate', 'help', 'smstats', 'mailq', 'verificationcode', 'openidreturn')))) {
if ($request_name != 'get_config' && $request_name != 'prefetch_account') {
loadLanguage('Login');
get_error($txt['only_members_can_access']);
//require_once($sourcedir . '/Subs-Auth.php');
//return 'KickGuest';
}
}
//-------------transform input data to local character set if needed
utf8_to_local();
//-------------change some setting for tapatalk display
$settings['message_index_preview'] = 1;
$modSettings['todayMod_bak'] = $modSettings['todayMod'];
$modSettings['todayMod'] = 0;
$user_settings['pm_prefs'] = 0;
$user_info['user_time_format'] = $user_info['time_format'];
$user_info['time_format'] = '%Y%m%dT%H:%M:%S+00:00';
$modSettings['disableCustomPerPage'] = 1;
$modSettings['disableCheckUA'] = 1;
$modSettings['defaultMaxMessages'] = isset($limit_num) ? $limit_num : 20;
$modSettings['defaultMaxMembers'] = 100;
$modSettings['search_results_per_page'] = isset($topic_per_page) && $topic_per_page > 0 ? $topic_per_page : 20;
$modSettings['defaultMaxTopics'] = isset($topic_per_page) && $topic_per_page > 0 ? $topic_per_page : 20;
$modSettings['disable_pm_verification'] = $mobiquo_config['disable_pm_verification'];
//-------------do something before action--------------
if (function_exists('before_action_' . $request_name)) {
call_user_func('before_action_' . $request_name);
}
if (empty($_REQUEST['action']) && !empty($board)) {
if (empty($topic)) {
require_once 'include/MessageIndex.php';
return 'MessageIndex';
} else {
require_once 'include/Display.php';
return 'Display';
}
}
// Here's the monstrous $_REQUEST['action'] array - $_REQUEST['action'] => array($file, $function).
$actionArray = array('activate' => array('Register.php', 'Activate'), 'admin' => array('Admin.php', 'AdminMain'), 'announce' => array('Post.php', 'AnnounceTopic'), 'attachapprove' => array('ManageAttachments.php', 'ApproveAttach'), 'buddy' => array('Subs-Members.php', 'BuddyListToggle'), 'calendar' => array('Calendar.php', 'CalendarMain'), 'clock' => array('Calendar.php', 'clock'), 'collapse' => array('BoardIndex.php', 'CollapseCategory'), 'coppa' => array('Register.php', 'CoppaForm'), 'credits' => array('Who.php', 'Credits'), 'deletemsg' => array('RemoveTopic.php', 'DeleteMessage'), 'display' => array('Display.php', 'Display'), 'dlattach' => array('Display.php', 'Download'), 'editpoll' => array('Poll.php', 'EditPoll'), 'editpoll2' => array('Poll.php', 'EditPoll2'), 'emailuser' => array('SendTopic.php', 'EmailUser'), 'findmember' => array('Subs-Auth.php', 'JSMembers'), 'groups' => array('Groups.php', 'Groups'), 'help' => array('Help.php', 'ShowHelp'), 'helpadmin' => array('Help.php', 'ShowAdminHelp'), 'im' => array('PersonalMessage.php', 'MessageMain'), 'jseditor' => array('Subs-Editor.php', 'EditorMain'), 'jsmodify' => array('Post.php', 'JavaScriptModify'), 'jsoption' => array('Themes.php', 'SetJavaScript'), 'lock' => array('LockTopic.php', 'LockTopic'), 'lockvoting' => array('Poll.php', 'LockVoting'), 'login' => array('LogInOut.php', 'Login'), 'login2' => array('LogInOut.php', 'Login2'), 'logout' => array('LogInOut.php', 'Logout'), 'markasread' => array('Subs-Boards.php', 'MarkRead'), 'mergetopics' => array('SplitTopics.php', 'MergeTopics'), 'mlist' => array('Memberlist.php', 'Memberlist'), 'moderate' => array('ModerationCenter.php', 'ModerationMain'), 'modifycat' => array('ManageBoards.php', 'ModifyCat'), 'modifykarma' => array('Karma.php', 'ModifyKarma'), 'movetopic' => array('MoveTopic.php', 'MoveTopic'), 'movetopic2' => array('MoveTopic.php', 'MoveTopic2'), 'notify' => array('Notify.php', 'Notify'), 'notifyboard' => array('Notify.php', 'BoardNotify'), 'openidreturn' => array('Subs-OpenID.php', 'smf_openID_return'), 'pm' => array('PersonalMessage.php', 'MessageMain'), 'post' => array('Post.php', 'Post'), 'post2' => array('Post.php', 'Post2'), 'printpage' => array('Printpage.php', 'PrintTopic'), 'profile' => array('Profile.php', 'ModifyProfile'), 'quotefast' => array('Post.php', 'QuoteFast'), 'quickmod' => array('MessageIndex.php', 'QuickModeration'), 'quickmod2' => array('Display.php', 'QuickInTopicModeration'), 'recent' => array('Recent.php', 'RecentPosts'), 'register' => array('Register.php', 'Register'), 'register2' => array('Register.php', 'Register2'), 'reminder' => array('Reminder.php', 'RemindMe'), 'removepoll' => array('Poll.php', 'RemovePoll'), 'removetopic2' => array('RemoveTopic.php', 'RemoveTopic2'), 'reporttm' => array('SendTopic.php', 'ReportToModerator'), 'requestmembers' => array('Subs-Auth.php', 'RequestMembers'), 'restoretopic' => array('RemoveTopic.php', 'RestoreTopic'), 'search' => array('Search.php', 'PlushSearch1'), 'search2' => array('Search.php', 'PlushSearch2'), 'sendtopic' => array('SendTopic.php', 'EmailUser'), 'smstats' => array('Stats.php', 'SMStats'), 'suggest' => array('Subs-Editor.php', 'AutoSuggestHandler'), 'spellcheck' => array('Subs-Post.php', 'SpellCheck'), 'splittopics' => array('SplitTopics.php', 'SplitTopics'), 'stats' => array('Stats.php', 'DisplayStats'), 'sticky' => array('LockTopic.php', 'Sticky'), 'theme' => array('Themes.php', 'ThemesMain'), 'trackip' => array('Profile-View.php', 'trackIP'), 'about:mozilla' => array('Karma.php', 'BookOfUnknown'), 'about:unknown' => array('Karma.php', 'BookOfUnknown'), 'unread' => array('Recent.php', 'UnreadTopics'), 'unreadreplies' => array('Recent.php', 'UnreadTopics'), 'verificationcode' => array('Register.php', 'VerificationCode'), 'viewprofile' => array('Profile.php', 'ModifyProfile'), 'vote' => array('Poll.php', 'Vote'), 'viewquery' => array('ViewQuery.php', 'ViewQuery'), 'viewsmfile' => array('Admin.php', 'DisplayAdminFile'), 'who' => array('Who.php', 'Who'), '.xml' => array('News.php', 'ShowXmlFeed'), 'xmlhttp' => array('Xml.php', 'XMLhttpMain'));
// Allow modifying $actionArray easily.
call_integration_hook('integrate_actions', array(&$actionArray));
//error_log($request_name.'-'.$_REQUEST['action']); //for debugging
// Get the function and file to include - if it's not there, do the board index.
if (!isset($_REQUEST['action']) || !isset($actionArray[$_REQUEST['action']])) {
if (function_exists('action_' . $request_name)) {
return 'action_' . $request_name;
} else {
get_error('Invalid action');
}
}
$local_action = array('login2', 'post', 'post2', 'who', 'profile', 'notify', 'notifyboard', 'markasread', 'unread', 'search2', 'pm', 'logout');
// Otherwise, it was set - so let's go to that action.
if (in_array($_REQUEST['action'], $local_action)) {
if (file_exists(TT_ROOT . 'include/' . $actionArray[$_REQUEST['action']][0])) {
require_once TT_ROOT . 'include/' . $actionArray[$_REQUEST['action']][0];
} else {
if (file_exists($sourcedir . '/' . $actionArray[$_REQUEST['action']][0])) {
require_once $sourcedir . '/' . $actionArray[$_REQUEST['action']][0];
}
}
} else {
if (file_exists($sourcedir . '/' . $actionArray[$_REQUEST['action']][0])) {
require_once $sourcedir . '/' . $actionArray[$_REQUEST['action']][0];
}
}
return $actionArray[$_REQUEST['action']][1];
}
/**
* Posts or saves the message composed with Post().
*
* requires various permissions depending on the action.
* handles attachment, post, and calendar saving.
* sends off notifications, and allows for announcements and moderation.
* accessed from ?action=post2.
*/
public function action_post2()
{
global $board, $topic, $txt, $modSettings, $context, $user_settings;
global $user_info, $board_info, $options, $ignore_temp;
// Sneaking off, are we?
if (empty($_POST) && empty($topic)) {
if (empty($_SERVER['CONTENT_LENGTH'])) {
redirectexit('action=post;board=' . $board . '.0');
} else {
fatal_lang_error('post_upload_error', false);
}
} elseif (empty($_POST) && !empty($topic)) {
redirectexit('action=post;topic=' . $topic . '.0');
}
// No need!
$context['robot_no_index'] = true;
// We are now in post2 action
$context['current_action'] = 'post2';
require_once SOURCEDIR . '/AttachmentErrorContext.class.php';
// No errors as yet.
$post_errors = Error_Context::context('post', 1);
$attach_errors = Attachment_Error_Context::context();
// If the session has timed out, let the user re-submit their form.
if (checkSession('post', '', false) != '') {
$post_errors->addError('session_timeout');
// Disable the preview so that any potentially malicious code is not executed
$_REQUEST['preview'] = false;
return $this->action_post();
}
// Wrong verification code?
if (!$user_info['is_admin'] && !$user_info['is_mod'] && !empty($modSettings['posts_require_captcha']) && ($user_info['posts'] < $modSettings['posts_require_captcha'] || $user_info['is_guest'] && $modSettings['posts_require_captcha'] == -1)) {
require_once SUBSDIR . '/VerificationControls.class.php';
$verificationOptions = array('id' => 'post');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
foreach ($context['require_verification'] as $verification_error) {
$post_errors->addError($verification_error);
}
}
}
require_once SUBSDIR . '/Boards.subs.php';
require_once SUBSDIR . '/Post.subs.php';
loadLanguage('Post');
// Drafts enabled and needed?
if (!empty($modSettings['drafts_enabled']) && (isset($_POST['save_draft']) || isset($_POST['id_draft']))) {
require_once SUBSDIR . '/Drafts.subs.php';
}
// First check to see if they are trying to delete any current attachments.
if (isset($_POST['attach_del'])) {
$keep_temp = array();
$keep_ids = array();
foreach ($_POST['attach_del'] as $dummy) {
if (strpos($dummy, 'post_tmp_' . $user_info['id']) !== false) {
$keep_temp[] = $dummy;
} else {
$keep_ids[] = (int) $dummy;
}
}
if (isset($_SESSION['temp_attachments'])) {
foreach ($_SESSION['temp_attachments'] as $attachID => $attachment) {
if (isset($_SESSION['temp_attachments']['post']['files'], $attachment['name']) && in_array($attachment['name'], $_SESSION['temp_attachments']['post']['files']) || in_array($attachID, $keep_temp) || strpos($attachID, 'post_tmp_' . $user_info['id']) === false) {
continue;
}
unset($_SESSION['temp_attachments'][$attachID]);
@unlink($attachment['tmp_name']);
}
}
if (!empty($_REQUEST['msg'])) {
require_once SUBSDIR . '/ManageAttachments.subs.php';
$attachmentQuery = array('attachment_type' => 0, 'id_msg' => (int) $_REQUEST['msg'], 'not_id_attach' => $keep_ids);
removeAttachments($attachmentQuery);
}
}
// Then try to upload any attachments.
$context['attachments']['can']['post'] = !empty($modSettings['attachmentEnable']) && $modSettings['attachmentEnable'] == 1 && (allowedTo('post_attachment') || $modSettings['postmod_active'] && allowedTo('post_unapproved_attachments'));
if ($context['attachments']['can']['post'] && empty($_POST['from_qr'])) {
require_once SUBSDIR . '/Attachments.subs.php';
if (isset($_REQUEST['msg'])) {
processAttachments((int) $_REQUEST['msg']);
} else {
processAttachments();
}
}
// Previewing? Go back to start.
if (isset($_REQUEST['preview'])) {
return $this->action_post();
}
// Prevent double submission of this form.
checkSubmitOnce('check');
// If this isn't a new topic load the topic info that we need.
if (!empty($topic)) {
require_once SUBSDIR . '/Topic.subs.php';
$topic_info = getTopicInfo($topic);
// Though the topic should be there, it might have vanished.
if (empty($topic_info)) {
fatal_lang_error('topic_doesnt_exist');
}
// Did this topic suddenly move? Just checking...
if ($topic_info['id_board'] != $board) {
fatal_lang_error('not_a_topic');
}
}
// Replying to a topic?
if (!empty($topic) && !isset($_REQUEST['msg'])) {
// Don't allow a post if it's locked.
if ($topic_info['locked'] != 0 && !allowedTo('moderate_board')) {
fatal_lang_error('topic_locked', false);
}
// Sorry, multiple polls aren't allowed... yet. You should stop giving me ideas :P.
if (isset($_REQUEST['poll']) && $topic_info['id_poll'] > 0) {
unset($_REQUEST['poll']);
}
// Do the permissions and approval stuff...
$becomesApproved = true;
if ($topic_info['id_member_started'] != $user_info['id']) {
if ($modSettings['postmod_active'] && allowedTo('post_unapproved_replies_any') && !allowedTo('post_reply_any')) {
$becomesApproved = false;
} else {
isAllowedTo('post_reply_any');
}
} elseif (!allowedTo('post_reply_any')) {
if ($modSettings['postmod_active']) {
if (allowedTo('post_unapproved_replies_own') && !allowedTo('post_reply_own')) {
$becomesApproved = false;
} elseif ($user_info['is_guest'] && allowedTo('post_unapproved_replies_any')) {
$becomesApproved = false;
} else {
isAllowedTo('post_reply_own');
}
}
}
if (isset($_POST['lock'])) {
// Nothing is changed to the lock.
if (empty($topic_info['locked']) && empty($_POST['lock']) || !empty($_POST['lock']) && !empty($topic_info['locked'])) {
unset($_POST['lock']);
} elseif (!allowedTo(array('lock_any', 'lock_own')) || !allowedTo('lock_any') && $user_info['id'] != $topic_info['id_member_started']) {
unset($_POST['lock']);
} elseif (!allowedTo('lock_any')) {
// You cannot override a moderator lock.
if ($topic_info['locked'] == 1) {
unset($_POST['lock']);
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 2;
}
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 1;
}
}
// So you wanna (un)sticky this...let's see.
if (isset($_POST['sticky']) && (empty($modSettings['enableStickyTopics']) || $_POST['sticky'] == $topic_info['is_sticky'] || !allowedTo('make_sticky'))) {
unset($_POST['sticky']);
}
// If drafts are enabled, then pass this off
if (!empty($modSettings['drafts_enabled']) && isset($_POST['save_draft'])) {
saveDraft();
return $this->action_post();
}
// If the number of replies has changed, if the setting is enabled, go back to action_post() - which handles the error.
if (empty($options['no_new_reply_warning']) && isset($_POST['last_msg']) && $topic_info['id_last_msg'] > $_POST['last_msg']) {
addInlineJavascript('
$(document).ready(function () {
$("html,body").scrollTop($(\'.category_header:visible:first\').offset().top);
});');
return $this->action_post();
}
$posterIsGuest = $user_info['is_guest'];
} elseif (empty($topic)) {
// Now don't be silly, new topics will get their own id_msg soon enough.
unset($_REQUEST['msg'], $_POST['msg'], $_GET['msg']);
// Do like, the permissions, for safety and stuff...
$becomesApproved = true;
if ($modSettings['postmod_active'] && !allowedTo('post_new') && allowedTo('post_unapproved_topics')) {
$becomesApproved = false;
} else {
isAllowedTo('post_new');
}
if (isset($_POST['lock'])) {
// New topics are by default not locked.
if (empty($_POST['lock'])) {
unset($_POST['lock']);
} elseif (!allowedTo(array('lock_any', 'lock_own'))) {
unset($_POST['lock']);
} else {
$_POST['lock'] = allowedTo('lock_any') ? 1 : 2;
}
}
if (isset($_POST['sticky']) && (empty($modSettings['enableStickyTopics']) || empty($_POST['sticky']) || !allowedTo('make_sticky'))) {
unset($_POST['sticky']);
}
// Saving your new topic as a draft first?
if (!empty($modSettings['drafts_enabled']) && isset($_POST['save_draft'])) {
saveDraft();
return $this->action_post();
}
$posterIsGuest = $user_info['is_guest'];
} elseif (isset($_REQUEST['msg']) && !empty($topic)) {
$_REQUEST['msg'] = (int) $_REQUEST['msg'];
require_once SUBSDIR . '/Messages.subs.php';
$msgInfo = basicMessageInfo($_REQUEST['msg'], true);
if (empty($msgInfo)) {
fatal_lang_error('cant_find_messages', false);
}
if (!empty($topic_info['locked']) && !allowedTo('moderate_board')) {
fatal_lang_error('topic_locked', false);
}
if (isset($_POST['lock'])) {
// Nothing changes to the lock status.
if (empty($_POST['lock']) && empty($topic_info['locked']) || !empty($_POST['lock']) && !empty($topic_info['locked'])) {
unset($_POST['lock']);
} elseif (!allowedTo(array('lock_any', 'lock_own')) || !allowedTo('lock_any') && $user_info['id'] != $topic_info['id_member_started']) {
unset($_POST['lock']);
} elseif (!allowedTo('lock_any')) {
// You're not allowed to break a moderator's lock.
if ($topic_info['locked'] == 1) {
unset($_POST['lock']);
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 2;
}
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 1;
}
}
// Change the sticky status of this topic?
if (isset($_POST['sticky']) && (!allowedTo('make_sticky') || $_POST['sticky'] == $topic_info['is_sticky'])) {
unset($_POST['sticky']);
}
if ($msgInfo['id_member'] == $user_info['id'] && !allowedTo('modify_any')) {
if ((!$modSettings['postmod_active'] || $msgInfo['approved']) && !empty($modSettings['edit_disable_time']) && $msgInfo['poster_time'] + ($modSettings['edit_disable_time'] + 5) * 60 < time()) {
fatal_lang_error('modify_post_time_passed', false);
} elseif ($topic_info['id_member_started'] == $user_info['id'] && !allowedTo('modify_own')) {
isAllowedTo('modify_replies');
} else {
isAllowedTo('modify_own');
}
} elseif ($topic_info['id_member_started'] == $user_info['id'] && !allowedTo('modify_any')) {
isAllowedTo('modify_replies');
// If you're modifying a reply, I say it better be logged...
$moderationAction = true;
} else {
isAllowedTo('modify_any');
// Log it, assuming you're not modifying your own post.
if ($msgInfo['id_member'] != $user_info['id']) {
$moderationAction = true;
}
}
// If drafts are enabled, then lets send this off to save
if (!empty($modSettings['drafts_enabled']) && isset($_POST['save_draft'])) {
saveDraft();
return $this->action_post();
}
$posterIsGuest = empty($msgInfo['id_member']);
// Can they approve it?
$can_approve = allowedTo('approve_posts');
$becomesApproved = $modSettings['postmod_active'] ? $can_approve && !$msgInfo['approved'] ? !empty($_REQUEST['approve']) ? 1 : 0 : $msgInfo['approved'] : 1;
$approve_has_changed = $msgInfo['approved'] != $becomesApproved;
if (!allowedTo('moderate_forum') || !$posterIsGuest) {
$_POST['guestname'] = $msgInfo['poster_name'];
$_POST['email'] = $msgInfo['poster_email'];
}
}
// In case we want to override
if (allowedTo('approve_posts')) {
$becomesApproved = !isset($_REQUEST['approve']) || !empty($_REQUEST['approve']) ? 1 : 0;
$approve_has_changed = isset($msgInfo['approved']) ? $msgInfo['approved'] != $becomesApproved : false;
}
// If the poster is a guest evaluate the legality of name and email.
if ($posterIsGuest) {
$_POST['guestname'] = !isset($_POST['guestname']) ? '' : Util::htmlspecialchars(trim($_POST['guestname']));
$_POST['email'] = !isset($_POST['email']) ? '' : Util::htmlspecialchars(trim($_POST['email']));
if ($_POST['guestname'] == '' || $_POST['guestname'] == '_') {
$post_errors->addError('no_name');
}
if (Util::strlen($_POST['guestname']) > 25) {
$post_errors->addError('long_name');
}
if (empty($modSettings['guest_post_no_email'])) {
// Only check if they changed it!
if (!isset($msgInfo) || $msgInfo['poster_email'] != $_POST['email']) {
require_once SUBSDIR . '/DataValidator.class.php';
if (!allowedTo('moderate_forum') && !Data_Validator::is_valid($_POST, array('email' => 'valid_email|required'), array('email' => 'trim'))) {
empty($_POST['email']) ? $post_errors->addError('no_email') : $post_errors->addError('bad_email');
}
}
// Now make sure this email address is not banned from posting.
isBannedEmail($_POST['email'], 'cannot_post', sprintf($txt['you_are_post_banned'], $txt['guest_title']));
}
// In case they are making multiple posts this visit, help them along by storing their name.
if (!$post_errors->hasErrors()) {
$_SESSION['guest_name'] = $_POST['guestname'];
$_SESSION['guest_email'] = $_POST['email'];
}
}
// Check the subject and message.
if (!isset($_POST['subject']) || Util::htmltrim(Util::htmlspecialchars($_POST['subject'])) === '') {
$post_errors->addError('no_subject');
}
if (!isset($_POST['message']) || Util::htmltrim(Util::htmlspecialchars($_POST['message'], ENT_QUOTES)) === '') {
$post_errors->addError('no_message');
} elseif (!empty($modSettings['max_messageLength']) && Util::strlen($_POST['message']) > $modSettings['max_messageLength']) {
$post_errors->addError(array('long_message', array($modSettings['max_messageLength'])));
} else {
// Prepare the message a bit for some additional testing.
$_POST['message'] = Util::htmlspecialchars($_POST['message'], ENT_QUOTES);
// Preparse code. (Zef)
if ($user_info['is_guest']) {
$user_info['name'] = $_POST['guestname'];
}
preparsecode($_POST['message']);
// Let's see if there's still some content left without the tags.
if (Util::htmltrim(strip_tags(parse_bbc($_POST['message'], false), '<img>')) === '' && (!allowedTo('admin_forum') || strpos($_POST['message'], '[html]') === false)) {
$post_errors->addError('no_message');
}
}
if (isset($_POST['calendar']) && !isset($_REQUEST['deleteevent']) && Util::htmltrim($_POST['evtitle']) === '') {
$post_errors->addError('no_event');
}
// Validate the poll...
if (isset($_REQUEST['poll']) && !empty($modSettings['pollMode'])) {
if (!empty($topic) && !isset($_REQUEST['msg'])) {
fatal_lang_error('no_access', false);
}
// This is a new topic... so it's a new poll.
if (empty($topic)) {
isAllowedTo('poll_post');
} elseif ($user_info['id'] == $topic_info['id_member_started'] && !allowedTo('poll_add_any')) {
isAllowedTo('poll_add_own');
} else {
isAllowedTo('poll_add_any');
}
if (!isset($_POST['question']) || trim($_POST['question']) == '') {
$post_errors->addError('no_question');
}
$_POST['options'] = empty($_POST['options']) ? array() : htmltrim__recursive($_POST['options']);
// Get rid of empty ones.
foreach ($_POST['options'] as $k => $option) {
if ($option == '') {
unset($_POST['options'][$k], $_POST['options'][$k]);
}
}
// What are you going to vote between with one choice?!?
if (count($_POST['options']) < 2) {
$post_errors->addError('poll_few');
} elseif (count($_POST['options']) > 256) {
$post_errors->addError('poll_many');
}
}
if ($posterIsGuest) {
// If user is a guest, make sure the chosen name isn't taken.
require_once SUBSDIR . '/Members.subs.php';
if (isReservedName($_POST['guestname'], 0, true, false) && (!isset($msgInfo['poster_name']) || $_POST['guestname'] != $msgInfo['poster_name'])) {
$post_errors->addError('bad_name');
}
} elseif (!isset($_REQUEST['msg'])) {
$_POST['guestname'] = $user_info['username'];
$_POST['email'] = $user_info['email'];
}
// Posting somewhere else? Are we sure you can?
if (!empty($_REQUEST['post_in_board'])) {
$new_board = (int) $_REQUEST['post_in_board'];
if (!allowedTo('post_new', $new_board)) {
$post_in_board = boardInfo($new_board);
if (!empty($post_in_board)) {
$post_errors->addError(array('post_new_board', array($post_in_board['name'])));
} else {
$post_errors->addError('post_new');
}
}
}
// Any mistakes?
if ($post_errors->hasErrors() || $attach_errors->hasErrors()) {
addInlineJavascript('
$(document).ready(function () {
$("html,body").scrollTop($(\'.category_header:visible:first\').offset().top);
});');
return $this->action_post();
}
// Make sure the user isn't spamming the board.
if (!isset($_REQUEST['msg'])) {
spamProtection('post');
}
// At about this point, we're posting and that's that.
ignore_user_abort(true);
@set_time_limit(300);
// Add special html entities to the subject, name, and email.
$_POST['subject'] = strtr(Util::htmlspecialchars($_POST['subject']), array("\r" => '', "\n" => '', "\t" => ''));
$_POST['guestname'] = htmlspecialchars($_POST['guestname'], ENT_COMPAT, 'UTF-8');
$_POST['email'] = htmlspecialchars($_POST['email'], ENT_COMPAT, 'UTF-8');
// At this point, we want to make sure the subject isn't too long.
if (Util::strlen($_POST['subject']) > 100) {
$_POST['subject'] = Util::substr($_POST['subject'], 0, 100);
}
if (!empty($modSettings['mentions_enabled']) && !empty($_REQUEST['uid'])) {
$query_params = array();
$query_params['member_ids'] = array_unique(array_map('intval', $_REQUEST['uid']));
require_once SUBSDIR . '/Members.subs.php';
$mentioned_members = membersBy('member_ids', $query_params, true);
$replacements = 0;
$actually_mentioned = array();
foreach ($mentioned_members as $member) {
$_POST['message'] = str_replace('@' . $member['real_name'], '[member=' . $member['id_member'] . ']' . $member['real_name'] . '[/member]', $_POST['message'], $replacements);
if ($replacements > 0) {
$actually_mentioned[] = $member['id_member'];
}
}
}
// Make the poll...
if (isset($_REQUEST['poll'])) {
// Make sure that the user has not entered a ridiculous number of options..
if (empty($_POST['poll_max_votes']) || $_POST['poll_max_votes'] <= 0) {
$_POST['poll_max_votes'] = 1;
} elseif ($_POST['poll_max_votes'] > count($_POST['options'])) {
$_POST['poll_max_votes'] = count($_POST['options']);
} else {
$_POST['poll_max_votes'] = (int) $_POST['poll_max_votes'];
}
$_POST['poll_expire'] = (int) $_POST['poll_expire'];
$_POST['poll_expire'] = $_POST['poll_expire'] > 9999 ? 9999 : ($_POST['poll_expire'] < 0 ? 0 : $_POST['poll_expire']);
// Just set it to zero if it's not there..
if (!isset($_POST['poll_hide'])) {
$_POST['poll_hide'] = 0;
} else {
$_POST['poll_hide'] = (int) $_POST['poll_hide'];
}
$_POST['poll_change_vote'] = isset($_POST['poll_change_vote']) ? 1 : 0;
$_POST['poll_guest_vote'] = isset($_POST['poll_guest_vote']) ? 1 : 0;
// Make sure guests are actually allowed to vote generally.
if ($_POST['poll_guest_vote']) {
require_once SUBSDIR . '/Members.subs.php';
$allowedVoteGroups = groupsAllowedTo('poll_vote', $board);
if (!in_array(-1, $allowedVoteGroups['allowed'])) {
$_POST['poll_guest_vote'] = 0;
}
}
// If the user tries to set the poll too far in advance, don't let them.
if (!empty($_POST['poll_expire']) && $_POST['poll_expire'] < 1) {
fatal_lang_error('poll_range_error', false);
} elseif (empty($_POST['poll_expire']) && $_POST['poll_hide'] == 2) {
$_POST['poll_hide'] = 1;
}
// Clean up the question and answers.
$_POST['question'] = htmlspecialchars($_POST['question'], ENT_COMPAT, 'UTF-8');
$_POST['question'] = Util::substr($_POST['question'], 0, 255);
$_POST['question'] = preg_replace('~&#(\\d{4,5}|[2-9]\\d{2,4}|1[2-9]\\d);~', '&#$1;', $_POST['question']);
$_POST['options'] = htmlspecialchars__recursive($_POST['options']);
// Finally, make the poll.
require_once SUBSDIR . '/Poll.subs.php';
$id_poll = createPoll($_POST['question'], $user_info['id'], $_POST['guestname'], $_POST['poll_max_votes'], $_POST['poll_hide'], $_POST['poll_expire'], $_POST['poll_change_vote'], $_POST['poll_guest_vote'], $_POST['options']);
} else {
$id_poll = 0;
}
// ...or attach a new file...
if (empty($ignore_temp) && $context['attachments']['can']['post'] && !empty($_SESSION['temp_attachments']) && empty($_POST['from_qr'])) {
$attachIDs = array();
foreach ($_SESSION['temp_attachments'] as $attachID => $attachment) {
if ($attachID != 'initial_error' && strpos($attachID, 'post_tmp_' . $user_info['id']) === false) {
continue;
}
// If there was an initial error just show that message.
if ($attachID == 'initial_error') {
unset($_SESSION['temp_attachments']);
break;
}
// No errors, then try to create the attachment
if (empty($attachment['errors'])) {
// Load the attachmentOptions array with the data needed to create an attachment
$attachmentOptions = array('post' => isset($_REQUEST['msg']) ? $_REQUEST['msg'] : 0, 'poster' => $user_info['id'], 'name' => $attachment['name'], 'tmp_name' => $attachment['tmp_name'], 'size' => isset($attachment['size']) ? $attachment['size'] : 0, 'mime_type' => isset($attachment['type']) ? $attachment['type'] : '', 'id_folder' => isset($attachment['id_folder']) ? $attachment['id_folder'] : 0, 'approved' => !$modSettings['postmod_active'] || allowedTo('post_attachment'), 'errors' => array());
if (createAttachment($attachmentOptions)) {
$attachIDs[] = $attachmentOptions['id'];
if (!empty($attachmentOptions['thumb'])) {
$attachIDs[] = $attachmentOptions['thumb'];
}
}
} else {
@unlink($attachment['tmp_name']);
}
}
unset($_SESSION['temp_attachments']);
}
// Creating a new topic?
$newTopic = empty($_REQUEST['msg']) && empty($topic);
$_POST['icon'] = !empty($attachIDs) && $_POST['icon'] == 'xx' ? 'clip' : $_POST['icon'];
// Collect all parameters for the creation or modification of a post.
$msgOptions = array('id' => empty($_REQUEST['msg']) ? 0 : (int) $_REQUEST['msg'], 'subject' => $_POST['subject'], 'body' => $_POST['message'], 'icon' => preg_replace('~[\\./\\\\*:"\'<>]~', '', $_POST['icon']), 'smileys_enabled' => !isset($_POST['ns']), 'attachments' => empty($attachIDs) ? array() : $attachIDs, 'approved' => $becomesApproved);
$topicOptions = array('id' => empty($topic) ? 0 : $topic, 'board' => $board, 'poll' => isset($_REQUEST['poll']) ? $id_poll : null, 'lock_mode' => isset($_POST['lock']) ? (int) $_POST['lock'] : null, 'sticky_mode' => isset($_POST['sticky']) && !empty($modSettings['enableStickyTopics']) ? (int) $_POST['sticky'] : null, 'mark_as_read' => true, 'is_approved' => !$modSettings['postmod_active'] || empty($topic) || !empty($board_info['cur_topic_approved']));
$posterOptions = array('id' => $user_info['id'], 'name' => $_POST['guestname'], 'email' => $_POST['email'], 'update_post_count' => !$user_info['is_guest'] && !isset($_REQUEST['msg']) && $board_info['posts_count']);
// This is an already existing message. Edit it.
if (!empty($_REQUEST['msg'])) {
// Have admins allowed people to hide their screwups?
if (time() - $msgInfo['poster_time'] > $modSettings['edit_wait_time'] || $user_info['id'] != $msgInfo['id_member']) {
$msgOptions['modify_time'] = time();
$msgOptions['modify_name'] = $user_info['name'];
}
// This will save some time...
if (empty($approve_has_changed)) {
unset($msgOptions['approved']);
}
modifyPost($msgOptions, $topicOptions, $posterOptions);
} else {
if (!empty($modSettings['enableFollowup']) && !empty($_REQUEST['followup'])) {
$original_post = (int) $_REQUEST['followup'];
}
// We also have to fake the board:
// if it's valid and it's not the current, let's forget about the "current" and load the new one
if (!empty($new_board) && $board !== $new_board) {
$board = $new_board;
loadBoard();
// Some details changed
$topicOptions['board'] = $board;
$topicOptions['is_approved'] = !$modSettings['postmod_active'] || empty($topic) || !empty($board_info['cur_topic_approved']);
$posterOptions['update_post_count'] = !$user_info['is_guest'] && !isset($_REQUEST['msg']) && $board_info['posts_count'];
}
createPost($msgOptions, $topicOptions, $posterOptions);
if (isset($topicOptions['id'])) {
$topic = $topicOptions['id'];
}
if (!empty($modSettings['enableFollowup'])) {
require_once SUBSDIR . '/FollowUps.subs.php';
require_once SUBSDIR . '/Messages.subs.php';
// Time to update the original message with a pointer to the new one
if (!empty($original_post) && canAccessMessage($original_post)) {
linkMessages($original_post, $topic);
}
}
}
// If we had a draft for this, its time to remove it since it was just posted
if (!empty($modSettings['drafts_enabled']) && !empty($_POST['id_draft'])) {
deleteDrafts($_POST['id_draft'], $user_info['id']);
}
// Editing or posting an event?
if (isset($_POST['calendar']) && (!isset($_REQUEST['eventid']) || $_REQUEST['eventid'] == -1)) {
require_once SUBSDIR . '/Calendar.subs.php';
// Make sure they can link an event to this post.
canLinkEvent();
// Insert the event.
$eventOptions = array('id_board' => $board, 'id_topic' => $topic, 'title' => $_POST['evtitle'], 'member' => $user_info['id'], 'start_date' => sprintf('%04d-%02d-%02d', $_POST['year'], $_POST['month'], $_POST['day']), 'span' => isset($_POST['span']) && $_POST['span'] > 0 ? min((int) $modSettings['cal_maxspan'], (int) $_POST['span'] - 1) : 0);
insertEvent($eventOptions);
} elseif (isset($_POST['calendar'])) {
$_REQUEST['eventid'] = (int) $_REQUEST['eventid'];
// Validate the post...
require_once SUBSDIR . '/Calendar.subs.php';
validateEventPost();
// If you're not allowed to edit any events, you have to be the poster.
if (!allowedTo('calendar_edit_any')) {
$event_poster = getEventPoster($_REQUEST['eventid']);
// Silly hacker, Trix are for kids. ...probably trademarked somewhere, this is FAIR USE! (parody...)
isAllowedTo('calendar_edit_' . ($event_poster == $user_info['id'] ? 'own' : 'any'));
}
// Delete it?
if (isset($_REQUEST['deleteevent'])) {
removeEvent($_REQUEST['eventid']);
} else {
$span = !empty($modSettings['cal_allowspan']) && !empty($_REQUEST['span']) ? min((int) $modSettings['cal_maxspan'], (int) $_REQUEST['span'] - 1) : 0;
$start_time = mktime(0, 0, 0, (int) $_REQUEST['month'], (int) $_REQUEST['day'], (int) $_REQUEST['year']);
$eventOptions = array('start_date' => strftime('%Y-%m-%d', $start_time), 'end_date' => strftime('%Y-%m-%d', $start_time + $span * 86400), 'title' => $_REQUEST['evtitle']);
modifyEvent($_REQUEST['eventid'], $eventOptions);
}
}
// Marking boards as read.
// (You just posted and they will be unread.)
if (!$user_info['is_guest']) {
$board_list = !empty($board_info['parent_boards']) ? array_keys($board_info['parent_boards']) : array();
// Returning to the topic?
if (!empty($_REQUEST['goback'])) {
$board_list[] = $board;
}
if (!empty($board_list)) {
markBoardsRead($board_list, false, false);
}
}
// Turn notification on or off.
if (!empty($_POST['notify']) && allowedTo('mark_any_notify')) {
setTopicNotification($user_info['id'], $topic, true);
} elseif (!$newTopic) {
setTopicNotification($user_info['id'], $topic, false);
}
// Log an act of moderation - modifying.
if (!empty($moderationAction)) {
logAction('modify', array('topic' => $topic, 'message' => (int) $_REQUEST['msg'], 'member' => $msgInfo['id_member'], 'board' => $board));
}
if (isset($_POST['lock']) && $_POST['lock'] != 2) {
logAction(empty($_POST['lock']) ? 'unlock' : 'lock', array('topic' => $topicOptions['id'], 'board' => $topicOptions['board']));
}
if (isset($_POST['sticky']) && !empty($modSettings['enableStickyTopics'])) {
logAction(empty($_POST['sticky']) ? 'unsticky' : 'sticky', array('topic' => $topicOptions['id'], 'board' => $topicOptions['board']));
}
// Notify any members who have notification turned on for this topic/board - only do this if it's going to be approved(!)
if ($becomesApproved) {
require_once SUBSDIR . '/Notification.subs.php';
if ($newTopic) {
$notifyData = array('body' => $_POST['message'], 'subject' => $_POST['subject'], 'name' => $user_info['name'], 'poster' => $user_info['id'], 'msg' => $msgOptions['id'], 'board' => $board, 'topic' => $topic, 'signature' => isset($user_settings['signature']) ? $user_settings['signature'] : '');
sendBoardNotifications($notifyData);
} elseif (empty($_REQUEST['msg'])) {
// Only send it to everyone if the topic is approved, otherwise just to the topic starter if they want it.
if ($topic_info['approved']) {
sendNotifications($topic, 'reply');
} else {
sendNotifications($topic, 'reply', array(), $topic_info['id_member_started']);
}
}
}
if (!empty($modSettings['mentions_enabled']) && !empty($actually_mentioned)) {
require_once CONTROLLERDIR . '/Mentions.controller.php';
$mentions = new Mentions_Controller();
$mentions->setData(array('id_member' => $actually_mentioned, 'type' => 'men', 'id_msg' => $msgOptions['id'], 'status' => $becomesApproved ? 'new' : 'unapproved'));
$mentions->action_add();
}
if ($board_info['num_topics'] == 0) {
cache_put_data('board-' . $board, null, 120);
}
if (!empty($_POST['announce_topic'])) {
redirectexit('action=announce;sa=selectgroup;topic=' . $topic . (!empty($_POST['move']) && allowedTo('move_any') ? ';move' : '') . (empty($_REQUEST['goback']) ? '' : ';goback'));
}
if (!empty($_POST['move']) && allowedTo('move_any')) {
redirectexit('action=movetopic;topic=' . $topic . '.0' . (empty($_REQUEST['goback']) ? '' : ';goback'));
}
// Return to post if the mod is on.
if (isset($_REQUEST['msg']) && !empty($_REQUEST['goback'])) {
redirectexit('topic=' . $topic . '.msg' . $_REQUEST['msg'] . '#msg' . $_REQUEST['msg'], isBrowser('ie'));
} elseif (!empty($_REQUEST['goback'])) {
redirectexit('topic=' . $topic . '.new#new', isBrowser('ie'));
} else {
redirectexit('board=' . $board . '.0');
}
}
function method_report_post()
{
global $context, $mobdb, $modSettings, $scripturl, $user_info, $sourcedir, $txt;
// Get the message ID
if (!isset($context['mob_request']['params'][0])) {
outputRPCResult(false, $txt['smf272']);
}
$id_msg = (int) $context['mob_request']['params'][0][0];
$reason = utf8ToAscii(base64_decode($context['mob_request']['params'][1][0]));
require_once $sourcedir . '/Subs-Post.php';
$mobdb->query("\n SELECT m.subject, m.ID_MEMBER, m.posterName, mem.realName, m.ID_TOPIC, m.ID_BOARD\n FROM {db_prefix}messages AS m\n LEFT JOIN {db_prefix}members AS mem ON (m.ID_MEMBER = mem.ID_MEMBER)\n WHERE m.ID_MSG = {$id_msg}\n LIMIT 1", array());
if ($mobdb->num_rows() == 0) {
outputRPCResult(false, $txt['smf272']);
}
$message_info = $mobdb->fetch_assoc();
global $topic, $board;
list($subject, $member, $posterName, $realName, $topic, $board) = array($message_info['subject'], $message_info['ID_MEMBER'], $message_info['posterName'], $message_info['realName'], $message_info['ID_TOPIC'], $message_info['ID_BOARD']);
$mobdb->free_result();
loadBoard();
loadPermissions();
// You can't use this if it's off or you are not allowed to do it.
if (!allowedTo('report_any')) {
outputRPCResult(false, $txt['cannot_report_any']);
}
spamProtection('spam');
if ($member == $user_info['id']) {
outputRPCResult(false, $txt['rtm_not_own']);
}
$posterName = un_htmlspecialchars($realName) . ($realName != $posterName ? ' (' . $posterName . ')' : '');
$reporterName = un_htmlspecialchars($user_info['name']) . ($user_info['name'] != $user_info['username'] && $user_info['username'] != '' ? ' (' . $user_info['username'] . ')' : '');
$subject = un_htmlspecialchars($subject);
// Get a list of members with the moderate_board permission.
require_once $sourcedir . '/Subs-Members.php';
$moderators = membersAllowedTo('moderate_board', $board);
$mobdb->query("\n SELECT ID_MEMBER, emailAddress, lngfile\n FROM {db_prefix}members\n WHERE ID_MEMBER IN (" . implode(', ', $moderators) . ")\n AND notifyTypes != 4\n ORDER BY lngfile", array());
// Check that moderators do exist!
if ($mobdb->num_rows() == 0) {
outputRPCResult(false, $txt['rtm11']);
}
// Send every moderator an email.
while ($row = $mobdb->fetch_assoc()) {
loadLanguage('Post', empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'], false);
// Send it to the moderator.
sendmail($row['emailAddress'], $txt['rtm3'] . ': ' . $subject . ' ' . $txt['rtm4'] . ' ' . $posterName, sprintf($txt['rtm_email1'], $subject) . ' ' . $posterName . ' ' . $txt['rtm_email2'] . ' ' . (empty($user_info['id']) ? $txt['guest'] . ' (' . $user_info['ip'] . ')' : $reporterName) . ' ' . $txt['rtm_email3'] . ":\n\n" . $scripturl . '?topic=' . $topic . '.msg' . $id_msg . '#msg' . $id_msg . "\n\n" . $txt['rtm_email_comment'] . ":\n" . $reason . "\n\n" . $txt[130], $user_info['email']);
}
$mobdb->free_result();
outputRPCResult(true);
}
function mob_get_topic($rpcmsg)
{
global $mobdb, $mobsettings, $modSettings, $context, $scripturl, $user_info, $board;
$id_board = $board = (int) $rpcmsg->getScalarValParam(0);
loadBoard();
loadPermissions();
// Load the start and end
$start = $rpcmsg->getScalarValParam(1);
$end = $rpcmsg->getScalarValParam(2);
$count = $end - $start > 50 ? 50 : $end - $start + 1;
if ($rpcmsg->getParam(3) && $rpcmsg->getScalarValParam(3) == 'ANN') {
mob_error('No announcement');
}
$sticky = false;
// Are we requesting sticky topics only?
if ($rpcmsg->getParam(3) && $rpcmsg->getScalarValParam(3) == 'TOP') {
$sticky = true;
}
// Can you access this board?
$mobdb->query('
SELECT b.ID_BOARD AS id_board, b.name AS board_name
FROM {db_prefix}boards AS b
WHERE {query_see_board}
AND b.ID_BOARD = {int:board}', array('board' => $id_board));
if ($mobdb->num_rows() == 0) {
mob_error('invalid board');
}
$board_info = $mobdb->fetch_assoc();
$mobdb->free_result();
$board_info['can_post_new'] = allowedTo('post_new');
// Get unread sticky topics num
$board_info['unread_sticky_count'] = 0;
// if (!$user_info['is_guest'])
// {
// $mobdb->query('
// SELECT COUNT(*), IFNULL(lt.ID_MSG, IFNULL(lmr.ID_MSG, -1)) + 1 AS new_from, lm.Id_MSG_MODIFIED as id_msg_modified
// FROM {db_prefix}topics AS t
// LEFT JOIN {db_prefix}messages AS lm ON (t.ID_LAST_MSG = lm.ID_MSG)
// LEFT JOIN {db_prefix}log_topics AS lt ON (lt.ID_TOPIC = t.ID_TOPIC AND lt.ID_MEMBER = {int:current_member})
// LEFT JOIN {db_prefix}log_mark_read AS lmr ON (lmr.ID_BOARD = {int:board} AND lmr.ID_MEMBER = {int:current_member})
// WHERE t.ID_BOARD = {int:board}
// AND t.isSticky = 1
// HAVING new_from <= id_msg_modified',
// array(
// 'current_member' => $user_info['id'],
// 'board' => $id_board,
// )
// );
// list ($board_info['unread_sticky_count']) = $mobdb->fetch_row();
// $mobdb->free_result();
// }
// Get the total
$mobdb->query('
SELECT COUNT(*)
FROM {db_prefix}topics AS t
WHERE t.ID_BOARD = {int:board}
AND t.isSticky = ' . ($sticky ? 1 : 0), array('board' => $id_board));
list($board_info['total_topic_num']) = $mobdb->fetch_row();
$mobdb->free_result();
// Return the output
return new xmlrpcresp(new xmlrpcval(array('total_topic_num' => new xmlrpcval($board_info['total_topic_num'], 'int'), 'forum_id' => new xmlrpcval($board_info['id_board'], 'string'), 'forum_name' => new xmlrpcval(processSubject($board_info['board_name']), 'base64'), 'can_post' => new xmlrpcval($board_info['can_post_new'], 'boolean'), 'unread_sticky_count' => new xmlrpcval($board_info['unread_sticky_count'], 'int'), 'topics' => new xmlrpcval(get_topics('t.ID_BOARD = {int:board} AND t.isSticky = ' . ($sticky ? 1 : 0), array('board' => $id_board), $start, $count, true), 'array')), 'struct'));
}
