if (!($usr->users_opt & 1048576) && !q_singleval('SELECT f.id FROM phpgw_fud_forum f LEFT JOIN phpgw_fud_mod mm ON mm.user_id=' . _uid . ' AND mm.forum_id=f.id ' . (_uid ? 'INNER JOIN phpgw_fud_group_cache g1 ON g1.user_id=2147483647 AND g1.resource_id=f.id LEFT JOIN phpgw_fud_group_cache g2 ON g2.user_id=' . _uid . ' AND g2.resource_id=f.id' : 'INNER JOIN phpgw_fud_group_cache g1 ON g1.user_id=0 AND g1.resource_id=f.id') . ' WHERE f.id=' . $forum . ' AND (mm.id IS NOT NULL OR ' . (_uid ? ' ((CASE WHEN g2.id IS NOT NULL THEN g2.group_cache_opt ELSE g1.group_cache_opt END)' : ' (g1.group_cache_opt') . ' & 4) > 0)')) {
std_error('access');
}
/* sanity check */
if (!count($_POST['sel_th'])) {
header('Location: /egroupware/fudforum/3814588639/index.php?t=' . d_thread_view . '&th=' . $th . '&' . _rsidl);
exit;
} else {
if (count($_POST['sel_th']) > 1) {
apply_custom_replace($_POST['new_title']);
db_lock('phpgw_fud_thread_view WRITE, phpgw_fud_thread WRITE, phpgw_fud_forum WRITE, phpgw_fud_msg WRITE, phpgw_fud_poll WRITE');
$tl = implode(',', $_POST['sel_th']);
list($start, $repl) = db_saq("SELECT MIN(root_msg_id), SUM(replies) FROM phpgw_fud_thread WHERE id IN({$tl})");
$repl += count($_POST['sel_th']) - 1;
list($lpi, $lpd) = db_saq("SELECT last_post_id, last_post_date FROM phpgw_fud_thread WHERE id IN({$tl}) ORDER BY last_post_date DESC LIMIT 1");
$new_th = th_add($start, $forum, $lpd, 0, 0, $repl, $lpi);
q("UPDATE phpgw_fud_msg SET reply_to=0, subject='" . addslashes(htmlspecialchars($_POST['new_title'])) . "' WHERE id=" . $start);
q("UPDATE phpgw_fud_msg SET reply_to={$start} WHERE thread_id IN({$tl}) AND (reply_to=0 OR reply_to=id) AND id!={$start}");
if ($forum != $frm) {
$p = array();
$c = q('SELECT poll_id FROM phpgw_fud_msg WHERE thread_id IN(' . $tl . ') AND apr=1 AND poll_id>0');
while ($r = db_rowarr($c)) {
$p[] = $r[0];
}
unset($c);
if (count($p)) {
q('UPDATE phpgw_fud_poll SET forum_id=' . $forum . ' WHERE id IN(' . implode(',', $p) . ')');
}
}
q("UPDATE phpgw_fud_msg SET thread_id={$new_th} WHERE thread_id IN({$tl})");
q("DELETE FROM phpgw_fud_thread WHERE id IN({$tl})");
function add($forum_id, $message_threshold, $forum_opt, $perm, $autoapprove = true)
{
if (!$this->post_stamp) {
$this->post_stamp = __request_timestamp__;
}
if (!isset($this->ip_addr)) {
$this->ip_addr = get_ip();
}
$this->host_name = $GLOBALS['FUD_OPT_1'] & 268435456 ? "'" . addslashes(get_host($this->ip_addr)) . "'" : 'NULL';
$this->thread_id = isset($this->thread_id) ? $this->thread_id : 0;
$this->reply_to = isset($this->reply_to) ? $this->reply_to : 0;
$file_id = write_body($this->body, $length, $offset);
/* determine if preview needs building */
if ($message_threshold && $message_threshold < strlen($this->body)) {
$thres_body = trim_html($this->body, $message_threshold);
$file_id_preview = write_body($thres_body, $length_preview, $offset_preview);
} else {
$file_id_preview = $offset_preview = $length_preview = 0;
}
poll_cache_rebuild($this->poll_id, $poll_cache);
$poll_cache = $poll_cache ? @serialize($poll_cache) : null;
$this->id = db_qid("INSERT INTO phpgw_fud_msg (\n\t\t\tthread_id,\n\t\t\tposter_id,\n\t\t\treply_to,\n\t\t\tip_addr,\n\t\t\thost_name,\n\t\t\tpost_stamp,\n\t\t\tsubject,\n\t\t\tattach_cnt,\n\t\t\tpoll_id,\n\t\t\ticon,\n\t\t\tmsg_opt,\n\t\t\tfile_id,\n\t\t\tfoff,\n\t\t\tlength,\n\t\t\tfile_id_preview,\n\t\t\toffset_preview,\n\t\t\tlength_preview,\n\t\t\tmlist_msg_id,\n\t\t\tpoll_cache\n\t\t) VALUES(\n\t\t\t" . $this->thread_id . ",\n\t\t\t" . $this->poster_id . ",\n\t\t\t" . (int) $this->reply_to . ",\n\t\t\t'" . $this->ip_addr . "',\n\t\t\t" . $this->host_name . ",\n\t\t\t" . $this->post_stamp . ",\n\t\t\t" . strnull(addslashes($this->subject)) . ",\n\t\t\t" . (int) $this->attach_cnt . ",\n\t\t\t" . (int) $this->poll_id . ",\n\t\t\t" . strnull(addslashes($this->icon)) . ",\n\t\t\t" . $this->msg_opt . ",\n\t\t\t" . $file_id . ",\n\t\t\t" . (int) $offset . ",\n\t\t\t" . (int) $length . ",\n\t\t\t" . $file_id_preview . ",\n\t\t\t" . $offset_preview . ",\n\t\t\t" . $length_preview . ",\n\t\t\t" . strnull($this->mlist_msg_id) . ",\n\t\t\t" . strnull(addslashes($poll_cache)) . "\n\t\t)");
$thread_opt = (int) ($perm & 4096 && isset($_POST['thr_locked']));
if (!$this->thread_id) {
/* new thread */
if ($perm & 64 && isset($_POST['thr_ordertype'], $_POST['thr_orderexpiry'])) {
if ((int) $_POST['thr_ordertype']) {
$thread_opt |= (int) $_POST['thr_ordertype'];
$thr_orderexpiry = (int) $_POST['thr_orderexpiry'];
}
}
$this->thread_id = th_add($this->id, $forum_id, $this->post_stamp, $thread_opt, isset($thr_orderexpiry) ? $thr_orderexpiry : 0);
q('UPDATE phpgw_fud_msg SET thread_id=' . $this->thread_id . ' WHERE id=' . $this->id);
} else {
th_lock($this->thread_id, $thread_opt & 1);
}
if ($autoapprove && $forum_opt & 2) {
$this->approve($this->id, true);
}
return $this->id;
}
INNER JOIN phpgw_fud_forum f1 ON t.forum_id=f1.id
INNER JOIN phpgw_fud_forum f2 ON f2.id=' . $forum . '
INNER JOIN phpgw_fud_msg m1 ON m1.id=' . $end . '
INNER JOIN phpgw_fud_msg m2 ON m2.id=f2.last_post_id
WHERE t.id=' . $th);
/* sanity check */
if (!$data->replies) {
header('Location: /egroupware/fudforum/3814588639/index.php?t=' . d_thread_view . '&th=' . $th_id . '&' . _rsidl);
exit;
}
apply_custom_replace($_POST['new_title']);
if ($mc != $data->replies + 1) {
/* check that we need to move the entire thread */
db_lock('phpgw_fud_thread_view WRITE, phpgw_fud_thread WRITE, phpgw_fud_forum WRITE, phpgw_fud_msg WRITE, phpgw_fud_poll WRITE');
$new_th = th_add($start, $forum, $data->new_th_lps, 0, 0, $mc - 1, $data->new_th_lpi);
/* Deal with the new thread */
q('UPDATE phpgw_fud_msg SET thread_id=' . $new_th . ' WHERE id IN (' . $mids . ')');
q('UPDATE phpgw_fud_msg SET reply_to=' . $start . ' WHERE thread_id=' . $new_th . ' AND reply_to NOT IN (' . $mids . ')');
q("UPDATE phpgw_fud_msg SET reply_to=0, subject='" . addslashes(htmlspecialchars($_POST['new_title'])) . "' WHERE id=" . $start);
/* Deal with the old thread */
list($lpi, $lpd) = db_saq("SELECT id, post_stamp FROM phpgw_fud_msg WHERE thread_id=" . $data->id . " AND apr=1 ORDER BY post_stamp DESC LIMIT 1");
$old_root_msg_id = q_singleval("SELECT id FROM phpgw_fud_msg WHERE thread_id=" . $data->id . " AND apr=1 ORDER BY post_stamp ASC LIMIT 1");
q("UPDATE phpgw_fud_msg SET reply_to=" . $old_root_msg_id . " WHERE thread_id=" . $data->id . " AND reply_to IN(" . $mids . ")");
q('UPDATE phpgw_fud_msg SET reply_to=0 WHERE id=' . $old_root_msg_id);
q('UPDATE phpgw_fud_thread SET root_msg_id=' . $old_root_msg_id . ', replies=replies-' . $mc . ', last_post_date=' . $lpd . ', last_post_id=' . $lpi . ' WHERE id=' . $data->id);
if ($forum != $data->forum_id) {
$c = q('SELECT poll_id FROM phpgw_fud_msg WHERE thread_id=' . $new_th . ' AND apr=1 AND poll_id>0');
while ($r = db_rowarr($c)) {
$p[] = $r[0];
}