$archivelink = '<a class="btn1" href="' . $phpself . '?mode=archive&id=' . $msg_id . '"><img src="' . $CONF_MSG['imgset'] . '/pm_archive.gif" align="absmiddle" border="0" alt="' . $LANG_MSG['ARCHIVEMSG'] . '">'; $msg_row->set_var('link2_end', '</a>'); } else { $archivelink = '<div class="msgDisabledBtn">'; $msg_row->set_var('link2_end', '</div>'); } // Set View Original Message Link - active if this is a reply to one of your messages if ($reply_msgid > 0 and DB_count($_TABLES['messenger_msg'], "id", $reply_msgid)) { $view_sentmsg = sprintf($LANG_MSG['VIEWORIGINAL'], $_CONF['site_url'] . '/messenger/index.php?folder=SENT&replyid=' . $reply_msgid); } else { $view_sentmsg = ''; } // Set Broadcast Display flag $broadcast_flag = $target == 0 ? '<IMG SRC="' . $CONF_MSG['imgset'] . '/pm_broadcast.gif" border="0" align="absmiddle" alt="' . $LANG_MSG['BROADCAST_MSG'] . '">' : ''; if ($source != $_USER['uid']) { if (DB_COUNT($_TABLES['messenger_buddies'], array('uid', 'buddy_id'), array($_USER['uid'], $source)) > 0) { $LANG_buddy = $LANG_MSG['DELBUDDY']; $buddylink = '<a href="' . $phpself . '?action=delbuddy&buddy=' . $source . '&sortoption=' . $sortoption . '"><img align="absmiddle" src="' . $CONF_MSG['imgset'] . '/del_buddy.gif" border="0" ALT="' . $LANG_buddy . '">'; } else { $LANG_buddy = $LANG_MSG['ADDBUDDY']; $buddylink = '<a href="' . $phpself . '?action=addbuddy&buddy=' . $source . '&sortoption=' . $sortoption . '"><img align="absmiddle" src="' . $CONF_MSG['imgset'] . '/add_buddy.gif" border="0" ALT="' . $LANG_buddy . '">'; } } if ($CONF_MSG['smiliesEnabled']) { $message = msg_replaceEmoticons($message); } if ($folder == "INBOX" or $folder == "ARCHIVE") { $msg_row->set_var('LANG_whom', $LANG_MSG['FROM']); } else { $msg_row->set_var('LANG_whom', $LANG_MSG['TO']); }
private function _renderBlockMenu() { global $_USER, $_TABLES, $_CONF, $CONF_NEXMENU; $retval = COM_startBlock('', '', 'nexmenu/procssmenu/blockheader.thtml'); $t = new Template($_CONF['path_layout'] . 'nexmenu/procssmenu'); $t->set_file('menu', 'blockmenu.thtml'); $t->set_var('menuitems', $this->_renderMenuItems()); $t->parse('output', 'menu'); $retval .= $t->finish($t->get_var('output')); $retval .= COM_endBlock('nexmenu/procssmenu/blockfooter.thtml'); if ($CONF_NEXMENU['loginform'] and $_USER['uid'] < 2 and DB_COUNT($_TABLES['nexmenu'], 'url', 'usermenu') > 0) { // Now check the default useroptions block or gluserlogin block is not enabled $sql = "SELECT * FROM {$_TABLES['blocks']} WHERE is_enabled=1 AND (name='user_block' OR phpblockfn='phpblock_gluserlogin')"; if (DB_numRows(DB_query($sql)) == 0) { $retval .= phpblock_glusermenu(); } } return $retval; }
/** * Returns a formatted listbox of categories user has access * First checks for View access so that delegated admin can be just for sub-categories * * @param string|array $perms Single perm 'admin' or array of permissions as required by fm_getPermission() * @param int $selected Will make this item the selected item in the listbox * @param string $cid Parent category to start at and then recursively check * @param string $level Used by this function as it calls itself to control the ident formatting * @param string $selectlist Used by this function to be able to append to the formatted select list * @param string $restricted Used if you do not want to show this categories subfolders * @return string Return a formatted HTML Select listbox of categories */ function nexdoc_recursiveAccessOptions($perms, $selected = '', $cid = '0', $level = '1', $selectlist = '', $restricted = '') { global $_TABLES, $LANG_FM02; if (empty($selectlist) and $level == 1) { if (SEC_hasRights('nexfile.admin')) { $selectlist = '<option value="0">' . $LANG_FM02['TOP_CAT'] . '</option>' . LB; } } $query = DB_QUERY("SELECT cid,pid,name FROM {$_TABLES['nxfile_categories']} WHERE PID='{$cid}' ORDER BY CID"); while (list($cid, $pid, $name, $description) = DB_fetchARRAY($query)) { $indent = ' '; // Check if user has access to this category if ($cid != $restricted and fm_getPermission($cid, 'view')) { // Check and see if this category has any sub categories - where a category record has this cid as it's parent if (DB_COUNT($_TABLES['nxfile_categories'], 'pid', $cid) > 0) { if ($level > 1) { for ($i = 2; $i <= $level; $i++) { $indent .= "--"; } $indent .= ' '; } if (fm_getPermission($cid, $perms)) { if ($indent != '') { $name = " {$name}"; } $selectlist .= '<option value="' . $cid; if ($cid == $selected) { $selectlist .= '" selected="selected">' . $indent . $name . '</option>' . LB; } else { $selectlist .= '">' . $indent . $name . '</option>' . LB; } $selectlist = nexdoc_recursiveAccessOptions($perms, $selected, $cid, $level + 1, $selectlist, $restricted); } elseif ($perms == 'admin') { // Need to check for any folders with admin even subfolders of parents that user does not have access $selectlist = nexdoc_recursiveAccessOptions($perms, $selected, $cid, $level + 1, $selectlist, $restricted); } } else { if ($level > 1) { for ($i = 2; $i <= $level; $i++) { $indent .= "--"; } $indent .= ' '; } if (fm_getPermission($cid, $perms)) { if ($indent != '') { $name = " {$name}"; } $selectlist .= '<option value="' . $cid; if ($cid == $selected) { $selectlist .= '" selected="selected">' . $indent . $name . '</option>' . LB; } else { $selectlist .= '">' . $indent . $name . '</option>' . LB; } } } } } return $selectlist; }
private function add_accessmetrics($itemid, $tagids) { // Test that a valid array of tag id's is passed in if (is_array($tagids) and count($tagids) > 0) { // Test that a valid item record exist if (DB_count($this->_tagitems, array('type', 'itemid'), array($this->_type, $itemid))) { // Get item permissions to determine what rights to use for tag metrics record $perms = $this->get_itemperms($itemid); // Add any new tags foreach ($tagids as $id) { if (!empty($id)) { if ($perms['perm_anon']) { DB_query("UPDATE {$this->_tagwords} SET metric=metric+1 WHERE id={$id}"); if (DB_COUNT($this->_tagmetrics, array('tagid', 'type', 'grpid'), array($id, $this->_type, $this->_allusers))) { $sql = "UPDATE {$this->_tagmetrics} set metric=metric+1, last_updated=now() "; $sql .= "WHERE tagid={$id} AND type='{$this->_type}' and grpid={$this->_allusers}"; } else { $sql = "INSERT INTO {$this->_tagmetrics} (tagid,type,grpid,metric,last_updated) "; $sql .= "VALUES ({$id},'{$this->_type}',{$this->_allusers},1,NOW())"; } DB_query($sql); } elseif ($perms['perm_members']) { DB_query("UPDATE {$this->_tagwords} SET metric=metric+1 WHERE id={$id}"); if (DB_COUNT($this->_tagmetrics, array('tagid', 'type', 'grpid'), array($id, $this->_type, $this->_sitemembers))) { $sql = "UPDATE {$this->_tagmetrics} set metric=metric+1, last_updated=now() "; $sql .= "WHERE tagid={$id} AND type='{$this->_type}' and grpid={$this->_sitemembers}"; } else { $sql = "INSERT INTO {$this->_tagmetrics} (tagid,type,grpid,metric,last_updated) "; $sql .= "VALUES ({$id},'{$this->_type}',{$this->_sitemembers},1,NOW())"; } DB_query($sql); } elseif ($perms['group_id'] >= 2) { DB_query("UPDATE {$this->_tagwords} SET metric=metric+1 WHERE id={$id}"); if (DB_COUNT($this->_tagmetrics, array('tagid', 'type', 'grpid'), array($id, $this->_type, $perms['group_id']))) { $sql = "UPDATE {$this->_tagmetrics} set metric=metric+1, last_updated=now() "; $sql .= "WHERE tagid={$id} AND type='{$this->_type}' and grpid={$perms['group_id']}"; } else { $sql = "INSERT INTO {$this->_tagmetrics} (tagid,type,grpid,metric,last_updated) "; $sql .= "VALUES ({$id},'{$this->_type}',{$perms['group_id']},1,NOW())"; } DB_query($sql); } } } } } }
function recursive_node(&$node, $id) { global $_CONF, $_TABLES, $CONF_NEXMENU, $showdisabled, $idCurrent, $menulocation; $query = DB_QUERY("SELECT id,pid,label,url,menuorder, menutype,is_enabled FROM {$_TABLES['nexmenu']} WHERE PID='{$id}' ORDER BY menuorder"); $menuOrd = 10; $stepNumber = 10; while (list($id, $pid, $label, $url, $order, $menutype, $enabled) = DB_fetchARRAY($query)) { if ($idCurrent == $id) { $label = '<span class="treeMenuSelected">' . $label . '</span>'; } elseif ($enabled == '0') { $label = '<span class="treeMenuDisabled">' . $label . '</span>'; } /* Re-order any menuitems that may have just been moved */ if ($order != $menuOrd) { DB_query("UPDATE {$_TABLES['nexmenu']} SET menuorder = '{$menuOrd}' WHERE id = '{$id}'"); } $menuOrd += $stepNumber; // Check and see if this category has any sub categories - where a category record has this cid as it's parent if (DB_COUNT($_TABLES['nexmenu'], 'pid', $id) > 0) { if ($enabled == '1' or $enabled == 0 and $showdisabled == '1') { $subnode[$id] = new HTML_TreeNode(array('text' => $label, 'link' => $_CONF['site_admin_url'] . "/plugins/nexmenu/index.php?op=display&id={$id}&showdisabled={$showdisabled}&menulocation={$menulocation}", 'icon' => $folder_icon)); recursive_node($subnode[$id], $id); $node->addItem($subnode[$id]); } } else { if ($enabled == '1' or $enabled == 0 and $showdisabled == '1') { $icon = $CONF_NEXMENU['icons'][$menutype]; $node->addItem(new HTML_TreeNode(array('text' => $label, 'link' => $_CONF['site_admin_url'] . "/plugins/nexmenu/index.php?op=display&id={$id}&showdisabled={$showdisabled}&menulocation={$menulocation}", 'icon' => $icon))); } } } }
function upload_picture($filename, $isLarge) { global $_TABLES; global $_CONF; $error = ""; if ($filename != "") { $uploaddir = $_CONF['path_html'] . "ecommerce/images/item/"; //Check if file for large picture exist. If it does and random numbers to the end. $count = 0; if ($isLarge) { $count = DB_COUNT($_TABLES['ecom_item'], "ecom_item_picture_large", $filename); $tmp_file = $_FILES['picture_large']['tmp_name']; } else { $count = DB_COUNT($_TABLES['ecom_item'], "ecom_item_picture_small", $filename); $tmp_file = $_FILES['picture_small']['tmp_name']; } //Check if file for small picture exist. If it does and random numbers to the end. if ($count > 0) { //Rename the file with timestamp $arr_filename = explode('.', $filename); $filename = $arr_filename[0] . time() . "." . $arr_filename[1]; } $uploadfile = $uploaddir . $filename; if (!move_uploaded_file($tmp_file, $uploadfile)) { $error = "Uploading image failed.<br>"; return $error; } } echo filename; return $error; }
// Check if filename entered if ($_FILES['newfile']['name'] != '') { $name = $_FILES['newfile']['name']; $url = rawurlencode($name); $name = $myts->makeTboxData4Save($name); $url = $myts->makeTboxData4Save($url); } else { $eh->show("1016"); } // Check if Description entered if ($_POST['description'] == '') { $eh->show("1008"); } $uploadfilename = $myts->makeTboxData4Save($_FILES['newfile']['name']); // Check if file is already on file if (DB_COUNT($_TABLES['filemgmt_filedetail'], 'url', $uploadfilename) > 0) { $eh->show("1108"); } if (!empty($_POST['cid'])) { $cid = (int) COM_applyFilter($_POST['cid'], true); } else { $cid = 0; $eh->show("1109"); } $AddNewFile = false; // Set true if fileupload was sucessfull $name = $myts->makeTboxData4Save($name); $title = $myts->makeTboxData4Save($_POST['title']); $homepage = $myts->makeTboxData4Save($_POST['homepage']); $version = $myts->makeTboxData4Save($_POST['version']); $size = intval($_FILES['newfile']['size']);
private function _renderBlockMenu() { global $_USER, $_TABLES, $_CONF, $CONF_NEXMENU; $retval = '<script> with(milonic=new menuname("Site Menu")) {' . LB; $retval .= 'style=' . $this->_blockMenuStyle . ';' . LB; $retval .= $CONF_NEXMENU['blockmenu_default_styles'] . $this->_blockMenuProperties . LB; $retval .= $this->_renderMenuItems(); $retval .= '} drawMenus();' . LB . '</script>' . LB; if ($CONF_NEXMENU['loginform'] and $_USER['uid'] < 2 and DB_COUNT($_TABLES['nexmenu'], 'url', 'usermenu') > 0) { // Now check the default useroptions block or gluserlogin block is not enabled $sql = "SELECT * FROM {$_TABLES['blocks']} WHERE is_enabled=1 AND (name='user_block' OR phpblockfn='phpblock_gluserlogin')"; if (DB_numRows(DB_query($sql)) == 0) { $retval .= phpblock_glusermenu(); } } return $retval; }
function gf_check4files($id, $tempfile = false) { global $_FILES, $_CONF, $_TABLES, $_USER, $CONF_FORUM, $LANG_GF00; global $_FM_TABLES, $CONF_FORUM, $filemgmt_FileStore; $filelinks = ''; $uploadfile = $_FILES['file_forum']; $cid = COM_applyFilter($_POST['filemgmtcat'], true); $use_filestore = false; if ($uploadfile['name'] != '') { if ($_POST['chk_usefilemgmt'] == 1 and $cid > 0) { $filename = $uploadfile['name']; $pos = strrpos($uploadfile['name'], '.') + 1; $ext = strtolower(substr($uploadfile['name'], $pos)); $use_filestore = true; } else { $uploadfilename = ppRandomFilename(); $pos = strrpos($uploadfile['name'], '.') + 1; $ext = strtolower(substr($uploadfile['name'], $pos)); $filename = "{$uploadfilename}.{$ext}"; //COM_errorlog("Forum file upload: Original file: {$uploadfile['name']} and new filename: $filename"); } if ($use_filestore) { if ($CONF_FORUM['FM_PLUGIN'] == 'filemgmt') { $filestore_path = $filemgmt_FileStore; } elseif ($CONF_FORUM['FM_PLUGIN'] == 'nexfile') { $filestore_path = $_CONF['path_html'] . 'nexfile/data/' . $cid . '/'; } else { $filestore_path = $CONF_FORUM['uploadpath']; } } else { $filestore_path = $CONF_FORUM['uploadpath']; } if (gf_uploadfile($filename, $uploadfile, $CONF_FORUM['allowablefiletypes'], $filestore_path)) { if (array_key_exists($uploadfile['type'], $CONF_FORUM['inlineimageypes']) and function_exists(MG_resizeImage)) { if ($_POST['chk_usefilemgmt'] == 1) { $srcImage = "{$filemgmt_FileStore}{$filename}"; $destImage = "{$CONF_FORUM['uploadpath']}/tn/{$filename}"; } else { $srcImage = "{$CONF_FORUM['uploadpath']}/{$filename}"; $destImage = "{$CONF_FORUM['uploadpath']}/tn/{$uploadfilename}.{$ext}"; } $ret = MG_resizeImage($srcImage, $destImage, $CONF_FORUM['inlineimage_height'], $CONF_FORUM['inlineimage_width']); } // Store both the created filename and the real file source filename $realfilename = $filename; $filename = "{$filename}:{$uploadfile['name']}"; if ($tempfile) { $temp = 1; } else { $temp = 0; } if ($use_filestore) { // Check and see if nexfile or the filemgmt plugin is being used if ($CONF_FORUM['FM_PLUGIN'] == 'nexfile') { DB_query("INSERT INTO {$_TABLES['fm_files']} (cid,fname,title,version,ftype,size,submitter,status,date)\r\n VALUES ('{$cid}','{$realfilename}','{$realfilename}','1','file','{$uploadfile['size']}','{$_USER['uid']}','1',UNIX_TIMESTAMP())"); $fid = DB_insertId(); DB_query("INSERT INTO {$_TABLES['fm_detail']} (fid,description,platform,hits,rating,votes,comments)\r\n VALUES ('{$fid}','','','0','0','0','0')"); DB_query("INSERT INTO {$_TABLES['fm_versions']} (fid,fname,ftype,version,size,notes,date,uid,status)\r\n VALUES ('{$fid}','{$realfilename}','file','1','{$uploadfile['size']}','',UNIX_TIMESTAMP(),'{$_USER['uid']}','1')"); DB_query("INSERT INTO {$_TABLES['gf_attachments']} (topic_id,repository_id,filename,tempfile)\r\n VALUES ('{$id}',{$fid},'{$filename}',{$temp})"); } elseif ($CONF_FORUM['FM_PLUGIN'] == 'filemgmt') { $sql = "INSERT INTO {$_FM_TABLES['filemgmt_filedetail']} (cid, title, url, size, submitter, status,date ) "; $sql .= "VALUES ('{$cid}', '{$realfilename}', '{$realfilename}', '{$uploadfile['size']}', '{$_USER['uid']}', 1, UNIX_TIMESTAMP())"; DB_query($sql); $newid = DB_insertID(); DB_query("INSERT INTO {$_TABLES['gf_attachments']} (topic_id,repository_id,filename,tempfile)\r\n VALUES ('{$id}',{$newid},'{$filename}',{$temp})"); $description = ppPrepareForDB($_POST['filemgmt_desc']); DB_query("INSERT INTO {$_FM_TABLES['filemgmt_filedesc']} (lid, description) VALUES ({$newid}, '{$description}')"); } } else { DB_query("INSERT INTO {$_TABLES['gf_attachments']} (topic_id,filename,tempfile)\r\n VALUES ('{$id}','{$filename}',{$temp})"); } } else { COM_errorlog("upload error:" . $GLOBALS['gf_errmsg']); $errmsg = $GLOBALS['gf_errmsg']; } } if (!$tempfile and $_POST['uniqueid'] > 0 and DB_COUNT($_TABLES['gf_topic'], 'id', $id)) { DB_query("UPDATE {$_TABLES['gf_attachments']} SET topic_id={$id}, tempfile=0 WHERE topic_id={$_POST['uniqueid']}"); } return $filelinks; }
function nexcontent_getFolderList($selected = '', $mode = '', $exclude = '0', $pid = '0', $level = '1', $selectlist = '') { global $_TABLES; /* Retrieve all enabled TOP Level Menu Items for this level */ $sql = "SELECT id,pid, type, name FROM {$_TABLES['nexcontent_pages']} WHERE pid='{$pid}' AND type='category'"; if ($mode == '') { $sql .= COM_getPermSQL('AND', '0', 2); } else { $sql .= COM_getPermSQL('AND', '0', 3); } $sql .= ' ORDER BY pageorder'; $query = DB_query($sql); while (list($id, $pid, $type, $label) = DB_fetchARRAY($query)) { //echo "<br>Mode:$mode,Type:$pagetype, id:$id, selected:$selected, exclude:$exclude"; if ($id != $exclude and DB_COUNT($_TABLES['nexcontent_pages'], 'pid', $id) > 0) { $selectlist .= '<option value="' . $id; $indent = ''; if ($level > 1) { for ($i = 2; $i <= $level; $i++) { $indent .= "--"; } } if ($id == $selected) { $selectlist .= '" Selected>' . $indent . $label . '</option>' . LB; } else { $selectlist .= '">' . $indent . $label . '</option>' . LB; } $selectlist = nexcontent_getFolderList($selected, $mode, $exclude, $id, $level + 1, $selectlist); } elseif ($mode == '' or $mode == 'add' or $mode == 'edit' and $id != $exclude) { // Don't show current category in list if in Edit Category Mode - Can't make it a linked to itself $indent = ''; if ($level > 1) { for ($i = 2; $i <= $level; $i++) { $indent .= "--"; } } $selectlist .= '<option value="' . $id; if ($id == $selected) { $selectlist .= '" Selected>' . $indent . $label . '</option>' . LB; } else { $selectlist .= '">' . $indent . $label . '</option>' . LB; } } } return $selectlist; }
function _ff_check4files($id, $tempfile = false) { global $_FILES, $_CONF, $_TABLES, $_USER, $_FF_CONF, $LANG_GF00, $_FF_CONF, $filemgmt_FileStore; $retval = ''; for ($z = 1; $z <= $_FF_CONF['maxattachments']; $z++) { $filelinks = ''; $varName = 'file_forum' . $z; $chk_usefilemgmt = 'chk_usefilemgmt' . $z; $filemgmtcat = 'filemgmtcat' . $z; $filemgmt_desc = 'filemgmt_desc' . $z; if (isset($_FILES[$varName]) && is_array($_FILES[$varName])) { $uploadfile = $_FILES[$varName]; } else { $uploadfile['name'] = ''; } if ($uploadfile['name'] != '') { if (isset($_POST[$chk_usefilemgmt]) && $_POST[$chk_usefilemgmt] == 1) { $filename = $uploadfile['name']; $pos = strrpos($uploadfile['name'], '.') + 1; $ext = strtolower(substr($uploadfile['name'], $pos)); } else { $uploadfilename = glfRandomFilename(); $pos = strrpos($uploadfile['name'], '.') + 1; $ext = strtolower(substr($uploadfile['name'], $pos)); $filename = "{$uploadfilename}.{$ext}"; } $set_chk_usefilemgmt = isset($_POST[$chk_usefilemgmt]) ? (int) $_POST[$chk_usefilemgmt] : 0; if (_ff_uploadfile($filename, $uploadfile, $_FF_CONF['allowablefiletypes'], $set_chk_usefilemgmt)) { if (array_key_exists($uploadfile['type'], $_FF_CONF['inlineimageypes'])) { if (isset($_POST[$chk_usefilemgmt]) && $_POST[$chk_usefilemgmt] == 1) { $srcImage = "{$filemgmt_FileStore}{$filename}"; $destImage = "{$_FF_CONF['uploadpath']}/tn/{$filename}"; } else { $srcImage = "{$_FF_CONF['uploadpath']}/{$filename}"; $destImage = "{$_FF_CONF['uploadpath']}/tn/{$uploadfilename}.{$ext}"; } $ret = IMG_resizeImage($srcImage, $destImage, $_FF_CONF['inlineimage_height'], $_FF_CONF['inlineimage_width']); } // Store both the created filename and the real file source filename $realfilename = $filename; $filename = "{$filename}:{$uploadfile['name']}"; if ($tempfile) { $temp = 1; } else { $temp = 0; } if (isset($_POST[$chk_usefilemgmt]) && $_POST[$chk_usefilemgmt] == 1) { $cid = COM_applyFilter($_POST[$filemgmtcat], true); $sql = "INSERT INTO {$_TABLES['filemgmt_filedetail']} (cid, title, url, size, submitter, status,date ) "; $sql .= "VALUES ('" . DB_escapeString($cid) . "', '" . DB_escapeString($realfilename) . "', '" . DB_escapeString($realfilename) . "', '" . DB_escapeString($uploadfile['size']) . "', '{$_USER['uid']}', 1, UNIX_TIMESTAMP())"; DB_query($sql); $newid = DB_insertID(); DB_query("INSERT INTO {$_TABLES['ff_attachments']} (topic_id,repository_id,filename,tempfile)\n VALUES ('" . DB_escapeString($id) . "',{$newid},'" . DB_escapeString($filename) . "',{$temp})"); $description = glfPrepareForDB($_POST[$filemgmt_desc]); DB_query("INSERT INTO {$_TABLES['filemgmt_filedesc']} (lid, description) VALUES ({$newid}, '{$description}')"); } else { DB_query("INSERT INTO {$_TABLES['ff_attachments']} (topic_id,filename,tempfile)\n VALUES ('" . DB_escapeString($id) . "','" . DB_escapeString($filename) . "',{$temp})"); } } else { COM_errorlog("upload error:" . $GLOBALS['ff_errmsg']); $retval .= $GLOBALS['ff_errmsg']; $filelinks = -1; } } } if (!$tempfile and isset($_POST['uniqueid']) and COM_applyFilter($_POST['uniqueid'], true) > 0 and DB_COUNT($_TABLES['ff_topic'], 'id', (int) $id)) { $tid = COM_applyFilter($_POST['uniqueid']); DB_query("UPDATE {$_TABLES['ff_attachments']} SET topic_id=" . (int) $id . ", tempfile=0 WHERE topic_id=" . (int) $tid); } return $retval; }