/** * Moves or splits a topic to another forum * * This function will move either a single topic or a full topic * to a new forum as a new post. * * @param int $topic_id Topic ID to delete * @param int $topic_parent_id Parent ID of topic * @param int $forum_id Forum ID where topic exists * @param int $move_to_forum Forum ID to receive posts * @param string $new_topic_title Title to use for new topic * @param string $splittype What type of split (single or remaining) * * @return string HTML to display confirmation */ function moderator_movePost($topic_id, $topic_parent_id, $forum_id, $move_to_forum, $new_topic_title, $splittype) { global $_CONF, $_USER, $_TABLES, $_FF_CONF, $LANG_GF02; $retval = ''; $date = time(); $movetitle = _ff_preparefordb($new_topic_title, 'text'); $newforumid = $move_to_forum; /* Check and see if we are splitting this forum thread */ if ($splittype != '') { $curpostpid = DB_getItem($_TABLES['ff_topic'], "pid", "id=" . (int) $topic_id); if ($curpostpid == '' || $curpostpid == 0) { echo COM_refresh($_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $topic_id); exit; } if ($splittype == 'single') { // Move only the single post - create a new topic $topicdate = DB_getItem($_TABLES['ff_topic'], "date", "id=" . (int) $topic_id); $sql = "UPDATE {$_TABLES['ff_topic']} SET forum=" . (int) $move_to_forum . ", pid=0,lastupdated='" . DB_escapeString($topicdate) . "', "; $sql .= "subject='" . DB_escapeString($movetitle) . "', replies=0 WHERE id=" . (int) $topic_id; DB_query($sql); DB_query("UPDATE {$_TABLES['ff_topic']} SET replies=replies-1 WHERE id=" . (int) $curpostpid); // Update Topic and Post Count for the effected forums // new forum $postCount = DB_Count($_TABLES['ff_topic'], 'forum', (int) $move_to_forum); $topicsQuery = DB_query("SELECT id FROM {$_TABLES['ff_topic']} WHERE forum=" . (int) $move_to_forum . " AND pid=0"); $topicCount = DB_numRows($topicsQuery); DB_query("UPDATE {$_TABLES['ff_forums']} SET topic_count=" . (int) $topicCount . ", post_count=" . (int) $postCount . " WHERE forum_id=" . (int) $move_to_forum); //oldforum $postCount = DB_Count($_TABLES['ff_topic'], 'forum', (int) $forum_id); $topicsQuery = DB_query("SELECT id FROM {$_TABLES['ff_topic']} WHERE forum=" . (int) $forum_id . " AND pid=0"); $topic_count = DB_numRows($topicsQuery); DB_query("UPDATE {$_TABLES['ff_forums']} SET topic_count=" . (int) $topic_count . ", post_count=" . (int) $postCount . " WHERE forum_id=" . (int) $forum_id); // Update the Forum and topic indexes gf_updateLastPost($forum_id, $curpostpid); gf_updateLastPost($move_to_forum, $topic_id); $sql = "SELECT count(*) AS count FROM {$_TABLES['ff_topic']} topic LEFT JOIN {$_TABLES['ff_attachments']} att ON topic.id=att.topic_id WHERE (topic.id=" . (int) $curpostpid . " OR topic.pid=" . (int) $curpostpid . ") and att.filename <> ''"; $result = DB_query($sql); if (DB_numRows($result) > 0) { list($attCount) = DB_fetchArray($result); DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=" . (int) $attCount . " WHERE id=" . (int) $curpostpid); } $sql = "SELECT count(*) AS count FROM {$_TABLES['ff_topic']} topic LEFT JOIN {$_TABLES['ff_attachments']} att ON topic.id=att.topic_id WHERE (topic.id=" . (int) $topic_id . " OR topic.pid=" . (int) $topic_id . ") and att.filename <> ''"; $result = DB_query($sql); if (DB_numRows($result) > 0) { list($attCount) = DB_fetchArray($result); DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=" . (int) $attCount . " WHERE id=" . (int) $topic_id); } } else { // move all posts from this point forward. $movesql = DB_query("SELECT id,date FROM {$_TABLES['ff_topic']} WHERE pid=" . (int) $curpostpid . " AND id >= " . (int) $topic_id); $numreplies = DB_numRows($movesql); // how many replies are being moved. $topicparent = 0; while ($movetopic = DB_fetchArray($movesql)) { if ($topicparent == 0) { $sql = "UPDATE {$_TABLES['ff_topic']} SET forum=" . (int) $move_to_forum . ", pid=0,lastupdated='" . DB_escapeString($movetopic['date']) . "', "; $sql .= "replies=" . (int) ($numreplies - 1) . ", subject='" . DB_escapeString($movetitle) . "' WHERE id=" . (int) $movetopic['id']; DB_query($sql); $topicparent = $movetopic['id']; } else { $sql = "UPDATE {$_TABLES['ff_topic']} SET forum=" . (int) $move_to_forum . ", pid=" . (int) $topicparent . ", "; $sql .= "subject='" . DB_escapeString($movetitle) . "' WHERE id=" . (int) $movetopic['id']; DB_query($sql); $topicdate = DB_getItem($_TABLES['ff_topic'], "date", "id=" . (int) $movetopic['id']); DB_query("UPDATE {$_TABLES['ff_topic']} SET lastupdated='" . DB_escapeString($topicdate) . "' WHERE id=" . (int) $topicparent); } } // update counters // new forum $postCount = DB_Count($_TABLES['ff_topic'], 'forum', (int) $move_to_forum); $topicsQuery = DB_query("SELECT id FROM {$_TABLES['ff_topic']} WHERE forum=" . (int) $move_to_forum . " AND pid=0"); $topicCount = DB_numRows($topicsQuery); DB_query("UPDATE {$_TABLES['ff_forums']} SET topic_count=" . (int) $topicCount . ", post_count=" . (int) $postCount . " WHERE forum_id=" . (int) $move_to_forum); $sql = "SELECT count(*) AS count FROM {$_TABLES['ff_topic']} topic left join {$_TABLES['ff_attachments']} att ON topic.id=att.topic_id WHERE (topic.id=" . (int) $topicparent . " OR topic.pid=" . (int) $topicparent . ") and att.filename <> ''"; $result = DB_query($sql); if (DB_numRows($result) > 0) { list($attCount) = DB_fetchArray($result); DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=" . (int) $attCount . " WHERE id=" . (int) $topicparent); } //oldforum $postCount = DB_Count($_TABLES['ff_topic'], 'forum', (int) $forum_id); $topicsQuery = DB_query("SELECT id FROM {$_TABLES['ff_topic']} WHERE forum=" . (int) $forum_id . " AND pid=0"); $topic_count = DB_numRows($topicsQuery); DB_query("UPDATE {$_TABLES['ff_forums']} SET topic_count={$topic_count}, post_count={$postCount} WHERE forum_id={$forum_id}"); $sql = "SELECT count(*) AS count FROM {$_TABLES['ff_topic']} topic left join {$_TABLES['ff_attachments']} att ON topic.id=att.topic_id WHERE (topic.id=" . (int) $curpostpid . " OR topic.pid=" . (int) $curpostpid . ") and att.filename <> ''"; $result = DB_query($sql); if (DB_numRows($result) > 0) { list($attCount) = DB_fetchArray($result); DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=" . $attCount . " WHERE id=" . (int) $curpostpid); } // Update the Forum and topic indexes gf_updateLastPost($forum_id, $curpostpid); gf_updateLastPost($move_to_forum, $topicparent); } $link = "{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$topic_id}"; $retval .= FF_statusMessage(sprintf($LANG_GF02['msg183'], $move_to_forum), $link, $LANG_GF02['msg183'], false, '', true); } else { // Move complete topic $moveResult = DB_query("SELECT id FROM {$_TABLES['ff_topic']} WHERE pid=" . (int) $topic_id); $postCount = DB_numRows($moveResult) + 1; // Need to account for the parent post while ($movetopic = DB_fetchArray($moveResult)) { DB_query("UPDATE {$_TABLES['ff_topic']} SET forum={$move_to_forum} WHERE id={$movetopic['id']}"); } // Update any topic subscription records - need to change the forum ID record if (DB_count($_TABLES['subscriptions'], array('type,category,id'), array('forum', $move_to_forum, 0)) == 0) { DB_query("UPDATE {$_TABLES['subscriptions']} SET category={$move_to_forum} WHERE type='forum' AND id=" . (int) $topic_id); } else { DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND id=" . (int) $topic_id); } // this moves the parent record. DB_query("UPDATE {$_TABLES['ff_topic']} SET forum=" . (int) $move_to_forum . ", moved=1 WHERE id=" . (int) $topic_id); // new forum $postCount = DB_Count($_TABLES['ff_topic'], 'forum', (int) $newforumid); $topicsQuery = DB_query("SELECT id FROM {$_TABLES['ff_topic']} WHERE forum=" . (int) $move_to_forum . " AND pid=0"); $topicCount = DB_numRows($topicsQuery); DB_query("UPDATE {$_TABLES['ff_forums']} SET topic_count=" . (int) $topicCount . ", post_count=" . (int) $postCount . " WHERE forum_id=" . (int) $move_to_forum); //oldforum $postCount = DB_Count($_TABLES['ff_topic'], 'forum', (int) $forum_id); $topicsQuery = DB_query("SELECT id FROM {$_TABLES['ff_topic']} WHERE forum=" . (int) $forum_id . " AND pid=0"); $topic_count = DB_numRows($topicsQuery); DB_query("UPDATE {$_TABLES['ff_forums']} SET topic_count=" . (int) $topic_count . ", post_count=" . (int) $postCount . " WHERE forum_id=" . (int) $forum_id); // Update the Last Post Information gf_updateLastPost($move_to_forum, $topic_id); gf_updateLastPost($forum_id); // Remove any lastviewed records in the log so that the new updated topic indicator will appear DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topic_id); $link = $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $topic_id; $retval .= FF_statusMessage($LANG_GF02['msg163'], $link, $LANG_GF02['msg163'], false, '', true); } CACHE_remove_instance('forumcb'); return $retval; }
function FF_saveTopic($forumData, $postData, $action) { global $_CONF, $_TABLES, $_FF_CONF, $_USER, $LANG03, $LANG_GF01, $LANG_GF02; $retval = ''; $uploadErrors = ''; $msg = ''; $errorMessages = ''; $email = ''; $forumfiles = array(); $okToSave = true; $dt = new Date('now', $_USER['tzid']); $date = $dt->toUnix(); $REMOTE_ADDR = $_SERVER['REMOTE_ADDR']; if (COM_isAnonUser()) { $uid = 1; } else { $uid = $_USER['uid']; } // verify postmode is allowed if (strtolower($postData['postmode']) == 'html') { if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) { $postData['postmode'] = 'html'; } else { $postData['postmode'] = 'text'; } } // is forum readonly? if ($forumData['is_readonly'] == 1) { // Check if this user has moderation rights now to allow a post to a locked topic if (!forum_modPermission($forumData['forum'], $uid, 'mod_edit')) { _ff_accessError(); } } if ($action == 'saveedit') { // does the forum match the forum id of the posted data? if ($forumData['forum'] != 0 && $forumData['forum'] != $postData['forum']) { _ff_accessError(); } $editid = COM_applyFilter($postData['editid'], true); $forum = COM_applyFilter($postData['forum'], true); $editAllowed = false; if (forum_modPermission($forumData['forum'], $_USER['uid'], 'mod_edit')) { $editAllowed = true; } else { if ($_FF_CONF['allowed_editwindow'] > 0) { $t1 = DB_getItem($_TABLES['ff_topic'], 'date', "id=" . (int) $postData['id']); $t2 = $_FF_CONF['allowed_editwindow']; $time = time(); if (time() - $t2 < $t1) { $editAllowed = true; } } else { $editAllowed = true; } } if ($postData['editpid'] < 1 && trim($postData['subject']) == '') { $retval .= FF_BlockMessage('', $LANG_GF02['msg18'], false); $okToSave = false; } elseif (!$editAllowed) { $link = $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . (int) $postData['$id']; $retval .= _ff_alertMessage('', $LANG_GF02['msg189'], sprintf($LANG_GF02['msg187'], $link)); $okToSave = false; } } else { if (!COM_isAnonUser() && $_FF_CONF['use_sfs']) { $email = isset($_USER['email']) ? $_USER['email'] : ''; } } if (isset($postData['name']) && $postData['name'] != '') { $name = _ff_preparefordb(@htmlspecialchars(strip_tags(trim(COM_checkWords(USER_sanitizeName($postData['name'])))), ENT_QUOTES, COM_getEncodingt()), 'text'); $name = urldecode($name); } else { $okToSave = false; $errorMessages .= $LANG_GF02['invalid_name'] . '<br />'; } // speed limit check if (!SEC_hasRights('forum.edit')) { COM_clearSpeedlimit($_FF_CONF['post_speedlimit'], 'forum'); $last = COM_checkSpeedlimit('forum'); if ($last > 0) { $errorMessages .= sprintf($LANG_GF01['SPEEDLIMIT'], $last, $_FF_CONF['post_speedlimit']) . '<br/>'; $okToSave = false; } } // standard edit checks if (strlen(trim($postData['name'])) < $_FF_CONF['min_username_length'] || strlen(trim($postData['subject'])) < $_FF_CONF['min_subject_length'] || strlen(trim($postData['comment'])) < $_FF_CONF['min_comment_length']) { $errorMessages .= $LANG_GF02['msg18'] . '<br/>'; $okToSave = false; } // CAPTCHA check if (function_exists('plugin_itemPreSave_captcha') && $okToSave == true) { if (!isset($postData['captcha'])) { $postData['captcha'] = ''; } $msg = plugin_itemPreSave_captcha('forum', $postData['captcha']); if ($msg != '') { $errorMessages .= $msg . '<br/>'; $okToSave = false; } } // spamx check if ($_FF_CONF['use_spamx_filter'] == 1 && $okToSave == true) { // Check for SPAM $spamcheck = '<h1>' . $postData['subject'] . '</h1><p>' . $postData['comment'] . '</p>'; $result = PLG_checkforSpam($spamcheck, $_CONF['spamx']); // Now check the result and redirect to index.php if spam action was taken if ($result > 0) { // then tell them to get lost ... $errorMessages .= $LANG_GF02['spam_detected']; $okToSave = false; } } if ($_FF_CONF['use_sfs'] == 1 && COM_isAnonUser() && function_exists('plugin_itemPreSave_spamx')) { $spamCheckData = array('username' => $postData['name'], 'email' => $email, 'ip' => $REMOTE_ADDR); $msg = plugin_itemPreSave_spamx('forum', $spamCheckData); if ($msg) { $errorMessages .= $msg; $okToSave = false; } } if ($okToSave == false) { $retval .= _ff_alertMessage($errorMessages, $LANG_GF01['ERROR'], ' '); return array(false, $retval); } if ($okToSave == true) { if (!isset($postData['postmode_switch'])) { $postData['postmode_switch'] = 0; } $postmode = _ff_chkpostmode($postData['postmode'], $postData['postmode_switch']); // validate postmode if ($postmode == 'html' || $postmode == 'HTML') { if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) { $postmode = 'html'; } else { $postmode = 'text'; } } $subject = _ff_preparefordb(strip_tags($postData['subject']), 'text'); $comment = _ff_preparefordb($postData['comment'], $postmode); $mood = isset($postData['mood']) ? COM_applyFilter($postData['mood']) : ''; $id = COM_applyFilter($postData['id'], true); $forum = COM_applyFilter($postData['forum'], true); $notify = isset($postData['notify']) ? COM_applyFilter($postData['notify']) : ''; $status = 0; if (isset($postData['disable_bbcode']) && $postData['disable_bbcode'] == 1) { $status += DISABLE_BBCODE; } if (isset($postData['disable_smilies']) && $postData['disable_smilies'] == 1) { $status += DISABLE_SMILIES; } if (isset($postData['disable_urlparse']) && $postData['disable_urlparse'] == 1) { $status += DISABLE_URLPARSE; } // If user has moderator edit rights only $locked = 0; $sticky = 0; if (isset($postData['modedit']) && $postData['modedit'] == 1) { if (isset($postData['locked_switch']) && $postData['locked_switch'] == 1) { $locked = 1; } if (isset($postData['sticky_switch']) && $postData['sticky_switch'] == 1) { $sticky = 1; } } if ($action == 'savetopic') { $fields = "forum,name,email,date,lastupdated,subject,comment,postmode,ip,mood,uid,pid,sticky,locked,status"; $sql = "INSERT INTO {$_TABLES['ff_topic']} ({$fields}) "; $sql .= "VALUES (" . (int) $forum . "," . "'" . DB_escapeString($name) . "'," . "'" . DB_escapeString($email) . "'," . "'" . DB_escapeString($date) . "'," . "'" . DB_escapeString($date) . "'," . "'" . $subject . "'," . "'" . $comment . "'," . "'" . DB_escapeString($postmode) . "'," . "'" . DB_escapeString($REMOTE_ADDR) . "'," . "'" . DB_escapeString($mood) . "'," . (int) $uid . "," . "0," . (int) $sticky . "," . (int) $locked . "," . (int) $status . ")"; DB_query($sql); // Find the id of the last inserted topic list($lastid) = DB_fetchArray(DB_query("SELECT max(id) FROM {$_TABLES['ff_topic']} ")); $savedPostID = $lastid; $topicPID = $lastid; /* Check for any uploaded files - during add of new topic */ $uploadErrors = _ff_check4files($lastid); // Check and see if there are no [file] bbcode tags in content and reset the show_inline value // This is needed in case user had used the file bbcode tag and then removed it $imagerecs = ''; $imagerecs = implode(',', $forumfiles); $sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $lastid . " "; if ($imagerecs != '') { $sql .= "AND id NOT IN ({$imagerecs})"; } DB_query($sql); // Update forums record DB_query("UPDATE {$_TABLES['ff_forums']} SET post_count=post_count+1, topic_count=topic_count+1, last_post_rec=" . (int) $lastid . " WHERE forum_id=" . (int) $forum); if (DB_Count($_TABLES['ff_attachments'], 'topic_id', (int) $lastid)) { DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=1 WHERE id=" . (int) $lastid); } DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topicPID . " and time > 0"); } else { if ($action == 'savereply') { $fields = "name,email,date,subject,comment,postmode,ip,mood,uid,pid,forum,status"; $sql = "INSERT INTO {$_TABLES['ff_topic']} ({$fields}) "; $sql .= "VALUES (" . "'" . DB_escapeString($name) . "'," . "'" . DB_escapeString($email) . "'," . "'" . DB_escapeString($date) . "'," . "'{$subject}'," . "'{$comment}'," . "'" . DB_escapeString($postmode) . "'," . "'" . DB_escapeString($REMOTE_ADDR) . "'," . "'" . DB_escapeString($mood) . "'," . (int) $uid . "," . (int) $id . "," . (int) $forum . "," . (int) $status . ")"; DB_query($sql); // Find the id of the last inserted topic list($lastid) = DB_fetchArray(DB_query("SELECT max(id) FROM {$_TABLES['ff_topic']} ")); $savedPostID = $lastid; $topicPID = $id; /* Check for any uploaded files - during adding reply post */ $uploadErrors = _ff_check4files($lastid); // Check and see if there are no [file] bbcode tags in content and reset the show_inline value // This is needed in case user had used the file bbcode tag and then removed it $imagerecs = ''; $imagerecs = implode(',', $forumfiles); $sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $lastid; if ($imagerecs != '') { $sql .= " AND id NOT IN ({$imagerecs})"; } DB_query($sql); DB_query("UPDATE {$_TABLES['ff_topic']} SET replies=replies+1, lastupdated='" . DB_escapeString($date) . "',last_reply_rec=" . (int) $lastid . " WHERE id=" . (int) $id); DB_query("UPDATE {$_TABLES['ff_forums']} SET post_count=post_count+1, last_post_rec=" . (int) $lastid . " WHERE forum_id=" . (int) $forum); if (DB_Count($_TABLES['ff_attachments'], 'topic_id', (int) $lastid)) { DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=1 WHERE id=" . (int) $id); } DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topicPID . " and time > 0"); } elseif ($action == 'saveedit') { $sql = "UPDATE {$_TABLES['ff_topic']} SET " . "subject='{$subject}'," . "comment='{$comment}'," . "postmode='" . DB_escapeString($postmode) . "'," . "mood='" . DB_escapeString($mood) . "'," . "sticky=" . (int) $sticky . "," . "locked=" . (int) $locked . "," . "status=" . (int) $status . " " . "WHERE (id=" . (int) $editid . ")"; DB_query($sql); /* Check for any uploaded files - during save of edit */ $uploadErrors = _ff_check4files($editid); // Check and see if there are no [file] bbcode tags in content and reset the show_inline value // This is needed in case user had used the file bbcode tag and then removed it $imagerecs = ''; $imagerecs = implode(',', $forumfiles); $sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $editid . " "; if ($imagerecs != '') { $sql .= "AND id NOT IN ({$imagerecs})"; } DB_query($sql); $topicPID = DB_getITEM($_TABLES['ff_topic'], "pid", "id=" . (int) $editid); if ($topicPID == 0) { $topicPID = $editid; } $savedPostID = $editid; if ($postData['silentedit'] != 1) { DB_query("UPDATE {$_TABLES['ff_topic']} SET lastupdated='" . DB_escapeString($date) . "' WHERE id=" . (int) $topicPID); //Remove any lastviewed records in the log so that the new updated topic indicator will appear DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topicPID . " and time > 0"); } if (DB_Count($_TABLES['ff_attachments'], 'topic_id', (int) $editid)) { DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=1 WHERE id=" . (int) $topicPID); } $topicparent = $topicPID; } } COM_updateSpeedLimit('forum'); PLG_itemSaved($savedPostID, 'forum'); CACHE_remove_instance('forumcb'); if (!COM_isAnonUser()) { //NOTIFY - Checkbox variable in form set to "on" when checked and they don't already have subscribed to forum or topic $nid = -$topicPID; $currentForumNotifyRecID = (int) DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category='" . DB_escapeString($forum) . "' AND id=0 AND uid=" . (int) $uid); $currentTopicNotifyRecID = (int) DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category='" . DB_escapeString($forum) . "' AND id='" . DB_escapeString($topicPID) . "' AND uid=" . (int) $uid); $currentTopicUnNotifyRecID = (int) DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category='" . DB_escapeString($forum) . "' AND id='" . DB_escapeString($nid) . "' AND uid=" . (int) $uid); $forum_name = DB_getItem($_TABLES['ff_forums'], 'forum_name', 'forum_id=' . (int) $forum); $topic_name = $subject; if ($notify == 'on' and ($currentForumNotifyRecID < 1 and $currentTopicNotifyRecID < 1)) { $sql = "INSERT INTO {$_TABLES['subscriptions']} (type,category,category_desc,id,id_desc,uid,date_added) "; $sql .= "VALUES ('forum','" . DB_escapeString($forum) . "','" . DB_escapeString($forum_name) . "','" . DB_escapeString($topicPID) . "','" . $subject . "'," . (int) $uid . ",now() )"; DB_query($sql); } elseif ($notify == 'on' and $currentTopicUnNotifyRecID > 1) { // Had un-subcribed to topic and now wants to subscribe DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE sub_id=" . (int) $currentTopicUnNotifyRecID); } elseif ($notify == '' and $currentTopicNotifyRecID > 1) { // Subscribed to topic - but does not want to be notified anymore DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $uid . " AND category='" . DB_escapeString($forum) . "' and id = '" . DB_escapeString($topicPID) . "'"); } elseif ($notify == '' and $currentForumNotifyRecID > 1) { // Subscribed to forum - but does not want to be notified about this topic DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $uid . " AND category='" . DB_escapeString($forum) . "' and id = '" . DB_escapeString($topicPID) . "'"); DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $uid . " AND category='" . DB_escapeString($forum) . "' and id = '" . DB_escapeString($nid) . "'"); DB_query("INSERT INTO {$_TABLES['subscriptions']} (type,category,category_desc,id,id_desc,uid,date_added) VALUES ('forum','" . DB_escapeString($forum) . "','" . DB_escapeString($forum_name) . "','" . DB_escapeString($nid) . "','" . $subject . "'," . (int) $uid . ",now() )"); } } if ($action != 'saveedit') { _ff_chknotifications($forum, $savedPostID, $uid); } $link = $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $topicPID . '&topic=' . $savedPostID . '#' . $savedPostID; if ($uploadErrors != '') { $autorefresh = false; } else { $autorefresh = true; } $retval .= FF_statusMessage($uploadErrors . $LANG_GF02['msg19'], $link, $LANG_GF02['msg19'], false, '', $autorefresh); } else { $retval .= _ff_alertMessage($LANG_GF02['msg18']); } return array(true, $retval); }
function board_edit_forum_save($id) { global $_CONF, $_TABLES, $_USER, $_FF_CONF, $LANG_GF93; $retval = false; $statusText = array(); $numErrors = 0; $category = isset($_POST['category']) ? COM_applyFilter($_POST['category'], true) : 0; $forum_order_id = isset($_POST['order']) ? COM_applyFilter($_POST['order'], true) : 0; $name = isset($_POST['name']) ? $_POST['name'] : ''; $dscp = isset($_POST['dscp']) ? $_POST['dscp'] : ''; $is_readonly = isset($_POST['is_readonly']) ? COM_applyFilter($_POST['is_readonly'], true) : 0; $is_hidden = isset($_POST['is_hidden']) ? COM_applyFilter($_POST['is_hidden'], true) : 0; $no_newposts = isset($_POST['no_newposts']) ? COM_applyFilter($_POST['no_newposts'], true) : 0; $privgroup = isset($_POST['privgroup']) ? COM_applyFilter($_POST['privgroup'], true) : 0; if ($privgroup == 0) { $privgroup = 2; } $attachmentgroup = COM_applyFilter($_POST['attachmentgroup'], true); if ($attachmentgroup == 0) { $privgroup = 1; } // data validation if (empty($name)) { $statusText[] = $LANG_GF93['name_blank']; $numErrors++; } if (MBYTE_strlen($name) > 70) { $name = MBYTE_substr($name, 0, 70); } if (empty($dscp)) { $statusText[] = $LANG_GF93['desc_blank']; $numErrors++; } if ($numErrors == 0) { if ($forum_order_id == 0) { $forum_order = 0; } else { $forum_order = DB_getItem($_TABLES['ff_forums'], 'forum_order', 'forum_id=' . (int) $forum_order_id); } $order = $forum_order++; $name = _ff_preparefordb($name, 'text'); $dscp = _ff_preparefordb($dscp, 'text'); $sql = "UPDATE {$_TABLES['ff_forums']} SET forum_name='" . DB_escapeString($name) . "',forum_order=" . (int) $order . ",forum_dscp='" . DB_escapeString($dscp) . "', grp_id=" . (int) $privgroup . ", "; $sql .= "is_hidden='" . DB_escapeString($is_hidden) . "', is_readonly='" . DB_escapeString($is_readonly) . "', no_newposts='" . DB_escapeString($no_newposts) . "',use_attachment_grpid=" . (int) $attachmentgroup . ",forum_cat=" . (int) $category . " "; $sql .= "WHERE forum_id=" . (int) $id; DB_query($sql); reorderForums($category); $retval = true; $statusText[] = $LANG_GF93['forumedited']; } return array($retval, $statusText); }