if (!isset($_GET["t"])) {
$_GET["t"] = time();
}
if (!is_numeric($_GET["t"])) {
$_GET["t"] = time();
}
$user = new usersMenus();
if ($user->AsSystemAdministrator == false or $user->AsSambaAdministrator == false) {
$tpl = new templates();
$text = $tpl->_ENGINE_parse_body('{ERROR_NO_PRIVS}');
$text = replace_accents(html_entity_decode($text));
echo "alert('{$text}');";
exit;
}
if (isset($_GET["upload-popup"])) {
upload_popup();
exit;
}
if (isset($_GET['TargetArticaUploaded'])) {
upload_perform();
exit;
}
upload_js();
function upload_js()
{
header("content-type: application/x-javascript");
$page = CurrentPageName();
$tpl = new templates();
$title = $tpl->_ENGINE_parse_body("{restore}");
echo "YahooWinBrowse(550,'{$page}?upload-popup=yes','{$title}')";
}
$result = $db->sql_query($sql);
$post_data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$post_data) {
if (!($mode == 'post' || $mode == 'bump' || $mode == 'reply')) {
$user->setup('posting');
}
trigger_error($mode == 'post' || $mode == 'bump' || $mode == 'reply' ? 'NO_TOPIC' : 'NO_POST');
}
// Not able to reply to unapproved posts/topics
// TODO: add more descriptive language key
if ($auth->acl_get('m_approve', $forum_id) && (($mode == 'reply' || $mode == 'bump') && !$post_data['topic_approved'] || $mode == 'quote' && !$post_data['post_approved'])) {
trigger_error($mode == 'reply' || $mode == 'bump' ? 'TOPIC_UNAPPROVED' : 'POST_UNAPPROVED');
}
if ($mode == 'popup') {
upload_popup($post_data['forum_style']);
return;
}
$user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
if ($config['enable_post_confirm'] && !$user->data['is_registered']) {
include $phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx;
$captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']);
$captcha->init(CONFIRM_POST);
}
// Use post_row values in favor of submitted ones...
$forum_id = !empty($post_data['forum_id']) ? (int) $post_data['forum_id'] : (int) $forum_id;
$topic_id = !empty($post_data['topic_id']) ? (int) $post_data['topic_id'] : (int) $topic_id;
$post_id = !empty($post_data['post_id']) ? (int) $post_data['post_id'] : (int) $post_id;
// Need to login to passworded forum first?
if ($post_data['forum_password']) {
login_forum_box(array('forum_id' => $forum_id, 'forum_name' => $post_data['forum_name'], 'forum_password' => $post_data['forum_password']));
private function post()
{
global $phpbb_root_path, $phpEx, $template, $db, $auth;
global $config, $user;
if (!function_exists('generate_smilies')) {
include $phpbb_root_path . 'includes/functions_posting.' . $phpEx;
}
if (!function_exists('submit_gb_post')) {
include $phpbb_root_path . 'includes/functions_guestbook.' . $phpEx;
}
if (!class_exists('parse_message')) {
include $phpbb_root_path . 'includes/message_parser.' . $phpEx;
}
$user->add_lang('posting');
// Grab only parameters needed here
$post_id = request_var('p', 0);
$lastclick = request_var('lastclick', 0);
$submit = isset($_POST['post']) ? true : false;
$preview = isset($_POST['preview']) ? true : false;
$delete = isset($_POST['delete']) ? true : false;
$refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['full_editor']) ? true : false;
$mode = $delete && !$preview && !$refresh && $submit ? 'delete' : request_var('gbmode', '');
$error = $post_data = array();
$current_time = time();
// Was cancel pressed? If so then redirect to the appropriate page
if ($current_time - $lastclick < 2 && $submit) {
$redirect = append_sid("{$phpbb_root_path}memberlist.{$phpEx}", "mode=viewprofile&u={$this->user_id}&gbmode=display&{$post_id}#p{$post_id}");
redirect($redirect);
}
// We need to know some basic information in all cases before we do anything.
switch ($mode) {
case 'quote':
case 'edit':
case 'delete':
if (!$post_id) {
$user->setup('posting');
trigger_error('NO_POST');
}
$sql = 'SELECT g.*, u.*
FROM ' . GUESTBOOK_TABLE . ' g, ' . USERS_TABLE . ' u
WHERE u.user_id = g.poster_id
AND post_id = ' . (int) $post_id;
break;
case 'smilies':
$sql = '';
generate_smilies('window');
break;
case 'popup':
upload_popup();
break;
default:
$sql = '';
break;
}
if ($sql) {
$result = $db->sql_query($sql);
$post_data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$post_data) {
$user->setup('posting');
trigger_error('NO_POST');
}
}
if ($mode == 'popup') {
upload_popup($post_data['forum_style']);
return;
}
if ($config['enable_post_confirm'] && !$user->data['is_registered']) {
include $phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx;
$captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']);
$captcha->init(CONFIRM_POST);
}
// Use post_row values in favor of submitted ones...
$post_id = !empty($post_data['post_id']) ? (int) $post_data['post_id'] : (int) $post_id;
// Check permissions
if ($user->data['is_bot']) {
redirect(append_sid("{$phpbb_root_path}index.{$phpEx}"));
}
// Is the user able to read within this forum?
if (!$auth->acl_get('u_gb_view')) {
if ($user->data['user_id'] != ANONYMOUS) {
trigger_error('USER_CANNOT_READ');
}
login_box('', $user->lang['LOGIN_EXPLAIN_POST']);
}
// Permission to do the action asked?
$is_authed = false;
switch ($mode) {
case 'post':
if ($auth->acl_get('u_gb_post')) {
$is_authed = true;
}
break;
case 'quote':
$post_data['post_edit_locked'] = 0;
// @TODO: Decide if we want to add a config option/ucp option/checkbox for this feature.
if ($post_data['poster_id'] != ANONYMOUS) {
$post_data['orginal_author'] = $post_data['poster_id'];
}
// no break;
// no break;
case 'reply':
if ($auth->acl_get('u_gb_post')) {
$is_authed = true;
}
break;
case 'edit':
if ($user->data['is_registered'] && $auth->acl_gets('u_gb_edit', 'm_gb_edit')) {
$is_authed = true;
}
break;
case 'delete':
if ($user->data['is_registered'] && $auth->acl_gets('u_gb_delete', 'm_gb_delete')) {
$is_authed = true;
}
break;
}
if (!$is_authed) {
$check_auth = $mode == 'quote' ? 'reply' : $mode;
if ($user->data['is_registered']) {
trigger_error('USER_CANNOT_' . strtoupper($check_auth));
}
login_box('', $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]);
}
// Can we edit this post ... if we're a moderator with rights then always yes
// else it depends on editing times, lock status and if we're the correct user
if ($mode == 'edit' && !$auth->acl_get('m_gb_edit')) {
if ($user->data['user_id'] != $post_data['poster_id']) {
trigger_error('USER_CANNOT_EDIT');
}
if (!($post_data['post_time'] > time() - $config['edit_time'] * 60 || !$config['edit_time'])) {
trigger_error('CANNOT_EDIT_TIME');
}
if ($post_data['post_edit_locked']) {
trigger_error('CANNOT_EDIT_POST_LOCKED');
}
}
// Handle delete mode...
if ($mode == 'delete') {
handle_gb_post_delete($post_id, $post_data, $this);
return;
}
// Determine some vars
if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS) {
$post_data['quote_username'] = !empty($post_data['post_username']) ? $post_data['post_username'] : $user->lang['GUEST'];
} else {
$post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : '';
}
$post_data['post_edit_locked'] = isset($post_data['post_edit_locked']) ? (int) $post_data['post_edit_locked'] : 0;
$post_data['post_subject_md5'] = isset($post_data['post_subject']) && $mode == 'edit' ? md5($post_data['post_subject']) : '';
$post_data['post_subject'] = in_array($mode, array('quote', 'edit')) ? $post_data['post_subject'] : (isset($post_data['topic_title']) ? $post_data['topic_title'] : '');
$post_data['topic_time_limit'] = isset($post_data['topic_time_limit']) ? $post_data['topic_time_limit'] ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit'] : 0;
$post_data['icon_id'] = !isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply')) ? 0 : (int) $post_data['icon_id'];
$message_parser = new parse_message();
if (isset($post_data['post_text'])) {
$message_parser->message =& $post_data['post_text'];
unset($post_data['post_text']);
}
// Set some default variables
$uninit = array('poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0);
foreach ($uninit as $var_name => $default_value) {
if (!isset($post_data[$var_name])) {
$post_data[$var_name] = $default_value;
}
}
unset($uninit);
if ($post_data['poster_id'] == ANONYMOUS) {
$post_data['username'] = $mode == 'quote' || $mode == 'edit' ? trim($post_data['post_username']) : '';
} else {
$post_data['username'] = $mode == 'quote' || $mode == 'edit' ? trim($post_data['username']) : '';
}
$post_data['enable_urls'] = $post_data['enable_magic_url'];
if ($mode != 'edit') {
$post_data['enable_sig'] = $config['allow_sig'] && $user->optionget('attachsig') ? true : false;
$post_data['enable_smilies'] = $config['allow_smilies'] && $user->optionget('smilies') ? true : false;
$post_data['enable_bbcode'] = $config['allow_bbcode'] && $user->optionget('bbcode') ? true : false;
$post_data['enable_urls'] = true;
}
$post_data['enable_icons'] = true;
$post_data['enable_magic_url'] = $post_data['drafts'] = false;
$check_value = ($post_data['enable_bbcode'] + 1 << 8) + ($post_data['enable_smilies'] + 1 << 4) + ($post_data['enable_urls'] + 1 << 2) + ($post_data['enable_sig'] + 1 << 1);
// Do we want to edit our post ?
if ($mode == 'edit' && $post_data['bbcode_uid']) {
$message_parser->bbcode_uid = $post_data['bbcode_uid'];
}
// HTML, BBCode, Smilies, Images and Flash status
$bbcode_status = $config['allow_bbcode'] && $auth->acl_get('u_gb_bbcode') ? true : false;
$smilies_status = $config['allow_smilies'] && $auth->acl_get('u_gb_smilies') ? true : false;
$img_status = $bbcode_status && $auth->acl_get('u_gb_img') ? true : false;
$url_status = $config['allow_post_links'] ? true : false;
$flash_status = $bbcode_status && $auth->acl_get('u_gb_flash') && $config['allow_post_flash'] ? true : false;
$quote_status = true;
if ($submit || $preview || $refresh) {
$post_data['post_subject'] = utf8_normalize_nfc(request_var('subject', '', true));
$message_parser->message = utf8_normalize_nfc(request_var('message', '', true));
$post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true));
$post_data['topic_time_limit'] = request_var('topic_time_limit', $mode != 'post' ? (int) $post_data['topic_time_limit'] : 0);
if ($post_data['enable_icons'] && $auth->acl_get('u_gb_icons')) {
$post_data['icon_id'] = request_var('icon', (int) $post_data['icon_id']);
}
$post_data['enable_bbcode'] = !$bbcode_status || isset($_POST['disable_bbcode']) ? false : true;
$post_data['enable_smilies'] = !$smilies_status || isset($_POST['disable_smilies']) ? false : true;
$post_data['enable_urls'] = isset($_POST['disable_magic_url']) ? 0 : 1;
$post_data['enable_sig'] = !$config['allow_sig'] || !$auth->acl_get('u_gb_sig') ? false : (isset($_POST['attach_sig']) && $user->data['is_registered'] ? true : false);
if ($config['allow_topic_notify'] && $user->data['is_registered']) {
$notify = isset($_POST['notify']) ? true : false;
} else {
$notify = false;
}
if ($submit) {
$status_switch = ($post_data['enable_bbcode'] + 1 << 8) + ($post_data['enable_smilies'] + 1 << 4) + ($post_data['enable_urls'] + 1 << 2) + ($post_data['enable_sig'] + 1 << 1);
$status_switch = $status_switch != $check_value;
} else {
$status_switch = 1;
}
// Grab md5 'checksum' of new message
$message_md5 = md5($message_parser->message);
// Check checksum ... don't re-parse message if the same
$update_message = $mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN ? true : false;
// Also check if subject got updated...
$update_subject = $mode != 'edit' || $post_data['post_subject_md5'] && $post_data['post_subject_md5'] != md5($post_data['post_subject']);
// Parse message
if ($update_message) {
if (sizeof($message_parser->warn_msg)) {
$error[] = implode('<br />', $message_parser->warn_msg);
$message_parser->warn_msg = array();
}
$message_parser->parse($post_data['enable_bbcode'], $config['allow_post_links'] ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
// On a refresh we do not care about message parsing errors
if (sizeof($message_parser->warn_msg) && $refresh) {
$message_parser->warn_msg = array();
}
} else {
$message_parser->bbcode_bitfield = $post_data['bbcode_bitfield'];
}
if ($mode != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$auth->acl_get('u_gb_ignoreflood')) {
// Flood check
$last_post_time = 0;
if ($user->data['is_registered']) {
$last_post_time = $user->data['user_lastpost_time'];
} else {
$sql = 'SELECT post_time AS last_post_time
FROM ' . POSTS_TABLE . "\n\t\t\t\t\t\tWHERE poster_ip = '" . $user->ip . "'\n\t\t\t\t\t\t\tAND post_time > " . ($current_time - $config['flood_interval']);
$result = $db->sql_query_limit($sql, 1);
if ($row = $db->sql_fetchrow($result)) {
$last_post_time = $row['last_post_time'];
}
$db->sql_freeresult($result);
}
if ($last_post_time && $current_time - $last_post_time < intval($config['flood_interval'])) {
$error[] = $user->lang['FLOOD_ERROR'];
}
}
// Validate username
if ($post_data['username'] && !$user->data['is_registered'] || $mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username']) {
if (!function_exists('validate_user')) {
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
}
if (($result = validate_username($post_data['username'], !empty($post_data['post_username']) ? $post_data['post_username'] : '')) !== false) {
$user->add_lang('ucp');
$error[] = $user->lang[$result . '_USERNAME'];
}
}
if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply'))) {
$captcha_data = array('message' => utf8_normalize_nfc(request_var('message', '', true)), 'subject' => utf8_normalize_nfc(request_var('subject', '', true)), 'username' => utf8_normalize_nfc(request_var('username', '', true)));
$vc_response = $captcha->validate($captcha_data);
if ($vc_response) {
$error[] = $vc_response;
}
}
// check form
if (($submit || $preview) && !check_form_key('posting')) {
$error[] = $user->lang['FORM_INVALID'];
}
// Parse subject
if (sizeof($message_parser->warn_msg)) {
$error[] = implode('<br />', $message_parser->warn_msg);
}
// DNSBL check
if ($config['check_dnsbl'] && !$refresh) {
if (($dnsbl = $user->check_dnsbl('post')) !== false) {
$error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
}
}
// Store message, sync counters
if (!sizeof($error) && $submit) {
if ($submit) {
$data = array('user_id' => (int) ($mode == 'quote' && isset($post_data['orginal_author']) ? $post_data['orginal_author'] : $this->user_id), 'topic_title' => empty($post_data['topic_title']) ? $post_data['post_subject'] : $post_data['topic_title'], 'post_id' => (int) $post_id, 'icon_id' => (int) $post_data['icon_id'], 'poster_id' => (int) $user->data['user_id'], 'enable_sig' => (bool) $post_data['enable_sig'], 'enable_bbcode' => (bool) $post_data['enable_bbcode'], 'enable_smilies' => (bool) $post_data['enable_smilies'], 'enable_urls' => (bool) $post_data['enable_urls'], 'message_md5' => (string) $message_md5, 'post_time' => isset($post_data['post_time']) ? (int) $post_data['post_time'] : $current_time, 'post_checksum' => isset($post_data['post_checksum']) ? (string) $post_data['post_checksum'] : '', 'post_edit_reason' => $post_data['post_edit_reason'], 'post_edit_user' => $mode == 'edit' ? $user->data['user_id'] : (isset($post_data['post_edit_user']) ? (int) $post_data['post_edit_user'] : 0), 'poster_ip' => isset($post_data['poster_ip']) ? $post_data['poster_ip'] : $user->ip, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'guestbook' => $this);
// The last parameter tells submit_post if search indexer has to be run
submit_gb_post($mode, $post_data['post_subject'], $post_data['username'], $data, $update_message, $update_message || $update_subject ? true : false);
$post_id = $data['post_id'];
$uid = $mode == 'quote' && isset($post_data['orginal_author']) ? $post_data['orginal_author'] : $this->user_id;
$redirect_url = append_sid("{$phpbb_root_path}memberlist.{$phpEx}", "mode=viewprofile&gbmode=display&u={$uid}&p={$post_id}#p{$post_id}");
if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === true) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote')) {
$captcha->reset();
}
meta_refresh(3, $redirect_url);
$message = $mode == 'edit' ? 'POST_EDITED' : 'POST_STORED';
$message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $redirect_url . '">', '</a>');
trigger_error($message);
}
}
}
// Preview
if (!sizeof($error) && $preview) {
$post_data['post_time'] = $mode == 'edit' ? $post_data['post_time'] : $current_time;
$preview_message = $message_parser->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies'], false);
$preview_signature = $mode == 'edit' ? $post_data['user_sig'] : $user->data['user_sig'];
$preview_signature_uid = $mode == 'edit' ? $post_data['user_sig_bbcode_uid'] : $user->data['user_sig_bbcode_uid'];
$preview_signature_bitfield = $mode == 'edit' ? $post_data['user_sig_bbcode_bitfield'] : $user->data['user_sig_bbcode_bitfield'];
// Signature
if ($post_data['enable_sig'] && $config['allow_sig'] && $preview_signature && $auth->acl_get('u_gb_sig')) {
$parse_sig = new parse_message($preview_signature);
$parse_sig->bbcode_uid = $preview_signature_uid;
$parse_sig->bbcode_bitfield = $preview_signature_bitfield;
// Not sure about parameters for bbcode/smilies/urls... in signatures
$parse_sig->format_display($config['allow_sig_bbcode'], true, $config['allow_sig_smilies']);
$preview_signature = $parse_sig->message;
unset($parse_sig);
} else {
$preview_signature = '';
}
$preview_subject = censor_text($post_data['post_subject']);
if (!sizeof($error)) {
$template->assign_vars(array('PREVIEW_SUBJECT' => $preview_subject, 'PREVIEW_MESSAGE' => $preview_message, 'PREVIEW_SIGNATURE' => $preview_signature, 'S_DISPLAY_PREVIEW' => true));
}
}
// Decode text for message display
$post_data['bbcode_uid'] = $mode == 'quote' && !$preview && !$refresh && !sizeof($error) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid;
$message_parser->decode_message($post_data['bbcode_uid']);
if ($mode == 'quote' && !$submit && !$preview && !$refresh) {
if ($config['allow_bbcode']) {
$message_parser->message = '[quote="' . $post_data['quote_username'] . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n";
} else {
$offset = 0;
$quote_string = "> ";
$message = censor_text(trim($message_parser->message));
// see if we are nesting. It's easily tricked but should work for one level of nesting
if (strpos($message, ">") !== false) {
$offset = 10;
}
$message = utf8_wordwrap($message, 75 + $offset, "\n");
$message = $quote_string . $message;
$message = str_replace("\n", "\n" . $quote_string, $message);
$message_parser->message = $post_data['quote_username'] . " " . $user->lang['WROTE'] . " :\n" . $message . "\n";
}
}
if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh) {
$post_data['post_subject'] = (strpos($post_data['post_subject'], 'Re: ') !== 0 ? 'Re: ' : '') . censor_text($post_data['post_subject']);
}
$post_data['post_text'] = $message_parser->message;
// MAIN POSTING PAGE BEGINS HERE
// Generate smiley listing
generate_smilies('inline', 0);
// Do show topic type selection only in first post.
$topic_type_toggle = false;
$s_topic_icons = false;
if ($post_data['enable_icons'] && $auth->acl_get('u_gb_icons')) {
$s_topic_icons = posting_gen_topic_icons($mode, $post_data['icon_id']);
}
$bbcode_checked = isset($post_data['enable_bbcode']) ? !$post_data['enable_bbcode'] : ($config['allow_bbcode'] ? !$user->optionget('bbcode') : 1);
$smilies_checked = isset($post_data['enable_smilies']) ? !$post_data['enable_smilies'] : ($config['allow_smilies'] ? !$user->optionget('smilies') : 1);
$urls_checked = isset($post_data['enable_urls']) ? !$post_data['enable_urls'] : 0;
$sig_checked = $post_data['enable_sig'];
// If the user is replying or posting and not already watching this topic but set to always being notified we need to overwrite this setting
$notify_set = $mode != 'edit' && $config['allow_topic_notify'] && $user->data['is_registered'] && !$post_data['notify_set'] ? $user->data['user_notify'] : $post_data['notify_set'];
$notify_checked = isset($notify) ? $notify : ($mode == 'post' ? $user->data['user_notify'] : $notify_set);
// Page title & action URL, include session_id for security purpose
$s_action = append_sid("{$phpbb_root_path}memberlist.{$phpEx}", "mode=viewprofile&u={$this->user_id}&gbmode={$mode}", true, $user->session_id);
$s_action .= $post_id ? "&p={$post_id}" : '';
switch ($mode) {
case 'post':
$page_title = $user->lang['POST_GUESTBOOK'];
break;
case 'quote':
case 'reply':
$page_title = $user->lang['POST_GUESTBOOK'];
break;
case 'delete':
case 'edit':
$page_title = $user->lang['EDIT_POST'];
break;
}
// Posting uses is_solved for legacy reasons. Plugins have to use is_solved to force themselves to be displayed.
if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === false) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote')) {
$template->assign_vars(array('S_CONFIRM_CODE' => true, 'CAPTCHA_TEMPLATE' => $captcha->get_template()));
}
$s_hidden_fields = '<input type="hidden" name="lastclick" value="' . $current_time . '" />';
if ($mode == 'edit') {
$s_hidden_fields .= build_hidden_fields(array('edit_post_message_checksum' => $post_data['post_checksum'], 'edit_post_subject_checksum' => $post_data['post_subject_md5']));
}
// Add the confirm id/code pair to the hidden fields, else an error is displayed on next submit/preview
if (isset($captcha) && $captcha->is_solved() !== false) {
$s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields());
}
add_form_key('posting');
// Start assigning vars for main posting page ...
$template->assign_vars(array('L_POST_A' => $page_title, 'L_ICON' => $user->lang['POST_ICON'], 'L_MESSAGE_BODY_EXPLAIN' => intval($config['max_post_chars']) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '', 'TOPIC_TITLE' => censor_text($post_data['topic_title']), 'USERNAME' => !$preview && $mode != 'quote' || $preview ? $post_data['username'] : '', 'SUBJECT' => $post_data['post_subject'], 'MESSAGE' => $post_data['post_text'], 'BBCODE_STATUS' => $bbcode_status ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.{$phpEx}", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.{$phpEx}", 'mode=bbcode') . '">', '</a>'), 'IMG_STATUS' => $img_status ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => $flash_status ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], 'SMILIES_STATUS' => $smilies_status ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], 'URL_STATUS' => $bbcode_status && $url_status ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'], 'MAX_FONT_SIZE' => (int) $config['max_post_font_size'], 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['POST']), 'POST_DATE' => $post_data['post_time'] ? $user->format_date($post_data['post_time']) : '', 'ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'TOPIC_TIME_LIMIT' => (int) $post_data['topic_time_limit'], 'EDIT_REASON' => $post_data['post_edit_reason'], 'S_PRIVMSGS' => false, 'S_CLOSE_PROGRESS_WINDOW' => isset($_POST['add_file']) ? true : false, 'S_EDIT_POST' => $mode == 'edit' ? true : false, 'S_EDIT_REASON' => false, 'S_DISPLAY_USERNAME' => !$user->data['is_registered'] || $mode == 'edit' && $post_data['poster_id'] == ANONYMOUS ? true : false, 'S_SHOW_TOPIC_ICONS' => $s_topic_icons, 'S_BBCODE_ALLOWED' => $bbcode_status, 'S_BBCODE_CHECKED' => $bbcode_checked ? ' checked="checked"' : '', 'S_SMILIES_ALLOWED' => $smilies_status, 'S_SMILIES_CHECKED' => $smilies_checked ? ' checked="checked"' : '', 'S_SIG_ALLOWED' => $auth->acl_get('u_gb_sig') && $config['allow_sig'] && $user->data['is_registered'] ? true : false, 'S_SIGNATURE_CHECKED' => $sig_checked ? ' checked="checked"' : '', 'S_NOTIFY_ALLOWED' => !$user->data['is_registered'] || $mode == 'edit' && $user->data['user_id'] != $post_data['poster_id'] || !$config['allow_topic_notify'] || !$config['email_enable'] ? false : true, 'S_NOTIFY_CHECKED' => $notify_checked ? ' checked="checked"' : '', 'S_LINKS_ALLOWED' => $url_status, 'S_MAGIC_URL_CHECKED' => $urls_checked ? ' checked="checked"' : '', 'S_TYPE_TOGGLE' => '', 'S_SAVE_ALLOWED' => false, 'S_HAS_DRAFTS' => false, 'S_BBCODE_IMG' => $img_status, 'S_BBCODE_URL' => $url_status, 'S_BBCODE_FLASH' => $flash_status, 'S_BBCODE_QUOTE' => $quote_status, 'SIGNATURE' => '', 'S_POST_ACTION' => $s_action, 'S_HIDDEN_FIELDS' => $s_hidden_fields));
// Build custom bbcodes array
display_custom_bbcodes();
$template->set_filenames(array('body' => 'posting_body.html'));
make_jumpbox(append_sid("{$phpbb_root_path}viewforum.{$phpEx}"));
}