}
$sql = "SELECT forum_type, forum_name, forum_access, allow_html, allow_sig, posts_per_page, hot_threshold, topics_per_page FROM " . $xoopsDB->prefix("bb_forums") . " WHERE forum_id = {$forum}";
if (!($result = $xoopsDB->query($sql))) {
redirect_header('index.php', 1, _MD_ERROROCCURED);
exit;
}
$forumdata = $xoopsDB->fetchArray($result);
$myts =& MyTextSanitizer::getInstance();
if ($forumdata['forum_type'] == 1) {
// To get here, we have a logged-in user. So, check whether that user is allowed to post in
// this private forum.
$accesserror = 0;
//initialize
if ($xoopsUser) {
if (!$xoopsUser->isAdmin($xoopsModule->mid())) {
if (!check_priv_forum_auth($xoopsUser->uid(), $forum, true)) {
$accesserror = 1;
}
}
} else {
$accesserror = 1;
}
if ($accesserror == 1) {
redirect_header("viewtopic.php?topic_id={$topic_id}&post_id={$post_id}&order={$order}&viewmode={$viewmode}&pid={$pid}&forum={$forum}", 2, _MD_NORIGHTTOPOST);
exit;
}
// Ok, looks like we're good.
} else {
$accesserror = 0;
if ($forumdata['forum_access'] == 3) {
if ($xoopsUser) {
if (!($forumdata = $xoopsDB->fetchArray($result))) {
redirect_header('viewforum.php?forum=' . $forum, 2, _MD_FORUMNOEXIST);
exit;
}
$xoopsTpl->assign('topic_id', $forumdata['topic_id']);
$topic_id = $forumdata['topic_id'];
$xoopsTpl->assign('forum_id', $forumdata['forum_id']);
$forum = $forumdata['forum_id'];
$can_post = 0;
$show_reg = 0;
if ($forumdata['forum_type'] == 1) {
// this is a private forum.
$accesserror = 0;
if ($xoopsUser) {
if (!$xoopsUser->isAdmin($xoopsModule->mid())) {
if (!check_priv_forum_auth($xoopsUser->getVar('uid'), $forum, false)) {
$accesserror = 1;
}
} else {
$isadminormod = 1;
}
} else {
$accesserror = 1;
}
if ($accesserror == 1) {
redirect_header(XOOPS_URL . "/modules/" . $xoopsModule->getVar('dirname') . "/index.php", 2, _MD_NORIGHTTOACCESS);
exit;
}
$can_post = 1;
$show_reg = 1;
} else {
redirect_header("index.php", 2, _MD_ERRORFORUM);
exit;
} else {
$sql = "SELECT forum_type, forum_name, forum_access, allow_html, allow_sig, posts_per_page, hot_threshold, topics_per_page FROM " . $xoopsDB->prefix("bb_forums") . " WHERE forum_id = " . $forum;
if (!($result = $xoopsDB->query($sql))) {
redirect_header('index.php', 2, _MD_ERROROCCURED);
exit;
}
$forumdata = $xoopsDB->fetchArray($result);
if ($forumdata['forum_type'] == 1) {
// To get here, we have a logged-in user. So, check whether that user is allowed to view
// this private forum.
$accesserror = 0;
if ($xoopsUser) {
if (!$xoopsUser->isAdmin($xoopsModule->mid())) {
if (!check_priv_forum_auth($xoopsUser->uid(), $HTTP_POST_VARS['forum'], true)) {
$accesserror = 1;
}
}
} else {
$accesserror = 1;
}
if ($accesserror == 1) {
redirect_header("viewforum.php?order=" . $order . "&viewmode=" . $viewmode . "&forum=" . $forum, 2, _MD_NORIGHTTOPOST);
exit;
}
} else {
$accesserror = 0;
if ($forumdata['forum_access'] == 3) {
if ($xoopsUser) {
if (!$xoopsUser->isAdmin($xoopsModule->mid())) {
$sql = "SELECT forum_type, forum_name, forum_access, allow_html, allow_sig, posts_per_page, hot_threshold, topics_per_page FROM " . $xoopsDB->prefix("bb_forums") . " WHERE forum_id = " . $forum;
if (!($result = $xoopsDB->query($sql))) {
redirect_header('index.php', 2, _MD_ERROROCCURED);
exit;
}
$forumdata = $xoopsDB->fetchArray($result);
if (empty($forumdata['allow_html'])) {
$_POST['nohtml'] = 1;
}
if ($forumdata['forum_type'] == 1) {
// To get here, we have a logged-in user. So, check whether that user is allowed to view
// this private forum.
$accesserror = 0;
if ($xoopsUser) {
if (!$xoopsUser->isAdmin($xoopsModule->mid())) {
if (!check_priv_forum_auth($xoopsUser->uid(), $_POST['forum'], true)) {
$accesserror = 1;
}
}
} else {
$accesserror = 1;
}
if ($accesserror == 1) {
redirect_header("viewforum.php?order=" . $order . "&viewmode=" . $viewmode . "&forum=" . $forum, 2, _MD_NORIGHTTOPOST);
exit;
}
} else {
$accesserror = 0;
if ($forumdata['forum_access'] == 3) {
if ($xoopsUser) {
if (!$xoopsUser->isAdmin($xoopsModule->mid())) {
