// session id check if ($sid == '' || $sid != $userdata['session_id']) { $error_msg .= !empty($error_msg) ? '<br />' . $lang['Session_invalid'] : $lang['Session_invalid']; } switch ($mode) { case 'editpost': case 'newtopic': case 'reply': $username = !empty($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : ''; $subject = !empty($HTTP_POST_VARS['subject']) ? trim($HTTP_POST_VARS['subject']) : ''; $message = !empty($HTTP_POST_VARS['message']) ? $HTTP_POST_VARS['message'] : ''; $poll_title = isset($HTTP_POST_VARS['poll_title']) && $is_auth['auth_pollcreate'] ? $HTTP_POST_VARS['poll_title'] : ''; $poll_options = isset($HTTP_POST_VARS['poll_option_text']) && $is_auth['auth_pollcreate'] ? $HTTP_POST_VARS['poll_option_text'] : ''; $poll_length = isset($HTTP_POST_VARS['poll_length']) && $is_auth['auth_pollcreate'] ? $HTTP_POST_VARS['poll_length'] : ''; $bbcode_uid = ''; prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $message, $poll_title, $poll_options, $poll_length); if ($error_msg == '') { $topic_type = $topic_type != $post_data['topic_type'] && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] ? $post_data['topic_type'] : $topic_type; submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, str_replace("\\'", "''", $username), str_replace("\\'", "''", $subject), str_replace("\\'", "''", $message), str_replace("\\'", "''", $poll_title), $poll_options, $poll_length); } break; case 'delete': case 'poll_delete': if ($error_msg != '') { message_die(GENERAL_MESSAGE, $error_msg); } delete_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id); break; } if ($error_msg == '') { if ($mode != 'editpost') {
} if (empty($topic_calendar_time) || empty($topic_calendar_duration)) { $topic_calendar_duration = 0; } // Event Registration - BEGIN $reg_active = (isset($_POST['start_registration']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['start_registration'] : ''; $reg_reset = (isset($_POST['reset_registration']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['reset_registration'] : ''; $reg_max_option1 = (!empty($_POST['reg_max_option1']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['reg_max_option1'] : ''; $reg_max_option2 = (!empty($_POST['reg_max_option2']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['reg_max_option2'] : ''; $reg_max_option3 = (!empty($_POST['reg_max_option3']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['reg_max_option3'] : ''; $reg_length = (isset($_POST['reg_length']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? $_POST['reg_length'] : ''; // Event Registration - END prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $subject, $message, $poll_title, $poll_options, $poll_data, $reg_active, $reg_reset, $reg_max_option1, $reg_max_option2, $reg_max_option3, $reg_length, $topic_desc, $topic_calendar_time, $topic_calendar_duration); // MG Drafts - BEGIN if (($config['allow_drafts'] == true) && $draft && $draft_confirm && $user->data['session_logged_in'] && (($mode == 'reply') || ($mode == 'newtopic'))) { save_draft($draft_id, $user->data['user_id'], $forum_id, $topic_id, strip_tags($subject), $message); //save_draft($draft_id, $user->data['user_id'], $forum_id, $topic_id, $db->sql_escape(strip_tags($subject)), $db->sql_escape($message)); $output_message = $lang['Drafts_Saved']; $output_message .= '<br /><br />' . sprintf($lang['Click_return_drafts'], '<a href="' . append_sid(CMS_PAGE_DRAFTS) . '">', '</a>'); $output_message .= '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid(CMS_PAGE_VIEWFORUM . '?' . POST_FORUM_URL . '=' . $forum_id) . '">', '</a>'); $redirect_url = append_sid(CMS_PAGE_VIEWFORUM . '?' . POST_FORUM_URL . '=' . $forum_id); meta_refresh(3, $redirect_url); message_die(GENERAL_MESSAGE, $output_message); }
function phpbb_insert_reply($topic_id = null, $username = null, $subject = null, $message = null) { global $CFG, $userdata, $phpbb_root_path, $phpEx; include_once $phpbb_root_path . 'includes/functions_post.' . $phpEx; if (empty($username)) { phpbb_raise_error('Username must not be empty.'); } if (empty($subject)) { phpbb_raise_error('Subject must not be empty.'); } if (empty($message)) { phpbb_raise_error('Message must not be empty.'); } if (empty($topic_id)) { phpbb_raise_error('Topic does not exists.'); } $sql = 'SELECT f.*, t.topic_status, t.topic_title FROM ' . FORUMS_TABLE . ' f, ' . TOPICS_TABLE . ' t WHERE t.topic_id = ' . $topic_id . ' AND f.forum_id = t.forum_id'; $result = phpbb_fetch_row($sql); if ($result) { $forum_id = $result['forum_id']; $forum_name = $result['forum_name']; } else { phpbb_raise_error('Forum does not exists.', __FILE__, __LINE__, $sql); } // // save the username and override it for assigning the post to the given // user // $old_username = $userdata['user_id']; $userdata['user_id'] = $username; $error_msg = ''; $return_message = ''; $return_meta = ''; $mode = 'reply'; $post_data = array(); $bbcode_on = TRUE; $html_on = TRUE; $smilies_on = 0; $poll_title = ''; $poll_options = ''; $poll_length = ''; $bbcode_uid = ''; $attach_sig = 0; prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $message, $poll_title, $poll_options, $poll_length); if ($error_msg == '') { $topic_type = POST_NORMAL; submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, str_replace("\\'", "''", $username), str_replace("\\'", "''", $subject), str_replace("\\'", "''", $message), str_replace("\\'", "''", $poll_title), $poll_options, $poll_length); if ($error_msg == '') { update_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $username); if ($error_msg != '') { phpbb_raise_error($error_msg); } add_search_words('single', $post_id, stripslashes($message), stripslashes($subject)); } else { phpbb_raise_error($error_msg); } } else { phpbb_raise_error($error_msg); } $userdata['user_id'] = $old_username; return $post_id; }
/** * Add a reply to this topic. * * */ public function addReply($message) { global $phpbb_root_path, $phpEx, $user_ip, $userdata, $db, $themes_id, $board_config, $template, $theme, $lang, $page_title, $SID, $html_entities_match, $html_entities_replace, $user_ip, $attachment_mod, $unhtml_specialchars_match, $unhtml_specialchars_replace; require_once $phpbb_root_path . 'includes/bbcode.' . $phpEx; require_once $phpbb_root_path . 'includes/functions_post.' . $phpEx; $forum_id = $this->getForumId(); $topic_id = $this->getTopicId(); $message = addslashes($message); $post_id = null; $poll_id = null; $attach_sig = 0; $mode = 'reply'; $post_data = array('first_post' => 0, 'last_post' => false, 'has_poll' => false, 'edit_poll' => false); $bbcode_on = '1'; $html_on = '0'; $smilies_on = '1'; $error_msg = ''; $username = ''; $bbcode_uid = ''; $subject = ''; $poll_title = ''; $poll_options = ''; $poll_length = '0'; $poll_length_h = '0'; $poll_length = $poll_length * 24; $poll_length = $poll_length_h + $poll_length; $poll_length = 0; $max_vote = ''; $hide_vote = ''; $tothide_vote = ''; prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $message, $poll_title, $poll_options, $poll_length, $max_vote, $hide_vote, $tothide_vote); if ($error_msg == '') { $topic_type = 0; submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, str_replace("\\'", "''", $username), str_replace("\\'", "''", $subject), str_replace("\\'", "''", $message), str_replace("\\'", "''", $poll_title), $poll_options, $poll_length, $max_vote, $hide_vote, $tothide_vote); } if ($error_msg == '') { $user_id = $userdata['user_id']; update_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $user_id); //$attachment_mod['posting']->insert_attachment($post_id); if ($error_msg == '') { $notify_user = true; user_notification($mode, $post_data, $this->getTopicTitle(), $forum_id, $topic_id, $post_id, $notify_user); } $tracking_topics = !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) : array(); $tracking_forums = !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) : array(); if (count($tracking_topics) + count($tracking_forums) == 100 && empty($tracking_topics[$topic_id])) { asort($tracking_topics); unset($tracking_topics[key($tracking_topics)]); } $tracking_topics[$topic_id] = time(); setcookie($board_config['cookie_name'] . '_t', serialize($tracking_topics), 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); return $post_id; } else { message_die(GENERAL_ERROR, 'An error occured when posting a reply.'); } }
private function init_posting() { global $db, $config, $user, $lang; include IP_ROOT_PATH . 'includes/functions_post.' . PHP_EXT; $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . (int) $this->poster_id; $result = $db->sql_query($sql); $poster_data = $db->sql_fetchrow($result); $db->sql_freeresult($result); // backward posting (from the oldest to the newest) $i = sizeof($this->items) > $this->posting_limit ? $this->posting_limit - 1 : sizeof($this->items); $j = 0; while ($i >= 0 && ($this->posting_limit == 0 || $this->posting_limit > $j)) { $subject = substr($this->items[$i]['title'], 0, 254); // check if this topic is not already posted $sql = 'SELECT topic_title FROM ' . TOPICS_TABLE . ' WHERE topic_title = "' . $db->sql_escape($subject) . '" AND topic_poster = ' . (int) $this->poster_id; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // Do we have a new item to post ? if (strnatcasecmp($row['topic_title'], $subject)) { // templates RSS / ATOM has different indexes for messages $temp = $this->feed_type == 'rss' || $this->feed_type == 'rdf' ? 'description' : 'content'; $message = $this->html_to_bbcode($this->feed_name . "\n\n" . $this->items[$i][$temp]); $post_time = time(); // Icy Phoenix Posting - BEGIN // Force the user to be admin to avoid flood check... $user->data['user_level'] = ADMIN; $topic_title_clean = substr(ip_clean_string($subject, $lang['ENCODING']), 0, 254); $forum_id = $this->poster_forum_destination_id; $topic_id = 0; $post_id = 0; $post_mode = 'newtopic'; $post_data = array(); $poll_data = array('title' => '', 'start' => time(), 'length' => 0, 'max_options' => 1, 'change' => 0); if (POSTING_DEBUG) { die($subject . '<br /><br />' . $message); } else { prepare_post($post_mode, $post_data, 1, 0, 0, '', $poster_data['username'], $subject, $message, '', array(), $poll_data, '', '', '', '', '', '', '', 0, 0); submit_post($post_mode, $post_data, '', '', $forum_id, $topic_id, $post_id, $topic_type, 1, 0, 1, 0, 1, $poster_data['username'], $subject, $topic_title_clean, '', $message, '', '', $poll_data, '', '', '', '', '', '', 0, 0, false, '', 0, 0); } // Icy Phoenix Posting - END } // change $i to the next (ehm previous :D ) item $i--; $j++; } // TODO rebuild/sync forums latest topics and post counts // redirect to index if (!$this->cron_init) { redirect(create_server_url()); } }
} elseif (($submit || $confirm) && !$topic_has_new_posts) { // // Submit post (newtopic, edit, reply, etc.) // $return_message = ''; $return_meta = ''; switch ($mode) { case 'editpost': case 'newtopic': case 'reply': $username = !empty($_POST['username']) ? clean_username($_POST['username']) : ''; $subject = !empty($_POST['subject']) ? clean_title($_POST['subject']) : ''; $message = !empty($_POST['message']) ? prepare_message($_POST['message']) : ''; $attach_rg_sig = isset($_POST['attach_rg_sig']) && isset($_POST['poster_rg']) && $_POST['poster_rg'] != -1 ? 1 : 0; $poster_rg_id = isset($_POST['poster_rg']) && $_POST['poster_rg'] != -1 ? (int) $_POST['poster_rg'] : 0; prepare_post($mode, $post_data, $error_msg, $username, $subject, $message); if (!$error_msg) { $topic_type = isset($post_data['topic_type']) && $topic_type != $post_data['topic_type'] && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] ? $post_data['topic_type'] : $topic_type; submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $topic_type, DB()->escape($username), DB()->escape($subject), DB()->escape($message), $update_post_time, $poster_rg_id, $attach_rg_sig); $post_url = POST_URL . "{$post_id}#{$post_id}"; $post_msg = $mode == 'editpost' ? $lang['EDITED'] : $lang['STORED']; $onclick = $mode == 'editpost' ? 'onclick="return post2url(this.href);"' : ''; $return_message .= $post_msg . '<br /><br /> <a ' . $onclick . ' href="' . $post_url . '" >' . $lang['POST_RETURN'] . '</a> '; } break; case 'delete': require_once INC_DIR . 'functions_admin.php'; delete_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id); break;