function topic_review($topic_id, $is_inline_review) { global $db, $board_config, $template, $lang, $images, $theme, $phpEx, $phpbb_root_path; global $userdata, $user_ip; global $orig_word, $replacement_word; global $starttime; if (!$is_inline_review) { if (!isset($topic_id) || !$topic_id) { message_die(GENERAL_MESSAGE, 'Topic_post_not_exist'); } // // Get topic info ... // $sql = "SELECT t.topic_title, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments \n\t\t\tFROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f \n\t\t\tWHERE t.topic_id = {$topic_id}\n\t\t\t\tAND f.forum_id = t.forum_id"; $tmp = ''; attach_setup_viewtopic_auth($tmp, $sql); if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not obtain topic information', '', __LINE__, __FILE__, $sql); } if (!($forum_row = $db->sql_fetchrow($result))) { message_die(GENERAL_MESSAGE, 'Topic_post_not_exist'); } $db->sql_freeresult($result); $forum_id = $forum_row['forum_id']; $topic_title = $forum_row['topic_title']; // // Start session management // $userdata = session_pagestart($user_ip, $forum_id); init_userprefs($userdata); // // End session management // $is_auth = array(); $is_auth = auth(AUTH_ALL, $forum_id, $userdata, $forum_row); if (!$is_auth['auth_read']) { message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_auth_read'], $is_auth['auth_read_type'])); } } // // Define censored word matches // if (empty($orig_word) && empty($replacement_word)) { $orig_word = array(); $replacement_word = array(); obtain_word_list($orig_word, $replacement_word); } // // Dump out the page header and load viewtopic body template // if (!$is_inline_review) { $gen_simple_header = TRUE; $page_title = $lang['Topic_review'] . ' - ' . $topic_title; include $phpbb_root_path . 'includes/page_header.' . $phpEx; $template->set_filenames(array('reviewbody' => 'posting_topic_review.tpl')); } // // Go ahead and pull all data for this topic // $sql = "SELECT u.username, u.user_id, p.*, pt.post_text, pt.post_subject, pt.bbcode_uid\n\t\tFROM " . POSTS_TABLE . " p, " . USERS_TABLE . " u, " . POSTS_TEXT_TABLE . " pt\n\t\tWHERE p.topic_id = {$topic_id}\n\t\t\tAND p.poster_id = u.user_id\n\t\t\tAND p.post_id = pt.post_id\n\t\tORDER BY p.post_time DESC\n\t\tLIMIT " . $board_config['posts_per_page']; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not obtain post/user information', '', __LINE__, __FILE__, $sql); } init_display_review_attachments($is_auth); // // Okay, let's do the loop, yeah come on baby let's do the loop // and it goes like this ... // if ($row = $db->sql_fetchrow($result)) { $mini_post_img = $images['icon_minipost']; $mini_post_alt = $lang['Post']; $i = 0; do { $poster_id = $row['user_id']; $poster = $row['username']; $post_date = create_date($board_config['default_dateformat'], $row['post_time'], $board_config['board_timezone']); // // Handle anon users posting with usernames // if ($poster_id == ANONYMOUS && $row['post_username'] != '') { $poster = $row['post_username']; $poster_rank = $lang['Guest']; } elseif ($poster_id == ANONYMOUS) { $poster = $lang['Guest']; $poster_rank = ''; } $post_subject = $row['post_subject'] != '' ? $row['post_subject'] : ''; include_once $phpbb_root_path . 'includes/functions_hide.' . $phpEx; $message = strip_hidden_contents($row, $hiding_info); $bbcode_uid = $row['bbcode_uid']; // // If the board has HTML off but the post has HTML // on then we process it, else leave it alone // if (!$board_config['allow_html'] && $row['enable_html']) { $message = preg_replace('#(<)([\\/]?.*?)(>)#is', '<\\2>', $message); } if ($bbcode_uid != "") { $message = $board_config['allow_bbcode'] ? bbencode_second_pass($message, $bbcode_uid) : preg_replace('/\\:[0-9a-z\\:]+\\]/si', ']', $message); } $message = make_clickable($message); if (count($orig_word)) { $post_subject = preg_replace($orig_word, $replacement_word, $post_subject); $message = preg_replace($orig_word, $replacement_word, $message); } if ($board_config['allow_smilies'] && $row['enable_smilies']) { $message = smilies_pass($message); } $message = str_replace("\n", '<br />', $message); // // Again this will be handled by the templating // code at some point // $row_color = !($i % 2) ? $theme['td_color1'] : $theme['td_color2']; $row_class = !($i % 2) ? $theme['td_class1'] : $theme['td_class2']; $info_box = get_hiding_info_box($hiding_info, true); $template->assign_block_vars('postrow', array('ROW_COLOR' => '#' . $row_color, 'ROW_CLASS' => $row_class, 'MINI_POST_IMG' => $mini_post_img, 'POSTER_NAME' => $poster, 'POST_DATE' => $post_date, 'POST_SUBJECT' => $post_subject, 'MESSAGE' => $message, 'HIDING_INFO_BOX' => $info_box, 'L_MINI_POST_ALT' => $mini_post_alt)); if ($hiding_info['show_attachment']) { display_review_attachments($row['post_id'], $row['post_attachment'], $is_auth); } $i++; } while ($row = $db->sql_fetchrow($result)); } else { message_die(GENERAL_MESSAGE, 'Topic_post_not_exist', '', __LINE__, __FILE__, $sql); } $db->sql_freeresult($result); $template->assign_vars(array('L_AUTHOR' => $lang['Author'], 'L_MESSAGE' => $lang['Message'], 'L_POSTED' => $lang['Posted'], 'L_POST_SUBJECT' => $lang['Post_subject'], 'L_TOPIC_REVIEW' => $lang['Topic_review'])); if (!$is_inline_review) { $template->pparse('reviewbody'); include $phpbb_root_path . 'includes/page_tail.' . $phpEx; } }
$y_card_img = ''; $r_card_img = ''; } if ($is_auth['auth_bluecard']) { if ($is_auth['auth_mod']) { $b_card_img = $postrow[$i]['post_bluecard'] ? ' <input type="image" name="report_reset" value="report_reset" onClick="return confirm(\'' . $lang['Clear_blue_card_warning'] . '\')" src="' . $images['icon_bhot_card'] . '" alt="' . sprintf($lang['Clear_b_card'], $postrow[$i]['post_bluecard']) . '">' : ' <input type="image" name="report" value="report" onClick="return confirm(\'' . $lang['Blue_card_warning'] . '\')" src="' . $images['icon_b_card'] . '" alt="' . $lang['Give_b_card'] . '" >'; } else { $b_card_img = ' <input type="image" name="report" value="report" onClick="return confirm(\'' . $lang['Blue_card_warning'] . '\')" src="' . $images['icon_b_card'] . '" alt="' . $lang['Give_b_card'] . '" >'; } } else { $b_card_img = ''; } // parse hidden filds if cards visible $card_hidden = $g_card_img || $r_card_img || $y_card_img || $b_card_img ? '<input type="hidden" name="post_id" value="' . $postrow[$i]['post_id'] . '">' : ''; $post_subject = $postrow[$i]['post_subject'] != '' ? $postrow[$i]['post_subject'] : ''; $message = strip_hidden_contents($postrow[$i], $hiding_info); $bbcode_uid = $postrow[$i]['bbcode_uid']; $user_sig = $postrow[$i]['enable_sig'] && $postrow[$i]['user_sig'] != '' && $board_config['allow_sig'] ? $postrow[$i]['user_sig'] : ''; $user_sig_bbcode_uid = $postrow[$i]['user_sig_bbcode_uid']; // // Note! The order used for parsing the message _is_ important, moving things around could break any // output // // // If the board has HTML off but the post has HTML // on then we process it, else leave it alone // if (!$board_config['allow_html'] || !$userdata['user_allowhtml']) { if ($user_sig != '') { $user_sig = preg_replace('#(<)([\\/]?.*?)(>)#is', "<\\2>", $user_sig); }
$highlight_match[] = '#\\b(' . str_replace("*", "([\\w]+)?", $replace_synonym) . ')\\b#is'; $highlight_active .= ' ' . $match_synonym; } } } } $highlight_active = urlencode(trim($highlight_active)); $tracking_topics = isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) : array(); $tracking_forums = isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) : array(); include $phpbb_root_path . 'includes/functions_hide.' . $phpEx; for ($i = 0; $i < count($searchset); $i++) { $forum_url = append_sid("viewforum.{$phpEx}?" . POST_FORUM_URL . '=' . $searchset[$i]['forum_id']); $topic_url = append_sid("viewtopic.{$phpEx}?" . POST_TOPIC_URL . '=' . $searchset[$i]['topic_id'] . "&highlight={$highlight_active}"); $post_url = append_sid("viewtopic.{$phpEx}?" . POST_POST_URL . '=' . $searchset[$i]['post_id'] . "&highlight={$highlight_active}") . '#' . $searchset[$i]['post_id']; $post_date = create_date($board_config['default_dateformat'], $searchset[$i]['post_time'], $board_config['board_timezone']); $message = strip_hidden_contents($searchset[$i], $hiding_info); $topic_title = $searchset[$i]['topic_title']; $forum_id = $searchset[$i]['forum_id']; $topic_id = $searchset[$i]['topic_id']; if ($show_results == 'posts') { if (isset($return_chars)) { $bbcode_uid = $searchset[$i]['bbcode_uid']; // // If the board has HTML off but the post has HTML // on then we process it, else leave it alone // if ($return_chars != -1) { $message = strip_tags($message); $message = preg_replace("/\\[.*?:{$bbcode_uid}:?.*?\\]/si", '', $message); $message = preg_replace('/\\[url\\]|\\[\\/url\\]/si', '', $message); $message = strlen($message) > $return_chars ? substr($message, 0, $return_chars) . ' ...' : $message;