public function create_welcome_topic($user_id) { if (!$this->config['welcomerobot_enable']) { return false; } if (!function_exists('get_username_string')) { include $this->root_path . 'includes/functions_content.' . $this->phpEx; } if (!function_exists('submit_post')) { include $this->root_path . 'includes/functions_posting.' . $this->phpEx; } $sql = 'SELECT * FROM ' . USERS_TABLE . "\n\t\t\tWHERE user_id = " . intval($user_id) . ""; $dbresult = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($dbresult); $this->db->sql_freeresult($dbresult); if (empty($row)) { return false; } $username = get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']); $clean_username = utf8_clean_string($row['username']); $topic_title = str_replace(array('%user', '%robot', '%board'), array($clean_username, $this->config['welcomerobot_username'], $this->config['sitename']), $this->config['welcomerobot_title']); $topic_content = str_replace(array('%user', '%robot', '%board'), array($clean_username, $this->config['welcomerobot_username'], $this->config['sitename']), $this->config['welcomerobot_detail']); $poll = $uid = $bitfield = $options = ''; // will be modified by generate_text_for_storage $allow_bbcode = $allow_urls = $allow_smilies = true; generate_text_for_storage($topic_content, $uid, $bitfield, $options, $allow_bbcode, $allow_urls, $allow_smilies); $data = array('forum_id' => $this->config['welcomerobot_forum'], 'topic_id' => 0, 'icon_id' => false, 'robot_name' => $this->config['welcomerobot_username'], 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $topic_content, 'message_md5' => md5($topic_content), 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'post_edit_locked' => 0, 'topic_title' => $topic_title, 'notify_set' => false, 'notify' => false, 'post_time' => 0, 'forum_name' => '', 'enable_indexing' => true, 'force_approved_state' => true); submit_post('post', $topic_title, 'robot_name', POST_NORMAL, $poll, $data); return true; }
/** * @dataProvider submit_post_data */ public function test_submit_post($additional_post_data, $expected_before, $expected_after) { $sql = 'SELECT user_id, item_id, item_parent_id FROM ' . NOTIFICATIONS_TABLE . ' n, ' . NOTIFICATION_TYPES_TABLE . " nt\n\t\t\tWHERE nt.notification_type_name = '" . $this->item_type . "'\n\t\t\t\tAND n.notification_type_id = nt.notification_type_id\n\t\t\tORDER BY user_id ASC, item_id ASC"; $result = $this->db->sql_query($sql); $this->assertEquals($expected_before, $this->db->sql_fetchrowset($result)); $this->db->sql_freeresult($result); $poll_data = array(); $post_data = array_merge($this->post_data, $additional_post_data); submit_post('post', '', 'poster-name', POST_NORMAL, $poll_data, $post_data, false, false); // Check whether the notifications got added successfully $result = $this->db->sql_query($sql); $this->assertEquals($expected_after, $this->db->sql_fetchrowset($result), 'Check whether the notifications got added successfully'); $this->db->sql_freeresult($result); if (isset($additional_post_data['force_approved_state']) && $additional_post_data['force_approved_state'] === false) { return; } $reply_data = array_merge($this->post_data, array('topic_id' => 2)); $url = submit_post('reply', '', 'poster-name', POST_NORMAL, $poll_data, $reply_data, false, false); $reply_id = 3; $this->assertStringEndsWith('p' . $reply_id, $url, 'Post ID of reply is not ' . $reply_id); // Check whether the notifications are still correct after a reply has been added $result = $this->db->sql_query($sql); $this->assertEquals($expected_after, $this->db->sql_fetchrowset($result), 'Check whether the notifications are still correct after a reply has been added'); $this->db->sql_freeresult($result); $result = $this->db->sql_query('SELECT * FROM ' . POSTS_TABLE . ' WHERE post_id = ' . $reply_id); $reply_edit_data = array_merge($this->post_data, $this->db->sql_fetchrow($result), array('force_approved_state' => false, 'post_edit_reason' => 'PHPBB3-12370')); submit_post('edit', '', 'poster-name', POST_NORMAL, $poll_data, $reply_edit_data, false, false); // Check whether the notifications are still correct after the reply has been edit $result = $this->db->sql_query($sql); $this->assertEquals($expected_after, $this->db->sql_fetchrowset($result), 'Check whether the notifications are still correct after the reply has been edit'); $this->db->sql_freeresult($result); }
static function add_post($id = null, $add_to_forums = []) { global $user, $phpbb_root_path, $phpEx, $phpbb_log, $wpdb; //we save the forums association update_post_meta($id, 'wpphpbbu_forums', $add_to_forums); $post = get_post($id); $current_user = wp_get_current_user(); // Get current user info // If the user cannot create posts on forum then return. // This info is comming from WordPress administration panel if (!current_user_can('post_to_forum') || $post->post_status !== "publish") { return; } if ($post->post_status == "publish") { // Import functions_posting.php require_once $phpbb_root_path . 'includes/functions_posting.php'; $post_content = $post->post_content; // Getting post content $post_title = $post->post_title; // Getting post title $uid = $bitfield = $options = ''; // Set post options generate_text_for_storage($post_content, $uid, $bitfield, $options, true, true, true); // Process post content generate_text_for_storage($post_title, $uid, $bitfield, $options, true, true, true); // Process post title $poll = null; // There is no poll $p = get_post($id); $current_title = $p->post_title; $current_hash = md5($p->post_content); // // Loop through the allowed forums foreach ($add_to_forums as $forum_id) { $edit = get_post_meta($id, 'wpphpbbu_topic_id', true); $topicId = $edit ? (int) $edit : 0; // var_dump($topicId); // die(); $data = array('forum_id' => $forum_id, 'topic_id' => $topicId, 'icon_id' => false, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $post_content, 'message_md5' => md5($post_content), 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'post_edit_locked' => 0, 'topic_title' => $post_title, 'notify_set' => false, 'notify' => false, 'post_time' => time(), 'forum_name' => '', 'enable_indexing' => true, 'force_approved_state' => true); if ($edit) { $data['post_id'] = get_post_meta($id, 'wpphpbbu_post_id', true); $data['post_subject'] = $data['topic_title']; $data['post_edit_user'] = $data['poster_id'] = $user->data['user_id']; } // Submit the data here submit_post($edit ? 'edit' : 'post', $post_title, $user->data['username'], POST_NORMAL, $poll, $data); var_dump($data); $topic_id = $data['topic_id']; update_post_meta($id, 'wpphpbbu_topic_id', $topic_id); $topic_id = $data['post_id']; update_post_meta($id, 'wpphpbbu_post_id', $topic_id); } unset($p); } }
/** * @dataProvider submit_post_data */ public function test_submit_post($additional_post_data, $expected_before, $expected_after) { $sql = 'SELECT user_id, item_id, item_parent_id FROM ' . NOTIFICATIONS_TABLE . ' n, ' . NOTIFICATION_TYPES_TABLE . " nt\n\t\t\tWHERE nt.notification_type_name = '" . $this->item_type . "'\n\t\t\t\tAND n.notification_type_id = nt.notification_type_id\n\t\t\tORDER BY user_id ASC, item_id ASC"; $result = $this->db->sql_query($sql); $this->assertEquals($expected_before, $this->db->sql_fetchrowset($result)); $this->db->sql_freeresult($result); $poll_data = $this->poll_data; $post_data = array_merge($this->post_data, $additional_post_data); submit_post('reply', '', 'poster-name', POST_NORMAL, $poll_data, $post_data, false, false); $result = $this->db->sql_query($sql); $this->assertEquals($expected_after, $this->db->sql_fetchrowset($result)); $this->db->sql_freeresult($result); }
/** * Copy a new topic to another forum * * @param object $event The event object * @return null * @access public */ public function copy_topic($event) { $mode = $event['mode']; $data = $event['data']; if ($this->config['copy_topic_enable'] && $mode == 'post' && $data['forum_id'] == $this->config['copy_topic_from_forum']) { if ($this->check_fora()) { $data['forum_id'] = $this->config['copy_topic_to_forum']; // We need to make sure the topic does not need approval in the "to" forum $data['force_approved_state'] = ITEM_APPROVED; $poll = $event['poll']; $post_author_name = $event['post_author_name']; $post_data = $event['post_data']; $update_message = $event['update_message']; submit_post($mode, $post_data['post_subject'], $post_author_name, $post_data['topic_type'], $poll, $data, $update_message, $update_message || $update_subject ? true : false); } } }
function sendphpbbfp($raidid, $raidname, $raidtime, $raiddate, $raiddesc) { include_once './forum/includes/functions_posting.php'; // note that multibyte support is enabled here $my_subject = 'New Raid Posted'; $my_text = utf8_normalize_nfc('[color=#BF00BF][size=150][b]' . $raidname . '[/b][/size][/color] [b]Date:[/b] ' . $raiddate . ' [b]Time:[/b] ' . $raidtime . ' UTC (GMT) [b][url=http://www.crimson-alliance.com/calendar_signup.php?id=' . $raidid . ']Click here to sign up.[/url][/b] [b]Description:[/b] ' . $raiddesc . ''); // variables to hold the parameters for submit_post $poll = $uid = $bitfield = $options = ''; generate_text_for_storage($my_subject, $uid, $bitfield, $options, false, false, false); generate_text_for_storage($my_text, $uid, $bitfield, $options, true, true, true); $data = array('forum_id' => 24, 'topic_id' => 7, 'icon_id' => false, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => false, 'message' => $my_text, 'message_md5' => md5($my_text), 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'post_edit_locked' => 0, 'topic_title' => $my_subject, 'notify_set' => false, 'notify' => false, 'post_time' => 0, 'forum_name' => 'Raid Postings', 'enable_indexing' => true, 'force_approved_state' => true); submit_post('reply', $my_subject, '', POST_NORMAL, $poll, $data, $update_message = true); }
function post2($forum_id, $topic_id, $content) { // This posts a roll global $db; global $phpEx, $phpbb_root_path; include_once $phpbb_root_path . 'includes/functions_posting.' . $phpEx; $roller = $user->data['username']; $backup = array('user' => $user, 'auth' => $auth); $user_id = 2; $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . $user_id; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // $user->data = array_merge($user->data, $row); // $auth->acl($user->data); // $user->ip = '0.0.0.0'; $post_data['topic_title'] = "Roll"; $post_data['forum_id'] = $forum_id; $post_data['topic_id'] = $topic_id; $post_data['icon_id'] = 0; $post_data['enable_bbcode'] = 0; $post_data['enable_smilies'] = 0; $post_data['enable_urls'] = 0; $post_data['enable_sig'] = 0; $post_data['message'] = $content; $post_data['message_md5'] = md5($content); $post_data['bbcode_bitfield'] = ""; $post_data['bbcode_uid'] = ""; $post_data['post_edit_locked'] = 1; submit_post('reply', $post_data['topic_title'], "Roller", 'POST_NORMAL', $poll, $post_data, $update_message, $update_message || $update_subject ? true : false); //submit_post('reply', $post_data['topic_title'], "", $post_data); $user = $backup['user']; $auth = $backup['auth']; }
'bbcode_uid' => $uid, 'bbcode_bitfield' => $bitfield, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => 0, 'post_edit_locked' => 0, 'poster_id' => $row['comment_author'], 'enable_indexing' => true, 'forum_name' => $projects[$reports[$row['bug_id']]['project_id']]['project_title'], 'notify' => false, 'notify_set' => false, ); submit_post('reply', $row['comment_title'], '', POST_NORMAL, $poll, $data); /*$sql = 'SELECT p.post_id, t.topic_replies_real, t.topic_first_post_id, t.topic_last_post_id FROM ' . POSTS_TABLE . ' p LEFT JOIN ' . TOPICS_TABLE . ' t ON p.topic_id = t.topic_id WHERE p.post_id = ' . $data['post_id']; $result53 = $db->sql_query($sql); $post = $db->sql_fetchrow($result53); $data['topic_time'] = $row['comment_time']; $data['post_time'] = $row['comment_time']; $data['topic_poster'] = $row['comment_author']; $data['poster_id'] = $row['comment_author']; $data['post_edit_reason'] = ''; $data['topic_replies_real'] = $post['topic_replies_real']; $data['topic_first_post_id'] = $post['topic_first_post_id']; $data['topic_last_post_id'] = $post['topic_last_post_id'];*/
function save_raw_post_func($xmlrpc_params) { global $db, $auth, $user, $config, $template, $cache, $phpEx, $phpbb_root_path, $phpbb_home; $user->setup('posting'); include $phpbb_root_path . 'includes/message_parser.' . $phpEx; $params = php_xmlrpc_decode($xmlrpc_params); $submit = true; $preview = false; $refresh = false; $mode = 'edit'; // get post information from parameters $post_id = intval($params[0]); $post_title = $params[1]; $post_content = $params[2]; $GLOBALS['return_html'] = isset($params[3]) ? $params[3] : false; $post_data = array(); $sql = 'SELECT p.*, t.*, f.*, u.username FROM ' . POSTS_TABLE . ' p LEFT JOIN ' . TOPICS_TABLE . ' t ON (p.topic_id = t.topic_id) LEFT JOIN ' . FORUMS_TABLE . ' f ON (t.forum_id = f.forum_id OR (t.topic_type = ' . POST_GLOBAL . ' AND f.forum_type = ' . FORUM_POST . ')) LEFT JOIN ' . USERS_TABLE . ' u ON (p.poster_id = u.user_id)' . "\r\r\n WHERE p.post_id = {$post_id}"; $result = $db->sql_query_limit($sql, 1); $post_data = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$post_data) { trigger_error('NO_POST'); } // Use post_row values in favor of submitted ones... $forum_id = (int) $post_data['forum_id']; $topic_id = (int) $post_data['topic_id']; $post_id = (int) $post_id; // Need to login to passworded forum first? if ($post_data['forum_password'] && !check_forum_password($forum_id)) { trigger_error('LOGIN_FORUM'); } // Is the user able to read within this forum? if (!$auth->acl_get('f_read', $forum_id)) { trigger_error('USER_CANNOT_READ'); } // Permission to do the action asked? if (!($user->data['is_registered'] && $auth->acl_gets('f_edit', 'm_edit', $forum_id))) { trigger_error('USER_CANNOT_EDIT'); } // Forum/Topic locked? if (($post_data['forum_status'] == ITEM_LOCKED || isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED) && !$auth->acl_get('m_edit', $forum_id)) { trigger_error($post_data['forum_status'] == ITEM_LOCKED ? 'FORUM_LOCKED' : 'TOPIC_LOCKED'); } // Can we edit this post ... if we're a moderator with rights then always yes // else it depends on editing times, lock status and if we're the correct user if (!$auth->acl_get('m_edit', $forum_id)) { if ($user->data['user_id'] != $post_data['poster_id']) { trigger_error('USER_CANNOT_EDIT'); } if (!($post_data['post_time'] > time() - $config['edit_time'] * 60 || !$config['edit_time'])) { trigger_error('CANNOT_EDIT_TIME'); } if ($post_data['post_edit_locked']) { trigger_error('CANNOT_EDIT_POST_LOCKED'); } } // Determine some vars if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS) { $post_data['quote_username'] = !empty($post_data['post_username']) ? $post_data['post_username'] : $user->lang['GUEST']; } else { $post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : ''; } $post_data['post_edit_locked'] = isset($post_data['post_edit_locked']) ? (int) $post_data['post_edit_locked'] : 0; $post_data['post_subject'] = in_array($mode, array('quote', 'edit')) ? $post_data['post_subject'] : (isset($post_data['topic_title']) ? $post_data['topic_title'] : ''); $post_data['topic_time_limit'] = isset($post_data['topic_time_limit']) ? $post_data['topic_time_limit'] ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit'] : 0; $post_data['poll_length'] = !empty($post_data['poll_length']) ? (int) $post_data['poll_length'] / 86400 : 0; $post_data['poll_start'] = !empty($post_data['poll_start']) ? (int) $post_data['poll_start'] : 0; $post_data['icon_id'] = !isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply')) ? 0 : (int) $post_data['icon_id']; $post_data['poll_options'] = array(); // Get Poll Data if ($post_data['poll_start']) { $sql = 'SELECT poll_option_text FROM ' . POLL_OPTIONS_TABLE . "\r\r\n WHERE topic_id = {$topic_id}\r\r\n ORDER BY poll_option_id"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $post_data['poll_options'][] = trim($row['poll_option_text']); } $db->sql_freeresult($result); } $orig_poll_options_size = sizeof($post_data['poll_options']); $message_parser = new parse_message(); if (isset($post_data['post_text'])) { $message_parser->message =& $post_data['post_text']; unset($post_data['post_text']); } // Set some default variables $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0); foreach ($uninit as $var_name => $default_value) { if (!isset($post_data[$var_name])) { $post_data[$var_name] = $default_value; } } unset($uninit); // Always check if the submitted attachment data is valid and belongs to the user. // Further down (especially in submit_post()) we do not check this again. $message_parser->get_submitted_attachment_data($post_data['poster_id']); if ($post_data['post_attachment'] && !$refresh && !$preview && $mode == 'edit') { // Do not change to SELECT * $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename FROM ' . ATTACHMENTS_TABLE . "\r\r\n WHERE post_msg_id = {$post_id}\r\r\n AND in_message = 0\r\r\n AND is_orphan = 0\r\r\n ORDER BY filetime DESC"; $result = $db->sql_query($sql); $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result)); $db->sql_freeresult($result); } if ($post_data['poster_id'] == ANONYMOUS) { $post_data['username'] = $mode == 'quote' || $mode == 'edit' ? trim($post_data['post_username']) : ''; } else { $post_data['username'] = $mode == 'quote' || $mode == 'edit' ? trim($post_data['username']) : ''; } $post_data['enable_urls'] = $post_data['enable_magic_url']; $post_data['enable_magic_url'] = $post_data['drafts'] = false; $check_value = ($post_data['enable_bbcode'] + 1 << 8) + ($post_data['enable_smilies'] + 1 << 4) + ($post_data['enable_urls'] + 1 << 2) + ($post_data['enable_sig'] + 1 << 1); // Check if user is watching this topic /*if ($mode != 'post' && $config['allow_topic_notify'] && $user->data['is_registered']) { $sql = 'SELECT topic_id FROM ' . TOPICS_WATCH_TABLE . ' WHERE topic_id = ' . $topic_id . ' AND user_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id'); $db->sql_freeresult($result); }*/ // Do we want to edit our post ? if ($post_data['bbcode_uid']) { $message_parser->bbcode_uid = $post_data['bbcode_uid']; } // HTML, BBCode, Smilies, Images and Flash status $bbcode_status = $config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id) ? true : false; $smilies_status = $bbcode_status && $config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id) ? true : false; $img_status = $bbcode_status && $auth->acl_get('f_img', $forum_id) ? true : false; $url_status = $config['allow_post_links'] ? true : false; $flash_status = $bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash'] ? true : false; $quote_status = $auth->acl_get('f_reply', $forum_id) ? true : false; $solved_captcha = false; $post_data['topic_cur_post_id'] = request_var('topic_cur_post_id', 0); $post_data['post_subject'] = utf8_normalize_nfc($post_title); $message_parser->message = utf8_normalize_nfc(htmlspecialchars($post_content)); $post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true)); $post_data['post_edit_reason'] = !empty($_POST['edit_reason']) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id) ? utf8_normalize_nfc(request_var('edit_reason', '', true)) : ''; $post_data['orig_topic_type'] = $post_data['topic_type']; $post_data['topic_type'] = request_var('topic_type', $mode != 'post' ? (int) $post_data['topic_type'] : POST_NORMAL); $post_data['topic_time_limit'] = request_var('topic_time_limit', $mode != 'post' ? (int) $post_data['topic_time_limit'] : 0); $post_data['icon_id'] = request_var('icon', 0); $post_data['enable_bbcode'] = !$bbcode_status || isset($_POST['disable_bbcode']) ? false : true; $post_data['enable_smilies'] = !$smilies_status || isset($_POST['disable_smilies']) ? false : true; $post_data['enable_urls'] = isset($_POST['disable_magic_url']) ? 0 : 1; $post_data['enable_sig'] = !$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig') ? false : ($user->data['is_registered'] ? true : false); if ($config['allow_topic_notify'] && $user->data['is_registered']) { $notify = isset($_POST['notify']) ? true : false; } else { $notify = false; } $topic_lock = isset($_POST['lock_topic']) ? true : $post_data['topic_status']; $post_lock = isset($_POST['lock_post']) ? true : $post_data['post_edit_locked']; $poll_delete = isset($_POST['poll_delete']) ? true : false; $status_switch = ($post_data['enable_bbcode'] + 1 << 8) + ($post_data['enable_smilies'] + 1 << 4) + ($post_data['enable_urls'] + 1 << 2) + ($post_data['enable_sig'] + 1 << 1); $status_switch = $status_switch != $check_value; //$post_data['poll_title'] = utf8_normalize_nfc(request_var('poll_title', '', true)); //$post_data['poll_length'] = request_var('poll_length', 0); //$post_data['poll_option_text'] = utf8_normalize_nfc(request_var('poll_option_text', '', true)); $post_data['poll_option_text'] = implode("\n", $post_data['poll_options']); //$post_data['poll_max_options'] = request_var('poll_max_options', 1); //$post_data['poll_vote_change'] = ($auth->acl_get('f_votechg', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0; // Parse Attachments - before checksum is calculated $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh); // Grab md5 'checksum' of new message $message_md5 = md5($message_parser->message); // Check checksum ... don't re-parse message if the same $update_message = $mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN ? true : false; // Parse message if ($update_message) { if (sizeof($message_parser->warn_msg)) { trigger_error(join("\n", $message_parser->warn_msg)); } $message_parser->parse($post_data['enable_bbcode'], $config['allow_post_links'] ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']); } else { $message_parser->bbcode_bitfield = $post_data['bbcode_bitfield']; } // Validate username if ($post_data['username'] && !$user->data['is_registered'] || $mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username']) { include $phpbb_root_path . 'includes/functions_user.' . $phpEx; if (($result = validate_username($post_data['username'], !empty($post_data['post_username']) ? $post_data['post_username'] : '')) !== false) { $user->add_lang('ucp'); trigger_error($result . '_USERNAME'); } } // Parse subject if (utf8_clean_string($post_data['post_subject']) === '' && $post_data['topic_first_post_id'] == $post_id) { trigger_error('EMPTY_SUBJECT'); } $post_data['poll_last_vote'] = isset($post_data['poll_last_vote']) ? $post_data['poll_last_vote'] : 0; if ($post_data['poll_option_text'] && $post_id == $post_data['topic_first_post_id'] && $auth->acl_get('f_poll', $forum_id)) { $poll = array('poll_title' => $post_data['poll_title'], 'poll_length' => $post_data['poll_length'], 'poll_max_options' => $post_data['poll_max_options'], 'poll_option_text' => $post_data['poll_option_text'], 'poll_start' => $post_data['poll_start'], 'poll_last_vote' => $post_data['poll_last_vote'], 'poll_vote_change' => $post_data['poll_vote_change'], 'enable_bbcode' => $post_data['enable_bbcode'], 'enable_urls' => $post_data['enable_urls'], 'enable_smilies' => $post_data['enable_smilies'], 'img_status' => $img_status); $message_parser->parse_poll($poll); $post_data['poll_options'] = isset($poll['poll_options']) ? $poll['poll_options'] : ''; $post_data['poll_title'] = isset($poll['poll_title']) ? $poll['poll_title'] : ''; } else { $poll = array(); } // Check topic type if ($post_data['topic_type'] != POST_NORMAL && $post_data['topic_first_post_id'] == $post_id) { switch ($post_data['topic_type']) { case POST_GLOBAL: case POST_ANNOUNCE: $auth_option = 'f_announce'; break; case POST_STICKY: $auth_option = 'f_sticky'; break; default: $auth_option = ''; break; } if (!$auth->acl_get($auth_option, $forum_id)) { // There is a special case where a user edits his post whereby the topic type got changed by an admin/mod. // Another case would be a mod not having sticky permissions for example but edit permissions. // To prevent non-authed users messing around with the topic type we reset it to the original one. $post_data['topic_type'] = $post_data['orig_topic_type']; } } // DNSBL check if ($config['check_dnsbl']) { if (($dnsbl = $user->check_dnsbl('post')) !== false) { trigger_error(sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1])); } } // Check if we want to de-globalize the topic... and ask for new forum if ($post_data['topic_type'] != POST_GLOBAL) { $sql = 'SELECT topic_type, forum_id FROM ' . TOPICS_TABLE . "\r\r\n WHERE topic_id = {$topic_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row && !$row['forum_id'] && $row['topic_type'] == POST_GLOBAL) { $to_forum_id = request_var('to_forum_id', 0); if ($to_forum_id) { $sql = 'SELECT forum_type FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . $to_forum_id; $result = $db->sql_query($sql); $forum_type = (int) $db->sql_fetchfield('forum_type'); $db->sql_freeresult($result); if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id)) { $to_forum_id = 0; } } if (!$to_forum_id) { include_once $phpbb_root_path . 'includes/functions_admin.' . $phpEx; $template->assign_vars(array('S_FORUM_SELECT' => make_forum_select(false, false, false, true, true, true), 'S_UNGLOBALISE' => true)); $submit = false; $refresh = true; } else { if (!$auth->acl_get('f_post', $to_forum_id)) { // This will only be triggered if the user tried to trick the forum. trigger_error('NOT_AUTHORISED'); } $forum_id = $to_forum_id; } } } // Lock/Unlock Topic $change_topic_status = $post_data['topic_status']; $perm_lock_unlock = $auth->acl_get('m_lock', $forum_id) || $auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED ? true : false; if ($post_data['topic_status'] == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock) { $change_topic_status = ITEM_UNLOCKED; } else { if ($post_data['topic_status'] == ITEM_UNLOCKED && $topic_lock && $perm_lock_unlock) { $change_topic_status = ITEM_LOCKED; } } if ($change_topic_status != $post_data['topic_status']) { $sql = 'UPDATE ' . TOPICS_TABLE . "\r\r\n SET topic_status = {$change_topic_status}\r\r\n WHERE topic_id = {$topic_id}\r\r\n AND topic_moved_id = 0"; $db->sql_query($sql); $user_lock = $auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster'] ? 'USER_' : ''; add_log('mod', $forum_id, $topic_id, 'LOG_' . $user_lock . ($change_topic_status == ITEM_LOCKED ? 'LOCK' : 'UNLOCK'), $post_data['topic_title']); } // Lock/Unlock Post Edit if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id)) { $post_data['post_edit_locked'] = ITEM_UNLOCKED; } else { if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id)) { $post_data['post_edit_locked'] = ITEM_LOCKED; } } $data = array('topic_title' => empty($post_data['topic_title']) ? $post_data['post_subject'] : $post_data['topic_title'], 'topic_first_post_id' => isset($post_data['topic_first_post_id']) ? (int) $post_data['topic_first_post_id'] : 0, 'topic_last_post_id' => isset($post_data['topic_last_post_id']) ? (int) $post_data['topic_last_post_id'] : 0, 'topic_time_limit' => (int) $post_data['topic_time_limit'], 'topic_attachment' => isset($post_data['topic_attachment']) ? (int) $post_data['topic_attachment'] : 0, 'post_id' => (int) $post_id, 'topic_id' => (int) $topic_id, 'forum_id' => (int) $forum_id, 'icon_id' => (int) $post_data['icon_id'], 'poster_id' => (int) $post_data['poster_id'], 'enable_sig' => (bool) $post_data['enable_sig'], 'enable_bbcode' => (bool) $post_data['enable_bbcode'], 'enable_smilies' => (bool) $post_data['enable_smilies'], 'enable_urls' => (bool) $post_data['enable_urls'], 'enable_indexing' => (bool) $post_data['enable_indexing'], 'message_md5' => (string) $message_md5, 'post_time' => isset($post_data['post_time']) ? (int) $post_data['post_time'] : time(), 'post_checksum' => isset($post_data['post_checksum']) ? (string) $post_data['post_checksum'] : '', 'post_edit_reason' => $post_data['post_edit_reason'], 'post_edit_user' => $mode == 'edit' ? $user->data['user_id'] : (isset($post_data['post_edit_user']) ? (int) $post_data['post_edit_user'] : 0), 'forum_parents' => $post_data['forum_parents'], 'forum_name' => $post_data['forum_name'], 'notify' => $notify, 'poster_ip' => isset($post_data['poster_ip']) ? $post_data['poster_ip'] : $user->ip, 'post_edit_locked' => (int) $post_data['post_edit_locked'], 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'topic_approved' => isset($post_data['topic_approved']) ? $post_data['topic_approved'] : false, 'post_approved' => isset($post_data['post_approved']) ? $post_data['post_approved'] : false); $data['topic_replies_real'] = $post_data['topic_replies_real']; $data['topic_replies'] = $post_data['topic_replies']; include $phpbb_root_path . 'includes/functions_posting.' . $phpEx; $cwd = getcwd(); chdir('../'); $redirect_url = submit_post($mode, $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message); chdir($cwd); // Check the permissions for post approval, as well as the queue trigger where users are put on approval with a post count lower than specified. Moderators are not affected. $approved = true; if (($config['enable_queue_trigger'] && $user->data['user_posts'] < $config['queue_trigger_posts'] || !$auth->acl_get('f_noapprove', $data['forum_id'])) && !$auth->acl_get('m_approve', $data['forum_id'])) { $approved = false; } $reply_success = false; $post_id = ''; if ($redirect_url) { preg_match('/&p=(\\d+)/', $redirect_url, $matches); $post_id = $matches[1]; $reply_success = true; // get new post_content $message = censor_text($data['message']); $quote_wrote_string = $user->lang['WROTE']; $message = str_replace('[/quote:' . $data['bbcode_uid'] . ']', '[/quote]', $message); $message = preg_replace('/\\[quote(?:="(.*?)")?:' . $data['bbcode_uid'] . '\\]/ise', "'[quote]' . ('\$1' ? '\$1' . ' {$quote_wrote_string}:\n' : '\n')", $message); $blocks = preg_split('/(\\[\\/?quote\\])/i', $message, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE); $quote_level = 0; $message = ''; foreach ($blocks as $block) { if ($block == '[quote]') { if ($quote_level == 0) { $message .= $block; } $quote_level++; } else { if ($block == '[/quote]') { if ($quote_level <= 1) { $message .= $block; } if ($quote_level >= 1) { $quote_level--; } } else { if ($quote_level <= 1) { $message .= $block; } } } } $message = preg_replace('/\\[(youtube|video|googlevideo|gvideo):' . $data['bbcode_uid'] . '\\](.*?)\\[\\/\\1:' . $data['bbcode_uid'] . '\\]/sie', "video_bbcode_format('\$1', '\$2')", $message); $message = preg_replace('/\\[(BBvideo)[\\d, ]+:' . $row['bbcode_uid'] . '\\](.*?)\\[\\/\\1:' . $row['bbcode_uid'] . '\\]/si', "[url=\$2]YouTube Video[/url]", $message); $message = preg_replace('/\\[(spoil|spoiler):' . $row['bbcode_uid'] . '\\](.*?)\\[\\/\\1:' . $row['bbcode_uid'] . '\\]/si', "[spoiler]\$2[/spoiler]", $message); $message = preg_replace('/\\[b:' . $data['bbcode_uid'] . '\\](.*?)\\[\\/b:' . $data['bbcode_uid'] . '\\]/si', '[b]$1[/b]', $message); $message = preg_replace('/\\[i:' . $data['bbcode_uid'] . '\\](.*?)\\[\\/i:' . $data['bbcode_uid'] . '\\]/si', '[i]$1[/i]', $message); $message = preg_replace('/\\[u:' . $data['bbcode_uid'] . '\\](.*?)\\[\\/u:' . $data['bbcode_uid'] . '\\]/si', '[u]$1[/u]', $message); $message = preg_replace('/\\[color=#(\\w{6}):' . $data['bbcode_uid'] . '\\](.*?)\\[\\/color:' . $data['bbcode_uid'] . '\\]/si', '[color=#$1]$2[/color]', $message); // Second parse bbcode here if ($data['bbcode_bitfield']) { $bbcode = new bbcode(base64_encode($data['bbcode_bitfield'])); $bbcode->bbcode_second_pass($message, $data['bbcode_uid'], $data['bbcode_bitfield']); } $message = bbcode_nl2br($message); $message = smiley_text($message); if (!empty($data['attachment_data'])) { parse_attachments($forum_id, $message, $data['attachment_data'], $update_count); } $updated_post_title = html_entity_decode(strip_tags(censor_text($data['topic_title'])), ENT_QUOTES, 'UTF-8'); } $xmlrpc_reply_topic = new xmlrpcval(array('result' => new xmlrpcval($reply_success, 'boolean'), 'state' => new xmlrpcval($approved ? 0 : 1, 'int'), 'post_title' => new xmlrpcval($updated_post_title, 'base64'), 'post_content' => new xmlrpcval(post_html_clean($message), 'base64')), 'struct'); return new xmlrpcresp($xmlrpc_reply_topic); }
if (!empty($topic_tags)) { $topic_tags = trim($topic_tags); while(substr($topic_tags, -1) == ',') { $topic_tags = trim(substr($topic_tags, 0, -1)); } $topic_tags_array = $class_topics_tags->create_tags_array($topic_tags); $topic_tags = implode(', ', array_filter(array_unique($topic_tags_array))); $topic_tags = substr($topic_tags, 0, 254); //die($topic_tags); } unset($class_topics_tags); } submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $topic_type, $bbcode_on, $html_on, $acro_auto_on, $smilies_on, $attach_sig, $username, $subject, $topic_title_clean, $topic_tags, $message, $poll_title, $poll_options, $poll_data, $reg_active, $reg_reset, $reg_max_option1, $reg_max_option2, $reg_max_option3, $reg_length, $news_category, $topic_show_portal, $mark_edit, $topic_desc, $topic_calendar_time, $topic_calendar_duration); } break; case 'delete': case 'poll_delete': if ($error_msg != '') { message_die(GENERAL_MESSAGE, $error_msg); } if (!class_exists('class_mcp')) include(IP_ROOT_PATH . 'includes/class_mcp.' . PHP_EXT); if (empty($class_mcp)) $class_mcp = new class_mcp(); $class_mcp->post_delete($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id); break; }
/** * Submits a new idea. * * @param string $title The title of the idea. * @param string $message The description of the idea. * @param int $user_id The ID of the author. * * @return array|int Either an array of errors, or the ID of the new idea. */ public function submit($title, $message, $user_id) { $error = array(); if (utf8_clean_string($title) === '') { $error[] = $this->language->lang('TITLE_TOO_SHORT'); } if (utf8_strlen($title) > 64) { $error[] = $this->language->lang('TITLE_TOO_LONG'); } if (utf8_strlen($message) < $this->config['min_post_chars']) { $error[] = $this->language->lang('TOO_FEW_CHARS'); } if (utf8_strlen($message) > $this->config['max_post_chars']) { $error[] = $this->language->lang('TOO_MANY_CHARS'); } if (count($error)) { return $error; } // Submit idea $sql_ary = array('idea_title' => $title, 'idea_author' => $user_id, 'idea_date' => time(), 'topic_id' => 0); $idea_id = $this->insert_idea_data($sql_ary, 'table_ideas'); // Initial vote $idea = $this->get_idea($idea_id); $this->vote($idea, $this->user->data['user_id'], 1); $uid = $bitfield = $options = ''; generate_text_for_storage($message, $uid, $bitfield, $options, true, true, true); $data = array('forum_id' => (int) $this->config['ideas_forum_id'], 'topic_id' => 0, 'icon_id' => false, 'poster_id' => (int) $this->config['ideas_poster_id'], 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $message, 'message_md5' => md5($message), 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'post_edit_locked' => 0, 'topic_title' => $title, 'notify_set' => false, 'notify' => false, 'post_time' => 0, 'forum_name' => 'Ideas forum', 'enable_indexing' => true, 'force_approved_state' => true); // Get Ideas Bot info $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . (int) $this->config['ideas_poster_id']; $result = $this->db->sql_query_limit($sql, 1); $poster_bot = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); $poster_bot['is_registered'] = true; $tmpdata = $this->user->data; $this->user->data = $poster_bot; $poll = array(); submit_post('post', $title, $this->user->data['username'], POST_NORMAL, $poll, $data); $this->user->data = $tmpdata; // Edit topic ID into idea; both should link to each other $sql_ary = array('topic_id' => $data['topic_id']); $this->update_idea_data($sql_ary, $idea_id, 'table_ideas'); return $idea_id; }
if (sizeof($message_parser->warn_msg)) { $error[] = implode('<br />', $message_parser->warn_msg); $message_parser->warn_msg = array(); } $message_parser->parse($post_data['enable_bbcode'], $config['allow_post_links'] ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']); // on a refresh we do not care about message parsing errors if (sizeof($message_parser->warn_msg) && $refresh) { $message_parser->warn_msg = array(); } } else { $message_parser->bbcode_bitfield = $post_data['bbcode_bitfield']; } // grab md5 'checksum' of new message $message_md5 = md5($message_parser->message); $data = array('topic_title' => $title, 'topic_first_post_id' => isset($post_data['topic_first_post_id']) ? (int) $post_data['topic_first_post_id'] : 0, 'topic_last_post_id' => isset($post_data['topic_last_post_id']) ? (int) $post_data['topic_last_post_id'] : 0, 'topic_time_limit' => (int) $post_data['topic_time_limit'], 'topic_attachment' => isset($post_data['topic_attachment']) ? (int) $post_data['topic_attachment'] : 0, 'post_id' => (int) $post_id, 'topic_id' => (int) $topic_id, 'forum_id' => (int) $forum_id, 'icon_id' => (int) $post_data['icon_id'], 'poster_id' => (int) $post_data['poster_id'], 'enable_sig' => (bool) $post_data['enable_sig'], 'enable_bbcode' => (bool) $post_data['enable_bbcode'], 'enable_smilies' => (bool) $post_data['enable_smilies'], 'enable_urls' => (bool) $post_data['enable_urls'], 'enable_indexing' => (bool) $post_data['enable_indexing'], 'message_md5' => (string) $message_md5, 'post_time' => isset($post_data['post_time']) ? (int) $post_data['post_time'] : $current_time, 'post_checksum' => isset($post_data['post_checksum']) ? (string) $post_data['post_checksum'] : '', 'post_edit_reason' => $post_data['post_edit_reason'], 'post_edit_user' => $mode == 'edit' ? $user->data['user_id'] : (isset($post_data['post_edit_user']) ? (int) $post_data['post_edit_user'] : 0), 'forum_parents' => $post_data['forum_parents'], 'forum_name' => $post_data['forum_name'], 'notify' => $notify, 'notify_set' => $post_data['notify_set'], 'poster_ip' => isset($post_data['poster_ip']) ? $post_data['poster_ip'] : $user->ip, 'post_edit_locked' => (int) $post_data['post_edit_locked'], 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'topic_approved' => isset($post_data['topic_approved']) ? $post_data['topic_approved'] : false, 'post_approved' => isset($post_data['post_approved']) ? $post_data['post_approved'] : false); $output = clean(submit_post($mode, $title, $username, POST_NORMAL, $poll, $data, $update_message, 0)); } } // *************************** // ********* SEARCH ********** // *************************** if ($search) { include $phpbb_root_path . 'includes/functions_display.' . $phpEx; // configure style, language, etc. $user->setup('viewforum', $user->data['user_style']); // figure out what kind of reply counter to use $replyStr = $auth->acl_get('m_approve', $id) ? 'topic_replies_real' : 'topic_replies'; // topic approved $sql_approved = $auth->acl_get('m_approve', $id) ? '' : ' AND ' . TOPICS_TABLE . '.topic_approved = 1'; $sql = "SELECT topic_id,topic_moved_id,topic_title,topic_last_post_time,topic_last_poster_name,username,topic_time,topic_views,{$replyStr},forum_id FROM (" . TOPICS_TABLE . ") LEFT JOIN " . USERS_TABLE . " ON user_id=topic_poster WHERE topic_title LIKE '%" . $db->sql_escape($search) . "%' AND topic_type IN (" . POST_NORMAL . "){$sql_approved} ORDER BY topic_type DESC,topic_last_post_time DESC"; $result = $db->sql_query($sql);
$sql = 'UPDATE ' . FORUMS_TOPICS_TABLE . "\n\t\t\t\t\tSET topic_status = {$change_topic_status}\n\t\t\t\t\tWHERE topic_id = {$topic_id}\n\t\t\t\t\t\tAND topic_moved_id = 0"; $_CLASS['core_db']->query($sql); $user_lock = $_CLASS['auth']->acl_get('f_user_lock', $forum_id) && $_CLASS['core_user']->is_user && $_CLASS['core_user']->data['user_id'] == $topic_poster ? 'USER_' : ''; //add_log('mod', $forum_id, $topic_id, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), $posting_data['topic_title']); } // Lock/Unlock Post Edit if ($mode == 'edit' && $posting_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $_CLASS['auth']->acl_get('m_edit', $forum_id)) { $posting_data['post_edit_locked'] = ITEM_UNLOCKED; } else { if ($mode == 'edit' && $posting_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $_CLASS['auth']->acl_get('m_edit', $forum_id)) { $posting_data['post_edit_locked'] = ITEM_LOCKED; } } $post_data = array('topic_title' => !$posting_data['topic_title'] ? $subject : $posting_data['topic_title'], 'topic_first_post_id' => isset($topic_first_post_id) ? (int) $topic_first_post_id : 0, 'topic_last_post_id' => isset($topic_last_post_id) ? (int) $topic_last_post_id : 0, 'topic_time_limit' => (int) $topic_time_limit, 'topic_status' => (int) $posting_data['topic_status'], 'post_id' => (int) $post_id, 'topic_id' => (int) $topic_id, 'forum_id' => (int) $forum_id, 'icon_id' => (int) $icon_id, 'poster_id' => (int) $posting_data['poster_id'], 'enable_sig' => (bool) $enable_sig, 'enable_bbcode' => (bool) $enable_bbcode, 'enable_html' => (bool) $enable_html, 'enable_smilies' => (bool) $enable_smilies, 'enable_urls' => (bool) $enable_urls, 'enable_indexing' => (bool) $enable_indexing, 'message_md5' => (string) $message_md5, 'post_time' => $posting_data['post_time'] ? (int) $posting_data['post_time'] : $current_time, 'post_checksum' => isset($post_checksum) ? (string) $post_checksum : '', 'post_edit_reason' => $posting_data['post_edit_reason'], 'post_edit_user' => $mode == 'edit' ? $_CLASS['core_user']->data['user_id'] : (isset($post_edit_user) ? (int) $post_edit_user : 0), 'forum_parents' => $forum_parents, 'forum_name' => $forum_name, 'notify' => $notify, 'notify_set' => $notify_set, 'poster_ip' => isset($poster_ip) ? (int) $poster_ip : $_CLASS['core_user']->ip, 'post_edit_locked' => (int) $posting_data['post_edit_locked'], 'bbcode_bitfield' => (int) $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data); unset($message_parser); submit_post($mode, $subject, $posting_data['username'], $posting_data['topic_type'], $poll, $post_data, $update_message); } } $post_subject = stripslashes($subject); } // Preview if (!sizeof($error) && $preview) { $posting_data['post_time'] = $mode == 'edit' ? $posting_data['post_time'] : $current_time; $preview_message = $message_parser->format_display($enable_html, $enable_bbcode, $enable_urls, $enable_smilies, false); $preview_signature = $mode == 'edit' ? $user_sig : $_CLASS['core_user']->data['user_sig']; $preview_signature_uid = $mode == 'edit' ? $user_sig_bbcode_uid : $_CLASS['core_user']->data['user_sig_bbcode_uid']; $preview_signature_bitfield = $mode == 'edit' ? $user_sig_bbcode_bitfield : $_CLASS['core_user']->data['user_sig_bbcode_bitfield']; // Signature if ($enable_sig && $config['allow_sig'] && $preview_signature && $_CLASS['auth']->acl_get('f_sigs', $forum_id)) { $parse_sig = new parse_message($preview_signature); $parse_sig->bbcode_uid = $preview_signature_uid;
/** * post application on forum * * @param array $post_data * @param array $current_time * @param string $candidate_name * @param int $template_id */ public function make_apply_posting($post_data, $current_time, $candidate_name, $template_id) { global $auth, $config, $db, $user, $phpbb_root_path, $phpEx, $captcha; $candidate = new \bbdkp\apply\dkp_character(); $candidate->name = $candidate_name; $sql = "SELECT * from " . APPTEMPLATELIST_TABLE . " WHERE template_id = " . $template_id; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); if (isset($row)) { $this->questioncolor = $row['question_color']; $this->answercolor = $row['answer_color']; $this->gchoice = $row['gchoice']; // add char to guild ? $this->candidate_guild_id = $row['guild_id']; $this->statsposition = $row['statpos']; } $Guild = new \bbdkp\controller\guilds\Guilds($this->candidate_guild_id); $candidate->build_candidate($this); // if user belongs to group that can add a character then attempt to register a dkp character // guests should never be able to register characters (i.e user anonymous) if ($auth->acl_get('u_dkp_charadd')) { $candidate->register_bbdkp($Guild); } // build post $this->message = ''; // load formatted questions and answers, max 100 $sql = "SELECT * FROM " . APPTEMPLATE_TABLE . ' WHERE template_id = ' . $template_id . ' ORDER BY qorder'; $result = $db->sql_query_limit($sql, 100, 0); $this->titlecount = 0; while ($row = $db->sql_fetchrow($result)) { switch ($row['type']) { case 'title': $this->build_title_open($row['header']); break; case 'charname': if (isset($_POST['candidate_name'])) { $this->build_candidate_name($candidate, $Guild); if ($this->statsposition == 'APPLY_TOP') { $this->build_WoW_statistics($candidate); } } break; case 'Checkboxes': if (isset($_POST['templatefield_' . $row['qorder']])) { $this->build_checkboxes($row['header'], $row['question'], $row['qorder'], $row['showquestion']); } break; case 'Inputbox': case 'Textbox': case 'Textboxbbcode': case 'Selectbox': case 'Radiobuttons': if (isset($_POST['templatefield_' . $row['qorder']])) { $this->build_textbox_answers($row['question'], $row['qorder'], $row['showquestion']); } break; } } $this->build_title_close(); if ($this->statsposition == 'APPLY_BOTTOM') { $this->build_WoW_statistics($candidate); } $db->sql_freeresult($result); // variables to hold the parameters for submit_post $poll = $uid = $bitfield = $options = ''; // parsed code generate_text_for_storage($this->message, $uid, $bitfield, $options, true, true, true); // subject & username //$post_data['post_subject'] = utf8_normalize_nfc(request_var('headline', $user->data['username'], true)); $post_subj = (string) $candidate->name . " - " . $candidate->level . " " . $candidate->race . " " . $candidate->class; // Store message, sync counters $data = array('forum_id' => (int) $post_data['forum_id'], 'topic_first_post_id' => 0, 'topic_last_post_id' => 0, 'topic_attachment' => 0, 'icon_id' => false, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $this->message, 'message_md5' => md5($this->message), 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'topic_title' => $post_subj, 'notify_set' => false, 'notify' => false, 'post_time' => $current_time, 'poster_ip' => $user->ip, 'forum_name' => '', 'post_edit_locked' => 1, 'enable_indexing' => true, 'post_approved' => 1); //submit post $post_url = submit_post('post', $post_subj, $user->data['username'], POST_NORMAL, $poll, $data); $redirect_url = $post_url; if ($config['enable_post_confirm'] && (isset($captcha) && $captcha->is_solved() === true)) { $captcha->reset(); } //redirect to post meta_refresh(3, $redirect_url); $message = 'POST_STORED'; $message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $redirect_url . '">', '</a>'); $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $data['forum_id']) . '">', '</a>'); trigger_error($message); }
'notify_set' => '', 'post_time' => $article_data['post_time'], 'forum_name' => $forum_data['forum_name'], 'post_edit_reason' => $article_data['post_edit_reason'], 'topic_replies_real' => $article_data['topic_replies_real'], 'poster_id' => $article_data['poster_id'], 'post_id' => &$article_data['post_id'], 'topic_id' => &$article_data['topic_id'], 'topic_poster' => $article_data['topic_poster'], 'topic_first_post_id' => $article_data['topic_first_post_id'], 'topic_last_post_id' => $article_data['topic_last_post_id'], ); $poll = false; submit_post(($mode == 'add' ? 'post' : 'edit'), $article_data['article_title'], $article_data['topic_first_poster_name'], POST_NORMAL, $poll, $data); /** * Insert into our own custom database */ $sql_ary = array( 'topic_id' => $article_data['topic_id'], 'article_name' => $article_data['article_name'], 'article_desc' => $article_data['article_desc'], 'article_content' => $article_content_parsed, ); if ($mode == 'add') { $sql = 'INSERT INTO ' . KB_ARTICLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); $db->sql_query($sql);
} switch ($mode) { case 'editpost': case 'newtopic': case 'reply': $username = !empty($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : ''; $subject = !empty($HTTP_POST_VARS['subject']) ? trim($HTTP_POST_VARS['subject']) : ''; $message = !empty($HTTP_POST_VARS['message']) ? $HTTP_POST_VARS['message'] : ''; $poll_title = isset($HTTP_POST_VARS['poll_title']) && $is_auth['auth_pollcreate'] ? $HTTP_POST_VARS['poll_title'] : ''; $poll_options = isset($HTTP_POST_VARS['poll_option_text']) && $is_auth['auth_pollcreate'] ? $HTTP_POST_VARS['poll_option_text'] : ''; $poll_length = isset($HTTP_POST_VARS['poll_length']) && $is_auth['auth_pollcreate'] ? $HTTP_POST_VARS['poll_length'] : ''; $bbcode_uid = ''; prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $message, $poll_title, $poll_options, $poll_length); if ($error_msg == '') { $topic_type = $topic_type != $post_data['topic_type'] && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] ? $post_data['topic_type'] : $topic_type; submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, str_replace("\\'", "''", $username), str_replace("\\'", "''", $subject), str_replace("\\'", "''", $message), str_replace("\\'", "''", $poll_title), $poll_options, $poll_length); } break; case 'delete': case 'poll_delete': if ($error_msg != '') { message_die(GENERAL_MESSAGE, $error_msg); } delete_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id); break; } if ($error_msg == '') { if ($mode != 'editpost') { $user_id = $mode == 'reply' || $mode == 'newtopic' ? $userdata['user_id'] : $post_data['poster_id']; update_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $user_id); }
$user->setup('viewtopic', $topicrow['forum_style']); $uid = $bitfield = $options = ''; // will be modified by generate_text_for_storage $allow_bbcode = $allow_urls = $allow_smilies = true; generate_text_for_storage($message, $uid, $bitfield, $options, $allow_bbcode, $allow_urls, $allow_smilies); // Grab ranks $ranks = $cache->obtain_ranks(); // Grab icons $icons = $cache->obtain_icons(); // Navigation links generate_forum_nav($topicrow); $data = array('topic_title' => $topicrow['topic_title'], 'topic_first_post_id' => isset($topicrow['topic_first_post_id']) ? (int) $topicrow['topic_first_post_id'] : 0, 'topic_last_post_id' => isset($topicrow['topic_last_post_id']) ? (int) $topicrow['topic_last_post_id'] : 0, 'topic_time_limit' => (int) $topicrow['topic_time_limit'], 'topic_attachment' => 0, 'post_id' => 0, 'topic_id' => (int) $topic_id, 'forum_id' => (int) $forum_id, 'icon_id' => 0, 'poster_id' => $user->data['user_id'], 'enable_sig' => true, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_indexing' => true, 'message_md5' => (string) md5($message), 'post_time' => $current_time, 'post_checksum' => '', 'post_edit_reason' => '', 'post_edit_user' => 0, 'forum_parents' => $topicrow['forum_parents'], 'forum_name' => $topicrow['forum_name'], 'notify' => false, 'notify_set' => '', 'poster_ip' => $user->ip, 'post_edit_locked' => 0, 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'message' => $message, 'attachment_data' => '', 'filename_data' => ''); $subject = utf8_normalize_nfc(request_var('subject', '', true)); $subject = !$subject ? "Re: {$topicrow['topic_title']}" : $subject; $submitmode = 'reply'; submit_post($submitmode, $subject, $user->data['username'], $topicrow['topic_type'], $poll, $data, $update_message = true); $rank_title = $rank_image = $rank_image_src = $user_age = ''; $post_id = $data['post_id']; } $_RESULT['success'] = true; echo $post_id; } else { if ($mode == 'topic_preview') { /** Preview topic */ // Set up language $user->setup('viewtopic'); // Init variables $_RESULT['success'] = true; $topic_id = request_var('t', 0);
$message = utf8_normalize_nfc($message); //var_dump($message);echo"\n\n\n\n"; // Restore the var $message_parser->message =& $message; //var_dump($message_parser->message);echo"\n\n\n\n"; /* *Now we can handle the post as in the submit action */ // Define flags $post_flags = array('enable_bbcode' => $config['allow_bbcode'] ? $post_data['enable_bbcode'] : false, 'enable_magic_url' => $config['allow_post_links'] ? $post_data['enable_magic_url'] : false, 'enable_smilies' => $post_data['enable_smilies'], 'img_status' => $config['allow_bbcode'] ? true : false, 'flash_status' => $config['allow_bbcode'] && $config['allow_post_flash'] ? true : false, 'enable_urls' => $config['allow_post_links']); // Parse the post $message_parser->parse($post_flags['enable_bbcode'], $post_flags['enable_magic_url'], $post_flags['enable_smilies'], $post_flags['img_status'], $post_flags['flash_status'], true, $post_flags['enable_urls']); // Update the post data $post_data = array_merge($post_data, $post_flags, array('message' => $message_parser->message, 'message_md5' => md5($message_parser->message), 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid)); // Make sure some required vars are set $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify' => 0, 'notify_set' => 0); foreach ($uninit as $var_name => $default_value) { if (!isset($post_data[$var_name])) { $post_data[$var_name] = $default_value; } } unset($uninit); // Handle poll $poll = array(); // DEBUG echo '<pre>'; var_dump($message_parser); echo '</pre>'; // Now its time to submit the post submit_post('edit', $post_data['post_subject'], $post_data['post_username'], $post_data['topic_type'], $poll, $post_data, true, true); exit;
function phpbb_insert_reply($topic_id = null, $username = null, $subject = null, $message = null) { global $CFG, $userdata, $phpbb_root_path, $phpEx; include_once $phpbb_root_path . 'includes/functions_post.' . $phpEx; if (empty($username)) { phpbb_raise_error('Username must not be empty.'); } if (empty($subject)) { phpbb_raise_error('Subject must not be empty.'); } if (empty($message)) { phpbb_raise_error('Message must not be empty.'); } if (empty($topic_id)) { phpbb_raise_error('Topic does not exists.'); } $sql = 'SELECT f.*, t.topic_status, t.topic_title FROM ' . FORUMS_TABLE . ' f, ' . TOPICS_TABLE . ' t WHERE t.topic_id = ' . $topic_id . ' AND f.forum_id = t.forum_id'; $result = phpbb_fetch_row($sql); if ($result) { $forum_id = $result['forum_id']; $forum_name = $result['forum_name']; } else { phpbb_raise_error('Forum does not exists.', __FILE__, __LINE__, $sql); } // // save the username and override it for assigning the post to the given // user // $old_username = $userdata['user_id']; $userdata['user_id'] = $username; $error_msg = ''; $return_message = ''; $return_meta = ''; $mode = 'reply'; $post_data = array(); $bbcode_on = TRUE; $html_on = TRUE; $smilies_on = 0; $poll_title = ''; $poll_options = ''; $poll_length = ''; $bbcode_uid = ''; $attach_sig = 0; prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $message, $poll_title, $poll_options, $poll_length); if ($error_msg == '') { $topic_type = POST_NORMAL; submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, str_replace("\\'", "''", $username), str_replace("\\'", "''", $subject), str_replace("\\'", "''", $message), str_replace("\\'", "''", $poll_title), $poll_options, $poll_length); if ($error_msg == '') { update_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $username); if ($error_msg != '') { phpbb_raise_error($error_msg); } add_search_words('single', $post_id, stripslashes($message), stripslashes($subject)); } else { phpbb_raise_error($error_msg); } } else { phpbb_raise_error($error_msg); } $userdata['user_id'] = $old_username; return $post_id; }
public function pushToEligius($rawtx) { $url = "http://eligius.st/~wizkid057/newstats/pushtxn.php"; $data = array("send" => "Push", "transaction" => $rawtx); return submit_post($url, $data); }
/** * Display the form * * @access public */ public function displayform() { $this->user->add_lang_ext('rmcgirr83/applicationform', 'application'); // user can't be a guest and can't be a bot if ($this->user->data['is_bot'] || $this->user->data['user_id'] == ANONYMOUS) { throw new http_exception(401, 'LOGIN_APPLICATION_FORM'); } add_form_key('appform'); if ($this->request->is_set_post('submit')) { // Test if form key is valid if (!check_form_key('appform')) { trigger_error($this->user->lang['FORM_INVALID'], E_USER_WARNING); } if (utf8_clean_string($this->request->variable('name', '')) === '' || utf8_clean_string($this->request->variable('why', '')) === '') { trigger_error($this->user->lang['APP_NOT_COMPLETELY_FILLED'], E_USER_WARNING); } $sql = 'SELECT forum_name FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . (int) $this->config['appform_forum_id']; $result = $this->db->sql_query($sql); $forum_name = $this->db->sql_fetchfield('forum_name'); $this->db->sql_freeresult($result); // Setting the variables we need to submit the post to the forum where all the applications come in $subject = sprintf($this->user->lang['APPLICATION_SUBJECT'], $this->user->data['username']); $apply_post = sprintf($this->user->lang['APPLICATION_MESSAGE'], get_username_string('full', $this->user->data['user_id'], $this->user->data['username'], $this->user->data['user_colour']), utf8_normalize_nfc($this->request->variable('name', '', true)), $this->user->data['user_email'], $this->request->variable('postion', '', true), utf8_normalize_nfc($this->request->variable('why', '', true))); // variables to hold the parameters for submit_post $uid = $bitfield = $options = ''; generate_text_for_storage($apply_post, $uid, $bitfield, $options, true, true, true); $data = array('forum_id' => $this->config['appform_forum_id'], 'icon_id' => false, 'poster_id' => $this->user->data['user_id'], 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $apply_post, 'message_md5' => md5($apply_post), 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'poster_ip' => $this->user->ip, 'post_edit_locked' => 0, 'topic_title' => $subject, 'notify_set' => false, 'notify' => false, 'post_time' => time(), 'forum_name' => $forum_name, 'enable_indexing' => true, 'force_approved_state' => true, 'force_visibility' => true); $poll = array(); // Submit the post! submit_post('post', $subject, $this->user->data['username'], POST_NORMAL, $poll, $data); $message = $this->user->lang['APPLICATION_SEND']; $message = $message . '<br /><br />' . sprintf($this->user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$this->root_path}index.{$this->php_ext}") . '">', '</a>'); trigger_error($message); } $this->template->assign_vars(array('APPLICATION_POSITIONS' => $this->display_positions(explode("\n", $this->config['appform_positions'])))); // Send all data to the template file return $this->helper->render('appform_body.html', $this->user->lang('APPLICATION_PAGETITLE')); }
/** * Run the tool */ function run_tool() { global $cache, $config, $db, $user; // Prevent some errors from missing language strings. $user->add_lang('posting'); // Define some vars that we'll need $reparse_id = request_var('reparseids', ''); $reparse_pm_id = request_var('reparsepms', ''); $mode = request_var('mode', BBCODE_REPARSE_POSTS); $step = request_var('step', 0); $start = $step * $this->step_size; $cnt = 0; // If post IDs or PM IDs were specified, we need to make sure the list is valid. $reparse_posts = array(); $reparse_pms = array(); if (!empty($reparse_id)) { $reparse_posts = explode(',', $reparse_id); if (!sizeof($reparse_posts)) { trigger_error('REPARSE_IDS_INVALID'); } // Make sure there's no extra whitespace array_walk($reparse_posts, array($this, '_trim_post_ids')); $cache->put('_stk_reparse_posts', $reparse_posts); } else { if ($mode == BBCODE_REPARSE_POSTS) { if (($result = $cache->get('_stk_reparse_posts')) !== false) { $reparse_posts = $result; } } } if (!empty($reparse_pm_id)) { $reparse_pms = explode(',', $reparse_pm_id); if (!sizeof($reparse_pms)) { trigger_error('REPARSE_IDS_INVALID'); } // Again, make sure the format is okay array_walk($reparse_pms, array($this, '_trim_post_ids')); $cache->put('_stk_reparse_pms', $reparse_pms); } else { if ($mode == BBCODE_REPARSE_PMS) { if (($result = $cache->get('_stk_reparse_pms')) !== false) { $reparse_pms = $result; } } } // The message parser if (!class_exists('parse_message')) { global $phpbb_root_path, $phpEx; // required! include PHPBB_ROOT_PATH . 'includes/message_parser.' . PHP_EXT; } // Posting helper functions if ($mode == BBCODE_REPARSE_POSTS && !function_exists('submit_post')) { include PHPBB_ROOT_PATH . 'includes/functions_posting.' . PHP_EXT; } // PM helper function if ($mode == BBCODE_REPARSE_PMS && !function_exists('submit_pm')) { include PHPBB_ROOT_PATH . 'includes/functions_privmsgs.' . PHP_EXT; } // First step? Prepare the backup // For now disabled. Have to see how to implement this with regards to sigs and pms // if ($step == 0) // { // $this->_prepare_backup(); // $this->_next_step($step); // } // Greb our batch $bitfield = isset($_POST['reparseall']) ? true : false; switch ($mode) { case BBCODE_REPARSE_POSTS: $sql_ary = array('SELECT' => 'f.*, p.*, t.*, u.username', 'FROM' => array(FORUMS_TABLE => 'f', POSTS_TABLE => 'p', TOPICS_TABLE => 't', USERS_TABLE => 'u'), 'WHERE' => ($bitfield ? "p.bbcode_bitfield != '' AND " : '') . 't.topic_id = p.topic_id AND u.user_id = p.poster_id AND f.forum_id = t.forum_id' . (sizeof($reparse_posts) ? ' AND ' . $db->sql_in_set('p.post_id', $reparse_posts) : '')); break; case BBCODE_REPARSE_PMS: $sql_ary = array('SELECT' => 'pm.*, u.username AS author_name', 'FROM' => array(PRIVMSGS_TABLE => 'pm', USERS_TABLE => 'u'), 'WHERE' => ($bitfield ? "pm.bbcode_bitfield != '' AND " : '') . 'u.user_id = pm.author_id' . (sizeof($reparse_pms) ? ' AND ' . $db->sql_in_set('pm.msg_id', $reparse_pms) : '')); break; case BBCODE_REPARSE_SIGS: $sql_ary = array('SELECT' => 'u.*', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => $bitfield ? "u.user_sig_bbcode_bitfield != ''" : ''); break; } $sql = $db->sql_build_query('SELECT', $sql_ary); $result = $db->sql_query_limit($sql, $this->step_size, $start); $batch = $db->sql_fetchrowset($result); $db->sql_freeresult($result); // Finished? if (!$batch && $mode == BBCODE_REPARSE_SIGS) { // Done! $cache->destroy('_stk_reparse_posts'); $cache->destroy('_stk_reparse_pms'); trigger_error($user->lang['REPARSE_BBCODE_COMPLETE']); } else { if (!$batch) { // Move to the next type $this->_next_step(0, $mode, true); } } // Backup // For now disabled. Have to see how to implement this with regards to sigs and pms // $this->_backup($batch); // User object used to store a second user object used when parsing signatures. (#62451) $_user2 = new user(); // Walk through the batch foreach ($batch as $this->data) { // The flags for signatures are hidden inside the user options. if ($mode == BBCODE_REPARSE_SIGS) { // Set the options $this->data['enable_bbcode'] = $_user2->optionget('sig_bbcode', $this->data['user_options']); $this->data['enable_magic_url'] = $_user2->optionget('sig_links', $this->data['user_options']); $this->data['enable_smilies'] = $_user2->optionget('sig_smilies', $this->data['user_options']); } // Update the post flags $this->flags['enable_bbcode'] = $config['allow_bbcode'] ? $this->data['enable_bbcode'] : false; $this->flags['enable_magic_url'] = $config['allow_post_links'] ? $this->data['enable_magic_url'] : false; $this->flags['enable_smilies'] = $this->data['enable_smilies'] ? true : false; $this->flags['img_status'] = $config['allow_bbcode'] ? true : false; $this->flags['flash_status'] = $config['allow_bbcode'] && $config['allow_post_flash'] ? true : false; $this->flags['enable_urls'] = $config['allow_post_links'] ? true : false; // Reparse them! $pm_data = $post_data = $sig_data = array(); switch ($mode) { case BBCODE_REPARSE_POSTS: // Setup the parser $this->message_parser = new parse_message($this->data['post_text']); unset($this->data['post_text']); // Reparse the post $this->_reparse_post($post_data); // Re-submit the post through API submit_post('edit', $this->data['post_subject'], $this->data['username'], $this->data['topic_type'], $this->poll, $post_data, true, true); break; case BBCODE_REPARSE_PMS: // Setup the parser $this->message_parser = new parse_message($this->data['message_text']); unset($this->data['post_text']); // Reparse the pm $this->_reparse_pm($pm_data); // Re-submit the pm through the API submit_pm('edit', $this->data['message_subject'], $pm_data, false); break; case BBCODE_REPARSE_SIGS: // SEtup the parser $this->message_parser = new parse_message($this->data['user_sig']); unset($this->data['user_sig']); // Reparse the sig $this->_reparse_sig($sig_data); // Insert back into the db $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sig_data) . ' WHERE user_id = ' . (int) $this->data['user_id']; $db->sql_query($sql); break; } // Unset some vars so the next round starts clean $this->message_parser = null; $this->poll_parser = null; unset($this->poll, $post_data, $pm_data); $this->flags = array_fill_keys(array_keys($this->flags), false); $_user2->keyvalues = array(); } // Next step $this->_next_step($step, $mode); }
'post_time' => $post['post_time'], 'forum_name' => $forum_data['forum_name'], 'post_edit_reason' => $row['post_edit_reason'], 'topic_replies_real' => $row['topic_replies_real'], 'poster_id' => $row['poster_id'], 'post_id' => &$row['post_id'], 'topic_id' => &$row['topic_id'], 'topic_poster' => $row['topic_poster'], 'topic_first_post_id' => $row['topic_first_post_id'], 'topic_last_post_id' => $row['topic_last_post_id'], 'post_approved' => 0, ); $poll = false; submit_post('edit', $row['mod_hu_title'], $row['topic_first_poster_name'], POST_NORMAL, $poll, $data); send_notification(array($row['topic_poster']), 'mod_update_error', array( 'MOD_HU_TITLE' => $row['mod_hu_title'], 'MOD_EN_TITLE' => $row['mod_en_title'], 'MOD_OLD_VERSION' => isset($row['mod_old_version']) ? $row['mod_old_version'] : $row['mod_version'], 'MOD_NEW_VERSION' => isset($row['mod_old_version']) ? $row['mod_version'] : $user->lang['VERSION_UNKNOWN'], 'MOD_DESC' => $row['mod_desc'], 'MOD_AUTHOR' => $row['mod_author_name'], 'ERRORS' => implode("\n", $e->getErrors()), 'U_MOD_AUTHOR' => 'http://www.phpbb.com/community/memberlist.php?mode=viewprofile&u=' . $row['mod_author_id'], 'U_MOD_COM_DB' => 'http://www.phpbb.com/mods/db/index.php?i=misc&mode=display&contrib_id=' . $row['mod_db_id'], 'U_LOC_PACK' => generate_board_url() . '/' . $config['mods_loc_store_path'] . $row['mod_filename'] . '.zip', 'U_MOD_PACK' => generate_board_url() . '/' . $config['downloads_path'] . '/mods/' . $row['mod_filename'] . '.zip', 'U_MOD' => generate_board_url() . '/' . $url_rewriter->rewrite("{$phpbb_root_path}mods.{$phpEx}", "mode=mod&id={$row['mod_id']}"), ));
if (sizeof($message_parser->warn_msg)) { $error = $message_parser->warn_msg; } } // Preview comment if (isset($_POST['preview']) && !empty($comment_data['comment_message'])) { $template->assign_vars(array('PREVIEW_TEXT' => $message_parser->format_display($comment_data['enable_bbcode'], $comment_data['enable_magic_url'], $comment_data['enable_smilies'], false), 'S_PREVIEW' => true)); } // Post comment if (isset($_POST['submit'])) { if (!check_form_key('add_comment')) { trigger_error('FORM_INVALID'); } $poll = false; $data = array('forum_id' => $report['forum_id'], 'topic_id' => $report['topic_id'], 'topic_title' => $report['report_title'], 'icon_id' => 0, 'post_time' => time(), 'message' => $message_parser->message, 'message_md5' => $message_md5, 'bbcode_uid' => $message_parser->bbcode_uid, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'enable_bbcode' => $comment_data['enable_bbcode'], 'enable_smilies' => $comment_data['enable_smilies'], 'enable_urls' => $comment_data['enable_magic_url'], 'enable_sig' => 0, 'post_edit_locked' => 0, 'enable_indexing' => $report['enable_indexing'], 'forum_name' => $report['project_title'], 'notify' => false, 'notify_set' => false); submit_post('reply', $comment_data['comment_subject'], '', $report['topic_type'], $poll, $data); // Send out notifications $notif_users = get_subscribed_users($report['forum_id'], $report['topic_id']); send_notification($notif_users, 'bug_comment_added', array('REPORT_ID' => $report['report_id'], 'REPORT_TITLE' => $report['report_title'], 'PROJECT_TITLE' => $report['project_title'], 'U_REPORT' => generate_board_url() . '/' . $url_rewriter->rewrite("bugs.{$phpEx}", "mode=report&project={$report['project_name']}&report_id={$report_id}"), 'U_COMMENT' => generate_board_url() . '/' . $url_rewriter->rewrite("bugs.{$phpEx}", "mode=report&project={$report['project_name']}&report_id={$report_id}") . '#comment-' . $data['post_id'], 'PERFORMER' => $user->data['username'])); $redirect_url = append_sid("{$phpbb_root_path}bugs.{$phpEx}", "mode=report&project={$project_name}&report_id={$report_id}#comment-{$data['post_id']}"); meta_refresh(3, $redirect_url); $message = sprintf($user->lang['COMMENT_ADDED'], '<a href="' . $redirect_url . '">', '</a>'); trigger_error($message); } // Display forms add_form_key('add_comment'); if (isset($message_parser)) { $comment_data['comment_message'] = $message_parser->decode_message($message_parser->bbcode_uid, false); } $report['bbcode_options'] = ($report['enable_bbcode'] ? OPTION_FLAG_BBCODE : 0) + ($report['enable_smilies'] ? OPTION_FLAG_SMILIES : 0) + ($report['enable_magic_url'] ? OPTION_FLAG_LINKS : 0); $template->assign_vars(array('COMMENT_SUBJECT' => $comment_data['comment_subject'], 'COMMENT_MESSAGE' => $comment_data['comment_message'], 'S_BBCODE_CHECKED' => $comment_data['enable_bbcode'] ? '' : ' checked="checked"', 'S_SMILIES_CHECKED' => $comment_data['enable_smilies'] ? '' : ' checked="checked"', 'S_MAGIC_URL_CHECKED' => $comment_data['enable_magic_url'] ? '' : ' checked="checked"', 'S_BBCODE_ALLOWED' => $auth->acl_get('f_bbcode', $report['forum_id']), 'S_SMILIES_ALLOWED' => $auth->acl_get('f_smilies', $report['forum_id']), 'S_LINKS_ALLOWED' => $config['allow_post_links'] ? true : false, 'ERROR' => isset($error) && sizeof($error) ? implode('<br />', $error) : false, 'S_PREVIEW_BOLD' => !empty($error) || !isset($_POST['preview']) ? true : false, 'REPORT_TITLE' => $report['report_title'], 'REPORT_TEXT' => generate_text_for_display($report['report_desc'], $report['bbcode_uid'], $report['bbcode_bitfield'], $report['bbcode_options']), 'REPORT_ID' => $report['report_id'], 'PROJECT_TITLE' => $report['project_title'], 'REPORT_COMPONENT' => $report['component_title'], 'REPORT_STATUS' => $report['status_title'], 'REPORT_VERSION' => $report['version_title'], 'ASSIGNED' => $report['assigned_id'] == 0 ? $user->lang['UNASSIGNED'] : get_username_string('username', $report['assigned_id'], $report['assigned_name'], $report['assigned_colour']), 'ASSIGNED_COLOUR' => $report['assigned_id'] == 0 ? $user->lang['UNASSIGNED'] : get_username_string('colour', $report['assigned_id'], $report['assigned_name'], $report['assigned_colour']), 'ASSIGNED_FULL' => $report['assigned_id'] == 0 ? $user->lang['UNASSIGNED'] : get_username_string('full', $report['assigned_id'], $report['assigned_name'], $report['assigned_colour']), 'REPORTED' => get_username_string('username', $report['topic_poster'], $report['topic_first_poster_name'], $report['topic_first_poster_colour']), 'REPORTED_COLOUR' => get_username_string('colour', $report['topic_poster'], $report['topic_first_poster_name'], $report['topic_first_poster_colour']), 'REPORTED_FULL' => get_username_string('full', $report['topic_poster'], $report['topic_first_poster_name'], $report['topic_first_poster_colour']), 'REPORT_TIME' => $user->format_date($report['topic_time']), 'S_IS_CLOSED' => $report['report_closed'] == 1, 'U_BUG_TRACKER' => append_sid("{$phpbb_root_path}bugs.{$phpEx}"), 'U_RETURN' => append_sid("{$phpbb_root_path}bugs.{$phpEx}", "mode=report&project={$report['project_name']}&report_id={$report_id}"), 'U_SUBSCRIBE' => append_sid("{$phpbb_root_path}bugs.{$phpEx}", "mode=report&project={$report['project_name']}&report_id={$report_id}&action=subscribe"), 'U_UNSUBSCRIBE' => append_sid("{$phpbb_root_path}bugs.{$phpEx}", "mode=report&project={$report['project_name']}&report_id={$report_id}&action=unsubscribe"), 'S_IS_SUBSCRIBED' => $is_subscribed, 'S_IS_LOCKED' => $report['topic_status'] == ITEM_LOCKED, 'S_DISPLAY_SUBSCRIBE_INFO' => $is_subscribed || $auth->acl_get('f_subscribe', $report['forum_id'])));
function reply_post_func($xmlrpc_params) { global $db, $auth, $user, $config, $phpbb_root_path, $phpEx, $mobiquo_config, $phpbb_home; require_once 'include/emoji.php'; $user->setup('posting'); if (!$user->data['is_registered']) { trigger_error('LOGIN_EXPLAIN_POST'); } $params = php_xmlrpc_decode($xmlrpc_params); // get parameters $forum_id = isset($params[0]) ? intval($params[0]) : ''; $topic_id = isset($params[1]) ? intval($params[1]) : ''; $subject = isset($params[2]) ? $params[2] : ''; $text_body = isset($params[3]) ? $params[3] : ''; $text_body = emoji_unified_to_names($text_body); $attach_list = isset($params[4]) ? $params[4] : array(); $_POST['attachment_data'] = isset($params[5]) && $params[5] ? unserialize(base64_decode($params[5])) : array(); $GLOBALS['return_html'] = isset($params[6]) ? $params[6] : false; if (!$topic_id) { trigger_error('NO_TOPIC'); } if (utf8_clean_string($text_body) === '') { trigger_error('TOO_FEW_CHARS'); } $post_data = array(); $current_time = time(); // get topic data $sql = 'SELECT * FROM ' . TOPICS_TABLE . ' WHERE topic_id = ' . $topic_id; $result = $db->sql_query($sql); $post_data = $db->sql_fetchrow($result); $db->sql_freeresult($result); // get forum data $sql = 'SELECT * FROM ' . FORUMS_TABLE . "\n WHERE forum_type = " . FORUM_POST . ($post_data['forum_id'] ? "\n AND forum_id = '{$post_data['forum_id']}' " : ''); $result = $db->sql_query_limit($sql, 1); $forum_data = $db->sql_fetchrow($result); $db->sql_freeresult($result); $post_data = array_merge($post_data, $forum_data); if (!$post_data) { trigger_error('NO_TOPIC'); } // Use post_row values in favor of submitted ones... $forum_id = !empty($post_data['forum_id']) ? (int) $post_data['forum_id'] : (int) $forum_id; $topic_id = !empty($post_data['topic_id']) ? (int) $post_data['topic_id'] : (int) $topic_id; // Need to login to passworded forum first? if ($post_data['forum_password'] && !check_forum_password($forum_id)) { trigger_error('LOGIN_FORUM'); } // Check permissions if ($user->data['is_bot']) { trigger_error('NOT_AUTHORISED'); } // Is the user able to read within this forum? if (!$auth->acl_get('f_read', $forum_id)) { if ($user->data['user_id'] != ANONYMOUS) { trigger_error('USER_CANNOT_READ'); } trigger_error('LOGIN_EXPLAIN_POST'); } // Permission to do the reply if (!$auth->acl_get('f_reply', $forum_id)) { if ($user->data['user_id'] != ANONYMOUS) { trigger_error('USER_CANNOT_REPLY'); } trigger_error('LOGIN_EXPLAIN_POST'); } // Is the user able to post within this forum? if ($post_data['forum_type'] != FORUM_POST) { trigger_error('USER_CANNOT_FORUM_POST'); } // Forum/Topic locked? if (($post_data['forum_status'] == ITEM_LOCKED || isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED) && !$auth->acl_get('m_edit', $forum_id)) { trigger_error($post_data['forum_status'] == ITEM_LOCKED ? 'FORUM_LOCKED' : 'TOPIC_LOCKED'); } $subject = (strpos($subject, 'Re: ') !== 0 ? 'Re: ' : '') . ($subject ? $subject : censor_text($post_data['topic_title'])); $post_data['post_edit_locked'] = isset($post_data['post_edit_locked']) ? (int) $post_data['post_edit_locked'] : 0; $post_data['post_subject'] = isset($post_data['topic_title']) ? $post_data['topic_title'] : ''; $post_data['topic_time_limit'] = isset($post_data['topic_time_limit']) ? $post_data['topic_time_limit'] ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit'] : 0; $post_data['poll_length'] = !empty($post_data['poll_length']) ? (int) $post_data['poll_length'] / 86400 : 0; $post_data['poll_start'] = !empty($post_data['poll_start']) ? (int) $post_data['poll_start'] : 0; $post_data['icon_id'] = 0; $post_data['poll_options'] = array(); // Get Poll Data if ($post_data['poll_start']) { $sql = 'SELECT poll_option_text FROM ' . POLL_OPTIONS_TABLE . "\n WHERE topic_id = {$topic_id}\n ORDER BY poll_option_id"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $post_data['poll_options'][] = trim($row['poll_option_text']); } $db->sql_freeresult($result); } $orig_poll_options_size = sizeof($post_data['poll_options']); include $phpbb_root_path . 'includes/message_parser.' . $phpEx; $message_parser = new parse_message(); // Set some default variables $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0); foreach ($uninit as $var_name => $default_value) { if (!isset($post_data[$var_name])) { $post_data[$var_name] = $default_value; } } unset($uninit); // Always check if the submitted attachment data is valid and belongs to the user. // Further down (especially in submit_post()) we do not check this again. $message_parser->get_submitted_attachment_data($post_data['poster_id']); $post_data['username'] = ''; $post_data['enable_urls'] = $post_data['enable_magic_url']; $post_data['enable_sig'] = $config['allow_sig'] && $user->optionget('attachsig') ? true : false; $post_data['enable_smilies'] = $config['allow_smilies'] && $user->optionget('smilies') ? true : false; $post_data['enable_bbcode'] = $config['allow_bbcode'] && $user->optionget('bbcode') ? true : false; $post_data['enable_urls'] = true; $post_data['enable_magic_url'] = $post_data['drafts'] = false; $check_value = ($post_data['enable_bbcode'] + 1 << 8) + ($post_data['enable_smilies'] + 1 << 4) + ($post_data['enable_urls'] + 1 << 2) + ($post_data['enable_sig'] + 1 << 1); // Check if user is watching this topic if ($config['allow_topic_notify'] && $user->data['is_registered']) { $sql = 'SELECT topic_id FROM ' . TOPICS_WATCH_TABLE . ' WHERE topic_id = ' . $topic_id . ' AND user_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id'); $db->sql_freeresult($result); } // HTML, BBCode, Smilies, Images and Flash status $bbcode_status = $config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id) ? true : false; $smilies_status = $bbcode_status && $config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id) ? true : false; $img_status = $bbcode_status && $auth->acl_get('f_img', $forum_id) ? true : false; $url_status = $config['allow_post_links'] ? true : false; $flash_status = $bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash'] ? true : false; $quote_status = $auth->acl_get('f_reply', $forum_id) ? true : false; $post_data['topic_cur_post_id'] = request_var('topic_cur_post_id', 0); $post_data['post_subject'] = utf8_normalize_nfc($subject); $message_parser->message = utf8_normalize_nfc(htmlspecialchars($text_body)); $post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true)); $post_data['post_edit_reason'] = ''; $post_data['orig_topic_type'] = $post_data['topic_type']; $post_data['topic_type'] = request_var('topic_type', (int) $post_data['topic_type']); $post_data['topic_time_limit'] = request_var('topic_time_limit', (int) $post_data['topic_time_limit']); $post_data['icon_id'] = request_var('icon', 0); $post_data['enable_bbcode'] = !$bbcode_status || isset($_POST['disable_bbcode']) ? false : true; $post_data['enable_smilies'] = !$smilies_status || isset($_POST['disable_smilies']) ? false : true; $post_data['enable_urls'] = isset($_POST['disable_magic_url']) ? 0 : 1; $post_data['enable_sig'] = !$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig') ? false : ($user->data['is_registered'] ? true : false); if ($config['allow_topic_notify'] && $user->data['is_registered']) { $notify = !$post_data['notify_set'] ? $user->data['user_notify'] : $post_data['notify_set'] ? true : false; } else { $notify = false; } $post_data['poll_title'] = utf8_normalize_nfc(request_var('poll_title', '', true)); $post_data['poll_length'] = request_var('poll_length', 0); $post_data['poll_option_text'] = utf8_normalize_nfc(request_var('poll_option_text', '', true)); $post_data['poll_max_options'] = request_var('poll_max_options', 1); $post_data['poll_vote_change'] = $auth->acl_get('f_votechg', $forum_id) && isset($_POST['poll_vote_change']) ? 1 : 0; // Parse Attachments - before checksum is calculated $message_parser->parse_attachments('fileupload', 'reply', $forum_id, true, false, false); // Grab md5 'checksum' of new message $message_md5 = md5($message_parser->message); // Check checksum ... don't re-parse message if the same if (sizeof($message_parser->warn_msg)) { trigger_error(join("\n", $message_parser->warn_msg)); } $message_parser->parse($post_data['enable_bbcode'], $config['allow_post_links'] ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']); if ($config['flood_interval'] && !$auth->acl_get('f_ignoreflood', $forum_id)) { // Flood check $last_post_time = 0; if ($user->data['is_registered']) { $last_post_time = $user->data['user_lastpost_time']; } else { $sql = 'SELECT post_time AS last_post_time FROM ' . POSTS_TABLE . "\n WHERE poster_ip = '" . $user->ip . "'\n AND post_time > " . ($current_time - $config['flood_interval']); $result = $db->sql_query_limit($sql, 1); if ($row = $db->sql_fetchrow($result)) { $last_post_time = $row['last_post_time']; } $db->sql_freeresult($result); } if ($last_post_time && $current_time - $last_post_time < intval($config['flood_interval'])) { trigger_error('FLOOD_ERROR'); } } // Validate username if ($post_data['username'] && !$user->data['is_registered']) { include $phpbb_root_path . 'includes/functions_user.' . $phpEx; if (($result = validate_username($post_data['username'], !empty($post_data['post_username']) ? $post_data['post_username'] : '')) !== false) { $user->add_lang('ucp'); trigger_error($result . '_USERNAME'); } } $post_data['poll_last_vote'] = isset($post_data['poll_last_vote']) ? $post_data['poll_last_vote'] : 0; $poll = array(); // if (sizeof($message_parser->warn_msg)) // { // return get_error(); // } // DNSBL check if ($config['check_dnsbl'] && $mobiquo_config['check_dnsbl']) { if (($dnsbl = $user->check_dnsbl('post')) !== false) { trigger_error(sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1])); } } // Store message, sync counters $data = array('topic_title' => empty($post_data['topic_title']) ? $post_data['post_subject'] : $post_data['topic_title'], 'topic_first_post_id' => isset($post_data['topic_first_post_id']) ? (int) $post_data['topic_first_post_id'] : 0, 'topic_last_post_id' => isset($post_data['topic_last_post_id']) ? (int) $post_data['topic_last_post_id'] : 0, 'topic_time_limit' => (int) $post_data['topic_time_limit'], 'topic_attachment' => isset($post_data['topic_attachment']) ? (int) $post_data['topic_attachment'] : 0, 'post_id' => 0, 'topic_id' => (int) $topic_id, 'forum_id' => (int) $forum_id, 'icon_id' => (int) $post_data['icon_id'], 'poster_id' => (int) $post_data['poster_id'], 'enable_sig' => (bool) $post_data['enable_sig'], 'enable_bbcode' => (bool) $post_data['enable_bbcode'], 'enable_smilies' => (bool) $post_data['enable_smilies'], 'enable_urls' => (bool) $post_data['enable_urls'], 'enable_indexing' => (bool) $post_data['enable_indexing'], 'message_md5' => (string) $message_md5, 'post_time' => isset($post_data['post_time']) ? (int) $post_data['post_time'] : $current_time, 'post_checksum' => isset($post_data['post_checksum']) ? (string) $post_data['post_checksum'] : '', 'post_edit_reason' => $post_data['post_edit_reason'], 'post_edit_user' => isset($post_data['post_edit_user']) ? (int) $post_data['post_edit_user'] : 0, 'forum_parents' => $post_data['forum_parents'], 'forum_name' => $post_data['forum_name'], 'notify' => $notify, 'notify_set' => $post_data['notify_set'], 'poster_ip' => isset($post_data['poster_ip']) ? $post_data['poster_ip'] : $user->ip, 'post_edit_locked' => (int) $post_data['post_edit_locked'], 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'topic_approved' => isset($post_data['topic_approved']) ? $post_data['topic_approved'] : false, 'post_approved' => isset($post_data['post_approved']) ? $post_data['post_approved'] : false, 'post_expire_time' => -1); include $phpbb_root_path . 'includes/functions_posting.' . $phpEx; $update_message = true; $cwd = getcwd(); chdir('../'); $phpbb_root_path_tmp = $phpbb_root_path; $phpbb_root_path = './'; $redirect_url = submit_post('reply', $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message); chdir($cwd); $phpbb_root_path = $phpbb_root_path_tmp; // Check the permissions for post approval, as well as the queue trigger where users are put on approval with a post count lower than specified. Moderators are not affected. $approved = true; if (($config['enable_queue_trigger'] && $user->data['user_posts'] < $config['queue_trigger_posts'] || !$auth->acl_get('f_noapprove', $data['forum_id'])) && !$auth->acl_get('m_approve', $data['forum_id'])) { $approved = false; } $reply_success = false; $post_id = ''; if ($redirect_url) { preg_match('/&p=(\\d+)/', $redirect_url, $matches); $post_id = $matches[1]; $reply_success = true; // get new post_content $message = censor_text($data['message']); $quote_wrote_string = $user->lang['WROTE']; $message = str_replace('[/quote:' . $data['bbcode_uid'] . ']', '[/quote]', $message); $message = preg_replace('/\\[quote(?:="(.*?)")?:' . $data['bbcode_uid'] . '\\]/ise', "'[quote]' . ('\$1' ? '\$1' . ' {$quote_wrote_string}:\n' : '\n')", $message); $blocks = preg_split('/(\\[\\/?quote\\])/i', $message, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE); $quote_level = 0; $message = ''; foreach ($blocks as $block) { if ($block == '[quote]') { if ($quote_level == 0) { $message .= $block; } $quote_level++; } else { if ($block == '[/quote]') { if ($quote_level <= 1) { $message .= $block; } if ($quote_level >= 1) { $quote_level--; } } else { if ($quote_level <= 1) { $message .= $block; } } } } $message = preg_replace('/\\[(youtube|video|googlevideo|gvideo):' . $data['bbcode_uid'] . '\\](.*?)\\[\\/\\1:' . $data['bbcode_uid'] . '\\]/sie', "video_bbcode_format('\$1', '\$2')", $message); $message = preg_replace('/\\[(BBvideo)[\\d, ]+:' . $row['bbcode_uid'] . '\\](.*?)\\[\\/\\1:' . $row['bbcode_uid'] . '\\]/si', "[url=\$2]YouTube Video[/url]", $message); $message = preg_replace('/\\[(spoil|spoiler):' . $row['bbcode_uid'] . '\\](.*?)\\[\\/\\1:' . $row['bbcode_uid'] . '\\]/si', "[spoiler]\$2[/spoiler]", $message); $message = preg_replace('/\\[b:' . $data['bbcode_uid'] . '\\](.*?)\\[\\/b:' . $data['bbcode_uid'] . '\\]/si', '[b]$1[/b]', $message); $message = preg_replace('/\\[i:' . $data['bbcode_uid'] . '\\](.*?)\\[\\/i:' . $data['bbcode_uid'] . '\\]/si', '[i]$1[/i]', $message); $message = preg_replace('/\\[u:' . $data['bbcode_uid'] . '\\](.*?)\\[\\/u:' . $data['bbcode_uid'] . '\\]/si', '[u]$1[/u]', $message); $message = preg_replace('/\\[color=#(\\w{6}):' . $data['bbcode_uid'] . '\\](.*?)\\[\\/color:' . $data['bbcode_uid'] . '\\]/si', '[color=#$1]$2[/color]', $message); // Second parse bbcode here if ($data['bbcode_bitfield']) { $bbcode = new bbcode(base64_encode($data['bbcode_bitfield'])); $bbcode->bbcode_second_pass($message, $data['bbcode_uid'], $data['bbcode_bitfield']); } $message = bbcode_nl2br($message); $message = smiley_text($message); if (!empty($data['attachment_data'])) { parse_attachments($forum_id, $message, $data['attachment_data'], $update_count); } $updated_post_title = html_entity_decode(strip_tags(censor_text($data['topic_title'])), ENT_QUOTES, 'UTF-8'); $edit_allowed = $auth->acl_get('m_edit', $forum_id) || $auth->acl_get('f_edit', $forum_id) && !$data['post_edit_locked'] && ($data['post_time'] > time() - $config['edit_time'] * 60 || !$config['edit_time']); $delete_allowed = $auth->acl_get('m_delete', $forum_id) || $auth->acl_get('f_delete', $forum_id) && ($data['post_time'] > time() - $config['delete_time'] * 60 || !$config['delete_time']) && !$data['post_edit_locked']; $attachments = array(); if (sizeof($attach_list) && sizeof($data['attachment_data'])) { $sql = 'SELECT * FROM ' . ATTACHMENTS_TABLE . ' WHERE ' . $db->sql_in_set('attach_id', $attach_list) . ' AND in_message = 0 ORDER BY filetime DESC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $attachment_by_id[$row['attach_id']] = $row; } $db->sql_freeresult($result); foreach ($data['attachment_data'] as $attachment) { if (preg_match('/<img src=\\".*?(\\/download\\/file.php\\?id=(\\d+).*?)\\"/is', $attachment, $matches)) { $file_url = html_entity_decode($phpbb_home . $matches[1]); $attach_id = $matches[2]; unset($matches); $xmlrpc_attachment = new xmlrpcval(array('filename' => new xmlrpcval($attachment_by_id[$attach_id]['real_filename'], 'base64'), 'filesize' => new xmlrpcval($attachment_by_id[$attach_id]['filesize'], 'int'), 'content_type' => new xmlrpcval('image'), 'thumbnail_url' => new xmlrpcval(''), 'url' => new xmlrpcval($file_url)), 'struct'); $attachments[] = $xmlrpc_attachment; } } } } $xmlrpc_reply_topic = new xmlrpcval(array('result' => new xmlrpcval($reply_success, 'boolean'), 'post_id' => new xmlrpcval($post_id, 'string'), 'state' => new xmlrpcval($approved ? 0 : 1, 'int'), 'post_title' => new xmlrpcval($updated_post_title, 'base64'), 'post_content' => new xmlrpcval(post_html_clean($message), 'base64'), 'post_author_name' => new xmlrpcval(html_entity_decode($user->data['username']), 'base64'), 'is_online' => new xmlrpcval(true, 'boolean'), 'can_edit' => new xmlrpcval($edit_allowed, 'boolean'), 'icon_url' => new xmlrpcval($user->optionget('viewavatars') ? get_user_avatar_url($user->data['user_avatar'], $user->data['user_avatar_type']) : ''), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode($current_time), 'dateTime.iso8601'), 'can_delete' => new xmlrpcval($delete_allowed, 'boolean'), 'allow_smilies' => new xmlrpcval($data['enable_smilies'] ? true : false, 'boolean'), 'attachments' => new xmlrpcval($attachments, 'array')), 'struct'); return new xmlrpcresp($xmlrpc_reply_topic); }
/** * If the blog post is cross-posted, and comments are redirected from phpBB, * this catches posted comments and sends them to the forum */ function post_comment($postID) { global $phpbb_root_path, $phpEx, $phpbbForum, $auth, $user, $db; if (!$this->is_working()) { return; } $wpUserID = 0; if ($wpUser = wp_get_current_user()) { $wpUserID = $u->ID; } $requireNameEmail = get_option('require_name_email'); $fStateChanged = $phpbbForum->foreground(); $dets = $this->get_xposted_details($postID); if (!$dets) { $phpbbForum->restore_state($fStateChanged); return; } $isValidEmail = true; $guestPosting = false; if ($phpbbForum->user_logged_in()) { $username = $phpbbForum->get_username(); $website = $phpbbForum->get_userdata('user_website'); $email = $phpbbForum->get_userdata('user_email'); } else { $guestPosting = true; $username = strip_tags(stripslashes(request_var('author', 'Anonymous'))); $website = request_var('url', ''); $email = request_var('email', ''); if ($email) { // use wordpress to sanitize email $phpbbForum->background(); $isValidEmail = is_email($email); $phpbbForum->foreground(); } $username = wpu_find_next_avail_name($username, 'phpbb'); } if (empty($dets['topic_approved'])) { $phpbbForum->restore_state($fStateChanged); wp_die($phpbbForum->lang['ITEM_LOCKED']); } if ($dets['topic_status'] == ITEM_LOCKED) { $phpbbForum->restore_state($fStateChanged); wp_die($phpbbForum->lang['TOPIC_LOCKED']); } if ($dets['forum_id'] == 0) { // global announcement if (!$auth->acl_getf_global('f_wpu_xpost_comment')) { $phpbbForum->restore_state($fStateChanged); wp_die(__('You do not have permission to respond to this announcement', 'wp-united')); } } else { if (!$auth->acl_get('f_wpu_xpost_comment', $dets['forum_id'])) { $phpbbForum->restore_state($fStateChanged); wp_die(__('You do not have permission to comment in this forum', 'wp-united')); } } $content = isset($_POST['comment']) ? trim($_POST['comment']) : null; if (empty($content)) { $phpbbForum->restore_state($fStateChanged); wp_die(__('Error: Please type a comment!', 'wp-united')); } // taken from wp-comment-post.php, native WP translation of strings if ($requireNameEmail && $guestPosting) { if (6 > strlen($email) || '' == $username) { wp_die(__('<strong>ERROR</strong>: please fill in the required fields (name, email).', 'wp-united')); } elseif (!$isValidEmail) { wp_die(__('<strong>ERROR</strong>: please enter a valid email address.', 'wp-united')); } } $commentParent = (int) request_var('comment_parent', 0); // create a wordpress comment and run some checks on it // send comment thru akismet, other spam filtering, if user is logged out $phpbbForum->background(); $commentData = array('comment_post_ID' => $postID, 'comment_author' => $username, 'comment_author_email' => $email, 'comment_author_url' => $website, 'comment_parent' => $commentParent, 'comment_type' => '', 'user_ID' => $wpUserID); $checkSpam = $this->get_setting('xpostspam'); $checkSpam = !empty($checkSpam); if ($guestPosting && $checkSpam) { $commentData = apply_filters('preprocess_comment', $commentData); } $commentData = array_merge($commentData, array('comment_author_IP' => preg_replace('/[^0-9a-fA-F:., ]/', '', $_SERVER['REMOTE_ADDR']), 'comment_agent' => substr($_SERVER['HTTP_USER_AGENT'], 0, 254), 'comment_date' => current_time('mysql'), 'comment_date_gmt' => current_time('mysql', 1), 'comment_karma' => 0)); $forceModeration = false; $overrideApproval = false; if ($guestPosting && $checkSpam) { $commentData['comment_approved'] = wp_allow_comment($commentData); if (!$commentData['comment_approved'] || $commentData['comment_approved'] == 'spam') { $forceModeration = true; } else { // if the comment has passed checks, and we are overriding phpBB approval settings if ($this->get_setting('xpostspam') == 'all') { $overrideApproval = true; } } } $phpbbForum->foreground(); wpu_html_to_bbcode($content); $content = utf8_normalize_nfc($content); $uid = $poll = $bitfield = $options = ''; generate_text_for_storage($content, $uid, $bitfield, $options, true, true, true); require_once $phpbb_root_path . 'includes/functions_posting.' . $phpEx; $subject = $dets['post_subject']; $data = array('forum_id' => $dets['forum_id'], 'topic_id' => $dets['topic_id'], 'icon_id' => false, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $content, 'message_md5' => md5($content), 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'post_edit_locked' => 0, 'notify_set' => false, 'notify' => false, 'post_time' => 0, 'forum_name' => '', 'enable_indexing' => true, 'topic_title' => $subject, 'post_approved' => 1, 'poster_ip' => ''); if ($forceModeration) { $data['force_approved_state'] = false; } else { if ($overrideApproval) { $data['force_approved_state'] = true; } } $postUrl = submit_post('reply', $subject, $username, POST_NORMAL, $poll, $data); // update threading and guest post user data if ($postUrl !== false) { if ($commentParent || $guestPosting) { $sql = 'UPDATE ' . POSTS_TABLE . " SET \n\t\t\t\t\t\tpost_wpu_xpost_parent = {$commentParent}, \n\t\t\t\t\t\tpost_wpu_xpost_meta1 = '" . $db->sql_escape($website) . "', \n\t\t\t\t\t\tpost_wpu_xpost_meta2 = '" . $db->sql_escape($email) . "' \n\t\t\t\t\t\tWHERE post_id = " . (int) $data['post_id']; $db->sql_query($sql); } } $commentData = array_merge($commentData, array('comment_ID' => $data['post_id'] + $this->integComments->get_id_offset())); $wpComment = (object) $commentData; $phpbbForum->restore_state($fStateChanged); //set comment cookie do_action('set_comment_cookies', $wpComment, $wpUser); //prime the comment cache if (function_exists('wp_cache_incr')) { wp_cache_incr('last_changed', 1, 'comment'); } else { $last_changed = wp_cache_get('last_changed', 'comment'); wp_cache_set('last_changed', $last_changed + 1, 'comment'); } /** * Redirect back to WP if we can. * NOTE: if the comment was the first on a new page, this will redirect to the old page, rather than the new * one. * @todo: increment page var if necessary, or remove it if comment order is reversed, by adding hidden field with # of comments */ if (!empty($_POST['redirect_to'])) { $location = $_POST['redirect_to'] . '#comment-' . $wpComment->comment_ID; } else { if (!empty($_POST['wpu-comment-redirect'])) { $location = urldecode($_POST['wpu-comment-redirect']); } } $location = apply_filters('comment_post_redirect', $location, $wpComment); wp_safe_redirect($location); exit; }
function main($id, $mode) { global $user, $config, $db, $table_prefix; global $template, $phpbb_root_path, $phpEx; global $request, $phpbb_container; $this->user = $user; $this->db = $db; $this->helper = $phpbb_container->get('controller.helper'); if (!defined('RATING_TABLE')) { define('RATING_TABLE', $table_prefix . 'rating'); } if (!defined('RATING_CAT_TABLE')) { define('RATING_CAT_TABLE', $table_prefix . 'rating_cat'); } if (!defined('RATING_ICON_TABLE')) { define('RATING_ICON_TABLE', $table_prefix . 'rating_icon'); } $submit = $request->is_set_post('submit') ? true : false; $action = $request->variable('action', ''); $error = array(); $s_hidden_fields = array(); switch ($mode) { case 'main': switch ($action) { case 'add': if (!$config['top_rating_type'] || $config['top_rating_type'] == 1) { trigger_error($this->user->lang['TOP_ADD_NOT']); } $top_name = utf8_normalize_nfc($request->variable('top_name', '', true)); $top_desc = utf8_normalize_nfc($request->variable('top_desc', '', true)); $top_url = utf8_normalize_nfc($request->variable('top_url', '', true)); $cat_id = $request->variable('cat_id', 0); $cats = $this->rating_category($cat_id); if ($submit) { $parseurl = parse_url(trim($top_url)); $host = $parseurl['host']; $scheme = $parseurl['scheme']; $reparse = explode('.', $host); $zona = $reparse[count($reparse) - 1]; if (!preg_match('/^http(s)?:\\/\\//i', $top_url) || !str_replace(array('.' . $zona, $zona), '', $host)) { $error[] = $this->user->lang['TOP_URL_ERROR']; } else { $top_url = $scheme . '://' . $host; } $char = mb_strlen($top_name); if ($char < $this->min_name || $char > $this->max_name) { $error[] = $char > $this->max_name ? $this->user->lang['TOP_NAME_ERROR2'] : $this->user->lang['TOP_NAME_ERROR']; } if (mb_strlen($top_desc) < $this->min_desc) { $error[] = $this->user->lang['TOP_DESC_ERROR']; } if (!isset($cats[$cat_id]['cat_id'])) { trigger_error('ZALUPA!!!'); } $sql = 'SELECT COUNT(top_id) AS num_top FROM ' . RATING_TABLE . ' WHERE top_url = "' . $top_url . '"'; $result = $this->db->sql_query($sql); if ($this->db->sql_fetchfield('num_top')) { $error[] = $this->user->lang['TOP_URL_VALID']; } $this->db->sql_freeresult($result); if (!sizeof($error)) { $top_desc .= PHP_EOL . '[url=' . $top_url . ']' . str_replace('http://', '', $top_url) . '[/url]'; require_once $phpbb_root_path . 'includes/functions_posting.' . $phpEx; // variables to hold the parameters for submit_post $poll = $uid = $bitfield = $options = ''; generate_text_for_storage($top_name, $uid, $bitfield, $options, false, false, false); generate_text_for_storage($top_desc, $uid, $bitfield, $options, true, true, true); $data = array('forum_id' => $config['top_rating_forum'], 'topic_id' => '', 'icon_id' => false, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'from_user_id' => $this->user->data['user_id'], 'from_username' => $this->user->data['username'], 'from_user_ip' => $this->user->data['user_ip'], 'message' => $top_desc, 'message_md5' => md5($top_desc), 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'post_edit_locked' => 1, 'topic_title' => $top_name, 'notify_set' => false, 'notify' => false, 'post_time' => 0, 'forum_name' => '', 'enable_indexing' => true); submit_post('post', $top_name, '', POST_NORMAL, $poll, $data); $sql = 'INSERT INTO ' . RATING_TABLE . ' ' . $this->db->sql_build_array('INSERT', array('cat_id' => $cats[$cat_id]['cat_id'], 'topic_id' => $data['topic_id'], 'user_id' => $this->user->data['user_id'], 'top_url' => $top_url, 'top_type' => 1, 'top_time_add' => time())); $this->db->sql_query($sql); $top_id = $this->db->sql_nextid(); $sql = 'UPDATE ' . RATING_CAT_TABLE . ' SET cat_top_site = cat_top_site + 1, cat_top_new = cat_top_new + 1 WHERE cat_id = ' . $cats[$cat_id]['cat_id']; $this->db->sql_query($sql); $meta_info = append_sid("{$phpbb_root_path}ucp.{$phpEx}", "i={$id}&mode=manage&top_id={$top_id}&action=editcount"); meta_refresh(3, $meta_info); trigger_error(sprintf($this->user->lang['TOP_ADD_GOOD'], $meta_info)); } } $options = ''; foreach ($cats as $key => $value) { $options .= '<option value="' . $value['cat_id'] . '"' . ($value['cat_id'] == $cat_id ? ' selected="selected"' : '') . '>' . $value['cat_title'] . '</option>'; } $s_hidden_fields['action'] = 'add'; $template->assign_vars(array('L_TOP_DESC_EXPLAIN' => sprintf($this->user->lang['TOP_DESC_EXPLAIN'], $this->min_desc), 'L_TOP_NAME_EXPLAIN' => sprintf($this->user->lang['TOP_NAME_EXPLAIN'], $this->min_name, $this->max_name), 'TOP_NAME' => $top_name, 'TOP_URL' => $top_url, 'TOP_DESC' => $top_desc, 'TOP_CATS' => $options)); $this->tpl_name = 'ucp_rating_add'; $this->page_title = $this->user->lang['UCP_RATING_ADD']; break; default: $sql_array = array('SELECT' => 'r.*', 'FROM' => array(RATING_TABLE => 'r')); $sql_array['SELECT'] .= ', t.topic_title, p.post_text'; $sql_array['LEFT_JOIN'][] = array('FROM' => array(TOPICS_TABLE => 't'), 'ON' => 'r.topic_id = t.topic_id'); $sql_array['LEFT_JOIN'][] = array('FROM' => array(POSTS_TABLE => 'p'), 'ON' => 't.topic_first_post_id = p.post_id'); $sql_array['WHERE'] = "r.user_id = " . $this->user->data['user_id']; $sql = $this->db->sql_build_query('SELECT', $sql_array); $result = $this->db->sql_query($sql); while ($row = $this->db->sql_fetchrow($result)) { $top_name = str_replace(array('http://', 'https://'), '', $row['top_url']); if (!empty($row['topic_title'])) { $top_name = $row['topic_title'] . ' (' . $top_name . ')'; } // Limit chars $top_desc = $row['post_text']; if (mb_strlen($top_desc) >= $config['top_desc_lenght']) { $view_topic_url = append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 't=' . $row['topic_id']); $top_desc = mb_substr($top_desc, 0, $config['top_desc_lenght']) . '<a href="' . $view_topic_url . '">[...]</a>'; } $template->assign_block_vars('toprow', array('TOP_NAME' => $top_name, 'TOP_DESC' => $top_desc, 'TOP_URL' => $row['top_url'], 'TOP_HOSTS' => $row['top_hosts'], 'TOP_HITS' => $row['top_hits'], 'TOP_IN' => $row['top_in'], 'TOP_OUT' => $row['top_out'], 'TOP_STATS' => $this->helper->route('bb3top_rating_stats', array('top_id' => $row['top_id'])))); } $this->db->sql_freeresult($result); $template->assign_vars(array('U_ADD_PLATFORM' => append_sid($this->u_action . '&action=add'), 'S_ADD_PLATFORM' => $config['top_rating_type'] == 1 ? false : true)); if (!$config['top_rating_type'] || $config['top_rating_type'] == 1) { $error[] = $this->user->lang['TOP_ADD_NOT']; } $this->tpl_name = 'ucp_rating'; $this->page_title = $this->user->lang['UCP_RATING_MAIN']; break; } if ($config['top_rating_anounce']) { $this->view_announce(); } break; case 'manage': $top_id = $request->variable('top_id', 0); switch ($action) { case 'delete': if (!$top_id) { meta_refresh(3, $this->u_action); $message = $this->user->lang['PLATFORM_ERROR'] . '<br /><br />'; $message .= sprintf($this->user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } $toprow = $this->rating_top($top_id); if (confirm_box(true)) { $sql = 'DELETE FROM `' . RATING_TABLE . '` WHERE `top_id` = ' . $toprow['top_id']; $this->db->sql_query($sql); $cats = $this->rating_category($toprow['cat_id']); if (!empty($cats[$toprow['cat_id']]['cat_top_site'])) { $sql_upd = array('cat_top_site' => $cats[$toprow['cat_id']]['cat_top_site'] - 1); if (!empty($cats[$toprow['cat_id']]['cat_top_new']) && $toprow['top_type'] == 1) { $sql_upd['cat_top_new'] = $cats[$toprow['cat_id']]['cat_top_new'] - 1; } $sql = 'UPDATE ' . RATING_CAT_TABLE . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_upd) . ' WHERE cat_id = ' . $toprow['cat_id']; $this->db->sql_query($sql); } meta_refresh(3, $this->u_action); $message = $this->user->lang['TOP_DEL_GOOD'] . '<br /><br />'; $message .= sprintf($this->user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } else { confirm_box(false, $this->user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('i' => $id, 'mode' => $mode, 'action' => 'delete', 'top_id' => $toprow['top_id']))); } redirect($this->u_action); break; case 'editcount': if (!$top_id) { meta_refresh(3, $this->u_action); $message = $this->user->lang['PLATFORM_ERROR'] . '<br /><br />'; $message .= sprintf($this->user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } $toprow = $this->rating_top($top_id); $file_img = array(); $sql = 'SELECT * FROM ' . RATING_ICON_TABLE . ' WHERE (cat_id = 0 OR cat_id = ' . (int) $toprow['cat_id'] . ')'; $result = $this->db->sql_query($sql); $counts = array(); while ($row = $this->db->sql_fetchrow($result)) { $counts[$row['file']] = $row; } $this->db->sql_freeresult($result); $arcount = array(); foreach ($this->user->lang['TOP_COUNT_TYPE'] as $type => $name) { if (!empty($this->user->lang['TOP_COUNTS_' . strtoupper($type)])) { $name = $this->user->lang['TOP_COUNTS_' . strtoupper($type)]; } $template->assign_block_vars('counts', array('COUNT_NAME' => $name, 'COUNT_TYPE' => $type)); foreach ($counts as $row) { if ($row['type'] == $type) { $file = $row['file']; $icon_big = explode(";", $toprow['top_icon_big']); $icon_small = explode(";", $toprow['top_icon_small']); $checked = $icon_big[0] == $file || $icon_small[0] == $file ? ' checked="checked"' : ''; $template->assign_block_vars('counts.rows', array('COUNT_IMG' => $phpbb_root_path . 'images/counts/' . $file, 'COUNT_VALUE' => $file, 'COUNT_CHEKED' => $checked, 'COUNT_ID' => str_replace(array('.gif', '.png', '.jpg'), '', $file))); $file_img[$file] = $file; } } } if ($submit) { $small = $request->variable('small', '', true); $big = $request->variable('big', '', true); if (!empty($file_img[$small]) && !empty($file_img[$big])) { $small_type = ''; $big_type = ''; if (!empty($counts[$small]['position'])) { $small_type .= ';' . $counts[$small]['position']; } if (!empty($counts[$big]['position'])) { $big_type .= ';' . $counts[$big]['position']; } if (!empty($counts[$small]['color'])) { $small_type .= !$small_type ? ';all;#' . $counts[$small]['color'] : ';#' . $counts[$small]['color']; } if (!empty($counts[$big]['color'])) { $big_type .= !$big_type ? ';h;#' . $counts[$big]['color'] : ';#' . $counts[$big]['color']; } $sql = 'UPDATE ' . RATING_TABLE . ' SET ' . $this->db->sql_build_array('UPDATE', array('top_icon_big' => (string) $big . $big_type, 'top_icon_small' => (string) $small . $small_type)) . ' WHERE top_id = "' . (int) $toprow['top_id'] . '"'; $this->db->sql_query($sql); $meta_info = append_sid("{$phpbb_root_path}ucp.{$phpEx}", "i={$id}&mode=manage&top_id={$top_id}&action=code"); meta_refresh(3, $meta_info); trigger_error(sprintf($this->user->lang['TOP_COUNT_GOOD'], $meta_info)); } else { $error[] = $this->user->lang['TOP_COUNT_ERROR']; } } $s_hidden_fields = array_merge($s_hidden_fields, array('action' => 'editcount', 'top_id' => $top_id)); $this->tpl_name = 'ucp_rating_count'; $this->page_title = $this->user->lang['UCP_RATING_MAIN']; break; case 'code': if (!$top_id) { meta_refresh(3, $this->u_action); $message = $this->user->lang['PLATFORM_ERROR'] . '<br /><br />'; $message .= sprintf($this->user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } $toprow = $this->rating_top($top_id); $template->assign_vars(array('S_COUNT_CODE' => true, 'U_EDIT_COUNT' => append_sid($this->u_action . '&top_id=' . $toprow['top_id'] . '&action=editcount'))); foreach ($this->user->lang['TOP_COUNT_TYPE'] as $type => $name) { if (isset($toprow['top_icon_' . $type])) { $top_icon = explode(";", $toprow['top_icon_' . $type]); $image_url = $phpbb_root_path . 'images/counts/' . $top_icon[0]; $width = $height = 0; if (file_exists($image_url)) { $image_info = @getimagesize($image_url); $width = $image_info[0]; $height = $image_info[1]; } $c_params = array('action' => $type, 'top_id' => $toprow['top_id']); $u_params = array('top_id' => $toprow['top_id']); $template->assign_block_vars('counts', array('COUNT_TYPE' => $name, 'COUNT_IMG' => $this->helper->route('bb3top_rating_counter', $c_params, false, '', true), 'COUNT_URL' => $this->helper->route('bb3top_rating_in', $u_params, false, '', true), 'COUNT_WIDTH' => $width, 'COUNT_HEIGHT' => $height, 'IMAGE_URL' => $image_url)); } } $this->tpl_name = 'ucp_rating_count'; $this->page_title = $this->user->lang['UCP_RATING_MAIN']; break; case 'open': case 'closed': if (!$top_id) { meta_refresh(3, $this->u_action); $message = $this->user->lang['PLATFORM_ERROR'] . '<br /><br />'; $message .= sprintf($this->user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } $toprow = $this->rating_top($top_id); if ($toprow['top_type'] == 1) { trigger_error($this->user->lang['FORM_INVALID']); } $sql = 'UPDATE ' . RATING_TABLE . ' SET top_type = ' . ($action == 'open' ? 0 : 2) . ' WHERE top_id = "' . (int) $toprow['top_id'] . '"'; $this->db->sql_query($sql); $meta_info = append_sid("{$phpbb_root_path}ucp.{$phpEx}", "i={$id}&mode=manage"); meta_refresh(3, $meta_info); $message = $action == 'open' ? $this->user->lang['ENABLED'] : $this->user->lang['DISABLED']; $message = sprintf($this->user->lang['TOP_STATS_GOOD'], $message, $this->u_action); trigger_error($message); break; default: $sql_array = array('SELECT' => 'r.top_id, r.top_url, r.top_icon_big, r.top_icon_small, r.top_type', 'FROM' => array(RATING_TABLE => 'r')); $sql_array['SELECT'] .= ', t.topic_title, t.topic_id'; $sql_array['LEFT_JOIN'][] = array('FROM' => array(TOPICS_TABLE => 't'), 'ON' => 'r.topic_id = t.topic_id'); $sql_array['WHERE'] = "r.user_id = " . $this->user->data['user_id']; $sql = $this->db->sql_build_query('SELECT', $sql_array); $result = $this->db->sql_query($sql); while ($row = $this->db->sql_fetchrow($result)) { $top_url = $row['top_url']; $top_name = str_replace(array('http://', 'https://'), '', $row['top_url']); if (!empty($row['topic_title'])) { $top_name = $row['topic_title'] . ' (' . $top_name . ')'; $top_url = append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 't=' . $row['topic_id']); } $template->assign_block_vars('toprow', array('TOP_NAME' => $top_name, 'TOP_URL' => $top_url, 'U_EDIT_COUNT' => append_sid($this->u_action . '&top_id=' . $row['top_id'] . '&action=editcount'), 'U_DEL_PLATFORM' => append_sid($this->u_action . '&top_id=' . $row['top_id'] . '&action=delete'), 'U_COUNT_CODE' => append_sid($this->u_action . '&top_id=' . $row['top_id'] . '&action=code'), 'U_CLOSED_STATS' => $this->u_action . '&top_id=' . $row['top_id'] . '&action=closed', 'U_OPEN_STATS' => $this->u_action . '&top_id=' . $row['top_id'] . '&action=open', 'S_COUNT_CODE' => $row['top_icon_big'] || $row['top_icon_small'] ? true : false, 'S_TOP_TYPE' => $row['top_type'])); } $this->db->sql_freeresult($result); if (!$config['top_rating_type'] || $config['top_rating_type'] == 1) { $error[] = $this->user->lang['TOP_ADD_NOT']; } $this->tpl_name = 'ucp_rating_manage'; $this->page_title = $this->user->lang['UCP_RATING_MAIN']; break; } break; default: trigger_error('NO_MODE'); break; } $s_hidden_fields = build_hidden_fields($s_hidden_fields); $template->assign_vars(array('ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => $this->u_action)); }
'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'topic_approved' => (isset($post_data['topic_approved'])) ? $post_data['topic_approved'] : false, 'post_approved' => (isset($post_data['post_approved'])) ? $post_data['post_approved'] : false, ); if ($mode == 'edit') { $data['topic_replies_real'] = $post_data['topic_replies_real']; $data['topic_replies'] = $post_data['topic_replies']; } unset($message_parser); $redirect_url = submit_post($mode, $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message); $post_need_approval = (!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id'])) ? true : false; // If the post need approval we will wait a lot longer. if ($post_need_approval) { meta_refresh(10, $redirect_url); $message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD']; $message .= (($user->data['user_id'] == ANONYMOUS) ? '' : ' '. $user->lang['POST_APPROVAL_NOTIFY']); } else { meta_refresh(3, $redirect_url); $message = ($mode == 'edit') ? 'POST_EDITED' : 'POST_STORED'; $message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $redirect_url . '">', '</a>');
if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id)) { $post_data['post_edit_locked'] = ITEM_LOCKED; } } $data = array('topic_title' => empty($post_data['topic_title']) ? $post_data['post_subject'] : $post_data['topic_title'], 'topic_first_post_id' => isset($post_data['topic_first_post_id']) ? (int) $post_data['topic_first_post_id'] : 0, 'topic_last_post_id' => isset($post_data['topic_last_post_id']) ? (int) $post_data['topic_last_post_id'] : 0, 'topic_time_limit' => (int) $post_data['topic_time_limit'], 'topic_attachment' => isset($post_data['topic_attachment']) ? (int) $post_data['topic_attachment'] : 0, 'post_id' => (int) $post_id, 'topic_id' => (int) $topic_id, 'forum_id' => (int) $forum_id, 'icon_id' => (int) $post_data['icon_id'], 'poster_id' => (int) $post_data['poster_id'], 'enable_sig' => (bool) $post_data['enable_sig'], 'enable_bbcode' => (bool) $post_data['enable_bbcode'], 'enable_smilies' => (bool) $post_data['enable_smilies'], 'enable_urls' => (bool) $post_data['enable_urls'], 'enable_indexing' => (bool) $post_data['enable_indexing'], 'message_md5' => (string) $message_md5, 'post_time' => isset($post_data['post_time']) ? (int) $post_data['post_time'] : $current_time, 'post_checksum' => isset($post_data['post_checksum']) ? (string) $post_data['post_checksum'] : '', 'post_edit_reason' => $post_data['post_edit_reason'], 'post_edit_user' => $mode == 'edit' ? $user->data['user_id'] : (isset($post_data['post_edit_user']) ? (int) $post_data['post_edit_user'] : 0), 'forum_parents' => $post_data['forum_parents'], 'forum_name' => $post_data['forum_name'], 'notify' => $notify, 'notify_set' => $post_data['notify_set'], 'poster_ip' => isset($post_data['poster_ip']) ? $post_data['poster_ip'] : $user->ip, 'post_edit_locked' => (int) $post_data['post_edit_locked'], 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'topic_approved' => isset($post_data['topic_approved']) ? $post_data['topic_approved'] : false, 'post_approved' => isset($post_data['post_approved']) ? $post_data['post_approved'] : false); if ($mode == 'edit') { $data['topic_replies_real'] = $post_data['topic_replies_real']; $data['topic_replies'] = $post_data['topic_replies']; } // Only return the username when it is either a guest posting or we are editing a post and // the username was supplied; otherwise post_data might hold the data of the post that is // being quoted (which could result in the username being returned being that of the quoted // post's poster, not the poster of the current post). See: PHPBB3-11769 for more information. $post_author_name = (!$user->data['is_registered'] || $mode == 'edit') && $post_data['username'] !== '' ? $post_data['username'] : ''; // The last parameter tells submit_post if search indexer has to be run $redirect_url = submit_post($mode, $post_data['post_subject'], $post_author_name, $post_data['topic_type'], $poll, $data, $update_message, $update_message || $update_subject ? true : false); if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === true) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote')) { $captcha->reset(); } // Check the permissions for post approval. // Moderators must go through post approval like ordinary users. if (!$auth->acl_get('f_noapprove', $data['forum_id']) && empty($data['force_approved_state']) || isset($data['force_approved_state']) && !$data['force_approved_state']) { meta_refresh(10, $redirect_url); $message = $mode == 'edit' ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD']; $message .= $user->data['user_id'] == ANONYMOUS ? '' : ' ' . $user->lang['POST_APPROVAL_NOTIFY']; } else { meta_refresh(3, $redirect_url); $message = $mode == 'edit' ? 'POST_EDITED' : 'POST_STORED'; $message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $redirect_url . '">', '</a>'); } $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $data['forum_id']) . '">', '</a>');
function new_topic_func($xmlrpc_params) { global $db, $auth, $user, $config, $phpbb_root_path, $phpEx, $mobiquo_config; $user->setup('posting'); if (!$user->data['is_registered']) { trigger_error('LOGIN_EXPLAIN_POST'); } $params = php_xmlrpc_decode($xmlrpc_params); // get parameters $forum_id = isset($params[0]) ? intval($params[0]) : ''; $subject = isset($params[1]) ? $params[1] : ''; $text_body = isset($params[2]) ? $params[2] : ''; require_once 'include/emoji.php'; $text_body = emoji_unified_to_names($text_body); $_POST['attachment_data'] = isset($params[5]) && $params[5] ? unserialize(base64_decode($params[5])) : array(); if (!$forum_id) { trigger_error('NO_FORUM'); } if (utf8_clean_string($subject) === '') { trigger_error('EMPTY_SUBJECT'); } if (utf8_clean_string($text_body) === '') { trigger_error('TOO_FEW_CHARS'); } $post_data = array(); $current_time = time(); $sql = 'SELECT * FROM ' . FORUMS_TABLE . " WHERE forum_id = {$forum_id}"; $result = $db->sql_query($sql); $post_data = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$post_data) { trigger_error('NO_FORUM'); } // Need to login to passworded forum first? if ($post_data['forum_password'] && !check_forum_password($forum_id)) { trigger_error('LOGIN_FORUM'); } // Check permissions if ($user->data['is_bot']) { trigger_error('NOT_AUTHORISED'); } // Is the user able to read and post within this forum? if (!$auth->acl_get('f_read', $forum_id)) { if ($user->data['user_id'] != ANONYMOUS) { trigger_error('USER_CANNOT_READ'); } trigger_error('LOGIN_EXPLAIN_POST'); } if (!$auth->acl_get('f_post', $forum_id)) { if ($user->data['user_id'] != ANONYMOUS) { trigger_error('USER_CANNOT_POST'); } trigger_error('LOGIN_EXPLAIN_POST'); } // Is the user able to post within this forum? if ($post_data['forum_type'] != FORUM_POST) { trigger_error('USER_CANNOT_FORUM_POST'); } // Forum/Topic locked? if ($post_data['forum_status'] == ITEM_LOCKED && !$auth->acl_get('m_edit', $forum_id)) { trigger_error('FORUM_LOCKED'); } $post_data['quote_username'] = ''; $post_data['post_edit_locked'] = 0; $post_data['post_subject'] = ''; $post_data['topic_time_limit'] = 0; $post_data['poll_length'] = 0; $post_data['poll_start'] = 0; $post_data['icon_id'] = 0; $post_data['poll_options'] = array(); include $phpbb_root_path . 'includes/message_parser.' . $phpEx; $message_parser = new parse_message(); // Set some default variables $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0); foreach ($uninit as $var_name => $default_value) { if (!isset($post_data[$var_name])) { $post_data[$var_name] = $default_value; } } unset($uninit); if ($config['allow_topic_notify'] && $user->data['is_registered']) { $notify = $user->data['user_notify'] ? true : false; } else { $notify = false; } // Always check if the submitted attachment data is valid and belongs to the user. // Further down (especially in submit_post()) we do not check this again. $message_parser->get_submitted_attachment_data($post_data['poster_id']); $post_data['username'] = ''; $post_data['enable_urls'] = $post_data['enable_magic_url']; $post_data['enable_sig'] = $config['allow_sig'] && $user->optionget('attachsig') ? true : false; $post_data['enable_smilies'] = $config['allow_smilies'] && $user->optionget('smilies') ? true : false; $post_data['enable_bbcode'] = $config['allow_bbcode'] && $user->optionget('bbcode') ? true : false; $post_data['enable_urls'] = true; $post_data['enable_magic_url'] = $post_data['drafts'] = false; $check_value = ($post_data['enable_bbcode'] + 1 << 8) + ($post_data['enable_smilies'] + 1 << 4) + ($post_data['enable_urls'] + 1 << 2) + ($post_data['enable_sig'] + 1 << 1); // HTML, BBCode, Smilies, Images and Flash status $bbcode_status = $config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id) ? true : false; $smilies_status = $bbcode_status && $config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id) ? true : false; $img_status = $bbcode_status && $auth->acl_get('f_img', $forum_id) ? true : false; $url_status = $config['allow_post_links'] ? true : false; $flash_status = $bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash'] ? true : false; $quote_status = $auth->acl_get('f_reply', $forum_id) ? true : false; $post_data['topic_cur_post_id'] = request_var('topic_cur_post_id', 0); $post_data['post_subject'] = utf8_normalize_nfc($subject); $message_parser->message = utf8_normalize_nfc(htmlspecialchars($text_body)); $post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true)); $post_data['post_edit_reason'] = ''; $post_data['orig_topic_type'] = $post_data['topic_type']; $post_data['topic_type'] = request_var('topic_type', POST_NORMAL); $post_data['topic_time_limit'] = request_var('topic_time_limit', 0); $post_data['icon_id'] = request_var('icon', 0); $post_data['enable_bbcode'] = !$bbcode_status || isset($_POST['disable_bbcode']) ? false : true; $post_data['enable_smilies'] = !$smilies_status || isset($_POST['disable_smilies']) ? false : true; $post_data['enable_urls'] = isset($_POST['disable_magic_url']) ? 0 : 1; $post_data['enable_sig'] = !$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig') ? false : ($user->data['is_registered'] ? true : false); $topic_lock = isset($_POST['lock_topic']) ? true : false; $post_lock = isset($_POST['lock_post']) ? true : false; $poll_delete = isset($_POST['poll_delete']) ? true : false; $status_switch = ($post_data['enable_bbcode'] + 1 << 8) + ($post_data['enable_smilies'] + 1 << 4) + ($post_data['enable_urls'] + 1 << 2) + ($post_data['enable_sig'] + 1 << 1); $status_switch = $status_switch != $check_value; $post_data['poll_title'] = utf8_normalize_nfc(request_var('poll_title', '', true)); $post_data['poll_length'] = request_var('poll_length', 0); $post_data['poll_option_text'] = utf8_normalize_nfc(request_var('poll_option_text', '', true)); $post_data['poll_max_options'] = request_var('poll_max_options', 1); $post_data['poll_vote_change'] = $auth->acl_get('f_votechg', $forum_id) && isset($_POST['poll_vote_change']) ? 1 : 0; // Parse Attachments - before checksum is calculated $message_parser->parse_attachments('fileupload', 'post', $forum_id, true, false, false); // Grab md5 'checksum' of new message $message_md5 = md5($message_parser->message); if (sizeof($message_parser->warn_msg)) { trigger_error(join("\n", $message_parser->warn_msg)); } $message_parser->parse($post_data['enable_bbcode'], $config['allow_post_links'] ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']); if ($config['flood_interval'] && !$auth->acl_get('f_ignoreflood', $forum_id)) { // Flood check $last_post_time = 0; if ($user->data['is_registered']) { $last_post_time = $user->data['user_lastpost_time']; } else { $sql = 'SELECT post_time AS last_post_time FROM ' . POSTS_TABLE . "\r\r\n WHERE poster_ip = '" . $user->ip . "'\r\r\n AND post_time > " . ($current_time - $config['flood_interval']); $result = $db->sql_query_limit($sql, 1); if ($row = $db->sql_fetchrow($result)) { $last_post_time = $row['last_post_time']; } $db->sql_freeresult($result); } if ($last_post_time && $current_time - $last_post_time < intval($config['flood_interval'])) { trigger_error('FLOOD_ERROR'); } } // Validate username if ($post_data['username'] && !$user->data['is_registered']) { include $phpbb_root_path . 'includes/functions_user.' . $phpEx; if (($result = validate_username($post_data['username'], !empty($post_data['post_username']) ? $post_data['post_username'] : '')) !== false) { $user->add_lang('ucp'); trigger_error($result . '_USERNAME'); } } if (sizeof($message_parser->warn_msg)) { trigger_error(join("\n", $message_parser->warn_msg)); } // DNSBL check if ($config['check_dnsbl'] && $mobiquo_config['check_dnsbl']) { if (($dnsbl = $user->check_dnsbl('post')) !== false) { trigger_error(sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1])); } } // Store message, sync counters $data = array('topic_title' => empty($post_data['topic_title']) ? $post_data['post_subject'] : $post_data['topic_title'], 'topic_first_post_id' => isset($post_data['topic_first_post_id']) ? (int) $post_data['topic_first_post_id'] : 0, 'topic_last_post_id' => isset($post_data['topic_last_post_id']) ? (int) $post_data['topic_last_post_id'] : 0, 'topic_time_limit' => (int) $post_data['topic_time_limit'], 'topic_attachment' => isset($post_data['topic_attachment']) ? (int) $post_data['topic_attachment'] : 0, 'post_id' => 0, 'topic_id' => 0, 'forum_id' => (int) $forum_id, 'icon_id' => (int) $post_data['icon_id'], 'poster_id' => (int) $post_data['poster_id'], 'enable_sig' => (bool) $post_data['enable_sig'], 'enable_bbcode' => (bool) $post_data['enable_bbcode'], 'enable_smilies' => (bool) $post_data['enable_smilies'], 'enable_urls' => (bool) $post_data['enable_urls'], 'enable_indexing' => (bool) $post_data['enable_indexing'], 'message_md5' => (string) $message_md5, 'post_time' => isset($post_data['post_time']) ? (int) $post_data['post_time'] : $current_time, 'post_checksum' => isset($post_data['post_checksum']) ? (string) $post_data['post_checksum'] : '', 'post_edit_reason' => $post_data['post_edit_reason'], 'post_edit_user' => isset($post_data['post_edit_user']) ? (int) $post_data['post_edit_user'] : 0, 'forum_parents' => $post_data['forum_parents'], 'forum_name' => $post_data['forum_name'], 'notify' => $notify, 'notify_set' => $post_data['notify_set'], 'poster_ip' => isset($post_data['poster_ip']) ? $post_data['poster_ip'] : $user->ip, 'post_edit_locked' => (int) $post_data['post_edit_locked'], 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'topic_approved' => isset($post_data['topic_approved']) ? $post_data['topic_approved'] : false, 'post_approved' => isset($post_data['post_approved']) ? $post_data['post_approved'] : false, 'post_expire_time' => -1, 'topic_status' => 0); $poll = array(); include $phpbb_root_path . 'includes/functions_posting.' . $phpEx; $update_message = true; $cwd = getcwd(); chdir('../'); $phpbb_root_path_tmp = $phpbb_root_path; $phpbb_root_path = './'; $redirect_url = submit_post('post', $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message); chdir($cwd); $phpbb_root_path = $phpbb_root_path_tmp; // Check the permissions for post approval, as well as the queue trigger where users are put on approval with a post count lower than specified. Moderators are not affected. $approved = true; if (($config['enable_queue_trigger'] && $user->data['user_posts'] < $config['queue_trigger_posts'] || !$auth->acl_get('f_noapprove', $data['forum_id'])) && !$auth->acl_get('m_approve', $data['forum_id'])) { $approved = false; } $posted_success = false; $topic_id = ''; if ($redirect_url) { preg_match('/&t=(\\d+)/', $redirect_url, $matches); $topic_id = $matches[1]; $posted_success = true; } $xmlrpc_create_topic = new xmlrpcval(array('result' => new xmlrpcval($posted_success, 'boolean'), 'topic_id' => new xmlrpcval($topic_id), 'state' => new xmlrpcval($approved ? 0 : 1, 'int')), 'struct'); return new xmlrpcresp($xmlrpc_create_topic); }