$i = 1;
foreach ($poll_opts as $poll_option) {
$result = dbquery("INSERT INTO " . DB_FORUM_POLL_OPTIONS . " (thread_id, forum_poll_option_id, forum_poll_option_text, forum_poll_option_votes) VALUES('" . $thread_id . "', '" . $i . "', '" . $poll_option . "', '0')");
$i++;
}
}
}
if ($fdata['forum_attach'] && checkgroup($fdata['forum_attach'])) {
$attach = $_FILES['attach'];
if ($attach['name'] != "" && !empty($attach['name']) && is_uploaded_file($attach['tmp_name'])) {
$attachname = substr($attach['name'], 0, strrpos($attach['name'], "."));
$attachext = strtolower(strrchr($attach['name'], "."));
if (preg_match("/^[-0-9A-Z_\\[\\]]+\$/i", $attachname) && $attach['size'] <= $settings['attachmax']) {
$attachtypes = explode(",", $settings['attachtypes']);
if (in_array($attachext, $attachtypes)) {
$attachname = attach_exists(strtolower($attach['name']));
move_uploaded_file($attach['tmp_name'], FORUM . "attachments/" . $attachname);
chmod(FORUM . "attachments/" . $attachname, 0644);
if (in_array($attachext, $imagetypes) && (!@getimagesize(FORUM . "attachments/" . $attachname) || !@verify_image(FORUM . "attachments/" . $attachname))) {
unlink(FORUM . "attachments/" . $attachname);
$error = 1;
}
if (!$error) {
$result = dbquery("INSERT INTO " . DB_FORUM_ATTACHMENTS . " (thread_id, post_id, attach_name, attach_ext, attach_size) VALUES ('" . $thread_id . "', '" . $post_id . "', '{$attachname}', '{$attachext}', '" . $attach['size'] . "')");
}
} else {
@unlink($attach['tmp_name']);
$error = 1;
}
} else {
@unlink($attach['tmp_name']);
$result = dbquery("INSERT INTO " . DB_FORUM_POLL_OPTIONS . " (thread_id, forum_poll_option_id, forum_poll_option_text, forum_poll_option_votes) VALUES('" . $thread_id . "', '" . $i . "', '" . $poll_option . "', '0')");
$i++;
}
}
}
if ($fdata['forum_attach'] && checkgroup($fdata['forum_attach'])) {
// $attach = $_FILES['attach'];
foreach ($_FILES as $attach) {
if ($attach['name'] != "" && !empty($attach['name']) && is_uploaded_file($attach['tmp_name'])) {
$attachname = stripfilename(substr($attach['name'], 0, strrpos($attach['name'], ".")));
$attachext = strtolower(strrchr($attach['name'], "."));
if (preg_match("/^[-0-9A-Z_\\[\\]]+\$/i", $attachname) && $attach['size'] <= $settings['attachmax']) {
$attachtypes = explode(",", $settings['attachtypes']);
if (in_array($attachext, $attachtypes)) {
$attachname .= $attachext;
$attachname = attach_exists(strtolower($attachname));
move_uploaded_file($attach['tmp_name'], FORUM . "attachments/" . $attachname);
chmod(FORUM . "attachments/" . $attachname, 0644);
if (in_array($attachext, $imagetypes) && (!@getimagesize(FORUM . "attachments/" . $attachname) || !@verify_image(FORUM . "attachments/" . $attachname))) {
unlink(FORUM . "attachments/" . $attachname);
$error = 1;
}
if (!$error) {
$result = dbquery("INSERT INTO " . DB_FORUM_ATTACHMENTS . " (thread_id, post_id, attach_name, attach_ext, attach_size) VALUES ('" . $thread_id . "', '" . $post_id . "', '" . $attachname . "', '" . $attachext . "', '" . $attach['size'] . "')");
}
} else {
@unlink($attach['tmp_name']);
$error = 1;
}
} else {
@unlink($attach['tmp_name']);
