public function index()
{
$category_id = $this->_get('category_id');
$category = M('category')->select();
$children_id = getChildrenId($category, $category_id);
$children_id[] = $category_id;
//p($children_id);die;
import('ORG.Util.Page');
$where = array('post.category_id' => array('IN', $children_id), 'post.parent_id' => 0);
if (!isset($_GET['category_id'])) {
$where = array('post.parent_id' => 0);
}
//精品帖
$tag_id = isset($_GET['tag_id']) ? $_GET['tag_id'] : 0;
if ($tag_id) {
$post_id_list = array();
$result = M('post_tag')->where(array('tag_id' => $tag_id))->select();
if ($result) {
foreach ($result as $key => $value) {
$post_id_list[] = $value['post_id'];
}
}
$where = array('post.parent_id' => 0, 'post.post_id' => array('in', $post_id_list), 'post.is_recycle' => 0);
}
$db = D('Post');
//分页
$count = $db->where($where)->count();
$page = new Page($count, 20);
$limit = $page->firstRow . ',' . $page->listRows;
//echo $id;
$post = $db->relation(true)->where($where)->order('update_time DESC')->limit($limit)->select();
//$post=D('PostUserView')->select();
//p($post);
$location = array_reverse(get_all_parent($category, $_GET['category_id']));
if (!isset($_GET['category_id'])) {
$where = array('parent_id' => 0);
$children_category = M('category')->where($where)->select();
} else {
$children_category = M('category')->where(array('parent_id' => $category_id))->select();
if (!$children_category) {
$parent_category = M('category')->where(array('category_id' => $category_id))->getField('parent_id');
$where = array('parent_id' => $parent_category);
$children_category = M('category')->where($where)->select();
}
}
$this->post = $post;
$this->page = $page->show();
$this->category_id = $category_id;
$this->location = $location;
$this->children_category = $children_category;
$this->display();
}
public function render_reply_form()
{
global $locale, $userdata, $forum_settings, $defender;
$thread_data = $this->thread_info['thread'];
if ((!iMOD or !iSUPERADMIN) && $thread_data['thread_locked']) {
redirect(INFUSIONS . 'forum/index.php');
}
if ($this->getThreadPermission("can_reply")) {
add_to_title($locale['global_201'] . $locale['forum_0503']);
add_breadcrumb(array('link' => '', 'title' => $locale['forum_0503']));
// field data
$post_data = array('post_id' => 0, 'forum_id' => $this->thread_info['thread']['forum_id'], 'thread_id' => $this->thread_info['thread']['thread_id'], 'post_message' => isset($_POST['post_message']) ? form_sanitizer($_POST['post_message'], '', 'post_message') : '', 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 1 : 0, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'notify_me' => 0, 'post_locked' => $forum_settings['forum_edit_lock'] || isset($_POST['post_locked']) ? 1 : 0);
// execute form post actions
if (isset($_POST['post_reply'])) {
require_once INCLUDES . "flood_include.php";
// all data is sanitized here.
if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
// have notice
$update_forum_lastpost = FALSE;
if ($defender->safe()) {
// Prepare forum merging action
$last_post_author = dbarray(dbquery("SELECT post_author FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $thread_data['thread_id'] . "' ORDER BY post_id DESC LIMIT 1"));
if ($last_post_author['post_author'] == $post_data['post_author'] && $thread_data['forum_merge']) {
$last_message = dbarray(dbquery("SELECT post_id, post_message FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $thread_data['thread_id'] . "' ORDER BY post_id DESC"));
$post_data['post_id'] = $last_message['post_id'];
$post_data['post_message'] = $last_message['post_message'] . "\n\n" . $locale['forum_0640'] . " " . showdate("longdate", time()) . ":\n" . $post_data['post_message'];
dbquery_insert(DB_FORUM_POSTS, $post_data, 'update', array('primary_key' => 'post_id', 'keep_session' => TRUE));
} else {
$update_forum_lastpost = TRUE;
dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id', 'keep_session' => TRUE));
$post_data['post_id'] = dblastid();
if (!defined("FUSION_NULL")) {
dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . $post_data['post_author'] . "'");
}
}
// Attach files if permitted
if (!empty($_FILES) && is_uploaded_file($_FILES['file_attachments']['tmp_name'][0]) && $this->getThreadPermission("can_upload_attach")) {
$upload = form_sanitizer($_FILES['file_attachments'], '', 'file_attachments');
if ($upload['error'] == 0) {
foreach ($upload['target_file'] as $arr => $file_name) {
$adata = array('thread_id' => $thread_data['thread_id'], 'post_id' => $post_data['post_id'], 'attach_name' => $file_name, 'attach_mime' => $upload['type'][$arr], 'attach_size' => $upload['source_size'][$arr], 'attach_count' => 0);
dbquery_insert(DB_FORUM_ATTACHMENTS, $adata, "save", array('keep_session' => TRUE));
}
}
}
// Update stats in forum and threads
if ($update_forum_lastpost == TRUE) {
// find all parents and update them
$list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $thread_data['forum_id']);
foreach ($list_of_forums as $fid) {
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $fid . "'");
}
// update current forum
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $thread_data['forum_id'] . "'");
// update current thread
dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost='" . time() . "', thread_lastpostid='" . $post_data['post_id'] . "', thread_postcount=thread_postcount+1, thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $thread_data['thread_id'] . "'");
}
if ($forum_settings['thread_notify'] && isset($_POST['notify_me'])) {
if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $thread_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $thread_data['thread_id'] . "', '" . time() . "', '" . $post_data['post_author'] . "', '1')");
}
}
if ($defender->safe()) {
redirect(INFUSIONS . "forum/postify.php?post=reply&error=0&forum_id=" . intval($post_data['forum_id']) . "&thread_id=" . intval($post_data['thread_id']) . "&post_id=" . intval($post_data['post_id']));
}
}
}
}
// template data
$form_action = INFUSIONS . "forum/viewthread.php?action=reply&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'];
// Quote Get
if (isset($_GET['quote']) && isnum($_GET['quote'])) {
$quote_result = dbquery("SELECT a.post_message, b.user_name\n\t\t\t\t\t\t\t\t\t\tFROM " . DB_FORUM_POSTS . " a\n\t\t\t\t\t\t\t\t\t\tINNER JOIN " . DB_USERS . " b ON a.post_author=b.user_id\n\t\t\t\t\t\t\t\t\t\tWHERE thread_id='" . $thread_data['thread_id'] . "' and post_id='" . $_GET['quote'] . "'");
if (dbrows($quote_result) > 0) {
$quote_data = dbarray($quote_result);
// do not do this. to silently inject.
$post_data['post_message'] = "[quote name=" . $quote_data['user_name'] . " post=" . $_GET['quote'] . "]@" . $quote_data['user_name'] . " - " . strip_bbcodes($quote_data['post_message']) . "[/quote]" . $post_data['post_message'];
$form_action .= "&post_id=" . $_GET['post_id'] . "&quote=" . $_GET['quote'];
} else {
redirect(INFUSIONS . "forum/index.php");
}
}
$info = array('title' => $locale['forum_0503'], 'description' => $locale['forum_2000'] . $thread_data['thread_subject'], 'openform' => openform('input_form', 'post', $form_action, array('enctype' => $this->getThreadPermission("can_upload_attach") ? TRUE : FALSE, 'max_tokens' => 1)), 'closeform' => closeform(), 'forum_id_field' => form_hidden('forum_id', "", $post_data['forum_id']), 'thread_id_field' => form_hidden('thread_id', "", $post_data['thread_id']), "forum_field" => "", 'subject_field' => form_hidden('thread_subject', "", $thread_data['thread_subject']), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => TRUE, 'error_text' => '', 'autosize' => TRUE, 'no_resize' => TRUE, 'preview' => TRUE, 'form_name' => 'input_form', 'bbcode' => TRUE)), 'delete_field' => '', 'edit_reason_field' => '', 'attachment_field' => $this->getThreadPermission("can_upload_attach") ? form_fileinput('file_attachments[]', $locale['forum_0557'], "", array('input_id' => 'file_attachments', 'upload_path' => INFUSIONS . 'forum/attachments/', 'type' => 'object', 'preview_off' => TRUE, "multiple" => TRUE, "inline" => false, 'max_count' => $forum_settings['forum_attachmax_count'], 'valid_ext' => $forum_settings['forum_attachtypes'], "class" => "m-b-0")) . "\n\t\t\t\t\t\t\t\t <div class='m-b-20'>\n<small>" . sprintf($locale['forum_0559'], parsebytesize($forum_settings['forum_attachmax']), str_replace('|', ', ', $forum_settings['forum_attachtypes']), $forum_settings['forum_attachmax_count']) . "</small>\n</div>\n" : "", "poll_form" => "", 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0')), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0')) : '', 'sticky_field' => '', 'lock_field' => '', 'hide_edit_field' => '', 'post_locked_field' => '', 'notify_field' => $forum_settings['thread_notify'] ? form_checkbox('notify_me', $locale['forum_0626'], $post_data['notify_me'], array('class' => 'm-b-0')) : '', 'post_buttons' => form_button('post_reply', $locale['forum_0504'], $locale['forum_0504'], array('class' => 'btn-primary')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default m-l-10')), 'last_posts_reply' => '');
// only in reply
if ($forum_settings['forum_last_posts_reply']) {
$result = dbquery("\n\t\t\t\tSELECT\n\t\t\t\tp.thread_id, p.post_message, p.post_smileys, p.post_author, p.post_datestamp, p.post_hidden,\n\t\t\t\t\t\t\tu.user_id, u.user_name, u.user_status, u.user_avatar\n\t\t\t\t\t\t\tFROM " . DB_FORUM_POSTS . " p\n\t\t\t\t\t\t\tLEFT JOIN " . DB_USERS . " u ON p.post_author = u.user_id\n\t\t\t\t\t\t\tWHERE p.thread_id='" . $thread_data['thread_id'] . "' AND p.post_hidden='0'\n\t\t\t\t\t\t\tGROUP BY p.post_id\n\t\t\t\t\t\t\tORDER BY p.post_datestamp DESC LIMIT 0," . $forum_settings['posts_per_page']);
if (dbrows($result)) {
$title = sprintf($locale['forum_0526'], $forum_settings['forum_last_posts_reply']);
if ($forum_settings['forum_last_posts_reply'] == "1") {
$title = $locale['forum_0525'];
}
ob_start();
echo "<p><strong>" . $title . "</strong>\n</p>\n";
echo "<table class='table table-responsive'>\n";
$i = $forum_settings['posts_per_page'];
while ($data = dbarray($result)) {
$message = $data['post_message'];
if ($data['post_smileys']) {
$message = parsesmileys($message);
}
$message = parseubb($message);
echo "<tr>\n<td class='tbl2 forum_thread_user_name' style='width:10%'><!--forum_thread_user_name-->" . profile_link($data['user_id'], $data['user_name'], $data['user_status']) . "</td>\n";
echo "<td class='tbl2 forum_thread_post_date'>\n";
echo "<div style='float:right' class='small'>\n";
echo $i . ($i == $forum_settings['forum_last_posts_reply'] ? " (" . $locale['forum_0525'] . ")" : "");
echo "</div>\n";
echo "<div class='small'>" . $locale['forum_0524'] . showdate("forumdate", $data['post_datestamp']) . "</div>\n";
echo "</td>\n";
echo "</tr>\n<tr>\n<td valign='top' class='tbl2 forum_thread_user_info' style='width:10%'>\n";
echo display_avatar($data, '50px');
echo "</td>\n<td valign='top' class='tbl1 forum_thread_user_post'>\n";
echo nl2br($message);
echo "</td>\n</tr>\n";
$i--;
}
echo "</table>\n";
$info['last_posts_reply'] = ob_get_contents();
ob_end_clean();
}
}
postform($info);
} else {
redirect(INFUSIONS . 'forum/index.php');
}
}
/**
* New thread
*/
public function set_newThreadInfo()
{
$userdata = fusion_get_userdata();
$locale = fusion_get_locale("", FORUM_LOCALE);
$locale += fusion_get_locale("", FORUM_TAGS_LOCALE);
$forum_settings = ForumServer::get_forum_settings();
// @todo: Reduce lines and optimize further
if (iMEMBER) {
// New thread directly to a specified forum
if (!empty($_GET['forum_id']) && ForumServer::verify_forum($_GET['forum_id'])) {
add_to_title($locale['forum_0000']);
add_to_meta("description", $locale['forum_0000']);
add_breadcrumb(array("link" => FORUM . "index.php", "title" => $locale['forum_0000']));
add_to_title($locale['global_201'] . $locale['forum_0057']);
$forum_data = dbarray(dbquery("SELECT f.*, f2.forum_name AS forum_cat_name\n\t\t\t\tFROM " . DB_FORUMS . " f\n\t\t\t\tLEFT JOIN " . DB_FORUMS . " f2 ON f.forum_cat=f2.forum_id\n\t\t\t\tWHERE f.forum_id='" . intval($_GET['forum_id']) . "'\n\t\t\t\tAND " . groupaccess('f.forum_access') . "\n\t\t\t\t"));
if ($forum_data['forum_type'] == 1) {
redirect(INFUSIONS . "forum/index.php");
}
// Use the new permission settings
self::setPermission($forum_data);
$forum_data['lock_edit'] = $forum_settings['forum_edit_lock'];
if (self::getPermission("can_post") && self::getPermission("can_access")) {
add_breadcrumb(array('link' => INFUSIONS . 'forum/index.php?viewforum&forum_id=' . $forum_data['forum_id'] . '&parent_id=' . $forum_data['forum_cat'], 'title' => $forum_data['forum_name']));
add_breadcrumb(array('link' => INFUSIONS . 'forum/index.php?viewforum&forum_id=' . $forum_data['forum_id'] . '&parent_id=' . $forum_data['forum_cat'], 'title' => $locale['forum_0057']));
/**
* Generate a poll form
*/
$poll_form = "";
if (self::getPermission("can_create_poll")) {
// initial data to push downwards
$pollData = array('thread_id' => 0, 'forum_poll_title' => !empty($_POST['forum_poll_title']) ? form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title') : '', 'forum_poll_start' => time(), 'forum_poll_length' => 2, 'forum_poll_votes' => 0);
// counter of lengths
$option_data[1] = "";
$option_data[2] = "";
// Do a validation if checked add_poll
if (isset($_POST['add_poll'])) {
$pollData = array('thread_id' => 0, 'forum_poll_title' => isset($_POST['forum_poll_title']) ? form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title') : '', 'forum_poll_start' => time(), 'forum_poll_length' => count($option_data), 'forum_poll_votes' => 0);
// calculate poll lengths
if (!empty($_POST['poll_options']) && is_array($_POST['poll_options'])) {
foreach ($_POST['poll_options'] as $i => $value) {
$option_data[$i] = form_sanitizer($value, '', "poll_options[{$i}]");
}
}
}
if (isset($_POST['add_poll_option']) && isset($_POST['poll_options'])) {
// reindex the whole array with blank values.
foreach ($_POST['poll_options'] as $i => $value) {
$option_data[$i] = form_sanitizer($value, '', "poll_options[{$i}]");
}
if (\defender::safe()) {
$option_data = array_values(array_filter($option_data));
array_unshift($option_data, NULL);
unset($option_data[0]);
$pollData['forum_poll_length'] = count($option_data);
}
array_push($option_data, '');
}
$poll_field = '';
$poll_field['poll_field'] = form_text('forum_poll_title', $locale['forum_0604'], $pollData['forum_poll_title'], array('max_length' => 255, 'placeholder' => $locale['forum_0604a'], 'inline' => TRUE, 'required' => TRUE));
for ($i = 1; $i <= count($option_data); $i++) {
$poll_field['poll_field'] .= form_text("poll_options[{$i}]", sprintf($locale['forum_0606'], $i), $option_data[$i], array('max_length' => 255, 'placeholder' => $locale['forum_0605'], 'inline' => TRUE, 'required' => $i <= 2 ? TRUE : FALSE));
}
$poll_field['poll_field'] .= "<div class='col-xs-12 col-sm-offset-3'>\n";
$poll_field['poll_field'] .= form_button('add_poll_option', $locale['forum_0608'], $locale['forum_0608'], array('class' => 'btn-primary btn-sm'));
$poll_field['poll_field'] .= "</div>\n";
$info = array('title' => $locale['forum_0366'], 'description' => $locale['forum_0630'], 'field' => $poll_field);
ob_start();
echo form_checkbox("add_poll", $locale['forum_0366'], isset($_POST['add_poll']) ? TRUE : FALSE, array('reverse_label' => TRUE));
echo "<div id='poll_form' class='poll-form' style='display:none;'>\n";
echo "<div class='well clearfix'>\n";
echo "<!--pre_form-->\n";
echo $info['field']['poll_field'];
echo "</div>\n";
echo "</div>\n";
$poll_form = ob_get_contents();
ob_end_clean();
}
$thread_data = array('forum_id' => $forum_data['forum_id'], 'thread_id' => 0, 'thread_subject' => isset($_POST['thread_subject']) ? form_sanitizer($_POST['thread_subject'], '', 'thread_subject') : '', 'thread_tags' => isset($_POST['thread_tags']) ? form_sanitizer($_POST['thread_tags'], '', 'thread_tags') : '', 'thread_author' => $userdata['user_id'], 'thread_views' => 0, 'thread_lastpost' => time(), 'thread_lastpostid' => 0, 'thread_lastuser' => $userdata['user_id'], 'thread_postcount' => 1, 'thread_poll' => 0, 'thread_sticky' => isset($_POST['thread_sticky']) ? 1 : 0, 'thread_locked' => isset($_POST['thread_sticky']) ? 1 : 0, 'thread_hidden' => 0);
$post_data = array('forum_id' => $forum_data['forum_id'], 'forum_cat' => $forum_data['forum_cat'], 'thread_id' => 0, 'post_id' => 0, 'post_message' => isset($_POST['post_message']) ? form_sanitizer($_POST['post_message'], '', 'post_message') : '', 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => !isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 0 : 1, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'notify_me' => isset($_POST['notify_me']) ? 1 : 0, 'post_locked' => 0);
// Execute post new thread
if (isset($_POST['post_newthread']) && \defender::safe()) {
require_once INCLUDES . "flood_include.php";
// all data is sanitized here.
if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
// have notice
if (\defender::safe()) {
// create a new thread.
dbquery_insert(DB_FORUM_THREADS, $thread_data, 'save', array('primary_key' => 'thread_id', 'keep_session' => TRUE));
$post_data['thread_id'] = dblastid();
$pollData['thread_id'] = dblastid();
dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id', 'keep_session' => TRUE));
$post_data['post_id'] = dblastid();
// Attach files if permitted
if (!empty($_FILES) && is_uploaded_file($_FILES['file_attachments']['tmp_name'][0]) && self::getPermission("can_upload_attach")) {
$upload = form_sanitizer($_FILES['file_attachments'], '', 'file_attachments');
if ($upload['error'] == 0) {
foreach ($upload['target_file'] as $arr => $file_name) {
$attach_data = array('thread_id' => $post_data['thread_id'], 'post_id' => $post_data['post_id'], 'attach_name' => $file_name, 'attach_mime' => $upload['type'][$arr], 'attach_size' => $upload['source_size'][$arr], 'attach_count' => '0');
dbquery_insert(DB_FORUM_ATTACHMENTS, $attach_data, "save", array('keep_session' => TRUE));
}
}
}
dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . intval($post_data['post_author']) . "'");
// Update stats in forum and threads
// find all parents and update them
$list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $post_data['forum_id']);
if (is_array($list_of_forums)) {
foreach ($list_of_forums as $forum_id) {
$forum_update_sql = "\n UPDATE " . DB_FORUMS . " SET forum_lastpost='" . intval($post_data['post_datestamp']) . "',\n forum_postcount=forum_postcount+1,\n forum_threadcount=forum_threadcount+1,\n forum_lastpostid='" . intval($post_data['post_id']) . "',\n forum_lastuser='******'post_author']) . "' WHERE forum_id='" . intval($forum_id) . "'\n ";
dbquery($forum_update_sql);
}
}
// update current forum
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . $post_data['post_datestamp'] . "', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $post_data['forum_id'] . "'");
// update current thread
dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost='" . $post_data['post_datestamp'] . "', thread_lastpostid='" . $post_data['post_id'] . "', thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $post_data['thread_id'] . "'");
// set notify
if ($forum_settings['thread_notify'] && isset($_POST['notify_me']) && $post_data['thread_id']) {
if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $post_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $post_data['thread_id'] . "', '" . $post_data['post_datestamp'] . "', '" . $post_data['post_author'] . "', '1')");
}
}
// Add poll if exist
if (!empty($option_data) && isset($_POST['add_poll'])) {
dbquery_insert(DB_FORUM_POLLS, $pollData, 'save');
$poll_option_data['thread_id'] = $pollData['thread_id'];
$i = 1;
foreach ($option_data as $option_text) {
if ($option_text) {
$poll_option_data['forum_poll_option_id'] = $i;
$poll_option_data['forum_poll_option_text'] = $option_text;
$poll_option_data['forum_poll_option_votes'] = 0;
dbquery_insert(DB_FORUM_POLL_OPTIONS, $poll_option_data, 'save');
$i++;
}
}
dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_poll='1' WHERE thread_id='" . $pollData['thread_id'] . "'");
}
}
if (\defender::safe()) {
redirect(INFUSIONS . "forum/postify.php?post=new&error=0&forum_id=" . intval($post_data['forum_id']) . "&parent_id=" . intval($post_data['forum_cat']) . "&thread_id=" . intval($post_data['thread_id'] . ""));
}
}
}
$this->info = array('title' => $locale['forum_0057'], 'description' => '', 'openform' => openform('input_form', 'post', FORUM . "newthread.php?forum_id=" . $post_data['forum_id'], array('enctype' => self::getPermission("can_upload_attach"))), 'closeform' => closeform(), 'forum_id_field' => '', 'thread_id_field' => '', "forum_field" => "", 'subject_field' => form_text('thread_subject', $locale['forum_0600'], $thread_data['thread_subject'], array('required' => 1, 'placeholder' => $locale['forum_2001'], 'error_text' => '', 'class' => 'm-t-20 m-b-20')), 'tags_field' => form_select('thread_tags[]', $locale['forum_tag_0100'], $thread_data['thread_tags'], array('options' => $this->tag()->get_TagOpts(TRUE), 'width' => '100%', 'multiple' => TRUE, 'delimiter' => '.', 'max_select' => 3)), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => 1, 'error_text' => '', 'autosize' => 1, 'no_resize' => 1, 'preview' => 1, 'form_name' => 'input_form', 'bbcode' => 1)), 'attachment_field' => self::getPermission("can_upload_attach") ? form_fileinput('file_attachments[]', $locale['forum_0557'], "", array('input_id' => 'file_attachments', 'upload_path' => INFUSIONS . 'forum/attachments/', 'type' => 'object', 'preview_off' => TRUE, "multiple" => TRUE, "inline" => FALSE, 'max_count' => $forum_settings['forum_attachmax_count'], 'valid_ext' => $forum_settings['forum_attachtypes'], "class" => "m-b-0")) . " <div class='m-b-20'>\n<small>\n " . sprintf($locale['forum_0559'], parsebytesize($forum_settings['forum_attachmax']), str_replace('|', ', ', $forum_settings['forum_attachtypes']), $forum_settings['forum_attachmax_count']) . "</small>\n</div>\n" : "", 'poll_form' => $poll_form, 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0', 'reverse_label' => TRUE)), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'sticky_field' => iMOD || iSUPERADMIN ? form_checkbox('thread_sticky', $locale['forum_0620'], $thread_data['thread_sticky'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'lock_field' => iMOD || iSUPERADMIN ? form_checkbox('thread_locked', $locale['forum_0621'], $thread_data['thread_locked'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'edit_reason_field' => '', 'delete_field' => '', 'hide_edit_field' => '', 'post_locked_field' => '', 'notify_field' => $forum_settings['thread_notify'] ? form_checkbox('notify_me', $locale['forum_0626'], $post_data['notify_me'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'post_buttons' => form_button('post_newthread', $locale['forum_0057'], $locale['forum_0057'], array('class' => 'btn-primary btn-sm')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default btn-sm m-l-10')), 'last_posts_reply' => '');
// add a jquery to toggle the poll form
add_to_jquery("\n if (\$('#add_poll').is(':checked')) {\n \$('#poll_form').show();\n } else {\n \$('#poll_form').hide();\n }\n \$('#add_poll').bind('click', function() {\n if (\$(this).is(':checked')) {\n \$('#poll_form').slideDown();\n } else {\n \$('#poll_form').slideUp();\n }\n });\n ");
} else {
redirect(FORUM . "index.php");
}
} else {
/*
* Quick New Forum Posting.
* Does not require to run permissions.
* Does not contain forum poll.
* Does not contain attachment
*/
if (!dbcount("(forum_id)", DB_FORUMS, "forum_type !='1'")) {
redirect(INFUSIONS . "forum/index.php");
}
if (!dbcount("(forum_id)", DB_FORUMS, "forum_language ='" . LANGUAGE . "'")) {
redirect(INFUSIONS . "forum/index.php");
}
add_breadcrumb(array("link" => FORUM . "newthread.php?forum_id=0", "title" => $locale['forum_0057']));
$thread_data = array('forum_id' => isset($_POST['forum_id']) ? form_sanitizer($_POST['forum_id'], 0, "forum_id") : 0, 'thread_id' => 0, 'thread_subject' => isset($_POST['thread_subject']) ? form_sanitizer($_POST['thread_subject'], '', 'thread_subject') : '', 'thread_tags' => isset($_POST['thread_tags']) ? form_sanitizer($_POST['thread_tags'], '', 'thread_tags') : '', 'thread_author' => $userdata['user_id'], 'thread_views' => 0, 'thread_lastpost' => time(), 'thread_lastpostid' => 0, 'thread_lastuser' => $userdata['user_id'], 'thread_postcount' => 1, 'thread_poll' => 0, 'thread_sticky' => isset($_POST['thread_sticky']) ? TRUE : FALSE, 'thread_locked' => isset($_POST['thread_sticky']) ? TRUE : FALSE, 'thread_hidden' => 0);
$post_data = array('forum_id' => isset($_POST['forum_id']) ? form_sanitizer($_POST['forum_id'], 0, "forum_id") : 0, "forum_cat" => 0, 'thread_id' => 0, 'post_id' => 0, 'post_message' => isset($_POST['post_message']) ? form_sanitizer($_POST['post_message'], '', 'post_message') : '', 'post_showsig' => isset($_POST['post_showsig']) ? TRUE : FALSE, 'post_smileys' => !isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? FALSE : TRUE, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'notify_me' => isset($_POST['notify_me']) ? TRUE : FALSE, 'post_locked' => 0);
// go for a new thread posting.
// check data
// and validate
// do not run attach, and do not run poll.
if (isset($_POST['post_newthread']) && \defender::safe()) {
require_once INCLUDES . "flood_include.php";
// all data is sanitized here.
if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
// have notice
if (ForumServer::verify_forum($thread_data['forum_id'])) {
$forum_data = dbarray(dbquery("SELECT f.*, f2.forum_name AS forum_cat_name\n FROM " . DB_FORUMS . " f\n LEFT JOIN " . DB_FORUMS . " f2 ON f.forum_cat=f2.forum_id\n WHERE f.forum_id='" . intval($thread_data['forum_id']) . "'\n AND " . groupaccess('f.forum_access') . "\n "));
if ($forum_data['forum_type'] == 1) {
redirect(INFUSIONS . "forum/index.php");
}
// Use the new permission settings
self::setPermission($forum_data);
$forum_data['lock_edit'] = $forum_settings['forum_edit_lock'];
if (self::getPermission("can_post") && self::getPermission("can_access")) {
$post_data['forum_cat'] = $forum_data['forum_cat'];
// create a new thread.
dbquery_insert(DB_FORUM_THREADS, $thread_data, 'save', array('primary_key' => 'thread_id', 'keep_session' => TRUE));
$post_data['thread_id'] = dblastid();
dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id', 'keep_session' => TRUE));
$post_data['post_id'] = dblastid();
dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . $post_data['post_author'] . "'");
// Update stats in forum and threads
// find all parents and update them
$list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $post_data['forum_id']);
foreach ($list_of_forums as $fid) {
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $fid . "'");
}
// update current forum
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost=''" . time() . "'', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $post_data['forum_id'] . "'");
// update current thread
dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost=''" . time() . "'', thread_lastpostid='" . $post_data['post_id'] . "', thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $post_data['thread_id'] . "'");
// set notify
if ($forum_settings['thread_notify'] && isset($_POST['notify_me']) && $post_data['thread_id']) {
if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $post_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $post_data['thread_id'] . "', '" . time() . "', '" . $post_data['post_author'] . "', 1)");
}
}
if (\defender::safe()) {
redirect(INFUSIONS . "forum/postify.php?post=new&error=0&forum_id=" . intval($post_data['forum_id']) . "&parent_id=" . intval($post_data['forum_cat']) . "&thread_id=" . intval($post_data['thread_id'] . ""));
}
} else {
addNotice("danger", $locale['forum_0186']);
}
} else {
addNotice("danger", $locale['forum_0187']);
redirect(INFUSIONS . "forum/index.php");
}
}
}
//Disable all parents
$disabled_opts = array();
$disable_query = "\n SELECT forum_id FROM " . DB_FORUMS . " WHERE forum_type='1'\n " . (multilang_table("FO") ? "AND forum_language='" . LANGUAGE . "'" : "") . "\n ";
$disable_query = dbquery(" {$disable_query} ");
if (dbrows($disable_query) > 0) {
while ($d_forum = dbarray($disable_query)) {
$disabled_opts = $d_forum['forum_id'];
}
}
$this->info = array('title' => $locale['forum_0057'], 'description' => '', 'openform' => openform('input_form', 'post', FORUM . "newthread.php", array('enctype' => FALSE)), 'closeform' => closeform(), 'forum_id_field' => '', 'thread_id_field' => '', 'forum_field' => form_select_tree("forum_id", $locale['forum_0395'], $thread_data['forum_id'], array("required" => TRUE, "width" => "320px", "no_root" => TRUE, "disable_opts" => $disabled_opts, "query" => multilang_table("FO") ? "WHERE forum_language='" . LANGUAGE . "'" : ""), DB_FORUMS, "forum_name", "forum_id", "forum_cat"), 'subject_field' => form_text('thread_subject', $locale['forum_0600'], $thread_data['thread_subject'], array('required' => 1, 'placeholder' => $locale['forum_2001'], 'error_text' => '', 'class' => 'm-t-20 m-b-20')), 'tags_field' => form_select('thread_tags[]', $locale['forum_tag_0100'], $thread_data['thread_tags'], array('options' => $this->tag()->get_TagOpts(), 'width' => '100%', 'multiple' => TRUE, 'delimiter' => '.', 'max_select' => 3)), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => 1, 'error_text' => '', 'autosize' => 1, 'no_resize' => 1, 'preview' => 1, 'form_name' => 'input_form', 'bbcode' => 1)), 'attachment_field' => "", 'poll_form' => "", 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0', 'reverse_label' => TRUE)), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'sticky_field' => iSUPERADMIN ? form_checkbox('thread_sticky', $locale['forum_0620'], $thread_data['thread_sticky'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'lock_field' => iSUPERADMIN ? form_checkbox('thread_locked', $locale['forum_0621'], $thread_data['thread_locked'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'edit_reason_field' => '', 'delete_field' => '', 'hide_edit_field' => '', 'post_locked_field' => '', 'notify_field' => $forum_settings['thread_notify'] ? form_checkbox('notify_me', $locale['forum_0626'], $post_data['notify_me'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'post_buttons' => form_button('post_newthread', $locale['forum_0057'], $locale['forum_0057'], array('class' => 'btn-primary btn-sm')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default btn-sm m-l-10')), 'last_posts_reply' => '');
}
} else {
redirect(INFUSIONS . 'forum/index.php');
}
}
function get_all_parent($array, $category_id)
{
$arr = array();
if (is_array($array) && $array) {
foreach ($array as $k => $v) {
if ($v['category_id'] == $category_id) {
$arr[] = $v;
$arr = array_merge($arr, get_all_parent($array, $v['parent_id']));
}
}
}
return $arr;
}
/**
* Handle post of Quick Reply Form
*/
private function handle_quick_reply()
{
$forum_settings = $this->get_forum_settings();
$locale = fusion_get_locale();
$userdata = fusion_get_userdata();
if (isset($_POST['post_quick_reply'])) {
if ($this->getThreadPermission("can_reply") && \defender::safe()) {
$this->thread_data = $this->thread_info['thread'];
require_once INCLUDES . "flood_include.php";
if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
// have notice
$post_data = array('post_id' => 0, 'forum_id' => $this->thread_data['forum_id'], 'thread_id' => $this->thread_data['thread_id'], 'post_message' => form_sanitizer($_POST['post_message'], '', 'post_message'), 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => isset($_POST['post_smileys']) || preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 1 : 0, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'post_locked' => $forum_settings['forum_edit_lock'] || isset($_POST['post_locked']) ? 1 : 0);
if (\defender::safe()) {
// post message is invalid or whatever is invalid
$update_forum_lastpost = FALSE;
// Prepare forum merging action
$last_post_author = dbarray(dbquery("SELECT post_author FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $this->thread_data['thread_id'] . "' ORDER BY post_id DESC LIMIT 1"));
if ($last_post_author['post_author'] == $post_data['post_author'] && $this->thread_data['forum_merge']) {
$last_message = dbarray(dbquery("SELECT post_id, post_message FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $this->thread_data['thread_id'] . "' ORDER BY post_id DESC"));
$post_data['post_id'] = $last_message['post_id'];
$post_data['post_message'] = $last_message['post_message'] . "\n\n" . $locale['forum_0640'] . " " . showdate("longdate", time()) . ":\n" . $post_data['post_message'];
dbquery_insert(DB_FORUM_POSTS, $post_data, 'update', array('primary_key' => 'post_id'));
} else {
$update_forum_lastpost = TRUE;
dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id'));
$post_data['post_id'] = dblastid();
dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . $post_data['post_author'] . "'");
}
// Update stats in forum and threads
if ($update_forum_lastpost) {
// find all parents and update them
$list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $this->thread_data['forum_id']);
if (!empty($list_of_forums)) {
foreach ($list_of_forums as $fid) {
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $fid . "'");
}
}
// update current forum
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $this->thread_data['forum_id'] . "'");
// update current thread
dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost='" . time() . "', thread_lastpostid='" . $post_data['post_id'] . "', thread_postcount=thread_postcount+1, thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $this->thread_data['thread_id'] . "'");
}
// set notify
if ($forum_settings['thread_notify'] == TRUE && isset($_POST['notify_me']) && $this->thread_data['thread_id']) {
if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $this->thread_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $this->thread_data['thread_id'] . "', '" . time() . "', '" . $post_data['post_author'] . "', '1')");
}
}
}
redirect(INFUSIONS . "forum/postify.php?post=reply&error=0&forum_id=" . intval($post_data['forum_id']) . "&thread_id=" . intval($post_data['thread_id']) . "&post_id=" . intval($post_data['post_id']));
}
}
}
}
define_forum_mods($forum_data);
// Use the new permission settings
$forum->setForumPermission($forum_data);
$permission = $forum->getForumPermission();
$forum_data['lock_edit'] = $forum_settings['forum_edit_lock'] == 1 ? TRUE : FALSE;
if ($permission['can_post'] && $permission['can_access']) {
$post_data['forum_cat'] = $forum_data['forum_cat'];
// create a new thread.
dbquery_insert(DB_FORUM_THREADS, $thread_data, 'save', array('primary_key' => 'thread_id', 'keep_session' => TRUE));
$post_data['thread_id'] = dblastid();
dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id', 'keep_session' => TRUE));
$post_data['post_id'] = dblastid();
dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . $post_data['post_author'] . "'");
// Update stats in forum and threads
// find all parents and update them
$list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $post_data['forum_id']);
foreach ($list_of_forums as $fid) {
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $fid . "'");
}
// update current forum
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $post_data['forum_id'] . "'");
// update current thread
dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost='" . time() . "', thread_lastpostid='" . $post_data['post_id'] . "', thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $post_data['thread_id'] . "'");
// set notify
if ($forum_settings['thread_notify'] && isset($_POST['notify_me']) && $post_data['thread_id']) {
if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $post_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $post_data['thread_id'] . "', '" . time() . "', '" . $post_data['post_author'] . "', '1')");
}
}
if ($defender->safe()) {
redirect(INFUSIONS . "forum/postify.php?post=new&error=0&forum_id=" . intval($post_data['forum_id']) . "&parent_id=" . intval($post_data['forum_cat']) . "&thread_id=" . intval($post_data['thread_id'] . ""));
/**
* Get all parent ID from dbquery_tree()
* @param array $index
* @param $child_id
* @param array $list
* @return array
*/
function get_all_parent(array $index, $child_id, array &$list = array())
{
foreach ($index as $key => $value) {
if (in_array($child_id, $value)) {
if ($key == 0) {
return $list;
} else {
$list[] = $key;
return (array) get_all_parent($index, $key, $list);
}
}
}
}
