quoting from previous posts ? // * check for reply since started posting upon submission and display of 'between-posts' to allow re-defining of post // * hidden form element containing sid to prevent remote posting - Edwin van Vliet // * Attachments // * bbcode parsing -> see functions_posting.php // * lock topic option within posting // * multichoice polls // * permission defined ability for user to add poll options // * Spellcheck? aspell? or some such? // * Posting approval // Temp Function - strtolower (will have a look at iconv later) - borrowed from php.net function phpbb_strtolower($string) { $new_string = ''; for ($i = 0; $i < strlen($string); $i++) { // Not sure about the offset, where is my ASCII Table ??? if (ord(substr($string, $i, 1)) > 0xa0) { $new_string .= strtolower(substr($string, $i, 2)); $i++; } else { $new_string .= strtolower(substr($string, $i, 1)); } } return $new_string; } define('IN_PHPBB', true); $phpbb_root_path = './'; include($phpbb_root_path . 'extension.inc'); include($phpbb_root_path . 'common.'.$phpEx); include($phpbb_root_path . 'includes/functions_posting.'.$phpEx); include($phpbb_root_path . 'includes/message_parser.'.$phpEx); // Start session management $user->start(); $user->setup(); $auth->acl($user->data); // Grab only parameters needed here $mode = (!empty($_REQUEST['mode'])) ? strval($_REQUEST['mode']) : ''; $post_id = (!empty($_REQUEST['p'])) ? intval($_REQUEST['p']) : false; $topic_id = (!empty($_REQUEST['t'])) ? intval($_REQUEST['t']) : false; $forum_id = (!empty($_REQUEST['f'])) ? intval($_REQUEST['f']) : false; $lastclick = (isset($_POST['lastclick'])) ? intval($_POST['lastclick']) : 0; $submit = (isset($_POST['post'])) ? true : false; $preview = (isset($_POST['preview'])) ? true : false; $save = (isset($_POST['save'])) ? true : false; $cancel = (isset($_POST['cancel'])) ? true : false; $confirm = (isset($_POST['confirm'])) ? true : false; $delete = (isset($_POST['delete'])) ? true : false; $refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['edit_comment']); if (($delete) && (!$preview) && (!$refresh) && ($submit)) { $mode = 'delete'; } // Was cancel pressed? If so then redirect to the appropriate page if ( ($cancel) || ((time() - $lastclick) < 2) ) { $redirect = ($post_id) ? "viewtopic.$phpEx$SID&p=" . $post_id . "#" . $post_id : (($topic_id) ? "viewtopic.$phpEx$SID&t=" . $topic_id : (($forum_id) ? "viewforum.$phpEx$SID&f=" . $forum_id : "index.$phpEx$SID")); redirect($redirect); } // What is all this following SQL for? Well, we need to know // some basic information in all cases before we do anything. $forum_validate = false; $topic_validate = false; $post_validate = false; // Easier validation $forum_fields = array('forum_name' => 's', 'parent_id' => 'i', 'forum_parents' => 's', 'forum_status' => 'i', 'forum_postable' => 'i', 'enable_icons' => 'i', 'enable_post_count' => 'i', 'enable_moderate' => 'i'); $topic_fields = array('topic_status' => 'i', 'topic_first_post_id' => 'i', 'topic_last_post_id' => 'i', 'topic_type' => 'i', 'topic_title' => 's', 'poll_last_vote' => 'i', 'poll_start' => 'i', 'poll_title' => 's', 'poll_length' => 'i'); $post_fields = array('post_time' => 'i', 'poster_id' => 'i', 'post_username' => 's', 'post_text' => 's', 'post_subject' => 's', 'post_checksum' => 's', 'post_attachment' => 'i', 'bbcode_uid' => 's', 'enable_magic_url' => 'i', 'enable_sig' => 'i', 'enable_smilies' => 'i', 'enable_bbcode' => 'i', 'post_edit_locked' => 'i'); $sql = ''; switch ($mode) { case 'post': if (!$forum_id) { trigger_error($user->lang['NO_FORUM']); } $sql = "SELECT * FROM " . FORUMS_TABLE . " WHERE forum_id = " . $forum_id; $forum_validate = true; break; case 'reply': if (!$topic_id) { trigger_error($user->lang['NO_TOPIC']); } $sql = "SELECT t.*, f.* FROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f WHERE t.topic_id = " . $topic_id . " AND f.forum_id = t.forum_id"; $forum_validate = true; $topic_validate = true; break; case 'quote': case 'edit': case 'delete': if (!$post_id) { trigger_error($user->lang['NO_POST']); } $sql = "SELECT p.*, t.*, f.*, u.username FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f, " . USERS_TABLE . " u WHERE p.post_id = " . $post_id . " AND t.topic_id = p.topic_id AND u.user_id = p.poster_id AND f.forum_id = t.forum_id"; $forum_validate = true; $topic_validate = true; $post_validate = true; break; case 'topicreview': if (!$topic_id) { trigger_error($user->lang['NO_TOPIC']); } topic_review($topic_id, false); break; case 'smilies': generate_smilies('window'); break; default: trigger_error($user->lang['NO_MODE']); } if ($sql != '') { $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $forum_id = intval($row['forum_id']); $topic_id = intval($row['topic_id']); $post_id = intval($row['post_id']); foreach ($forum_fields as $var => $type) { switch ($type) { case 'i': $$var = ($forum_validate) ? intval($row[$var]) : false; break; case 's': $$var = ($forum_validate) ? trim($row[$var]) : ''; break; default: $$var = ''; } } foreach ($topic_fields as $var => $type) { switch ($type) { case 'i': $$var = ($topic_validate) ? intval($row[$var]) : false; break; case 's': $$var = ($topic_validate) ? trim($row[$var]) : ''; break; default: $$var = ''; } } foreach ($post_fields as $var => $type) { switch ($type) { case 'i': $$var = ($post_validate) ? intval($row[$var]) : false; break; case 's': $$var = ($post_validate) ? trim($row[$var]) : ''; break; default: $$var = ''; } } $post_subject = ($post_validate) ? $post_subject : $topic_title; $poll_length = ($poll_length) ? $poll_length/3600 : $poll_length; $poll_options = array(); // Get Poll Data if ($poll_start) { $sql = "SELECT poll_option_text FROM " . POLL_OPTIONS_TABLE . " WHERE topic_id = " . $topic_id . " ORDER BY poll_option_id"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $poll_options[] = trim($row['poll_option_text']); } $db->sql_freeresult($result); } $attachment_data = array(); $attachment_data['filecomment'] = ( isset($_POST['filecomment']) ) ? trim( strip_tags($_POST['filecomment'])) : ''; $attachment_data['filename'] = ( $_FILES['fileupload']['name'] != 'none' ) ? trim($_FILES['fileupload']['name']) : ''; // Get Attachment Data $attachment_data['physical_filename'] = ( isset($_POST['attachment_list']) ) ? $_POST['attachment_list'] : array(); $attachment_data['comment'] = ( isset($_POST['comment_list']) ) ? $_POST['comment_list'] : array(); $attachment_data['real_filename'] = ( isset($_POST['filename_list']) ) ? $_POST['filename_list'] : array(); $attachment_data['extension'] = ( isset($_POST['extension_list']) ) ? $_POST['extension_list'] : array(); $attachment_data['mimetype'] = ( isset($_POST['mimetype_list']) ) ? $_POST['mimetype_list'] : array(); $attachment_data['filesize'] = ( isset($_POST['filesize_list']) ) ? $_POST['filesize_list'] : array(); $attachment_data['filetime'] = ( isset($_POST['filetime_list']) ) ? $_POST['filetime_list'] : array(); $attachment_data['attach_id'] = ( isset($_POST['attach_id_list']) ) ? $_POST['attach_id_list'] : array(); $attachment_data['thumbnail'] = ( isset($_POST['attach_thumbnail_list']) ) ? $_POST['attach_thumbnail_list'] : array(); if (($post_attachment) && (!$submit) && (!$refresh) && (!$preview) && ($mode == 'edit')) { $sql = "SELECT d.* FROM " . ATTACHMENTS_TABLE . " a, " . ATTACHMENTS_DESC_TABLE . " d WHERE a.post_id = " . $post_id . " AND a.attach_id = d.attach_id ORDER BY d.filetime DESC"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $attachment_data['attach_id'][] = intval($row['attach_id']); $attachment_data['physical_filename'][] = trim($row['physical_filename']); $attachment_data['comment'][] = trim($row['comment']); $attachment_data['real_filename'][] = trim($row['real_filename']); $attachment_data['extension'][] = trim($row['extension']); $attachment_data['mimetype'][] = trim($row['mimetype']); $attachment_data['filesize'][] = intval($row['filesize']); $attachment_data['filetime'][] = intval($row['filetime']); $attachment_data['thumbnail'][] = intval($row['thumbnail']); } $db->sql_freeresult($result); } if (($poster_id == ANONYMOUS) || (!$poster_id)) { $username = ($post_validate) ? trim($post_username) : ''; } else { $username = ($post_validate) ? trim($username) : ''; } $enable_urls = $enable_magic_url; if (!$post_validate) { $enable_sig = (intval($config['allow_sig']) && $user->data['user_attachsig']) ? true : false; $enable_smilies = (intval($config['allow_smilies']) && $user->data['user_allowsmile']) ? true : false; $enable_bbcode = (intval($config['allow_bbcode']) && $user->data['user_allowbbcode']) ? true : false; $enable_urls = true; } $enable_magic_url = false; } // Notify user checkbox if ($mode != 'post' && $user->data['user_id'] != ANONYMOUS) { $sql = "SELECT topic_id FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id = " . $topic_id . " AND user_id = " . $user->data['user_id']; $result = $db->sql_query($sql); $notify_set = ($db->sql_fetchrow($result)) ? true : false; $db->sql_freeresult($result); } // Collect general Permissions to be used within the complete page $perm = array( 'm_lock' => $auth->acl_get('m_lock', $forum_id), 'm_edit' => $auth->acl_get('m_edit', $forum_id), 'm_delete' => $auth->acl_get('m_delete', $forum_id), 'u_delete' => $auth->acl_get('f_delete', $forum_id), 'f_attach' => $auth->acl_get('f_attach', $forum_id), 'f_news' => $auth->acl_get('f_news', $forum_id), 'f_announce' => $auth->acl_get('f_announce', $forum_id), 'f_sticky' => $auth->acl_get('f_sticky', $forum_id), 'f_ignoreflood' => $auth->acl_get('f_ignoreflood', $forum_id), 'f_sigs' => $auth->acl_get('f_sigs', $forum_id), 'f_save' => $auth->acl_get('f_save', $forum_id) ); if ( (!$auth->acl_get('f_' . $mode, $forum_id)) && ($forum_postable) ) { trigger_error($user->lang['USER_CANNOT_' . strtoupper($mode)]); } // Forum/Topic locked? if ( ($forum_status == ITEM_LOCKED || $topic_status == ITEM_LOCKED) && !$perm['m_edit']) { $message = ($forum_status == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED'; trigger_error($user->lang[$message]); } // Can we edit this post? if ( ($mode == 'edit' || $mode == 'delete') && !empty($config['edit_time']) && $post_time < time() - intval($config['edit_time']) && !$perm['m_edit']) { trigger_error($user->lang['CANNOT_EDIT_TIME']); } // Do we want to edit our post ? if ( ($mode == 'edit') && (!$perm['m_edit']) && ($user->data['user_id'] != $poster_id)) { trigger_error($user->lang['USER_CANNOT_EDIT']); } // Is edit posting locked ? if ( ($mode == 'edit') && ($post_edit_locked) && (!$auth->acl_gets('m_', 'a_', $forum_id)) ) { trigger_error($user->lang['CANNOT_EDIT_POST_LOCKED']); } $message_parser = new parse_message(0); // <- TODO: add constant (MSG_POST/MSG_PM) if ($mode == 'edit') { $message_parser->bbcode_uid = $row['bbcode_uid']; } // Delete triggered ? if ( ($mode == 'delete') && ((($poster_id == $user->data['user_id']) && ($user->data['user_id'] != ANONYMOUS) && ($perm['u_delete']) && ($post_id == $topic_last_post_id)) || ($perm['m_delete'])) ) { // Do we need to confirm ? if ($confirm) { $post_data = array( 'topic_first_post_id' => $topic_first_post_id, 'topic_last_post_id' => $topic_last_post_id, 'enable_post_count' => $enable_post_count, 'user_id' => $poster_id ); $msg = delete_post($mode, $post_id, $topic_id, $forum_id, $post_data); // We have a problem... trigger_error($msg); } else { $s_hidden_fields = ''; $page_title = $user->lang['DELETE_MESSAGE']; include($phpbb_root_path . 'includes/page_header.' . $phpEx); $template->set_filenames(array( 'body' => 'confirm_body.html') ); $template->assign_vars(array( 'MESSAGE_TITLE' => $user->lang['DELETE_MESSAGE'], 'MESSAGE_TEXT' => $user->lang['CONFIRM_DELETE'], 'L_YES' => $user->lang['YES'], 'L_NO' => $user->lang['NO'], 'S_CONFIRM_ACTION' => $phpbb_root_path . 'posting.' . $phpEx . $SID, 'S_HIDDEN_FIELDS' => $s_hidden_fields) ); include($phpbb_root_path . 'includes/page_tail.'.$phpEx); } } if ( ($mode == 'delete') && ( ($poster_id != $user->data['user_id']) && (!$perm['u_delete'])) ) { trigger_error($user->lang['DELETE_OWN_POSTS']); } if ( ($mode == 'delete') && ( ($poster_id == $user->data['user_id']) && ($perm['u_delete'])) && ($post_id != $topic_last_post_id)) { trigger_error($user->lang['CANNOT_DELETE_REPLIED']); } if ($mode == 'delete') { trigger_error('USER_CANNOT_DELETE'); } if (($submit) || ($preview) || ($refresh)) { $topic_cur_post_id = (isset($_POST['topic_cur_post_id'])) ? intval($_POST['topic_cur_post_id']) : false; $subject = (!empty($_POST['subject'])) ? trim(htmlspecialchars(strip_tags($_POST['subject']))) : ''; if ((strcmp($subject, strtoupper($subject)) == 0) && ($subject != '')) { $subject = phpbb_strtolower($subject); } $message_parser->message = (!empty($_POST['message'])) ? trim(stripslashes($_POST['message'])) : ''; $username = (!empty($_POST['username'])) ? trim($_POST['username']) : ''; $topic_type = (!empty($_POST['topic_type'])) ? intval($_POST['topic_type']) : POST_NORMAL; $icon_id = (!empty($_POST['icon'])) ? intval($_POST['icon']) : 0; $enable_html = (!intval($config['allow_html'])) ? 0 : ((!empty($_POST['disable_html'])) ? 0 : 1); $enable_bbcode = (!intval($config['allow_bbcode'])) ? 0 : ((!empty($_POST['disable_bbcode'])) ? 0 : 1); $enable_smilies = (!intval($config['allow_smilies'])) ? 0 : ((!empty($_POST['disable_smilies'])) ? 0 : 1); $enable_urls = (isset($_POST['disable_magic_url'])) ? 0 : 1; $enable_sig = (!intval($config['allow_sig'])) ? false : ((!empty($_POST['attach_sig'])) ? true : false); $notify = (!empty($_POST['notify'])) ? true : false; $topic_lock = (isset($_POST['lock_topic'])) ? true : false; $post_lock = (isset($_POST['lock_post'])) ? true : false; $poll_delete = (isset($_POST['poll_delete'])) ? true : false; if ( ($poll_delete) && ($mode == 'edit' && !empty($poll_options) && ((empty($poll_last_vote) && $poster_id == $user->data['user_id'] && $perm['u_delete']) || $perm['m_delete'])) ) { delete_poll($topic_id); $poll_title = ''; $poll_length = ''; $poll_option_text = ''; } else { $poll_title = (!empty($_POST['poll_title'])) ? trim($_POST['poll_title']) : ''; $poll_length = (!empty($_POST['poll_length'])) ? $_POST['poll_length'] : ''; $poll_option_text = (!empty($_POST['poll_option_text'])) ? $_POST['poll_option_text'] : ''; } $err_msg = ''; $current_time = time(); // If replying/quoting and last post id has changed // give user option of continuing submit or return to post // notify and show user the post made between his request and the final submit if ( ($mode == 'reply' || $mode == 'quote') && ($topic_cur_post_id != $topic_last_post_id) ) { } // Grab md5 'checksum' of new message $message_md5 = md5($message_parser->message); // Check checksum ... don't re-parse message if the same if ($mode != 'edit' || $message_md5 != $post_checksum) { // Parse message if (($result = $message_parser->parse($enable_html, $enable_bbcode, $enable_urls, $enable_smilies)) != '') { $err_msg .= ((!empty($err_msg)) ? '
' : '') . $result; } } if (($result = $message_parser->parse_attachments($mode, $post_id, $submit, $preview, $refresh, $attachment_data)) != '') { $err_msg .= ((!empty($err_msg)) ? '
' : '') . $result; } if (($mode != 'edit') && (!$preview) && (!$refresh) && (!$perm['f_ignoreflood'])) { // Flood check $where_sql = ($user->data['user_id'] == ANONYMOUS) ? "poster_ip = '$user->ip'" : 'poster_id = ' . $user->data['user_id']; $sql = "SELECT MAX(post_time) AS last_post_time FROM " . POSTS_TABLE . " WHERE " . $where_sql; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { if (intval($row['last_post_time']) && ($current_time - intval($row['last_post_time'])) < intval($config['flood_interval'])) { $err_msg .= ((!empty($err_msg)) ? '
' : '') . $user->lang['FLOOD_ERROR']; } } } // Validate username if (($username != '' && $user->data['user_id'] == ANONYMOUS) || ($mode == 'edit' && $post_username != '')) { $userdata = new userdata(); $username = strip_tags(htmlspecialchars($username)); if (($result = $userdata->validate_username($username)) != false) { $err_msg .= ((!empty($err_msg)) ? '
' : '') . $result; } } // Parse subject if ( ($subject == '') && ($mode == 'post' || ($mode == 'edit' && $topic_first_post_id == $post_id))) { $err_msg .= ((!empty($err_msg)) ? '
' : '') . $user->lang['EMPTY_SUBJECT']; } $poll_data = array( 'poll_title' => $poll_title, 'poll_length' => $poll_length, 'poll_option_text' => $poll_option_text, 'poll_start' => $poll_start, 'poll_last_vote' => $poll_last_vote, 'enable_html' => $enable_html, 'enable_bbcode' => $enable_bbcode, 'bbcode_uid' => $message_parser->bbcode_uid, 'enable_urls' => $enable_urls, 'enable_smilies' => $enable_smilies ); $poll = array(); if (($result = $message_parser->parse_poll($poll, $poll_data)) != '') { $err_msg .= ((!empty($err_msg)) ? '
' : '') . $result; } $poll_options = $poll['poll_options']; $poll_title = $poll['poll_title']; // Check topic type if ($topic_type != POST_NORMAL) { $auth_option = ''; switch ($topic_type) { case POST_NEWS: $auth_option = 'news'; break; case POST_ANNOUNCE: $auth_option = 'announce'; break; case POST_STICKY: $auth_option = 'sticky'; break; } if (!$perm['f_' . $auth_option]) { $err_msg .= ((!empty($err_msg)) ? '
' : '') . $user->lang['CANNOT_POST_' . strtoupper($auth_option)]; } } // Store message, sync counters if (($err_msg == '') && ($submit)) { // Lock/Unlock Topic $change_topic_status = $topic_status; if ($topic_status == ITEM_LOCKED && !$topic_lock && $perm['m_lock']) { $change_topic_status = ITEM_UNLOCKED; } else if ($topic_status == ITEM_UNLOCKED && $topic_lock && $perm['m_lock']) { $change_topic_status = ITEM_LOCKED; } if ($change_topic_status != $topic_status) { include($phpbb_root_path . 'includes/functions_admin.' . $phpEx); $sql = 'UPDATE ' . TOPICS_TABLE . ' SET topic_status = ' . $change_topic_status . ' WHERE topic_id = ' . $topic_id . ' AND topic_moved_id = 0'; $db->sql_query($sql); add_log('mod', $forum_id, $topic_id, 'logm_' . (($change_topic_status == ITEM_LOCKED) ? 'lock' : 'unlock')); } // Lock/Unlock Post Edit if ($mode == 'edit' && $post_edit_locked == ITEM_LOCKED && !$post_lock && $perm['m_edit']) { $post_edit_locked = ITEM_UNLOCKED; } else if ($mode == 'edit' && $post_edit_locked == ITEM_UNLOCKED && $post_lock && $perm['m_edit']) { $post_edit_locked = ITEM_LOCKED; } $post_data = array( 'topic_first_post_id' => $topic_first_post_id, 'post_id' => $post_id, 'topic_id' => $topic_id, 'forum_id' => $forum_id, 'enable_moderate' => $enable_moderate, 'icon_id' => $icon_id, 'poster_id' => $poster_id, 'enable_sig' => $enable_sig, 'enable_bbcode' => $enable_bbcode, 'enable_html' => $enable_html, 'enable_smilies' => $enable_smilies, 'enable_urls' => $enable_urls, 'enable_post_count' => $enable_post_count, 'message_md5' => $message_md5, 'post_checksum' => $post_checksum, 'forum_parents' => $forum_parents, 'notify' => $notify, 'notify_set' => $notify_set, 'post_edit_locked' => $post_edit_locked, 'bbcode_bitfield' => $message_parser->bbcode_bitfield ); submit_post($mode, $message_parser->message, $subject, $username, $topic_type, $message_parser->bbcode_uid, $poll, $attachment_data, $post_data); } $post_text = $message_parser->message; $post_subject = $topic_title = stripslashes($subject); } if ($err_msg) { $preview = false; } if ($preview) { if (empty($censors)) { $censors = array(); obtain_word_list($censors); } $post_time = $current_time; include($phpbb_root_path . 'includes/bbcode.' . $phpEx); $bbcode = new bbcode($message_parser->bbcode_bitfield); $preview_message = format_display($message_parser->message, $enable_html, $enable_bbcode, $message_parser->bbcode_uid, $enable_urls, $enable_smilies, $enable_sig); $preview_subject = (sizeof($censors)) ? preg_replace($censors['match'], $censors['replace'], $subject) : $subject; // Poll Preview if ( ( ($mode == 'post') || ( ($mode == 'edit') && ($post_id == $topic_first_post_id) && (empty($poll_last_vote)) )) && ( ($auth->acl_get('f_poll', $forum_id)) || ($auth->acl_get('m_edit', $forum_id)) )) { decode_text($poll_title, $message_parser->bbcode_uid); $preview_poll_title = format_display(stripslashes($poll_title), $enable_html, $enable_bbcode, $message_parser->bbcode_uid, $enable_urls, $enable_smilies, false, false); $template->assign_vars(array( 'S_HAS_POLL_OPTIONS' => (sizeof($poll_options)) ? true : false, 'POLL_QUESTION' => $preview_poll_title) ); foreach ($poll_options as $option) { $template->assign_block_vars('poll_option', array( 'POLL_OPTION_CAPTION' => format_display(stripslashes($option), $enable_html, $enable_bbcode, $message_parser->bbcode_uid, $enable_urls, $enable_smilies, false, false)) ); } } } // Decode text for message display decode_text($post_text, $message_parser->bbcode_uid); if ($subject) { decode_text($subject, $message_parser->bbcode_uid); } // Save us some processing time. ;) if (count($poll_options_tmp)) { $poll_options_tmp = implode("\n", $poll_options); decode_text($poll_options_tmp); $poll_options = explode("\n", $poll_options_tmp); } if (($mode == 'quote') && (!$preview) && (!$refresh)) { $post_text = ' [quote' . ( (empty($username)) ? ']' : '="' . addslashes(trim($username)) . '"]') . trim($post_text) . '[/quote] '; } if ( (($mode == 'reply') || ($mode == 'quote')) && (!$preview) && (!$refresh)) { $post_subject = ( ( !preg_match('/^Re:/', $post_subject) ) ? 'Re: ' : '' ) . $post_subject; } // MAIN POSTING PAGE BEGINS HERE // Forum moderators? get_moderators($moderators, $forum_id); // Generate smilies and topic icon listings generate_smilies('inline'); // Generate Topic icons $s_topic_icons = generate_topic_icons($mode, $enable_icons); // Topic type selection ... only for first post in topic. $topic_type_toggle = ''; if ( ($mode == 'post') || (($mode == 'edit') && ($post_id == $topic_first_post_id)) ) { $topic_types = array( 'sticky' => array('const' => POST_STICKY, 'lang' => 'POST_STICKY'), 'announce' => array('const' => POST_ANNOUNCE, 'lang' => 'POST_ANNOUNCEMENT') // 'global_announce' => array('const' => POST_GLOBAL_ANNOUNCE, 'lang' => 'POST_GLOBAL_ANNOUNCE') ); foreach ($topic_types as $auth_key => $topic_value) { if ($perm['f_' . $auth_key]) { $topic_type_toggle .= 'lang[$topic_value['lang']] . '  '; } } if ($topic_type_toggle != '') { $topic_type_toggle = (($mode == 'edit') ? $user->lang['CHANGE_TOPIC_TO'] : $user->lang['POST_TOPIC_AS']) . ': ' . $user->lang['POST_NORMAL'] . '  ' . $topic_type_toggle; } } // HTML, BBCode, Smilies, Images and Flash status $html_status = (intval($config['allow_html']) && $auth->acl_get('f_html', $forum_id)) ? true : false; $bbcode_status = (intval($config['allow_bbcode']) && $auth->acl_get('f_bbcode', $forum_id)) ? true : false; $smilies_status = (intval($config['allow_smilies']) && $auth->acl_get('f_smilies', $forum_id)) ? true : false; $img_status = (intval($config['allow_img']) && $auth->acl_get('f_img', $forum_id)) ? true : false; $flash_status = (intval($config['allow_flash']) && $auth->acl_get('f_flash', $forum_id)) ? true : false; $html_checked = (isset($enable_html)) ? !$enable_html : ((intval($config['allow_html'])) ? !$user->data['user_allowhtml'] : 1); $bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : ((intval($config['allow_bbcode'])) ? !$user->data['user_allowbbcode'] : 1); $smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : ((intval($config['allow_smilies'])) ? !$user->data['user_allowsmile'] : 1); $urls_checked = (isset($enable_urls)) ? !$enable_urls : 0; $sig_checked = $enable_sig; $notify_checked = (isset($notify_set)) ? $notify_set : (($user->data['user_id'] != ANONYMOUS) ? $user->data['user_notify'] : 0); $lock_topic_checked = (isset($topic_lock)) ? $topic_lock : (($topic_status == ITEM_LOCKED) ? 1 : 0); $lock_post_checked = (isset($post_lock)) ? $post_lock : $post_edit_locked; // Page title & action URL, include session_id for security purpose $s_action = "posting.$phpEx?sid=" . $user->session_id . "&mode=$mode&f=" . $forum_id; $s_action .= ($topic_id) ? '&t=' . $topic_id : ''; $s_action .= ($post_id) ? '&p=' . $post_id : ''; switch ($mode) { case 'post': $page_title = $user->lang['POST_TOPIC']; break; case 'quote': case 'reply': $page_title = $user->lang['POST_REPLY']; break; case 'delete': case 'edit': $page_title = $user->lang['EDIT_POST']; } // Build navigation links $forum_data = array( 'parent_id' => $parent_id, 'forum_parents' => $forum_parents, 'forum_name' => $forum_name, 'forum_id' => $forum_id, 'forum_desc' => '' ); generate_forum_nav($forum_data); $s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '' : ''; $s_hidden_fields .= ''; $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || @ini_get('file_uploads') == '0' || !$config['allow_attachments']) ? '' : 'enctype="multipart/form-data"'; // Start assigning vars for main posting page ... $template->assign_vars(array( 'L_POST_A' => $page_title, 'L_ICON' => ($mode == 'reply' || $mode == 'quote') ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'], 'L_MESSAGE_BODY_EXPLAIN'=> (intval($config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '', 'FORUM_NAME' => $forum_name, 'FORUM_DESC' => (!empty($forum_desc)) ? strip_tags($forum_desc) : '', 'TOPIC_TITLE' => $topic_title, 'MODERATORS' => (sizeof($moderators)) ? implode(', ', $moderators[$forum_id]) : '', 'USERNAME' => (((!$preview) && ($mode != 'quote')) || ($preview)) ? stripslashes($username) : '', 'SUBJECT' => $post_subject, 'PREVIEW_SUBJECT' => ($preview) ? $preview_subject : '', 'MESSAGE' => trim($post_text), 'PREVIEW_MESSAGE' => ($preview) ? $preview_message : '', 'HTML_STATUS' => ($html_status) ? $user->lang['HTML_IS_ON'] : $user->lang['HTML_IS_OFF'], 'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '', '') : sprintf($user->lang['BBCODE_IS_OFF'], '', ''), 'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], 'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], 'MINI_POST_IMG' => $user->img('icon_post', $user->lang['POST']), 'POST_DATE' => ($post_time) ? $user->format_date($post_time) : '', 'ERROR_MESSAGE' => $err_msg, 'U_VIEW_FORUM' => "viewforum.$phpEx$SID&f=" . $forum_id, 'U_VIEWTOPIC' => ($mode != 'post') ? "viewtopic.$phpEx$SID&" . $forum_id . "&t=" . $topic_id : '', 'U_REVIEW_TOPIC' => ($mode != 'post') ? "posting.$phpEx$SID&mode=topicreview&f=" . $forum_id . "&t=" . $topic_id : '', 'S_DISPLAY_PREVIEW' => ($preview), 'S_DISPLAY_REVIEW' => ($mode == 'reply' || $mode == 'quote') ? true : false, 'S_DISPLAY_USERNAME' => ($user->data['user_id'] == ANONYMOUS || ($mode == 'edit' && $post_username)) ? true : false, 'S_SHOW_TOPIC_ICONS' => $s_topic_icons, 'S_DELETE_ALLOWED' => ($mode == 'edit' && ( ($post_id == $topic_last_post_id && $poster_id == $user->data['user_id'] && $perm['u_delete']) || ($perm['m_delete']))) ? true : false, 'S_HTML_ALLOWED' => $html_status, 'S_HTML_CHECKED' => ($html_checked) ? 'checked="checked"' : '', 'S_BBCODE_ALLOWED' => $bbcode_status, 'S_BBCODE_CHECKED' => ($bbcode_checked) ? 'checked="checked"' : '', 'S_SMILIES_ALLOWED' => $smilies_status, 'S_SMILIES_CHECKED' => ($smilies_checked) ? 'checked="checked"' : '', 'S_SIG_ALLOWED' => ( ($perm['f_sigs']) && ($config['allow_sig']) ) ? true : false, 'S_SIGNATURE_CHECKED' => ($sig_checked) ? 'checked="checked"' : '', 'S_NOTIFY_ALLOWED' => ($user->data['user_id'] != ANONYMOUS) ? true : false, 'S_NOTIFY_CHECKED' => ($notify_checked) ? 'checked="checked"' : '', 'S_LOCK_TOPIC_ALLOWED' => ( ($mode == 'edit' || $mode == 'reply' || $mode == 'quote') && ($perm['m_lock']) ) ? true : false, 'S_LOCK_TOPIC_CHECKED' => ($lock_topic_checked) ? 'checked="checked"' : '', 'S_LOCK_POST_ALLOWED' => (($mode == 'edit') && ($perm['m_edit'])) ? true : false, 'S_LOCK_POST_CHECKED' => ($lock_post_checked) ? 'checked="checked"' : '', 'S_MAGIC_URL_CHECKED' => ($urls_checked) ? 'checked="checked"' : '', 'S_TYPE_TOGGLE' => $topic_type_toggle, 'S_SAVE_ALLOWED' => ($perm['f_save']) ? true : false, 'S_FORM_ENCTYPE' => $form_enctype, 'S_POST_ACTION' => $s_action, 'S_HIDDEN_FIELDS' => $s_hidden_fields) ); // Poll entry if ( ( ($mode == 'post') || ( ($mode == 'edit') && ($post_id == $topic_first_post_id) && (empty($poll_last_vote)) )) && ( ($auth->acl_get('f_poll', $forum_id)) || ($perm['m_edit']) )) { $template->assign_vars(array( 'S_SHOW_POLL_BOX' => true, 'S_POLL_DELETE' => ($mode == 'edit' && !empty($poll_options) && ((empty($poll_last_vote) && $poster_id == $user->data['user_id'] && $perm['u_delete']) || $perm['m_delete'])) ? true : false, 'L_POLL_OPTIONS_EXPLAIN'=> sprintf($user->lang['POLL_OPTIONS_EXPLAIN'], $config['max_poll_options']), 'POLL_TITLE' => $poll_title, 'POLL_OPTIONS' => (!empty($poll_options)) ? implode("\n", $poll_options) : '', 'POLL_LENGTH' => $poll_length) ); } // Attachment entry if (($perm['f_attach']) || ($perm['m_edit'])) { $template->assign_vars(array( 'S_SHOW_ATTACH_BOX' => true) ); if (count($attachment_data['physical_filename']) > 0) { $template->assign_vars(array( 'S_HAS_ATTACHMENTS' => true) ); for ($i = 0; $i < count($attachment_data['physical_filename']); $i++) { $attachment_data['real_filename'][$i] = stripslashes($attachment_data['real_filename'][$i]); $hidden = ''; $hidden .= ''; $hidden .= ''; $hidden .= ''; $hidden .= ''; $hidden .= ''; $hidden .= ''; $hidden .= ''; if ( $attachment_data['attach_id'][$i] == '-1' ) { $download_link = $config['upload_dir'] . '/' . $attachment_data['physical_filename'][$i]; } else { $download_link = $phpbb_root_path . "download." . $phpEx . "$SID?id=" . $attachment_data['attach_id'][$i]; } $template->assign_block_vars('attach_row', array( 'FILENAME' => $attachment_data['real_filename'][$i], 'ATTACH_FILENAME' => $attachment_data['physical_filename'][$i], 'FILE_COMMENT' => stripslashes(htmlspecialchars($attachment_data['comment'][$i])), 'ATTACH_ID' => $attachment_data['attach_id'][$i], 'U_VIEW_ATTACHMENT' => $download_link, 'S_HIDDEN' => $hidden) ); } } $template->assign_vars(array( 'FILE_COMMENT' => stripslashes(htmlspecialchars($attachment_data['filecomment'])), 'FILESIZE' => $config['max_filesize'], 'FILENAME' => $attachment_data['filename']) ); } // Output page ... include($phpbb_root_path . 'includes/page_header.'.$phpEx); $template->set_filenames(array( 'body' => 'posting_body.html') ); make_jumpbox('viewforum.'.$phpEx); // Topic review if ($mode == 'reply' || $mode == 'quote') { topic_review($topic_id, true); } include($phpbb_root_path . 'includes/page_tail.'.$phpEx); ?>