+?> \ No newline at end of file

+$script_name = preg_replace("/^\/?(.*?)\/?$/", "\\1", trim($board_config['script_path']));

+$script_name = ( $script_name != '' ) ? $script_name . '/groupcp.'.$phpEx : 'groupcp.'.$phpEx;

+$server_name = trim($board_config['server_name']);

+$server_protocol = ( $board_config['cookie_secure'] ) ? "https://" : "http://";

+$server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';

+

+$server_url = $server_protocol . $script_name . $server_name . $server_port;

+

+ "U_GROUPCP" => $server_url . "?" . POST_GROUPS_URL . "=$group_id&validate=true")

+ "U_GROUPCP" => $server_url . "?" . POST_GROUPS_URL . "=$group_id")

+ "U_GROUPCP" => $server_url . "?" . POST_GROUPS_URL . "=$group_id")

+ * post.php

+$html_entities_match = array("#&#", "#<#", "#>#");

+$html_entities_replace = array("&amp;", "&lt;", "&gt;");

+$unhtml_specialchars_match = array("#&gt;#", "#&lt;#", "#&quot;#", "#&amp;#");

+$unhtml_specialchars_replace = array(">", "<", "\"", "&");

+

+ global $html_entities_match, $html_entities_replace;

+ if ( $html_on )

+ $message = " " . preg_replace("#&#i", "&amp;", $message);

+ $end_html = 0;

+ $temp_message = "";

+ while ( $start_html = strpos($message, "<", $start_html) )

+ $temp_message .= substr($message, $end_html + 1, ( $start_html - $end_html - 1 ));

+

+ if ( $end_html = strpos($message, ">", $start_html) )

+ $hold_string = substr($message, $start_html, $length);

+ if ( ( $unclosed_open = strrpos(" " . $hold_string, "<") ) != 1 )

+ {

+ $temp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($hold_string, 0, $unclosed_open - 2));

+ $hold_string = substr($hold_string, $unclosed_open - 1);

+ }

+

+ $tagallowed = false;

+ if ( preg_match("/^<\/?" . $match_tag . "\b/i", $hold_string) )

+ $tagallowed = true;

+ $temp_message .= ( $length && !$tagallowed ) ? preg_replace($html_entities_match, $html_entities_replace, $hold_string) : $hold_string;

+ $temp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $start_html, strlen($message)));

+

+ $message = ( $temp_message != "" ) ? trim($temp_message) : trim($message);

+ return $message;

+}

+

+function unprepare_message($message)

+{

+ global $unhtml_specialchars_match, $unhtml_specialchars_replace;

+

+ return preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, $message);

+}

+

+//

+// Prepare a message for posting

+//

+function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on, &$error_msg, &$username, &$bbcode_uid, &$subject, &$message, &$poll_title, &$poll_options, &$poll_length)

+{

+ global $board_config, $lang, $phpEx;

+

+ // Check username

+ if ( !empty($username) )

+ {

+ $username = htmlspecialchars(trim(strip_tags(str_replace("&nbsp;", " ", $username))));

+

+ $result = validate_username($username);

+ if ( $result['error'] )

+ {

+ $error_msg .= ( !empty($error_msg) ) ? "<br />" . $result['error_msg'] : $result['error_msg'];

+ }

+ }

+

+ // Check subject

+ if ( !empty($subject) )

+ {

+ $subject = htmlspecialchars(trim($subject));

+ }

+ else if ( $mode == "newtopic" || ( $mode == "editpost" && $post_data['first_post'] ) )

+ {

+ $error_msg .= ( !empty($error_msg) ) ? "<br />" . $lang['Empty_subject'] : $lang['Empty_subject'];

+ }

+

+ // Check message

+ if ( !empty($message) )

+ {

+ $bbcode_uid = ( $bbcode_on ) ? make_bbcode_uid() : "";

+ $message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on, $bbcode_uid);

+ }

+ else if ( $mode != "delete" && $mode != "polldelete" )

+ {

+ $error_msg .= ( !empty($error_msg) ) ? "<br />" . $lang['Empty_message'] : $lang['Empty_message'];

+ }

+

+ //

+ // Handle poll stuff

+ //

+ if ( $mode == "newtopic" || ( $mode == "editpost" && $post_data['first_post'] ) )

+ {

+ $poll_length = ( isset($poll_length) ) ? max(0, intval($poll_length)) : 0;

+

+ if ( !empty($poll_title) )

+ {

+ $poll_title = htmlspecialchars(trim($poll_title));

+ }

+

+ if( !empty($poll_options) )

+ {

+ $temp_option_text = array();

+ while( list($option_id, $option_text) = @each($poll_options) )

+ {

+ $option_text = trim($option_text);

+ if ( !empty($option_text) )

+ {

+ $temp_option_text[$option_id] = htmlspecialchars($option_text);

+ }

+ }

+ $option_text = $temp_option_text;

+

+ if ( count($poll_options) < 2 )

+ {

+ $error_msg .= ( !empty($error_msg) ) ? "<br />" . $lang['To_few_poll_options'] : $lang['To_few_poll_options'];

+ }

+ else if ( count($poll_options) > $board_config['max_poll_options'] )

+ {

+ $error_msg .= ( !empty($error_msg) ) ? "<br />" . $lang['To_many_poll_options'] : $lang['To_many_poll_options'];

+ }

+ else if ( $poll_title == "" )

+ {

+ $error_msg .= ( !empty($error_msg) ) ? "<br />" . $lang['Empty_poll_title'] : $lang['Empty_poll_title'];

+ }

+ }

+ }

+

+ return;

+}

+

+//

+// Post a new topic/reply/poll or edit existing post/poll

+//

+function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, &$post_username, &$post_subject, &$post_message, &$poll_title, &$poll_options, &$poll_length)

+{

+ global $board_config, $lang, $db, $phpEx;

+ global $userdata, $user_ip;

+

+ $current_time = time();

+

+ if ( $mode == "newtopic" || $mode == "reply" )

+ {

+ //

+ // Flood control

+ //

+ $where_sql = ( $userdata['user_id'] == ANONYMOUS ) ? "poster_ip = '$user_ip'" : "poster_id = " . $userdata['user_id'];

+ $sql = "SELECT MAX(post_time) AS last_post_time

+ FROM " . POSTS_TABLE . "

+ WHERE $where_sql";

+ if ( $result = $db->sql_query($sql) )

+ {

+ if( $row = $db->sql_fetchrow($result) )

+ {

+ if ( $row['last_post_time'] > 0 && ( $current_time - $row['last_post_time'] ) < $board_config['flood_interval'] )

+ {

+ message_die(GENERAL_MESSAGE, $lang['Flood_Error']);

+ }

+ }

+ }

+ }

+

+ if ( $mode == "newtopic" || ( $mode == "editpost" && $post_data['first_post'] ) )

+ {

+ $topic_vote = ( !empty($poll_title) && count($poll_options) >= 2 ) ? 1 : 0;

+ $sql = ( $mode != "editpost" ) ? "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote) VALUES ('$post_subject', " . $userdata['user_id'] . ", $current_time, $forum_id, " . TOPIC_UNLOCKED . ", $topic_type, $topic_vote)" : "UPDATE " . TOPICS_TABLE . " SET topic_title = '$post_subject', topic_type = $topic_type, topic_vote = $topic_vote WHERE topic_id = $topic_id";

+ if ( !($result = $db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);

+ }

+

+ if( $mode == "newtopic" )

+ {

+ $topic_id = $db->sql_nextid();

+ }

+ }

+

+ $edited_sql = ( $mode == "editpost" && !$post_data['last_post'] && $post_data['poster_post'] ) ? ", post_edit_time = $current_time, post_edit_count = post_edit_count + 1 " : "";

+ $sql = ( $mode != "editpost" ) ? "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig) VALUES ($topic_id, $forum_id, " . $userdata['user_id'] . ", '$post_username', $current_time, '$user_ip', $bbcode_on, $html_on, $smilies_on, $attach_sig)" : "UPDATE " . POSTS_TABLE . " SET enable_bbcode = $bbcode_on, enable_html = $html_on, enable_smilies = $smilies_on, enable_sig = $attach_sig" . $edited_sql . " WHERE post_id = $post_id";

+ if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) )

+ {

+ message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);

+ }

+

+ if( $mode != "editpost" )

+ {

+ $post_id = $db->sql_nextid();

+ }

+

+ $sql = ( $mode != "editpost" ) ? "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, bbcode_uid, post_text) VALUES ($post_id, '$post_subject', '$bbcode_uid', '$post_message')" : "UPDATE " . POSTS_TEXT_TABLE . " SET post_text = '$post_message', bbcode_uid = '$bbcode_uid', post_subject = '$post_subject' WHERE post_id = $post_id";

+ if ( !($result = $db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);

+ }

+

+ if ( $mode == "editpost" )

+ {

+ $sql = "DELETE FROM " . SEARCH_MATCH_TABLE . "

+ WHERE post_id = $post_id";

+ if ( !($db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);

+ }

+ }

+

+ add_search_words($post_id, stripslashes($post_message), stripslashes($post_subject));

+

+ //

+ // Add poll

+ //

+ if ( ( $mode == "newtopic" || $mode == "editpost" ) && !empty($poll_title) && count($poll_options) >= 2 )

+ {

+ $sql = ( !$post_data['has_poll'] ) ? "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length) VALUES ($topic_id, '$poll_title', $current_time, " . ( $poll_length * 86400 ) . ")" : "UPDATE " . VOTE_DESC_TABLE . " SET vote_text = '$poll_title', vote_length = " . ( $poll_length * 86400 ) . " WHERE topic_id = $topic_id";

+ if ( !($result = $db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);

+ }

+

+ $delete_option_sql = "";

+ $old_poll_result = array();

+ if ( $mode == "editpost" && $post_data['has_poll'] )

+ {

+ $sql = "SELECT vote_option_id, vote_result

+ FROM " . VOTE_RESULTS_TABLE . "

+ WHERE vote_id = $poll_id

+ ORDER BY vote_option_id ASC";

+ if ( !($result = $db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Couldn't obtain vote data results for this topic", "", __LINE__, __FILE__, $sql);

+ }

+

+ while ( $row = $db->sql_fetchrow($result) )

+ {

+ $old_poll_result[$row['vote_option_id']] = $row['vote_result'];

+

+ if( !isset($poll_options[$row['vote_option_id']]) )

+ {

+ $delete_option_sql .= ( $delete_option_sql != "" ) ? ", " . $row['vote_option_id'] : $row['vote_option_id'];

+ }

+ }

+ }

+ else

+ {

+ $poll_id = $db->sql_nextid();

+ }

+

+ @reset($poll_options);

+

+ $poll_option_id = 1;

+ while ( list($option_id, $option_text) = each($poll_options) )

+ {

+ if( !empty($option_text) )

+ {

+ $option_text = str_replace("\'", "''", $option_text);

+ $poll_result = ( $mode == "editpost" && isset($old_poll_result[$option_id]) ) ? $old_poll_result[$option_id] : 0;

+

+ $sql = ( $mode != "editpost" || !isset($old_poll_result[$option_id]) ) ? "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result) VALUES ($poll_id, $poll_option_id, '$option_text', $poll_result)" : "UPDATE " . VOTE_RESULTS_TABLE . " SET vote_option_text = '$option_text', vote_result = $poll_result WHERE vote_option_id = $option_id AND vote_id = $poll_id";

+ if ( !($result = $db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);

+ }

+ $poll_option_id++;

+ }

+ }

+

+ if( $delete_option_sql != "" )

+ {

+ $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . "

+ WHERE vote_option_id IN ($delete_option_sql)";

+ if ( !($result = $db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error deleting pruned poll options", "", __LINE__, __FILE__, $sql);

+ }

+ }

+ }

+

+ if ( $mode != "editpost" )

+ {

+ //

+ // Update statistics

+ //

+ $sql = "UPDATE " . TOPICS_TABLE . " SET

+ topic_last_post_id = $post_id";

+ $sql .= ( ( $mode == "reply" ) ? ", topic_replies = topic_replies + 1 " : ", topic_first_post_id = $post_id " ) . "WHERE topic_id = $topic_id";

+ if ( !($result = $db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);

+ }

+

+ $sql = "UPDATE " . FORUMS_TABLE . "

+ SET forum_last_post_id = $post_id, forum_posts = forum_posts + 1";

+ $sql .= ( ( $mode == "newtopic" ) ? ", forum_topics = forum_topics + 1 " : " " ) . "WHERE forum_id = $forum_id";

+ if ( !($result = $db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);

+ }

+

+ $sql = "UPDATE " . USERS_TABLE . "

+ SET user_posts = user_posts + 1

+ WHERE user_id = " . $userdata['user_id'];

+ if ( !($result = $db->sql_query($sql, END_TRANSACTION)) )

+ {

+ message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);

+ }

+ }

+ else

+ {

+ remove_unmatched_words();

+ }

+

+ $meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=" . $post_id) . '#' . $post_id . '">';

+ $message = $lang['Stored'] . '<br /><br />' . sprintf($lang['Click_view_message'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=" . $post_id) . '#' . $post_id . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">', '</a>');

+

+ return false;

+}

+

+//

+// Delete a post/poll

+//

+function delete_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id)

+{

+ global $board_config, $lang, $db, $phpEx;

+ global $userdata, $user_ip;

+

+ $topic_update_sql = "";

+ if ( $mode != "poll_delete" )

+ {

+ $sql = "DELETE FROM " . POSTS_TABLE . "

+ WHERE post_id = $post_id";

+ if ( !($db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);

+ }

+

+ $sql = "DELETE FROM " . POSTS_TEXT_TABLE . "

+ WHERE post_id = $post_id";

+ if ( !($db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);

+ }

+

+ $sql = "DELETE FROM " . SEARCH_MATCH_TABLE . "

+ WHERE post_id = $post_id";

+ if ( !($db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);

+ }

+

+ $forum_update_sql = "forum_posts = forum_posts - 1";

+ $topic_update_sql .= "topic_replies = topic_replies - 1";

+ if ( $post_data['last_post'] )

+ {

+ if ( $post_data['first_post'] )

+ {

+ $sql = "DELETE FROM " . TOPICS_TABLE . "

+ WHERE topic_id = $topic_id";

+ if ( !($db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);

+ }

+

+ $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "

+ WHERE topic_id = $topic_id";

+ if ( !($db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);

+ }

+

+ $forum_update_sql .= ", forum_topics = forum_topics - 1";

+ }

+ else

+ {

+ $sql = "SELECT MAX(post_id) AS post_id

+ FROM " . POSTS_TABLE . "

+ WHERE topic_id = $topic_id";

+ if ( !($db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);

+ }

+

+ if ( $row = $db->sql_fetchrow($result) )

+ {

+ $topic_update_sql .= ", topic_last_post_id = " . $row['post_id'];

+ }

+ }

+

+ if ( $post_data['last_topic'] )

+ {

+ $sql = "SELECT MAX(post_id) AS post_id

+ FROM " . POSTS_TABLE . "

+ WHERE forum_id = $forum_id";

+ if ( !($db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);

+ }

+

+ $row = $db->sql_fetchrow($result);

+

+ $forum_update_sql .= ( $row['post_id'] ) ? ", forum_last_post_id = " . $row['post_id'] : ", forum_last_post_id = 0";

+ }

+ }

+ else if ( $post_data['first_post'] )

+ {

+ $sql = "SELECT MIN(post_id) AS post_id

+ FROM " . POSTS_TABLE . "

+ WHERE topic_id = $topic_id";

+ if ( !($db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);

+ }

+

+ if ( $row = $db->sql_fetchrow($result) )

+ {

+ $topic_update_sql .= ", topic_first_post_id = " . $row['post_id'];

+ }

+ }

+

+ $sql = "UPDATE " . FORUMS_TABLE . "

+ SET $forum_update_sql

+ WHERE forum_id = $forum_id";

+ if ( !($db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);

+ }

+ }

+

+ if( $mode == "poll_delete" || ( $mode == "delete" && $post_data['first_post'] && $post_data['last_post'] ) && $post_data['has_poll'] && $post_data['edit_poll'] )

+ {

+ if ( $mode == "poll_delete" )

+ {

+ $topic_update_sql .= "topic_vote = 0";

+ }

+

+ $sql = "DELETE FROM " . VOTE_DESC_TABLE . "

+ WHERE vote_id = $poll_id";

+ if ( !($db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in deleting poll", "", __LINE__, __FILE__, $sql);

+ }

+

+ $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . "

+ WHERE vote_id = $poll_id";

+ if ( !($db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in deleting poll", "", __LINE__, __FILE__, $sql);

+ }

+

+ $sql = "DELETE FROM " . VOTE_USERS_TABLE . "

+ WHERE vote_id = $poll_id";

+ if ( !($db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in deleting poll", "", __LINE__, __FILE__, $sql);

+ }

+ }

+

+ if ( ( $mode == "delete" && empty($post_data['first_post']) || empty($post_data['last_post']) ) || $mode == "poll_delete" )

+ {

+ $sql = "UPDATE " . TOPICS_TABLE . "

+ SET $topic_update_sql

+ WHERE topic_id = $topic_id";

+ if ( !($db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Error in updating topic info", "", __LINE__, __FILE__, $sql);

+ }

+ }

+

+ remove_unmatched_words();

+

+ if ( $mode == "delete" && $post_data['first_post'] && $post_data['last_post'] )

+ {

+ $meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewforum.$phpEx?" . POST_TOPIC_URL . "=" . $forum_id) . '">';

+ $message = $lang['Deleted'];

+ }

+ else

+ {

+ $meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=" . $topic_id) . '">';

+ $message = ( ( $mode == "poll_delete" ) ? $lang['Poll_delete'] : $lang['Deleted'] ) . '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>');

+ }

+

+ $message .= '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">', '</a>');

+

+ return;

+//

+// Handle user notification on new post

+//

+function user_notification($mode, &$post_data, &$forum_id, &$topic_id, &$post_id, &$notify_user)

+{

+ global $HTTP_SERVER_VARS, $HTTP_ENV_VARS;

+ global $board_config, $lang, $db, $phpbb_root_path, $phpEx;

+ global $userdata, $user_ip;

+

+ $current_time = time();

+

+ if ( ( $mode == "newtopic" && !$notify_user ) || $mode == "delete" )

+ {

+ $delete_sql = ( !$post_data['first_post'] && !$post_data['last_post'] ) ? " AND user_id = " . $userdata['user_id'] : "";

+ $sql = ( $mode == "newtopic" ) ? "INSERT INTO " . TOPICS_WATCH_TABLE . " (user_id, topic_id, notify_status) VALUES (" . $userdata['user_id'] . ", $topic_id, 0)" : "DELETE FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id = $topic_id" . $delete_sql;

+ if ( !($result = $db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Couldn't change topic notify data", "", __LINE__, __FILE__, $sql);

+ }

+ }

+ else

+ {

+ if ( $mode == "reply" )

+ {

+ $sql = "SELECT ban_userid

+ FROM " . BANLIST_TABLE;

+ if ( !($result = $db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "", "", __LINE__, __FILE__, $sql);

+ }

+

+ $user_id_sql = "";

+ while ( $row = $db->sql_fetchrow($result) )

+ {

+ $user_id_sql = ", " . $row['ban_userid'];

+ }

+

+ $sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, t.topic_title

+ FROM " . TOPICS_WATCH_TABLE . " tw, " . TOPICS_TABLE . " t, " . USERS_TABLE . " u

+ WHERE tw.topic_id = $topic_id

+ AND tw.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . " )

+ AND tw.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . "

+ AND t.topic_id = tw.topic_id

+ AND u.user_id = tw.user_id";

+ if ( !($result = $db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "", "", __LINE__, __FILE__, $sql);

+ }

+

+ $orig_word = array();

+ $replacement_word = array();

+ obtain_word_list($orig_word, $replacement_word);

+

+ include($phpbb_root_path . 'includes/emailer.'.$phpEx);

+ $emailer = new emailer($board_config['smtp_delivery']);

+

+ $script_name = preg_replace("/^\/?(.*?)\/?$/", "\\1", trim($board_config['script_path']));

+ $script_name = ( $script_name != '' ) ? $script_name . '/viewtopic.'.$phpEx : 'viewtopic.'.$phpEx;

+ $server_name = trim($board_config['server_name']);

+ $server_protocol = ( $board_config['cookie_secure'] ) ? "https://" : "http://";

+ $server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';

+

+ $email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n";

+

+ $update_watched_sql = "";

+ if ( $row = $db->sql_fetchrow($result) )

+ {

+ $topic_title = preg_replace($orig_word, $replacement_word, unprepare_message($row['topic_title']));

+

+ do

+ {

+ if ( $row['user_email'] != "" )

+ {

+ $emailer->use_template("topic_notify", $row['user_lang']);

+ $emailer->email_address($row['user_email']);

+ $emailer->set_subject($lang['Topic_reply_notification']);

+ $emailer->extra_headers($email_headers);

+

+ $emailer->assign_vars(array(

+ "EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),

+ "USERNAME" => $row['username'],

+ "SITENAME" => $board_config['sitename'],

+ "TOPIC_TITLE" => $topic_title,

+

+ "U_TOPIC" => $server_protocol . $server_name . $server_port . $script_name . "?" . POST_POST_URL . "=$post_id#$post_id",

+ "U_STOP_WATCHING_TOPIC" => $server_protocol . $server_name . $server_port . $script_name . "?" . POST_TOPIC_URL . "=$topic_id&unwatch=topic")

+ );

+

+ $emailer->send();

+ $emailer->reset();

+

+ $update_watched_sql .= ( $update_watched_sql != "" ) ? ", " . $row['user_id'] : $row['user_id'];

+ }

+ }

+ while ( $row = $db->sql_fetchrow($result) );

+ }

+

+ if ( $update_watched_sql != "" )

+ {

+ $sql = "UPDATE " . TOPICS_WATCH_TABLE . "

+ SET notify_status = " . TOPIC_WATCH_NOTIFIED . "

+ WHERE topic_id = $topic_id

+ AND user_id IN ($update_watched_sql)";

+ $db->sql_query($sql);

+ }

+ }

+

+ $sql = "SELECT topic_id

+ FROM " . TOPICS_WATCH_TABLE . "

+ WHERE topic_id = $topic_id

+ AND user_id = " . $userdata['user_id'];

+ if ( !($result = $db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Couldn't obtain topic watch information", "", __LINE__, __FILE__, $sql);

+ }

+

+ $row = $db->sql_fetchrow($result);

+

+ if ( !$notify_user && !empty($row['topic_id']) )

+ {

+ $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "

+ WHERE topic_id = $topic_id

+ AND user_id = " . $userdata['user_id'];

+ if ( !$result = $db->sql_query($sql) )

+ {

+ message_die(GENERAL_ERROR, "Couldn't delete topic watch information", "", __LINE__, __FILE__, $sql);

+ }

+ }

+ else if ( $notify_user && empty($row['topic_id']) )

+ {

+ $sql = "INSERT INTO " . TOPICS_WATCH_TABLE . " (user_id, topic_id, notify_status)

+ VALUES (" . $userdata['user_id'] . ", $topic_id, 0)";

+ if ( !($result = $db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Couldn't insert topic watch information", "", __LINE__, __FILE__, $sql);

+ }

+ }

+ }

+}

+ $inline_rows = 5;

+ if ( $mode == "window" )

+ $userdata = session_pagestart($user_ip, $page_id);

+ if ( $result = $db->sql_query($sql) )

+ $num_smilies = 0;

+ $rowset = array();

+ while ( $row = $db->sql_fetchrow($result) )

+ if ( empty($rowset[$row['smile_url']]) )

+ $rowset[$row['smile_url']]['code'] = str_replace("\\", "\\\\", str_replace("'", "\\'", $row['code']));

+ $rowset[$row['smile_url']]['emoticon'] = $row['emoticon'];

+ $num_smilies++;

+ }

+ if ( $num_smilies )

+ {

+ while ( list($smile_url, $data) = @each($rowset) )

+ if ( !$col )

+ if ( $col == $smilies_split_row )

+ if ( $mode == "inline" && $row == $inline_rows - 1 )

+ if ( $mode == "inline" && $num_smilies > $inline_rows * $inline_columns )

+ if ( $mode == "window" )

+?> \ No newline at end of file

+// Check and set various parameters

+//

+$params = array('submit' => 'post', 'confirm' => 'confirm', 'preview' => 'preview', 'delete' => 'delete', 'poll_delete' => 'poll_delete', 'poll_add' => 'add_poll_option', 'poll_edit' => 'edit_poll_option', 'mode' => 'mode', 'forum_id' => POST_FORUM_URL, 'topic_id' => POST_TOPIC_URL, 'post_id' => POST_POST_URL);

+while( list($var, $param) = @each($params) )

+ if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) )

+ $$var = ( !empty($HTTP_POST_VARS[$param]) ) ? $HTTP_POST_VARS[$param] : $HTTP_GET_VARS[$param];

+ $$var = "";

+$refresh = $preview || $poll_add || $poll_edit || $poll_delete;

+// Set topic type

+//

+$topic_type = ( !empty($HTTP_POST_VARS['topictype']) ) ? $HTTP_POST_VARS['topictype'] : POST_ANNOUNCE;

+// If the mode is set to topic review then output

+// that review ...

+if( $mode == "topicreview" )

+ require($phpbb_root_path . 'includes/topic_review.'.$phpEx);

+ topic_review($topic_id, false);

+ exit;

+else if( $mode == "smilies" )

+ generate_smilies("window", PAGE_POSTING);

+ exit;

+if( isset($HTTP_POST_VARS['cancel']) )

+ if ( $post_id )

+ else if ( $topic_id )

+ else if ( $forum_id )

+ header("Location: " . append_sid($redirect) . $post_append, true);

+// What auth type do we need to check?

+$is_auth = array();

+ if( $topic_type == POST_ANNOUNCE )

+ case 'poll_delete':

+// Here we do various lookups to find topic_id, forum_id, post_id etc.

+// Doing it here prevents spoofing (eg. faking forum_id, topic_id or post_id

+$error_msg = "";

+$post_data = array();

+switch ( $mode )

+ case 'newtopic':

+ if ( empty($forum_id) )

+ message_die(GENERAL_MESSAGE, $lang['Forum_not_exist']);

+ $sql = "SELECT *

+ FROM " . FORUMS_TABLE . "

+ WHERE forum_id = $forum_id";

+ break;

+ case 'reply':

+ case 'vote':

+ if ( empty( $topic_id) )

+ {

+ message_die(GENERAL_MESSAGE, $lang['No_topic_id']);

+ }

+ $sql = "SELECT f.*, t.topic_status

+ FROM " . FORUMS_TABLE . " f, " . TOPICS_TABLE . " t

+ WHERE t.topic_id = $topic_id

+ AND f.forum_id = t.forum_id";

+ break;

+ case 'quote':

+ case 'editpost':

+ case 'delete':

+ case 'poll_delete':

+ if ( empty($post_id) )

+ message_die(GENERAL_MESSAGE, $lang['No_post_id']);

+ $select_sql = ( !$submit ) ? ", t.topic_title, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig" : "";

+ $from_sql = ( !$submit ) ? ", " . POSTS_TEXT_TABLE . " pt, " . USERS_TABLE . " u" : "";

+ $where_sql = ( !$submit ) ? "AND pt.post_id = p.post_id AND u.user_id = p.poster_id" : "";

+ $sql = "SELECT f.*, t.topic_id, t.topic_status, t.topic_type, t.topic_first_post_id, t.topic_last_post_id, t.topic_vote, p.post_id, p.poster_id" . $select_sql . "

+ FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f" . $from_sql . "

+ WHERE p.post_id = $post_id

+ AND t.topic_id = p.topic_id

+ AND f.forum_id = p.forum_id

+ $where_sql";

+ break;

+ default:

+ message_die(GENERAL_MESSAGE, $lang['No_valid_mode']);

+}

+if ( $result = $db->sql_query($sql) )

+ $post_info = $db->sql_fetchrow($result);

+ $forum_id = $post_info['forum_id'];

+ $forum_name = $post_info['forum_name'];

+ $is_auth = auth(AUTH_ALL, $forum_id, $userdata, $post_info);

+ if ( $post_info['forum_status'] == FORUM_LOCKED && !$is_auth['auth_mod'])

+ {

+ message_die(GENERAL_MESSAGE, $lang['Forum_locked']);

+ }

+ else if ( $mode != "newtopic" && $post_info['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod'])

+ {

+ message_die(GENERAL_MESSAGE, $lang['Topic_locked']);

+ }

+ if ( $mode == "editpost" || $mode == "delete" || $mode == "poll_delete" )

+ $topic_id = $post_info['topic_id'];

+ $post_data['poster_post'] = ( $post_info['poster_id'] == $userdata['user_id'] ) ? true : false;

+ $post_data['first_post'] = ( $post_info['topic_first_post_id'] == $post_id ) ? true : false;

+ $post_data['last_post'] = ( $post_info['topic_last_post_id'] == $post_id ) ? true : false;

+ $post_data['last_topic'] = ( $post_info['forum_last_post_id'] == $post_id ) ? true : false;

+ $post_data['has_poll'] = ( $post_info['topic_vote'] ) ? true : false;

+ $post_data['topic_type'] = $post_info['topic_type'];

+ if ( $post_data['first_post'] && $post_data['has_poll'] )

+ $sql = "SELECT *

+ FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr

+ WHERE vd.topic_id = $topic_id

+ AND vr.vote_id = vd.vote_id

+ ORDER BY vr.vote_option_id";

+ if ( !($result = $db->sql_query($sql)) )

+ message_die(GENERAL_ERROR, "Couldn't obtain vote data for this topic", "", __LINE__, __FILE__, $sql);

+ $poll_options = array();

+ $poll_results_sum = 0;

+ if ( $row = $db->sql_fetchrow($result) )

+ $poll_title = $row['vote_text'];

+ $poll_id = $row['vote_id'];

+ $poll_length = $row['vote_length'] / 86400;

+ do

+ $poll_options[$row['vote_option_id']] = $row['vote_option_text'];

+ $poll_results_sum += $row['vote_result'];

+ while ( $row = $db->sql_fetchrow($result) );

+ $post_data['edit_poll'] = ( ( !$poll_results_sum || $is_auth['auth_mod'] ) && $post_data['first_post'] ) ? true : 0;

+ else

+ $post_data['edit_poll'] = false;

+

+ // Can this user edit/delete the post/poll?

+ if ( $post_info['poster_id'] != $userdata['user_id'] && !$is_auth['auth_mod'] )

+ $message = ( $delete || $mode == "delete" ) ? $lang['Delete_own_posts'] : $lang['Edit_own_posts'];

+ $message .= '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>');

+ message_die(GENERAL_MESSAGE, $message);

+ else if ( !$post_data['last_post'] && !$is_auth['auth_mod'] && ( $mode == "delete" || $delete ) )

+ message_die(GENERAL_MESSAGE, $lang['Cannot_delete_replied']);

+ else if ( !$post_data['edit_poll'] && !$is_auth['auth_mod'] && ( $mode == "poll_delete" || $poll_delete ) )

+ message_die(GENERAL_MESSAGE, $lang['Cannot_delete_poll']);

+ }

+ else

+ {

+ if ( $mode == "quote" )

+ $topic_id = $post_info['topic_id'];

+ $post_data['first_post'] = ( $mode == "newtopic" ) ? true : 0;

+ $post_data['last_post'] = false;

+ $post_data['has_poll'] = false;

+ $post_data['edit_poll'] = false;

+}

+else

+{

+ message_die(GENERAL_MESSAGE, $lang['No_such_post']);

+}

+

+//

+// The user is not authed, if they're not logged in then redirect

+// them, else show them an error message

+//

+if ( !$is_auth[$is_auth_type] )

+{

+ if ( $userdata['session_logged_in'] )

+ message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_' . $is_auth_type], $is_auth[$is_auth_type . "_type"]));

+ }

+ switch( $mode )

+ {

+ case 'newtopic':

+ $redirect = "mode=newtopic&" . POST_FORUM_URL . "=" . $forum_id;

+ break;

+ case 'reply':

+ case 'topicreview':

+ $redirect = "mode=reply&" . POST_TOPIC_URL . "=" . $topic_id;

+ break;

+ case 'quote':

+ case 'editpost':

+ $redirect = "mode=quote&" . POST_POST_URL ."=" . $post_id;

+ break;

+ }

+ header("Location: " . append_sid("login.$phpEx?redirect=posting.$phpEx&" . $redirect, true));

+}

+//

+// Set toggles for various options

+//

+if( !$board_config['allow_html'] )

+{

+ $html_on = 0;

+}

+else

+{

+ $html_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_html']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_html'] : $userdata['user_allowhtml'] );

+}

+if( !$board_config['allow_bbcode'] )

+{

+ $bbcode_on = 0;

+}

+else

+{

+ $bbcode_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_bbcode']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_bbcode'] : $userdata['user_allowbbcode'] );

+}

+if( !$board_config['allow_smilies'] )

+{

+ $smilies_on = 0;

+}

+else

+{

+ $smilies_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_smilies']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_smilies'] : $userdata['user_allowsmile'] );

+}

+

+if ( $submit || $refresh )

+{

+ $notify_user = ( !empty($HTTP_POST_VARS['notify']) ) ? TRUE : 0;

+}

+else

+{

+ if ( $mode != "newtopic" )

+ {

+ $sql = "SELECT topic_id

+ FROM " . TOPICS_WATCH_TABLE . "

+ WHERE topic_id = $topic_id

+ AND user_id = " . $userdata['user_id'];

+ if ( !($result = $db->sql_query($sql)) )

+ message_die(GENERAL_ERROR, "Couldn't obtain topic watch information", "", __LINE__, __FILE__, $sql);

+ }

+ $notify_user = ( $db->sql_fetchrow($result) ) ? TRUE : $userdata['user_notify'];

+ }

+ else

+ {

+ $notify_user = $userdata['user_notify'];

+ }

+}

+$attach_sig = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['attach_sig']) ) ? TRUE : 0 ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? 0 : $userdata['user_attachsig'] );

+// --------------------

+// What shall we do?

+//

+if ( ( $delete || $poll_delete || $mode == "delete" ) && !$confirm )

+{

+ //

+ // Confirm deletion

+ //

+ $s_hidden_fields = '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';

+ $s_hidden_fields .= ( $delete || $mode == "delete" ) ? '<input type="hidden" name="mode" value="delete" />' : '<input type="hidden" name="mode" value="poll_delete" />';

+ $l_confirm = ( $delete || $mode == "delete" ) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll'];

+ //

+ // Output confirmation page

+ //

+ include($phpbb_root_path . 'includes/page_header.'.$phpEx);

+ $template->set_filenames(array(

+ "confirm_body" => "confirm_body.tpl")

+ );

+ $template->assign_vars(array(

+ "MESSAGE_TITLE" => $lang['Information'],

+ "MESSAGE_TEXT" => $l_confirm,

+ "L_YES" => $lang['Yes'],

+ "L_NO" => $lang['No'],

+ "S_CONFIRM_ACTION" => append_sid("posting.$phpEx"),

+ "S_HIDDEN_FIELDS" => $s_hidden_fields)

+ );

+ $template->pparse("confirm_body");

+ include($phpbb_root_path . 'includes/page_tail.'.$phpEx);

+}

+else if ( $mode == "vote" )

+{

+ //

+ // Vote in a poll

+ //

+ if ( !empty($HTTP_POST_VARS['vote_id']) )

+ {

+ $vote_option_id = $HTTP_POST_VARS['vote_id'];

+

+ $sql = "SELECT vd.vote_id

+ FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr

+ WHERE vd.topic_id = $topic_id

+ AND vr.vote_id = vd.vote_id

+ AND vr.vote_option_id = $vote_option_id

+ GROUP BY vd.vote_id";

+ if ( !($result = $db->sql_query($sql)) )

+ message_die(GENERAL_ERROR, "Couldn't obtain vote data for this topic", "", __LINE__, __FILE__, $sql);

+ if ( $vote_info = $db->sql_fetchrow($result) )

+ $vote_id = $vote_info['vote_id'];

+ $sql = "SELECT *

+ FROM " . VOTE_USERS_TABLE . "

+ WHERE vote_id = $vote_id

+ AND vote_user_id = " . $userdata['user_id'];

+ if ( !($result = $db->sql_query($sql)) )

+ message_die(GENERAL_ERROR, "Couldn't obtain user vote data for this topic", "", __LINE__, __FILE__, $sql);

+ if ( !($row = $db->sql_fetchrow($result)) )

+ $sql = "UPDATE " . VOTE_RESULTS_TABLE . "

+ SET vote_result = vote_result + 1

+ AND vote_option_id = $vote_option_id";

+ if ( !$db->sql_query($sql, BEGIN_TRANSACTION) )

+ message_die(GENERAL_ERROR, "Couldn't update poll result", "", __LINE__, __FILE__, $sql);

+ $sql = "INSERT INTO " . VOTE_USERS_TABLE . " (vote_id, vote_user_id, vote_user_ip)

+ VALUES ($vote_id, " . $userdata['user_id'] . ", '$user_ip')";

+ if ( !$db->sql_query($sql, END_TRANSACTION) )

+ message_die(GENERAL_ERROR, "Couldn't insert user_id for poll", "", __LINE__, __FILE__, $sql);

+ $message = $lang['Vote_cast'];

+ }

+ else

+ {

+ $message = $lang['Already_voted'];

+ $message = $lang['No_vote_option'];

+ $template->assign_vars(array(

+ "META" => '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">')

+ );

+ $message .= '<br /><br />' . sprintf($lang['Click_view_message'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>');

+ message_die(GENERAL_MESSAGE, $message);

+ }

+else if ( $submit || $confirm )

+ // Submit post/vote (newtopic, edit, reply, etc.)

+ $return_message = "";

+ $return_meta = "";

+ switch ( $mode )

+ {

+ case 'editpost':

+ case 'newtopic':

+ case 'reply':

+ $username = ( !empty($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : "";

+ $subject = ( !empty($HTTP_POST_VARS['subject']) ) ? $HTTP_POST_VARS['subject'] : "";

+ $message = ( !empty($HTTP_POST_VARS['message']) ) ? $HTTP_POST_VARS['message'] : "";

+ $poll_title = ( isset($HTTP_POST_VARS['poll_title']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_title'] : "";

+ $poll_options = ( isset($HTTP_POST_VARS['poll_option_text']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_option_text'] : "";

+ $poll_length = ( isset($HTTP_POST_VARS['poll_length']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_length'] : "";

+ $bbcode_uid = "";

+ prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $message, $poll_title, $poll_options, $poll_length);

+

+ if ( $error_msg == "" )

+ $topic_type = ( $topic_type != $post_data['topic_type'] && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] ) ? $post_data['topic_type'] : $topic_type;

+

+ submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, str_replace("\'", "''", $username), str_replace("\'", "''", $subject), str_replace("\'", "''", $message), str_replace("\'", "''", $poll_title), $poll_options, $poll_length);

+ user_notification($mode, $post_data, $forum_id, $topic_id, $post_id, $notify_user);

+ break;

+

+ case 'delete':

+ case 'poll_delete':

+ delete_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id);

+ break;

+

+ if ( $error_msg == "" )

+ if ( $mode == "newtopic" || $mode == "reply" )

+ $tracking_topics = ( !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . "_t"]) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . "_t"]) : array();

+ $tracking_forums = ( !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . "_f"]) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . "_f"]) : array();

+

+ if ( count($tracking_topics) + count($tracking_forums) == 100 && empty($tracking_topics[$topic_id]) )

+ asort($tracking_topics);

+ unset($tracking_topics[key($tracking_topics)]);

+

+ $tracking_topics[$topic_id] = time();

+

+ setcookie($board_config['cookie_name'] . "_t", serialize($tracking_topics), 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);

+ $template->assign_vars(array(

+ "META" => $return_meta)

+ );

+ message_die(GENERAL_MESSAGE, $return_message);

+ }

+}

+

+//

+//

+//

+if( $refresh || isset($HTTP_POST_VARS['del_poll_option']) || $error_msg != "" )

+{

+ $username = ( !empty($HTTP_POST_VARS['username']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['username']))) : "";

+ $subject = ( !empty($HTTP_POST_VARS['subject']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['subject']))) : "";

+ $message = ( !empty($HTTP_POST_VARS['message']) ) ? trim(stripslashes($HTTP_POST_VARS['message'])) : "";

+

+ $poll_title = ( !empty($HTTP_POST_VARS['poll_title']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['poll_title']))) : "";

+ $poll_length = ( isset($HTTP_POST_VARS['poll_length']) ) ? max(0, intval($HTTP_POST_VARS['poll_length'])) : 0;

+

+ $poll_options = array();

+ if ( !empty($HTTP_POST_VARS['poll_option_text']) )

+ {

+ while( list($option_id, $option_text) = @each($HTTP_POST_VARS['poll_option_text']) )

+ if( isset($HTTP_POST_VARS['del_poll_option'][$option_id]) )

+ unset($poll_options[$option_id]);

+ else if ( !empty($option_text) )

+ $poll_options[$option_id] = htmlspecialchars(trim(stripslashes($option_text)));

+ if ( isset($poll_add) && !empty($HTTP_POST_VARS['add_poll_option_text']) )

+ $poll_options[] = htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['add_poll_option_text'])));

+ }

+ if ( $mode == 'newtopic' || $mode == 'reply')

+ {

+ else if ( $mode == 'editpost' )

+ $user_sig = ( $post_info['user_sig'] != "" ) ? $post_info['user_sig'] : "";

+

+ if( $preview )

+ $orig_word = array();

+ $replacement_word = array();

+ obtain_word_list($orig_word, $replacement_word);

+ $bbcode_uid = ( $bbcode_on ) ? make_bbcode_uid() : "";

+ $preview_message = stripslashes(prepare_message(addslashes($message), $html_on, $bbcode_on, $smilies_on, $bbcode_uid));

+ $preview_subject = $subject;

+ $preview_username = $username;

+ //

+ // Finalise processing as per viewtopic

+ //

+ if( !$html_on )

+ {

+ if( $user_sig != "" || !$userdata['user_allowhtml'] )

+ $user_sig = preg_replace("#(<)([\/]?.*?)(>)#is", "&lt;\\2&gt;", $user_sig);

+ }

+ if( $attach_sig && $user_sig != "" && $userdata['user_sig_bbcode_uid'] )

+ {

+ $user_sig = bbencode_second_pass($user_sig, $userdata['user_sig_bbcode_uid']);

+

+ if( $bbcode_on )

+ $preview_message = bbencode_second_pass($preview_message, $bbcode_uid);

+ if( !empty($orig_word) )

+ $preview_username = ( !empty($username) ) ? preg_replace($orig_word, $replacement_word, $preview_username) : "";

+ $preview_subject = ( !empty($subject) ) ? preg_replace($orig_word, $replacement_word, $preview_subject) : "";

+ $preview_message = ( !empty($preview_message) ) ? preg_replace($orig_word, $replacement_word, $preview_message) : "";

+

+ if( $user_sig != "" )

+ {

+ $user_sig = make_clickable($user_sig);

+ }

+ $preview_message = make_clickable($preview_message);

+

+ if( $smilies_on )

+ {

+ if( $userdata['user_allowsmile'] && $user_sig != "" )

+ {

+ $user_sig = smilies_pass($user_sig);

+ }

+

+ $preview_message = smilies_pass($preview_message);

+ }

+

+ if( $attach_sig && $user_sig != "" )

+ $preview_message = $preview_message . "<br /><br />_________________<br />" . $user_sig;

+

+ $preview_message = str_replace("\n", "<br />", $preview_message);

+

+ $template->set_filenames(array(

+ "preview" => "posting_preview.tpl")

+ );

+

+ $template->assign_vars(array(

+ "TOPIC_TITLE" => $preview_subject,

+ "POST_SUBJECT" => $preview_subject,

+ "POSTER_NAME" => $preview_username,

+ "POST_DATE" => create_date($board_config['default_dateformat'], time(), $board_config['board_timezone']),

+ "MESSAGE" => $preview_message,

+

+ "L_POST_SUBJECT" => $lang['Post_subject'],

+ "L_PREVIEW" => $lang['Preview'],

+ "L_POSTED" => $lang['Posted'])

+ );

+ $template->assign_var_from_handle("POST_PREVIEW_BOX", "preview");

+ }

+ else if( $error_msg != "" )

+ {

+ $template->set_filenames(array(

+ "reg_header" => "error_body.tpl")

+ );

+ $template->assign_vars(array(

+ "ERROR_MESSAGE" => $error_msg)

+ );

+ $template->assign_var_from_handle("ERROR_BOX", "reg_header");

+ // User default entry point

+ if ( $mode == 'newtopic' )

+ $username = ($userdata['session_logged_in']) ? $userdata['username'] : "";

+ $poll_title = "";

+ $poll_length = "";

+ $subject = "";

+ $message = "";

+ else if ( $mode == 'reply' )

+ $username = ( $userdata['session_logged_in'] ) ? $userdata['username'] : "";

+ $subject = "";

+ $message = "";

+ else if ( $mode == 'quote' || $mode == 'editpost' )

+ $subject = ( $post_data['first_post'] ) ? $post_info['topic_title'] : $post_info['post_subject'];

+ $message = $post_info['post_text'];

+ if ( $mode == "editpost" )

+ $attach_sig = ( $post_info['enable_sig'] && $post_info['user_sig'] != "" ) ? TRUE : 0;

+ $user_sig = $post_info['user_sig'];

+ }

+ else

+ {

+ $attach_sig = ( $userdata['user_attachsig'] ) ? TRUE : 0;

+ $user_sig = $userdata['user_sig'];

+ }

+ if ( $post_info['bbcode_uid'] != "" )

+ {

+ $message = preg_replace("/\:(([a-z0-9]:)?)" . $post_info['bbcode_uid'] . "/si", "", $message);

+ }

+ $message = str_replace("<br />", "\n", $message);

+ $message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $message);

+ if ( $mode == 'quote' )

+ {

+ $orig_word = array();

+ $replacement_word = array();

+ obtain_word_list($orig_word, $replace_word);

+ $msg_date = create_date($board_config['default_dateformat'], $postrow['post_time'], $board_config['board_timezone']);

+ $message = '[quote="' . $post_info['username'] . '"]' . $message . '[/quote]';

+ if ( !empty($orig_word) )

+ $subject = ( !empty($subject) ) ? preg_replace($orig_word, $replace_word, $subject) : "";

+ $message = ( !empty($message) ) ? preg_replace($orig_word, $replace_word, $message) : "";

+

+ if ( !preg_match("/^Re:/", $subject) && strlen($subject) > 0 )

+ $subject = 'Re: ' . $subject;

+ $mode = 'reply';

+// Signature toggle selection

+if( $user_sig != "" )

+ $template->assign_block_vars("signature_checkbox", array());

+if ( $board_config['allow_html'] )

+if ( $board_config['allow_bbcode'] )

+if ( $board_config['allow_smilies'] )

+if( !$userdata['session_logged_in'] || ( $mode == "editpost" && $post_info['poster_id'] == ANONYMOUS ) )

+ $template->assign_block_vars("username_select", array());

+if ( $userdata['session_logged_in'] )

+ if ( $mode != "editpost" || ( $mode == "editpost" && $post_info['poster_id'] != ANONYMOUS ) )

+if ( $mode == 'editpost' && ( ( $is_auth['auth_delete'] && $post_data['last_post'] && ( !$post_data['has_poll'] || $post_data['edit_poll'] ) ) || $is_auth['auth_mod'] ) )

+$topic_type_toggle = '';

+if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] ) )

+ if( $is_auth['auth_sticky'] )

+ $topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_STICKY . '"';

+ if ( $post_data['topic_type'] == POST_STICKY )

+ $topic_type_toggle .= ' checked="checked"';

+ $topic_type_toggle .= ' /> ' . $lang['Post_Sticky'] . '&nbsp;&nbsp;';

+ if( $is_auth['auth_announce'] )

+ $topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_ANNOUNCE . '"';

+ if ( $post_data['topic_type'] == POST_ANNOUNCE )

+ $topic_type_toggle .= ' checked="checked"';

+ $topic_type_toggle .= ' /> ' . $lang['Post_Announcement'] . '&nbsp;&nbsp;';

+ if ( $topic_type_toggle != "" )

+ $topic_type_toggle = $lang['Post_topic_as'] . ': <input type="radio" name="topictype" value="' . POST_NORMAL .'"' . ( ( $post_data['topic_type'] == POST_NORMAL ) ? ' checked="checked"' : '' ) . ' /> ' . $lang['Post_Normal'] . '&nbsp;&nbsp;' . $topic_type_toggle;

+switch( $mode )

+ $page_title = $lang['Post_a_new_topic'];

+ $page_title = $lang['Post_a_reply'];

+ $page_title = $lang['Edit_Post'];

+// Generate smilies listing for page output

+generate_smilies("inline", PAGE_POSTING);

+

+// Include page header

+include($phpbb_root_path . 'includes/page_header.'.$phpEx);

+

+$template->set_filenames(array(

+ "body" => "posting_body.tpl",

+ "pollbody" => "posting_poll_body.tpl",

+ "jumpbox" => "jumpbox.tpl",

+ "reviewbody" => "posting_topic_review.tpl")

+);

+

+$jumpbox = make_jumpbox();

+$template->assign_vars(array(

+ "L_GO" => $lang['Go'],

+ "L_JUMP_TO" => $lang['Jump_to'],

+ "L_SELECT_FORUM" => $lang['Select_forum'],

+

+ "S_JUMPBOX_LIST" => $jumpbox,

+ "S_JUMPBOX_ACTION" => append_sid("viewforum.$phpEx"))

+);

+$template->assign_var_from_handle("JUMPBOX", "jumpbox");

+

+$template->assign_vars(array(

+ "FORUM_NAME" => $forum_name,

+ "L_POST_A" => $page_title,

+ "L_POST_SUBJECT" => $lang['Post_subject'],

+

+ "U_VIEW_FORUM" => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id"))

+);

+ "USERNAME" => $username,

+ "SUBJECT" => $subject,

+ "MESSAGE" => $message,

+ "U_VIEWTOPIC" => ( $mode == 'reply' ) ? append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;postorder=desc") : "",

+ "U_REVIEW_TOPIC" => ( $mode == 'reply' ) ? append_sid("posting.$phpEx?mode=topicreview&amp;" . POST_TOPIC_URL . "=$topic_id") : "",

+ "S_HTML_CHECKED" => (!$html_on) ? 'checked="checked"' : "",

+ "S_BBCODE_CHECKED" => (!$bbcode_on) ? 'checked="checked"' : "",

+ "S_SMILIES_CHECKED" => (!$smilies_on) ? 'checked="checked"' : "",

+ "S_SIGNATURE_CHECKED" => ($attach_sig) ? 'checked="checked"' : "",

+ "S_NOTIFY_CHECKED" => ($notify_user) ? 'checked="checked"' : "",

+if( ( $mode == "newtopic" || ( $mode == "editpost" && $post_data['first_post'] ) ) && $is_auth['auth_pollcreate'] )

+ "POLL_TITLE" => $poll_title,

+ if( $mode == 'editpost' && $post_data['edit_poll'] )

+ if( !empty($poll_options) )

+ while( list($option_id, $option_text) = each($poll_options) )

+ "POLL_OPTION" => $option_text,

+if( $mode == 'reply' )

+ require($phpbb_root_path . 'includes/topic_review.'.$phpEx);

+?> \ No newline at end of file

+$submit = ( isset($HTTP_POST_VARS['post']) ) ? TRUE : 0;

+ OR pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "

+ OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";

+ AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "

+ OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) ";

+ if( ( $privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL || $privmsg['privmsgs_type'] == PRIVMSGS_UNREAD_MAIL ) && $folder == "inbox" )

+ if ( !empty($privmsg['user_viewemail']) )

+ $email_uri = ( $board_config['board_email_form'] ) ? append_sid("profile.$phpEx?mode=email&amp;" . POST_USERS_URL ."=" . $user_id_from) : 'mailto:' . $privmsg['user_email'];

+ $email_img = '<a href="' . $email_uri . '"><img src="' . $images['icon_email'] . '" alt="' . $lang['Send_email'] . '" border="0" /></a>';

+ $email_img = '';

+ $www_img = ( $privmsg['user_website']) ? '<a href="' .$privmsg['user_website'] . '" target="_userwww"><img src="' .$images['icon_www'] . '" alt="' .$lang['Visit_website'] . '" border="0" /></a>' : '';

+ $icq_status_img = '<a href="http://wwp.icq.com/"' . $privmsg['user_icq'] . '"#pager"><img src="http://web.icq.com/whitepages/online?icq="' . $privmsg['user_icq'] . '"&amp;img=5" width="18" height="18" border="0" /></a>';

+ $icq_add_img = '<a href="http://wwp.icq.com/scripts/search.dll?to="' . $privmsg['user_icq'] . '"><img src="' .$images['icon_icq'] . '" alt="' .$lang['ICQ'] . '" border="0" /></a>';

+ $icq_status_img = '';

+ $icq_add_img = '';

+ privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";

+ $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";

+

+ $sql = "SELECT privmsgs_to_userid

+ FROM " . PRIVMSGS_TABLE . "

+ WHERE privmsgs_id IN ($delete_sql_id)

+ AND privmsgs_from_userid = " . $userdata['user_id'] . "

+ AND privmsgs_type = " . PRIVMSGS_UNREAD_MAIL;

+ if ( !($result = $db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Couldn't obtain user id list for outbox messages", "", __LINE__, __FILE__, $sql);

+ }

+

+ $update_pm_sql = "";

+ while( $row = $db->sql_fetchrow($result) )

+ {

+ $update_pm_sql .= ( ( $update_pm_sql != "" ) ? ", " : "" ) . $row['privmsgs_to_userid'];

+ }

+

+ $sql = "UPDATE " . USERS_TABLE . "

+ SET user_unread_privmsg = user_unread_privmsg - 1

+ WHERE user_id IN ($update_pm_sql)";

+ if ( !($result = $db->sql_query($sql)) )

+ {

+ message_die(GENERAL_ERROR, "Couldn't update users new msg counters", "", __LINE__, __FILE__, $sql);

+ }

+ privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";

+ OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . "

+ OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . ")";

+ AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "

+ OR privmsgs_type = " . PRIVMSGS_UNERAD_MAIL . " ) ";

+ $user_id = ( isset($HTTP_GET_VARS[POST_USERS_URL]) ) ? "&" . POST_USERS_URL . "=" . $HTTP_GET_VARS[POST_USERS_URL] : "";

+ header("Location: " . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=$folder&mode=$mode" . $user_id, true));

+ OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "

+ OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )

+ OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "

+ OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )

+ $script_name = preg_replace("/^\/?(.*?)\/?$/", "\\1", trim($board_config['script_path']));

+ $script_name = ( $script_name != '' ) ? $script_name . '/privmsg.'.$phpEx : 'privmsg.'.$phpEx;

+ $server_name = trim($board_config['server_name']);

+ $server_protocol = ( $board_config['cookie_secure'] ) ? "https://" : "http://";

+ $server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';

+

+ "U_INBOX" => $server_protocol . $server_name . $server_port . $script_name . "?folder=inbox")

+ AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "

+ OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )

+ SET user_unread_privmsg = user_unread_privmsg + user_new_privmsg, user_new_privmsg = 0, user_last_privmsg = " . $userdata['session_start'] . "

+$sql = "UPDATE " . PRIVMSGS_TABLE . "

+ SET privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . "

+ WHERE privmsgs_type = " . PRIVMSGS_NEW_MAIL . "

+ AND privmsgs_to_userid = " . $userdata['user_id'];

+if( !$status = $db->sql_query($sql) )

+{

+ message_die(GENERAL_ERROR, "Could not update private message new/read status (2) for user.", "", __LINE__, __FILE__, $sql);

+}

+

+ OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "

+ OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";

+ OR pm.privmsgs_type = " . PRIVMSGS_READ_MAIL . "

+ OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";

+ AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "

+ OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";

+ AND pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "

+ OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";

+

+ $icon_flag = ($flag == PRIVMSGS_NEW_MAIL || $flag == PRIVMSGS_UNREAD_MAIL ) ? "<img src=\"" . $images['pm_unreadmsg'] . "\" alt=\"" . $lang['Unread_message'] . "\" border=\"0\">" : "<img src=\"" . $images['pm_readmsg'] . "\" alt=\"" . $lang['Read_message'] . "\" border=\"0\">";

+?> \ No newline at end of file

+$userdata = session_pagestart($user_ip, PAGE_PROFILE);

+//

+// Set default email variables

+//

+$script_name = preg_replace("/^\/?(.*?)\/?$/", "\\1", trim($board_config['script_path']));

+$script_name = ( $script_name != '' ) ? $script_name . '/profile.'.$phpEx : 'profile.'.$phpEx;

+$server_name = trim($board_config['server_name']);

+$server_protocol = ( $board_config['cookie_secure'] ) ? "https://" : "http://";

+$server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';

+

+$server_url = $server_protocol . $script_name . $server_name . $server_port;

+

+ "U_ACTIVATE" => $server_url . "?mode=activate&act_key=$user_actkey")

+ "U_ACTIVATE" => $server_url . "?mode=activate&act_key=$user_actkey",

+

+ "U_ACTIVATE" => $server_url . "?mode=activate&act_key=$user_actkey")

+ "U_ACTIVATE" => $server_url . "?mode=activate&act_key=$user_actkey")

+

+ "U_ACTIVATE" => $server_url . "?mode=activate&act_key=$user_actkey")

+ $email_headers .= "X-AntiAbuse: User IP - " . decode_ip($user_ip) . "\r\n";

+ $message = $lang['Email_sent'] . "<br /><br />" . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');

+ "S_SIGNATURE_CHECKED" => ( $attach_sig ) ? 'checked="checked"' : '',

+?> \ No newline at end of file