// STARTED : Sat Feb 17, 2001

// COPYRIGHT : � 2001, 2003 phpBB Group

// WWW : http://www.phpbb.com/

// -------------------------------------------------------------

define('IN_PHPBB', true);

$sql = 'SELECT f.*, t.*

FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f

WHERE t.topic_id = $topic_id

OR f.forum_id = $forum_id)";

break;

case 'quote':

case 'edit':

case 'delete':

trigger_error('NO_POST');

}

FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u

WHERE p.post_id = $post_id

AND t.topic_id = p.topic_id

AND u.user_id = p.poster_id

OR f.forum_id = $forum_id)";

break;

if ($forum_password)

{

$forum_info = array(

'forum_password'=> $forum_password

);

login_forum_box($forum_info);

unset($forum_info);

}

// Get Poll Data

if ($poll_start)

{

FROM ' . POLL_OPTIONS_TABLE . "

WHERE topic_id = $topic_id

ORDER BY poll_option_id";

$result = $db->sql_query($sql);

$message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));

$db->sql_freeresult($result);

}

if ($poster_id == ANONYMOUS || !$poster_id)

{

$username = (in_array($mode, array('quote', 'edit', 'delete'))) ? trim($post_username) : '';

$sql = 'SELECT draft_id

FROM ' . DRAFTS_TABLE . '

WHERE (forum_id = ' . $forum_id . (($topic_id) ? " OR topic_id = $topic_id" : '') . ')

(($draft_id) ? " AND draft_id <> $draft_id" : '');

$result = $db->sql_query_limit($sql, 1);

{

trigger_error('USER_CANNOT_' . strtoupper($mode));

}

}

trigger_error($message);

}

if ($mode == 'edit' && !$preview && !$refresh && !$submit && !$auth->acl_get('m_edit', $forum_id))

{

if (!($post_time > time() - $config['edit_time'] || !$config['edit_time']))

{

trigger_error('CANNOT_EDIT_TIME');

}

if ($post_edit_locked)

{

trigger_error('CANNOT_EDIT_POST_LOCKED');

}

}

if ($mode == 'edit')

{

$message_parser->bbcode_uid = $bbcode_uid;

'post_time' => $post_time,

'poster_id' => $poster_id

);

$next_post_id = delete_post($mode, $post_id, $topic_id, $forum_id, $data);

if ($topic_first_post_id == $topic_last_post_id)

{

$meta_info = "viewforum.$phpEx$SID&amp;f=$forum_id";

WHERE user_id = " . $user->data['user_id']);

$db->sql_transaction('commit');

markread('post', $forum_id, $topic_id, $current_time);

add_log('mod', $forum_id, $topic_id, sprintf($user->lang['LOGM_BUMP'], $topic_title));

'draft_subject' => $subject,

'draft_message' => $message));

$db->sql_query($sql);

$meta_info = ($mode == 'post') ? "viewforum.$phpEx$SID&amp;f=$forum_id" : "viewtopic.$phpEx$SID&amp;f=$forum_id&amp;t=$topic_id";

meta_refresh(3, $meta_info);

// Load Draft

if ($draft_id && $user->data['user_id'] != ANONYMOUS && $auth->acl_get('u_savedrafts'))

{

WHERE draft_id = $draft_id

AND user_id = " . $user->data['user_id'];

$result = $db->sql_query_limit($sql, 1);

if ($row = $db->sql_fetchrow($result))

{

$_REQUEST['subject'] = $row['draft_subject'];

{

$subject = phpbb_strtolower($subject);

}

$message_parser->message = (isset($_POST['message'])) ? htmlspecialchars(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), $_POST['message'])) : '';

$message_parser->message = preg_replace('#&amp;(\#[0-9]+;)#', '&\1', $message_parser->message);

// $message_parser->message = request_var('message', '', true, true);

$post_lock = (isset($_POST['lock_post']));

$poll_delete = (isset($_POST['poll_delete']));

// Faster than crc32

$check_value = (($preview || $refresh) && isset($_POST['status_switch'])) ? (int) $_POST['status_switch'] : (($enable_html+1) << 16) + (($enable_bbcode+1) << 8) + (($enable_smilies+1) << 4) + (($enable_urls+1) << 2) + (($enable_sig+1) << 1);

$status_switch = (isset($_POST['status_switch']) && (int) $_POST['status_switch'] != $check_value);

'poll_title' => '',

'poll_start' => 0,

'poll_length' => 0,

'poll_max_options' => 0

);

WHERE topic_id = $topic_id";

$db->sql_query($sql);

if (($username && $user->data['user_id'] == ANONYMOUS) || ($mode == 'edit' && $post_username))

{

include($phpbb_root_path . 'includes/functions_user.' . $phpEx);

if (($result = validate_username(($mode == 'edit' && $post_username) ? $post_username : $username)) != false)

{

$error[] = $result;

{

$error[] = $user->lang['EMPTY_SUBJECT'];

}

$poll_data = array(

'poll_title' => $poll_title,

'poll_length' => $poll_length,

$result = $db->sql_query_limit($sql, 1);

$row = $db->sql_fetchrow($result);

if ($row && !$row['forum_id'] && $row['topic_type'] == POST_GLOBAL)

{

$to_forum_id = request_var('to_forum_id', 0);

if (!$to_forum_id)

{

$template->assign_vars(array(

'S_FORUM_SELECT' => make_forum_select(false, false, false, true, true),

);

$submit = false;

$refresh = true;

}

{

$change_topic_status = ITEM_LOCKED;

}

if ($change_topic_status != $topic_status)

{

$sql = 'UPDATE ' . TOPICS_TABLE . "

WHERE topic_id = $topic_id

AND topic_moved_id = 0";

$db->sql_query($sql);

$user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['user_id'] != ANONYMOUS && $user->data['user_id'] == $topic_poster) ? 'USER_' : '';

add_log('mod', $forum_id, $topic_id, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), $topic_title);

'post_edit_locked' => (int) $post_edit_locked,

'bbcode_bitfield' => (int) $message_parser->bbcode_bitfield

);

submit_post($mode, $message_parser->message, $subject, $username, $topic_type, $message_parser->bbcode_uid, $poll, $message_parser->attachment_data, $message_parser->filename_data, $post_data, $update_message);

}

$post_text = $message_parser->message;

$post_subject = stripslashes($subject);

{

include($phpbb_root_path . 'includes/functions_display.' . $phpEx);

$extensions = $update_count = array();

$template->assign_var('S_HAS_ATTACHMENTS', true);

display_attachments($forum_id, 'attachment', $message_parser->attachment_data, $update_count, true);

}

// Start assigning vars for main posting page ...

$template->assign_vars(array(

'L_POST_A' => $page_title,

'L_MESSAGE_BODY_EXPLAIN'=> (intval($config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '',

'FORUM_NAME' => $forum_name,

'SUBJECT' => $post_subject,

'MESSAGE' => trim($post_text),

'PREVIEW_SUBJECT' => ($preview && !sizeof($error)) ? $preview_subject : '',

'HTML_STATUS' => ($html_status) ? $user->lang['HTML_IS_ON'] : $user->lang['HTML_IS_OFF'],

'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>'),

'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],

'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],

'MINI_POST_IMG' => $user->img('icon_post', $user->lang['POST']),

'POST_DATE' => ($post_time) ? $user->format_date($post_time) : '',

'TOPIC_TIME_LIMIT' => (int) $topic_time_limit,

'EDIT_REASON' => $post_edit_reason,

'POLL_TITLE' => (isset($poll_title)) ? $poll_title : '',

'POLL_OPTIONS' => (isset($poll_options) && $poll_options) ? implode("\n", $poll_options) : '',

'POLL_LENGTH' => $poll_length)

);

}

break;

case 'delete_first_post':

FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u

ORDER BY p.post_time ASC";

$result = $db->sql_query_limit($sql, 1);

$next_post_id = (int) $row['post_id'];

break;

case 'delete_last_post':

if ($data['topic_type'] != POST_GLOBAL)

{

$result = $db->sql_query($sql);

$row = $db->sql_fetchrow($result);

$db->sql_freeresult($result);

$next_post_id = (int) $row['last_post_id'];

}

break;

case 'delete':

$sql = 'SELECT post_id

FROM ' . POSTS_TABLE . "

(($auth->acl_get('m_approve', $forum_id)) ? 'AND post_approved = 1' : '') . '

AND post_time > ' . $data['post_time'] . '

ORDER BY post_time ASC';

$sql_data[TOPICS_TABLE] = 'topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : '');

$next_post_id = (int) $row['post_id'];

}

$sql_data[USERS_TABLE] = ($auth->acl_get('f_postcount', $forum_id)) ? 'user_posts = user_posts - 1' : '';

set_config('num_posts', $config['num_posts'] - 1, true);

{

return;

}

$current_time = time();

if ($mode == 'post')

{

$post_mode = ($data['topic_first_post_id'] == $data['topic_last_post_id']) ? 'edit_topic' : (($data['topic_first_post_id'] == $data['post_id']) ? 'edit_first_post' : (($data['topic_last_post_id'] == $data['post_id']) ? 'edit_last_post' : 'edit'));

}

// Collect some basic informations about which tables and which rows to update/insert

$sql_data = array();

$sql_data[POSTS_TABLE]['sql'] = array(

'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'],

'poster_id' => (int) $user->data['user_id'],

'poster_ip' => $user->ip,

'post_time' => $current_time,

'post_approved' => ($auth->acl_get('f_moderate', $data['forum_id'])) ? 0 : 1,

'enable_smilies' => $data['enable_smilies'],

'enable_magic_url' => $data['enable_urls'],

'enable_sig' => $data['enable_sig'],

'post_subject' => $subject,

'post_text' => $message,

'post_checksum' => $data['message_md5'],

$sql_data[POSTS_TABLE]['sql'] = array(

'post_edit_time' => $current_time

);

$sql_data[POSTS_TABLE]['stat'][] = 'post_edit_count = post_edit_count + 1';

}

$sql_data[POSTS_TABLE]['sql'] = array(

'post_edit_time' => $current_time

);

$sql_data[POSTS_TABLE]['stat'][] = 'post_edit_count = post_edit_count + 1';

}

case 'edit_topic':

if (!isset($sql_data[POSTS_TABLE]['sql']))

{

$sql_data[POSTS_TABLE]['sql'] = array();

'enable_smilies' => $data['enable_smilies'],

'enable_magic_url' => $data['enable_urls'],

'enable_sig' => $data['enable_sig'],

'post_subject' => $subject,

'post_edit_reason' => $data['post_edit_reason'],

'post_edit_user' => (int) $data['post_edit_user'],

break;

}

// And the topic ladies and gentlemen

switch ($post_mode)

{

'topic_time' => $current_time,

'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'],

'icon_id' => $data['icon_id'],

'topic_title' => $subject,

'topic_first_poster_name' => ($user->data['user_id'] == ANONYMOUS && $username) ? stripslashes($username) : $user->data['username'],

'topic_type' => $topic_type,

{

$sql_data[TOPICS_TABLE]['sql'] = array_merge($sql_data[TOPICS_TABLE]['sql'], array(

'poll_title' => $poll['poll_title'],

'poll_length' => $poll['poll_length'] * 86400)

);

}

$sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = $current_time" . (($auth->acl_get('f_postcount', $data['forum_id'])) ? ', user_posts = user_posts + 1' : '');

if (!$auth->acl_get('f_moderate', $data['forum_id']))

{

}

$sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . ((!$auth->acl_get('f_moderate', $data['forum_id'])) ? ', forum_topics = forum_topics + 1' : '');

break;

case 'reply':

$sql_data[TOPICS_TABLE]['stat'][] = 'topic_replies_real = topic_replies_real + 1, topic_bumped = 0, topic_bumper = 0' . ((!$auth->acl_get('f_moderate', $data['forum_id'])) ? ', topic_replies = topic_replies + 1' : '');

$sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = $current_time" . (($auth->acl_get('f_postcount', $data['forum_id'])) ? ', user_posts = user_posts + 1' : '');

$sql_data[TOPICS_TABLE]['sql'] = array(

'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'],

'icon_id' => $data['icon_id'],

'topic_title' => $subject,

'topic_first_poster_name' => stripslashes($username),

'topic_type' => $topic_type,

'topic_time_limit' => ($topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE) ? ($data['topic_time_limit'] * 86400) : 0,

'poll_title' => ($poll['poll_options']) ? $poll['poll_title'] : '',

'poll_length' => ($poll['poll_options']) ? $poll['poll_length'] * 86400 : 0,

'topic_attachment' => ($post_mode == 'edit_topic') ? ((sizeof($filename_data['physical_filename'])) ? 1 : 0) : $data['topic_attachment']

);

break;

}

$db->sql_transaction();

// Submit new topic

if ($post_mode == 'post')

{

$db->sql_build_array('INSERT', $sql_data[TOPICS_TABLE]['sql']);

$db->sql_query($sql);

$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts - ' . ($row['topic_replies_real'] + 1);

$sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real - 1' . (($row['topic_approved']) ? ', forum_topics = forum_topics - 1' : '');

// Update forum_ids for all posts

WHERE topic_id = ' . $data['topic_id'];

$db->sql_query($sql);

}

$sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . (($row['topic_approved']) ? ', forum_topics = forum_topics + 1' : '');

// Update forum_ids for all posts

WHERE topic_id = ' . $data['topic_id'];

$db->sql_query($sql);

}

// Update the topics table

if (isset($sql_data[TOPICS_TABLE]['sql']))

{

SET ' . $db->sql_build_array('UPDATE', $sql_data[TOPICS_TABLE]['sql']) . '

WHERE topic_id = ' . $data['topic_id']);

}

if (isset($poll['poll_options']) && !empty($poll['poll_options']))

{

$cur_poll_options = array();

if ($poll['poll_start'] && $mode == 'edit')

{

WHERE topic_id = ' . $data['topic_id'] . '

ORDER BY poll_option_id';

$result = $db->sql_query($sql);

}

else if ($poll['poll_options'][$i] != $cur_poll_options[$i])

{

SET poll_option_text = '" . $db->sql_escape($poll['poll_options'][$i]) . "'

WHERE poll_option_id = " . $cur_poll_options[$i]['poll_option_id'] . "

AND topic_id = " . $data['topic_id'];

}

}

}

if (sizeof($poll['poll_options']) < sizeof($cur_poll_options))

{

$sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . '

AND topic_id = ' . $data['topic_id'];

$db->sql_query($sql);

}

if ($attach_row['attach_id'])

{

// update entry in db if attachment already stored in db and filespace

WHERE attach_id = " . (int) $attach_row['attach_id'];

$db->sql_query($sql);

}

else

{

$attach_sql = array(

'post_msg_id' => $data['post_id'],

'topic_id' => $data['topic_id'],

'thumbnail' => $attach_row['thumbnail']

);

$db->sql_build_array('INSERT', $attach_sql);

$db->sql_query($sql);

$files_added++;

}

}

if (count($attach_data))

{

$sql = 'UPDATE ' . POSTS_TABLE . '

}

$db->sql_transaction('commit');

// Delete draft if post was loaded...

$draft_id = request_var('draft_loaded', 0);

if ($draft_id)

AND topic_id = ' . $data['topic_id'];

$db->sql_query($sql);

}

// Mark this topic as read and posted to.

$mark_mode = ($mode == 'post' || $mode == 'reply' || $mode == 'quote') ? 'post' : 'topic';

markread($mark_mode, $data['forum_id'], $data['topic_id'], $data['post_time']);