+// -------------------------------------------

+// Do some initial checks, set basic variables,

+// etc.

+

+$submit = ( isset($HTTP_POST_VARS['submit']) ) ? TRUE : 0;

+$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : 0;

+$preview = ( isset($HTTP_POST_VARS['preview']) ) ? TRUE : 0;

+$confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : 0;

+$delete = ( isset($HTTP_POST_VARS['delete']) ) ? TRUE : 0;

+$poll_delete = ( isset($HTTP_POST_VARS['poll_delete']) ) ? TRUE : 0;

+

+$poll_add_option = ( isset($HTTP_POST_VARS['add_poll_option']) ) ? TRUE : 0;

+$poll_edit_option = ( isset($HTTP_POST_VARS['edit_poll_option']) ) ? TRUE : 0;

+$poll_delete_option = ( isset($HTTP_POST_VARS['del_poll_option']) ) ? TRUE : 0;

+

+$refresh = $preview || $poll_add_option || $poll_edit_option || $poll_delete_option;

+// Mode, topic_id, post_id and forum_id settings

+if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )

+{

+ $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];

+}

+else

+{

+ $mode = "";

+}

+

+

+

+// Was cancel pressed? If so then redirect to the appropriate

+// page, no point in continuing with any further checks

+if( $cancel )

+ if($post_id != "")

+ {

+ header("Location: " . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=$post_id#$post_id"));

+ }

+ else if($topic_id != "")

+ {

+ header("Location: " . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id"));

+ }

+ else if($forum_id != "")

+ {

+ header("Location: " . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id"));

+ }

+ else

+ {

+ header("Location: " . append_sid("index.$phpEx"));

+ }

+//

+// Continue var definitions

+//

+//

+// Start session management

+//

+$userdata = session_pagestart($user_ip, PAGE_POSTING, $session_length);

+init_userprefs($userdata);

+//

+// End session management

+//

+//

+// Set topic type

+//

+if( isset($HTTP_POST_VARS['topictype']) )

+ if($HTTP_POST_VARS['topictype'] == "announce")

+ {

+ $topic_type = POST_ANNOUNCE;

+ }

+ else if($HTTP_POST_VARS['topictype'] == "sticky")

+ {

+ $topic_type = POST_STICKY;

+ }

+ else

+ {

+ $topic_type = POST_NORMAL;

+ }

+ $topic_type = POST_NORMAL;

+//

+// Notify on reply

+//

+if($mode == "reply" && $topic_id )

+ if( $submit || $refresh )

+ $notify_user = ( !empty($HTTP_POST_VARS['notify']) ) ? TRUE : 0;

+ $sql = "SELECT topic_id

+ $notify_user = ( $db->sql_numrows($result) ) ? TRUE : $userdata['user_notify'];

+ $notify_user = ( $submit || $preview ) ? ( ( !empty($HTTP_POST_VARS['notify']) ) ? TRUE : 0 ) : $userdata['user_notify'];

+//

+// Set toggles for various options

+//

+if( !$board_config['allow_html'] )

+{

+ $html_on = 0;

+}

+else

+{

+ $html_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_html']) ) ? 0 : TRUE ) : $userdata['user_allowhtml'];

+}

+if( !$board_config['allow_bbcode'] )

+ $bbcode_on = 0;

+ $bbcode_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_bbcode']) ) ? 0 : TRUE ) : $userdata['user_allowbbcode'];

+if( !$board_config['allow_smilies'] )

+{

+ $smilies_on = 0;

+}

+else

+{

+ $smilies_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_smilies']) ) ? 0 : TRUE ) : $userdata['user_allowsmile'];

+}

+

+$attach_sig = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['attach_sig']) ) ? TRUE : 0 ) : $userdata['user_attachsig'];

+

+ if( $mode == "reply" || $mode == "quote" || $mode == "vote" )

+ if( ( $mode == "reply" || $mode == "vote" ) && $topic_id )

+ $sql = "SELECT f.forum_id, f.forum_status, f.forum_name, t.topic_status

+ else if( $mode == "quote" && $post_id )

+ $sql = "SELECT f.forum_id, f.forum_status, f.forum_name, t.topic_id, t.topic_status

+ $message = ( $mode == "quote" ) ? $lang['No_post_id'] : $lang['No_topic_id'];

+ message_die(GENERAL_MESSAGE, $message);

+ else if( $mode == "editpost" )

+ if( $post_id )

+ $sql = "SELECT p2.post_id, t.topic_id, t.topic_status, t.topic_last_post_id, t.topic_vote, f.forum_id, f.forum_name, f.forum_status, f.forum_last_post_id

+ FROM " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2, " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f

+ WHERE p.post_id = $post_id

+ AND p2.topic_id = p.topic_id

+ AND t.topic_id = p.topic_id

+ ORDER BY p2.post_time ASC

+

+ if( $result = $db->sql_query($sql) )

+

+ $forum_name = $check_row['forum_name'];

+ $topic_id = $check_row['topic_id'];

+

+ $is_first_post_topic = ($check_row['post_id'] == $post_id) ? TRUE : 0;

+ $is_last_post_topic = ($check_row['topic_last_post_id'] == $post_id) ? TRUE : 0;

+

+ $post_has_poll = ($check_row['topic_vote']) ? TRUE : 0;

+

+ if( $is_first_post_topic && $post_has_poll )

+ {

+ $sql = "SELECT vd.vote_id, vr.vote_result

+ FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr

+ WHERE vd.topic_id = $topic_id

+ AND vr.vote_id = vd.vote_id";

+ if( !$result = $db->sql_query($sql) )

+ {

+ message_die(GENERAL_ERROR, "Couldn't obtain vote data for this topic", "", __LINE__, __FILE__, $sql);

+ }

+

+ if( $vote_rows = $db->sql_numrows($result) )

+ {

+ $rowset = $db->sql_fetchrowset($result);

+

+ $vote_id = $rowset[0]['vote_id'];

+

+ $vote_results_sum = 0;

+ for($i = 0; $i < $vote_rows; $i++ )

+ {

+ $vote_results_sum += $rowset[$i]['vote_result'];

+ }

+

+ $can_edit_poll = ( !$vote_results_sum ) ? TRUE : 0;

+ }

+ }

+ else

+ {

+ $can_edit_poll = 0;

+ }

+ if( $mode == "quote" )

+ $is_first_post_topic = 0;

+ $is_last_post_topic = 0;

+ $post_has_poll = 0;

+ $can_edit_poll = 0;

+ $sql = "SELECT forum_name, forum_status

+ FROM " . FORUMS_TABLE . "

+ if( $result = $db->sql_query($sql) )

+ $forum_status = $check_row['forum_status'];

+ $forum_name = $check_row['forum_name'];

+

+ $is_first_post_topic = TRUE;

+ $is_last_post_topic = 0;

+ $post_has_poll = 0;

+ $can_edit_poll = 0;

+

+if( $forum_status == FORUM_LOCKED )

+else if( $topic_status == TOPIC_LOCKED )

+$auth_type = AUTH_ALL;

+switch( $mode )

+ if( $topic_type == POST_ANNOUNCE )

+ else if( $topic_type == POST_STICKY )

+

+

+

+

+ case 'vote':

+ $is_auth_type = "auth_vote";

+ $auth_string = $lang['can_vote'];

+ break;

+

+ message_die(GENERAL_MESSAGE, $lang['No_post_mode']);

+//

+// Do required auth check

+//

+//

+// The user is not authed, if they're not logged in then redirect

+// them, else show them an error message

+//

+if( !$is_auth[$is_auth_type] )

+ if( !$userdata['session_logged_in'] )

+ switch( $mode )

+ case 'newtopic':

+ $redirect = "mode=newtopic&" . POST_FORUM_URL . "=$forum_id";

+ break;

+ case 'reply':

+ $redirect = "mode=reply&" . POST_TOPIC_URL . "=$topic_id";

+ break;

+ case 'quote':

+ $redirect = "mode=quote&" . POST_POST_URL ."=$post_id";

+ break;

+ case 'editpost':

+ $redirect = "mode=editpost&" . POST_POST_URL ."=$post_id&" . POST_TOPIC_URL . "=$topic_id";

+ break;

+ header("Location: " . append_sid("login.$phpEx?forward_page=posting.$phpEx&" . $redirect));

+ $message = $lang['Sorry_auth'] . $is_auth[$is_auth_type . "_type"] . $auth_string . $lang['this_forum'];

+ message_die(GENERAL_MESSAGE, $message);

+// End variable checks and definitions

+// -----------------------------------

+

+// -------------------------------------------------------

+// All initial checks complete, we can not start the major

+// posting related code

+if( $submit && $mode != "vote" )

+{

+ if( isset($HTTP_POST_VARS['username']) )

+ $post_username = trim(strip_tags($HTTP_POST_VARS['username']));

+ if( !validate_username(stripslashes($post_username)) )

+ $post_username = "";

+ $post_subject = trim(strip_tags($HTTP_POST_VARS['subject']));

+ if( $mode == 'newtopic' && empty($post_subject) )

+ if( !empty($error_msg) )

+ if( !empty($HTTP_POST_VARS['message']) )

+ if( !$error )

+ if( $bbcode_on )

+ $post_message = prepare_message($HTTP_POST_VARS['message'], $html_on, $bbcode_on, $smilies_on, $bbcode_uid);

+ $post_message .= (ereg(" $", $post_message)) ? "[addsig]" : " [addsig]";

+

+ //

+ // Handle poll stuff

+ //

+ $topic_vote = 0;

+

+ if( $mode == "newtopic" || $mode == "editpost" )

+ {

+ if( $is_auth['auth_pollcreate'] && $is_first_post_topic )

+ {

+ $poll_title = ( isset($HTTP_POST_VARS['poll_title']) ) ? trim(strip_tags($HTTP_POST_VARS['poll_title'])) : "";

+ $poll_length = ( isset($HTTP_POST_VARS['poll_length']) ) ? intval($HTTP_POST_VARS['poll_length']) : 0;

+ if( $poll_length < 0 )

+ {

+ $poll_length = 0;

+ }

+

+ $poll_options = 0;

+ $poll_option_list = array();

+ if( isset($HTTP_POST_VARS['poll_option_text']) )

+ {

+ while( list($option_id, $option_text) = each($HTTP_POST_VARS['poll_option_text']) )

+ {

+ $poll_option_list[$option_id] = trim(strip_tags($option_text));

+ $poll_options++;

+ }

+ }

+

+ if( $poll_title == "" && $poll_options )

+ {

+ $error = TRUE;

+ if(!empty($error_msg))

+ {

+ $error_msg .= "<br />";

+ }

+ $error_msg .= $lang['Empty_poll_title'];

+ }

+

+ if( $poll_title != "" )

+ {

+ if( $poll_options < 2 )

+ {

+ $error = TRUE;

+ if(!empty($error_msg))

+ {

+ $error_msg .= "<br />";

+ }

+ $error_msg .= $lang['To_few_poll_options'];

+ }

+ else if( $poll_options > $board_config['max_poll_options'] )

+ {

+ $error = TRUE;

+ if(!empty($error_msg))

+ {

+ $error_msg .= "<br />";

+ }

+ $error_msg .= $lang['To_many_poll_options'];

+ }

+ }

+

+ if( $poll_title != "" && $poll_options >= 2 && $poll_options <= $board_config['max_poll_options'] )

+ {

+ $topic_vote = 1;

+ $sql_topic_vote_edit = ", topic_vote = 1";

+ }

+ }

+ }

+// Submit or confirm ... big chunk of code ... can probably be

+// still further reduced, will look at it later, possibly for

+// 2.2

+if( ( $submit || $confirm ) && !$error )

+ $current_time = time();

+ //

+ // Which mode was selected?

+ //

+ if( $mode == "newtopic" || $mode == "reply" )

+ //

+ // Flood control

+ //

+ $sql = "SELECT MAX(post_time) AS last_post_time

+ FROM " . POSTS_TABLE . "

+ WHERE poster_ip = '$user_ip'";

+ if($result = $db->sql_query($sql))

+ $db_row = $db->sql_fetchrow($result);

+

+ $last_post_time = $db_row['last_post_time'];

+

+ if( ($current_time - $last_post_time) < $board_config['flood_interval'] )

+ {

+ message_die(GENERAL_MESSAGE, $lang['Flood_Error']);

+ }

+ //

+ // End Flood control

+ //

+

+ if( $mode == "newtopic" )

+ $sql = "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote)

+ VALUES ('$subject', " . $userdata['user_id'] . ", $current_time, $forum_id, " . TOPIC_UNLOCKED . ", $topic_type, $topic_vote)";

+ if( $result = $db->sql_query($sql, BEGIN_TRANSACTION) )

+ //

+ // Handle poll ...

+ //

+ if( $is_auth['auth_pollcreate'] && $topic_vote )

+ $sql = "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length)

+ VALUES ($new_topic_id, '$poll_title', $current_time, " . ( $poll_length * 86400 ) . ")";

+ if( $result = $db->sql_query($sql) )

+ {

+ $new_vote_id = $db->sql_nextid();

+

+ $poll_option_id = 1;

+ while( list($option_id, $option_text) = each($poll_option_list) )

+ {

+ $sql = "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result)

+ VALUES ($new_vote_id, $poll_option_id, '$option_text', 0)";

+ if( !$result = $db->sql_query($sql) )

+ {

+ // Rollback ...

+ if(SQL_LAYER == "mysql")

+ {

+ $sql_del_t = "DELETE FROM " . TOPICS_TABLE . "

+ WHERE topic_id = $topic_id";

+ $db->sql_query($sql_del_t);

+ $sql_del_v = "DELETE FROM " . VOTE_DESC_TABLE . "

+ WHERE vote_id = $new_vote_id";

+ $db->sql_query($sql_del_v);

+ }

+ message_die(GENERAL_ERROR, "Couldn't insert new poll options", "", __LINE__, __FILE__, $sql);

+ }

+ $poll_option_id++;

+ }

+ }

+ else

+ {

+ if(SQL_LAYER == "mysql")

+ {

+ // Rollback ...

+ $sql_del_t = "DELETE FROM " . TOPICS_TABLE . "

+ WHERE topic_id = $topic_id";

+ $db->sql_query($sql_del_t);

+ }

+ message_die(GENERAL_ERROR, "Couldn't insert new poll information", "", __LINE__, __FILE__, $sql);

+ }

+ }

+ else

+ {

+ $new_topic_id = $topic_id;

+ }

+ $sql = "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, bbcode_uid, enable_bbcode, enable_html, enable_smilies)

+ VALUES ($new_topic_id, $forum_id, " . $userdata['user_id'] . ", '$post_username', $current_time, '$user_ip', '$bbcode_uid', $bbcode_on, $html_on, $smilies_on)";

+ $result = ($mode == "reply") ? $db->sql_query($sql, BEGIN_TRANSACTION) : $db->sql_query($sql);

+

+ if($result)

+ {

+ $new_post_id = $db->sql_nextid();

+ $sql = "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, post_text)

+ VALUES ($new_post_id, '$post_subject', '$post_message')";

+

+ if($db->sql_query($sql))

+ {

+ $sql = "UPDATE " . TOPICS_TABLE . "

+ SET topic_last_post_id = $new_post_id";

+ if($mode == "reply")

+ {

+ $sql .= ", topic_replies = topic_replies + 1 ";

+ }

+ $sql .= " WHERE topic_id = $new_topic_id";

+ $sql = "UPDATE " . FORUMS_TABLE . "

+ SET forum_last_post_id = $new_post_id, forum_posts = forum_posts + 1";

+ if($mode == "newtopic")

+ $sql .= ", forum_topics = forum_topics + 1";

+ $sql .= " WHERE forum_id = $forum_id";

+ $sql = "UPDATE " . USERS_TABLE . "

+ SET user_posts = user_posts + 1

+ WHERE user_id = " . $userdata['user_id'];

+ if($db->sql_query($sql, END_TRANSACTION))

+ //

+ // Email users who are watching this topic

+ //

+ if($mode == "reply")

+ $sql = "SELECT u.user_id, u.username, u.user_email, t.topic_title

+ FROM " . TOPICS_WATCH_TABLE . " tw, " . TOPICS_TABLE . " t, " . USERS_TABLE . " u

+ WHERE tw.topic_id = $new_topic_id

+ AND tw.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . " )

+ AND tw.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . "

+ AND t.topic_id = tw.topic_id

+ AND u.user_id = tw.user_id";

+ if( $result = $db->sql_query($sql) )

+ $email_set = $db->sql_fetchrowset($result);

+ $update_watched_sql = "";

+ for($i = 0; $i < count($email_set); $i++)

+ {

+ if( $email_set[$i]['user_email'] != "")

+ $email_headers = "From: " . $board_config['board_email_from'] . "\nReturn-Path: " . $board_config['board_email_from'] . "\r\n";

+ $emailer->use_template("topic_notify");

+ $emailer->email_address($email_set[$i]['user_email']);

+ $emailer->set_subject($lang['Topic_reply_notification']);

+ $emailer->extra_headers($email_headers);

+ $path = (dirname($HTTP_SERVER_VARS['REQUEST_URI']) == "/") ? "" : dirname($HTTP_SERVER_VARS['REQUEST_URI']);

+ $emailer->assign_vars(array(

+ "USERNAME" => $email_set[$i]['username'],

+ "SITENAME" => $board_config['sitename'],

+ "TOPIC_TITLE" => $email_set[$i]['topic_title'],

+ "TOPIC_URL" => "http://" . $HTTP_SERVER_VARS['SERVER_NAME'] . $path . "/viewtopic.$phpEx?" . POST_POST_URL . "=$new_post_id#$new_post_id",

+ "UN_WATCH_URL" => "http://" . $HTTP_SERVER_VARS['SERVER_NAME'] . $path . "/viewtopic.$phpEx?" . POST_TOPIC_URL . "=$new_topic_id&unwatch=topic",

+ "EMAIL_SIG" => $board_config['board_email'])

+ );

+ $emailer->send();

+ $emailer->reset();

+ if($update_watched_sql != "")

+ {

+ $update_watched_sql .= ", ";

+ $update_watched_sql .= $email_set[$i]['user_id'];

+ }

+ if($update_watched_sql != "")

+ {

+ $sql = "UPDATE " . TOPICS_WATCH_TABLE . "

+ SET notify_status = " . TOPIC_WATCH_NOTIFIED . "

+ WHERE topic_id = $new_topic_id

+ AND user_id IN ($update_watched_sql)";

+ $db->sql_query($sql);

+ }

+ //

+ // Handle notification request ...

+ //

+ if( isset($notify) )

+ {

+ if($mode == "reply")

+ $sql = "SELECT *

+ FROM " . TOPICS_WATCH_TABLE . "

+ WHERE topic_id = $new_topic_id

+ AND user_id = " . $userdata['user_id'];

+ if( !$result = $db->sql_query($sql) )

+ message_die(GENERAL_ERROR, "Couldn't obtain topic watch information", "", __LINE__, __FILE__, $sql);

+ }

+ if( $db->sql_numrows($result) )

+ {

+ if( !$notify )

+ $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "

+ WHERE topic_id = $new_topic_id

+ AND user_id = " . $userdata['user_id'];

+ message_die(GENERAL_ERROR, "Couldn't delete topic watch information", "", __LINE__, __FILE__, $sql);

+ else if( $notify )

+ $sql = "INSERT INTO " . TOPICS_WATCH_TABLE . " (user_id, topic_id, notify_status)

+ VALUES (" . $userdata['user_id'] . ", $new_topic_id, 0)";

+ if( !$result = $db->sql_query($sql) )

+ {

+ message_die(GENERAL_ERROR, "Couldn't insert topic watch information", "", __LINE__, __FILE__, $sql);

+ }

+

+ //

+ // If we get here the post has been inserted successfully.

+ //

+ $template->assign_vars(array(

+ "META" => '<meta http-equiv="refresh" content="3;url=viewtopic.' . $phpEx . '?' . POST_POST_URL . '=' . $new_post_id .'#' . $new_post_id . '">')

+ );

+

+ $msg_die = $lang['Stored'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=$new_post_id") . "#$new_post_id\">" . $lang['Here'] . "</a> " . $lang['to_view_message'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . "\">" . $lang['Here'] . "</a> ". $lang['to_return_forum'];

+

+ message_die(GENERAL_MESSAGE, $msg_die);

+ message_die(GENERAL_ERROR, "Error updating users table", "", __LINE__, __FILE__, $sql);

+ message_die(GENERAL_ERROR, "Error updating forums table", "", __LINE__, __FILE__, $sql);

+ message_die(GENERAL_ERROR, "Error updating topics table", "", __LINE__, __FILE__, $sql);

+ // Rollback

+ if(SQL_LAYER == "mysql")

+ {

+ $sql = "DELETE FROM " . POSTS_TABLE . "

+ WHERE post_id = $new_post_id";

+ $db->sql_query($sql);

+ }

+ message_die(GENERAL_ERROR, "Error inserting data into posts text table", "", __LINE__, __FILE__, $sql);

+ message_die(GENERAL_ERROR, "Error inserting data into posts table", "", __LINE__, __FILE__, $sql);

+ //

+ // End of mode = newtopic || reply

+ //

+ }

+ else if( $mode == "editpost" )

+ $row = $db->sql_fetchrow($result);

+ if( $userdata['user_id'] != $row['poster_id'] && !$is_auth['auth_mod'])

+ $message = ( $delete ) ? $lang['Sorry_delete_own_posts'] : $lang['Sorry_edit_own_posts'];

+ message_die(GENERAL_MESSAGE, $message);

+ else

+ {

+ message_die(GENERAL_ERROR, "Couldn't obtain post information", "", __LINE__, __FILE__, $sql);

+ }

+ //

+ // The user has chosen to delete a post or a poll

+ //

+ if( ( $delete || $poll_delete ) && ( ( $is_auth['auth_delete'] && $is_last_post_topic ) || $is_auth['auth_mod'] ) )

+ // Output a confirmation message if the user

+ // chose to delete this post

+ if( ( $delete || $poll_delete ) && !$confirm )

+ $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_TOPIC_URL . '" value="'. $topic_id . '" /><input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';

+

+ $s_hidden_fields .= ( $delete ) ? '<input type="hidden" name="delete" value="true" />' : '<input type="hidden" name="poll_delete" value="true" />';

+ $l_confirm = ( ( $delete ) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll'] );

+ "MESSAGE_TEXT" => $l_confirm,

+ else if( $confirm && ( $delete || $poll_delete ) )

+ //

+ // Delete poll

+ //

+ if( $is_first_post_topic && $post_has_poll && ( $can_edit_poll || $is_auth['auth_mod'] ) )

+ $sql = "DELETE FROM " . VOTE_USERS_TABLE . "

+ WHERE vote_id = " . $rowset[0]['vote_id'];

+ if($db->sql_query($sql, BEGIN_TRANSACTION))

+ $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . "

+ WHERE vote_id = " . $rowset[0]['vote_id'];

+ $sql = "DELETE FROM " . VOTE_DESC_TABLE . "

+ WHERE vote_id = " . $rowset[0]['vote_id'];

+ if($db->sql_query($sql, END_TRANSACTION))

+ {

+ //

+ // If we're just deleting the poll then show results

+ // and jump back to topic

+ //

+ if( $poll_delete )

+ {

+ $sql = "UPDATE " . TOPICS_TABLE . "

+ SET topic_vote = 0

+ WHERE topic_id = $topic_id";

+ if($db->sql_query($sql))

+ {

+ $template->assign_vars(array(

+ "META" => '<meta http-equiv="refresh" content="3;url=viewtopic.' . $phpEx . '?' . POST_TOPIC_URL . '=' . $topic_id . '">')

+ );

+ $msg_die = $lang['Poll_delete'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . "\">" . $lang['Here'] . "</a> ". $lang['to_return_topic'];

+ message_die(GENERAL_MESSAGE, $msg_die);

+ }

+ else

+ {

+ message_die(GENERAL_ERROR, "Couldn't update topics vote information", "", __LINE__, __FILE__, $sql);

+ }

+ }

+ }

+ else

+ {

+ message_die(GENERAL_ERROR, "Couldn't delete from vote descriptions table", "", __LINE__, __FILE__, $sql);

+ }

+ message_die(GENERAL_ERROR, "Couldn't delete from vote results table", "", __LINE__, __FILE__, $sql);

+ else

+ message_die(GENERAL_ERROR, "Couldn't delete from vote users table", "", __LINE__, __FILE__, $sql);

+ }

+ }

+

+ if( $delete )

+ {

+

+ $sql = "DELETE FROM " . POSTS_TEXT_TABLE . "

+ WHERE post_id = $post_id";

+

+ if($db->sql_query($sql, BEGIN_TRANSACTION))

+ {

+ $sql = "DELETE FROM " . POSTS_TABLE . "

+ WHERE post_id = $post_id";

+ if( $is_last_post_topic && $is_first_post_topic )

+ //

+ // Delete the topic completely, updating the forum_last_post_id

+ // if necessary

+ //

+ if( $db->sql_query($sql) )

+ {

+ $sql = "DELETE FROM " . TOPICS_TABLE . "

+ WHERE topic_id = $topic_id";

+ $sql_forum_upd = "forum_posts = forum_posts - 1, forum_topics = forum_topics - 1";

+ $if_die_msg = "Error deleting from topics table";

+ }

+ else

+ message_die(GENERAL_ERROR, "Error deleting from post table", "", __LINE__, __FILE__, $sql);

+ else if( $is_last_post_topic )

+ //

+ // Delete the post and update the _last_post_id's of both

+ // the topic and forum if necessary

+ //

+ if($db->sql_query($sql))

+ {

+ $sql = "SELECT MAX(post_id) AS new_last_post_id

+ FROM " . POSTS_TABLE . "

+ WHERE topic_id = $topic_id";

+ if($result = $db->sql_query($sql))

+ {

+ $row = $db->sql_fetchrow($result);

+ $sql = "UPDATE " . TOPICS_TABLE . "

+ SET topic_replies = topic_replies - 1, topic_last_post_id = " . $row['new_last_post_id'] . "

+ WHERE topic_id = $topic_id";

+ $sql_forum_upd = "forum_posts = forum_posts - 1";

+

+ $if_die_msg = "Error updating topics table";

+ }

+ else

+ {

+ message_die(GENERAL_ERROR, "Error obtaining new last topic id", "", __LINE__, __FILE__, $sql);

+ }

+ }

+ else

+ {

+ message_die(GENERAL_ERROR, "Error deleting from post table", "", __LINE__, __FILE__, $sql);

+ }

+ else if( $is_auth['auth_mod'] )

+ //

+ // It's not last and it's not both first and last so it's somewhere in

+ // the middle(!) Only moderators can delete these posts, all we need do

+ // is update the forums table data as necessary

+ //

+ $sql = "UPDATE " . TOPICS_TABLE . "

+ SET topic_replies = topic_replies - 1

+ WHERE topic_id = $topic_id";

+ $sql_forum_upd = "forum_posts = forum_posts - 1";

+ $if_die_msg = "Couldn't delete from posts table";

+ }

+ // Updating the forum is common to all three possibilities,

+ // _remember_ we're still in a transaction here!

+ if( $db->sql_query($sql) )

+ {

+ if( $is_last_post_forum )

+ {

+ $sql = "SELECT MAX(post_id) AS new_post_id

+ FROM " . POSTS_TABLE . "

+ WHERE forum_id = $forum_id";

+

+ if($result = $db->sql_query($sql))

+ {

+ $row = $db->sql_fetchrow($result);

+ }

+ else

+ {

+ message_die(GENERAL_ERROR, "Couldn't obtain new last post id for the forum", "", __LINE__, __FILE__, $sql);

+ }

+

+ $new_last_sql = ", forum_last_post_id = " . $row['new_post_id'];

+ }

+ else

+ {

+ $new_last_sql = "";

+ }

+

+ $sql = "UPDATE " . FORUMS_TABLE . "

+ SET " . $sql_forum_upd . $new_last_sql . "

+ WHERE forum_id = $forum_id";

+

+ if($db->sql_query($sql, END_TRANSACTION))

+ {

+ //

+ // If we get here the post has been deleted successfully.

+ //

+ $msg_die = $lang['Deleted'];

+

+ if( !$is_first_post_topic && !$is_last_post_topic )

+ {

+ $template->assign_vars(array(

+ "META" => '<meta http-equiv="refresh" content="3;url=viewtopic.' . $phpEx . '?' . POST_TOPIC_URL . '=' . $topic_id . '">')

+ );

+

+ $msg_die .= "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . "\">" . $lang['Here'] . "</a> " . $lang['to_return_topic'];

+ }

+ else

+ {

+ $template->assign_vars(array(

+ "META" => '<meta http-equiv="refresh" content="3;url=viewforum.' . $phpEx . '?' . POST_FORUM_URL . '=' . $forum_id . '">')

+ );

+ }

+ $msg_die .= "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . "\">" . $lang['Here'] . "</a> ". $lang['to_return_forum'];

+ message_die(GENERAL_MESSAGE, $msg_die);

+ }

+ else

+ {

+ message_die(GENERAL_ERROR, "Error updating forums table", "", __LINE__, __FILE__, $sql);

+ }

+ }

+ else

+ message_die(GENERAL_ERROR, $if_die_msg, "", __LINE__, __FILE__, $sql);

+ message_die(GENERAL_ERROR, "Error deleting from posts table", "", __LINE__, __FILE__, $sql);

+ message_die(GENERAL_ERROR, "Error deleting from posts text table", "", __LINE__, __FILE__, $sql);

+ header("Location: " . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id"));

+ if( !$is_last_post_topic && ( !$is_auth['auth_mod'] || $row['poster_id'] == $userdata['user_id'] ) )

+ $edited_sql = ", post_edit_time = $current_time, post_edit_count = post_edit_count + 1 ";

+ SET post_text = '$post_message', post_subject = '$post_subject'

+ if( $is_first_post_topic )

+ if( $db->sql_query($sql) )

+ // Update topics table here

+ SET topic_title = '$post_subject', topic_type = $topic_type" . $sql_topic_vote_edit . "

+ // Update of voting required?

+ //

+ if( $is_auth['auth_pollcreate'] && $topic_vote )

+ {

+ if( $post_has_poll && ( $can_edit_poll || $is_auth['auth_mod'] ) )

+ {

+ $sql = "SELECT vote_option_id, vote_result

+ FROM " . VOTE_RESULTS_TABLE . "

+ WHERE vote_id = $vote_id

+ ORDER BY vote_option_id ASC";

+ if( !$result = $db->sql_query($sql) )

+ {

+ message_die(GENERAL_ERROR, "Couldn't obtain vote data results for this topic", "", __LINE__, __FILE__, $sql);

+ }

+

+ if( $db->sql_numrows($result) )

+ {

+ $old_poll_result = array();

+ while( $row = $db->sql_fetchrow($result) )

+ {

+ $old_poll_result[$row['vote_option_id']] = $row['vote_result'];

+ }

+

+ //

+ // Previous entry with no results (or a moderator), update

+ //

+ $sql = "UPDATE " . VOTE_DESC_TABLE . "

+ SET vote_text = '$poll_title', vote_length = " . ( $poll_length * 86400 ) . "

+ WHERE topic_id = $topic_id";

+ if( $result = $db->sql_query($sql, BEGIN_TRANSACTION) )

+ {

+ $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . "

+ WHERE vote_id = $vote_id";

+ if( $result = $db->sql_query($sql) )

+ {

+ $poll_option_id = 1;

+ while( list($option_id, $option_text) = each($poll_option_list) )

+ {

+ $vote_result = ( $old_poll_result[$option_id] ) ? $old_poll_result[$option_id] : 0;

+

+ $sql = "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result)

+ VALUES ($vote_id, $poll_option_id, '$option_text', $vote_result)";

+ if( !$result = $db->sql_query($sql, END_TRANSACTION) )

+ {

+ message_die(GENERAL_ERROR, "Couldn't insert new poll options", "", __LINE__, __FILE__, $sql);

+ }

+ $poll_option_id++;

+ }

+ }

+ else

+ {

+ message_die(GENERAL_ERROR, "Couldn't delete existing options", "", __LINE__, __FILE__, $sql);

+ }

+ }

+ }

+ else

+ {

+ message_die(GENERAL_ERROR, "Failed to obtain row set for this poll", "", __LINE__, __FILE__, $sql);

+ }

+ }

+ else

+ {

+ //

+ // No previous entry, create new

+ //

+ $sql = "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length)

+ VALUES ($topic_id, '$poll_title', $current_time, " . ( $poll_length * 86400 ) . ")";

+ if( $result = $db->sql_query($sql, BEGIN_TRANSACTION) )

+ {

+ $new_vote_id = $db->sql_nextid();

+

+ $poll_option_id = 1;

+ while( list($option_id, $option_text) = each($poll_option_list) )

+ {

+ $sql = "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result)

+ VALUES ($new_vote_id, $poll_option_id, '$option_text', 0)";

+ if( !$result = $db->sql_query($sql, END_TRANSACTION) )

+ {

+ // Rollback ...

+ if(SQL_LAYER == "mysql")

+ {

+ $sql_del_v = "DELETE FROM " . VOTE_DESC_TABLE . "

+ WHERE vote_id = $new_vote_id";

+ $db->sql_query($sql_del_v);

+ }

+ message_die(GENERAL_ERROR, "Couldn't insert new poll options", "", __LINE__, __FILE__, $sql);

+ }

+ $poll_option_id++;

+ }

+ }

+ }

+ }

+

+ //

+ $template->assign_vars(array(

+ "META" => '<meta http-equiv="refresh" content="3;url=viewtopic.' . $phpEx . '?' . POST_POST_URL . '=' . $post_id . '#' . $post_id . '">')

+ );

+ $msg_die = $lang['Stored'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=$post_id") . "#$post_id\">" . $lang['Here'] . "</a> " . $lang['to_view_message'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . "\">" . $lang['Here'] . "</a> ". $lang['to_return_forum'];

+

+ message_die(GENERAL_MESSAGE, $msg_die);

+

+ if( $db->sql_query($sql, END_TRANSACTION) )

+ $template->assign_vars(array(

+ "META" => '<meta http-equiv="refresh" content="3;url=viewtopic.' . $phpEx . '?' . POST_POST_URL . '=' . $post_id . '#' . $post_id . '">')

+ );

+

+ $msg_die = $lang['Stored'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=$post_id") . "#$post_id\">" . $lang['Here'] . "</a> " . $lang['to_view_message'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . "\">" . $lang['Here'] . "</a> ". $lang['to_return_forum'];

+ message_die(GENERAL_MESSAGE, $msg_die);

+ // End of mode = editpost

+ else if( $mode == "vote" )

+

+ if( !empty($HTTP_POST_VARS['vote_id']) )

+ $vote_option_id = $HTTP_POST_VARS['vote_id'];

+

+ $sql = "SELECT vd.vote_id, MAX(vr.vote_option_id) AS max_vote_option

+ FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr

+ WHERE vd.topic_id = $topic_id

+ AND vr.vote_id = vd.vote_id

+ GROUP BY vd.vote_id";

+ if( !$result = $db->sql_query($sql) )

+ {

+ message_die(GENERAL_ERROR, "Couldn't obtain vote data for this topic", "", __LINE__, __FILE__, $sql);

+ }

+ if( $vote_options = $db->sql_numrows($result) )

+ $vote_info = $db->sql_fetchrow($result);

+ if( $vote_info['max_vote_option'] < $vote_option_id )

+ $template->assign_vars(array(

+ "META" => '<meta http-equiv="refresh" content="3;url=viewtopic.' . $phpEx . '?' . POST_TOPIC_URL . '=' . $topic_id . '">')

+ );

+ $message = $lang['No_vote_option'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . "\">" . $lang['Here'] . "</a> " . $lang['to_return_topic'];

+ message_die(GENERAL_MESSAGE, $message);

+ }

+ $vote_id = $vote_info['vote_id'];

+ $sql = "SELECT *

+ FROM " . VOTE_USERS_TABLE . "

+ WHERE vote_id = $vote_id

+ AND vote_user_id = " . $userdata['user_id'];

+ if( !$result = $db->sql_query($sql) )

+ {

+ message_die(GENERAL_ERROR, "Couldn't obtain user vote data for this topic", "", __LINE__, __FILE__, $sql);

+ }

+ $user_voted = ( $db->sql_numrows($result) ) ? TRUE : 0;

+ if( !$user_voted )

+ {

+ $sql = "UPDATE " . VOTE_RESULTS_TABLE . "

+ SET vote_result = vote_result + 1

+ WHERE vote_id = $vote_id

+ AND vote_option_id = $vote_option_id";

+ if( $db->sql_query($sql, BEGIN_TRANSACTION) )

+ {

+ $sql = "INSERT INTO " . VOTE_USERS_TABLE . " (vote_id, vote_user_id, vote_user_ip)

+ VALUES ($vote_id, " . $userdata['user_id'] . ", '$user_ip')";

+ if( $db->sql_query($sql, END_TRANSACTION) )

+ {

+ $template->assign_vars(array(

+ "META" => '<meta http-equiv="refresh" content="3;url=viewtopic.' . $phpEx . '?' . POST_TOPIC_URL . '=' . $topic_id . '">')

+ );

+ $message = $lang['Vote_cast'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . "\">" . $lang['Here'] . "</a> " . $lang['to_return_topic'];

+ message_die(GENERAL_MESSAGE, $message);

+ }

+ else

+ if(SQL_LAYER == "mysql")

+ {

+ $sql_rewind = "UPDATE " . VOTE_RESULTS_TABLE . "

+ SET vote_option_result = vote_option_result - 1

+ WHERE vote_id = $vote_id

+ AND vote_option_id = $vote_option_id";

+ $db->sql_query($sql_rewind);

+ }

+ message_die(GENERAL_ERROR, "Error updating vote users table", "", __LINE__, __FILE__, $sql);

+ else

+ {

+ message_die(GENERAL_ERROR, "Error updating vote results table", "", __LINE__, __FILE__, $sql);

+ }

+ }

+ else

+ {

+ $template->assign_vars(array(

+ "META" => '<meta http-equiv="refresh" content="3;url=viewtopic.' . $phpEx . '?' . POST_TOPIC_URL . '=' . $topic_id . '">')

+ );

+

+ $message = $lang['Already_voted'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . "\">" . $lang['Here'] . "</a> " . $lang['to_return_topic'];

+

+ message_die(GENERAL_MESSAGE, $message);

+ }

+ $message = $lang['No_vote_option'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . "\">" . $lang['Here'] . "</a> " . $lang['to_return_topic'];

+

+ message_die(GENERAL_MESSAGE, $message);

+ }

+ //

+ // End of mode = vote

+ //

+else if( $preview || $refresh || $error )

+

+ // If we're previewing or refreshing then obtain the data

+ // passed to the script, process it a little, do some checks

+ // where neccessary, etc.

+ $post_username = ( isset($HTTP_POST_VARS['username']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['username']))) : "";

+ $post_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))) : "";

+ $post_message = ( isset($HTTP_POST_VARS['message']) ) ? trim(stripslashes($HTTP_POST_VARS['message'])) : "";

+ $post_message = preg_replace('#<textarea>#si', '&lt;textarea&gt;', $post_message);

+ $poll_title = ( isset($HTTP_POST_VARS['poll_title']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['poll_title']))) : "";

+ $poll_length = ( isset($HTTP_POST_VARS['poll_length']) ) ? intval($HTTP_POST_VARS['poll_length']) : 0;

+ $poll_options = 0;

+ $poll_option_list = array();

+ if( isset($HTTP_POST_VARS['del_poll_option']) )

+ {

+ if( isset($HTTP_POST_VARS['poll_option_text']) )

+ {

+ while( list($option_id, $option_text) = each($HTTP_POST_VARS['poll_option_text']) )

+ {

+ if( !isset($HTTP_POST_VARS['del_poll_option'][$option_id]) )

+ {

+ $poll_option_list[$option_id] = trim(strip_tags(stripslashes($option_text)));

+ $poll_options++;

+ }

+ }

+ }

+ }

+ else

+ {

+ if( isset($HTTP_POST_VARS['poll_option_text']) )

+ {

+ @reset($HTTP_POST_VARS['poll_option_text']);

+ while( list($option_id, $option_text) = each($HTTP_POST_VARS['poll_option_text']) )

+ {

+ $poll_option_list[$option_id] = trim(strip_tags(stripslashes($option_text)));

+ $poll_options++;

+ }

+ }

+ if( isset($HTTP_POST_VARS['add_poll_option']) )

+ {

+ if( $poll_options < $board_config['max_poll_options'] )

+ {

+ $new_poll_option = trim(strip_tags(stripslashes($HTTP_POST_VARS['add_poll_option_text'])));

+ if($new_poll_option != "")

+ {

+ $poll_option_list[] = $new_poll_option;

+ }

+ }

+ else

+ {

+ $error = TRUE;

+ if(!empty($error_msg))

+ {

+ $error_msg .= "<br />";

+ }

+ $error_msg .= $lang['To_many_poll_options'];

+ }

+ }

+ }

+ //

+ // Do mode specific things

+ //

+ if( $mode == "newtopic" )

+ $page_title = $lang['Post_a_new_topic'];

+ $display_poll = ( $is_auth['auth_pollcreate'] ) ? TRUE : 0;

+

+ $user_sig = ( $userdata['user_sig'] != "" ) ? $userdata['user_sig'] : "";

+

+ else if( $mode == "reply" )

+ {

+ $page_title = $lang['Post_a_reply'];

+ $display_poll = 0;

+

+ $user_sig = ( $userdata['user_sig'] != "" ) ? $userdata['user_sig'] : "";

+

+ }

+ else if( $mode == "editpost" )

+ {

+ $page_title = $lang['Edit_Post'];

+

+ $sql = "SELECT u.user_id, u.user_sig

+ FROM " . POSTS_TABLE . " p, " . USERS_TABLE . " u

+ WHERE p.post_id = $post_id

+ AND u.user_id = p.poster_id";

+ if($result = $db->sql_query($sql))

+ {

+ $postrow = $db->sql_fetchrow($result);

+

+ if($userdata['user_id'] != $postrow['user_id'] && !$is_auth['auth_mod'])

+ {

+ message_die(GENERAL_MESSAGE, $lang['Sorry_edit_own_posts']);

+ }

+

+ $user_sig = ( $postrow['user_sig'] != "" ) ? $postrow['user_sig'] : "";

+ }

+ else

+ {

+ message_die(GENERAL_ERROR, "Couldn't obtain post and post text", "", __LINE__, __FILE__, $sql);

+ }

+

+ if( $is_auth['auth_pollcreate'] && $is_first_post_topic )

+ {

+ $display_poll = ( !$post_has_poll || ( $post_has_poll && ( $is_auth['auth_mod'] || $can_edit_poll ) ) ) ? TRUE : 0;

+ }

+ else

+ {

+ $display_poll = 0;

+ }

+ }

+}

+else

+{

+ // This is the entry point for posting, some basic variables

+ // are set, for editpost/quote the original message is obtained

+ // and for editpost a check is done to ensure the user isn't

+ // trying to edit someone elses post ( additional checks on polling

+ // capability are also carried out )

+

+ if( $mode == "newtopic" )

+

+ $page_title = $lang['Post_a_new_topic'];

+

+ $display_poll = ( $is_auth['auth_pollcreate'] ) ? TRUE : 0;

+ $poll_title = "";

+ $poll_length = 0;

+

+ $user_sig = ( $userdata['user_sig'] != "" ) ? $userdata['user_sig'] : "";

+

+ $post_username = ($userdata['session_logged_in']) ? $userdata['username'] : "";

+ $post_subject = "";

+ $post_message = "";

+

+ else if( $mode == "reply" )

+ $page_title = $lang['Post_a_reply'];

+

+ $display_poll = 0;

+ $poll_title = "";

+ $poll_length = 0;

+

+ $user_sig = ( $userdata['user_sig'] != "" ) ? $userdata['user_sig'] : "";

+

+ $post_username = ($userdata['session_logged_in']) ? $userdata['username'] : "";

+ $post_subject = "";

+ $post_message = "";

+

+ }

+ else if( $mode == "editpost" || $mode == "quote" && ( !$preview && !$refresh ) )

+ {

+ $sql = "SELECT p.*, pt.post_text, pt.post_subject, u.username, u.user_id, u.user_sig, t.topic_title, t.topic_type, t.topic_vote

+ FROM " . POSTS_TABLE . " p, " . USERS_TABLE . " u, " . TOPICS_TABLE . " t, " . POSTS_TEXT_TABLE . " pt

+ WHERE p.post_id = $post_id

+ AND pt.post_id = p.post_id

+ AND p.topic_id = t.topic_id

+ AND p.poster_id = u.user_id";

+ if($result = $db->sql_query($sql))

+ $postrow = $db->sql_fetchrow($result);

+

+ if( $mode == "editpost" )

+ {

+ if($userdata['user_id'] != $postrow['user_id'] && !$is_auth['auth_mod'])

+ {

+ message_die(GENERAL_MESSAGE, $lang['Sorry_edit_own_posts']);

+ }

+ }

+

+ $post_username = $postrow['username'];

+ $post_subject = $postrow['post_subject'];

+ $post_message = $postrow['post_text'];

+

+ if( eregi("\[addsig]$", $post_message) )

+ {

+ $post_message = eregi_replace("\[addsig]$", "", $post_message);

+

+ $attach_sig = ( $mode == "editpost" ) ? ( ( $postrow['user_sig'] != "" ) ? TRUE : 0 ) : ( ( $userdata['user_sig'] != "" ) ? TRUE : 0 );

+ }

+ else

+ {

+ $attach_sig = ( $mode == "editpost" ) ? 0 : ( ( $userdata['user_sig'] != "" ) ? TRUE : 0 );

+ }

+ $user_sig = ( $attach_sig ) ? ( ( $mode == "editpost" ) ? $postrow['user_sig'] : $userdata['user_sig'] ) : "";

+

+ $post_message = preg_replace("/\:[0-9a-z\:]*?\]/si", "]", $post_message);

+ $post_message = str_replace("<br />", "\n", $post_message);

+ $post_message = undo_htmlspecialchars($post_message);

+ $post_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $post_message);

+

+ //

+ // Finish off edit/quote grab by doing specific

+ // things for each mode

+ //

+ if( $mode == "quote" )

+ {

+ $page_title = $lang['Post_a_reply'];

+

+ $msg_date = create_date($board_config['default_dateformat'], $postrow['post_time'], $board_config['default_timezone']);

+

+ $post_message = $poster . " " . $lang['wrote'] . ":\n\n[quote]\n" . $post_message . "\n[/quote]";

+

+ $mode = "reply";

+ }

+ else if( $mode == "editpost" )

+ {

+ $page_title = $lang['Edit_Post'];

+

+ $html_on = ( $postrow['enable_html'] && $board_config['allow_html'] ) ? TRUE : 0;

+ $bbcode_on = ( $postrow['enable_bbcode'] && $board_config['allow_bbcode'] ) ? TRUE : 0;

+ $smilies_on = ( $postrow['enable_smilies'] && $board_config['allow_smilies'] ) ? TRUE : 0;

+

+ if( $is_first_post_topic )

+ {

+ $post_subject = $postrow['topic_title'];

+ $topic_type = $postrow['topic_type'];

+ if( $is_auth['auth_pollcreate'] && ( $can_edit_poll || $is_auth['auth_mod'] ) )

+ {

+ $sql = "SELECT vd.vote_text, vd.vote_length, vr.vote_option_id, vr.vote_option_text

+ FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr

+ WHERE vd.topic_id = $topic_id

+ AND vr.vote_id = vd.vote_id

+ ORDER BY vr.vote_option_id ASC";

+ if( !$result = $db->sql_query($sql) )

+ {

+ message_die(GENERAL_ERROR, "Couldn't obtain vote data for this topic", "", __LINE__, __FILE__, $sql);

+ }

+

+ $vote_results_sum = 0;

+ while( $row = $db->sql_fetchrow($result) )

+ {

+ $poll_title = $row['vote_text'];

+ $poll_length = $row['vote_length'];

+

+ $poll_option_list[$row['vote_option_id']] = $row['vote_option_text'];

+ }

+ $poll_length = $poll_length / 86400;

+

+ $display_poll = TRUE;

+ }

+ else

+ {

+ $display_poll = ( $is_auth['auth_pollcreate'] && !$post_has_poll ) ? TRUE : 0;

+ $poll_length = 0;

+ }

+ }

+ else

+ {

+ $display_poll = 0;

+ }

+ }

+ else

+ {

+ message_die(GENERAL_ERROR, "Couldn't obtain post and post text", "", __LINE__, __FILE__, $sql);

+ }

+

+}

+//

+// Major posting code complete

+// ---------------------------

+

+

+// --------------------

+// Generate page output

+//

+

+//

+// Include page header

+//

+include($phpbb_root_path . 'includes/page_header.'.$phpEx);

+$template->set_filenames(array(

+ "body" => "posting_body.tpl",

+ "pollbody" => "posting_poll_body.tpl",

+ "jumpbox" => "jumpbox.tpl")

+);

+

+$jumpbox = make_jumpbox();

+$template->assign_vars(array(

+ "L_GO" => $lang['Go'],

+ "L_JUMP_TO" => $lang['Jump_to'],

+ "L_SELECT_FORUM" => $lang['Select_forum'],

+

+ "JUMPBOX_LIST" => $jumpbox,

+ "SELECT_NAME" => POST_FORUM_URL)

+);

+$template->assign_var_from_handle("JUMPBOX", "jumpbox");

+

+$template->assign_vars(array(

+ "FORUM_NAME" => $forum_name,

+ "L_POST_A" => $page_title,

+

+ "U_VIEW_FORUM" => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id"))

+);

+

+//

+// Output preview of post if requested

+//

+if( $preview && !$error )

+{

+

+ $orig_word = array();

+ $replacement_word = array();

+ $result = obtain_word_list($orig_word, $replacement_word);

+

+ if( $bbcode_on )

+ $preview_subject = $post_subject;

+ $preview_message = prepare_message($post_message, $html_on, $bbcode_on, $smilies_on, $bbcode_uid);

+ if( $user_sig != "" )

+ $user_sig = preg_replace("#(<)([\/]?.*?)(>)#is", "&lt;\\2&gt;", $user_sig);

+ if( $user_sig != "" && $board_config['allow_bbcode'] )

+ if( $bbcode_on )

+

+ if( $attach_sig && $user_sig != "" )

+ $preview_message = $preview_message . "<br /><br />_________________<br />" . $user_sig;

+ $preview_subject = preg_replace($orig_word, $replacement_word, $preview_subject);

+ if( $smilies_on )

+ "POSTER_NAME" => $username,

+

+// End preview output

+// Start Error handling

+if( $error )

+ $template->set_filenames(array(

+ "reg_header" => "error_body.tpl")

+ );

+ $template->assign_vars(array(

+ "ERROR_MESSAGE" => $error_msg)

+ );

+ $template->pparse("reg_header");

+//

+// End error handling

+//

+// User not logged in so offer up a username

+// field box

+if( !$userdata['session_logged_in'] )

+{

+ $template->assign_block_vars("username_select", array());

+}

+if( $board_config['allow_html'] )

+// Notify checkbox - only show if user is logged in

+//

+if( $userdata['session_logged_in'] )

+{

+ $template->assign_block_vars("notify_checkbox", array());

+}

+

+//

+if( $mode == 'editpost' && ( ( $is_auth['auth_delete'] && $is_last_post_topic && ( !$post_has_poll || $can_edit_poll ) ) || $is_auth['auth_mod'] ) )

+if( $mode == 'newtopic' || ( $mode == 'editpost' && $is_first_post_topic ) )

+ if( $is_auth['auth_announce'] )

+ if( $topic_type == POST_ANNOUNCE )

+ $announce_toggle .= ' checked="checked"';

+ if( $is_auth['auth_sticky'] )

+ if( $topic_type == POST_STICKY )

+ $sticky_toggle .= ' checked="checked"';

+ if( $topic_type == POST_NORMAL )

+ $topic_type_toggle .= ' checked="checked"';

+$hidden_form_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';

+switch($mode)

+ case 'newtopic':

+ $hidden_form_fields .= '<input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />';

+ break;

+ case 'reply':

+ $hidden_form_fields .= '<input type="hidden" name="' . POST_TOPIC_URL . '" value="' . $topic_id . '" />';

+ break;

+

+ case 'editpost':

+ $hidden_form_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';

+ break;

+ "USERNAME" => $post_username,

+ "SUBJECT" => $post_subject,

+ "MESSAGE" => $post_message,

+ "SMILIES_STATUS" => $smilies_status,

+ "POLL_TITLE" => $poll_title,

+ "POLL_LENGTH" => $poll_length,

+ "L_DISABLE_HTML" => $lang['Disable'] . $lang['HTML'] . $lang['in_this_post'],

+ "L_DISABLE_BBCODE" => $lang['Disable'] . $lang['BBCode'] . $lang['in_this_post'],

+ "L_DISABLE_SMILIES" => $lang['Disable'] . $lang['Smilies'] . $lang['in_this_post'],

+ "L_ATTACH_SIGNATURE" => $lang['Attach_signature'],

+ "L_NOTIFY_ON_REPLY" => $lang['Notify'],

+ "S_HTML_CHECKED" => (!$html_on) ? "checked=\"checked\"" : "",

+ "S_BBCODE_CHECKED" => (!$bbcode_on) ? "checked=\"checked\"" : "",

+ "S_SMILIES_CHECKED" => (!$smilies_on) ? "checked=\"checked\"" : "",

+ "S_SIGNATURE_CHECKED" => ($attach_sig) ? "checked=\"checked\"" : "",

+ "S_NOTIFY_CHECKED" => ($notify_user) ? "checked=\"checked\"" : "",

+ "S_TYPE_TOGGLE" => $topic_type_toggle,

+ "S_TOPIC_ID" => $topic_id,

+//

+// Poll entry switch/output

+//

+if( $display_poll )

+{

+ $template->assign_vars(array(

+ "L_ADD_A_POLL" => $lang['Add_poll'],

+ "L_ADD_POLL_EXPLAIN" => $lang['Add_poll_explain'],

+ "L_POLL_QUESTION" => $lang['Poll_question'],

+ "L_POLL_OPTION" => $lang['Poll_option'],

+ "L_ADD_OPTION" => $lang['Add_option'],

+ "L_UPDATE_OPTION" => $lang['Update'],

+ "L_DELETE_OPTION" => $lang['Delete'],

+ "L_POLL_LENGTH" => $lang['Poll_for'],

+ "L_DAYS" => $lang['Days'],

+ "L_POLL_LENGTH_EXPLAIN" => $lang['Poll_for_explain'],

+ "L_POLL_DELETE" => $lang['Delete_poll'],

+

+ "POLL_LENGTH" => $poll_length)

+ );

+

+ if( $mode == "editpost" && ( $can_edit_poll || $is_auth['auth_mod'] ) && $post_has_poll )

+ {

+ $template->assign_block_vars("poll_delete_toggle", array());

+ }

+

+ if( is_array($poll_option_list) )

+ {

+ while( list($option_id, $option_text) = each($poll_option_list) )

+ {

+ $template->assign_block_vars("poll_option_rows", array(

+ "POLL_OPTION" => $option_text,

+

+ "S_POLL_OPTION_NUM" => $option_id)

+ );

+ }

+ }

+

+ $template->assign_var_from_handle("POLLBOX", "pollbody");

+

+}

+

+//

+// Parse and print the body

+//