From 7506d3d9149d64283ce700c4ea4d279915968e2d Mon Sep 17 00:00:00 2001 From: "Paul S. Owen" Date: Sat, 19 Apr 2003 12:58:37 +0000 Subject: Updated topic/forum notification ... untested in live situation ... appeared to work via manual testing git-svn-id: file:///svn/phpbb/trunk@3888 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/emailer.php | 14 +- phpBB/includes/functions_posting.php | 1820 +++++++++++++++++----------------- 2 files changed, 919 insertions(+), 915 deletions(-) (limited to 'phpBB') diff --git a/phpBB/includes/emailer.php b/phpBB/includes/emailer.php index a986bdae51..ea55a2ac90 100755 --- a/phpBB/includes/emailer.php +++ b/phpBB/includes/emailer.php @@ -47,19 +47,19 @@ class emailer // If a language variable for non-disclosure is passed, we prepend it to the address. if ($lang_var != '') { - if ( $template_lang == '' ) + if ($template_lang == '') { $template_lang = $config['default_lang']; } $language_file = $phpbb_root_path . 'language/' . $template_lang . '/lang_main.' . $phpEx; - if ( !@file_exists($language_file) ) + if (!@file_exists($language_file)) { $language_file = $phpbb_root_path . 'language/' . $config['default_lang'] . '/lang_main.' . $phpEx; } - if ( @file_exists($language_file) ) + if (@file_exists($language_file)) { include($language_file); $this->address .= $lang[$lang_var]; @@ -132,7 +132,7 @@ class emailer // Send the mail out to the recipients set previously in var $this->address function send() { - global $config, $phpEx, $phpbb_root_path; + global $config, $user, $phpEx, $phpbb_root_path; if (empty($config['email_enable'])) { @@ -163,12 +163,12 @@ class emailer $match = array(); if (preg_match('#^(Subject:(.*?))$#m', $this->msg, $match)) { - $this->subject = (trim($match[2]) != '') ? trim($match[2]) : (($this->subject != '') ? $this->subject : 'No Subject'); + $this->subject = (trim($match[2]) != '') ? trim($match[2]) : (($this->subject != '') ? $this->subject : $user->lang['NO_SUBJECT']); $drop_header .= '[\r\n]*?' . preg_quote($match[1], '#'); } else { - $this->subject = (($this->subject != '') ? $this->subject : 'No Subject'); + $this->subject = (($this->subject != '') ? $this->subject : $user->lang['NO_SUBJECT']); } if (preg_match('#^(Charset:(.*?))$#m', $this->msg, $match)) @@ -229,7 +229,7 @@ function smtpmail($mail_to, $subject, $message, $headers = '') global $config; // Fix any bare linefeeds in the message to make it RFC821 Compliant. - $message = preg_replace("/(?sql_query($sql); - - $user_id_sql = ''; - while ( $row = $db->sql_fetchrow($result) ) - { - if ( isset($row['ban_userid']) ) - { - $user_id_sql = ", " . $row['ban_userid']; - } - } - - if ($topic_notification) - { - $sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, t.topic_title, f.forum_name - FROM " . TOPICS_WATCH_TABLE . " tw, " . TOPICS_TABLE . " t, " . USERS_TABLE . " u, " . FORUMS_TABLE . " f - WHERE tw.topic_id = $topic_id - AND tw.user_id NOT IN (" . $user->data['user_id'] . ", " . ANONYMOUS . $user_id_sql . " ) - AND tw.notify_status = 0 - AND f.forum_id = $forum_id - AND t.topic_id = tw.topic_id - AND u.user_id = tw.user_id"; - } - else if ($newtopic_notification) - { - $sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, f.forum_name - FROM " . USERS_TABLE . " u, " . FORUMS_WATCH_TABLE . " fw, " . FORUMS_TABLE . " f - WHERE fw.forum_id = $forum_id - AND fw.user_id NOT IN (" . $user->data['user_id'] . ", " . ANONYMOUS . $user_id_sql . " ) - AND fw.notify_status = 0 - AND f.forum_id = fw.forum_id - AND u.user_id = fw.user_id"; - } - else - { - trigger_error('WRONG_NOTIFICATION_MODE'); - } - - $result = $db->sql_query($sql); - - if (empty($censors)) - { - $censors = array(); - obtain_word_list($censors); - } - - include($phpbb_root_path . 'includes/emailer.'.$phpEx); - $emailer = new emailer($config['smtp_delivery']); - - $script_name = preg_replace("/^\/?(.*?)\/?$/", "\\1", trim($config['script_path'])); - - $script_name_forum = ( $script_name != '' ) ? $script_name . '/viewforum.'.$phpEx : 'viewforum.'.$phpEx; - $script_name_topic = ( $script_name != '' ) ? $script_name . '/viewtopic.'.$phpEx : 'viewtopic.'.$phpEx; - - $server_name = trim($config['server_name']); - $server_protocol = ( $config['cookie_secure'] ) ? 'https://' : 'http://'; - $server_port = ( $config['server_port'] <> 80 ) ? ':' . trim($config['server_port']) . '/' : '/'; - - $email_headers = "From: " . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\r\n"; - - $update_watched_sql_topic = ''; - $update_watched_sql_forum = ''; - - $email_users = array(); - - if ( $row = $db->sql_fetchrow($result) ) - { - if ($topic_notification) - { - $topic_title = $row['topic_title']; - decode_text($topic_title); - $topic_title = (sizeof($censors)) ? preg_replace($censors['match'], $censors['replace'], $topic_title) : $topic_title; - } - else - { - decode_text($subject); - $topic_title = (sizeof($censors)) ? preg_replace($censors['match'], $censors['replace'], $subject) : $subject; - } - - do - { - if (trim($row['user_email']) != '') - { - $row['email_template'] = ($topic_notification) ? 'topic_notify' : 'newtopic_notify'; - $email_users[] = $row; - - if ($topic_notification) - { - $update_watched_sql_topic .= ($update_watched_sql_topic != '') ? ', ' . $row['user_id'] : $row['user_id']; - } - else - { - $update_watched_sql_forum .= ($update_watched_sql_forum != '') ? ', ' . $row['user_id'] : $row['user_id']; - } - } - } - while ($row = $db->sql_fetchrow($result)); - } - - // Handle remaining Notifications (Forum) - if ($topic_notification) - { - $already_notified = ($update_watched_sql_topic == '') ? '' : $update_watched_sql_topic . ', '; - $already_notified .= ($update_watched_sql_forum == '') ? '' : $update_watched_sql_forum . ', '; - - $sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, t.topic_title, f.forum_name - FROM " . TOPICS_TABLE . " t, " . USERS_TABLE . " u, " . FORUMS_WATCH_TABLE . " fw, " . FORUMS_TABLE . " f - WHERE fw.forum_id = $forum_id - AND fw.user_id NOT IN (" . $already_notified . $user->data['user_id'] . ", " . ANONYMOUS . $user_id_sql . " ) - AND fw.notify_status = 0 - AND t.topic_id = $topic_id - AND f.forum_id = fw.forum_id - AND u.user_id = fw.user_id"; - $result = $db->sql_query($sql); - - if ($row = $db->sql_fetchrow($result)) - { - $topic_title = $row['topic_title']; - decode_text($topic_title); - $topic_title = (sizeof($censors)) ? preg_replace($censors['match'], $censors['replace'], $topic_title) : $topic_title; - - do - { - if (trim($row['user_email']) != '') - { - $row['email_template'] = 'forum_notify'; - $email_users[] = $row; - - $update_watched_sql_forum .= ($update_watched_sql_forum != '') ? ', ' . $row['user_id'] : $row['user_id']; - } - } - while ($row = $db->sql_fetchrow($result)); - } - } - - @reset($email_users); - foreach ($email_users as $row) - { - $emailer->use_template($row['email_template'], $row['user_lang']); - $emailer->email_address($row['user_email']); - $emailer->set_subject(); - $emailer->extra_headers($email_headers); - - $emailer->assign_vars(array( - 'EMAIL_SIG' => str_replace("
", "\n", "-- \n" . $config['board_email_sig']), - 'USERNAME' => $row['username'], - 'SITENAME' => $config['sitename'], - 'TOPIC_TITLE' => $topic_title, - 'U_TOPIC' => $server_protocol . $server_name . $server_port . $script_name_topic . '?p=' . $post_id . '#' . $post_id, - 'U_FORUM' => $server_protocol . $server_name . $server_port . $script_name_forum . '?f=' . $forum_id, - 'FORUM_NAME' => $row['forum_name'], - 'U_STOP_WATCHING_TOPIC' => $server_protocol . $server_name . $server_port . $script_name_topic . '?t=' . $topic_id . '&unwatch=topic', - 'U_STOP_WATCHING_FORUM' => $server_protocol . $server_name . $server_port . $script_name_forum . '?f=' . $forum_id . '&unwatch=forum') - ); - - $emailer->send(); - $emailer->reset(); - } - - if ($update_watched_sql_topic != '') - { - $sql = "UPDATE " . TOPICS_WATCH_TABLE . " - SET notify_status = 1 - WHERE topic_id = " . $topic_id . " - AND user_id IN (" . $update_watched_sql_topic . ")"; - $db->sql_query($sql); - } - - if ($update_watched_sql_forum != '') - { - $sql = "UPDATE " . FORUMS_WATCH_TABLE . " - SET notify_status = 1 - WHERE forum_id = " . $forum_id . " - AND user_id IN (" . $update_watched_sql_forum . ")"; - $db->sql_query($sql); - } -} - // Format text to be displayed - from viewtopic.php - centralizing this would be nice ;) function format_display($message, $html, $bbcode, $uid, $url, $smilies, $sig) { @@ -440,950 +252,1142 @@ function update_last_post_information($type, $id) $db->sql_query($sql); } -// Submit Post -function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_uid, $poll, $attachment_data, $post_data) +// Delete Attachment +function delete_attachment($post_id_array = -1, $attach_id_array = -1, $page = -1, $user_id = -1) { - global $db, $auth, $user, $config, $phpEx, $SID, $template; - - $search = new fulltext_search(); - $current_time = time(); - - $post_data['subject'] = $subject; + global $db; - $db->sql_transaction(); + // Generate Array, if it's not an array + if ( ($post_id_array == -1) && ($attach_id_array == -1) && ($page == -1) ) + { + return; + } - // Initial Topic table info - if ( ($mode == 'post') || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_data['post_id'])) + if ( ($post_id_array == -1) && ($attach_id_array != -1) ) { - $topic_sql = array( - 'forum_id' => $post_data['forum_id'], - 'topic_title' => stripslashes($subject), - 'topic_time' => $current_time, - 'topic_type' => $topic_type, - 'topic_approved' => ($auth->acl_get('f_moderate', $post_data['forum_id']) && !$auth->acl_get('f_ignorequeue', $post_data['forum_id'])) ? 0 : 1, - 'icon_id' => $post_data['icon_id'], - 'topic_attachment' => (sizeof($attachment_data['physical_filename'])) ? 1 : 0, - 'topic_poster' => intval($user->data['user_id']), - 'topic_first_poster_name' => ($username != '') ? stripslashes($username) : (($user->data['user_id'] == ANONYMOUS) ? '' : stripslashes($user->data['username'])) - ); + $post_id_array = array(); - if (!empty($poll['poll_options'])) + if (!is_array($attach_id_array)) { - $topic_sql = array_merge($topic_sql, array( - 'poll_title' => stripslashes($poll['poll_title']), - 'poll_start' => ($poll['poll_start']) ? $poll['poll_start'] : $current_time, - 'poll_length' => $poll['poll_length'] * 3600) - ); + if (strstr($attach_id_array, ', ')) + { + $attach_id_array = explode(', ', $attach_id_array); + } + else if (strstr($attach_id_array, ',')) + { + $attach_id_array = explode(',', $attach_id_array); + } + else + { + $attach_id = intval($attach_id_array); + $attach_id_array = array(); + $attach_id_array[] = $attach_id; + } } + + // Get the post_ids to fill the array + $p_id = ($page == 'privmsgs') ? 'privmsgs_id' : 'post_id'; - $sql = ($mode == 'post') ? 'INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', $topic_sql) : 'UPDATE ' . TOPICS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $topic_sql) . ' WHERE topic_id = ' . $post_data['topic_id']; - $db->sql_query($sql); + $sql = "SELECT " . $p_id . " + FROM " . ATTACHMENTS_TABLE . " + WHERE attach_id IN (" . implode(', ', $attach_id_array) . ") + GROUP BY " . $p_id; + $result = $db->sql_query($sql); - $post_data['topic_id'] = ($mode == 'post') ? $db->sql_nextid() : $post_data['topic_id']; + while ($row = $db->sql_fetchrow($result)) + { + $post_id_array[] = intval($row[$p_id]); + } + $db->sql_freeresult($result); + + if (count($post_id_array) == 0) + { + return; + } } - - // Post table info - $post_sql = array( - 'topic_id' => $post_data['topic_id'], - 'forum_id' => $post_data['forum_id'], - 'poster_id' => ($mode == 'edit') ? $post_data['poster_id'] : intval($user->data['user_id']), - 'post_username' => ($username != '') ? stripslashes($username) : '', - 'post_subject' => stripslashes($subject), - 'icon_id' => $post_data['icon_id'], - 'poster_ip' => $user->ip, - 'post_time' => $current_time, - 'post_approved' => ($auth->acl_get('f_moderate', $post_data['forum_id']) && !$auth->acl_get('f_ignorequeue', $post_data['forum_id'])) ? 0 : 1, - 'post_edit_time' => ($mode == 'edit' && $post_data['poster_id'] == $user->data['user_id']) ? $current_time : 0, - 'enable_sig' => $post_data['enable_sig'], - 'enable_bbcode' => $post_data['enable_bbcode'], - 'enable_html' => $post_data['enable_html'], - 'enable_smilies' => $post_data['enable_smilies'], - 'enable_magic_url' => $post_data['enable_urls'], - 'bbcode_uid' => $bbcode_uid, - 'bbcode_bitfield' => $post_data['bbcode_bitfield'], - 'post_edit_locked' => $post_data['post_edit_locked'] - ); - - if ($mode != 'edit' || $post_data['message_md5'] != $post_data['post_checksum']) + + if (!is_array($post_id_array)) { - $post_sql = array_merge($post_sql, array( - 'post_checksum' => $post_data['message_md5'], - 'post_text' => $message, - 'post_encoding' => $user->lang['ENCODING'] - )); - } - $sql = ($mode == 'edit') ? 'UPDATE ' . POSTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $post_sql) . ' , post_edit_count = post_edit_count + 1 WHERE post_id = ' . $post_data['post_id'] : 'INSERT INTO ' . POSTS_TABLE . ' ' . $db->sql_build_array('INSERT', $post_sql); - $db->sql_query($sql); + if (trim($post_id_array) == '') + { + return; + } - $post_data['post_id'] = ($mode == 'edit') ? $post_data['post_id'] : $db->sql_nextid(); + if (strstr($post_id_array, ', ')) + { + $post_id_array = explode(', ', $post_id_array); + } + else if (strstr($post_id_array, ',')) + { + $post_id_array = explode(',', $post_id_array); + } + else + { + $post_id = intval($post_id_array); - // Submit Poll - if (!empty($poll['poll_options'])) + $post_id_array = array(); + $post_id_array[] = $post_id; + } + } + + if (count($post_id_array) == 0) { - $cur_poll_options = array(); + return; + } + + // First of all, determine the post id and attach_id + if ($attach_id_array == -1) + { + $attach_id_array = array(); + + // Get the attach_ids to fill the array + $whereclause = ($page == 'privmsgs') ? 'WHERE privmsgs_id IN (' . implode(', ', $post_id_array) . ')' : 'WHERE post_id IN (' . implode(', ', $post_id_array) . ')'; + + $sql = "SELECT attach_id + FROM " . ATTACHMENTS_TABLE . " " . + $whereclause . " + GROUP BY attach_id"; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $attach_id_array[] = intval($row['attach_id']); + } + $db->sql_freeresult($result); + + if (count($attach_id_array) == 0) + { + return; + } + } - if ($poll['poll_start'] && $mode == 'edit') + if (!is_array($attach_id_array)) + { + if (strstr($attach_id_array, ', ')) { - $sql = "SELECT * FROM " . POLL_OPTIONS_TABLE . " - WHERE topic_id = " . $post_data['topic_id'] . " - ORDER BY poll_option_id"; - $result = $db->sql_query($sql); + $attach_id_array = explode(', ', $attach_id_array); + } + else if (strstr($attach_id_array, ',')) + { + $attach_id_array = explode(',', $attach_id_array); + } + else + { + $attach_id = intval($attach_id_array); - while ($cur_poll_options[] = $db->sql_fetchrow($result)); - $db->sql_freeresult($result); + $attach_id_array = array(); + $attach_id_array[] = $attach_id; } + } - for ($i = 0; $i < sizeof($poll['poll_options']); $i++) + if (count($attach_id_array) == 0) + { + return; + } + + if ($page == 'privmsgs') + { + $sql_id = 'privmsgs_id'; + if ($user_id != -1) { - if (trim($poll['poll_options'][$i]) != '') + $post_id_array_2 = array(); + + $sql = "SELECT privmsgs_type, privmsgs_to_userid, privmsgs_from_userid + FROM " . PRIVMSGS_TABLE . " + WHERE privmsgs_id IN (" . implode(', ', $post_id_array) . ")"; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) { - if (empty($cur_poll_options[$i])) - { - $sql = "INSERT INTO " . POLL_OPTIONS_TABLE . " (poll_option_id, topic_id, poll_option_text) - VALUES (" . $i . ", " . $post_data['topic_id'] . ", '" . $db->sql_escape($poll['poll_options'][$i]) . "')"; - $db->sql_query($sql); - } - else if ($poll['poll_options'][$i] != $cur_poll_options[$i]) + switch (intval($row['privmsgs_type'])) { - $sql = "UPDATE " . POLL_OPTIONS_TABLE . " - SET poll_option_text = '" . $db->sql_escape($poll['poll_options'][$i]) . "' - WHERE poll_option_id = " . $cur_poll_options[$i]['poll_option_id']; - $db->sql_query($sql); + case PRIVMSGS_READ_MAIL: + case PRIVMSGS_NEW_MAIL: + case PRIVMSGS_UNREAD_MAIL: + if ($row['privmsgs_to_userid'] == $user_id) + { + $post_id_array_2[] = $privmsgs_id; + } + break; + case PRIVMSGS_SENT_MAIL: + if ($row['privmsgs_from_userid'] == $user_id) + { + $post_id_array_2[] = $privmsgs_id; + } + break; + case PRIVMSGS_SAVED_OUT_MAIL: + if ($row['privmsgs_from_userid'] == $user_id) + { + $post_id_array_2[] = $privmsgs_id; + } + break; + case PRIVMSGS_SAVED_IN_MAIL: + if ($row['privmsgs_to_userid'] == $user_id) + { + $post_id_array_2[] = $privmsgs_id; + } + break; } } + $db->sql_freeresult($result); + $post_id_array = $post_id_array_2; } - - if (sizeof($poll['poll_options']) < sizeof($cur_poll_options)) - { - $sql = "DELETE FROM " . POLL_OPTIONS_TABLE . " - WHERE poll_option_id > " . sizeof($poll['poll_options']) . " - AND topic_id = " . $post_data['topic_id']; - $db->sql_query($sql); - } + } + else + { + $sql_id = 'post_id'; } - // Submit Attachments - if (count($attachment_data['attach_id']) && !empty($post_data['post_id']) && ($mode == 'post' || $mode == 'reply' || $mode == 'edit')) + $sql = "DELETE FROM " . ATTACHMENTS_TABLE . " + WHERE attach_id IN (" . implode(', ', $attach_id_array) . ") + AND " . $sql_id . " IN (" . implode(', ', $post_id_array) . ")"; + $db->sql_query($sql); + + foreach ($attach_id_array as $attach_id) { - for ($i = 0; $i < count($attachment_data['attach_id']); $i++) + $sql = "SELECT attach_id + FROM " . ATTACHMENTS_TABLE . " + WHERE attach_id = " . $attach_id; + $select_result = $db->sql_query($sql); + + if (!is_array($db->sql_fetchrow($select_result))) { - if ($attachment_data['attach_id'][$i] != '-1') - { - // update entry in db if attachment already stored in db and filespace - $attach_sql = array( - 'comment' => trim($attachment_data['comment'][$i]) - ); - - $sql = 'UPDATE ' . ATTACHMENTS_DESC_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $attach_sql) . ' WHERE attach_id = ' . $attachment_data['attach_id'][$i]; - $db->sql_query($sql); - } - else + $sql = "SELECT attach_id, physical_filename, thumbnail + FROM " . ATTACHMENTS_DESC_TABLE . " + WHERE attach_id = " . $attach_id; + $result = $db->sql_query($sql); + + // delete attachments + while ($row = $db->sql_fetchrow($result)) { - // insert attachment into db - $attach_sql = array( - 'physical_filename' => $attachment_data['physical_filename'][$i], - 'real_filename' => $attachment_data['real_filename'][$i], - 'comment' => trim($attachment_data['comment'][$i]), - 'extension' => $attachment_data['extension'][$i], - 'mimetype' => $attachment_data['mimetype'][$i], - 'filesize' => $attachment_data['filesize'][$i], - 'filetime' => $attachment_data['filetime'][$i], - 'thumbnail' => $attachment_data['thumbnail'][$i] - ); - - $sql = 'INSERT INTO ' . ATTACHMENTS_DESC_TABLE . ' ' . $db->sql_build_array('INSERT', $attach_sql); - $db->sql_query($sql); - - $attach_sql = array( - 'attach_id' => $db->sql_nextid(), - 'post_id' => $post_data['post_id'], - 'privmsgs_id' => 0, - 'user_id_from' => ($mode == 'edit') ? $post_data['poster_id'] : intval($user->data['user_id']), - 'user_id_to' => 0 - ); - - $sql = 'INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $attach_sql); + phpbb_unlink($row['physical_filename'], 'file', $config['use_ftp_upload']); + if (intval($row['thumbnail']) == 1) + { + phpbb_unlink($row['physical_filename'], 'thumbnail', $config['use_ftp_upload']); + } + + $sql = "DELETE FROM " . ATTACHMENTS_DESC_TABLE . " + WHERE attach_id = " . $row['attach_id']; $db->sql_query($sql); } + $db->sql_freeresult($result); } - - if (count($attachment_data['attach_id']) > 0) + $db->sql_freeresult($select_result); + } + + // Now Sync the Topic/PM + if ($page == 'privmsgs') + { + foreach ($post_id_array as $privmsgs_id) { - $sql = "UPDATE " . POSTS_TABLE . " - SET post_attachment = 1 - WHERE post_id = " . $post_data['post_id']; - $db->sql_query($sql); + $sql = "SELECT attach_id + FROM " . ATTACHMENTS_TABLE . " + WHERE privmsgs_id = " . $privmsgs_id; + $select_result = $db->sql_query($sql); - $sql = "UPDATE " . TOPICS_TABLE . " - SET topic_attachment = 1 - WHERE topic_id = " . $post_data['topic_id']; - $db->sql_query($sql); + if (!is_array($db->sql_fetchrow($select_result))) + { + $sql = "UPDATE " . PRIVMSGS_TABLE . " + SET privmsgs_attachment = 0 + WHERE privmsgs_id = " . $privmsgs_id; + $db->sql_query($sql); + } + $db->sql_freeresult($select_result); } } - - // Fulltext parse - if ($mode != 'edit' || $post_data['message_md5'] != $post_data['post_checksum']) - { - $result = $search->add($mode, $post_data['post_id'], $message, $subject); - } - - // Sync forums, topics and users ... - if ($mode != 'edit') + else { - // Update forums: last post info, topics, posts ... we need to update - // each parent too ... - $forum_ids = $post_data['forum_id']; - $forum_parents = get_forum_parents($post_data); - foreach ($forum_parents as $parent_forum_id => $parent_name) + $sql = "SELECT topic_id + FROM " . POSTS_TABLE . " + WHERE post_id IN (" . implode(', ', $post_id_array) . ") + GROUP BY topic_id"; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) { - $forum_ids .= ', ' . $parent_forum_id; - } - - $forum_topics_sql = ($mode == 'post') ? ', forum_topics = forum_topics + 1, forum_topics_real = forum_topics_real + 1' : ''; - $forum_sql = array( - 'forum_last_post_id' => $post_data['post_id'], - 'forum_last_post_time' => $current_time, - 'forum_last_poster_id' => intval($user->data['user_id']), - 'forum_last_poster_name'=> ($user->data['user_id'] == ANONYMOUS) ? stripslashes($username) : $user->data['username'], - ); - - $sql = 'UPDATE ' . FORUMS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $forum_sql) . ', forum_posts = forum_posts + 1' . $forum_topics_sql . ' WHERE forum_id IN (' . $forum_ids . ')'; - $db->sql_query($sql); + $topic_id = intval($row['topic_id']); - // Update topic: first/last post info, replies - $topic_sql = array( - 'topic_last_post_id' => $post_data['post_id'], - 'topic_last_post_time' => $current_time, - 'topic_last_poster_id' => intval($user->data['user_id']), - 'topic_last_poster_name'=> ($username != '') ? stripslashes($username) : (($user->data['user_id'] == ANONYMOUS) ? '' : stripslashes($user->data['username'])), - ); + $sql = "SELECT post_id + FROM " . POSTS_TABLE . " + WHERE topic_id = " . $topic_id . " + GROUP BY post_id"; + $result2 = $db->sql_query($sql); + + $post_ids = array(); - if ($mode == 'post') - { - $topic_sql = array_merge($topic_sql, array( - 'topic_first_post_id' => $post_data['post_id'], - )); - } + while ($post_row = $db->sql_fetchrow($result2)) + { + $post_ids[] = intval($post_row['post_id']); + } + $db->sql_freeresult($result2); - $topic_replies_sql = ($mode == 'reply') ? ', topic_replies = topic_replies + 1, topic_replies_real = topic_replies_real + 1' : ''; - $sql = 'UPDATE ' . TOPICS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $topic_sql) . $topic_replies_sql . ' WHERE topic_id = ' . $post_data['topic_id']; - $db->sql_query($sql); + if (count($post_ids)) + { + $post_id_sql = implode(', ', $post_ids); + + $sql = "SELECT attach_id + FROM " . ATTACHMENTS_TABLE . " + WHERE post_id IN (" . $post_id_sql . ") "; + $select_result = $db->sql_query_limit($sql, 1); + $set_id = ( !is_array($db->sql_fetchrow($select_result))) ? 0 : 1; + $db->sql_freeresult($select_result); - // Update user post count ... if appropriate - if ($user->data['user_id'] != ANONYMOUS && $auth->acl_get('f_postcount', $post_data['forum_id'])) - { - $sql = 'UPDATE ' . USERS_TABLE . ' - SET user_posts = user_posts + 1 - WHERE user_id = ' . intval($user->data['user_id']); - $db->sql_query($sql); + $sql = "UPDATE " . TOPICS_TABLE . " + SET topic_attachment = " . $set_id . " + WHERE topic_id = " . $topic_id; + $db->sql_query($sql); + + foreach ($post_ids as $post_id) + { + $sql = "SELECT attach_id + FROM " . ATTACHMENTS_TABLE . " + WHERE post_id = " . $post_id; + $select_result = $db->sql_query_limit($sql, 1); + $set_id = ( !is_array($db->sql_fetchrow($select_result))) ? 0 : 1; + $db->sql_freeresult($select_result); + + $sql = "UPDATE " . POSTS_TABLE . " + SET post_attachment = " . $set_id . " + WHERE post_id = " . $post_id; + $db->sql_query($sql); + } + } } + $db->sql_freeresult($result); + } +} - // post counts for index, etc. - if ($mode == 'post') - { - set_config('num_topics', $config['num_topics'] + 1, TRUE); - } +// Upload Attachment - filedata is generated here +function upload_attachment($filename) +{ + global $_POST, $_FILES, $auth, $user, $config, $db; - set_config('num_posts', $config['num_posts'] + 1, TRUE); - } + $filedata = array(); + $filedata['error'] = false; + $filedata['err_msg'] = ''; + $filedata['post_attach'] = ($filename != '') ? true : false; - // Topic Notification - if ((!$post_data['notify_set']) && ($post_data['notify'])) - { - $sql = "INSERT INTO " . TOPICS_WATCH_TABLE . " (user_id, topic_id) - VALUES (" . $user->data['user_id'] . ", " . $post_data['topic_id'] . ")"; - $db->sql_query($sql); - } - else if (($post_data['notify_set']) && (!$post_data['notify'])) + if (!$filedata['post_attach']) { - $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " - WHERE user_id = " . $user->data['user_id'] . " - AND topic_id = " . $post_data['topic_id']; - $db->sql_query($sql); + return ($filedata); } + + $r_file = $filename; + $file = $_FILES['fileupload']['tmp_name']; + $filedata['mimetype'] = $_FILES['fileupload']['type']; - // Mark this topic as read and posted to. - $mark_mode = ($mode == 'reply' || $mode == 'quote') ? 'post' : 'topic'; - markread($mark_mode, $post_data['forum_id'], $post_data['topic_id'], $post_data['post_id']); + // Opera add the name to the mime type + $filedata['mimetype'] = ( strstr($filedata['mimetype'], '; name') ) ? str_replace(strstr($filedata['mimetype'], '; name'), '', $filedata['mimetype']) : $filedata['mimetype']; + $filedata['extension'] = strrchr(strtolower($filename), '.'); + $filedata['extension'][0] = ' '; + $filedata['extension'] = strtolower(trim($filedata['extension'])); + $filedata['extension'] = (is_array($filedata['extension'])) ? '' : $filedata['extension']; + + $filedata['filesize'] = (!@filesize($file)) ? intval($_FILES['size']) : @filesize($file); - $db->sql_transaction('commit'); + $extensions = array(); + obtain_attach_extensions($extensions); - // Send Notifications - if (($mode != 'edit') && ($mode != 'delete')) + // Check Extension + if (!in_array($filedata['extension'], $extensions['_allowed_'])) { - user_notification($mode, stripslashes($post_data['subject']), $post_data['forum_id'], $post_data['topic_id'], $post_data['post_id']); - } - - $template->assign_vars(array( - 'META' => '') - ); + $filedata['error'] = true; + $filedata['err_msg'] = sprintf($user->lang['DISALLOWED_EXTENSION'], $filedata['extension']); + $filedata['post_attach'] = false; + return ($filedata); + } - $message = ($auth->acl_get('f_moderate', $post_data['forum_id']) && !$auth->acl_get('f_ignorequeue', $post_data['forum_id'])) ? 'POST_STORED_MOD' : 'POST_STORED'; - $message = $user->lang[$message] . '

' . sprintf($user->lang['VIEW_MESSAGE'], '', '') . '

' . sprintf($user->lang['RETURN_FORUM'], '', ''); - trigger_error($message); -} + $allowed_filesize = ($extensions[$filedata['extension']]['max_filesize'] != 0) ? $extensions[$filedata['extension']]['max_filesize'] : $config['max_filesize']; + $cat_id = $extensions[$filedata['extension']]['display_cat']; -// Delete Attachment -function delete_attachment($post_id_array = -1, $attach_id_array = -1, $page = -1, $user_id = -1) -{ - global $db; + // check Filename + if ( preg_match("/[\\/:*?\"<>|]/i", $filename) ) + { + $filedata['error'] = true; + $filedata['err_msg'] = sprintf($user->lang['INVALID_FILENAME'], $filename); + $filedata['post_attach'] = false; + return ($filedata); + } - // Generate Array, if it's not an array - if ( ($post_id_array == -1) && ($attach_id_array == -1) && ($page == -1) ) + // check php upload-size + if ( ($file == 'none') ) { - return; + $filedata['error'] = true; + $filedata['err_msg'] = (@ini_get('upload_max_filesize') == '') ? $user->lang['ATTACHMENT_PHP_SIZE_NA'] : sprintf($user->lang['ATTACHMENT_PHP_SIZE_OVERRUN'], @ini_get('upload_max_filesize')); + $filedata['post_attach'] = false; + return ($filedata); } - if ( ($post_id_array == -1) && ($attach_id_array != -1) ) +/* + // Check Image Size, if it is an image + if ( (!$acl->gets('m_', 'a_')) && ($cat_id == IMAGE_CAT) ) { - $post_id_array = array(); + list($width, $height) = image_getdimension($file); - if (!is_array($attach_id_array)) + if ( ($width != 0) && ($height != 0) && (intval($attach_config['img_max_width']) != 0) && (intval($attach_config['img_max_height']) != 0) ) { - if (strstr($attach_id_array, ', ')) - { - $attach_id_array = explode(', ', $attach_id_array); - } - else if (strstr($attach_id_array, ',')) - { - $attach_id_array = explode(',', $attach_id_array); - } - else + if ( ($width > intval($attach_config['img_max_width'])) || ($height > intval($attach_config['img_max_height'])) ) { - $attach_id = intval($attach_id_array); - $attach_id_array = array(); - $attach_id_array[] = $attach_id; + $error = TRUE; + if(!empty($error_msg)) + { + $error_msg .= '
'; + } + $error_msg .= sprintf($lang['Error_imagesize'], intval($attach_config['img_max_width']), intval($attach_config['img_max_height'])); } } - - // Get the post_ids to fill the array - $p_id = ($page == 'privmsgs') ? 'privmsgs_id' : 'post_id'; - - $sql = "SELECT " . $p_id . " - FROM " . ATTACHMENTS_TABLE . " - WHERE attach_id IN (" . implode(', ', $attach_id_array) . ") - GROUP BY " . $p_id; - $result = $db->sql_query($sql); + } +*/ + // check Filesize + if ( ($allowed_filesize != 0) && ($filedata['filesize'] > $allowed_filesize) && (!$acl->gets('m_', 'a_')) ) + { + $size_lang = ($allowed_filesize >= 1048576) ? $user->lang['MB'] : ( ($allowed_filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] ); - while ($row = $db->sql_fetchrow($result)) + if ($allowed_filesize >= 1048576) { - $post_id_array[] = intval($row[$p_id]); + $allowed_filesize = round($allowed_filesize / 1048576 * 100) / 100; } - $db->sql_freeresult($result); - - if (count($post_id_array) == 0) + else if($allowed_filesize >= 1024) { - return; + $allowed_filesize = round($allowed_filesize / 1024 * 100) / 100; } + + $filedata['error'] = true; + $filedata['err_msg'] = sprintf($user->lang['ATTACHMENT_TOO_BIG'], $allowed_filesize, $size_lang); + $filedata['post_attach'] = false; + return ($filedata); } - - if (!is_array($post_id_array)) + + // Check our complete quota + if ($config['attachment_quota'] != 0) { - if (trim($post_id_array) == '') + if ($config['total_filesize'] + $filedata['filesize'] > $config['attachment_quota']) { - return; + $filedata['error'] = true; + $filedata['err_msg'] = $user->lang['ATTACH_QUOTA_REACHED']; + $filedata['post_attach'] = false; + return ($filedata); } + } - if (strstr($post_id_array, ', ')) - { - $post_id_array = explode(', ', $post_id_array); - } - else if (strstr($post_id_array, ',')) +/* + // If we are at Private Messaging, check our PM Quota + if ($this->page == PAGE_PRIVMSGS) + { + $to_user = ( isset($_POST['username']) ) ? $_POST['username'] : ''; + + if (intval($config['pm_filesize_limit']) != 0) { - $post_id_array = explode(',', $post_id_array); + $total_filesize = get_total_attach_pm_filesize('from_user', $user->data['user_id']); + + if ( ($total_filesize + $filedata['filesize'] > intval($config['pm_filesize_limit'])) ) + { + $error = TRUE; + if(!empty($error_msg)) + { + $error_msg .= '
'; + } + $error_msg .= $lang['Attach_quota_sender_pm_reached']; + } } - else + + // Check Receivers PM Quota + if ((!empty($to_user)) && ($userdata['user_level'] != ADMIN)) { - $post_id = intval($post_id_array); + $sql = "SELECT user_id + FROM " . USERS_TABLE . " + WHERE username = '" . $to_user . "'"; + $result = $db->sql_query($sql); - $post_id_array = array(); - $post_id_array[] = $post_id; + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + $user_id = intval($row['user_id']); + $u_data = get_userdata($user_id); + $this->get_quota_limits($u_data, $user_id); + + if (intval($attach_config['pm_filesize_limit']) != 0) + { + $total_filesize = get_total_attach_pm_filesize('to_user', $user_id); + + if ($total_filesize + $this->filesize > intval($attach_config['pm_filesize_limit'])) + { + $error = TRUE; + if(!empty($error_msg)) + { + $error_msg .= '
'; + } + $error_msg .= sprintf($lang['Attach_quota_receiver_pm_reached'], $to_user); + } + } } } - - if (count($post_id_array) == 0) - { - return; - } - - // First of all, determine the post id and attach_id - if ($attach_id_array == -1) - { - $attach_id_array = array(); +*/ + $filedata['thumbnail'] = 0; + + // Prepare Values + $filedata['filetime'] = time(); + $filedata['filename'] = stripslashes($r_file); - // Get the attach_ids to fill the array - $whereclause = ($page == 'privmsgs') ? 'WHERE privmsgs_id IN (' . implode(', ', $post_id_array) . ')' : 'WHERE post_id IN (' . implode(', ', $post_id_array) . ')'; + $filedata['destination_filename'] = strtolower($filedata['filename']); + $filedata['destination_filename'] = $user->data['user_id'] . '_' . $filedata['filetime'] . '.' . $filedata['extension']; + + $filedata['filename'] = str_replace("'", "\'", $filedata['filename']); - $sql = "SELECT attach_id - FROM " . ATTACHMENTS_TABLE . " " . - $whereclause . " - GROUP BY attach_id"; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - $attach_id_array[] = intval($row['attach_id']); - } - $db->sql_freeresult($result); - - if (count($attach_id_array) == 0) - { - return; - } +/* + // Do we have to create a thumbnail ? + if ( ($cat_id == IMAGE_CAT) && ($config['img_create_thumbnail']) ) + { + $this->thumbnail = 1; } - - if (!is_array($attach_id_array)) +*/ + + // Upload Attachment + if (!$config['use_ftp_upload']) { - if (strstr($attach_id_array, ', ')) + // Descide the Upload method + if ( @ini_get('open_basedir') ) { - $attach_id_array = explode(', ', $attach_id_array); + $upload_mode = 'move'; } - else if (strstr($attach_id_array, ',')) + else if ( @ini_get('safe_mode') ) { - $attach_id_array = explode(',', $attach_id_array); + $upload_mode = 'move'; } else { - $attach_id = intval($attach_id_array); - - $attach_id_array = array(); - $attach_id_array[] = $attach_id; + $upload_mode = 'copy'; } } - - if (count($attach_id_array) == 0) + else { - return; + $upload_mode = 'ftp'; } - if ($page == 'privmsgs') + // Ok, upload the File + $result = move_uploaded_attachment($upload_mode, $file, $filedata); + + if ($result != '') { - $sql_id = 'privmsgs_id'; - if ($user_id != -1) - { - $post_id_array_2 = array(); + $filedata['error'] = true; + $filedata['err_msg'] = $result; + $filedata['post_attach'] = false; + } + return ($filedata); +} - $sql = "SELECT privmsgs_type, privmsgs_to_userid, privmsgs_from_userid - FROM " . PRIVMSGS_TABLE . " - WHERE privmsgs_id IN (" . implode(', ', $post_id_array) . ")"; - $result = $db->sql_query($sql); +// Move/Upload File - could be used for Avatars too ? +function move_uploaded_attachment($upload_mode, $source_filename, &$filedata) +{ + global $user, $config; - while ($row = $db->sql_fetchrow($result)) + $destination_filename = $filedata['destination_filename']; + $thumbnail = (isset($filedata['thumbnail'])) ? $filedata['thumbnail'] : false; + + switch ($upload_mode) + { + case 'copy': + + if ( !@copy($source_filename, $config['upload_dir'] . '/' . $destination_filename) ) { - switch (intval($row['privmsgs_type'])) + if ( !@move_uploaded_file($source_filename, $config['upload_dir'] . '/' . $destination_filename) ) { - case PRIVMSGS_READ_MAIL: - case PRIVMSGS_NEW_MAIL: - case PRIVMSGS_UNREAD_MAIL: - if ($row['privmsgs_to_userid'] == $user_id) - { - $post_id_array_2[] = $privmsgs_id; - } - break; - case PRIVMSGS_SENT_MAIL: - if ($row['privmsgs_from_userid'] == $user_id) - { - $post_id_array_2[] = $privmsgs_id; - } - break; - case PRIVMSGS_SAVED_OUT_MAIL: - if ($row['privmsgs_from_userid'] == $user_id) - { - $post_id_array_2[] = $privmsgs_id; - } - break; - case PRIVMSGS_SAVED_IN_MAIL: - if ($row['privmsgs_to_userid'] == $user_id) - { - $post_id_array_2[] = $privmsgs_id; - } - break; + return (sprintf($user->lang['GENERAL_UPLOAD_ERROR'], './' . $config['upload_dir'] . '/' . $destination_filename)); + } + } + @chmod($config['upload_dir'] . '/' . $destination_filename, 0666); + break; + + case 'move': + if ( !@move_uploaded_file($source_filename, $config['upload_dir'] . '/' . $destination_filename) ) + { + if ( !@copy($source_file, $config['upload_dir'] . '/' . $destination_filename) ) + { + return (sprintf($user->lang['GENERAL_UPLOAD_ERROR'], './' . $config['upload_dir'] . '/' . $destination_filename)); } + } + @chmod($config['upload_dir'] . '/' . $destination_filename, 0666); + break; + + case 'ftp': +/* + $conn_id = init_ftp(); + + // Binary or Ascii ? + $mode = FTP_BINARY; + if ( (preg_match("/text/i", $filedata['mimetype'])) || (preg_match("/html/i", $filedata['mimetype'])) ) + { + $mode = FTP_ASCII; } - $db->sql_freeresult($result); - $post_id_array = $post_id_array_2; - } - } - else - { - $sql_id = 'post_id'; + + $res = @ftp_put($conn_id, $destination_filename, $source_filename, $mode); + + if (!$res) + { + @ftp_quit($conn_id); + return (sprintf($user->lang['Ftp_error_upload'], $config['ftp_path'])); + } + + @ftp_site($conn_id, 'CHMOD 0644 ' . $destination_filename); + @ftp_quit($conn_id); + break; +*/ } - $sql = "DELETE FROM " . ATTACHMENTS_TABLE . " - WHERE attach_id IN (" . implode(', ', $attach_id_array) . ") - AND " . $sql_id . " IN (" . implode(', ', $post_id_array) . ")"; - $db->sql_query($sql); - - foreach ($attach_id_array as $attach_id) + $filedata['thumbnail'] = 0; +/* if ($filedata['thumbnail']) { - $sql = "SELECT attach_id - FROM " . ATTACHMENTS_TABLE . " - WHERE attach_id = " . $attach_id; - $select_result = $db->sql_query($sql); + if ($upload_mode == 'ftp') + { + $source = $source_filename; + $destination = 'thumbs/t_' . $destination_filename; + } + else + { + $source = $config['upload_dir'] . '/' . $destination_filename; + $destination = phpbb_realpath($config['upload_dir']); + $destination .= '/thumbs/t_' . $destination_filename; + } - if (!is_array($db->sql_fetchrow($select_result))) + if (!create_thumbnail($source, $destination, $filedata['mimetype'])) { - $sql = "SELECT attach_id, physical_filename, thumbnail - FROM " . ATTACHMENTS_DESC_TABLE . " - WHERE attach_id = " . $attach_id; - $result = $db->sql_query($sql); - - // delete attachments - while ($row = $db->sql_fetchrow($result)) + if (!create_thumbnail($source_filename, $destination_filename, $filedata['mimetype'])) { - phpbb_unlink($row['physical_filename'], 'file', $config['use_ftp_upload']); - if (intval($row['thumbnail']) == 1) - { - phpbb_unlink($row['physical_filename'], 'thumbnail', $config['use_ftp_upload']); - } - - $sql = "DELETE FROM " . ATTACHMENTS_DESC_TABLE . " - WHERE attach_id = " . $row['attach_id']; - $db->sql_query($sql); + $filedata['thumbnail'] = 0; } - $db->sql_freeresult($result); } - $db->sql_freeresult($select_result); - } - - // Now Sync the Topic/PM - if ($page == 'privmsgs') + }*/ + return (''); +} + +// Delete File +function phpbb_unlink($filename, $mode = 'file', $use_ftp = false) +{ + global $config, $user; + + if (!$use_ftp) { - foreach ($post_id_array as $privmsgs_id) + $filename = ($mode == 'thumbnail') ? $config['upload_dir'] . '/thumbs/t_' . $filename : $config['upload_dir'] . '/' . $filename; + $deleted = @unlink($filename); + + if (@file_exists($filename)) { - $sql = "SELECT attach_id - FROM " . ATTACHMENTS_TABLE . " - WHERE privmsgs_id = " . $privmsgs_id; - $select_result = $db->sql_query($sql); + $filesys = eregi_replace('/','\\', $filename); + $deleted = @system("del $filesys"); - if (!is_array($db->sql_fetchrow($select_result))) + if (@file_exists($filename)) { - $sql = "UPDATE " . PRIVMSGS_TABLE . " - SET privmsgs_attachment = 0 - WHERE privmsgs_id = " . $privmsgs_id; - $db->sql_query($sql); + @chmod($filename, 0777); + $deleted = @unlink($filename); + if (!$deleted) + { + $deleted = @system("del $filename"); + } } - $db->sql_freeresult($select_result); } } else { - $sql = "SELECT topic_id - FROM " . POSTS_TABLE . " - WHERE post_id IN (" . implode(', ', $post_id_array) . ") - GROUP BY topic_id"; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - $topic_id = intval($row['topic_id']); - - $sql = "SELECT post_id - FROM " . POSTS_TABLE . " - WHERE topic_id = " . $topic_id . " - GROUP BY post_id"; - $result2 = $db->sql_query($sql); - - $post_ids = array(); +/* $conn_id = attach_init_ftp($mode); - while ($post_row = $db->sql_fetchrow($result2)) + if ($mode == MODE_THUMBNAIL) + { + $filename = 't_' . $filename; + } + + $res = @ftp_delete($conn_id, $filename); + if (!$res) + { + if (defined('DEBUG_EXTRA')) { - $post_ids[] = intval($post_row['post_id']); + $add = ( $mode == MODE_THUMBNAIL ) ? ('/' . THUMB_DIR) : ''; + message_die(GENERAL_ERROR, sprintf($lang['Ftp_error_delete'], $attach_config['ftp_path'] . $add)); } - $db->sql_freeresult($result2); - - if (count($post_ids)) - { - $post_id_sql = implode(', ', $post_ids); - - $sql = "SELECT attach_id - FROM " . ATTACHMENTS_TABLE . " - WHERE post_id IN (" . $post_id_sql . ") "; - $select_result = $db->sql_query_limit($sql, 1); - $set_id = ( !is_array($db->sql_fetchrow($select_result))) ? 0 : 1; - $db->sql_freeresult($select_result); - $sql = "UPDATE " . TOPICS_TABLE . " - SET topic_attachment = " . $set_id . " - WHERE topic_id = " . $topic_id; - $db->sql_query($sql); - - foreach ($post_ids as $post_id) - { - $sql = "SELECT attach_id - FROM " . ATTACHMENTS_TABLE . " - WHERE post_id = " . $post_id; - $select_result = $db->sql_query_limit($sql, 1); - $set_id = ( !is_array($db->sql_fetchrow($select_result))) ? 0 : 1; - $db->sql_freeresult($select_result); - - $sql = "UPDATE " . POSTS_TABLE . " - SET post_attachment = " . $set_id . " - WHERE post_id = " . $post_id; - $db->sql_query($sql); - } - } + return ($deleted); } - $db->sql_freeresult($result); + + @ftp_quit($conn_id); + + $deleted = TRUE;*/ } + + return ($deleted); } -// Upload Attachment - filedata is generated here -function upload_attachment($filename) -{ - global $_POST, $_FILES, $auth, $user, $config, $db; - $filedata = array(); - $filedata['error'] = false; - $filedata['err_msg'] = ''; - $filedata['post_attach'] = ($filename != '') ? true : false; +// +// posting.php specific +// - if (!$filedata['post_attach']) - { - return ($filedata); - } - $r_file = $filename; - $file = $_FILES['fileupload']['tmp_name']; - $filedata['mimetype'] = $_FILES['fileupload']['type']; - - // Opera add the name to the mime type - $filedata['mimetype'] = ( strstr($filedata['mimetype'], '; name') ) ? str_replace(strstr($filedata['mimetype'], '; name'), '', $filedata['mimetype']) : $filedata['mimetype']; - $filedata['extension'] = strrchr(strtolower($filename), '.'); - $filedata['extension'][0] = ' '; - $filedata['extension'] = strtolower(trim($filedata['extension'])); - $filedata['extension'] = (is_array($filedata['extension'])) ? '' : $filedata['extension']; - - $filedata['filesize'] = (!@filesize($file)) ? intval($_FILES['size']) : @filesize($file); +// Submit Post +function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_uid, $poll, $attachment_data, $post_data) +{ + global $db, $auth, $user, $config, $phpEx, $SID, $template; - $extensions = array(); - obtain_attach_extensions($extensions); + $search = new fulltext_search(); + $current_time = time(); - // Check Extension - if (!in_array($filedata['extension'], $extensions['_allowed_'])) + $post_data['subject'] = $subject; + + $db->sql_transaction(); + + // Initial Topic table info + if ( ($mode == 'post') || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_data['post_id'])) { - $filedata['error'] = true; - $filedata['err_msg'] = sprintf($user->lang['DISALLOWED_EXTENSION'], $filedata['extension']); - $filedata['post_attach'] = false; - return ($filedata); - } + $topic_sql = array( + 'forum_id' => $post_data['forum_id'], + 'topic_title' => stripslashes($subject), + 'topic_time' => $current_time, + 'topic_type' => $topic_type, + 'topic_approved' => ($auth->acl_get('f_moderate', $post_data['forum_id']) && !$auth->acl_get('f_ignorequeue', $post_data['forum_id'])) ? 0 : 1, + 'icon_id' => $post_data['icon_id'], + 'topic_attachment' => (sizeof($attachment_data['physical_filename'])) ? 1 : 0, + 'topic_poster' => intval($user->data['user_id']), + 'topic_first_poster_name' => ($username != '') ? stripslashes($username) : (($user->data['user_id'] == ANONYMOUS) ? '' : stripslashes($user->data['username'])) + ); - $allowed_filesize = ($extensions[$filedata['extension']]['max_filesize'] != 0) ? $extensions[$filedata['extension']]['max_filesize'] : $config['max_filesize']; - $cat_id = $extensions[$filedata['extension']]['display_cat']; + if (!empty($poll['poll_options'])) + { + $topic_sql = array_merge($topic_sql, array( + 'poll_title' => stripslashes($poll['poll_title']), + 'poll_start' => ($poll['poll_start']) ? $poll['poll_start'] : $current_time, + 'poll_length' => $poll['poll_length'] * 3600) + ); + } - // check Filename - if ( preg_match("/[\\/:*?\"<>|]/i", $filename) ) - { - $filedata['error'] = true; - $filedata['err_msg'] = sprintf($user->lang['INVALID_FILENAME'], $filename); - $filedata['post_attach'] = false; - return ($filedata); + $sql = ($mode == 'post') ? 'INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', $topic_sql) : 'UPDATE ' . TOPICS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $topic_sql) . ' WHERE topic_id = ' . $post_data['topic_id']; + $db->sql_query($sql); + + $post_data['topic_id'] = ($mode == 'post') ? $db->sql_nextid() : $post_data['topic_id']; } - // check php upload-size - if ( ($file == 'none') ) + // Post table info + $post_sql = array( + 'topic_id' => $post_data['topic_id'], + 'forum_id' => $post_data['forum_id'], + 'poster_id' => ($mode == 'edit') ? $post_data['poster_id'] : intval($user->data['user_id']), + 'post_username' => ($username != '') ? stripslashes($username) : '', + 'post_subject' => stripslashes($subject), + 'icon_id' => $post_data['icon_id'], + 'poster_ip' => $user->ip, + 'post_time' => $current_time, + 'post_approved' => ($auth->acl_get('f_moderate', $post_data['forum_id']) && !$auth->acl_get('f_ignorequeue', $post_data['forum_id'])) ? 0 : 1, + 'post_edit_time' => ($mode == 'edit' && $post_data['poster_id'] == $user->data['user_id']) ? $current_time : 0, + 'enable_sig' => $post_data['enable_sig'], + 'enable_bbcode' => $post_data['enable_bbcode'], + 'enable_html' => $post_data['enable_html'], + 'enable_smilies' => $post_data['enable_smilies'], + 'enable_magic_url' => $post_data['enable_urls'], + 'bbcode_uid' => $bbcode_uid, + 'bbcode_bitfield' => $post_data['bbcode_bitfield'], + 'post_edit_locked' => $post_data['post_edit_locked'] + ); + + if ($mode != 'edit' || $post_data['message_md5'] != $post_data['post_checksum']) { - $filedata['error'] = true; - $filedata['err_msg'] = (@ini_get('upload_max_filesize') == '') ? $user->lang['ATTACHMENT_PHP_SIZE_NA'] : sprintf($user->lang['ATTACHMENT_PHP_SIZE_OVERRUN'], @ini_get('upload_max_filesize')); - $filedata['post_attach'] = false; - return ($filedata); + $post_sql = array_merge($post_sql, array( + 'post_checksum' => $post_data['message_md5'], + 'post_text' => $message, + 'post_encoding' => $user->lang['ENCODING'] + )); } + $sql = ($mode == 'edit') ? 'UPDATE ' . POSTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $post_sql) . ' , post_edit_count = post_edit_count + 1 WHERE post_id = ' . $post_data['post_id'] : 'INSERT INTO ' . POSTS_TABLE . ' ' . $db->sql_build_array('INSERT', $post_sql); + $db->sql_query($sql); -/* - // Check Image Size, if it is an image - if ( (!$acl->gets('m_', 'a_')) && ($cat_id == IMAGE_CAT) ) + $post_data['post_id'] = ($mode == 'edit') ? $post_data['post_id'] : $db->sql_nextid(); + + // Submit Poll + if (!empty($poll['poll_options'])) { - list($width, $height) = image_getdimension($file); + $cur_poll_options = array(); + + if ($poll['poll_start'] && $mode == 'edit') + { + $sql = "SELECT * FROM " . POLL_OPTIONS_TABLE . " + WHERE topic_id = " . $post_data['topic_id'] . " + ORDER BY poll_option_id"; + $result = $db->sql_query($sql); - if ( ($width != 0) && ($height != 0) && (intval($attach_config['img_max_width']) != 0) && (intval($attach_config['img_max_height']) != 0) ) + while ($cur_poll_options[] = $db->sql_fetchrow($result)); + $db->sql_freeresult($result); + } + + for ($i = 0; $i < sizeof($poll['poll_options']); $i++) { - if ( ($width > intval($attach_config['img_max_width'])) || ($height > intval($attach_config['img_max_height'])) ) + if (trim($poll['poll_options'][$i]) != '') { - $error = TRUE; - if(!empty($error_msg)) + if (empty($cur_poll_options[$i])) { - $error_msg .= '
'; + $sql = "INSERT INTO " . POLL_OPTIONS_TABLE . " (poll_option_id, topic_id, poll_option_text) + VALUES (" . $i . ", " . $post_data['topic_id'] . ", '" . $db->sql_escape($poll['poll_options'][$i]) . "')"; + $db->sql_query($sql); + } + else if ($poll['poll_options'][$i] != $cur_poll_options[$i]) + { + $sql = "UPDATE " . POLL_OPTIONS_TABLE . " + SET poll_option_text = '" . $db->sql_escape($poll['poll_options'][$i]) . "' + WHERE poll_option_id = " . $cur_poll_options[$i]['poll_option_id']; + $db->sql_query($sql); } - $error_msg .= sprintf($lang['Error_imagesize'], intval($attach_config['img_max_width']), intval($attach_config['img_max_height'])); } } - } -*/ - // check Filesize - if ( ($allowed_filesize != 0) && ($filedata['filesize'] > $allowed_filesize) && (!$acl->gets('m_', 'a_')) ) - { - $size_lang = ($allowed_filesize >= 1048576) ? $user->lang['MB'] : ( ($allowed_filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] ); - - if ($allowed_filesize >= 1048576) - { - $allowed_filesize = round($allowed_filesize / 1048576 * 100) / 100; - } - else if($allowed_filesize >= 1024) - { - $allowed_filesize = round($allowed_filesize / 1024 * 100) / 100; - } - $filedata['error'] = true; - $filedata['err_msg'] = sprintf($user->lang['ATTACHMENT_TOO_BIG'], $allowed_filesize, $size_lang); - $filedata['post_attach'] = false; - return ($filedata); - } - - // Check our complete quota - if ($config['attachment_quota'] != 0) - { - if ($config['total_filesize'] + $filedata['filesize'] > $config['attachment_quota']) + if (sizeof($poll['poll_options']) < sizeof($cur_poll_options)) { - $filedata['error'] = true; - $filedata['err_msg'] = $user->lang['ATTACH_QUOTA_REACHED']; - $filedata['post_attach'] = false; - return ($filedata); + $sql = "DELETE FROM " . POLL_OPTIONS_TABLE . " + WHERE poll_option_id > " . sizeof($poll['poll_options']) . " + AND topic_id = " . $post_data['topic_id']; + $db->sql_query($sql); } } -/* - // If we are at Private Messaging, check our PM Quota - if ($this->page == PAGE_PRIVMSGS) + // Submit Attachments + if (count($attachment_data['attach_id']) && !empty($post_data['post_id']) && ($mode == 'post' || $mode == 'reply' || $mode == 'edit')) { - $to_user = ( isset($_POST['username']) ) ? $_POST['username'] : ''; - - if (intval($config['pm_filesize_limit']) != 0) + for ($i = 0; $i < count($attachment_data['attach_id']); $i++) { - $total_filesize = get_total_attach_pm_filesize('from_user', $user->data['user_id']); - - if ( ($total_filesize + $filedata['filesize'] > intval($config['pm_filesize_limit'])) ) + if ($attachment_data['attach_id'][$i] != '-1') { - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= $lang['Attach_quota_sender_pm_reached']; + // update entry in db if attachment already stored in db and filespace + $attach_sql = array( + 'comment' => trim($attachment_data['comment'][$i]) + ); + + $sql = 'UPDATE ' . ATTACHMENTS_DESC_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $attach_sql) . ' WHERE attach_id = ' . $attachment_data['attach_id'][$i]; + $db->sql_query($sql); } - } - - // Check Receivers PM Quota - if ((!empty($to_user)) && ($userdata['user_level'] != ADMIN)) - { - $sql = "SELECT user_id - FROM " . USERS_TABLE . " - WHERE username = '" . $to_user . "'"; - $result = $db->sql_query($sql); + else + { + // insert attachment into db + $attach_sql = array( + 'physical_filename' => $attachment_data['physical_filename'][$i], + 'real_filename' => $attachment_data['real_filename'][$i], + 'comment' => trim($attachment_data['comment'][$i]), + 'extension' => $attachment_data['extension'][$i], + 'mimetype' => $attachment_data['mimetype'][$i], + 'filesize' => $attachment_data['filesize'][$i], + 'filetime' => $attachment_data['filetime'][$i], + 'thumbnail' => $attachment_data['thumbnail'][$i] + ); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + $sql = 'INSERT INTO ' . ATTACHMENTS_DESC_TABLE . ' ' . $db->sql_build_array('INSERT', $attach_sql); + $db->sql_query($sql); - $user_id = intval($row['user_id']); - $u_data = get_userdata($user_id); - $this->get_quota_limits($u_data, $user_id); + $attach_sql = array( + 'attach_id' => $db->sql_nextid(), + 'post_id' => $post_data['post_id'], + 'privmsgs_id' => 0, + 'user_id_from' => ($mode == 'edit') ? $post_data['poster_id'] : intval($user->data['user_id']), + 'user_id_to' => 0 + ); - if (intval($attach_config['pm_filesize_limit']) != 0) - { - $total_filesize = get_total_attach_pm_filesize('to_user', $user_id); - - if ($total_filesize + $this->filesize > intval($attach_config['pm_filesize_limit'])) - { - $error = TRUE; - if(!empty($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= sprintf($lang['Attach_quota_receiver_pm_reached'], $to_user); - } + $sql = 'INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $attach_sql); + $db->sql_query($sql); } } + + if (count($attachment_data['attach_id']) > 0) + { + $sql = "UPDATE " . POSTS_TABLE . " + SET post_attachment = 1 + WHERE post_id = " . $post_data['post_id']; + $db->sql_query($sql); + + $sql = "UPDATE " . TOPICS_TABLE . " + SET topic_attachment = 1 + WHERE topic_id = " . $post_data['topic_id']; + $db->sql_query($sql); + } } -*/ - $filedata['thumbnail'] = 0; - - // Prepare Values - $filedata['filetime'] = time(); - $filedata['filename'] = stripslashes($r_file); - $filedata['destination_filename'] = strtolower($filedata['filename']); - $filedata['destination_filename'] = $user->data['user_id'] . '_' . $filedata['filetime'] . '.' . $filedata['extension']; - - $filedata['filename'] = str_replace("'", "\'", $filedata['filename']); - -/* - // Do we have to create a thumbnail ? - if ( ($cat_id == IMAGE_CAT) && ($config['img_create_thumbnail']) ) + // Fulltext parse + if ($mode != 'edit' || $post_data['message_md5'] != $post_data['post_checksum']) { - $this->thumbnail = 1; + $result = $search->add($mode, $post_data['post_id'], $message, $subject); } -*/ - // Upload Attachment - if (!$config['use_ftp_upload']) + // Sync forums, topics and users ... + if ($mode != 'edit') { - // Descide the Upload method - if ( @ini_get('open_basedir') ) + // Update forums: last post info, topics, posts ... we need to update + // each parent too ... + $forum_ids = $post_data['forum_id']; + $forum_parents = get_forum_parents($post_data); + foreach ($forum_parents as $parent_forum_id => $parent_name) { - $upload_mode = 'move'; + $forum_ids .= ', ' . $parent_forum_id; + } + + $forum_topics_sql = ($mode == 'post') ? ', forum_topics = forum_topics + 1, forum_topics_real = forum_topics_real + 1' : ''; + $forum_sql = array( + 'forum_last_post_id' => $post_data['post_id'], + 'forum_last_post_time' => $current_time, + 'forum_last_poster_id' => intval($user->data['user_id']), + 'forum_last_poster_name'=> ($user->data['user_id'] == ANONYMOUS) ? stripslashes($username) : $user->data['username'], + ); + + $sql = 'UPDATE ' . FORUMS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $forum_sql) . ', forum_posts = forum_posts + 1' . $forum_topics_sql . ' WHERE forum_id IN (' . $forum_ids . ')'; + $db->sql_query($sql); + + // Update topic: first/last post info, replies + $topic_sql = array( + 'topic_last_post_id' => $post_data['post_id'], + 'topic_last_post_time' => $current_time, + 'topic_last_poster_id' => intval($user->data['user_id']), + 'topic_last_poster_name'=> ($username != '') ? stripslashes($username) : (($user->data['user_id'] == ANONYMOUS) ? '' : stripslashes($user->data['username'])), + ); + + if ($mode == 'post') + { + $topic_sql = array_merge($topic_sql, array( + 'topic_first_post_id' => $post_data['post_id'], + )); } - else if ( @ini_get('safe_mode') ) + + $topic_replies_sql = ($mode == 'reply') ? ', topic_replies = topic_replies + 1, topic_replies_real = topic_replies_real + 1' : ''; + $sql = 'UPDATE ' . TOPICS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $topic_sql) . $topic_replies_sql . ' WHERE topic_id = ' . $post_data['topic_id']; + $db->sql_query($sql); + + // Update user post count ... if appropriate + if ($user->data['user_id'] != ANONYMOUS && $auth->acl_get('f_postcount', $post_data['forum_id'])) { - $upload_mode = 'move'; + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_posts = user_posts + 1 + WHERE user_id = ' . intval($user->data['user_id']); + $db->sql_query($sql); } - else + + // post counts for index, etc. + if ($mode == 'post') { - $upload_mode = 'copy'; + set_config('num_topics', $config['num_topics'] + 1, TRUE); } + + set_config('num_posts', $config['num_posts'] + 1, TRUE); } - else + + // Topic Notification + if ((!$post_data['notify_set']) && ($post_data['notify'])) { - $upload_mode = 'ftp'; + $sql = "INSERT INTO " . TOPICS_WATCH_TABLE . " (user_id, topic_id) + VALUES (" . $user->data['user_id'] . ", " . $post_data['topic_id'] . ")"; + $db->sql_query($sql); + } + else if (($post_data['notify_set']) && (!$post_data['notify'])) + { + $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " + WHERE user_id = " . $user->data['user_id'] . " + AND topic_id = " . $post_data['topic_id']; + $db->sql_query($sql); } + + // Mark this topic as read and posted to. + $mark_mode = ($mode == 'reply' || $mode == 'quote') ? 'post' : 'topic'; + markread($mark_mode, $post_data['forum_id'], $post_data['topic_id'], $post_data['post_id']); - // Ok, upload the File - $result = move_uploaded_attachment($upload_mode, $file, $filedata); + $db->sql_transaction('commit'); - if ($result != '') + // Send Notifications + if (($mode != 'edit') && ($mode != 'delete')) { - $filedata['error'] = true; - $filedata['err_msg'] = $result; - $filedata['post_attach'] = false; + user_notification($mode, stripslashes($post_data['subject']), $post_data['forum_id'], $post_data['topic_id'], $post_data['post_id']); } - return ($filedata); + + $template->assign_vars(array( + 'META' => '') + ); + + $message = ($auth->acl_get('f_moderate', $post_data['forum_id']) && !$auth->acl_get('f_ignorequeue', $post_data['forum_id'])) ? 'POST_STORED_MOD' : 'POST_STORED'; + $message = $user->lang[$message] . '

' . sprintf($user->lang['VIEW_MESSAGE'], '', '') . '

' . sprintf($user->lang['RETURN_FORUM'], '', ''); + trigger_error($message); } -// Move/Upload File - could be used for Avatars too ? -function move_uploaded_attachment($upload_mode, $source_filename, &$filedata) +// User Notification +function user_notification($mode, $subject, $forum_id, $topic_id, $post_id) { - global $user, $config; + global $db, $user, $config, $phpEx; - $destination_filename = $filedata['destination_filename']; - $thumbnail = (isset($filedata['thumbnail'])) ? $filedata['thumbnail'] : false; + $topic_notification = ($mode == 'reply' || $mode == 'quote') ? true : false; + $newtopic_notification = ($mode == 'post') ? true : false; - switch ($upload_mode) + if (empty($censors)) { - case 'copy': - - if ( !@copy($source_filename, $config['upload_dir'] . '/' . $destination_filename) ) - { - if ( !@move_uploaded_file($source_filename, $config['upload_dir'] . '/' . $destination_filename) ) - { - return (sprintf($user->lang['GENERAL_UPLOAD_ERROR'], './' . $config['upload_dir'] . '/' . $destination_filename)); - } - } - @chmod($config['upload_dir'] . '/' . $destination_filename, 0666); - break; - - case 'move': - if ( !@move_uploaded_file($source_filename, $config['upload_dir'] . '/' . $destination_filename) ) - { - if ( !@copy($source_file, $config['upload_dir'] . '/' . $destination_filename) ) - { - return (sprintf($user->lang['GENERAL_UPLOAD_ERROR'], './' . $config['upload_dir'] . '/' . $destination_filename)); - } - } - @chmod($config['upload_dir'] . '/' . $destination_filename, 0666); - break; - - case 'ftp': -/* - $conn_id = init_ftp(); + $censors = array(); + obtain_word_list($censors); + } - // Binary or Ascii ? - $mode = FTP_BINARY; - if ( (preg_match("/text/i", $filedata['mimetype'])) || (preg_match("/html/i", $filedata['mimetype'])) ) - { - $mode = FTP_ASCII; - } + // Get banned User ID's + $sql = "SELECT ban_userid + FROM " . BANLIST_TABLE; + $result = $db->sql_query($sql); - $res = @ftp_put($conn_id, $destination_filename, $source_filename, $mode); - - if (!$res) - { - @ftp_quit($conn_id); - return (sprintf($user->lang['Ftp_error_upload'], $config['ftp_path'])); - } + $sql_ignore_users = ANONYMOUS . ', ' . $user->data['user_id']; + while ($row = $db->sql_fetchrow($result)) + { + if (isset($row['ban_userid'])) + { + $sql_ignore_users = ', ' . $row['ban_userid']; + } + } - @ftp_site($conn_id, 'CHMOD 0644 ' . $destination_filename); - @ftp_quit($conn_id); - break; -*/ + // + if ($topic_notification) + { + $sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, t.topic_title, f.forum_name + FROM " . TOPICS_WATCH_TABLE . " tw, " . TOPICS_TABLE . " t, " . USERS_TABLE . " u, " . FORUMS_TABLE . " f + WHERE tw.topic_id = $topic_id + AND tw.user_id NOT IN ($sql_ignore_users) + AND tw.notify_status = 0 + AND f.forum_id = $forum_id + AND t.topic_id = tw.topic_id + AND u.user_id = tw.user_id"; + } + else if ($newtopic_notification) + { + $sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, f.forum_name + FROM " . USERS_TABLE . " u, " . FORUMS_WATCH_TABLE . " fw, " . FORUMS_TABLE . " f + WHERE fw.forum_id = $forum_id + AND fw.user_id NOT IN ($sql_ignore_users) + AND fw.notify_status = 0 + AND f.forum_id = fw.forum_id + AND u.user_id = fw.user_id"; } + else + { + trigger_error('WRONG_NOTIFICATION_MODE'); + } + $result = $db->sql_query($sql); - $filedata['thumbnail'] = 0; -/* if ($filedata['thumbnail']) + $email_users = array(); + $update_watched_sql_topic = $update_watched_sql_forum = ''; + // + if ($row = $db->sql_fetchrow($result)) { - if ($upload_mode == 'ftp') + if ($topic_notification) { - $source = $source_filename; - $destination = 'thumbs/t_' . $destination_filename; + $topic_title = decode_text($row['topic_title']); + $topic_title = (sizeof($censors)) ? preg_replace($censors['match'], $censors['replace'], $topic_title) : $topic_title; } else { - $source = $config['upload_dir'] . '/' . $destination_filename; - $destination = phpbb_realpath($config['upload_dir']); - $destination .= '/thumbs/t_' . $destination_filename; + $subject = decode_text($subject); + $topic_title = (sizeof($censors)) ? preg_replace($censors['match'], $censors['replace'], $subject) : $subject; } - - if (!create_thumbnail($source, $destination, $filedata['mimetype'])) + + $which_sql = ($topic_notification) ? 'update_watched_sql_topic' : 'update_watched_sql_forum'; + do { - if (!create_thumbnail($source_filename, $destination_filename, $filedata['mimetype'])) + if (trim($row['user_email']) != '') { - $filedata['thumbnail'] = 0; + $row['email_template'] = ($topic_notification) ? 'topic_notify' : 'newtopic_notify'; + $email_users[] = $row; + + $$which_sql .= ($$which_sql != '') ? ', ' . $row['user_id'] : $row['user_id']; } } - }*/ - return (''); -} - -// Delete File -function phpbb_unlink($filename, $mode = 'file', $use_ftp = false) -{ - global $config, $user; - - if (!$use_ftp) + while ($row = $db->sql_fetchrow($result)); + } + + // Handle remaining Notifications (Forum) + if ($topic_notification) { - $filename = ($mode == 'thumbnail') ? $config['upload_dir'] . '/thumbs/t_' . $filename : $config['upload_dir'] . '/' . $filename; - $deleted = @unlink($filename); + $already_notified = ($update_watched_sql_topic == '') ? '' : $update_watched_sql_topic . ', '; + $already_notified .= ($update_watched_sql_forum == '') ? '' : $update_watched_sql_forum . ', '; - if (@file_exists($filename)) + $sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, t.topic_title, f.forum_name + FROM " . TOPICS_TABLE . " t, " . USERS_TABLE . " u, " . FORUMS_WATCH_TABLE . " fw, " . FORUMS_TABLE . " f + WHERE fw.forum_id = $forum_id + AND fw.user_id NOT IN (" . $already_notified . $user->data['user_id'] . ", " . ANONYMOUS . $user_id_sql . " ) + AND fw.notify_status = 0 + AND t.topic_id = $topic_id + AND f.forum_id = fw.forum_id + AND u.user_id = fw.user_id"; + $result = $db->sql_query($sql); + + if ($row = $db->sql_fetchrow($result)) { - $filesys = eregi_replace('/','\\', $filename); - $deleted = @system("del $filesys"); + $topic_title = decode_text($row['topic_title']); + $topic_title = (sizeof($censors)) ? preg_replace($censors['match'], $censors['replace'], $topic_title) : $topic_title; - if (@file_exists($filename)) + do { - @chmod($filename, 0777); - $deleted = @unlink($filename); - if (!$deleted) + if (trim($row['user_email']) != '') { - $deleted = @system("del $filename"); + $row['email_template'] = 'forum_notify'; + $email_users[] = $row; + + $update_watched_sql_forum .= ($update_watched_sql_forum != '') ? ', ' . $row['user_id'] : $row['user_id']; } } + while ($row = $db->sql_fetchrow($result)); } } - else + + // We're going to try and minimise the number of emails we send by using bcc. + // The complication here is that different templates and/or localisations may + // be required so we need to account for these. + if (sizeof($email_users) && $config['email_enable']) { -/* $conn_id = attach_init_ftp($mode); + global $phpbb_root_path, $phpEx; - if ($mode == MODE_THUMBNAIL) + @set_time_limit(60); + + include($phpbb_root_path . 'includes/emailer.'.$phpEx); + $emailer = new emailer(); + + $bcc_list_ary = array(); + foreach ($email_users as $row) { - $filename = 't_' . $filename; + $bcc_list_ary[$row['email_template']][$row['user_lang']] .= (($bcc_list != '') ? ', ' : '') . $row['user_email']; } - - $res = @ftp_delete($conn_id, $filename); - if (!$res) + unset($email_users); + + foreach ($bcc_list_ary as $email_template => $bcc_list) { - if (defined('DEBUG_EXTRA')) + foreach ($bcc_list as $lang => $bcc) { - $add = ( $mode == MODE_THUMBNAIL ) ? ('/' . THUMB_DIR) : ''; - message_die(GENERAL_ERROR, sprintf($lang['Ftp_error_delete'], $attach_config['ftp_path'] . $add)); - } + $emailer->use_template($email_template, $lang); + $emailer->email_address(':;'); + $emailer->extra_headers($email_headers . "Bcc: $bcc\n"); + + $emailer->assign_vars(array( + 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . $config['board_email_sig']), + 'SITENAME' => $config['sitename'], + 'TOPIC_TITLE' => $topic_title, + 'FORUM_NAME' => $row['forum_name'], + + 'U_TOPIC' => generate_board_url() . 'viewtopic.'.$phpEx . '?t=' . $topic_id . '&p=' . $post_id . '#' . $post_id, + 'U_FORUM' => generate_board_url() . 'viewforum.'.$phpEx . '?f=' . $forum_id, + 'U_STOP_WATCHING_TOPIC' => generate_board_url() . 'viewtopic.'.$phpEx . '?t=' . $topic_id . '&unwatch=topic', + 'U_STOP_WATCHING_FORUM' => generate_board_url() . 'viewforum.'.$phpEx . '?f=' . $forum_id . '&unwatch=forum') + ); - return ($deleted); + $emailer->send(); + $emailer->reset(); + } } + } + unset($bcc_list_ary); - @ftp_quit($conn_id); - - $deleted = TRUE;*/ + if ($update_watched_sql_topic != '') + { + $sql = "UPDATE " . TOPICS_WATCH_TABLE . " + SET notify_status = 1 + WHERE topic_id = " . $topic_id . " + AND user_id IN (" . $update_watched_sql_topic . ")"; + $db->sql_query($sql); } - return ($deleted); + if ($update_watched_sql_forum != '') + { + $sql = "UPDATE " . FORUMS_WATCH_TABLE . " + SET notify_status = 1 + WHERE forum_id = " . $forum_id . " + AND user_id IN (" . $update_watched_sql_forum . ")"; + $db->sql_query($sql); + } } ?> \ No newline at end of file -- cgit v1.2.1