<?php

/*
EditorTools自动采集助手-DZ7.0(简体GBK、繁体big5、简繁UTF-8)文章回复接口
----------------------------------
文件名
etreply.php
discuz7.0文章回复文件，请复制在DZ7.0论坛根目录使用，为保密，请自行修改文件名

本接口文件不能独立使用，必须配合discuz7.0文章发布接口文件使用。


附加参数
vercode  安全校验码，须与discuz7.0文章发布接口文件etpost.php中该参数一致。

*/

$vercode=''; //此处取值请自行修改

/*

ET发布配置-文章检查网址处，填写参考如下：
http://您的网址/etreply.php

*/



if ($_REQUEST['vercode']!=$vercode){
 echo("[err]invalid vercode[/err]");
 exit();
}


define('CURSCRIPT', 'post');
define('NOROBOT', TRUE);

//require_once './include/common.inc.php';
//common.inc.php代码开始


error_reporting(0);
set_magic_quotes_runtime(0);
$mtime = explode(' ', microtime());
$discuz_starttime = $mtime[1] + $mtime[0];

define('SYS_DEBUG', FALSE);
define('IN_DISCUZ', TRUE);
//define('DISCUZ_ROOT', substr(dirname(__FILE__), 0, -7));
$DISCUZROOT=ereg_replace("[/\\]{1,}",'/',dirname(__FILE__) ) ;
if (substr($DISCUZROOT,-1,1)!='/')$DISCUZROOT.='/';
define('DISCUZ_ROOT', $DISCUZROOT);

define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());
!defined('CURSCRIPT') && define('CURSCRIPT', '');

if(PHP_VERSION < '4.1.0') {
 $_GET = &$HTTP_GET_VARS;
 $_POST = &$HTTP_POST_VARS;
 $_COOKIE = &$HTTP_COOKIE_VARS;
 $_SERVER = &$HTTP_SERVER_VARS;
 $_ENV = &$HTTP_ENV_VARS;
 $_FILES = &$HTTP_POST_FILES;
}

if (isset($_REQUEST['GLOBALS']) OR isset($_FILES['GLOBALS'])) {
 exit('Request tainting attempted.');
}

require_once DISCUZ_ROOT.'./include/global.func.php';

getrobot();
if(defined('NOROBOT') && IS_ROBOT) {
 exit(header("HTTP/1.1 403 Forbidden"));
}

foreach(array('_COOKIE', '_POST', '_GET') as $_request) {
 foreach($$_request as $_key => $_value) {
  $_key{0} != '_' && $$_key = daddslashes($_value);
 }
}

if (!MAGIC_QUOTES_GPC && $_FILES) {
 $_FILES = daddslashes($_FILES);
}

$charset = $dbs = $dbcharset = $forumfounders = $metakeywords = $extrahead = $seodescription = $mnid = '';
$plugins = $hooks = $admincp = $jsmenu = $forum = $thread = $language = $actioncode = $modactioncode = $lang = array();
$_DCOOKIE = $_DSESSION = $_DCACHE = $_DPLUGIN = $advlist = array();

require_once DISCUZ_ROOT.'./config.inc.php';

if($urlxssdefend && !empty($_SERVER['REQUEST_URI'])) {
 $temp = urldecode($_SERVER['REQUEST_URI']);
 if(strpos($temp, '<') !== false || strpos($temp, '"') !== false)
  exit('Request Bad url');
}

$prelength = strlen($cookiepre);
foreach($_COOKIE as $key => $val) {
 if(substr($key, 0, $prelength) == $cookiepre) {
  $_DCOOKIE[(substr($key, $prelength))] = MAGIC_QUOTES_GPC ? $val : daddslashes($val);
 }
}
unset($prelength, $_request, $_key, $_value);

$inajax = !empty($inajax);
$handlekey = !empty($handlekey) ? htmlspecialchars($handlekey) : '';
$timestamp = time();

if($attackevasive && CURSCRIPT != 'seccode') {
 require_once DISCUZ_ROOT.'./include/security.inc.php';
}

require_once DISCUZ_ROOT.'./include/db_'.$database.'.class.php';


$PHP_SELF = dhtmlspecialchars($_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']);
$BASESCRIPT = basename($PHP_SELF);
list($BASEFILENAME) = explode('.', $BASESCRIPT);
$boardurl = htmlspecialchars('http://'.$_SERVER['HTTP_HOST'].preg_replace("/\/+(api|archiver|wap)?\/*$/i", '', substr($PHP_SELF, 0, strrpos($PHP_SELF, '/'))).'/');

if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {
 $onlineip = getenv('HTTP_CLIENT_IP');
} elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) {
 $onlineip = getenv('HTTP_X_FORWARDED_FOR');
} elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {
 $onlineip = getenv('REMOTE_ADDR');
} elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {
 $onlineip = $_SERVER['REMOTE_ADDR'];
}

preg_match("/[\d\.]{7,15}/", $onlineip, $onlineipmatches);
$onlineip = $onlineipmatches[0] ? $onlineipmatches[0] : 'unknown';
unset($onlineipmatches);

$cachelost = (@include DISCUZ_ROOT.'./forumdata/cache/cache_settings.php') ? '' : 'settings';
@extract($_DCACHE['settings']);

if($gzipcompress && function_exists('ob_gzhandler') && !in_array(CURSCRIPT, array('attachment', 'wap')) && !$inajax) {
 ob_start('ob_gzhandler');
} else {
 $gzipcompress = 0;
 ob_start();
}

if(!empty($loadctrl) && substr(PHP_OS, 0, 3) != 'WIN') {
 if($fp = @fopen('/proc/loadavg', 'r')) {
  list($loadaverage) = explode(' ', fread($fp, 6));
  fclose($fp);
  if($loadaverage > $loadctrl) {
   header("HTTP/1.0 503 Service Unavailable");
   include DISCUZ_ROOT.'./include/serverbusy.htm';
   exit();
  }
 }
}

if(in_array(CURSCRIPT, array('index', 'forumdisplay', 'viewthread', 'post', 'topicadmin', 'register', 'archiver'))) {
 $cachelost .= (@include DISCUZ_ROOT.'./forumdata/cache/cache_'.CURSCRIPT.'.php') ? '' : ' '.CURSCRIPT;
}

$db = new dbstuff;
$db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset);
$dbuser = $dbpw = $pconnect = $sdb = NULL;

$sid = daddslashes(($transsidstatus || CURSCRIPT == 'wap') && (isset($_GET['sid']) || isset($_POST['sid'])) ?
 (isset($_GET['sid']) ? $_GET['sid'] : $_POST['sid']) :
 (isset($_DCOOKIE['sid']) ? $_DCOOKIE['sid'] : ''));

CURSCRIPT == 'attachment' && isset($_GET['sid']) && $sid = addslashes(authcode($_GET['sid'], 'DECODE', $_DCACHE['settings']['authkey']));

$discuz_auth_key = md5($_DCACHE['settings']['authkey'].$_SERVER['HTTP_USER_AGENT']);
list($discuz_pw, $discuz_secques, $discuz_uid) = empty($_DCOOKIE['auth']) ? array('', '', 0) : daddslashes(explode("\t", authcode($_DCOOKIE['auth'], 'DECODE')), 1);






$prompt = $sessionexists = $seccode = 0;
$membertablefields = 'm.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques,
 m.adminid, m.groupid, m.groupexpiry, m.extgroupids, m.email, m.timeoffset, m.tpp, m.ppp, m.posts, m.digestposts,
 m.oltime, m.pageviews, m.credits, m.extcredits1, m.extcredits2, m.extcredits3, m.extcredits4, m.extcredits5,
 m.extcredits6, m.extcredits7, m.extcredits8, m.timeformat, m.dateformat, m.pmsound, m.sigstatus, m.invisible,
 m.lastvisit, m.lastactivity, m.lastpost, m.prompt, m.accessmasks, m.editormode, m.customshow, m.customaddfeed';
/*if($sid) {
 if($discuz_uid) {
  $query = $db->query("SELECT s.sid, s.styleid, s.groupid='6' AS ipbanned, s.pageviews AS spageviews, s.lastolupdate, s.seccode, $membertablefields
   FROM {$tablepre}sessions s, {$tablepre}members m
   WHERE m.uid=s.uid AND s.sid='$sid' AND CONCAT_WS('.',s.ip1,s.ip2,s.ip3,s.ip4)='$onlineip' AND m.uid='$discuz_uid'
   AND m.password='$discuz_pw' AND m.secques='$discuz_secques'");
 } else {
  $query = $db->query("SELECT sid, uid AS sessionuid, groupid, groupid='6' AS ipbanned, pageviews AS spageviews, styleid, lastolupdate, seccode
   FROM {$tablepre}sessions WHERE sid='$sid' AND CONCAT_WS('.',ip1,ip2,ip3,ip4)='$onlineip'");
 }
 if($_DSESSION = $db->fetch_array($query)) {
  $sessionexists = 1;
  if(!empty($_DSESSION['sessionuid'])) {
   $_DSESSION = array_merge($_DSESSION, $db->fetch_first("SELECT $membertablefields
    FROM {$tablepre}members m WHERE uid='$_DSESSION[sessionuid]'"));
  }
 } else {
  if($_DSESSION = $db->fetch_first("SELECT sid, groupid, groupid='6' AS ipbanned, pageviews AS spageviews, styleid, lastolupdate, seccode
   FROM {$tablepre}sessions WHERE sid='$sid' AND CONCAT_WS('.',ip1,ip2,ip3,ip4)='$onlineip'")) {
   clearcookies();
   $sessionexists = 1;
  }
 }
}
*/

if(!$sessionexists) {

 if (empty($username) || empty($password)) {
  echo("[err]username or password is empty[/err]");
  exit(); 
  }
 else{

   if(!($_DSESSION = $db->fetch_first("SELECT $membertablefields, m.styleid
   FROM {$tablepre}members m WHERE m.username='".addslashes($username)."'"))) {
   clearcookies();
   }
 }
 $discuz_uid=$_DSESSION['discuz_uid'];
 $discuz_pw=$_DSESSION['discuz_pw'];
 $discuz_user=$_DSESSION['discuz_user'];
/*
 if($discuz_uid) {
  if(!($_DSESSION = $db->fetch_first("SELECT $membertablefields, m.styleid
   FROM {$tablepre}members m WHERE m.uid='$discuz_uid' AND m.password='$discuz_pw' AND m.secques='$discuz_secques'"))) {
   clearcookies();
  }
 }
*/
 
 if(ipbanned($onlineip)) $_DSESSION['ipbanned'] = 1;

 $_DSESSION['sid'] = random(6);
 $_DSESSION['seccode'] = random(6, 1);
}

$_DSESSION['dateformat'] = empty($_DSESSION['dateformat']) || empty($_DCACHE['settings']['userdateformat'][$_DSESSION['dateformat'] -1])? $_DCACHE['settings']['dateformat'] : $_DCACHE['settings']['userdateformat'][$_DSESSION['dateformat'] -1];
$_DSESSION['timeformat'] = empty($_DSESSION['timeformat']) ? $_DCACHE['settings']['timeformat'] : ($_DSESSION['timeformat'] == 1 ? 'h:i A' : 'H:i');
$_DSESSION['timeoffset'] = isset($_DSESSION['timeoffset']) && $_DSESSION['timeoffset'] != 9999 ? $_DSESSION['timeoffset'] : $_DCACHE['settings']['timeoffset'];

$membertablefields = '';
@extract($_DSESSION);

$newpm = $prompt & 1;
$doingtask = $prompt & 2 ? 1 : 0;

$lastvisit = empty($lastvisit) ? $timestamp - 86400 : $lastvisit;
$timenow = array('time' => gmdate("$dateformat $timeformat", $timestamp + 3600 * $timeoffset),
 'offset' => ($timeoffset >= 0 ? ($timeoffset == 0 ? '' : '+'.$timeoffset) : $timeoffset));

if(PHP_VERSION > '5.1') {
 @date_default_timezone_set('Etc/GMT'.($timeoffset > 0 ? '-' : '+').(abs($timeoffset)));
}

$accessadd1 = $accessadd2 = $modadd1 = $modadd2 = $metadescription = '';
if(empty($discuz_uid) || empty($discuz_user)) {
 $discuz_user = $extgroupids = '';
 $discuz_uid = $adminid = $posts = $digestposts = $pageviews = $oltime = $invisible
  = $credits = $extcredits1 = $extcredits2 = $extcredits3 = $extcredits4
  = $extcredits5 = $extcredits6 = $extcredits7 = $extcredits8 = 0;
 $groupid = empty($groupid) || $groupid != 6 ? 7 : 6;

} else {
 $discuz_userss = $discuz_user;
 $discuz_user = addslashes($discuz_user);

 if($accessmasks) {
  $accessadd1 = ', a.allowview, a.allowpost, a.allowreply, a.allowgetattach, a.allowpostattach';
  $accessadd2 = "LEFT JOIN {$tablepre}access a ON a.uid='$discuz_uid' AND a.fid=f.fid";
 }

 if($adminid == 3) {
  $modadd1 = ', m.uid AS ismoderator';
  $modadd2 = "LEFT JOIN {$tablepre}moderators m ON m.uid='$discuz_uid' AND m.fid=f.fid";
 }
}
/*
if($errorreport == 2 || ($errorreport == 1 && $adminid > 0)) {
 error_reporting(E_ERROR | E_WARNING | E_PARSE);
}
*/

define('FORMHASH', formhash());

$statstatus && !$inajax && require_once DISCUZ_ROOT.'./include/counter.inc.php';

$extra = isset($extra) && @preg_match("/^[&=;a-z0-9]+$/i", $extra) ? $extra : '';

$rsshead = $navtitle = $navigation = '';

$_DSESSION['groupid'] = $groupid = empty($ipbanned) ? (empty($groupid) ? 7 : intval($groupid)) : 6;
if(!@include DISCUZ_ROOT.'./forumdata/cache/usergroup_'.$groupid.'.php') {
 $grouptype = $db->result_first("SELECT type FROM {$tablepre}usergroups WHERE groupid='$groupid'");
 if(!empty($grouptype)) {
  $cachelost .= ' usergroup_'.$groupid;
 } else {
  $grouptype = 'member';
 }
}

/*
$link_login = 'logging.php?action=login';
$link_logout = 'logging.php?action=logout&amp;formhash='.FORMHASH;
$link_register = $regname;
*/

if($discuz_uid && $_DSESSION) {
 if(!empty($groupexpiry) && $groupexpiry < $timestamp && !in_array(CURSCRIPT, array('wap', 'member'))) {
  dheader("Location: {$boardurl}member.php?action=groupexpiry");
 } elseif($grouptype && $groupid != getgroupid($discuz_uid, array
  (
  'type' => $grouptype,
  'creditshigher' => $groupcreditshigher,
  'creditslower' => $groupcreditslower
  ), $_DSESSION)) {
  @extract($_DSESSION);
  $cachelost .= (@include DISCUZ_ROOT.'./forumdata/cache/usergroup_'.intval($groupid).'.php') ? '' : ' usergroup_'.$groupid;
 }
}

$tpp = intval(empty($_DSESSION['tpp']) ? $topicperpage : $_DSESSION['tpp']);
$ppp = intval(empty($_DSESSION['ppp']) ? $postperpage : $_DSESSION['ppp']);

if(!in_array($adminid, array(1, 2, 3))) {
 $alloweditpost = $alloweditpoll = $allowstickthread = $allowmodpost = $allowdelpost = $allowmassprune
  = $allowrefund = $allowcensorword = $allowviewip = $allowbanip = $allowedituser = $allowmoduser
  = $allowbanuser = $allowpostannounce = $allowviewlog = $disablepostctrl = 0;
} elseif(isset($radminid) && $adminid != $radminid && $adminid != $groupid) {
 $cachelost .= (@include DISCUZ_ROOT.'./forumdata/cache/admingroup_'.intval($adminid).'.php') ? '' : ' admingroup_'.$groupid;
}


$page = isset($page) ? max(1, intval($page)) : 1;
$tid = isset($tid) && is_numeric($tid) ? $tid : 0;
$fid = isset($fid) && is_numeric($fid) ? $fid : 0;
$typeid = isset($typeid) ? intval($typeid) : 0;

$modthreadkey = isset($modthreadkey) && $modthreadkey == modthreadkey($tid) ? $modthreadkey : '';
$auditstatuson = $modthreadkey ? true : false;

if(!empty($tid) || !empty($fid)) {
 if(empty($tid)) {
  $forum = $db->fetch_first("SELECT f.fid, f.*, ff.* $accessadd1 $modadd1, f.fid AS fid
   FROM {$tablepre}forums f
   LEFT JOIN {$tablepre}forumfields ff ON ff.fid=f.fid $accessadd2 $modadd2
   WHERE f.fid='$fid'");
 } else {
  $forum = $db->fetch_first("SELECT t.tid, t.closed,".(defined('SQL_ADD_THREAD') ? SQL_ADD_THREAD : '')." f.*, ff.* $accessadd1 $modadd1, f.fid AS fid
   FROM {$tablepre}threads t
   INNER JOIN {$tablepre}forums f ON f.fid=t.fid
   LEFT JOIN {$tablepre}forumfields ff ON ff.fid=f.fid $accessadd2 $modadd2
   WHERE t.tid='$tid'".($auditstatuson ? '' : " AND t.displayorder>='0'")." LIMIT 1");
  $tid = $forum['tid'];
 }

 if($forum) {
  $fid = $forum['fid'];
  $forum['ismoderator'] = !empty($forum['ismoderator']) || $adminid == 1 || $adminid == 2 ? 1 : 0;
  foreach(array('postcredits', 'replycredits', 'threadtypes', 'threadsorts', 'digestcredits', 'postattachcredits', 'getattachcredits') as $key) {
   $forum[$key] = !empty($forum[$key]) ? unserialize($forum[$key]) : array();
  }
 } else {
  $fid = 0;
 }
}

$styleid = intval(!empty($_GET['styleid']) ? $_GET['styleid'] :
  (!empty($_POST['styleid']) ? $_POST['styleid'] :
  (!empty($_DSESSION['styleid']) ? $_DSESSION['styleid'] :
  $_DCACHE['settings']['styleid'])));

$styleid = intval(isset($styles[$styleid]) ? $styleid : $_DCACHE['settings']['styleid']);

if(@!include DISCUZ_ROOT.'./forumdata/cache/style_'.intval(!empty($forum['styleid']) ? $forum['styleid'] : $styleid).'.php') {
 $cachelost .= (@include DISCUZ_ROOT.'./forumdata/cache/style_'.($styleid = $_DCACHE['settings']['styleid']).'.php') ? '' : ' style_'.$styleid;
}

if($cachelost) {
 require_once DISCUZ_ROOT.'./include/cache.func.php';
 updatecache();
 exit('Cache List: '.$cachelost.'<br />Caches successfully created, please refresh.');
}

if(CURSCRIPT != 'wap') {
 if($nocacheheaders) {
  @dheader("Expires: 0");
  @dheader("Cache-Control: private, post-check=0, pre-check=0, max-age=0", FALSE);
  @dheader("Pragma: no-cache");
 }
 if($headercharset) {
  @dheader('Content-Type: text/html; charset='.$charset);
 }
 if(empty($_DCOOKIE['sid']) || $sid != $_DCOOKIE['sid']) {
  dsetcookie('sid', $sid, 604800, 1, true);
 }
}

$_DCOOKIE['loginuser'] = !empty($_DCOOKIE['loginuser']) ? substr(htmlspecialchars($_DCOOKIE['loginuser']), 0, 15) : '';

if(!empty($insenz['cronnextrun']) && $insenz['cronnextrun'] <= $timestamp) {
 require_once DISCUZ_ROOT.'./include/insenz_cron.func.php';
 insenz_runcron();
} elseif($cronnextrun && $cronnextrun <= $timestamp) {
 require_once DISCUZ_ROOT.'./include/cron.func.php';
 runcron();
} elseif(isset($insenz['statsnextrun']) && $insenz['statsnextrun'] <= $timestamp) {
 require_once DISCUZ_ROOT.'./include/insenz_cron.func.php';
 insenz_onlinestats();
}

if(isset($plugins['include']) && is_array($plugins['include'])) {
 foreach($plugins['include'] as $include) {
  if(!$include['adminid'] || ($include['adminid'] && $include['adminid'] >= $adminid)) {
   @include_once DISCUZ_ROOT.'./plugins/'.$include['script'].'.inc.php';
  }
 }
}

if((!empty($_DCACHE['advs']) || $globaladvs) && !defined('IN_ADMINCP')) {
 require_once DISCUZ_ROOT.'./include/advertisements.inc.php';
}

if(isset($allowvisit) && $allowvisit == 0 && !(CURSCRIPT == 'member' && ($action == 'groupexpiry' || $action == 'activate'))) {
 showmessage('user_banned', NULL, 'HALTED');
} elseif(!(in_array(CURSCRIPT, array('logging', 'wap', 'seccode', 'ajax')) || $adminid == 1)) {
 if($bbclosed) {
  clearcookies();
  $closedreason = $db->result_first("SELECT value FROM {$tablepre}settings WHERE variable='closedreason'");
  showmessage($closedreason ? $closedreason : 'board_closed', NULL, 'NOPERM');
 }
 periodscheck('visitbanperiods');
}

if((!empty($fromuid) || !empty($fromuser)) && ($creditspolicy['promotion_visit'] || $creditspolicy['promotion_register'])) {
 require_once DISCUZ_ROOT.'/include/promotion.inc.php';
}

if($uc['addfeed']) {
 $customaddfeed = $customaddfeed == '-1' ? 0 : ($customaddfeed == 0 ? $uc['addfeed'] : intval($customaddfeed));
} else {
 $customaddfeed = 0;
}

$rssauth = $rssstatus && $discuz_uid ? rawurlencode(authcode("$discuz_uid\t".($fid ? $fid : '')."\t".substr(md5($discuz_pw.$discuz_secques), 0, 8), 'ENCODE', md5($_DCACHE['settings']['authkey']))) : '0';
$transferstatus = $transferstatus && $allowtransfer;
$feedpostnum = $feedpostnum && $uchomeurl ? intval($feedpostnum) : 0;



//common.inc.php代码结束


require_once DISCUZ_ROOT.'./include/post.func.php';


$_DTYPE = $checkoption = $optionlist = array();
if($sortid) {
 threadsort_checkoption();
}


$action= 'reply';
/*
if (($action != 'reply') && ($action != 'newthread' )){
 echo("[err]undefined_action[/err]");
 exit;
}
*/
/*
if(empty($action)) {

 showmessage('undefined_action', NULL, 'HALTED');
}
elseif($action == 'threadsorts') {
 threadsort_optiondata();
 $template = intval($operate) ? 'search_sortoption' : 'post_sortoption';
 include template($template);
 exit;

} elseif(($forum['simple'] & 1) || $forum['redirect']) {
 showmessage('forum_disablepost');
}
*/
require_once DISCUZ_ROOT.'./include/discuzcode.func.php';

$customaddfeed = $customaddfeed ? $customaddfeed : $uchome['addfeed'];

if($action == 'reply') {
 $addfeedcheck = $customaddfeed & 4 ? 'checked="checked"': '';
} elseif(!empty($special) && $action != 'reply') {
 $addfeedcheck = $customaddfeed & 2 ? 'checked="checked"': '';
} else {
 $addfeedcheck = $customaddfeed & 1 ? 'checked="checked"': '';
}


$navigation = $navtitle = $thread = '';
if(!empty($cedit)) {
 unset($inajax, $infloat, $ajaxtarget, $handlekey);
}

if($action == 'edit' || $action == 'reply') {

 if($thread = $db->fetch_first("SELECT * FROM {$tablepre}threads WHERE tid='$tid'".($auditstatuson ? '' : " AND displayorder>='0'"))) {

  $navigation = "&raquo; <a href=\"viewthread.php?tid=$tid\">$thread[subject]</a>";
  $navtitle = $thread['subject'].' - ';
  /*if($thread['readperm'] && $thread['readperm'] > $readaccess && !$forum['ismoderator'] && $thread['authorid'] != $discuz_uid) {
   showmessage('thread_nopermission', NULL, 'NOPERM');
  }
*/
  $fid = $thread['fid'];
  $special = $thread['special'];

 } else {
  //showmessage('thread_nonexistence');
  echo("[err]thread is no exists[/err]");
  exit();
 }
 /*
 if($action == 'reply' && ($thread['closed'] == 1) && !$forum['ismoderator']) {
  showmessage('post_thread_closed');
 }
 */
}

$navigation = "&raquo; <a href=\"forumdisplay.php?fid=$fid".($extra ? '&'.preg_replace("/^(&)*/", '', $extra) : '')."\">$forum[name]</a> $navigation";
$navtitle = $navtitle.strip_tags($forum['name']).' - ';

if($forum['type'] == 'sub') {
 $fup = $db->fetch_first("SELECT name, fid FROM {$tablepre}forums WHERE fid='$forum[fup]'");
 $navigation = "&raquo; <a href=\"forumdisplay.php?fid=$fup[fid]\">$fup[name]</a> $navigation";
 $navtitle = $navtitle.strip_tags($fup['name']).' - ';
}

periodscheck('postbanperiods');
/*
if($forum['password'] && $forum['password'] != $_DCOOKIE['fidpw'.$fid]) {
 showmessage('forum_passwd', "forumdisplay.php?fid=$fid");
}

if(empty($forum['allowview'])) {
 if(!$forum['viewperm'] && !$readaccess) {
  showmessage('group_nopermission', NULL, 'NOPERM');
 } elseif($forum['viewperm'] && !forumperm($forum['viewperm'])) {
  showmessage('forum_nopermission', NULL, 'NOPERM');
 }
} elseif($forum['allowview'] == -1) {
 showmessage('forum_access_view_disallow');
}
*/
formulaperm($forum['formulaperm']);
/*
if(!$adminid && $newbiespan && (!$lastpost || $timestamp - $lastpost < $newbiespan * 3600)) {
 if($timestamp - ($db->result_first("SELECT regdate FROM {$tablepre}members WHERE uid='$discuz_uid'")) < $newbiespan * 3600) {
  showmessage('post_newbie_span');
 }
}
*/
$special = empty($special) || !is_numeric($special) || $special < 0 || $special > 6 ? 0 : intval($special);

$allowpostattach = $forum['allowpostattach'] != -1 && ($forum['allowpostattach'] == 1 || (!$forum['postattachperm'] && $allowpostattach) || ($forum['postattachperm'] && forumperm($forum['postattachperm'])));
$attachextensions = $forum['attachextensions'] ? $forum['attachextensions'] : $attachextensions;
$enctype = $allowpostattach ? 'enctype="multipart/form-data"' : '';
$maxattachsize_mb = $maxattachsize / 1048576 >= 1 ? round(($maxattachsize / 1048576), 1).'M' : round(($maxattachsize / 1024)).'K';

$postcredits = $forum['postcredits'] ? $forum['postcredits'] : $creditspolicy['post'];
$replycredits = $forum['replycredits'] ? $forum['replycredits'] : $creditspolicy['reply'];
$digestcredits = $forum['digestcredits'] ? $forum['digestcredits'] : $creditspolicy['digest'];
$postattachcredits = $forum['postattachcredits'] ? $forum['postattachcredits'] : $creditspolicy['postattach'];

$maxprice = isset($extcredits[$creditstrans]) ? $maxprice : 0;

$extra = rawurlencode($extra);
$notifycheck = empty($emailnotify) ? '' : 'checked="checked"';
$stickcheck = empty($sticktopic) ? '' : 'checked="checked"';
$digestcheck = empty($addtodigest) ? '' : 'checked="checked"';

$subject = isset($subject) ? dhtmlspecialchars(censor(trim($subject))) : '';
$subject = !empty($subject) ? str_replace("\t", ' ', $subject) : $subject;
$message = isset($message) ? censor(trim($message)) : '';
$polloptions = isset($polloptions) ? censor(trim($polloptions)) : '';
$readperm = isset($readperm) ? intval($readperm) : 0;
$price = isset($price) ? intval($price) : 0;
$tagstatus = $tagstatus && $forum['allowtag'] ? ($tagstatus == 2 ? 2 : $forum['allowtag']) : 0;

if(empty($bbcodeoff) && !$allowhidecode && !empty($message) && preg_match("/\[hide=?\d*\].+?\[\/hide\]/is", preg_replace("/(\[code\](.+?)\[\/code\])/is", ' ', $message))) {
 showmessage('post_hide_nopermission');
}

if(periodscheck('postmodperiods', 0)) {
 $modnewthreads = $modnewreplies = 1;
} else {
 $censormod = censormod($subject."\t".$message);
 $modnewthreads = (!$allowdirectpost || $allowdirectpost == 1) && ($forum['modnewposts'] || $censormod) ? 1 : 0;
 $modnewreplies = (!$allowdirectpost || $allowdirectpost == 2) && ($forum['modnewposts'] == 2 || $censormod) ? 1 : 0;
}

$urloffcheck = $usesigcheck = $smileyoffcheck = $codeoffcheck = $htmloncheck = $emailcheck = '';

$seccodecheck = ($seccodestatus & 4) && (!$seccodedata['minposts'] || $posts < $seccodedata['minposts']);
$secqaacheck = $secqaa['status'][2] && (!$secqaa['minposts'] || $posts < $secqaa['minposts']);

$allowpostpoll = $allowpost && $allowpostpoll && ($forum['allowpostspecial'] & 1);
$allowposttrade = $allowpost && $allowposttrade && ($forum['allowpostspecial'] & 2);
$allowpostreward = $allowpost && $allowpostreward && ($forum['allowpostspecial'] & 4) && isset($extcredits[$creditstrans]);
$allowpostactivity = $allowpost && $allowpostactivity && ($forum['allowpostspecial'] & 8);
$allowpostdebate = $allowpost && $allowpostdebate && ($forum['allowpostspecial'] & 16);
$allowpostvideo = $allowpost && $allowpostvideo && ($forum['allowpostspecial'] & 32) && $videoopen;
$usesigcheck = $discuz_uid && $sigstatus ? 'checked="checked"' : '';

$allowanonymous = $forum['allowanonymous'] || $allowanonymous ? 1 : 0;

if($action == 'newthread' && $forum['allowspecialonly'] && !$special) {
 if($allowpostpoll) {
  $special = 1;
 } elseif($allowposttrade) {
  $special = 2;
 } elseif($allowpostreward) {
  $special = 3;
 } elseif($allowpostactivity) {
  $special = 4;
 } elseif($allowpostdebate) {
  $special = 5;
 } elseif($allowpostvideo) {
  $special = 6;
 }
 if(!$special) {
  showmessage('undefined_action', NULL, 'HALTED');
 }
}

$editorid = 'e';
$editoroptions = str_pad(decbin($editoroptions), 2, 0, STR_PAD_LEFT);
$editormode = $editormode == 2 ? $editoroptions{0} : $editormode;
$allowswitcheditor = $editoroptions{1};

$swfupload = $swfupload && $allowpostattach;
if($swfupload) {
 require_once DISCUZ_ROOT.'./include/swfupload.func.php';
 $swfattachs = getswfattach();
}

if(!empty($infloat)) {
 $policyarray = array();
 foreach($creditspolicy as $operation => $policy) {  
  if(in_array($operation, array('post', 'reply', 'digest', 'postattach', 'getattach'))) {
   $policyarray[$operation] = $policy;
   if($forum) {
    $policyarray[$operation] = $forum[$operation.'credits'] ? $forum[$operation.'credits'] : $creditspolicy[$operation];
   }
  }
 }
 
 $creditsarray = array();
 for($i = 1; $i <= 8; $i++) {
  if(isset($extcredits[$i])) {
   foreach($policyarray as $operation => $policy) {
    $addcredits = in_array($operation, array('getattach', 'forum_getattach')) ? -$policy[$i] : $policy[$i];
    $creditsarray[$operation][$i] = empty($policy[$i]) ? 0 : (is_numeric($policy[$i]) ? '<b>'.($addcredits > 0 ? '+'.$addcredits : $addcredits).'</b> '.$extcredits[$i]['unit'] : $policy[$i]);
   }
  }
 }
}

$posturl = "action=$action&fid=$fid".
 (!empty($tid) ? "&tid=$tid" : '').
 (!empty($pid) ? "&pid=$pid" : '').
 (!empty($special) ? "&special=$special" : '').
 (!empty($sortid) ? "&sortid=$sortid" : '').
 (!empty($typeid) ? "&sortid=$typeid" : '').
 (!empty($firstpid) ? "&firstpid=$firstpid" : '').
 (!empty($addtrade) ? "&addtrade=$addtrade" : '');

/*
if($action == 'newthread') {
 ($forum['allowpost'] == -1) && showmessage('forum_access_disallow');
 require_once DISCUZ_ROOT.'./include/newthread.inc.php';
} elseif($action == 'reply') {
 ($forum['allowreply'] == -1) && showmessage('forum_access_disallow');
 require_once DISCUZ_ROOT.'./include/newreply.inc.php';
} elseif($action == 'edit') {
 ($forum['allowpost'] == -1) && showmessage('forum_access_disallow');
 require_once DISCUZ_ROOT.'./include/editpost.inc.php';
} elseif($action == 'newtrade') {
 ($forum['allowpost'] == -1) && showmessage('forum_access_disallow');
 require_once DISCUZ_ROOT.'./include/newtrade.inc.php';
}
*/

//newreply.inc.php开始
if(!defined('IN_DISCUZ')) {
 exit('Access Denied');
}

$discuz_action = 12;
/*
if($special == 5) {
 $debate = array_merge($thread, $db->fetch_first("SELECT * FROM {$tablepre}debates WHERE tid='$tid'"));
 $firststand = $db->result_first("SELECT stand FROM {$tablepre}debateposts WHERE tid='$tid' AND uid='$discuz_uid' AND stand<>'0' ORDER BY dateline LIMIT 1");

 if($debate['endtime'] && $debate['endtime'] < $timestamp) {
  showmessage('debate_end');
 }
}

if(!$discuz_uid && !((!$forum['replyperm'] && $allowreply) || ($forum['replyperm'] && forumperm($forum['replyperm'])))) {
 showmessage('group_nopermission', NULL, 'NOPERM');
} elseif(empty($forum['allowreply'])) {
 if(!$forum['replyperm'] && !$allowreply) {
  showmessage('group_nopermission', NULL, 'NOPERM');
 } elseif($forum['replyperm'] && !forumperm($forum['replyperm'])) {
  showmessage('post_forum_newreply_nopermission', NULL, 'HALTED');
 }
} elseif($forum['allowreply'] == -1) {
 showmessage('post_forum_newreply_nopermission', NULL, 'HALTED');
}
*/

/*
if(empty($thread)) {
 showmessage('thread_nonexistence');
} elseif($thread['price'] > 0 && $thread['special'] == 0 && !$discuz_uid) {
 showmessage('group_nopermission', NULL, 'NOPERM');
}
*/
//checklowerlimit($replycredits);

/*if(!submitcheck('replysubmit', 0, $seccodecheck, $secqaacheck)) {

 if($thread['special'] == 2 && ((!isset($addtrade) || $thread['authorid'] != $discuz_uid) && !$tradenum = $db->result_first("SELECT count(*) FROM {$tablepre}trades WHERE tid='$tid'"))) {
  showmessage('trade_newreply_nopermission', NULL, 'HALTED');
 }

 include_once language('misc');
 if(isset($repquote)) {

  $thaquote = $db->fetch_first("SELECT tid, fid, author, authorid, first, message, useip, dateline, anonymous, status FROM {$tablepre}posts WHERE pid='$repquote' AND invisible='0'");
  if($thaquote['tid'] != $tid) {
   showmessage('undefined_action', NULL, 'HALTED');
  }

  if(!($thread['price'] && !$thread['special'] && $thaquote['first'])) {
   $quotefid = $thaquote['fid'];
   $message = $thaquote['message'];

   if($bannedmessages && $thaquote['authorid']) {
    $author = $db->fetch_first("SELECT groupid FROM {$tablepre}members WHERE uid='$thaquote[authorid]'");
    if(!$author['groupid'] || $author['groupid'] == 4 || $author['groupid'] == 5) {
     $message = $language['post_banned'];
    } elseif($thaquote['status'] & 1) {
     $message = $language['post_single_banned'];
    }
   }

   $time = gmdate("$dateformat $timeformat", $thaquote['dateline'] + ($timeoffset * 3600));
   $bbcodes = 'b|i|u|color|size|font|align|list|indent|url|email|code|free|table|tr|td|img|swf|attach|payto|float'.($_DCACHE['bbcodes_display'] ? '|'.implode('|', array_keys($_DCACHE['bbcodes_display'])) : '');
   $message = cutstr(strip_tags(preg_replace(array(
     "/\[hide=?\d*\](.+?)\[\/hide\]/is",
     "/\[quote](.*)\[\/quote]/siU",
     $language['post_edit_regexp'],
     "/\[($bbcodes)=?.*\]/iU",
     "/\[\/($bbcodes)\]/i",
    ), array(
     "[b]$language[post_hidden][/b]",
     '',
     '',
     '',
     ''
    ), $message)), 200);

   $thaquote['useip'] = substr($thaquote['useip'], 0, strrpos($thaquote['useip'], '.')).'.x';
   if($thaquote['author'] && $thaquote['anonymous']) {
       $thaquote['author'] = 'Anonymous';
   } elseif(!$thaquote['author']) {
       $thaquote['author'] = 'Guest from '.$thaquote['useip'];
   } else {
       $thaquote['author'] = $thaquote['author'];
   }

   eval("\$language['post_reply_quote'] = \"$language[post_reply_quote]\";");
   $message = "[quote]$message\n[size=2][color=#999999]$language[post_reply_quote][/color] [url={$boardurl}redirect.php?goto=findpost&pid=$repquote&ptid=$tid][img]{$boardurl}images/common/back.gif[/img][/url][/size][/quote]\n";
  }

 } elseif(isset($reppost)) {

  $thapost = $db->fetch_first("SELECT tid, author, authorid, useip, dateline, anonymous, status FROM {$tablepre}posts WHERE pid='$reppost' AND invisible='0'");
  if($thapost['tid'] != $tid) {
   showmessage('undefined_action', NULL, 'HALTED');
  }


  $thapost['useip'] = substr($thapost['useip'], 0, strrpos($thapost['useip'], '.')).'.x';
  if($thapost['author'] && $thapost['anonymous']) {
      $thapost['author'] = '[i]Anonymous[/i]';
  } elseif(!$thapost['author']) {
      $thapost['author'] = '[i]Guest[/i] from '.$thapost['useip'];
  } else {
      $thapost['author'] = '[i]'.$thapost['author'].'[/i]';
  }
  $thapost['number'] = $db->result_first("SELECT count(*) FROM {$tablepre}posts WHERE tid='$thapost[tid]' AND dateline<='$thapost[dateline]'");
  $message = "[b]$lang[post_reply] [url={$boardurl}redirect.php?goto=findpost&pid=$reppost&ptid=$thapost[tid]]$thapost[number]#[/url] $thapost[author] $lang[post_thread][/b]\n\n\n";

 }

 if(isset($addtrade) && $thread['special'] == 2 && $allowposttrade && $thread['authorid'] == $discuz_uid) {
  $expiration_7days = date('Y-m-d', $timestamp + 86400 * 7);
  $expiration_14days = date('Y-m-d', $timestamp + 86400 * 14);
  $trade['expiration'] = $expiration_month = date('Y-m-d', mktime(0, 0, 0, date('m')+1, date('d'), date('Y')));
  $expiration_3months = date('Y-m-d', mktime(0, 0, 0, date('m')+3, date('d'), date('Y')));
  $expiration_halfyear = date('Y-m-d', mktime(0, 0, 0, date('m')+6, date('d'), date('Y')));
  $expiration_year = date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y')+1));
 }

 if($thread['replies'] <= $ppp) {
  $postlist = array();
  $query = $db->query("SELECT p.* ".($bannedmessages ? ', m.groupid ' : '').
   "FROM {$tablepre}posts p ".($bannedmessages ? "LEFT JOIN {$tablepre}members m ON p.authorid=m.uid " : '').
   "WHERE p.tid='$tid' AND p.invisible='0' ".($thread['price'] > 0 && $thread['special'] == 0 ? 'AND p.first = 0' : '')." ORDER BY p.dateline DESC");
  while($post = $db->fetch_array($query)) {

   $post['dateline'] = dgmdate("$dateformat $timeformat", $post['dateline'] + $timeoffset * 3600);

   if($bannedmessages && ($post['authorid'] && (!$post['groupid'] || $post['groupid'] == 4 || $post['groupid'] == 5))) {
    $post['message'] = $language['post_banned'];
   } elseif($post['status'] & 1) {
    $post['message'] = $language['post_single_banned'];
   } else {
    $post['message'] = preg_replace("/\[hide=?\d*\](.+?)\[\/hide\]/is", "[b]$language[post_hidden][/b]", $post['message']);
    $post['message'] = discuzcode($post['message'], $post['smileyoff'], $post['bbcodeoff'], $post['htmlon'] & 1, $forum['allowsmilies'], $forum['allowbbcode'], $forum['allowimgcode'], $forum['allowhtml'], $forum['jammer']);
   }

   $postlist[] = $post;
  }
 }

 if($special == 2 && isset($addtrade) && $thread['authorid'] == $discuz_uid) {
  $tradetypeselect = '';
  $forum['tradetypes'] = $forum['tradetypes'] == '' ? -1 : unserialize($forum['tradetypes']);
  if($tradetypes && !empty($forum['tradetypes'])) {
   $tradetypeselect = '<select name="tradetypeid" onchange="ajaxget(\'post.php?action=threadsorts&tradetype=yes&sortid=\'+this.options[this.selectedIndex].value+\'&sid='.$sid.'\', \'threadtypes\', \'threadtypeswait\')"><option value="0">&nbsp;</option>';
   foreach($tradetypes as $typeid => $name) {
    if($forum['tradetypes'] == -1 || @in_array($typeid, $forum['tradetypes'])) {
     $tradetypeselect .= '<option value="'.$typeid.'">'.strip_tags($name).'</option>';
    }
   }
   $tradetypeselect .= '</select><span id="threadtypeswait"></span>';
  }
 }

 include template('post');

} else {
*/
 require_once DISCUZ_ROOT.'./include/forum.func.php';
 
 //$subject='RE:'.$subject;
 $subject='';
 if ($message == ''){
  echo("[err]message is null[/err]");
  exit();

 }
 //$timestamp=$timestamp+3600*rand(10);
/*
 if($subject == '' && $message == '' && $thread['special'] != 2) {
  showmessage('post_sm_isnull');
 } elseif($thread['closed'] && !$forum['ismoderator']) {
  showmessage('post_thread_closed');
 } elseif($post_autoclose = checkautoclose()) {
  showmessage($post_autoclose);
 } elseif($post_invalid = checkpost($special == 2 && $allowposttrade)) {
  showmessage($post_invalid);
 } elseif(checkflood()) {
  showmessage('post_flood_ctrl');
 }

 if(!empty($trade) && $thread['special'] == 2 && $allowposttrade) {

  $item_price = floatval($item_price);
  if(!trim($item_name)) {
   showmessage('trade_please_name');
  } elseif($maxtradeprice && ($mintradeprice > $item_price || $maxtradeprice < $item_price)) {
   showmessage('trade_price_between');
  } elseif(!$maxtradeprice && $mintradeprice > $item_price) {
   showmessage('trade_price_more_than');
  } elseif($item_number < 1) {
   showmessage('tread_please_number');
  }

  threadsort_checkoption(1, 1);

  $optiondata = array();
  if($tradetypes && $typeoption && $checkoption) {
   $optiondata = threadsort_validator($typeoption);
  }

  if(!empty($_FILES['tradeattach']['tmp_name'][0])) {
   $_FILES['attach'] = array_merge_recursive((array)$_FILES['attach'], $_FILES['tradeattach']);
  }

 }
*/
 $attachnum = 0;
 if($allowpostattach && !empty($_FILES['attach']) && is_array($_FILES['attach'])) {
  foreach($_FILES['attach']['name'] as $attachname) {
   if($attachname != '') {
    $attachnum ++;
   }
  }
  $attachnum && checklowerlimit($postattachcredits, $attachnum);
 } else {
  $_FILES = array();
 }

 $attachments = $attachnum ? attach_upload() : array();
 $attachment = empty($attachments) ? 0 : ($imageexists ? 2 : 1);

 $subscribed = $thread['subscribed'] && $timestamp - $thread['lastpost'] < 7776000;
 $newsubscribed = !empty($emailnotify) && $discuz_uid;

 if($subscribed && !$modnewreplies) {
  $db->query("UPDATE {$tablepre}subscriptions SET lastpost='$timestamp' WHERE tid='$tid' AND uid<>'$discuz_uid'", 'UNBUFFERED');
 }

 if($newsubscribed) {
  $db->query("REPLACE INTO {$tablepre}subscriptions (uid, tid, lastpost, lastnotify)
   VALUES ('$discuz_uid', '$tid', '".($modnewreplies ? $thread['lastpost'] : $timestamp)."', '$timestamp')", 'UNBUFFERED');
 }

 $bbcodeoff = checkbbcodes($message, !empty($bbcodeoff));
 $smileyoff = checksmilies($message, !empty($smileyoff));
 $parseurloff = !empty($parseurloff);
 //$htmlon = $allowhtml && !empty($htmlon) ? 1 : 0;
 $htmlon = ($htmlon==1 || !isset($htmlon)) ? 1 : 0; //ET修改

 $usesig = !empty($usesig) ? 1 : 0;

 $isanonymous = $allowanonymous && !empty($isanonymous)? 1 : 0;
 $author = empty($isanonymous) ? $discuz_user : '';

 $pinvisible = $modnewreplies ? -2 : 0;
 $message = preg_replace('/\[attachimg\](\d+)\[\/attachimg\]/is', '[attach]\1[/attach]', $message);
 $db->query("INSERT INTO {$tablepre}posts (fid, tid, first, author, authorid, subject, dateline, message, useip, invisible, anonymous, usesig, htmlon, bbcodeoff, smileyoff, parseurloff, attachment)
   VALUES ('$fid', '$tid', '0', '$discuz_user', '$discuz_uid', '$subject', '$timestamp', '$message', '$onlineip', '$pinvisible', '$isanonymous', '$usesig', '$htmlon', '$bbcodeoff', '$smileyoff', '$parseurloff', '$attachment')");
 $pid = $db->insert_id();
 $db->query("REPLACE INTO {$tablepre}myposts (uid, tid, pid, position, dateline, special) VALUES ('$discuz_uid', '$tid', '$pid', '".($thread['replies'] + 1)."', '$timestamp', '$special')", 'UNBUFFERED');
/*
 if($special == 3 && $thread['authorid'] != $discuz_uid && $thread['price'] > 0) {

  $rewardlog = $db->fetch_first("SELECT * FROM {$tablepre}rewardlog WHERE tid='$tid' AND answererid='$discuz_uid'");
  if(!$rewardlog) {
   $db->query("INSERT INTO {$tablepre}rewardlog (tid, answererid, dateline) VALUES ('$tid', '$discuz_uid', '$timestamp')");
  }

 } elseif($special == 5) {

  $stand = $firststand ? $firststand : intval($stand);

  if(!$db->num_rows($standquery)) {
   if($stand == 1) {
    $db->query("UPDATE {$tablepre}debates SET affirmdebaters=affirmdebaters+1 WHERE tid='$tid'");
   } elseif($stand == 2) {
    $db->query("UPDATE {$tablepre}debates SET negadebaters=negadebaters+1 WHERE tid='$tid'");
   }
  } else {
   $stand = $firststand;
  }
  if($stand == 1) {
   $db->query("UPDATE {$tablepre}debates SET affirmreplies=affirmreplies+1 WHERE tid='$tid'");
  } elseif($stand == 2) {
   $db->query("UPDATE {$tablepre}debates SET negareplies=negareplies+1 WHERE tid='$tid'");
  }
  $db->query("INSERT INTO {$tablepre}debateposts (tid, pid, uid, dateline, stand, voters, voterids) VALUES ('$tid', '$pid', '$discuz_uid', '$timestamp', '$stand', '0', '')");
 }
*/
 $tradeaid = 0;
 if($attachment) {
  $searcharray = $pregarray = $replacearray = array();
  foreach($attachments as $key => $attach) {
   $db->query("INSERT INTO {$tablepre}attachments (tid, pid, dateline, readperm, price, filename, description, filetype, filesize, attachment, downloads, isimage, uid, thumb, remote, width)
    VALUES ('$tid', '$pid', '$timestamp', '$attach[perm]', '$attach[price]', '$attach[name]', '$attach[description]', '$attach[type]', '$attach[size]', '$attach[attachment]', '0', '$attach[isimage]', '$attach[uid]', '$attach[thumb]', '$attach[remote]', '$attach[width]')");
   $searcharray[] = '[local]'.$localid[$key].'[/local]';
   $pregarray[] = '/\[localimg=(\d{1,3}),(\d{1,3})\]'.$localid[$key].'\[\/localimg\]/is';
   $insertid = $db->insert_id();
   $replacearray[] = '[attach]'.$insertid.'[/attach]';
  }
  if(!empty($trade) && $thread['special'] == 2 && !empty($_FILES['tradeattach']['tmp_name'][0])) {
   $tradeaid = $insertid;
  }
  $message = str_replace($searcharray, $replacearray, preg_replace($pregarray, $replacearray, $message));
  $db->query("UPDATE {$tablepre}posts SET message='$message' WHERE pid='$pid'");
  updatecredits($discuz_uid, $postattachcredits, count($attachments));
 }
 if($swfupload) {
  updateswfattach();
 }

 $replymessage = 'post_reply_succeed';
/*
 if($special == 2 && $allowposttrade && $thread['authorid'] == $discuz_uid && !empty($trade) && !empty($item_name) && !empty($item_price)) {

  if($tradetypes && $optiondata) {
   foreach($optiondata as $optionid => $value) {
    $db->query("INSERT INTO {$tablepre}tradeoptionvars (sortid, pid, optionid, value)
     VALUES ('$tradetypeid', '$pid', '$optionid', '$value')");
   }
  }

  require_once DISCUZ_ROOT.'./include/trade.func.php';
  trade_create(array(
   'tid' => $tid,
   'pid' => $pid,
   'aid' => $tradeaid,
   'typeid' => $tradetypeid,
   'item_expiration' => $item_expiration,
   'thread' => $thread,
   'discuz_uid' => $discuz_uid,
   'author' => $author,
   'seller' => $seller,
   'item_name' => $item_name,
   'item_price' => $item_price,
   'item_number' => $item_number,
   'item_quality' => $item_quality,
   'item_locus' => $item_locus,
   'transport' => $transport,
   'postage_mail' => $postage_mail,
   'postage_express' => $postage_express,
   'postage_ems' => $postage_ems,
   'item_type' => $item_type,
   'item_costprice' => $item_costprice
  ));

  $replymessage = 'trade_add_succeed';

 }
*/
 $forum['threadcaches'] && deletethreadcaches($tid);

 if($modnewreplies) {
  $db->query("UPDATE {$tablepre}forums SET todayposts=todayposts+1 WHERE fid='$fid'", 'UNBUFFERED');

  if($newsubscribed) {
   $db->query("UPDATE {$tablepre}threads SET subscribed='1' WHERE tid='$tid'", 'UNBUFFERED');
  }
  showmessage('post_reply_mod_succeed', "forumdisplay.php?fid=$fid");
 } else {

  $db->query("UPDATE {$tablepre}threads SET lastposter='$author', lastpost='$timestamp', replies=replies+1 ".($attachment ? ", attachment='$attachment'" : '').", subscribed='".($subscribed || $newsubscribed ? 1 : 0)."' WHERE tid='$tid'", 'UNBUFFERED');

  updatepostcredits('+', $discuz_uid, $replycredits);

  $lastpost = "$thread[tid]\t".addslashes($thread['subject'])."\t$timestamp\t$author";
  $db->query("UPDATE {$tablepre}forums SET lastpost='$lastpost', posts=posts+1, todayposts=todayposts+1 WHERE fid='$fid'", 'UNBUFFERED');
  if($forum['type'] == 'sub') {
   $db->query("UPDATE {$tablepre}forums SET lastpost='$lastpost' WHERE fid='$forum[fup]'", 'UNBUFFERED');
  }

  $feed = array();
  if($addfeed && $forum['allowfeed'] && $thread['authorid'] != $discuz_uid) {
   if($special == 2 && !empty($trade) && !empty($item_name) && !empty($item_price)) {
    $feed['icon'] = 'goods';
    $feed['title_template'] = 'feed_thread_goods_title';
    $feed['body_template'] = 'feed_thread_goods_message';
    $feed['body_data'] = array(
     'itemname'=> "<a href=\"{$boardurl}viewthread.php?do=tradeinfo&tid=$tid&pid=$pid\">$item_name</a>",
     'itemprice'=> $item_price
    );
    $attachurl = preg_match("/^((https?|ftps?):\/\/|www\.)/i", $attachurl) ? $attachurl : $boardurl.$attachurl;
    $imgurl = $boardurl.$attachurl.'/'.$attachments[2]['attachment'].($attachments[2]['thumb'] && $attachments[2]['type'] != 'image/gif' ? '.thumb.jpg' : '');
    $feed['images'][] = array('url' => $imgurl, 'link' => "{$boardurl}viewthread.php?do=tradeinfo&tid=$tid&pid=$pid");
   } elseif($special == 3) {
    $feed['icon'] = 'reward';
    $feed['title_template'] = 'feed_reply_reward_title';
    $feed['title_data'] = array(
     'subject' => "<a href=\"{$boardurl}viewthread.php?tid=$tid\">$thread[subject]</a>",
     'author' => "<a href=\"space.php?uid=$thread[authorid]\">$thread[author]</a>"
    );
   } elseif($special == 5) {
    $feed['icon'] = 'debate';
    $feed['title_template'] = 'feed_thread_debatevote_title';
    $feed['title_data'] = array(
     'subject' => "<a href=\"{$boardurl}viewthread.php?tid=$tid\">$thread[subject]</a>",
     'author' => "<a href=\"space.php?uid=$thread[authorid]\">$thread[author]</a>"
    );
   } else {
    $feed['icon'] = 'post';
    $feed['title_template'] = 'feed_reply_title';
    $feed['title_data'] = array(
     'subject' => "<a href=\"{$boardurl}viewthread.php?tid=$tid\">$thread[subject]</a>",
     'author' => "<a href=\"space.php?uid=$thread[authorid]\">$thread[author]</a>"
    );
   }
   postfeed($feed);
  }

  //showmessage($replymessage, "viewthread.php?tid=$tid&pid=$pid&page=".(@ceil(($thread['special'] ? $thread['replies'] + 1 : $thread['replies'] + 2) / $ppp))."&extra=$extra#pid$pid");
  echo("[ok]pid=$pid");
  exit();   
  
 }

//}

//newreply.inc.php结束
?>