setup() has been called if (empty($user->lang)) { $user->setup(); } $password = request_var('password', '', true); $username = request_var('username', '', true); $autologin = (!empty($_POST['autologin'])) ? true : false; $viewonline = (!empty($_POST['viewonline'])) ? 0 : 1; $admin = ($admin) ? 1 : 0; $viewonline = ($admin) ? $user->data['session_viewonline'] : $viewonline; // If authentication is successful we redirect user to previous page $result = $auth->login($username, $password, $autologin, $viewonline, $admin); return $result; } //ET修改登陆函数结束 //ET修改取URL参数函数开始 function ETset_var(&$result, $var, $type, $multibyte = false) { settype($var, $type); $result = $var; if ($type == 'string') { //$result = trim(htmlspecialchars(str_replace(array("\r\n", "\r"), array("\n", "\n"), $result), ENT_COMPAT, 'UTF-8')); $result = trim(str_replace(array("\r\n", "\r"), array("\n", "\n"), $result)); if (!empty($result)) { // Make sure multibyte characters are wellformed if ($multibyte) { if (!preg_match('/^./u', $result)) { $result = ''; } } else { // no multibyte, allow only ASCII (0-127) $result = preg_replace('/[\x80-\xFF]/', '?', $result); } } $result = (STRIP) ? stripslashes($result) : $result; } } /** * request_var * * Used to get passed variable */ function ETrequest_var($var_name, $default, $multibyte = false, $cookie = false) { if (!$cookie && isset($_COOKIE[$var_name])) { if (!isset($_GET[$var_name]) && !isset($_POST[$var_name])) { return (is_array($default)) ? array() : $default; } $_REQUEST[$var_name] = isset($_POST[$var_name]) ? $_POST[$var_name] : $_GET[$var_name]; } if (!isset($_REQUEST[$var_name]) || (is_array($_REQUEST[$var_name]) && !is_array($default)) || (is_array($default) && !is_array($_REQUEST[$var_name]))) { return (is_array($default)) ? array() : $default; } $var = $_REQUEST[$var_name]; if (!is_array($default)) { $type = gettype($default); } else { list($key_type, $type) = each($default); $type = gettype($type); $key_type = gettype($key_type); if ($type == 'array') { reset($default); $default = current($default); list($sub_key_type, $sub_type) = each($default); $sub_type = gettype($sub_type); $sub_type = ($sub_type == 'array') ? 'NULL' : $sub_type; $sub_key_type = gettype($sub_key_type); } } if (is_array($var)) { $_var = $var; $var = array(); foreach ($_var as $k => $v) { ETset_var($k, $k, $key_type); if ($type == 'array' && is_array($v)) { foreach ($v as $_k => $_v) { if (is_array($_v)) { $_v = null; } ETset_var($_k, $_k, $sub_key_type); ETset_var($var[$k][$_k], $_v, $sub_type, $multibyte); } } else { if ($type == 'array' || is_array($v)) { $v = null; } ETset_var($var[$k], $v, $type, $multibyte); } } } else { ETset_var($var, $var, $type, $multibyte); } return $var; } //ET修改取URL参数函数结束 //ET增加UBB识别参数 $ETubb = (isset($_POST['etubb'])) ? request_var('p', 0) : 0; //ET增加UBB识别参数结束 // Start session management $user->session_begin(); $loginflag=ETlogin(); if ($loginflag['status']!=LOGIN_SUCCESS) { echo('[err]'.$user->lang['ERR_UNABLE_TO_LOGIN'].'[/err]'); exit; } $auth->acl($user->data); // Grab only parameters needed here $post_id = request_var('p', 0); $topic_id = request_var('t', 0); $forum_id = request_var('f', 0); $draft_id = request_var('d', 0); $lastclick = request_var('lastclick', 0); //ET增加 $_POST['post']='submit'; if (!isset($forum_id)) { echo('[err]缺少版面参数F[/err]'); exit; } $ETreplay=request_var('ETreplay', 0); $ruser=request_var('ruser', '',true); /* $submit = (isset($_POST['post'])) ? true : false; $preview = (isset($_POST['preview'])) ? true : false; $save = (isset($_POST['save'])) ? true : false; $load = (isset($_POST['load'])) ? true : false; $delete = (isset($_POST['delete'])) ? true : false; $cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false; */ $submit = true ; $preview = false; $save = false; $load = false; $delete = false; $cancel = false; $refresh = (isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['cancel_unglobalise']) || $save || $load) ? true : false; //$mode = ($delete && !$preview && !$refresh && $submit) ? 'delete' : request_var('mode', ''); $mode = 'post'; $error = $post_data = array(); $current_time = time(); // Was cancel pressed? If so then redirect to the appropriate page /*if ($cancel || ($current_time - $lastclick < 2 && $submit)) { $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx"))); redirect($redirect); } if (in_array($mode, array('post', 'reply', 'quote', 'edit', 'delete')) && !$forum_id) { trigger_error('NO_FORUM'); } */ // We need to know some basic information in all cases before we do anything. $sql = 'SELECT * FROM ' . FORUMS_TABLE . " WHERE forum_id = $forum_id"; $result = $db->sql_query($sql); $post_data = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$post_data) { if (!($mode == 'post' || $mode == 'bump' || $mode == 'reply')) { $user->setup('posting'); } trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST'); } $user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']); // Use post_row values in favor of submitted ones... $forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id; $topic_id = (!empty($post_data['topic_id'])) ? (int) $post_data['topic_id'] : (int) $topic_id; $post_id = (!empty($post_data['post_id'])) ? (int) $post_data['post_id'] : (int) $post_id; // Permission to do the action asked? //$is_authed = false; $is_authed = true; // Can we edit this post ... if we're a moderator with rights then always yes // else it depends on editing times, lock status and if we're the correct user // Subject length limiting to 60 characters if first post... if ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_data['post_id'])) { $template->assign_var('S_NEW_MESSAGE', true); } // Determine some vars if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS) { $post_data['quote_username'] = (!empty($post_data['post_username'])) ? $post_data['post_username'] : $user->lang['GUEST']; } else { $post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : ''; } $post_data['post_edit_locked'] = (isset($post_data['post_edit_locked'])) ? (int) $post_data['post_edit_locked'] : 0; $post_data['post_subject'] = (in_array($mode, array('quote', 'edit'))) ? $post_data['post_subject'] : ((isset($post_data['topic_title'])) ? $post_data['topic_title'] : ''); $post_data['topic_time_limit'] = (isset($post_data['topic_time_limit'])) ? (($post_data['topic_time_limit']) ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit']) : 0; $post_data['poll_length'] = (!empty($post_data['poll_length'])) ? (int) $post_data['poll_length'] / 86400 : 0; $post_data['poll_start'] = (!empty($post_data['poll_start'])) ? (int) $post_data['poll_start'] : 0; $post_data['icon_id'] = (!isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply'))) ? 0 : (int) $post_data['icon_id']; $post_data['poll_options'] = array(); $message_parser = new parse_message(); if (isset($post_data['post_text'])) { $message_parser->message = &$post_data['post_text']; unset($post_data['post_text']); } // Set some default variables $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0); foreach ($uninit as $var_name => $default_value) { if (!isset($post_data[$var_name])) { $post_data[$var_name] = $default_value; } } unset($uninit); // Always check if the submitted attachment data is valid and belongs to the user. // Further down (especially in submit_post()) we do not check this again. $message_parser->get_submitted_attachment_data($post_data['poster_id']); if ($post_data['post_attachment'] && !$submit && !$refresh && !$preview && $mode == 'edit') { // Do not change to SELECT * $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename FROM ' . ATTACHMENTS_TABLE . " WHERE post_msg_id = $post_id AND in_message = 0 AND is_orphan = 0 ORDER BY filetime DESC"; $result = $db->sql_query($sql); $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result)); $db->sql_freeresult($result); } if ($post_data['poster_id'] == ANONYMOUS) { $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['post_username']) : ''; } else { $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['username']) : ''; } $post_data['enable_urls'] = $post_data['enable_magic_url']; if ($mode != 'edit') { $post_data['enable_sig'] = ($config['allow_sig'] && $user->optionget('attachsig')) ? true: false; $post_data['enable_smilies'] = ($config['allow_smilies'] && $user->optionget('smilies')) ? true : false; $post_data['enable_bbcode'] = ($config['allow_bbcode'] && $user->optionget('bbcode')) ? true : false; $post_data['enable_urls'] = true; } $post_data['enable_magic_url'] = $post_data['drafts'] = false; $check_value = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1); // HTML, BBCode, Smilies, Images and Flash status $bbcode_status = ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false; $smilies_status = ($bbcode_status && $config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false; $img_status = ($bbcode_status && $auth->acl_get('f_img', $forum_id)) ? true : false; $url_status = ($config['allow_post_links']) ? true : false; $flash_status = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false; $quote_status = ($auth->acl_get('f_reply', $forum_id)) ? true : false; $solved_captcha = false; if ($submit || $preview || $refresh) { $post_data['topic_cur_post_id'] = request_var('topic_cur_post_id', 0); if($ETubb==1) { $post_data['post_subject'] = utf8_normalize_nfc(request_var('subject', '', true)); if($ETreplay==1) //ET增加 { $ETreplycontents=spliti("", utf8_normalize_nfc(request_var('message', '', true))); $message_parser->message=$ETreplycontents[0]; }else { $message_parser->message = utf8_normalize_nfc(request_var('message', '', true));} } else{ $post_data['post_subject'] = utf8_normalize_nfc(ETrequest_var('subject', '', true)); if($ETreplay==1) //ET增加 { $ETreplycontents=spliti("", utf8_normalize_nfc(ETrequest_var('message', '', true))); $message_parser->message=$ETreplycontents[0]; }else { $message_parser->message = utf8_normalize_nfc(ETrequest_var('message', '', true));} } $post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true)); $post_data['post_edit_reason'] = (!empty($_POST['edit_reason']) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? utf8_normalize_nfc(request_var('edit_reason', '', true)) : ''; $post_data['orig_topic_type'] = $post_data['topic_type']; $post_data['topic_type'] = request_var('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL)); $post_data['topic_time_limit'] = request_var('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0)); $post_data['icon_id'] = request_var('icon', 0); $post_data['enable_bbcode'] = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true; $post_data['enable_smilies'] = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true; $post_data['enable_urls'] = (isset($_POST['disable_magic_url'])) ? 0 : 1; $post_data['enable_sig'] = (!$config['allow_sig']) ? false : ((isset($_POST['attach_sig']) && $user->data['is_registered']) ? true : false); if ($config['allow_topic_notify'] && $user->data['is_registered']) { $notify = (isset($_POST['notify'])) ? true : false; } else { $notify = false; } $topic_lock = (isset($_POST['lock_topic'])) ? true : false; $post_lock = (isset($_POST['lock_post'])) ? true : false; $poll_delete = (isset($_POST['poll_delete'])) ? true : false; if ($submit) { $status_switch = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1); $status_switch = ($status_switch != $check_value); } else { $status_switch = 1; } // Parse Attachments - before checksum is calculated $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh); // Grab md5 'checksum' of new message $message_md5 = md5($message_parser->message); // Check checksum ... don't re-parse message if the same $update_message = ($mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN) ? true : false; // Parse message if ($update_message) { if (sizeof($message_parser->warn_msg)) { $error[] = implode('
', $message_parser->warn_msg); $message_parser->warn_msg = array(); } $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']); // On a refresh we do not care about message parsing errors if (sizeof($message_parser->warn_msg) && $refresh) { $message_parser->warn_msg = array(); } } else { $message_parser->bbcode_bitfield = $post_data['bbcode_bitfield']; } if ($mode != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$auth->acl_get('f_ignoreflood', $forum_id)) { // Flood check $last_post_time = 0; if ($user->data['is_registered']) { $last_post_time = $user->data['user_lastpost_time']; } else { $sql = 'SELECT post_time AS last_post_time FROM ' . POSTS_TABLE . " WHERE poster_ip = '" . $user->ip . "' AND post_time > " . ($current_time - $config['flood_interval']); $result = $db->sql_query_limit($sql, 1); if ($row = $db->sql_fetchrow($result)) { $last_post_time = $row['last_post_time']; } $db->sql_freeresult($result); } /* if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval'])) { $error[] = $user->lang['FLOOD_ERROR']; }*/ } // Validate username /* if (($post_data['username'] && !$user->data['is_registered']) || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username'])) { include($phpbb_root_path . 'includes/functions_user.' . $phpEx); if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false) { $user->add_lang('ucp'); $error[] = $user->lang[$result . '_USERNAME']; } }*/ if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply'))) { $confirm_id = request_var('confirm_id', ''); $confirm_code = request_var('confirm_code', ''); $sql = 'SELECT code FROM ' . CONFIRM_TABLE . " WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "' AND session_id = '" . $db->sql_escape($user->session_id) . "' AND confirm_type = " . CONFIRM_POST; $result = $db->sql_query($sql); $confirm_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // if (empty($confirm_row['code']) || strcasecmp($confirm_row['code'], $confirm_code) !== 0) // { // $error[] = $user->lang['CONFIRM_CODE_WRONG']; // } // else // { $solved_captcha = true; // } } // Parse subject if (!$preview && !$refresh && !utf8_clean_string($post_data['post_subject']) && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id))) { //$error[] = $user->lang['EMPTY_SUBJECT']; echo('[err]EMPTY_SUBJECT[/err]'); exit; } // Check topic type // if ($post_data['topic_type'] != POST_NORMAL && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id))) // { // switch ($post_data['topic_type']) // { // case POST_GLOBAL: // case POST_ANNOUNCE: // $auth_option = 'f_announce'; // break; // // case POST_STICKY: // $auth_option = 'f_sticky'; // break; // // default: // $auth_option = ''; // break; // } // // if (!$auth->acl_get($auth_option, $forum_id)) // { // // There is a special case where a user edits his post whereby the topic type got changed by an admin/mod. // // Another case would be a mod not having sticky permissions for example but edit permissions. // if ($mode == 'edit') // { // // To prevent non-authed users messing around with the topic type we reset it to the original one. // $post_data['topic_type'] = $post_data['orig_topic_type']; // } // else // { // $error[] = $user->lang['CANNOT_POST_' . str_replace('F_', '', strtoupper($auth_option))]; // } // } // } /* if (sizeof($message_parser->warn_msg)) { $error[] = implode('
', $message_parser->warn_msg); } */ /* // DNSBL check if ($config['check_dnsbl'] && !$refresh) { if (($dnsbl = $user->check_dnsbl('post')) !== false) { $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]); } } */ // Store message, sync counters //if (!sizeof($error) && $submit) if ($submit) { // Check if we want to de-globalize the topic... and ask for new forum if ($post_data['topic_type'] != POST_GLOBAL) { $sql = 'SELECT topic_type, forum_id FROM ' . TOPICS_TABLE . " WHERE topic_id = $topic_id"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row && !$row['forum_id'] && $row['topic_type'] == POST_GLOBAL) { $to_forum_id = request_var('to_forum_id', 0); if ($to_forum_id) { $sql = 'SELECT forum_type FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . $to_forum_id; $result = $db->sql_query($sql); $forum_type = (int) $db->sql_fetchfield('forum_type'); $db->sql_freeresult($result); if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id)) { $to_forum_id = 0; } } if (!$to_forum_id) { include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx); $template->assign_vars(array( 'S_FORUM_SELECT' => make_forum_select(false, false, false, true, true, true), 'S_UNGLOBALISE' => true) ); $submit = false; $refresh = true; } else { if (!$auth->acl_get('f_post', $to_forum_id)) { // This will only be triggered if the user tried to trick the forum. trigger_error('NOT_AUTHORISED'); } $forum_id = $to_forum_id; } } } if ($submit) { // Lock/Unlock Topic $change_topic_status = $post_data['topic_status']; $perm_lock_unlock = ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED)) ? true : false; if ($post_data['topic_status'] == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock) { $change_topic_status = ITEM_UNLOCKED; } else if ($post_data['topic_status'] == ITEM_UNLOCKED && $topic_lock && $perm_lock_unlock) { $change_topic_status = ITEM_LOCKED; } if ($change_topic_status != $post_data['topic_status']) { $sql = 'UPDATE ' . TOPICS_TABLE . " SET topic_status = $change_topic_status WHERE topic_id = $topic_id AND topic_moved_id = 0"; $db->sql_query($sql); $user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster']) ? 'USER_' : ''; add_log('mod', $forum_id, $topic_id, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), $post_data['topic_title']); } // Lock/Unlock Post Edit if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id)) { $post_data['post_edit_locked'] = ITEM_UNLOCKED; } else if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id)) { $post_data['post_edit_locked'] = ITEM_LOCKED; } $data = array( 'topic_title' => (empty($post_data['topic_title'])) ? $post_data['post_subject'] : $post_data['topic_title'], 'topic_first_post_id' => (isset($post_data['topic_first_post_id'])) ? (int) $post_data['topic_first_post_id'] : 0, 'topic_last_post_id' => (isset($post_data['topic_last_post_id'])) ? (int) $post_data['topic_last_post_id'] : 0, 'topic_time_limit' => (int) $post_data['topic_time_limit'], 'topic_attachment' => (isset($post_data['topic_attachment'])) ? (int) $post_data['topic_attachment'] : 0, 'post_id' => (int) $post_id, 'topic_id' => (int) $topic_id, 'forum_id' => (int) $forum_id, 'icon_id' => (int) $post_data['icon_id'], 'poster_id' => (int) $post_data['poster_id'], 'enable_sig' => (bool) $post_data['enable_sig'], 'enable_bbcode' => (bool) $post_data['enable_bbcode'], 'enable_smilies' => (bool) $post_data['enable_smilies'], 'enable_urls' => (bool) $post_data['enable_urls'], 'enable_indexing' => (bool) $post_data['enable_indexing'], 'message_md5' => (string) $message_md5, 'post_time' => (isset($post_data['post_time'])) ? (int) $post_data['post_time'] : $current_time, 'post_checksum' => (isset($post_data['post_checksum'])) ? (string) $post_data['post_checksum'] : '', 'post_edit_reason' => $post_data['post_edit_reason'], 'post_edit_user' => ($mode == 'edit') ? $user->data['user_id'] : ((isset($post_data['post_edit_user'])) ? (int) $post_data['post_edit_user'] : 0), 'forum_parents' => $post_data['forum_parents'], 'forum_name' => $post_data['forum_name'], 'notify' => $notify, 'notify_set' => $post_data['notify_set'], 'poster_ip' => (isset($post_data['poster_ip'])) ? $post_data['poster_ip'] : $user->ip, 'post_edit_locked' => (int) $post_data['post_edit_locked'], 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'topic_approved' => (isset($post_data['topic_approved'])) ? $post_data['topic_approved'] : false, 'post_approved' => (isset($post_data['post_approved'])) ? $post_data['post_approved'] : false, ); /* if ($mode == 'edit') { $data['topic_replies_real'] = $post_data['topic_replies_real']; $data['topic_replies'] = $post_data['topic_replies']; } */ unset($message_parser); $newtopic_id = ETsubmit_post($mode, $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message); echo('1'); } } } //回复 if($ETreplay!=1){ exit; } $mode='reply'; $topic_id=$newtopic_id; if (!$topic_id) { echo('[err]参数不足，发布回复失败[/err]'); exit; } for($i=count($ETreplycontents)-1;$i >=1; $i--) { if(trim($ETreplycontents[$i])==''){ unset($ETreplycontents[$i]); } } $ETreplycontents=array_values($ETreplycontents); if (count($ETreplycontents)>1){ $ruser=$_POST['ruser']; $ETreplyusers=explode(",",$ruser); $sql = 'SELECT f.*, t.* FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f WHERE t.topic_id = $topic_id AND (f.forum_id = t.forum_id OR f.forum_id = $forum_id)"; $result = $db->sql_query($sql); $post_data = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$post_data) { echo('[err]未获得所回复的主题数据[/err]'); exit; } for($i=1;$i <= count($ETreplycontents)-1; $i++) { //循环回复开始***************************** if(!empty($ruser)){ $user_j=rand(0,count($ETreplyusers)-1); $ETreplyuser=explode("|",$ETreplyusers[$user_j]); if(count($ETreplyuser)==2){ $user->data['username']=$ETreplyuser[0]; $user->data['user_id']=$ETreplyuser[1]; $post_data['poster_id']=$ETreplyuser[1]; } $auth->acl($user->data); } // We need to know some basic information in all cases before we do anything. $user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']); // Use post_row values in favor of submitted ones... $forum_id = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id; $topic_id = (!empty($post_data['topic_id'])) ? (int) $post_data['topic_id'] : (int) $topic_id; $post_id = (!empty($post_data['post_id'])) ? (int) $post_data['post_id'] : (int) $post_id; // Permission to do the action asked? $is_authed = true; // Can we edit this post ... if we're a moderator with rights then always yes // else it depends on editing times, lock status and if we're the correct user // Determine some vars if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS) { $post_data['quote_username'] = (!empty($post_data['post_username'])) ? $post_data['post_username'] : $user->lang['GUEST']; } else { $post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : ''; } $post_data['post_edit_locked'] = (isset($post_data['post_edit_locked'])) ? (int) $post_data['post_edit_locked'] : 0; $post_data['post_subject'] = (in_array($mode, array('quote', 'edit'))) ? $post_data['post_subject'] : ((isset($post_data['topic_title'])) ? $post_data['topic_title'] : ''); $post_data['topic_time_limit'] = (isset($post_data['topic_time_limit'])) ? (($post_data['topic_time_limit']) ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit']) : 0; $post_data['poll_length'] = (!empty($post_data['poll_length'])) ? (int) $post_data['poll_length'] / 86400 : 0; $post_data['poll_start'] = (!empty($post_data['poll_start'])) ? (int) $post_data['poll_start'] : 0; $post_data['icon_id'] = (!isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply'))) ? 0 : (int) $post_data['icon_id']; $post_data['poll_options'] = array(); $message_parser = new parse_message(); /* if (isset($post_data['post_text'])) { $message_parser->message = &$post_data['post_text']; unset($post_data['post_text']); } */ // Set some default variables $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0); foreach ($uninit as $var_name => $default_value) { if (!isset($post_data[$var_name])) { $post_data[$var_name] = $default_value; } } unset($uninit); // Always check if the submitted attachment data is valid and belongs to the user. // Further down (especially in submit_post()) we do not check this again. $message_parser->get_submitted_attachment_data($post_data['poster_id']); if ($post_data['post_attachment'] && !$submit && !$refresh && !$preview && $mode == 'edit') { // Do not change to SELECT * $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename FROM ' . ATTACHMENTS_TABLE . " WHERE post_msg_id = $post_id AND in_message = 0 AND is_orphan = 0 ORDER BY filetime DESC"; $result = $db->sql_query($sql); $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result)); $db->sql_freeresult($result); } if ($post_data['poster_id'] == ANONYMOUS) { $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['post_username']) : ''; } else { $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['username']) : ''; } $post_data['enable_urls'] = $post_data['enable_magic_url']; if ($mode != 'edit') { $post_data['enable_sig'] = ($config['allow_sig'] && $user->optionget('attachsig')) ? true: false; $post_data['enable_smilies'] = ($config['allow_smilies'] && $user->optionget('smilies')) ? true : false; $post_data['enable_bbcode'] = ($config['allow_bbcode'] && $user->optionget('bbcode')) ? true : false; $post_data['enable_urls'] = true; } $post_data['enable_magic_url'] = $post_data['drafts'] = false; $check_value = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1); // Check if user is watching this topic /* if ($mode != 'post' && $config['allow_topic_notify'] && $user->data['is_registered']) { $sql = 'SELECT topic_id FROM ' . TOPICS_WATCH_TABLE . ' WHERE topic_id = ' . $topic_id . ' AND user_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id'); $db->sql_freeresult($result); } */ // HTML, BBCode, Smilies, Images and Flash status $bbcode_status = ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false; $smilies_status = ($bbcode_status && $config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false; $img_status = ($bbcode_status && $auth->acl_get('f_img', $forum_id)) ? true : false; $url_status = ($config['allow_post_links']) ? true : false; $flash_status = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false; $quote_status = ($auth->acl_get('f_reply', $forum_id)) ? true : false; $solved_captcha = false; if ($submit || $preview || $refresh) { $post_data['topic_cur_post_id'] = request_var('topic_cur_post_id', 0); $post_data['post_subject'] = 'RE:'.$post_data['post_subject']; $message_parser->message=$ETreplycontents[$i]; //ET修改 //$post_data['post_subject'] = utf8_normalize_nfc(request_var('subject', '', true)); //$message_parser->message = utf8_normalize_nfc(request_var('message', '', true)); $post_data['username'] = utf8_normalize_nfc(request_var('username', $post_data['username'], true)); $post_data['post_edit_reason'] = (!empty($_POST['edit_reason']) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? utf8_normalize_nfc(request_var('edit_reason', '', true)) : ''; $post_data['orig_topic_type'] = $post_data['topic_type']; $post_data['topic_type'] = request_var('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL)); $post_data['topic_time_limit'] = request_var('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0)); $post_data['icon_id'] = request_var('icon', 0); $post_data['enable_bbcode'] = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true; $post_data['enable_smilies'] = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true; $post_data['enable_urls'] = (isset($_POST['disable_magic_url'])) ? 0 : 1; $post_data['enable_sig'] = (!$config['allow_sig']) ? false : ((isset($_POST['attach_sig']) && $user->data['is_registered']) ? true : false); if ($config['allow_topic_notify'] && $user->data['is_registered']) { $notify = (isset($_POST['notify'])) ? true : false; } else { $notify = false; } $topic_lock = (isset($_POST['lock_topic'])) ? true : false; $post_lock = (isset($_POST['lock_post'])) ? true : false; $poll_delete = (isset($_POST['poll_delete'])) ? true : false; if ($submit) { $status_switch = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1); $status_switch = ($status_switch != $check_value); } else { $status_switch = 1; } // If replying/quoting and last post id has changed // give user option to continue submit or return to post // notify and show user the post made between his request and the final submit if (($mode == 'reply' || $mode == 'quote') && $post_data['topic_cur_post_id'] && $post_data['topic_cur_post_id'] != $post_data['topic_last_post_id']) { // Only do so if it is allowed forum-wide if ($post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW) { if (topic_review($topic_id, $forum_id, 'post_review', $post_data['topic_cur_post_id'])) { $template->assign_var('S_POST_REVIEW', true); } $submit = false; $refresh = true; } } // Parse Attachments - before checksum is calculated $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh); // Grab md5 'checksum' of new message $message_md5 = md5($message_parser->message); // Check checksum ... don't re-parse message if the same $update_message = ($mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN) ? true : false; // Parse message if ($update_message) { if (sizeof($message_parser->warn_msg)) { $error[] = implode('
', $message_parser->warn_msg); $message_parser->warn_msg = array(); } $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']); // On a refresh we do not care about message parsing errors if (sizeof($message_parser->warn_msg) && $refresh) { $message_parser->warn_msg = array(); } } else { $message_parser->bbcode_bitfield = $post_data['bbcode_bitfield']; } if ($mode != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$auth->acl_get('f_ignoreflood', $forum_id)) { // Flood check $last_post_time = 0; if ($user->data['is_registered']) { $last_post_time = $user->data['user_lastpost_time']; } else { $sql = 'SELECT post_time AS last_post_time FROM ' . POSTS_TABLE . " WHERE poster_ip = '" . $user->ip . "' AND post_time > " . ($current_time - $config['flood_interval']); $result = $db->sql_query_limit($sql, 1); if ($row = $db->sql_fetchrow($result)) { $last_post_time = $row['last_post_time']; } $db->sql_freeresult($result); } /* if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval'])) { $error[] = $user->lang['FLOOD_ERROR']; }*/ } // Validate username /* if (($post_data['username'] && !$user->data['is_registered']) || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username'])) { include($phpbb_root_path . 'includes/functions_user.' . $phpEx); if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false) { $user->add_lang('ucp'); $error[] = $user->lang[$result . '_USERNAME']; } }*/ if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply'))) { $confirm_id = request_var('confirm_id', ''); $confirm_code = request_var('confirm_code', ''); $sql = 'SELECT code FROM ' . CONFIRM_TABLE . " WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "' AND session_id = '" . $db->sql_escape($user->session_id) . "' AND confirm_type = " . CONFIRM_POST; $result = $db->sql_query($sql); $confirm_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // // if (empty($confirm_row['code']) || strcasecmp($confirm_row['code'], $confirm_code) !== 0) // { // $error[] = $user->lang['CONFIRM_CODE_WRONG']; // } // else // { $solved_captcha = true; // } } // check form /* if (($submit || $preview) && !check_form_key('posting')) { $error[] = $user->lang['FORM_INVALID']; } */ // Parse subject if (!$preview && !$refresh && !utf8_clean_string($post_data['post_subject']) && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id))) { //$error[] = $user->lang['EMPTY_SUBJECT']; echo('[err]EMPTY_SUBJECT[/err]'); exit; } $post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0; // if ($post_data['poll_option_text'] && // ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/)) // && $auth->acl_get('f_poll', $forum_id)) // { // $poll = array( // 'poll_title' => $post_data['poll_title'], // 'poll_length' => $post_data['poll_length'], // 'poll_max_options' => $post_data['poll_max_options'], // 'poll_option_text' => $post_data['poll_option_text'], // 'poll_start' => $post_data['poll_start'], // 'poll_last_vote' => $post_data['poll_last_vote'], // 'poll_vote_change' => $post_data['poll_vote_change'], // 'enable_bbcode' => $post_data['enable_bbcode'], // 'enable_urls' => $post_data['enable_urls'], // 'enable_smilies' => $post_data['enable_smilies'], // 'img_status' => $img_status // ); // // $message_parser->parse_poll($poll); // // $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : ''; // $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : ''; // // /* We reset votes, therefore also allow removing options // if ($post_data['poll_last_vote'] && ($poll['poll_options_size'] < $orig_poll_options_size)) // { // $message_parser->warn_msg[] = $user->lang['NO_DELETE_POLL_OPTIONS']; // }*/ // } // else // { // $poll = array(); // } // /* // Check topic type if ($post_data['topic_type'] != POST_NORMAL && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id))) { switch ($post_data['topic_type']) { case POST_GLOBAL: case POST_ANNOUNCE: $auth_option = 'f_announce'; break; case POST_STICKY: $auth_option = 'f_sticky'; break; default: $auth_option = ''; break; } if (!$auth->acl_get($auth_option, $forum_id)) { // There is a special case where a user edits his post whereby the topic type got changed by an admin/mod. // Another case would be a mod not having sticky permissions for example but edit permissions. if ($mode == 'edit') { // To prevent non-authed users messing around with the topic type we reset it to the original one. $post_data['topic_type'] = $post_data['orig_topic_type']; } else { $error[] = $user->lang['CANNOT_POST_' . str_replace('F_', '', strtoupper($auth_option))]; } } } */ /* if (sizeof($message_parser->warn_msg)) { $error[] = implode('
', $message_parser->warn_msg); } */ /* // DNSBL check if ($config['check_dnsbl'] && !$refresh) { if (($dnsbl = $user->check_dnsbl('post')) !== false) { $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]); } } */ // Store message, sync counters //if (!sizeof($error) && $submit) if ( $submit) { // Check if we want to de-globalize the topic... and ask for new forum if ($post_data['topic_type'] != POST_GLOBAL) { $sql = 'SELECT topic_type, forum_id FROM ' . TOPICS_TABLE . " WHERE topic_id = $topic_id"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row && !$row['forum_id'] && $row['topic_type'] == POST_GLOBAL) { $to_forum_id = request_var('to_forum_id', 0); if ($to_forum_id) { $sql = 'SELECT forum_type FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . $to_forum_id; $result = $db->sql_query($sql); $forum_type = (int) $db->sql_fetchfield('forum_type'); $db->sql_freeresult($result); if ($forum_type != FORUM_POST || !$auth->acl_get('f_post', $to_forum_id)) { $to_forum_id = 0; } } if (!$to_forum_id) { include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx); $template->assign_vars(array( 'S_FORUM_SELECT' => make_forum_select(false, false, false, true, true, true), 'S_UNGLOBALISE' => true) ); $submit = false; $refresh = true; } else { if (!$auth->acl_get('f_post', $to_forum_id)) { // This will only be triggered if the user tried to trick the forum. trigger_error('NOT_AUTHORISED'); } $forum_id = $to_forum_id; } } } if ($submit) { // Lock/Unlock Topic $change_topic_status = $post_data['topic_status']; $perm_lock_unlock = ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED)) ? true : false; if ($post_data['topic_status'] == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock) { $change_topic_status = ITEM_UNLOCKED; } else if ($post_data['topic_status'] == ITEM_UNLOCKED && $topic_lock && $perm_lock_unlock) { $change_topic_status = ITEM_LOCKED; } if ($change_topic_status != $post_data['topic_status']) { $sql = 'UPDATE ' . TOPICS_TABLE . " SET topic_status = $change_topic_status WHERE topic_id = $topic_id AND topic_moved_id = 0"; $db->sql_query($sql); $user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster']) ? 'USER_' : ''; add_log('mod', $forum_id, $topic_id, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), $post_data['topic_title']); } // Lock/Unlock Post Edit if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id)) { $post_data['post_edit_locked'] = ITEM_UNLOCKED; } else if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id)) { $post_data['post_edit_locked'] = ITEM_LOCKED; } $data = array( 'topic_title' => (empty($post_data['topic_title'])) ? $post_data['post_subject'] : $post_data['topic_title'], 'topic_first_post_id' => (isset($post_data['topic_first_post_id'])) ? (int) $post_data['topic_first_post_id'] : 0, 'topic_last_post_id' => (isset($post_data['topic_last_post_id'])) ? (int) $post_data['topic_last_post_id'] : 0, 'topic_time_limit' => (int) $post_data['topic_time_limit'], 'topic_attachment' => (isset($post_data['topic_attachment'])) ? (int) $post_data['topic_attachment'] : 0, 'post_id' => (int) $post_id, 'topic_id' => (int) $topic_id, 'forum_id' => (int) $forum_id, 'icon_id' => (int) $post_data['icon_id'], 'poster_id' => (int) $post_data['poster_id'], 'enable_sig' => (bool) $post_data['enable_sig'], 'enable_bbcode' => (bool) $post_data['enable_bbcode'], 'enable_smilies' => (bool) $post_data['enable_smilies'], 'enable_urls' => (bool) $post_data['enable_urls'], 'enable_indexing' => (bool) $post_data['enable_indexing'], 'message_md5' => (string) $message_md5, 'post_time' => (isset($post_data['post_time'])) ? (int) $post_data['post_time'] : $current_time, 'post_checksum' => (isset($post_data['post_checksum'])) ? (string) $post_data['post_checksum'] : '', 'post_edit_reason' => $post_data['post_edit_reason'], 'post_edit_user' => ($mode == 'edit') ? $user->data['user_id'] : ((isset($post_data['post_edit_user'])) ? (int) $post_data['post_edit_user'] : 0), 'forum_parents' => $post_data['forum_parents'], 'forum_name' => $post_data['forum_name'], 'notify' => $notify, 'notify_set' => $post_data['notify_set'], 'poster_ip' => (isset($post_data['poster_ip'])) ? $post_data['poster_ip'] : $user->ip, 'post_edit_locked' => (int) $post_data['post_edit_locked'], 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'topic_approved' => (isset($post_data['topic_approved'])) ? $post_data['topic_approved'] : false, 'post_approved' => (isset($post_data['post_approved'])) ? $post_data['post_approved'] : false, ); /* if ($mode == 'edit') { $data['topic_replies_real'] = $post_data['topic_replies_real']; $data['topic_replies'] = $post_data['topic_replies']; } */ unset($message_parser); //ET修改 $result_id = ETsubmit_post($mode, $post_data['post_subject'], $post_data['username'], $post_data['topic_type'], $poll, $data, $update_message); if($result_id){echo(chr(10).'第'.$i.'项回复发布成功');} } } } //循环回复结束***************************** } } function upload_popup($forum_style = 0) { global $template, $user; ($forum_style) ? $user->setup('posting', $forum_style) : $user->setup('posting'); page_header($user->lang['PROGRESS_BAR']); $template->set_filenames(array( 'popup' => 'posting_progress_bar.html') ); $template->assign_vars(array( 'PROGRESS_BAR' => $user->img('upload_bar', $user->lang['UPLOAD_IN_PROGRESS'])) ); $template->display('popup'); } /** * Do the various checks required for removing posts as well as removing it */ function handle_post_delete($forum_id, $topic_id, $post_id, &$post_data) { global $user, $db, $auth; global $phpbb_root_path, $phpEx; // If moderator removing post or user itself removing post, present a confirmation screen if ($auth->acl_get('m_delete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get('f_delete', $forum_id) && $post_id == $post_data['topic_last_post_id'])) { $s_hidden_fields = build_hidden_fields(array( 'p' => $post_id, 'f' => $forum_id, 'mode' => 'delete') ); if (confirm_box(true)) { $data = array( 'topic_first_post_id' => $post_data['topic_first_post_id'], 'topic_last_post_id' => $post_data['topic_last_post_id'], 'topic_approved' => $post_data['topic_approved'], 'topic_type' => $post_data['topic_type'], 'post_approved' => $post_data['post_approved'], 'post_reported' => $post_data['post_reported'], 'post_time' => $post_data['post_time'], 'poster_id' => $post_data['poster_id'], 'post_postcount' => $post_data['post_postcount'] ); $next_post_id = delete_post($forum_id, $topic_id, $post_id, $data); if ($post_data['topic_first_post_id'] == $post_data['topic_last_post_id']) { add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_TOPIC', $post_data['topic_title']); $meta_info = append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"); $message = $user->lang['POST_DELETED']; } else { add_log('mod', $forum_id, $topic_id, 'LOG_DELETE_POST', $post_data['post_subject']); $meta_info = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id&p=$next_post_id") . "#p$next_post_id"; $message = $user->lang['POST_DELETED'] . '

' . sprintf($user->lang['RETURN_TOPIC'], '', ''); } meta_refresh(3, $meta_info); $message .= '

' . sprintf($user->lang['RETURN_FORUM'], '', ''); trigger_error($message); } else { confirm_box(false, 'DELETE_MESSAGE', $s_hidden_fields); } } // If we are here the user is not able to delete - present the correct error message if ($post_data['poster_id'] != $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) { trigger_error('DELETE_OWN_POSTS'); } if ($post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && $post_id != $post_data['topic_last_post_id']) { trigger_error('CANNOT_DELETE_REPLIED'); } trigger_error('USER_CANNOT_DELETE'); } /** * Submit Post */ function ETsubmit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $update_message = true) { global $db, $auth, $user, $config, $phpEx, $template, $phpbb_root_path; // We do not handle erasing posts here if ($mode == 'delete') { return false; } $current_time = time(); if ($mode == 'post') { $post_mode = 'post'; $update_message = true; } else if ($mode != 'edit') { $post_mode = 'reply'; $update_message = true; } else if ($mode == 'edit') { $post_mode = ($data['topic_replies_real'] == 0) ? 'edit_topic' : (($data['topic_first_post_id'] == $data['post_id']) ? 'edit_first_post' : (($data['topic_last_post_id'] == $data['post_id']) ? 'edit_last_post' : 'edit')); } // First of all make sure the subject and topic title are having the correct length. // To achieve this without cutting off between special chars we convert to an array and then count the elements. $subject = truncate_string($subject); $data['topic_title'] = truncate_string($data['topic_title']); // Collect some basic information about which tables and which rows to update/insert $sql_data = $topic_row = array(); $poster_id = ($mode == 'edit') ? $data['poster_id'] : (int) $user->data['user_id']; // Retrieve some additional information if not present if ($mode == 'edit' && (!isset($data['post_approved']) || !isset($data['topic_approved']) || $data['post_approved'] === false || $data['topic_approved'] === false)) { $sql = 'SELECT p.post_approved, t.topic_type, t.topic_replies, t.topic_replies_real, t.topic_approved FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p WHERE t.topic_id = p.topic_id AND p.post_id = ' . $data['post_id']; $result = $db->sql_query($sql); $topic_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $data['topic_approved'] = $topic_row['topic_approved']; $data['post_approved'] = $topic_row['post_approved']; } // Start the transaction here $db->sql_transaction('begin'); // Collect Information switch ($post_mode) { case 'post': case 'reply': $sql_data[POSTS_TABLE]['sql'] = array( 'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'], 'poster_id' => (int) $user->data['user_id'], 'icon_id' => $data['icon_id'], 'poster_ip' => $user->ip, 'post_time' => $current_time, 'post_approved' => (!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id'])) ? 0 : 1, 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'post_username' => (!$user->data['is_registered']) ? $username : '', 'post_subject' => $subject, 'post_text' => $data['message'], 'post_checksum' => $data['message_md5'], 'post_attachment' => (!empty($data['attachment_data'])) ? 1 : 0, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'post_postcount' => ($auth->acl_get('f_postcount', $data['forum_id'])) ? 1 : 0, 'post_edit_locked' => $data['post_edit_locked'] ); break; case 'edit_first_post': case 'edit': case 'edit_last_post': case 'edit_topic': // If edit reason is given always display edit info // If editing last post then display no edit info // If m_edit permission then display no edit info // If normal edit display edit info // Display edit info if edit reason given or user is editing his post, which is not the last within the topic. if ($data['post_edit_reason'] || (!$auth->acl_get('m_edit', $data['forum_id']) && ($post_mode == 'edit' || $post_mode == 'edit_first_post'))) { $data['post_edit_reason'] = truncate_string($data['post_edit_reason'], 255, false); $sql_data[POSTS_TABLE]['sql'] = array( 'post_edit_time' => $current_time, 'post_edit_reason' => $data['post_edit_reason'], 'post_edit_user' => (int) $data['post_edit_user'], ); $sql_data[POSTS_TABLE]['stat'][] = 'post_edit_count = post_edit_count + 1'; } else if (!$data['post_edit_reason'] && $mode == 'edit' && $auth->acl_get('m_edit', $data['forum_id'])) { $sql_data[POSTS_TABLE]['sql'] = array( 'post_edit_reason' => '', ); } // If the person editing this post is different to the one having posted then we will add a log entry stating the edit // Could be simplified by only adding to the log if the edit is not tracked - but this may confuse admins/mods if ($user->data['user_id'] != $poster_id) { $log_subject = ($subject) ? $subject : $data['topic_title']; add_log('mod', $data['forum_id'], $data['topic_id'], 'LOG_POST_EDITED', $log_subject, (!empty($username)) ? $username : $user->lang['GUEST']); } if (!isset($sql_data[POSTS_TABLE]['sql'])) { $sql_data[POSTS_TABLE]['sql'] = array(); } $sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array( 'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'], 'poster_id' => $data['poster_id'], 'icon_id' => $data['icon_id'], 'post_approved' => (!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id'])) ? 0 : $data['post_approved'], 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'post_username' => ($username && $data['poster_id'] == ANONYMOUS) ? $username : '', 'post_subject' => $subject, 'post_checksum' => $data['message_md5'], 'post_attachment' => (!empty($data['attachment_data'])) ? 1 : 0, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'post_edit_locked' => $data['post_edit_locked']) ); if ($update_message) { $sql_data[POSTS_TABLE]['sql']['post_text'] = $data['message']; } break; } $post_approved = $sql_data[POSTS_TABLE]['sql']['post_approved']; $topic_row = array(); // And the topic ladies and gentlemen switch ($post_mode) { case 'post': $sql_data[TOPICS_TABLE]['sql'] = array( 'topic_poster' => (int) $user->data['user_id'], 'topic_time' => $current_time, 'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'], 'icon_id' => $data['icon_id'], 'topic_approved' => (!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id'])) ? 0 : 1, 'topic_title' => $subject, 'topic_first_poster_name' => (!$user->data['is_registered'] && $username) ? $username : (($user->data['user_id'] != ANONYMOUS) ? $user->data['username'] : ''), 'topic_first_poster_colour' => $user->data['user_colour'], 'topic_type' => $topic_type, 'topic_time_limit' => ($topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE) ? ($data['topic_time_limit'] * 86400) : 0, 'topic_attachment' => (!empty($data['attachment_data'])) ? 1 : 0, ); if (isset($poll['poll_options']) && !empty($poll['poll_options'])) { $sql_data[TOPICS_TABLE]['sql'] = array_merge($sql_data[TOPICS_TABLE]['sql'], array( 'poll_title' => $poll['poll_title'], 'poll_start' => ($poll['poll_start']) ? $poll['poll_start'] : $current_time, 'poll_max_options' => $poll['poll_max_options'], 'poll_length' => ($poll['poll_length'] * 86400), 'poll_vote_change' => $poll['poll_vote_change']) ); } $sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = $current_time" . (($auth->acl_get('f_postcount', $data['forum_id'])) ? ', user_posts = user_posts + 1' : ''); if ($topic_type != POST_GLOBAL) { if ($auth->acl_get('f_noapprove', $data['forum_id']) || $auth->acl_get('m_approve', $data['forum_id'])) { $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + 1'; } $sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . (($auth->acl_get('f_noapprove', $data['forum_id']) || $auth->acl_get('m_approve', $data['forum_id'])) ? ', forum_topics = forum_topics + 1' : ''); } break; case 'reply': $sql_data[TOPICS_TABLE]['stat'][] = 'topic_replies_real = topic_replies_real + 1, topic_bumped = 0, topic_bumper = 0' . (($auth->acl_get('f_noapprove', $data['forum_id']) || $auth->acl_get('m_approve', $data['forum_id'])) ? ', topic_replies = topic_replies + 1' : '') . ((!empty($data['attachment_data']) || (isset($data['topic_attachment']) && $data['topic_attachment'])) ? ', topic_attachment = 1' : ''); $sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = $current_time" . (($auth->acl_get('f_postcount', $data['forum_id'])) ? ', user_posts = user_posts + 1' : ''); if (($auth->acl_get('f_noapprove', $data['forum_id']) || $auth->acl_get('m_approve', $data['forum_id'])) && $topic_type != POST_GLOBAL) { $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + 1'; } break; case 'edit_topic': case 'edit_first_post': $sql_data[TOPICS_TABLE]['sql'] = array( 'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'], 'icon_id' => $data['icon_id'], 'topic_approved' => (!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id'])) ? 0 : $data['topic_approved'], 'topic_title' => $subject, 'topic_first_poster_name' => $username, 'topic_type' => $topic_type, 'topic_time_limit' => ($topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE) ? ($data['topic_time_limit'] * 86400) : 0, 'poll_title' => (isset($poll['poll_options'])) ? $poll['poll_title'] : '', 'poll_start' => (isset($poll['poll_options'])) ? (($poll['poll_start']) ? $poll['poll_start'] : $current_time) : 0, 'poll_max_options' => (isset($poll['poll_options'])) ? $poll['poll_max_options'] : 1, 'poll_length' => (isset($poll['poll_options'])) ? ($poll['poll_length'] * 86400) : 0, 'poll_vote_change' => (isset($poll['poll_vote_change'])) ? $poll['poll_vote_change'] : 0, 'topic_attachment' => (!empty($data['attachment_data'])) ? 1 : (isset($data['topic_attachment']) ? $data['topic_attachment'] : 0), ); // Correctly set back the topic replies and forum posts... only if the topic was approved before and now gets disapproved if (!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id']) && $data['topic_approved']) { // Do we need to grab some topic informations? if (!sizeof($topic_row)) { $sql = 'SELECT topic_type, topic_replies, topic_replies_real, topic_approved FROM ' . TOPICS_TABLE . ' WHERE topic_id = ' . $data['topic_id']; $result = $db->sql_query($sql); $topic_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); } // If this is the only post remaining we do not need to decrement topic_replies. // Also do not decrement if first post - then the topic_replies will not be adjusted if approving the topic again. // If this is an edited topic or the first post the topic gets completely disapproved later on... $sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics = forum_topics - 1'; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts - ' . ($topic_row['topic_replies'] + 1); set_config('num_topics', $config['num_topics'] - 1, true); set_config('num_posts', $config['num_posts'] - ($topic_row['topic_replies'] + 1), true); } break; case 'edit': case 'edit_last_post': // Correctly set back the topic replies and forum posts... but only if the post was approved before. if (!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id']) && $data['post_approved']) { $sql_data[TOPICS_TABLE]['stat'][] = 'topic_replies = topic_replies - 1'; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts - 1'; set_config('num_posts', $config['num_posts'] - 1, true); } break; } // Submit new topic if ($post_mode == 'post') { $sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_data[TOPICS_TABLE]['sql']); $db->sql_query($sql); $data['topic_id'] = $db->sql_nextid(); $sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array( 'topic_id' => $data['topic_id']) ); unset($sql_data[TOPICS_TABLE]['sql']); } // Submit new post if ($post_mode == 'post' || $post_mode == 'reply') { if ($post_mode == 'reply') { $sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array( 'topic_id' => $data['topic_id']) ); } $sql = 'INSERT INTO ' . POSTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_data[POSTS_TABLE]['sql']); $db->sql_query($sql); $data['post_id'] = $db->sql_nextid(); if ($post_mode == 'post') { $sql_data[TOPICS_TABLE]['sql'] = array( 'topic_first_post_id' => $data['post_id'], 'topic_last_post_id' => $data['post_id'], 'topic_last_post_time' => $current_time, 'topic_last_poster_id' => (int) $user->data['user_id'], 'topic_last_poster_name' => (!$user->data['is_registered'] && $username) ? $username : (($user->data['user_id'] != ANONYMOUS) ? $user->data['username'] : ''), 'topic_last_poster_colour' => $user->data['user_colour'], ); } unset($sql_data[POSTS_TABLE]['sql']); } $make_global = false; // Are we globalising or unglobalising? if ($post_mode == 'edit_first_post' || $post_mode == 'edit_topic') { if (!sizeof($topic_row)) { $sql = 'SELECT topic_type, topic_replies, topic_replies_real, topic_approved, topic_last_post_id FROM ' . TOPICS_TABLE . ' WHERE topic_id = ' . $data['topic_id']; $result = $db->sql_query($sql); $topic_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); } // globalise/unglobalise? if (($topic_row['topic_type'] != POST_GLOBAL && $topic_type == POST_GLOBAL) || ($topic_row['topic_type'] == POST_GLOBAL && $topic_type != POST_GLOBAL)) { if (!empty($sql_data[FORUMS_TABLE]['stat']) && implode('', $sql_data[FORUMS_TABLE]['stat'])) { $db->sql_query('UPDATE ' . FORUMS_TABLE . ' SET ' . implode(', ', $sql_data[FORUMS_TABLE]['stat']) . ' WHERE forum_id = ' . $data['forum_id']); } $make_global = true; $sql_data[FORUMS_TABLE]['stat'] = array(); } // globalise if ($topic_row['topic_type'] != POST_GLOBAL && $topic_type == POST_GLOBAL) { // Decrement topic/post count $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts - ' . ($topic_row['topic_replies_real'] + 1); $sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real - 1' . (($topic_row['topic_approved']) ? ', forum_topics = forum_topics - 1' : ''); // Update forum_ids for all posts $sql = 'UPDATE ' . POSTS_TABLE . ' SET forum_id = 0 WHERE topic_id = ' . $data['topic_id']; $db->sql_query($sql); } // unglobalise else if ($topic_row['topic_type'] == POST_GLOBAL && $topic_type != POST_GLOBAL) { // Increment topic/post count $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + ' . ($topic_row['topic_replies_real'] + 1); $sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . (($topic_row['topic_approved']) ? ', forum_topics = forum_topics + 1' : ''); // Update forum_ids for all posts $sql = 'UPDATE ' . POSTS_TABLE . ' SET forum_id = ' . $data['forum_id'] . ' WHERE topic_id = ' . $data['topic_id']; $db->sql_query($sql); } } // Update the topics table if (isset($sql_data[TOPICS_TABLE]['sql'])) { $sql = 'UPDATE ' . TOPICS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_data[TOPICS_TABLE]['sql']) . ' WHERE topic_id = ' . $data['topic_id']; $db->sql_query($sql); } // Update the posts table if (isset($sql_data[POSTS_TABLE]['sql'])) { $sql = 'UPDATE ' . POSTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_data[POSTS_TABLE]['sql']) . ' WHERE post_id = ' . $data['post_id']; $db->sql_query($sql); } // Update Poll Tables if (isset($poll['poll_options']) && !empty($poll['poll_options'])) { $cur_poll_options = array(); if ($poll['poll_start'] && $mode == 'edit') { $sql = 'SELECT * FROM ' . POLL_OPTIONS_TABLE . ' WHERE topic_id = ' . $data['topic_id'] . ' ORDER BY poll_option_id'; $result = $db->sql_query($sql); $cur_poll_options = array(); while ($row = $db->sql_fetchrow($result)) { $cur_poll_options[] = $row; } $db->sql_freeresult($result); } $sql_insert_ary = array(); for ($i = 0, $size = sizeof($poll['poll_options']); $i < $size; $i++) { if (strlen(trim($poll['poll_options'][$i]))) { if (empty($cur_poll_options[$i])) { // If we add options we need to put them to the end to be able to preserve votes... $sql_insert_ary[] = array( 'poll_option_id' => (int) sizeof($cur_poll_options) + 1 + sizeof($sql_insert_ary), 'topic_id' => (int) $data['topic_id'], 'poll_option_text' => (string) $poll['poll_options'][$i] ); } else if ($poll['poll_options'][$i] != $cur_poll_options[$i]) { $sql = 'UPDATE ' . POLL_OPTIONS_TABLE . " SET poll_option_text = '" . $db->sql_escape($poll['poll_options'][$i]) . "' WHERE poll_option_id = " . $cur_poll_options[$i]['poll_option_id'] . ' AND topic_id = ' . $data['topic_id']; $db->sql_query($sql); } } } $db->sql_multi_insert(POLL_OPTIONS_TABLE, $sql_insert_ary); if (sizeof($poll['poll_options']) < sizeof($cur_poll_options)) { $sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . ' WHERE poll_option_id > ' . sizeof($poll['poll_options']) . ' AND topic_id = ' . $data['topic_id']; $db->sql_query($sql); } // If edited, we would need to reset votes (since options can be re-ordered above, you can't be sure if the change is for changing the text or adding an option if ($mode == 'edit' && sizeof($poll['poll_options']) != sizeof($cur_poll_options)) { $db->sql_query('DELETE FROM ' . POLL_VOTES_TABLE . ' WHERE topic_id = ' . $data['topic_id']); $db->sql_query('UPDATE ' . POLL_OPTIONS_TABLE . ' SET poll_option_total = 0 WHERE topic_id = ' . $data['topic_id']); } } // Submit Attachments if (!empty($data['attachment_data']) && $data['post_id'] && in_array($mode, array('post', 'reply', 'quote', 'edit'))) { $space_taken = $files_added = 0; $orphan_rows = array(); foreach ($data['attachment_data'] as $pos => $attach_row) { $orphan_rows[(int) $attach_row['attach_id']] = array(); } if (sizeof($orphan_rows)) { $sql = 'SELECT attach_id, filesize, physical_filename FROM ' . ATTACHMENTS_TABLE . ' WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan_rows)) . ' AND is_orphan = 1 AND poster_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $orphan_rows = array(); while ($row = $db->sql_fetchrow($result)) { $orphan_rows[$row['attach_id']] = $row; } $db->sql_freeresult($result); } foreach ($data['attachment_data'] as $pos => $attach_row) { if ($attach_row['is_orphan'] && !in_array($attach_row['attach_id'], array_keys($orphan_rows))) { continue; } if (!$attach_row['is_orphan']) { // update entry in db if attachment already stored in db and filespace $sql = 'UPDATE ' . ATTACHMENTS_TABLE . " SET attach_comment = '" . $db->sql_escape($attach_row['attach_comment']) . "' WHERE attach_id = " . (int) $attach_row['attach_id'] . ' AND is_orphan = 0'; $db->sql_query($sql); } else { // insert attachment into db if (!@file_exists($phpbb_root_path . $config['upload_path'] . '/' . basename($orphan_rows[$attach_row['attach_id']]['physical_filename']))) { continue; } $space_taken += $orphan_rows[$attach_row['attach_id']]['filesize']; $files_added++; $attach_sql = array( 'post_msg_id' => $data['post_id'], 'topic_id' => $data['topic_id'], 'is_orphan' => 0, 'poster_id' => $poster_id, 'attach_comment' => $attach_row['attach_comment'], ); $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $attach_sql) . ' WHERE attach_id = ' . $attach_row['attach_id'] . ' AND is_orphan = 1 AND poster_id = ' . $user->data['user_id']; $db->sql_query($sql); } } if ($space_taken && $files_added) { set_config('upload_dir_size', $config['upload_dir_size'] + $space_taken, true); set_config('num_files', $config['num_files'] + $files_added, true); } } // we need to update the last forum information // only applicable if the topic is not global and it is approved // we also check to make sure we are not dealing with globaling the latest topic (pretty rare but still needs to be checked) if ($topic_type != POST_GLOBAL && !$make_global && ($post_approved || !$data['post_approved'])) { // the last post makes us update the forum table. This can happen if... // We make a new topic // We reply to a topic // We edit the last post in a topic and this post is the latest in the forum (maybe) // We edit the only post in the topic // We edit the first post in the topic and all the other posts are not approved if (($post_mode == 'post' || $post_mode == 'reply') && $post_approved) { $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = ' . $data['post_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($subject) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = ' . $current_time; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = ' . (int) $user->data['user_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape((!$user->data['is_registered'] && $username) ? $username : (($user->data['user_id'] != ANONYMOUS) ? $user->data['username'] : '')) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = '" . $db->sql_escape($user->data['user_colour']) . "'"; } else if ($post_mode == 'edit_last_post' || $post_mode == 'edit_topic' || ($post_mode == 'edit_first_post' && !$data['topic_replies'])) { // this does not _necessarily_ mean that we must update the info again, // it just means that we might have to $sql = 'SELECT forum_last_post_id, forum_last_post_subject FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . (int) $data['forum_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // this post is the latest post in the forum, better update if ($row['forum_last_post_id'] == $data['post_id']) { if ($post_approved && $row['forum_last_post_subject'] !== $subject) { // the only data that can really be changed is the post's subject $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_subject = \'' . $db->sql_escape($subject) . '\''; } else if ($data['post_approved'] !== $post_approved) { // we need a fresh change of socks, everything has become invalidated $sql = 'SELECT MAX(topic_last_post_id) as last_post_id FROM ' . TOPICS_TABLE . ' WHERE forum_id = ' . (int) $data['forum_id'] . ' AND topic_approved = 1'; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // any posts left in this forum? if (!empty($row['last_post_id'])) { $sql = 'SELECT p.post_id, p.post_subject, p.post_time, p.poster_id, p.post_username, u.user_id, u.username, u.user_colour FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE p.poster_id = u.user_id AND p.post_id = ' . (int) $row['last_post_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // salvation, a post is found! jam it into the forums table $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = ' . (int) $row['post_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($row['post_subject']) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = ' . (int) $row['post_time']; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = ' . (int) $row['poster_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape(($row['poster_id'] == ANONYMOUS) ? $row['post_username'] : $row['username']) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = '" . $db->sql_escape($row['user_colour']) . "'"; } else { // just our luck, the last topic in the forum has just been turned unapproved... $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = 0'; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = ''"; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = 0'; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = 0'; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = ''"; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = ''"; } } } } } else if ($make_global) { // somebody decided to be a party pooper, we must recalculate the whole shebang (maybe) $sql = 'SELECT forum_last_post_id FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . (int) $data['forum_id']; $result = $db->sql_query($sql); $forum_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // we made a topic global, go get new data if ($topic_row['topic_type'] != POST_GLOBAL && $topic_type == POST_GLOBAL && $forum_row['forum_last_post_id'] == $topic_row['topic_last_post_id']) { // we need a fresh change of socks, everything has become invalidated $sql = 'SELECT MAX(topic_last_post_id) as last_post_id FROM ' . TOPICS_TABLE . ' WHERE forum_id = ' . (int) $data['forum_id'] . ' AND topic_approved = 1'; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // any posts left in this forum? if (!empty($row['last_post_id'])) { $sql = 'SELECT p.post_id, p.post_subject, p.post_time, p.poster_id, p.post_username, u.user_id, u.username, u.user_colour FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE p.poster_id = u.user_id AND p.post_id = ' . (int) $row['last_post_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // salvation, a post is found! jam it into the forums table $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = ' . (int) $row['post_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($row['post_subject']) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = ' . (int) $row['post_time']; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = ' . (int) $row['poster_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape(($row['poster_id'] == ANONYMOUS) ? $row['post_username'] : $row['username']) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = '" . $db->sql_escape($row['user_colour']) . "'"; } else { // just our luck, the last topic in the forum has just been globalized... $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = 0'; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = ''"; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = 0'; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = 0'; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = ''"; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = ''"; } } else if ($topic_row['topic_type'] == POST_GLOBAL && $topic_type != POST_GLOBAL && $forum_row['forum_last_post_id'] < $topic_row['topic_last_post_id']) { // this post has a higher id, it is newer $sql = 'SELECT p.post_id, p.post_subject, p.post_time, p.poster_id, p.post_username, u.user_id, u.username, u.user_colour FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE p.poster_id = u.user_id AND p.post_id = ' . (int) $topic_row['topic_last_post_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // salvation, a post is found! jam it into the forums table $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = ' . (int) $row['post_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($row['post_subject']) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = ' . (int) $row['post_time']; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = ' . (int) $row['poster_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape(($row['poster_id'] == ANONYMOUS) ? $row['post_username'] : $row['username']) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = '" . $db->sql_escape($row['user_colour']) . "'"; } } // topic sync time! // simply, we update if it is a reply or the last post is edited if ($post_approved) { // reply requires the whole thing if ($post_mode == 'reply') { $sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_post_id = ' . (int) $data['post_id']; $sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_poster_id = ' . (int) $user->data['user_id']; $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_poster_name = '" . $db->sql_escape((!$user->data['is_registered'] && $username) ? $username : (($user->data['user_id'] != ANONYMOUS) ? $user->data['username'] : '')) . "'"; $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_poster_colour = '" . (($user->data['user_id'] != ANONYMOUS) ? $db->sql_escape($user->data['user_colour']) : '') . "'"; $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_post_subject = '" . $db->sql_escape($subject) . "'"; $sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_post_time = ' . (int) $current_time; } else if ($post_mode == 'edit_last_post' || $post_mode == 'edit_topic' || ($post_mode == 'edit_first_post' && !$data['topic_replies'])) { // only the subject can be changed from edit $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_post_subject = '" . $db->sql_escape($subject) . "'"; } } else if (!$data['post_approved'] && ($post_mode == 'edit_last_post' || $post_mode == 'edit_topic' || ($post_mode == 'edit_first_post' && !$data['topic_replies']))) { // like having the rug pulled from under us $sql = 'SELECT MAX(post_id) as last_post_id FROM ' . POSTS_TABLE . ' WHERE topic_id = ' . (int) $data['topic_id'] . ' AND post_approved = 1'; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // any posts left in this forum? if (!empty($row['last_post_id'])) { $sql = 'SELECT p.post_id, p.post_subject, p.post_time, p.poster_id, p.post_username, u.user_id, u.username, u.user_colour FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE p.poster_id = u.user_id AND p.post_id = ' . (int) $row['last_post_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // salvation, a post is found! jam it into the topics table $sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_post_id = ' . (int) $row['post_id']; $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_post_subject = '" . $db->sql_escape($row['post_subject']) . "'"; $sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_post_time = ' . (int) $row['post_time']; $sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_poster_id = ' . (int) $row['poster_id']; $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_poster_name = '" . $db->sql_escape(($row['poster_id'] == ANONYMOUS) ? $row['post_username'] : $row['username']) . "'"; $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_poster_colour = '" . $db->sql_escape($row['user_colour']) . "'"; } } // Update total post count, do not consider moderated posts/topics if ($auth->acl_get('f_noapprove', $data['forum_id']) || $auth->acl_get('m_approve', $data['forum_id'])) { if ($post_mode == 'post') { set_config('num_topics', $config['num_topics'] + 1, true); set_config('num_posts', $config['num_posts'] + 1, true); } if ($post_mode == 'reply') { set_config('num_posts', $config['num_posts'] + 1, true); } } // Update forum stats $where_sql = array(POSTS_TABLE => 'post_id = ' . $data['post_id'], TOPICS_TABLE => 'topic_id = ' . $data['topic_id'], FORUMS_TABLE => 'forum_id = ' . $data['forum_id'], USERS_TABLE => 'user_id = ' . $user->data['user_id']); foreach ($sql_data as $table => $update_ary) { if (isset($update_ary['stat']) && implode('', $update_ary['stat'])) { $sql = "UPDATE $table SET " . implode(', ', $update_ary['stat']) . ' WHERE ' . $where_sql[$table]; $db->sql_query($sql); } } // Delete topic shadows (if any exist). We do not need a shadow topic for an global announcement if ($make_global) { $sql = 'DELETE FROM ' . TOPICS_TABLE . ' WHERE topic_moved_id = ' . $data['topic_id']; $db->sql_query($sql); } // Committing the transaction before updating search index $db->sql_transaction('commit'); // Delete draft if post was loaded... $draft_id = request_var('draft_loaded', 0); if ($draft_id) { $sql = 'DELETE FROM ' . DRAFTS_TABLE . " WHERE draft_id = $draft_id AND user_id = {$user->data['user_id']}"; $db->sql_query($sql); } // Index message contents if ($update_message && $data['enable_indexing']) { // Select the search method and do some additional checks to ensure it can actually be utilised $search_type = basename($config['search_type']); if (!file_exists($phpbb_root_path . 'includes/search/' . $search_type . '.' . $phpEx)) { trigger_error('NO_SUCH_SEARCH_MODULE'); } if (!class_exists($search_type)) { include("{$phpbb_root_path}includes/search/$search_type.$phpEx"); } $error = false; $search = new $search_type($error); if ($error) { trigger_error($error); } $search->index($mode, $data['post_id'], $data['message'], $subject, $poster_id, ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id']); } // Topic Notification, do not change if moderator is changing other users posts... if ($user->data['user_id'] == $poster_id) { if (!$data['notify_set'] && $data['notify']) { $sql = 'INSERT INTO ' . TOPICS_WATCH_TABLE . ' (user_id, topic_id) VALUES (' . $user->data['user_id'] . ', ' . $data['topic_id'] . ')'; $db->sql_query($sql); } else if ($data['notify_set'] && !$data['notify']) { $sql = 'DELETE FROM ' . TOPICS_WATCH_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . ' AND topic_id = ' . $data['topic_id']; $db->sql_query($sql); } } if ($mode == 'post' || $mode == 'reply' || $mode == 'quote') { // Mark this topic as posted to markread('post', $data['forum_id'], $data['topic_id'], $data['post_time']); } // Mark this topic as read // We do not use post_time here, this is intended (post_time can have a date in the past if editing a message) markread('topic', $data['forum_id'], $data['topic_id'], time()); // if ($config['load_db_lastread'] && $user->data['is_registered']) { $sql = 'SELECT mark_time FROM ' . FORUMS_TRACK_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . ' AND forum_id = ' . $data['forum_id']; $result = $db->sql_query($sql); $f_mark_time = (int) $db->sql_fetchfield('mark_time'); $db->sql_freeresult($result); } else if ($config['load_anon_lastread'] || $user->data['is_registered']) { $f_mark_time = false; } if (($config['load_db_lastread'] && $user->data['is_registered']) || $config['load_anon_lastread'] || $user->data['is_registered']) { // Update forum info $sql = 'SELECT forum_last_post_time FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . $data['forum_id']; $result = $db->sql_query($sql); $forum_last_post_time = (int) $db->sql_fetchfield('forum_last_post_time'); $db->sql_freeresult($result); update_forum_tracking_info($data['forum_id'], $forum_last_post_time, $f_mark_time, false); } // Send Notifications if ($mode != 'edit' && $mode != 'delete' && ($auth->acl_get('f_noapprove', $data['forum_id']) || $auth->acl_get('m_approve', $data['forum_id']))) { user_notification($mode, $subject, $data['topic_title'], $data['forum_name'], $data['forum_id'], $data['topic_id'], $data['post_id']); } /* $params = $add_anchor = ''; if ($auth->acl_get('f_noapprove', $data['forum_id']) || $auth->acl_get('m_approve', $data['forum_id'])) { $params .= '&t=' . $data['topic_id']; if ($mode != 'post') { $params .= '&p=' . $data['post_id']; $add_anchor = '#p' . $data['post_id']; } } else if ($mode != 'post' && $post_mode != 'edit_first_post' && $post_mode != 'edit_topic') { $params .= '&t=' . $data['topic_id']; } $url = (!$params) ? "{$phpbb_root_path}viewforum.$phpEx" : "{$phpbb_root_path}viewtopic.$phpEx"; $url = append_sid($url, 'f=' . $data['forum_id'] . $params) . $add_anchor; return $url; */ return $data['topic_id']; } ?>