2 /***************************************************************************
5 * begin : Saturday, Feb 13, 2001
6 * copyright : (C) 2001 The phpBB Group
7 * email : support@phpbb.com
9 * $Id: posting.php,v 1.159.2.27 2005/10/30 15:17:13 acydburn Exp $
12 ***************************************************************************/
14 /***************************************************************************
16 * This program is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License as published by
18 * the Free Software Foundation; either version 2 of the License, or
19 * (at your option) any later version.
21 ***************************************************************************/
23 define('IN_PHPBB', true);
24 $phpbb_root_path = './';
25 include($phpbb_root_path . 'extension.inc');
26 include($phpbb_root_path . 'common.'.$phpEx);
27 include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
28 include($phpbb_root_path . 'includes/functions_post.'.$phpEx);
31 // Check and set various parameters
33 $params = array('submit' => 'post', 'preview' => 'preview', 'delete' => 'delete', 'poll_delete' => 'poll_delete', 'poll_add' => 'add_poll_option', 'poll_edit' => 'edit_poll_option', 'mode' => 'mode');
34 while( list($var, $param) = @each($params) )
36 if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) )
38 $$var = ( !empty($HTTP_POST_VARS[$param]) ) ? htmlspecialchars($HTTP_POST_VARS[$param]) : htmlspecialchars($HTTP_GET_VARS[$param]);
46 $confirm = isset($HTTP_POST_VARS['confirm']) ? true : false;
48 $params = array('forum_id' => POST_FORUM_URL, 'topic_id' => POST_TOPIC_URL, 'post_id' => POST_POST_URL);
49 while( list($var, $param) = @each($params) )
51 if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) )
53 $$var = ( !empty($HTTP_POST_VARS[$param]) ) ? intval($HTTP_POST_VARS[$param]) : intval($HTTP_GET_VARS[$param]);
61 $refresh = $preview || $poll_add || $poll_edit || $poll_delete;
62 $orig_word = $replacement_word = array();
67 $topic_type = ( !empty($HTTP_POST_VARS['topictype']) ) ? intval($HTTP_POST_VARS['topictype']) : POST_NORMAL;
68 $topic_type = ( in_array($topic_type, array(POST_NORMAL, POST_STICKY, POST_ANNOUNCE)) ) ? $topic_type : POST_NORMAL;
71 // If the mode is set to topic review then output
74 if ( $mode == 'topicreview' )
76 require($phpbb_root_path . 'includes/topic_review.'.$phpEx);
78 topic_review($topic_id, false);
81 else if ( $mode == 'smilies' )
83 generate_smilies('window', PAGE_POSTING);
88 // Start session management
90 $userdata = session_pagestart($user_ip, PAGE_POSTING);
91 init_userprefs($userdata);
93 // End session management
97 // Was cancel pressed? If so then redirect to the appropriate
98 // page, no point in continuing with any further checks
100 if ( isset($HTTP_POST_VARS['cancel']) )
104 $redirect = "viewtopic.$phpEx?" . POST_POST_URL . "=$post_id";
105 $post_append = "#$post_id";
107 else if ( $topic_id )
109 $redirect = "viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id";
112 else if ( $forum_id )
114 $redirect = "viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id";
119 $redirect = "index.$phpEx";
123 redirect(append_sid($redirect, true) . $post_append);
127 // What auth type do we need to check?
133 if ( $topic_type == POST_ANNOUNCE )
135 $is_auth_type = 'auth_announce';
137 else if ( $topic_type == POST_STICKY )
139 $is_auth_type = 'auth_sticky';
143 $is_auth_type = 'auth_post';
148 $is_auth_type = 'auth_reply';
151 $is_auth_type = 'auth_edit';
155 $is_auth_type = 'auth_delete';
158 $is_auth_type = 'auth_vote';
161 $is_auth_type = 'auth_read';
164 message_die(GENERAL_MESSAGE, $lang['No_post_mode']);
169 // Here we do various lookups to find topic_id, forum_id, post_id etc.
170 // Doing it here prevents spoofing (eg. faking forum_id, topic_id or post_id
173 $post_data = array();
177 if ( empty($forum_id) )
179 message_die(GENERAL_MESSAGE, $lang['Forum_not_exist']);
183 FROM " . FORUMS_TABLE . "
184 WHERE forum_id = $forum_id";
189 if ( empty( $topic_id) )
191 message_die(GENERAL_MESSAGE, $lang['No_topic_id']);
194 $sql = "SELECT f.*, t.topic_status, t.topic_title, t.topic_type
195 FROM " . FORUMS_TABLE . " f, " . TOPICS_TABLE . " t
196 WHERE t.topic_id = $topic_id
197 AND f.forum_id = t.forum_id";
204 if ( empty($post_id) )
206 message_die(GENERAL_MESSAGE, $lang['No_post_id']);
209 $select_sql = (!$submit) ? ', t.topic_title, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig, u.user_sig_bbcode_uid' : '';
210 $from_sql = ( !$submit ) ? ", " . POSTS_TEXT_TABLE . " pt, " . USERS_TABLE . " u" : '';
211 $where_sql = ( !$submit ) ? "AND pt.post_id = p.post_id AND u.user_id = p.poster_id" : '';
213 $sql = "SELECT f.*, t.topic_id, t.topic_status, t.topic_type, t.topic_first_post_id, t.topic_last_post_id, t.topic_vote, p.post_id, p.poster_id" . $select_sql . "
214 FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f" . $from_sql . "
215 WHERE p.post_id = $post_id
216 AND t.topic_id = p.topic_id
217 AND f.forum_id = p.forum_id
222 message_die(GENERAL_MESSAGE, $lang['No_valid_mode']);
225 if ( $result = $db->sql_query($sql) )
227 $post_info = $db->sql_fetchrow($result);
228 $db->sql_freeresult($result);
230 $forum_id = $post_info['forum_id'];
231 $forum_name = $post_info['forum_name'];
233 $is_auth = auth(AUTH_ALL, $forum_id, $userdata, $post_info);
235 if ( $post_info['forum_status'] == FORUM_LOCKED && !$is_auth['auth_mod'])
237 message_die(GENERAL_MESSAGE, $lang['Forum_locked']);
239 else if ( $mode != 'newtopic' && $post_info['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod'])
241 message_die(GENERAL_MESSAGE, $lang['Topic_locked']);
244 if ( $mode == 'editpost' || $mode == 'delete' || $mode == 'poll_delete' )
246 $topic_id = $post_info['topic_id'];
248 $post_data['poster_post'] = ( $post_info['poster_id'] == $userdata['user_id'] ) ? true : false;
249 $post_data['first_post'] = ( $post_info['topic_first_post_id'] == $post_id ) ? true : false;
250 $post_data['last_post'] = ( $post_info['topic_last_post_id'] == $post_id ) ? true : false;
251 $post_data['last_topic'] = ( $post_info['forum_last_post_id'] == $post_id ) ? true : false;
252 $post_data['has_poll'] = ( $post_info['topic_vote'] ) ? true : false;
253 $post_data['topic_type'] = $post_info['topic_type'];
254 $post_data['poster_id'] = $post_info['poster_id'];
256 if ( $post_data['first_post'] && $post_data['has_poll'] )
259 FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr
260 WHERE vd.topic_id = $topic_id
261 AND vr.vote_id = vd.vote_id
262 ORDER BY vr.vote_option_id";
263 if ( !($result = $db->sql_query($sql)) )
265 message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql);
268 $poll_options = array();
269 $poll_results_sum = 0;
270 if ( $row = $db->sql_fetchrow($result) )
272 $poll_title = $row['vote_text'];
273 $poll_id = $row['vote_id'];
274 $poll_length = $row['vote_length'] / 86400;
278 $poll_options[$row['vote_option_id']] = $row['vote_option_text'];
279 $poll_results_sum += $row['vote_result'];
281 while ( $row = $db->sql_fetchrow($result) );
283 $db->sql_freeresult($result);
285 $post_data['edit_poll'] = ( ( !$poll_results_sum || $is_auth['auth_mod'] ) && $post_data['first_post'] ) ? true : 0;
289 $post_data['edit_poll'] = ($post_data['first_post'] && $is_auth['auth_pollcreate']) ? true : false;
293 // Can this user edit/delete the post/poll?
295 if ( $post_info['poster_id'] != $userdata['user_id'] && !$is_auth['auth_mod'] )
297 $message = ( $delete || $mode == 'delete' ) ? $lang['Delete_own_posts'] : $lang['Edit_own_posts'];
298 $message .= '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>');
300 message_die(GENERAL_MESSAGE, $message);
302 else if ( !$post_data['last_post'] && !$is_auth['auth_mod'] && ( $mode == 'delete' || $delete ) )
304 message_die(GENERAL_MESSAGE, $lang['Cannot_delete_replied']);
306 else if ( !$post_data['edit_poll'] && !$is_auth['auth_mod'] && ( $mode == 'poll_delete' || $poll_delete ) )
308 message_die(GENERAL_MESSAGE, $lang['Cannot_delete_poll']);
313 if ( $mode == 'quote' )
315 $topic_id = $post_info['topic_id'];
317 if ( $mode == 'newtopic' )
319 $post_data['topic_type'] = POST_NORMAL;
322 $post_data['first_post'] = ( $mode == 'newtopic' ) ? true : 0;
323 $post_data['last_post'] = false;
324 $post_data['has_poll'] = false;
325 $post_data['edit_poll'] = false;
327 if ( $mode == 'poll_delete' && !isset($poll_id) )
329 message_die(GENERAL_MESSAGE, $lang['No_such_post']);
334 message_die(GENERAL_MESSAGE, $lang['No_such_post']);
338 // The user is not authed, if they're not logged in then redirect
339 // them, else show them an error message
341 if ( !$is_auth[$is_auth_type] )
343 if ( $userdata['session_logged_in'] )
345 message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_' . $is_auth_type], $is_auth[$is_auth_type . "_type"]));
351 $redirect = "mode=newtopic&" . POST_FORUM_URL . "=" . $forum_id;
355 $redirect = "mode=reply&" . POST_TOPIC_URL . "=" . $topic_id;
359 $redirect = "mode=quote&" . POST_POST_URL ."=" . $post_id;
363 redirect(append_sid("login.$phpEx?redirect=posting.$phpEx&" . $redirect, true));
367 // Set toggles for various options
369 if ( !$board_config['allow_html'] )
375 $html_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_html']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_html'] : $userdata['user_allowhtml'] );
378 if ( !$board_config['allow_bbcode'] )
384 $bbcode_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_bbcode']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_bbcode'] : $userdata['user_allowbbcode'] );
387 if ( !$board_config['allow_smilies'] )
393 $smilies_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_smilies']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_smilies'] : $userdata['user_allowsmile'] );
396 if ( ($submit || $refresh) && $is_auth['auth_read'])
398 $notify_user = ( !empty($HTTP_POST_VARS['notify']) ) ? TRUE : 0;
402 if ( $mode != 'newtopic' && $userdata['session_logged_in'] && $is_auth['auth_read'] )
404 $sql = "SELECT topic_id
405 FROM " . TOPICS_WATCH_TABLE . "
406 WHERE topic_id = $topic_id
407 AND user_id = " . $userdata['user_id'];
408 if ( !($result = $db->sql_query($sql)) )
410 message_die(GENERAL_ERROR, 'Could not obtain topic watch information', '', __LINE__, __FILE__, $sql);
413 $notify_user = ( $db->sql_fetchrow($result) ) ? TRUE : $userdata['user_notify'];
414 $db->sql_freeresult($result);
418 $notify_user = ( $userdata['session_logged_in'] && $is_auth['auth_read'] ) ? $userdata['user_notify'] : 0;
422 $attach_sig = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['attach_sig']) ) ? TRUE : 0 ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? 0 : $userdata['user_attachsig'] );
424 // --------------------
427 if ( ( $delete || $poll_delete || $mode == 'delete' ) && !$confirm )
432 $s_hidden_fields = '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';
433 $s_hidden_fields .= ( $delete || $mode == "delete" ) ? '<input type="hidden" name="mode" value="delete" />' : '<input type="hidden" name="mode" value="poll_delete" />';
435 $l_confirm = ( $delete || $mode == 'delete' ) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll'];
438 // Output confirmation page
440 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
442 $template->set_filenames(array(
443 'confirm_body' => 'confirm_body.tpl')
446 $template->assign_vars(array(
447 'MESSAGE_TITLE' => $lang['Information'],
448 'MESSAGE_TEXT' => $l_confirm,
450 'L_YES' => $lang['Yes'],
451 'L_NO' => $lang['No'],
453 'S_CONFIRM_ACTION' => append_sid("posting.$phpEx"),
454 'S_HIDDEN_FIELDS' => $s_hidden_fields)
457 $template->pparse('confirm_body');
459 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
461 else if ( $mode == 'vote' )
466 if ( !empty($HTTP_POST_VARS['vote_id']) )
468 $vote_option_id = intval($HTTP_POST_VARS['vote_id']);
470 $sql = "SELECT vd.vote_id
471 FROM " . VOTE_DESC_TABLE . " vd, " . VOTE_RESULTS_TABLE . " vr
472 WHERE vd.topic_id = $topic_id
473 AND vr.vote_id = vd.vote_id
474 AND vr.vote_option_id = $vote_option_id
475 GROUP BY vd.vote_id";
476 if ( !($result = $db->sql_query($sql)) )
478 message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql);
481 if ( $vote_info = $db->sql_fetchrow($result) )
483 $vote_id = $vote_info['vote_id'];
486 FROM " . VOTE_USERS_TABLE . "
487 WHERE vote_id = $vote_id
488 AND vote_user_id = " . $userdata['user_id'];
489 if ( !($result2 = $db->sql_query($sql)) )
491 message_die(GENERAL_ERROR, 'Could not obtain user vote data for this topic', '', __LINE__, __FILE__, $sql);
494 if ( !($row = $db->sql_fetchrow($result2)) )
496 $sql = "UPDATE " . VOTE_RESULTS_TABLE . "
497 SET vote_result = vote_result + 1
498 WHERE vote_id = $vote_id
499 AND vote_option_id = $vote_option_id";
500 if ( !$db->sql_query($sql, BEGIN_TRANSACTION) )
502 message_die(GENERAL_ERROR, 'Could not update poll result', '', __LINE__, __FILE__, $sql);
505 $sql = "INSERT INTO " . VOTE_USERS_TABLE . " (vote_id, vote_user_id, vote_user_ip)
506 VALUES ($vote_id, " . $userdata['user_id'] . ", '$user_ip')";
507 if ( !$db->sql_query($sql, END_TRANSACTION) )
509 message_die(GENERAL_ERROR, "Could not insert user_id for poll", "", __LINE__, __FILE__, $sql);
512 $message = $lang['Vote_cast'];
516 $message = $lang['Already_voted'];
518 $db->sql_freeresult($result2);
522 $message = $lang['No_vote_option'];
524 $db->sql_freeresult($result);
526 $template->assign_vars(array(
527 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">')
529 $message .= '<br /><br />' . sprintf($lang['Click_view_message'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>');
530 message_die(GENERAL_MESSAGE, $message);
534 redirect(append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id", true));
537 else if ( $submit || $confirm )
540 // Submit post/vote (newtopic, edit, reply, etc.)
542 $return_message = '';
550 $username = ( !empty($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : '';
551 $subject = ( !empty($HTTP_POST_VARS['subject']) ) ? trim($HTTP_POST_VARS['subject']) : '';
552 $message = ( !empty($HTTP_POST_VARS['message']) ) ? $HTTP_POST_VARS['message'] : '';
553 $poll_title = ( isset($HTTP_POST_VARS['poll_title']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_title'] : '';
554 $poll_options = ( isset($HTTP_POST_VARS['poll_option_text']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_option_text'] : '';
555 $poll_length = ( isset($HTTP_POST_VARS['poll_length']) && $is_auth['auth_pollcreate'] ) ? $HTTP_POST_VARS['poll_length'] : '';
558 prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $message, $poll_title, $poll_options, $poll_length);
560 if ( $error_msg == '' )
562 $topic_type = ( $topic_type != $post_data['topic_type'] && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] ) ? $post_data['topic_type'] : $topic_type;
564 submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, str_replace("\'", "''", $username), str_replace("\'", "''", $subject), str_replace("\'", "''", $message), str_replace("\'", "''", $poll_title), $poll_options, $poll_length);
570 delete_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id);
574 if ( $error_msg == '' )
576 if ( $mode != 'editpost' )
578 $user_id = ( $mode == 'reply' || $mode == 'newtopic' ) ? $userdata['user_id'] : $post_data['poster_id'];
579 update_post_stats($mode, $post_data, $forum_id, $topic_id, $post_id, $user_id);
582 if ($error_msg == '' && $mode != 'poll_delete')
584 user_notification($mode, $post_data, $post_info['topic_title'], $forum_id, $topic_id, $post_id, $notify_user);
587 if ( $mode == 'newtopic' || $mode == 'reply' )
589 $tracking_topics = ( !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) : array();
590 $tracking_forums = ( !empty($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) ) ? unserialize($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) : array();
592 if ( count($tracking_topics) + count($tracking_forums) == 100 && empty($tracking_topics[$topic_id]) )
594 asort($tracking_topics);
595 unset($tracking_topics[key($tracking_topics)]);
598 $tracking_topics[$topic_id] = time();
600 setcookie($board_config['cookie_name'] . '_t', serialize($tracking_topics), 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
603 $template->assign_vars(array(
604 'META' => $return_meta)
606 message_die(GENERAL_MESSAGE, $return_message);
610 if( $refresh || isset($HTTP_POST_VARS['del_poll_option']) || $error_msg != '' )
612 $username = ( !empty($HTTP_POST_VARS['username']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['username']))) : '';
613 $subject = ( !empty($HTTP_POST_VARS['subject']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['subject']))) : '';
614 $message = ( !empty($HTTP_POST_VARS['message']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['message']))) : '';
616 $poll_title = ( !empty($HTTP_POST_VARS['poll_title']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['poll_title']))) : '';
617 $poll_length = ( isset($HTTP_POST_VARS['poll_length']) ) ? max(0, intval($HTTP_POST_VARS['poll_length'])) : 0;
619 $poll_options = array();
620 if ( !empty($HTTP_POST_VARS['poll_option_text']) )
622 while( list($option_id, $option_text) = @each($HTTP_POST_VARS['poll_option_text']) )
624 if( isset($HTTP_POST_VARS['del_poll_option'][$option_id]) )
626 unset($poll_options[$option_id]);
628 else if ( !empty($option_text) )
630 $poll_options[$option_id] = htmlspecialchars(trim(stripslashes($option_text)));
635 if ( isset($poll_add) && !empty($HTTP_POST_VARS['add_poll_option_text']) )
637 $poll_options[] = htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['add_poll_option_text'])));
640 if ( $mode == 'newtopic' || $mode == 'reply')
642 $user_sig = ( $userdata['user_sig'] != '' && $board_config['allow_sig'] ) ? $userdata['user_sig'] : '';
644 else if ( $mode == 'editpost' )
646 $user_sig = ( $post_info['user_sig'] != '' && $board_config['allow_sig'] ) ? $post_info['user_sig'] : '';
647 $userdata['user_sig_bbcode_uid'] = $post_info['user_sig_bbcode_uid'];
652 $orig_word = array();
653 $replacement_word = array();
654 obtain_word_list($orig_word, $replacement_word);
656 $bbcode_uid = ( $bbcode_on ) ? make_bbcode_uid() : '';
657 $preview_message = stripslashes(prepare_message(addslashes(unprepare_message($message)), $html_on, $bbcode_on, $smilies_on, $bbcode_uid));
658 $preview_subject = $subject;
659 $preview_username = $username;
662 // Finalise processing as per viewtopic
666 if( $user_sig != '' || !$userdata['user_allowhtml'] )
668 $user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', '<\2>', $user_sig);
672 if( $attach_sig && $user_sig != '' && $userdata['user_sig_bbcode_uid'] )
674 $user_sig = bbencode_second_pass($user_sig, $userdata['user_sig_bbcode_uid']);
679 $preview_message = bbencode_second_pass($preview_message, $bbcode_uid);
682 if( !empty($orig_word) )
684 $preview_username = ( !empty($username) ) ? preg_replace($orig_word, $replacement_word, $preview_username) : '';
685 $preview_subject = ( !empty($subject) ) ? preg_replace($orig_word, $replacement_word, $preview_subject) : '';
686 $preview_message = ( !empty($preview_message) ) ? preg_replace($orig_word, $replacement_word, $preview_message) : '';
689 if( $user_sig != '' )
691 $user_sig = make_clickable($user_sig);
693 $preview_message = make_clickable($preview_message);
697 if( $userdata['user_allowsmile'] && $user_sig != '' )
699 $user_sig = smilies_pass($user_sig);
702 $preview_message = smilies_pass($preview_message);
705 if( $attach_sig && $user_sig != '' )
707 $preview_message = $preview_message . '<br /><br />_________________<br />' . $user_sig;
710 $preview_message = str_replace("\n", '<br />', $preview_message);
712 $template->set_filenames(array(
713 'preview' => 'posting_preview.tpl')
716 $template->assign_vars(array(
717 'TOPIC_TITLE' => $preview_subject,
718 'POST_SUBJECT' => $preview_subject,
719 'POSTER_NAME' => $preview_username,
720 'POST_DATE' => create_date($board_config['default_dateformat'], time(), $board_config['board_timezone']),
721 'MESSAGE' => $preview_message,
723 'L_POST_SUBJECT' => $lang['Post_subject'],
724 'L_PREVIEW' => $lang['Preview'],
725 'L_POSTED' => $lang['Posted'],
726 'L_POST' => $lang['Post'])
728 $template->assign_var_from_handle('POST_PREVIEW_BOX', 'preview');
730 else if( $error_msg != '' )
732 $template->set_filenames(array(
733 'reg_header' => 'error_body.tpl')
735 $template->assign_vars(array(
736 'ERROR_MESSAGE' => $error_msg)
738 $template->assign_var_from_handle('ERROR_BOX', 'reg_header');
744 // User default entry point
746 if ( $mode == 'newtopic' )
748 $user_sig = ( $userdata['user_sig'] != '' ) ? $userdata['user_sig'] : '';
750 $username = ($userdata['session_logged_in']) ? $userdata['username'] : '';
756 else if ( $mode == 'reply' )
758 $user_sig = ( $userdata['user_sig'] != '' ) ? $userdata['user_sig'] : '';
760 $username = ( $userdata['session_logged_in'] ) ? $userdata['username'] : '';
765 else if ( $mode == 'quote' || $mode == 'editpost' )
767 $subject = ( $post_data['first_post'] ) ? $post_info['topic_title'] : $post_info['post_subject'];
768 $message = $post_info['post_text'];
770 if ( $mode == 'editpost' )
772 $attach_sig = ( $post_info['enable_sig'] && $post_info['user_sig'] != '' ) ? TRUE : 0;
773 $user_sig = $post_info['user_sig'];
775 $html_on = ( $post_info['enable_html'] ) ? true : false;
776 $bbcode_on = ( $post_info['enable_bbcode'] ) ? true : false;
777 $smilies_on = ( $post_info['enable_smilies'] ) ? true : false;
781 $attach_sig = ( $userdata['user_attachsig'] ) ? TRUE : 0;
782 $user_sig = $userdata['user_sig'];
785 if ( $post_info['bbcode_uid'] != '' )
787 $message = preg_replace('/\:(([a-z0-9]:)?)' . $post_info['bbcode_uid'] . '/s', '', $message);
790 $message = str_replace('<', '<', $message);
791 $message = str_replace('>', '>', $message);
792 $message = str_replace('<br />', "\n", $message);
794 if ( $mode == 'quote' )
796 $orig_word = array();
797 $replacement_word = array();
798 obtain_word_list($orig_word, $replace_word);
800 $msg_date = create_date($board_config['default_dateformat'], $postrow['post_time'], $board_config['board_timezone']);
802 // Use trim to get rid of spaces placed there by MS-SQL 2000
803 $quote_username = ( trim($post_info['post_username']) != '' ) ? $post_info['post_username'] : $post_info['username'];
804 $message = '[quote="' . $quote_username . '"]' . $message . '[/quote]';
806 if ( !empty($orig_word) )
808 $subject = ( !empty($subject) ) ? preg_replace($orig_word, $replace_word, $subject) : '';
809 $message = ( !empty($message) ) ? preg_replace($orig_word, $replace_word, $message) : '';
812 if ( !preg_match('/^Re:/', $subject) && strlen($subject) > 0 )
814 $subject = 'Re: ' . $subject;
821 $username = ( $post_info['user_id'] == ANONYMOUS && !empty($post_info['post_username']) ) ? $post_info['post_username'] : '';
827 // Signature toggle selection
829 if( $user_sig != '' )
831 $template->assign_block_vars('switch_signature_checkbox', array());
835 // HTML toggle selection
837 if ( $board_config['allow_html'] )
839 $html_status = $lang['HTML_is_ON'];
840 $template->assign_block_vars('switch_html_checkbox', array());
844 $html_status = $lang['HTML_is_OFF'];
848 // BBCode toggle selection
850 if ( $board_config['allow_bbcode'] )
852 $bbcode_status = $lang['BBCode_is_ON'];
853 $template->assign_block_vars('switch_bbcode_checkbox', array());
857 $bbcode_status = $lang['BBCode_is_OFF'];
861 // Smilies toggle selection
863 if ( $board_config['allow_smilies'] )
865 $smilies_status = $lang['Smilies_are_ON'];
866 $template->assign_block_vars('switch_smilies_checkbox', array());
870 $smilies_status = $lang['Smilies_are_OFF'];
873 if( !$userdata['session_logged_in'] || ( $mode == 'editpost' && $post_info['poster_id'] == ANONYMOUS ) )
875 $template->assign_block_vars('switch_username_select', array());
879 // Notify checkbox - only show if user is logged in
881 if ( $userdata['session_logged_in'] && $is_auth['auth_read'] )
883 if ( $mode != 'editpost' || ( $mode == 'editpost' && $post_info['poster_id'] != ANONYMOUS ) )
885 $template->assign_block_vars('switch_notify_checkbox', array());
892 if ( $mode == 'editpost' && ( ( $is_auth['auth_delete'] && $post_data['last_post'] && ( !$post_data['has_poll'] || $post_data['edit_poll'] ) ) || $is_auth['auth_mod'] ) )
894 $template->assign_block_vars('switch_delete_checkbox', array());
898 // Topic type selection
900 $topic_type_toggle = '';
901 if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] ) )
903 $template->assign_block_vars('switch_type_toggle', array());
905 if( $is_auth['auth_sticky'] )
907 $topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_STICKY . '"';
908 if ( $post_data['topic_type'] == POST_STICKY || $topic_type == POST_STICKY )
910 $topic_type_toggle .= ' checked="checked"';
912 $topic_type_toggle .= ' /> ' . $lang['Post_Sticky'] . ' ';
915 if( $is_auth['auth_announce'] )
917 $topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_ANNOUNCE . '"';
918 if ( $post_data['topic_type'] == POST_ANNOUNCE || $topic_type == POST_ANNOUNCE )
920 $topic_type_toggle .= ' checked="checked"';
922 $topic_type_toggle .= ' /> ' . $lang['Post_Announcement'] . ' ';
925 if ( $topic_type_toggle != '' )
927 $topic_type_toggle = $lang['Post_topic_as'] . ': <input type="radio" name="topictype" value="' . POST_NORMAL .'"' . ( ( $post_data['topic_type'] == POST_NORMAL || $topic_type == POST_NORMAL ) ? ' checked="checked"' : '' ) . ' /> ' . $lang['Post_Normal'] . ' ' . $topic_type_toggle;
931 $hidden_form_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
936 $page_title = $lang['Post_a_new_topic'];
937 $hidden_form_fields .= '<input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />';
941 $page_title = $lang['Post_a_reply'];
942 $hidden_form_fields .= '<input type="hidden" name="' . POST_TOPIC_URL . '" value="' . $topic_id . '" />';
946 $page_title = $lang['Edit_Post'];
947 $hidden_form_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';
951 // Generate smilies listing for page output
952 generate_smilies('inline', PAGE_POSTING);
955 // Include page header
957 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
959 $template->set_filenames(array(
960 'body' => 'posting_body.tpl',
961 'pollbody' => 'posting_poll_body.tpl',
962 'reviewbody' => 'posting_topic_review.tpl')
964 make_jumpbox('viewforum.'.$phpEx);
966 $template->assign_vars(array(
967 'FORUM_NAME' => $forum_name,
968 'L_POST_A' => $page_title,
969 'L_POST_SUBJECT' => $lang['Post_subject'],
971 'U_VIEW_FORUM' => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id"))
975 // This enables the forum/topic title to be output for posting
976 // but not for privmsg (where it makes no sense)
978 $template->assign_block_vars('switch_not_privmsg', array());
981 // Output the data to the template
983 $template->assign_vars(array(
984 'USERNAME' => $username,
985 'SUBJECT' => $subject,
986 'MESSAGE' => $message,
987 'HTML_STATUS' => $html_status,
988 'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'),
989 'SMILIES_STATUS' => $smilies_status,
991 'L_SUBJECT' => $lang['Subject'],
992 'L_MESSAGE_BODY' => $lang['Message_body'],
993 'L_OPTIONS' => $lang['Options'],
994 'L_PREVIEW' => $lang['Preview'],
995 'L_SPELLCHECK' => $lang['Spellcheck'],
996 'L_SUBMIT' => $lang['Submit'],
997 'L_CANCEL' => $lang['Cancel'],
998 'L_CONFIRM_DELETE' => $lang['Confirm_delete'],
999 'L_DISABLE_HTML' => $lang['Disable_HTML_post'],
1000 'L_DISABLE_BBCODE' => $lang['Disable_BBCode_post'],
1001 'L_DISABLE_SMILIES' => $lang['Disable_Smilies_post'],
1002 'L_ATTACH_SIGNATURE' => $lang['Attach_signature'],
1003 'L_NOTIFY_ON_REPLY' => $lang['Notify'],
1004 'L_DELETE_POST' => $lang['Delete_post'],
1006 'L_BBCODE_B_HELP' => $lang['bbcode_b_help'],
1007 'L_BBCODE_I_HELP' => $lang['bbcode_i_help'],
1008 'L_BBCODE_U_HELP' => $lang['bbcode_u_help'],
1009 'L_BBCODE_Q_HELP' => $lang['bbcode_q_help'],
1010 'L_BBCODE_C_HELP' => $lang['bbcode_c_help'],
1011 'L_BBCODE_L_HELP' => $lang['bbcode_l_help'],
1012 'L_BBCODE_O_HELP' => $lang['bbcode_o_help'],
1013 'L_BBCODE_P_HELP' => $lang['bbcode_p_help'],
1014 'L_BBCODE_W_HELP' => $lang['bbcode_w_help'],
1015 'L_BBCODE_A_HELP' => $lang['bbcode_a_help'],
1016 'L_BBCODE_S_HELP' => $lang['bbcode_s_help'],
1017 'L_BBCODE_F_HELP' => $lang['bbcode_f_help'],
1018 'L_EMPTY_MESSAGE' => $lang['Empty_message'],
1020 'L_FONT_COLOR' => $lang['Font_color'],
1021 'L_COLOR_DEFAULT' => $lang['color_default'],
1022 'L_COLOR_DARK_RED' => $lang['color_dark_red'],
1023 'L_COLOR_RED' => $lang['color_red'],
1024 'L_COLOR_ORANGE' => $lang['color_orange'],
1025 'L_COLOR_BROWN' => $lang['color_brown'],
1026 'L_COLOR_YELLOW' => $lang['color_yellow'],
1027 'L_COLOR_GREEN' => $lang['color_green'],
1028 'L_COLOR_OLIVE' => $lang['color_olive'],
1029 'L_COLOR_CYAN' => $lang['color_cyan'],
1030 'L_COLOR_BLUE' => $lang['color_blue'],
1031 'L_COLOR_DARK_BLUE' => $lang['color_dark_blue'],
1032 'L_COLOR_INDIGO' => $lang['color_indigo'],
1033 'L_COLOR_VIOLET' => $lang['color_violet'],
1034 'L_COLOR_WHITE' => $lang['color_white'],
1035 'L_COLOR_BLACK' => $lang['color_black'],
1037 'L_FONT_SIZE' => $lang['Font_size'],
1038 'L_FONT_TINY' => $lang['font_tiny'],
1039 'L_FONT_SMALL' => $lang['font_small'],
1040 'L_FONT_NORMAL' => $lang['font_normal'],
1041 'L_FONT_LARGE' => $lang['font_large'],
1042 'L_FONT_HUGE' => $lang['font_huge'],
1044 'L_BBCODE_CLOSE_TAGS' => $lang['Close_Tags'],
1045 'L_STYLES_TIP' => $lang['Styles_tip'],
1047 'U_VIEWTOPIC' => ( $mode == 'reply' ) ? append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id&postorder=desc") : '',
1048 'U_REVIEW_TOPIC' => ( $mode == 'reply' ) ? append_sid("posting.$phpEx?mode=topicreview&" . POST_TOPIC_URL . "=$topic_id") : '',
1050 'S_HTML_CHECKED' => ( !$html_on ) ? 'checked="checked"' : '',
1051 'S_BBCODE_CHECKED' => ( !$bbcode_on ) ? 'checked="checked"' : '',
1052 'S_SMILIES_CHECKED' => ( !$smilies_on ) ? 'checked="checked"' : '',
1053 'S_SIGNATURE_CHECKED' => ( $attach_sig ) ? 'checked="checked"' : '',
1054 'S_NOTIFY_CHECKED' => ( $notify_user ) ? 'checked="checked"' : '',
1055 'S_TYPE_TOGGLE' => $topic_type_toggle,
1056 'S_TOPIC_ID' => $topic_id,
1057 'S_POST_ACTION' => append_sid("posting.$phpEx"),
1058 'S_HIDDEN_FORM_FIELDS' => $hidden_form_fields)
1062 // Poll entry switch/output
1064 if( ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['edit_poll']) ) && $is_auth['auth_pollcreate'] )
1066 $template->assign_vars(array(
1067 'L_ADD_A_POLL' => $lang['Add_poll'],
1068 'L_ADD_POLL_EXPLAIN' => $lang['Add_poll_explain'],
1069 'L_POLL_QUESTION' => $lang['Poll_question'],
1070 'L_POLL_OPTION' => $lang['Poll_option'],
1071 'L_ADD_OPTION' => $lang['Add_option'],
1072 'L_UPDATE_OPTION' => $lang['Update'],
1073 'L_DELETE_OPTION' => $lang['Delete'],
1074 'L_POLL_LENGTH' => $lang['Poll_for'],
1075 'L_DAYS' => $lang['Days'],
1076 'L_POLL_LENGTH_EXPLAIN' => $lang['Poll_for_explain'],
1077 'L_POLL_DELETE' => $lang['Delete_poll'],
1079 'POLL_TITLE' => $poll_title,
1080 'POLL_LENGTH' => $poll_length)
1083 if( $mode == 'editpost' && $post_data['edit_poll'] && $post_data['has_poll'])
1085 $template->assign_block_vars('switch_poll_delete_toggle', array());
1088 if( !empty($poll_options) )
1090 while( list($option_id, $option_text) = each($poll_options) )
1092 $template->assign_block_vars('poll_option_rows', array(
1093 'POLL_OPTION' => str_replace('"', '"', $option_text),
1095 'S_POLL_OPTION_NUM' => $option_id)
1100 $template->assign_var_from_handle('POLLBOX', 'pollbody');
1106 if( $mode == 'reply' && $is_auth['auth_read'] )
1108 require($phpbb_root_path . 'includes/topic_review.'.$phpEx);
1109 topic_review($topic_id, true);
1111 $template->assign_block_vars('switch_inline_mode', array());
1112 $template->assign_var_from_handle('TOPIC_REVIEW_BOX', 'reviewbody');
1115 $template->pparse('body');
1117 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);