mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-02 04:24:56 +02:00
Code Issues Releases Wiki Activity

ok, a slightly modified posting.php, some fixes too. topic-review and polls will re-appear shortly. Posting is a little bit screwed up now... will get fixed soon too. posting new topics/reply/quote/preview and edit works partially (the post get stored. ;)) This commit is to show the other developers the changes. ;)

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@3572 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2003-02-27 23:37:02 +00:00
parent d4884b0c02
commit a2889a6c5f
11 changed files with 1016 additions and 1009 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

484
phpBB/includes/functions_posting.php
View File

@ -19,430 +19,6 @@
*
***************************************************************************/
// Main message parser for posting, pm, etc. takes raw message
// and parses it for attachments, html, bbcode and smilies
class parse_message
{
var $bbcode_tpl = null;
var $message_mode = 0; // introduce constant or string ? 'posting'/'pm'
function parse_message($message_type)
{
$this->message_mode = $message_type;
}
function parse(&$message, $html, $bbcode, $uid, $url, $smilies)
{
global $config, $db, $user, $_FILE;
$warn_msg = '';
// Do some general 'cleanup' first before processing message,
// e.g. remove excessive newlines(?), smilies(?)
$match = array('#sid=[a-z0-9]*?&?#', "#([\r\n][\s]+){3,}#");
$replace = array('', "\n\n");
$message = trim(preg_replace($match, $replace, $message));
// Message length check
if (!strlen($message) || ($config['max_post_chars'] && strlen($message) > intval($config['max_post_chars'])))
{
$warn_msg .= (($warn_msg != '') ? '<br />' : '') . (!strlen($message)) ? $user->lang['TOO_FEW_CHARS'] : $user->lang['TOO_MANY_CHARS'];
}
// Smiley check
if (intval($config['max_post_smilies']) && $smilies )
{
$sql = "SELECT code
FROM " . SMILIES_TABLE;
$result = $db->sql_query($sql);
$match = 0;
while ($row = $db->sql_fetchrow($result))
{
if (preg_match_all('#('. preg_quote($row['code'], '#') . ')#', $message, $matches))
{
$match++;
}
if ($match > intval($config['max_post_smilies']))
{
$warn_msg .= (($warn_msg != '') ? '<br />' : '') . $user->lang['TOO_MANY_SMILIES'];
break;
}
}
$db->sql_freeresult($result);
unset($matches);
}
if ($warn_msg)
{
return $warn_msg;
}
$warn_msg .= (($warn_msg != '') ? '<br />' : '') . $this->html($message, $html);
$warn_msg .= (($warn_msg != '') ? '<br />' : '') . $this->bbcode($message, $bbcode, $uid);
$warn_msg .= (($warn_msg != '') ? '<br />' : '') . $this->emoticons($message, $smilies);
$warn_msg .= (($warn_msg != '') ? '<br />' : '') . $this->magic_url($message, trim($url));
$warn_msg .= (($warn_msg != '') ? '<br />' : '') . $this->attach($_FILE);
return $warn_msg;
}
function html(&$message, $html)
{
global $config;
$message = str_replace(array('<', '>'), array('&lt;', '&gt;'), $message);
if ($html)
{
// If $html is true then "allowed_tags" are converted back from entity
// form, others remain
$allowed_tags = split(',', $config['allow_html_tags']);
if (sizeof($allowed_tags))
{
$message = preg_replace('#&lt;(\/?)(' . str_replace('*', '.*?', implode('|', $allowed_tags)) . ')&gt;#is', '<\1\2>', $message);
}
}
return;
}
function bbcode(&$message, $bbcode, $uid)
{
global $config;
}
// Replace magic urls of form http://xxx.xxx., www.xxx. and xxx@xxx.xxx.
// Cuts down displayed size of link if over 50 chars, turns absolute links
// into relative versions when the server/script path matches the link
function magic_url(&$message, $url)
{
global $config;
if ($url)
{
$server_protocol = ( $config['cookie_secure'] ) ? 'https://' : 'http://';
$server_port = ( $config['server_port'] <> 80 ) ? ':' . trim($config['server_port']) . '/' : '/';
$match = array();
$replace = array();
// relative urls for this board
$match[] = '#' . $server_protocol . trim($config['server_name']) . $server_port . preg_replace('/^\/?(.*?)(\/)?$/', '\1', trim($config['script_path'])) . '/([^\t\n\r <"\']+)#i';
$replace[] = '<!-- l --><a href="\1" target="_blank">\1</a><!-- l -->';
// matches a xxxx://aaaaa.bbb.cccc. ...
$match[] = '#(^|[\n ])([\w]+?://.*?[^\t\n\r<"]*)#ie';
$replace[] = "'\\1<!-- m --><a href=\"\\2\" target=\"_blank\">' . ( ( strlen(str_replace(' ', '%20', '\\2')) > 55 ) ?substr(str_replace(' ', '%20', '\\2'), 0, 39) . ' ... ' . substr(str_replace(' ', '%20', '\\2'), -10) : str_replace(' ', '%20', '\\2') ) . '</a><!-- m -->'";
// matches a "www.xxxx.yyyy[/zzzz]" kinda lazy URL thing
$match[] = '#(^|[\n ])(www\.[\w\-]+\.[\w\-.\~]+(?:/[^\t\n\r<"]*)?)#ie';
$replace[] = "'\\1<!-- w --><a href=\"http://\\2\" target=\"_blank\">' . ( ( strlen(str_replace(' ', '%20', '\\2')) > 55 ) ? substr(str_replace(' ', '%20', '\\2'), 0, 39) . ' ... ' . substr(str_replace(' ', '%20', '\\2'), -10) : str_replace(' ', '%20', '\\2') ) . '</a><!-- w -->'";
// matches an email@domain type address at the start of a line, or after a space.
$match[] = '#(^|[\n ])([a-z0-9\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)#ie';
$replace[] = "'\\1<!-- e --><a href=\"mailto:\\2\">' . ( ( strlen('\\2') > 55 ) ?substr('\\2', 0, 39) . ' ... ' . substr('\\2', -10) : '\\2' ) . '</a><!-- e -->'";
$message = preg_replace($match, $replace, $message);
}
}
function emoticons(&$message, $smile)
{
global $db, $user;
$sql = "SELECT *
FROM " . SMILIES_TABLE;
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
$match = $replace = array();
do
{
$match[] = "#(?<=.\W|\W.|^\W)" . preg_quote($row['code'], '#') . "(?=.\W|\W.|\W$)#";
$replace[] = '<!-- s' . $row['code'] . ' --><img src="{SMILE_PATH}/' . $row['smile_url'] . '" border="0" alt="' . $row['emoticon'] . '" title="' . $row['emoticon'] . '" /><!-- s' . $row['code'] . ' -->';
}
while ($row = $db->sql_fetchrow($result));
$message = preg_replace($match, $replace, ' ' . $message . ' ');
}
$db->sql_freeresult($result);
return;
}
function attach($file_ary)
{
global $config;
}
}
// Parses a given message and updates/maintains the fulltext tables
class fulltext_search
{
function split_words(&$text)
{
global $user, $config;
static $drop_char_match, $drop_char_replace, $stopwords, $synonyms;
if (empty($drop_char_match))
{
$drop_char_match = array('^', '$', '&', '(', ')', '<', '>', '`', '\'', '"', '|', ',', '@', '_', '?', '%', '-', '~', '+', '.', '[', ']', '{', '}', ':', '\\', '/', '=', '#', '\'', ';', '!', '*');
$drop_char_replace = array(' ', ' ', ' ', ' ', ' ', ' ', ' ', '', '', ' ', ' ', ' ', ' ', '', ' ', ' ', '', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', '' , ' ', ' ', ' ', ' ', ' ', ' ', ' ');
$stopwords = @file($user->lang_path . '/search_stopwords.txt');
$synonyms = @file($user->lang_path . '/search_synonyms.txt');
}
$match = array();
// New lines, carriage returns
$match[] = "#[\n\r]+#";
// NCRs like &nbsp; etc.
$match[] = '#&[\#a-z0-9]+?;#i';
// URL's
$match[] = '#\b[\w]+:\/\/[a-z0-9\.\-]+(\/[a-z0-9\?\.%_\-\+=&\/]+)?#';
// BBcode
$match[] = '#\[img:[a-z0-9]{10,}\].*?\[\/img:[a-z0-9]{10,}\]#';
$match[] = '#\[\/?url(=.*?)?\]#';
$match[] = '#\[\/?[a-z\*=\+\-]+(\:?[0-9a-z]+)?:[a-z0-9]{10,}(\:[a-z0-9]+)?=?.*?\]#';
// Sequences < min_search_chars & < max_search_chars
$match[] = '#\b([a-z0-9]{1,' . $config['min_search_chars'] . '}|[a-z0-9]{' . $config['max_search_chars'] . ',})\b#is';
$text = preg_replace($match, ' ', ' ' . strtolower($text) . ' ');
// Filter out non-alphabetical chars
$text = str_replace($drop_char_match, $drop_char_replace, $text);
if (!empty($stopwords_list))
{
$text = str_replace($stopwords, '', $text);
}
if (!empty($synonyms))
{
for ($j = 0; $j < count($synonyms); $j++)
{
list($replace_synonym, $match_synonym) = split(' ', trim(strtolower($synonyms[$j])));
if ( $mode == 'post' || ( $match_synonym != 'not' && $match_synonym != 'and' && $match_synonym != 'or' ) )
{
$text = preg_replace('#\b' . trim($match_synonym) . '\b#', ' ' . trim($replace_synonym) . ' ', $text);
}
}
}
preg_match_all('/\b([\w]+)\b/', $text, $split_entries);
return array_unique($split_entries[1]);
}
function add(&$mode, &$post_id, &$message, &$subject)
{
global $config, $db;
// $mtime = explode(' ', microtime());
// $starttime = $mtime[1] + $mtime[0];
// Split old and new post/subject to obtain array of 'words'
$split_text = $this->split_words($message);
$split_title = ($subject) ? $this->split_words($subject) : array();
$words = array();
if ($mode == 'edit')
{
$sql = "SELECT w.word_id, w.word_text, m.title_match
FROM " . SEARCH_WORD_TABLE . " w, " . SEARCH_MATCH_TABLE . " m
WHERE m.post_id = " . intval($post_id) . "
AND w.word_id = m.word_id";
$result = $db->sql_query($sql);
$cur_words = array();
while ($row = $db->sql_fetchrow($result))
{
$which = ($row['title_match']) ? 'title' : 'post';
$cur_words[$which][$row['word_text']] = $row['word_id'];
}
$db->sql_freeresult($result);
$words['add']['post'] = array_diff($split_text, array_keys($cur_words['post']));
$words['add']['title'] = array_diff($split_title, array_keys($cur_words['title']));
$words['del']['post'] = array_diff(array_keys($cur_words['post']), $split_text);
$words['del']['title'] = array_diff(array_keys($cur_words['title']), $split_title);
}
else
{
$words['add']['post'] = $split_text;
$words['add']['title'] = $split_title;
$words['del']['post'] = array();
$words['del']['title'] = array();
}
unset($split_text);
unset($split_title);
// Get unique words from the above arrays
$unique_add_words = array_unique(array_merge($words['add']['post'], $words['add']['title']));
// We now have unique arrays of all words to be added and removed and
// individual arrays of added and removed words for text and title. What
// we need to do now is add the new words (if they don't already exist)
// and then add (or remove) matches between the words and this post
if (sizeof($unique_add_words))
{
$sql = "SELECT word_id, word_text
FROM " . SEARCH_WORD_TABLE . "
WHERE word_text IN (" . implode(', ', preg_replace('#^(.*)$#', '\'\1\'', $unique_add_words)) . ")";
$result = $db->sql_query($sql);
$word_ids = array();
while ($row = $db->sql_fetchrow($result))
{
$word_ids[$row['word_text']] = $row['word_id'];
}
$db->sql_freeresult($result);
$new_words = array_diff($unique_add_words, array_keys($word_ids));
unset($unique_add_words);
if (sizeof($new_words))
{
switch (SQL_LAYER)
{
case 'postgresql':
case 'msaccess':
case 'mssql-odbc':
case 'oracle':
case 'db2':
foreach ($new_words as $word)
{
$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text)
VALUES ('" . $word . "')";
$db->sql_query($sql);
}
break;
case 'mysql':
case 'mysql4':
$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text)
VALUES " . implode(', ', preg_replace('#^(.*)$#', '(\'\1\')', $new_words));
$db->sql_query($sql);
break;
case 'mssql':
$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text)
VALUES " . implode(' UNION ALL ', preg_replace('#^(.*)$#', 'SELECT \'\1\'', $new_words));
$db->sql_query($sql);
break;
}
}
unset($new_words);
}
foreach ($words['del'] as $word_in => $word_ary)
{
$title_match = ($word_in == 'title') ? 1 : 0;
$sql = '';
if (sizeof($word_ary))
{
foreach ($word_ary as $word)
{
$sql .= (($sql != '') ? ', ' : '') . $cur_words[$word_in][$word];
}
$sql = "DELETE FROM " . SEARCH_MATCH_TABLE . " WHERE word_id IN ($sql) AND post_id = " . intval($post_id) . " AND title_match = $title_match";
$db->sql_query($sql);
}
}
foreach ($words['add'] as $word_in => $word_ary)
{
$title_match = ( $word_in == 'title' ) ? 1 : 0;
if (sizeof($word_ary))
{
$sql = "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match) SELECT $post_id, word_id, $title_match FROM " . SEARCH_WORD_TABLE . " WHERE word_text IN (" . implode(', ', preg_replace('#^(.*)$#', '\'\1\'', $word_ary)) . ")";
$db->sql_query($sql);
}
}
unset($words);
// $mtime = explode(' ', microtime());
// echo "Search parser time taken >> " . ($mtime[1] + $mtime[0] - $starttime);
// Run the cleanup infrequently, once per session cleanup
if ($config['search_last_gc'] < time() - $config['search_gc'])
{
// $this->search_tidy();
}
}
// Tidy up indexes, tag 'common words', remove
// words no longer referenced in the match table, etc.
function search_tidy()
{
global $db;
// Remove common (> 60% of posts ) words
$result = $db->sql_query("SELECT SUM(forum_posts) AS total_posts FROM " . FORUMS_TABLE);
$row = $db->sql_fetchrow($result);
if ($row['total_posts'] >= 100)
{
$sql = "SELECT word_id
FROM " . SEARCH_MATCH_TABLE . "
GROUP BY word_id
HAVING COUNT(word_id) > " . floor($row['total_posts'] * 0.6);
$result = $db->sql_query($sql);
$in_sql = '';
while ($row = $db->sql_fetchrow($result))
{
$in_sql .= (( $in_sql != '') ? ', ' : '') . $row['word_id'];
}
$db->sql_freeresult($result);
if ($in_sql)
{
$sql = "UPDATE " . SEARCH_WORD_TABLE . "
SET word_common = " . TRUE . "
WHERE word_id IN ($in_sql)";
$db->sql_query($sql);
$sql = "DELETE FROM " . SEARCH_MATCH_TABLE . "
WHERE word_id IN ($in_sql)";
$db->sql_query($sql);
}
}
// Remove words with no matches ... this is a potentially nasty query
$sql = "SELECT w.word_id
FROM ( " . SEARCH_WORD_TABLE . " w
LEFT JOIN " . SEARCH_MATCH_TABLE . " m ON w.word_id = m.word_id
AND m.word_id IS NULL
GROUP BY m.word_id";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
$in_sql = '';
do
{
$in_sql .= ', ' . $row['word_id'];
}
while ($row = $db->sql_fetchrow($result));
$sql = 'DELETE FROM ' . SEARCH_WORD_TABLE . '
WHERE word_id IN (' . substr($in_sql, 2) . ')';
$db->sql_query($sql);
}
$db->sql_freeresult($result);
}
}
// Fill smiley templates (or just the variables) with smileys
// Either in a window or inline
function generate_smilies($mode)
@ -450,6 +26,9 @@ function generate_smilies($mode)
global $SID, $auth, $db, $user, $config, $template;
global $starttime, $phpEx, $phpbb_root_path;
// TODO: To be added to the schema
$config['max_smilies_inline'] = 20;
if ($mode == 'window')
{
$page_title = $user->lang['TOPIC_REVIEW'] . " - $topic_title";
@ -462,9 +41,10 @@ function generate_smilies($mode)
$where_sql = ($mode == 'inline') ? 'WHERE display_on_posting = 1 ' : '';
$sql = "SELECT emoticon, code, smile_url, smile_width, smile_height
FROM " . SMILIES_TABLE . "
$where_sql
ORDER BY smile_order";
FROM " . SMILIES_TABLE . "
$where_sql
ORDER BY smile_order";
$result = $db->sql_query($sql);
$num_smilies = 0;
@ -475,7 +55,7 @@ function generate_smilies($mode)
{
if (!in_array($row['smile_url'], $smile_array))
{
if ($mode == 'window' || ($mode == 'inline' && $num_smilies < 20))
if ($mode == 'window' || ($mode == 'inline' && $num_smilies < $config['max_smilies_inline']))
{
$template->assign_block_vars('emoticon', array(
'SMILEY_CODE' => $row['code'],
@ -493,11 +73,10 @@ function generate_smilies($mode)
while ($row = $db->sql_fetchrow($result));
$db->sql_freeresult($result);
if ($mode == 'inline' && $num_smilies >= 20)
if ($mode == 'inline' && $num_smilies >= $config['max_smilies_inline'])
{
$template->assign_vars(array(
'S_SHOW_EMOTICON_LINK' => true,
'U_MORE_SMILIES' => "posting.$phpEx$SID&amp;mode=smilies")
);
}
@ -548,4 +127,49 @@ function generate_topic_icons($mode, $enable_icons)
return ($result);
}
// DECODE TEXT -> This will/should be handled by bbcode.php eventually
function decode_text(&$message)
{
global $config, $censors;
$server_protocol = ($config['cookie_secure']) ? 'https://' : 'http://';
$server_port = ($config['server_port'] <> 80) ? ':' . trim($config['server_port']) . '/' : '/';
$match = array(
'#<!\-\- b \-\-><b>(.*?)</b><!\-\- b \-\->#s',
'#<!\-\- u \-\-><u>(.*?)</u><!\-\- u \-\->#s',
'#<!\-\- e \-\-><a href="mailto:(.*?)">.*?</a><!\-\- e \-\->#',
'#<!\-\- m \-\-><a href="(.*?)" target="_blank">.*?</a><!\-\- m \-\->#',
'#<!\-\- w \-\-><a href="http:\/\/(.*?)" target="_blank">.*?</a><!\-\- w \-\->#',
'#<!\-\- l \-\-><a href="(.*?)" target="_blank">.*?</a><!\-\- l \-\->#',
'#<!\-\- s(.*?) \-\-><img src="\{SMILE_PATH\}\/.*? \/><!\-\- s\1 \-\->#',
);
$replace = array(
'[b]\1[/b]',
'[u]\1[/u]',
'\1',
'\1',
'\1',
$server_protocol . trim($config['server_name']) . $server_port . preg_replace('/^\/?(.*?)(\/)?$/', '\1', trim($config['script_path'])) . '/\1',
'\1',
);
if (empty($censors))
{
$censors = array();
obtain_word_list($censors);
}
$message = preg_replace($match, $replace, $message);
return;
}
// Quote Text
function quote_text(&$message, $username = '')
{
$message = ' [quote' . ( (empty($username)) ? ']' : '="]' . addslashes(trim($username)) . '"]') . trim($message) . '[/quote] ';
}
?>

708
phpBB/includes/message_parser.php Normal file
View File

@ -0,0 +1,708 @@
<?php
/***************************************************************************
* message_parser.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
// Main message parser for posting, pm, etc. takes raw message
// and parses it for attachments, html, bbcode and smilies
class parse_message
{
var $bbcode_tpl = null;
var $message_mode = 0; // MSG_POST/MSG_PM
function parse_message($message_type)
{
$this->message_mode = $message_type;
}
function parse(&$message, $html, $bbcode, $uid, $url, $smilies)
{
global $config, $db, $user, $_FILE;
$warn_msg = '';
// Do some general 'cleanup' first before processing message,
// e.g. remove excessive newlines(?), smilies(?)
$match = array('#sid=[a-z0-9]*?&?#', "#([\r\n][\s]+){3,}#");
$replace = array('', "\n\n");
$message = trim(preg_replace($match, $replace, $message));
// Message length check
if (!strlen($message) || (intval($config['max_post_chars']) && strlen($message) > intval($config['max_post_chars'])))
{
$warn_msg .= (($warn_msg != '') ? '<br />' : '') . (!strlen($message)) ? $user->lang['TOO_FEW_CHARS'] : $user->lang['TOO_MANY_CHARS'];
}
// Smiley check
if (intval($config['max_post_smilies']) && $smilies )
{
$sql = "SELECT code
FROM " . SMILIES_TABLE;
$result = $db->sql_query($sql);
$match = 0;
while ($row = $db->sql_fetchrow($result))
{
if (preg_match_all('#('. preg_quote($row['code'], '#') . ')#', $message, $matches))
{
$match++;
}
if ($match > intval($config['max_post_smilies']))
{
$warn_msg .= (($warn_msg != '') ? '<br />' : '') . $user->lang['TOO_MANY_SMILIES'];
break;
}
}
$db->sql_freeresult($result);
unset($matches);
}
if ($warn_msg)
{
return $warn_msg;
}
$warn_msg .= (($warn_msg != '') ? '<br />' : '') . $this->html($message, $html);
$warn_msg .= (($warn_msg != '') ? '<br />' : '') . $this->bbcode($message, $bbcode, $uid);
$warn_msg .= (($warn_msg != '') ? '<br />' : '') . $this->emoticons($message, $smilies);
$warn_msg .= (($warn_msg != '') ? '<br />' : '') . $this->magic_url($message, trim($url));
$warn_msg .= (($warn_msg != '') ? '<br />' : '') . $this->attach($_FILE);
return $warn_msg;
}
function html(&$message, $html)
{
global $config;
$message = str_replace(array('<', '>'), array('&lt;', '&gt;'), $message);
if ($html)
{
// If $html is true then "allowed_tags" are converted back from entity
// form, others remain
$allowed_tags = split(',', $config['allow_html_tags']);
if (sizeof($allowed_tags))
{
$message = preg_replace('#&lt;(\/?)(' . str_replace('*', '.*?', implode('|', $allowed_tags)) . ')&gt;#is', '<\1\2>', $message);
}
}
return;
}
function bbcode(&$message, $bbcode, $uid)
{
global $config;
}
// Replace magic urls of form http://xxx.xxx., www.xxx. and xxx@xxx.xxx.
// Cuts down displayed size of link if over 50 chars, turns absolute links
// into relative versions when the server/script path matches the link
function magic_url(&$message, $url)
{
global $config;
if ($url)
{
$server_protocol = ( $config['cookie_secure'] ) ? 'https://' : 'http://';
$server_port = ( $config['server_port'] <> 80 ) ? ':' . trim($config['server_port']) . '/' : '/';
$match = array();
$replace = array();
// relative urls for this board
$match[] = '#' . $server_protocol . trim($config['server_name']) . $server_port . preg_replace('/^\/?(.*?)(\/)?$/', '\1', trim($config['script_path'])) . '/([^\t\n\r <"\']+)#i';
$replace[] = '<!-- l --><a href="\1" target="_blank">\1</a><!-- l -->';
// matches a xxxx://aaaaa.bbb.cccc. ...
$match[] = '#(^|[\n ])([\w]+?://.*?[^\t\n\r<"]*)#ie';
$replace[] = "'\\1<!-- m --><a href=\"\\2\" target=\"_blank\">' . ( ( strlen(str_replace(' ', '%20', '\\2')) > 55 ) ?substr(str_replace(' ', '%20', '\\2'), 0, 39) . ' ... ' . substr(str_replace(' ', '%20', '\\2'), -10) : str_replace(' ', '%20', '\\2') ) . '</a><!-- m -->'";
// matches a "www.xxxx.yyyy[/zzzz]" kinda lazy URL thing
$match[] = '#(^|[\n ])(www\.[\w\-]+\.[\w\-.\~]+(?:/[^\t\n\r<"]*)?)#ie';
$replace[] = "'\\1<!-- w --><a href=\"http://\\2\" target=\"_blank\">' . ( ( strlen(str_replace(' ', '%20', '\\2')) > 55 ) ? substr(str_replace(' ', '%20', '\\2'), 0, 39) . ' ... ' . substr(str_replace(' ', '%20', '\\2'), -10) : str_replace(' ', '%20', '\\2') ) . '</a><!-- w -->'";
// matches an email@domain type address at the start of a line, or after a space.
$match[] = '#(^|[\n ])([a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)#ie';
$replace[] = "'\\1<!-- e --><a href=\"mailto:\\2\">' . ( ( strlen('\\2') > 55 ) ?substr('\\2', 0, 39) . ' ... ' . substr('\\2', -10) : '\\2' ) . '</a><!-- e -->'";
$message = preg_replace($match, $replace, $message);
}
}
function emoticons(&$message, $smile)
{
global $db, $user;
$sql = "SELECT *
FROM " . SMILIES_TABLE;
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
$match = $replace = array();
do
{
$match[] = "#(?<=.\W|\W.|^\W)" . preg_quote($row['code'], '#') . "(?=.\W|\W.|\W$)#";
$replace[] = '<!-- s' . $row['code'] . ' --><img src="{SMILE_PATH}/' . $row['smile_url'] . '" border="0" alt="' . $row['emoticon'] . '" title="' . $row['emoticon'] . '" /><!-- s' . $row['code'] . ' -->';
}
while ($row = $db->sql_fetchrow($result));
$message = preg_replace($match, $replace, ' ' . $message . ' ');
}
$db->sql_freeresult($result);
return;
}
function attach($file_ary)
{
global $config;
}
// Format text to be displayed - from viewtopic.php
function format_display($message, $html, $bbcode, $uid, $url, $smilies, $sig)
{
global $auth, $forum_id, $config, $censors;
// If the board has HTML off but the post has HTML
// on then we process it, else leave it alone
if ($html && $auth->acl_get('f_bbcode', $forum_id))
{
$message = preg_replace('#(<)([\/]?.*?)(>)#is', "&lt;\\2&gt;", $message);
}
// Second parse bbcode here
// If we allow users to disable display of emoticons
// we'll need an appropriate check and preg_replace here
$message = (empty($smilies) || empty($config['allow_smilies'])) ? preg_replace('#<!\-\- s(.*?) \-\-><img src="\{SMILE_PATH\}\/.*? \/><!\-\- s\1 \-\->#', '\1', $message) : str_replace('<img src="{SMILE_PATH}', '<img src="' . $config['smilies_path'], $message);
// Replace naughty words such as farty pants
if (sizeof($censors))
{
$message = str_replace('\"', '"', substr(preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "preg_replace(\$censors['match'], \$censors['replace'], '\\0')", '>' . $message . '<'), 1, -1));
}
$message = nl2br($message);
/* Signature
$user_sig = ($sig && $signature != '' && $config['allow_sig']) ? $row['user_sig'] : '';
if ($user_sig != '' && $auth->acl_gets('f_sigs', 'm_', 'a_', $forum_id))
{
if (!$auth->acl_get('f_html', $forum_id) && $user->data['user_allowhtml'])
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "&lt;\\2&gt;", $user_sig);
}
$user_cache[$poster_id]['sig'] = (empty($row['user_allowsmile']) || empty($config['enable_smilies'])) ? preg_replace('#<!\-\- s(.*?) \-\-><img src="\{SMILE_PATH\}\/.*? \/><!\-\- s\1 \-\->#', '\1', $user_cache[$poster_id]['sig']) : str_replace('<img src="{SMILE_PATH}', '<img src="' . $config['smilies_path'], $user_cache[$poster_id]['sig']);
if (count($censors))
{
$user_sig = str_replace('\"', '"', substr(preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "preg_replace(\$censors['match'], \$censors['replace'], '\\0')", '>' . $user_sig . '<'), 1, -1));
}
$user_cache[$poster_id]['sig'] = '<br />_________________<br />' . nl2br($user_cache[$poster_id]['sig']);
}
else
{
$user_cache[$poster_id]['sig'] = '';
}
*/
$message = (empty($smilies) || empty($config['allow_smilies'])) ? preg_replace('#<!\-\- s(.*?) \-\-><img src="\{SMILE_PATH\}\/.*? \/><!\-\- s\1 \-\->#', '\1', $message) : str_replace('<img src="{SMILE_PATH}', '<img src="' . $config['smilies_path'], $message);
return($message);
}
// Submit Post
function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_uid, $poll, $misc_info)
{
global $db, $auth, $user, $config, $phpEx, $SID, $template;
$search = new fulltext_search();
$current_time = time();
$db->sql_transaction();
// Initial Topic table info
if ( ($mode == 'post') || ($mode == 'edit' && $misc_info['topic_first_post_id'] == $misc_info['post_id']))
{
$topic_sql = array(
'forum_id' => $misc_info['forum_id'],
'topic_title' => stripslashes($subject),
'topic_time' => $current_time,
'topic_type' => $topic_type,
'topic_approved' => (($misc_info['enable_moderate']) && !$auth->acl_gets('f_ignorequeue', 'm_', 'a_', $misc_info['forum_id'])) ? 0 : 1,
'icon_id' => $misc_info['icon_id'],
'topic_poster' => intval($user->data['user_id']),
'topic_first_poster_name' => ($username != '') ? stripslashes($username) : (($user->data['user_id'] == ANONYMOUS) ? '' : stripslashes($user->data['username'])),
);
if (!empty($poll['poll_options']))
{
$topic_sql = array_merge($topic_sql, array(
'poll_title' => stripslashes($poll['poll_title']),
'poll_start' => (!empty($poll['poll_start'])) ? $poll['poll_start'] : $current_time,
'poll_length' => $poll['poll_length'] * 3600
));
}
$sql = ($mode == 'post') ? 'INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', $topic_sql) : 'UPDATE ' . TOPICS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $topic_sql) . ' WHERE topic_id = ' . $misc_info['topic_id'];
$db->sql_query($sql);
$misc_info['topic_id'] = ($mode == 'post') ? $db->sql_nextid() : $misc_info['topic_id'];
}
// Post table info
$post_sql = array(
'topic_id' => $misc_info['topic_id'],
'forum_id' => $misc_info['forum_id'],
'poster_id' => ($mode == 'edit') ? $misc_info['poster_id'] : intval($user->data['user_id']),
'post_username' => ($username != '') ? stripslashes($username) : '',
'post_subject' => stripslashes($subject),
'icon_id' => $misc_info['icon_id'],
'poster_ip' => $user->ip,
'post_time' => $current_time,
'post_approved' => ($misc_info['enable_moderate'] && !$auth->acl_gets('f_ignorequeue', 'm_', 'a_', $misc_info['forum_id'])) ? 0 : 1,
'post_edit_time' => ($mode == 'edit' && $misc_info['poster_id'] == $user->data['user_id']) ? $current_time : 0,
'enable_sig' => $misc_info['enable_html'],
'enable_bbcode' => $misc_info['enable_bbcode'],
'enable_html' => $misc_info['enable_html'],
'enable_smilies' => $misc_info['enable_smilies'],
'enable_magic_url' => $misc_info['enable_urls'],
'bbcode_uid' => $bbcode_uid,
);
if ($mode != 'edit' || $misc_info['message_md5'] != $misc_info['post_checksum'])
{
$post_sql = array_merge($post_sql, array(
'post_checksum' => $misc_info['message_md5'],
'post_text' => stripslashes($message),
'post_encoding' => $user->lang['ENCODING']
));
}
$sql = ($mode == 'edit' && $misc_info['poster_id'] == intval($user->data['user_id'])) ? 'UPDATE ' . POSTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $post_sql) . ' , post_edit_count = post_edit_count + 1 WHERE post_id = ' . $misc_info['post_id'] : 'INSERT INTO ' . POSTS_TABLE . ' ' . $db->sql_build_array('INSERT', $post_sql);
$db->sql_query($sql);
$misc_info['post_id'] = ($mode == 'edit') ? $misc_info['post_id'] : $db->sql_nextid();
// poll options
if (!empty($poll['poll_options']))
{
$cur_poll_options = array();
if (!empty($poll['poll_start']) && $mode == 'edit')
{
$sql = "SELECT * FROM " . POLL_OPTIONS_TABLE . "
WHERE topic_id = " . $misc_info['topic_id'] . "
ORDER BY poll_option_id";
$result = $db->sql_query($sql);
while ($cur_poll_options[] = $db->sql_fetchrow($result));
$db->sql_freeresult($result);
}
for ($i = 0; $i < sizeof($poll['poll_options']); $i++)
{
if (trim($poll['poll_options'][$i]) != '')
{
if (empty($cur_poll_options[$i]))
{
$sql = "INSERT INTO " . POLL_OPTIONS_TABLE . " (topic_id, poll_option_text)
VALUES (" . $misc_info['topic_id'] . ", '" . $db->sql_escape($poll['poll_options'][$i]) . "')";
$db->sql_query($sql);
}
else if ($poll['poll_options'][$i] != $cur_poll_options[$i])
{
$sql = "UPDATE " . POLL_OPTIONS_TABLE . "
SET poll_option_text = '" . $db->sql_escape($poll['poll_options'][$i]) . "'
WHERE poll_option_id = " . $cur_poll_options[$i]['poll_option_id'];
$db->sql_query($sql);
}
}
}
}
// Fulltext parse
if ($mode != 'edit' || $misc_info['message_md5'] != $misc_info['post_checksum'])
{
$result = $search->add($mode, $misc_info['post_id'], $message, $subject);
}
// Sync forums, topics and users ...
if ($mode != 'edit')
{
// Update forums: last post info, topics, posts ... we need to update
// each parent too ...
$forum_ids = $misc_info['forum_id'];
if (!empty($misc_info['forum_parents']))
{
$misc_info['forum_parents'] = unserialize($misc_info['forum_parents']);
foreach ($misc_info['forum_parents'] as $parent_forum_id => $parent_name)
{
$forum_ids .= ', ' . $parent_forum_id;
}
}
$forum_topics_sql = ($mode == 'post') ? ', forum_topics = forum_topics + 1' : '';
$forum_sql = array(
'forum_last_post_id' => $misc_info['post_id'],
'forum_last_post_time' => $current_time,
'forum_last_poster_id' => intval($user->data['user_id']),
'forum_last_poster_name'=> ($user->data['user_id'] == ANONYMOUS) ? stripslashes($username) : $user->data['username'],
);
$sql = 'UPDATE ' . FORUMS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $forum_sql) . ', forum_posts = forum_posts + 1' . $forum_topics_sql . ' WHERE forum_id IN (' . $forum_ids . ')';
$db->sql_query($sql);
// Update topic: first/last post info, replies
$topic_sql = array(
'topic_last_post_id' => $misc_info['post_id'],
'topic_last_post_time' => $current_time,
'topic_last_poster_id' => intval($user->data['user_id']),
'topic_last_poster_name'=> ($username != '') ? stripslashes($username) : (($user->data['user_id'] == ANONYMOUS) ? '' : stripslashes($user->data['username'])),
);
if ($mode == 'post')
{
$topic_sql = array_merge($topic_sql, array(
'topic_first_post_id' => $misc_info['post_id'],
));
}
$topic_replies_sql = ($mode == 'reply') ? ', topic_replies = topic_replies + 1' : '';
$sql = 'UPDATE ' . TOPICS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $topic_sql) . $topic_replies_sql . ' WHERE topic_id = ' . $misc_info['topic_id'];
$db->sql_query($sql);
// Update user post count ... if appropriate
if (!empty($misc_info['enable_post_count']) && $user->data['user_id'] != ANONYMOUS)
{
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_posts = user_posts + 1
WHERE user_id = ' . intval($user->data['user_id']);
$db->sql_query($sql);
}
// post counts for index, etc.
if ($mode == 'post')
{
set_config('num_topics', $config['num_topics'] + 1, TRUE);
}
set_config('num_posts', $config['num_posts'] + 1, TRUE);
}
// Topic notification
if (!empty($misc_info['notify']) && ($mode == 'reply' || empty($misc_info['notify_set'])))
{
$sql = "INSERT INTO " . TOPICS_WATCH_TABLE . " (user_id, topic_id)
VALUES (" . $user->data['user_id'] . ", " . $misc_info['topic_id'] . ")";
$db->sql_query($sql);
}
else if (empty($misc_info['notify']) && !empty($misc_info['notify_set']))
{
$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
WHERE user_id = " . $user->data['user_id'] . "
AND topic_id = " . $misc_info['topic_id'];
$db->sql_query($sql);
}
// Mark this topic as read and posted to.
$mark_mode = ($mode == 'reply' || $mode == 'post') ? 'post' : 'topic';
markread($mark_mode, $misc_info['forum_id'], $misc_info['topic_id'], $misc_info['post_id']);
$db->sql_transaction('commit');
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="5; url=viewtopic.' . $phpEx . $SID . '&amp;f=' . $misc_info['forum_id'] . '&amp;p=' . $misc_info['post_id'] . '#' . $misc_info['post_id'] . '">')
);
$message = (!empty($misc_info['enable_moderate'])) ? 'POST_STORED_MOD' : 'POST_STORED';
$message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="viewtopic.' . $phpEx . $SID .'&p=' . $misc_info['post_id'] . '#' . $misc_info['post_id'] . '">', '</a>') . '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="viewforum.' . $phpEx . $SID .'&amp;f=' . $misc_info['forum_id'] . '">', '</a>');
trigger_error($message);
}
}
// Parses a given message and updates/maintains the fulltext tables
class fulltext_search
{
function split_words(&$text)
{
global $user, $config;
static $drop_char_match, $drop_char_replace, $stopwords, $synonyms;
if (empty($drop_char_match))
{
$drop_char_match = array('^', '$', '&', '(', ')', '<', '>', '`', '\'', '"', '|', ',', '@', '_', '?', '%', '-', '~', '+', '.', '[', ']', '{', '}', ':', '\\', '/', '=', '#', '\'', ';', '!', '*');
$drop_char_replace = array(' ', ' ', ' ', ' ', ' ', ' ', ' ', '', '', ' ', ' ', ' ', ' ', '', ' ', ' ', '', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', '' , ' ', ' ', ' ', ' ', ' ', ' ', ' ');
$stopwords = @file($user->lang_path . '/search_stopwords.txt');
$synonyms = @file($user->lang_path . '/search_synonyms.txt');
}
$match = array();
// New lines, carriage returns
$match[] = "#[\n\r]+#";
// NCRs like &nbsp; etc.
$match[] = '#&[\#a-z0-9]+?;#i';
// URL's
$match[] = '#\b[\w]+:\/\/[a-z0-9\.\-]+(\/[a-z0-9\?\.%_\-\+=&\/]+)?#';
// BBcode
$match[] = '#\[img:[a-z0-9]{10,}\].*?\[\/img:[a-z0-9]{10,}\]#';
$match[] = '#\[\/?url(=.*?)?\]#';
$match[] = '#\[\/?[a-z\*=\+\-]+(\:?[0-9a-z]+)?:[a-z0-9]{10,}(\:[a-z0-9]+)?=?.*?\]#';
// Sequences < min_search_chars & < max_search_chars
$match[] = '#\b([a-z0-9]{1,' . $config['min_search_chars'] . '}|[a-z0-9]{' . $config['max_search_chars'] . ',})\b#is';
$text = preg_replace($match, ' ', ' ' . strtolower($text) . ' ');
// Filter out non-alphabetical chars
$text = str_replace($drop_char_match, $drop_char_replace, $text);
if (!empty($stopwords_list))
{
$text = str_replace($stopwords, '', $text);
}
if (!empty($synonyms))
{
for ($j = 0; $j < count($synonyms); $j++)
{
list($replace_synonym, $match_synonym) = split(' ', trim(strtolower($synonyms[$j])));
if ( $mode == 'post' || ( $match_synonym != 'not' && $match_synonym != 'and' && $match_synonym != 'or' ) )
{
$text = preg_replace('#\b' . trim($match_synonym) . '\b#', ' ' . trim($replace_synonym) . ' ', $text);
}
}
}
preg_match_all('/\b([\w]+)\b/', $text, $split_entries);
return array_unique($split_entries[1]);
}
function add(&$mode, &$post_id, &$message, &$subject)
{
global $config, $db;
// $mtime = explode(' ', microtime());
// $starttime = $mtime[1] + $mtime[0];
// Split old and new post/subject to obtain array of 'words'
$split_text = $this->split_words($message);
$split_title = ($subject) ? $this->split_words($subject) : array();
$words = array();
if ($mode == 'edit')
{
$sql = "SELECT w.word_id, w.word_text, m.title_match
FROM " . SEARCH_WORD_TABLE . " w, " . SEARCH_MATCH_TABLE . " m
WHERE m.post_id = " . intval($post_id) . "
AND w.word_id = m.word_id";
$result = $db->sql_query($sql);
$cur_words = array();
while ($row = $db->sql_fetchrow($result))
{
$which = ($row['title_match']) ? 'title' : 'post';
$cur_words[$which][$row['word_text']] = $row['word_id'];
}
$db->sql_freeresult($result);
$words['add']['post'] = array_diff($split_text, array_keys($cur_words['post']));
$words['add']['title'] = array_diff($split_title, array_keys($cur_words['title']));
$words['del']['post'] = array_diff(array_keys($cur_words['post']), $split_text);
$words['del']['title'] = array_diff(array_keys($cur_words['title']), $split_title);
}
else
{
$words['add']['post'] = $split_text;
$words['add']['title'] = $split_title;
$words['del']['post'] = array();
$words['del']['title'] = array();
}
unset($split_text);
unset($split_title);
// Get unique words from the above arrays
$unique_add_words = array_unique(array_merge($words['add']['post'], $words['add']['title']));
// We now have unique arrays of all words to be added and removed and
// individual arrays of added and removed words for text and title. What
// we need to do now is add the new words (if they don't already exist)
// and then add (or remove) matches between the words and this post
if (sizeof($unique_add_words))
{
$sql = "SELECT word_id, word_text
FROM " . SEARCH_WORD_TABLE . "
WHERE word_text IN (" . implode(', ', preg_replace('#^(.*)$#', '\'\1\'', $unique_add_words)) . ")";
$result = $db->sql_query($sql);
$word_ids = array();
while ($row = $db->sql_fetchrow($result))
{
$word_ids[$row['word_text']] = $row['word_id'];
}
$db->sql_freeresult($result);
$new_words = array_diff($unique_add_words, array_keys($word_ids));
unset($unique_add_words);
if (sizeof($new_words))
{
switch (SQL_LAYER)
{
case 'postgresql':
case 'msaccess':
case 'mssql-odbc':
case 'oracle':
case 'db2':
foreach ($new_words as $word)
{
$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text)
VALUES ('" . $word . "')";
$db->sql_query($sql);
}
break;
case 'mysql':
case 'mysql4':
$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text)
VALUES " . implode(', ', preg_replace('#^(.*)$#', '(\'\1\')', $new_words));
$db->sql_query($sql);
break;
case 'mssql':
$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text)
VALUES " . implode(' UNION ALL ', preg_replace('#^(.*)$#', 'SELECT \'\1\'', $new_words));
$db->sql_query($sql);
break;
}
}
unset($new_words);
}
foreach ($words['del'] as $word_in => $word_ary)
{
$title_match = ($word_in == 'title') ? 1 : 0;
$sql = '';
if (sizeof($word_ary))
{
foreach ($word_ary as $word)
{
$sql .= (($sql != '') ? ', ' : '') . $cur_words[$word_in][$word];
}
$sql = "DELETE FROM " . SEARCH_MATCH_TABLE . " WHERE word_id IN ($sql) AND post_id = " . intval($post_id) . " AND title_match = $title_match";
$db->sql_query($sql);
}
}
foreach ($words['add'] as $word_in => $word_ary)
{
$title_match = ( $word_in == 'title' ) ? 1 : 0;
if (sizeof($word_ary))
{
$sql = "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match) SELECT $post_id, word_id, $title_match FROM " . SEARCH_WORD_TABLE . " WHERE word_text IN (" . implode(', ', preg_replace('#^(.*)$#', '\'\1\'', $word_ary)) . ")";
$db->sql_query($sql);
}
}
unset($words);
// $mtime = explode(' ', microtime());
// echo "Search parser time taken >> " . ($mtime[1] + $mtime[0] - $starttime);
// Run the cleanup infrequently, once per session cleanup
if ($config['search_last_gc'] < time() - $config['search_gc'])
{
// $this->search_tidy();
}
}
// Tidy up indexes, tag 'common words', remove
// words no longer referenced in the match table, etc.
function search_tidy()
{
global $db;
// Remove common (> 60% of posts ) words
$result = $db->sql_query("SELECT SUM(forum_posts) AS total_posts FROM " . FORUMS_TABLE);
$row = $db->sql_fetchrow($result);
if ($row['total_posts'] >= 100)
{
$sql = "SELECT word_id
FROM " . SEARCH_MATCH_TABLE . "
GROUP BY word_id
HAVING COUNT(word_id) > " . floor($row['total_posts'] * 0.6);
$result = $db->sql_query($sql);
$in_sql = '';
while ($row = $db->sql_fetchrow($result))
{
$in_sql .= (( $in_sql != '') ? ', ' : '') . $row['word_id'];
}
$db->sql_freeresult($result);
if ($in_sql)
{
$sql = "UPDATE " . SEARCH_WORD_TABLE . "
SET word_common = " . TRUE . "
WHERE word_id IN ($in_sql)";
$db->sql_query($sql);
$sql = "DELETE FROM " . SEARCH_MATCH_TABLE . "
WHERE word_id IN ($in_sql)";
$db->sql_query($sql);
}
}
// Remove words with no matches ... this is a potentially nasty query
$sql = "SELECT w.word_id
FROM ( " . SEARCH_WORD_TABLE . " w
LEFT JOIN " . SEARCH_MATCH_TABLE . " m ON w.word_id = m.word_id
AND m.word_id IS NULL
GROUP BY m.word_id";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
$in_sql = '';
do
{
$in_sql .= ', ' . $row['word_id'];
}
while ($row = $db->sql_fetchrow($result));
$sql = 'DELETE FROM ' . SEARCH_WORD_TABLE . '
WHERE word_id IN (' . substr($in_sql, 2) . ')';
$db->sql_query($sql);
}
$db->sql_freeresult($result);
}
}
?>

2
phpBB/includes/session.php
View File

@ -510,7 +510,7 @@ class auth
if (!($this->founder = $userdata['user_founder']))
{
if (empty($userdata['user_permissions']))
if (trim($userdata['user_permissions']) == '')
{
$this->acl_cache($userdata);
}

2
phpBB/includes/template.php
View File

@ -236,6 +236,8 @@ class Template {
if (!($this->compile_load($_str, $handle, false)))
{
global $user;
if (!$this->loadfile($handle))
{
trigger_error("Template->pparse(): Couldn't load template file for handle $handle", E_USER_ERROR);

8
phpBB/install/install.php
View File

@ -622,10 +622,16 @@ else
$sql_query = split_sql_file($sql_query, $delimiter);
$sql_count = count($sql_query);
// NOTE: trigger_error does not work here.
$db->return_on_error = true;
for($i = 0; $i < $sql_count; $i++)
{
$db->sql_query($sql_query[$i]);
if (!$db->sql_query($sql_query[$i]))
{
$error = $db->sql_error($sql_query[$i]);
echo "<br />ERROR: " . $error['message'] . "<br />";
}
}
//

4
phpBB/install/schemas/mysql_basic.sql
View File

@ -196,7 +196,7 @@ INSERT INTO phpbb_forums (forum_id, forum_name, forum_desc, left_id, right_id, p
# -- Users
INSERT INTO phpbb_users (user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_viewemail, user_style, user_aim, user_yim, user_msnm, user_posts, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_allow_pm, user_notify_pm, user_allow_viewonline, user_rank, user_avatar, user_lang, user_timezone, user_dateformat, user_actkey, user_newpasswd, user_notify, user_active) VALUES ( 0, 'Anonymous', 0, '', '', '', '', '', '', '', '', 0, NULL, '', '', '', 0, 0, 1, 0, 1, 0, 1, 1, NULL, '', '', '', '', '', '', 0, 0);
INSERT INTO phpbb_users (user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_viewemail, user_style, user_aim, user_yim, user_msnm, user_posts, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_allow_pm, user_notify_pm, user_allow_viewonline, user_rank, user_avatar, user_lang, user_timezone, user_dateformat, user_actkey, user_newpasswd, user_notify, user_active) VALUES ( 1, 'Anonymous', 0, '', '', '', '', '', '', '', '', 0, NULL, '', '', '', 0, 0, 1, 0, 1, 0, 1, 1, NULL, '', '', '', '', '', '', 0, 0);
# -- username: admin password: admin (change this or remove it once everything is working!)
INSERT INTO phpbb_users (user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_viewemail, user_style, user_aim, user_yim, user_msnm, user_posts, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_allow_pm, user_notify_pm, user_popup_pm, user_allow_viewonline, user_rank, user_avatar, user_lang, user_timezone, user_dateformat, user_actkey, user_newpasswd, user_notify, user_active, user_founder) VALUES ( 2, 'Admin', 0, '21232f297a57a5a743894a0e4a801fc3', 'admin@yourdomain.com', '', '', '', '', '', '', 1, 1, '', '', '', 1, 0, 1, 0, 1, 1, 1, 1, 1, 1, '', 'en', 0, 'd M Y h:i a', '', '', 0, 1, 1);
@ -215,7 +215,7 @@ INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (5, 'ADMINIST
# -- User -> Group
INSERT INTO phpbb_user_group (group_id, user_id, user_pending) VALUES (1, 0, 0);
INSERT INTO phpbb_user_group (group_id, user_id, user_pending) VALUES (1, 1, 0);
INSERT INTO phpbb_user_group (group_id, user_id, user_pending) VALUES (3, 2, 0);
INSERT INTO phpbb_user_group (group_id, user_id, user_pending) VALUES (5, 2, 0);

782
phpBB/posting.php
View File

@ -41,6 +41,7 @@ $phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
include($phpbb_root_path . 'includes/message_parser.'.$phpEx);
// Start session management
$user->start();
@ -53,20 +54,30 @@ $post_id = (!empty($_REQUEST['p'])) ? intval($_REQUEST['p']) : false;
$topic_id = (!empty($_REQUEST['t'])) ? intval($_REQUEST['t']) : false;
$forum_id = (!empty($_REQUEST['f'])) ? intval($_REQUEST['f']) : false;
$submit = (!empty($_POST['post'])) ? true : false;
$submit = (isset($_POST['post'])) ? true : false;
$preview = (isset($_POST['preview'])) ? true : false;
$save = (isset($_POST['save'])) ? true : false;
$cancel = (isset($_POST['cancel'])) ? true : false;
// Was cancel pressed? If so then redirect to the appropriate page
if (!empty($_REQUEST['cancel']))
if ($cancel)
{
$redirect = (intval($post_id)) ? "viewtopic.$phpEx$SID&p=" . intval($post_id) . "#" . intval($post_id) : ((intval($topic_id)) ? "viewtopic.$phpEx$SID&t=" . intval($topic_id) : ((intval($forum_id)) ? "viewforum.$phpEx$SID&f=" . intval($forum_id) : "index.$phpEx$SID"));
$redirect = ($post_id) ? "viewtopic.$phpEx$SID&p=" . $post_id . "#" . $post_id : (($topic_id) ? "viewtopic.$phpEx$SID&t=" . $topic_id : (($forum_id) ? "viewforum.$phpEx$SID&f=" . $forum_id : "index.$phpEx$SID"));
redirect($redirect);
}
// ---------
// POST INFO
// What is all this following SQL for? Well, we need to know
// some basic information in all cases before we do anything.
$first_validate = false;
$second_validate = false;
$third_validate = false;
$forum_fields = array('f.forum_id', 'f.forum_name', 'f.parent_id', 'f.forum_parents', 'f.forum_status', 'f.forum_postable', 'f.enable_icons', 'f.enable_post_count', 'f.enable_moderate');
$topic_fields = array('t.topic_id', 't.topic_status', 't.topic_first_post_id', 't.topic_last_post_id', 't.topic_type', 't.topic_title');
$post_fields = array('p.post_id', 'p.post_time', 'p.poster_id', 'p.post_username', 'p.post_text', 'p.post_checksum', 'p.bbcode_uid');
switch ($mode)
{
case 'post':
@ -75,9 +86,11 @@ switch ($mode)
trigger_error($user->lang['NO_FORUM']);
}
$sql = "SELECT forum_id, forum_name, parent_id, forum_parents, forum_status, forum_postable, enable_icons, enable_post_count, enable_moderate
FROM " . FORUMS_TABLE . "
$sql = "SELECT " . implode(',', $forum_fields) . "
FROM " . FORUMS_TABLE . " f
WHERE forum_id = " . $forum_id;
$first_validate = true;
break;
case 'reply':
@ -86,12 +99,15 @@ switch ($mode)
trigger_error($user->lang['NO_TOPIC']);
}
$sql = 'SELECT t.*, f.forum_id, f.forum_name, f.parent_id, f.forum_parents, f.forum_status, f.forum_postable, f.enable_icons, f.enable_post_count, f.enable_moderate
FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f
WHERE t.topic_id = ' . $topic_id . '
AND f.forum_id = t.forum_id';
break;
$sql = "SELECT " . implode(',', $topic_fields) . ", " . implode(',', $forum_fields) . "
FROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f
WHERE t.topic_id = " . $topic_id . "
AND f.forum_id = t.forum_id";
$first_validate = true;
$second_validate = true;
break;
case 'quote':
case 'edit':
case 'delete':
@ -100,20 +116,14 @@ switch ($mode)
trigger_error($user->lang['NO_POST']);
}
$sql = 'SELECT t.*, p.*, f.forum_id, f.forum_name, f.parent_id, f.forum_parents, f.forum_status, f.forum_postable, f.enable_icons, f.enable_post_count, f.enable_moderate
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f
WHERE p.post_id = ' . $post_id . '
$sql = "SELECT " . implode(',', $post_fields) . ", " . implode(',', $topic_fields) . ", " . implode(',', $forum_fields) . "
FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f
WHERE p.post_id = " . $post_id . "
AND t.topic_id = p.topic_id
AND f.forum_id = t.forum_id';
break;
case 'topicreview':
if (!$topic_id)
{
trigger_error($user->lang['NO_TOPIC']);
}
topic_review($topic_id, false);
AND f.forum_id = t.forum_id";
$first_validate = true;
$second_validate = true;
$third_validate = true;
break;
case 'smilies':
@ -131,14 +141,41 @@ if ($sql != '')
// This will overwrite parameter passed id's
extract($db->sql_fetchrow($result));
$db->sql_freeresult($result);
$forum_id = intval($forum_id);
$parent_id = ($first_validate) ? intval($parent_id) : false;
$forum_parents = ($first_validate) ? trim($forum_parents) : '';
$forum_name = ($first_validate) ? trim($forum_name) : '';
$forum_status = ($first_validate) ? intval($forum_status) : false;
$forum_postable = ($first_validate) ? intval($forum_postable) : false;
$enable_post_count = ($first_validate) ? intval($enable_post_count) : false;
$enable_moderate = ($first_validate) ? intval($enable_moderate) : false;
$enable_icons = ($first_validate) ? intval($enable_icons) : false;
$topic_id = intval($topic_id);
$topic_status = ($second_validate) ? intval($topic_status) : false;
$topic_first_post_id = ($second_validate) ? intval($topic_first_post_id) : false;
$topic_last_post_id = ($second_validate) ? intval($topic_last_post_id) : false;
$topic_type = ($second_validate) ? intval($topic_type) : false;
$topic_title = ($second_validate) ? trim($topic_title) : '';
$post_id = intval($post_id);
$post_time = ($third_validate) ? intval($post_time) : false;
$poster_id = ($third_validate) ? intval($poster_id) : false;
$post_username = ($third_validate) ? trim($post_username) : '';
$post_text = ($third_validate) ? trim($post_text) : '';
$post_checksum = ($third_validate) ? trim($post_checksum) : '';
$bbcode_uid = ($third_validate) ? trim($bbcode_uid) : '';
}
// PERMISSION CHECKS
// Notify user checkbox
if ($mode != 'post' && $user->data['user_id'] != ANONYMOUS)
{
$sql = "SELECT topic_id
FROM " . TOPICS_WATCH_TABLE . "
WHERE topic_id = " . intval($topic_id) . "
WHERE topic_id = " . $topic_id . "
AND user_id = " . $user->data['user_id'];
$result = $db->sql_query($sql);
@ -146,104 +183,80 @@ if ($mode != 'post' && $user->data['user_id'] != ANONYMOUS)
$db->sql_freeresult($result);
}
if ($mode == 'edit' && !empty($poll_start))
{
$sql = "SELECT *
FROM phpbb_poll_results
WHERE topic_id = " . intval($topic_id);
$result = $db->sql_query($sql);
$poll_options = array();
while ($row = $db->sql_fetchrow($result))
{
$poll_options[] = $row['poll_option_text'];
}
$db->sql_freeresult($result);
}
// POST INFO
// ---------
// -----------------
// PERMISSION CHECKS
// Collect general Permissions to be used within the complete page
$forum_id = intval($forum_id);
$perm = array(
'm_lock' => $auth->acl_gets('m_lock', 'a_', intval($forum_id)),
'm_lock' => $auth->acl_gets('m_lock', 'a_', $forum_id),
'm_edit' => $auth->acl_gets('m_edit', 'a_', $forum_id),
'm_delete' => $auth->acl_gets('m_delete', 'a_', $forum_id),
'f_news' => $auth->acl_gets('f_news', 'm_', 'a_', intval($forum_id)),
'f_announce' => $auth->acl_gets('f_announce', 'm_', 'a_', intval($forum_id)),
'f_sticky' => $auth->acl_gets('f_sticky', 'm_', 'a_', intval($forum_id)),
'f_ignoreflood' => $auth->acl_gets('f_ignoreflood', 'm_', 'a_', intval($forum_id)),
'u_delete' => $auth->acl_get('f_delete', $forum_id),
'm_edit' => $auth->acl_gets('m_edit', 'a_')
'f_news' => $auth->acl_gets('f_news', 'm_', 'a_', $forum_id),
'f_announce' => $auth->acl_gets('f_announce', 'm_', 'a_', $forum_id),
'f_sticky' => $auth->acl_gets('f_sticky', 'm_', 'a_', $forum_id),
'f_ignoreflood' => $auth->acl_gets('f_ignoreflood', 'm_', 'a_', $forum_id),
'f_sigs' => $auth->acl_gets('f_sigs', 'm_', 'a_', $forum_id),
'f_save' => $auth->acl_gets('f_save', 'm_', 'a_', $forum_id)
);
if (!$auth->acl_gets('f_' . $mode, 'm_', 'a_', intval($forum_id)) && !empty($forum_postable))
// DEBUG - Show Permissions
debug_print_permissions($perm);
// DEBUG - Show Permissions
if ( (!$auth->acl_gets('f_' . $mode, 'm_', 'a_', $forum_id)) && ($forum_postable) )
{
trigger_error($user->lang['USER_CANNOT_' . strtoupper($mode)]);
}
// Forum/Topic locked?
if ((intval($forum_status) == ITEM_LOCKED || intval($topic_status) == ITEM_LOCKED) && !$perm['m_edit'])
if ( ($forum_status == ITEM_LOCKED || $topic_status == ITEM_LOCKED) && !$perm['m_edit'])
{
$message = (intval($forum_status) == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED';
$message = ($forum_status == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED';
trigger_error($user->lang[$message]);
}
// Can we edit this post?
if (($mode == 'edit' || $mode == 'delete') && !empty($config['edit_time']) && $post_time < time() - intval($config['edit_time']) && !$perm['m_edit'])
if ( ($mode == 'edit' || $mode == 'delete') && !empty($config['edit_time']) && $post_time < time() - intval($config['edit_time']) && !$perm['m_edit'])
{
trigger_error($user->lang['CANNOT_EDIT_TIME']);
}
// Do we want to edit our post ?
if ( ($mode == 'edit') && (!$perm['m_edit']) )
if ( ($mode == 'edit') && (!$perm['m_edit']) && ($user->data['user_id'] != $poster_id))
{
if ( ($user->data['user_id'] != $poster_id) )
{
trigger_error($user->lang['USER_CANNOT_EDIT']);
}
trigger_error($user->lang['USER_CANNOT_EDIT']);
}
// PERMISSION CHECKS
// -----------------
// --------------
// PROCESS SUBMIT
$parse_msg = new parse_message(0); // <- TODO: add constant (MSG_POST/MSG_PM)
if ($submit)
if (($submit) || ($preview))
{
// If replying/quoting and last post id has changed
// give user option of continuing submit or return to post
// notify and show user the post made between his request and the final submit
if (($mode == 'reply' || $mode == 'quote') && intval($topic_last_post_id) != intval($topic_cur_post_id))
{
$topic_cur_post_id = (isset($_POST['topic_cur_post_id'])) ? intval($_POST['topic_cur_post_id']) : false;
$subject = (!empty($_POST['subject'])) ? trim(htmlspecialchars(strip_tags($_POST['subject']))) : '';
$message = (!empty($_POST['message'])) ? trim($_POST['message']) : '';
$username = (!empty($_POST['username'])) ? trim($_POST['username']) : '';
$topic_type = (!empty($_POST['topic_type'])) ? intval($_POST['topic_type']) : POST_NORMAL;
$icon_id = (!empty($_POST['icon'])) ? intval($_POST['icon']) : 0;
}
$enable_html = (!intval($config['allow_html'])) ? 0 : ((!empty($_POST['disable_html'])) ? 0 : 1);
$enable_bbcode = (!intval($config['allow_bbcode'])) ? 0 : ((!empty($_POST['disable_bbcode'])) ? 0 : 1);
$enable_smilies = (!intval($config['allow_smilies'])) ? 0 : ((!empty($_POST['disable_smilies'])) ? 0 : 1);
$enable_urls = (!empty($_POST['disable_magic_url'])) ? 0 : 1;
$enable_sig = (empty($_POST['attach_sig'])) ? 1 : 0;
$notify = (!empty($_POST['notify'])) ? 0 : 1;
$err_msg = '';
$current_time = time();
$parse_msg = new parse_message(0);
$search = new fulltext_search();
// Grab relevant submitted data
$message = (!empty($_POST['message'])) ? $_POST['message'] : '';
$subject = (!empty($_POST['subject'])) ? $_POST['subject'] : '';
$username = (!empty($_POST['username'])) ? $_POST['username'] : '';
$topic_type = (!empty($_POST['topic_type'])) ? intval($_POST['topic_type']) : POST_NORMAL;
$icon_id = (!empty($_POST['icon'])) ? intval($_POST['icon']) : 0;
$enable_html = (!intval($config['allow_html'])) ? 0 : ((!empty($_POST['disable_html'])) ? 0 : 1);
$enable_bbcode = (!intval($config['allow_bbcode'])) ? 0 : ((!empty($_POST['disable_bbcode'])) ? 0 : 1);
$enable_smilies = (!intval($config['allow_smilies'])) ? 0 : ((!empty($_POST['disable_smilies'])) ? 0 : 1);
$enable_urls = (!empty($_POST['disable_magic_url'])) ? 0 : 1;
$enable_sig = (empty($_POST['attach_sig'])) ? 1 : 0;
$poll_subject = (!empty($_POST['poll_subject'])) ? $_POST['poll_subject'] : '';
$poll_length = (!empty($_POST['poll_length'])) ? $_POST['poll_length'] : '';
$poll_option_text = (!empty($_POST['poll_option_text'])) ? $_POST['poll_option_text'] : '';
// If replying/quoting and last post id has changed
// give user option of continuing submit or return to post
// notify and show user the post made between his request and the final submit
if ( ($mode == 'reply' || $mode == 'quote') && ($topic_cur_post_id != $topic_last_post_id) )
{
}
// Grab md5 'checksum' of new message
$message_md5 = md5($message);
@ -252,15 +265,13 @@ if ($submit)
if ($mode != 'edit' || $message_md5 != $post_checksum)
{
// Parse message
$bbcode_uid = (!empty($bbcode_uid)) ? $bbcode_uid : '';
if (($result = $parse_msg->parse($message, $enable_html, $enable_bbcode, $bbcode_uid, $enable_urls, $enable_smilies)) != '')
{
$err_msg .= ((!empty($err_msg)) ? '<br />' : '') . $result;
}
}
if ($mode != 'edit')
if (($mode != 'edit') && (!$preview))
{
// Flood check
$where_sql = ($user->data['user_id'] == ANONYMOUS) ? "poster_ip = '$user->ip'" : 'poster_id = ' . $user->data['user_id'];
@ -286,40 +297,16 @@ if ($submit)
{
$err_msg .= ((!empty($err_msg)) ? '<br />' : '') . $result;
}
}
// Parse subject
if (($subject = trim(htmlspecialchars(strip_tags($subject)))) == '' && ($mode == 'post' || ($mode == 'edit' && $topic_first_post_id == $post_id)))
if ( ($subject == '') && ($mode == 'post' || ($mode == 'edit' && $topic_first_post_id == $post_id)))
{
$err_msg .= ((!empty($err_msg)) ? '<br />' : '') . $user->lang['EMPTY_SUBJECT'];
}
// Process poll options
if (!empty($poll_option_text) && (($auth->acl_get('f_poll', intval($forum_id)) && empty($poll_last_vote)) || $auth->acl_gets('m_edit', 'a_', intval($forum_id))))
{
$poll_options = explode("\n", $poll_option_text);
unset($poll_option_text);
$poll_options_size = sizeof($poll_options);
$result = $parse_msg->parse($poll_options, $enable_html, $enable_bbcode, $bbcode_uid, $enable_urls, $enable_smilies);
if (sizeof($poll_options) == 1)
{
$err_msg .= ((!empty($err_msg)) ? '<br />' : '') . $user->lang['TOO_FEW_POLL_OPTIONS'];
}
else if (sizeof($poll_options) > intval($config['max_poll_options']))
{
$err_msg .= ((!empty($err_msg)) ? '<br />' : '') . $user->lang['TOO_MANY_POLL_OPTIONS'];
}
else if (sizeof($poll_options) < $poll_options_size)
{
$err_msg .= ((!empty($err_msg)) ? '<br />' : '') . $user->lang['NO_DELETE_POLL_OPTIONS'];
}
$poll_subject = (!empty($poll_subject)) ? trim(htmlspecialchars(strip_tags($poll_subject))) : '';
$poll_length = (!empty($poll_length)) ? intval($poll_length) : 0;
}
$poll = array();
// $poll = $parse_msg->parse_poll();
// Check topic type
if ($topic_type != POST_NORMAL)
@ -345,274 +332,89 @@ if ($submit)
}
// Store message, sync counters
if ($err_msg == '')
if (($err_msg == '') && ($submit))
{
$db->sql_transaction();
// Initial Topic table info
if ($mode == 'post' || ($mode == 'edit' && $topic_first_post_id == $post_id))
{
$topic_sql = array(
'forum_id' => intval($forum_id),
'topic_title' => stripslashes($subject),
'topic_time' => $current_time,
'topic_type' => $topic_type,
'topic_approved'=> (!empty($enable_moderate) && !$auth->acl_gets('f_ignorequeue', 'm_', 'a_', intval($forum_id))) ? 0 : 1,
'icon_id' => $icon_id,
'topic_poster' => intval($user->data['user_id']),
'topic_first_poster_name' => ($username != '') ? stripslashes($username) : (($user->data['user_id'] == ANONYMOUS) ? '' : stripslashes($user->data['username'])),
);
if (!empty($poll_options))
{
$topic_sql = array_merge($topic_sql, array(
'poll_title' => stripslashes($poll_title),
'poll_start' => (!empty($poll_start)) ? $poll_start : $current_time,
'poll_length' => $poll_length * 3600
));
}
$sql = ($mode == 'post') ? 'INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', $topic_sql): 'UPDATE ' . TOPICS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $topic_sql) . ' WHERE topic_id = ' . intval($topic_id);
$db->sql_query($sql);
$topic_id = ($mode == 'post') ? $db->sql_nextid() : $topic_id;
}
// Post table info
$post_sql = array(
'topic_id' => intval($topic_id),
'forum_id' => intval($forum_id),
'poster_id' => ($mode == 'edit') ? intval($poster_id) : intval($user->data['user_id']),
'post_username' => ($username != '') ? stripslashes($username) : '',
'post_subject' => stripslashes($subject),
'icon_id' => $icon_id,
'poster_ip' => $user->ip,
'post_time' => $current_time,
'post_approved' => (!empty($enable_moderate) && !$auth->acl_gets('f_ignorequeue', 'm_', 'a_', intval($forum_id))) ? 0 : 1,
'post_edit_time' => ($mode == 'edit' && $poster_id == $user->data['user_id']) ? $current_time : 0,
'enable_sig' => $enable_html,
'enable_bbcode' => $enable_bbcode,
'enable_html' => $enable_html,
'enable_smilies' => $enable_smilies,
'enable_magic_url' => $enable_urls,
'bbcode_uid' => $bbcode_uid,
);
if ($mode != 'edit' || $message_md5 != $post_checksum)
{
$post_sql = array_merge($post_sql, array(
'post_checksum' => $message_md5,
'post_text' => stripslashes($message),
'post_encoding' => $user->lang['ENCODING']
));
}
$sql = ($mode == 'edit' && $poster_id == $user->data['user_id']) ? 'UPDATE ' . POSTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $post_sql) . ' , post_edit_count = post_edit_count + 1 WHERE post_id = ' . intval($post_id) : 'INSERT INTO ' . POSTS_TABLE . ' ' . $db->sql_build_array('INSERT', $post_sql);
$db->sql_query($sql);
$post_id = ($mode == 'edit') ? $post_id : $db->sql_nextid();
// poll options
if (!empty($poll_options))
{
$cur_poll_options = array();
if (!empty($poll_start) && $mode == 'edit')
{
$sql = "SELECT * FROM " . POLL_OPTIONS_TABLE . "
WHERE topic_id = $topic_id
ORDER BY poll_option_id";
$result = $db->sql_query($sql);
while ($cur_poll_options[] = $db->sql_fetchrow($result));
$db->sql_freeresult($result);
}
for ($i = 0; $i < sizeof($poll_options); $i++)
{
if (trim($poll_options[$i]) != '')
{
if (empty($cur_poll_options[$i]))
{
$sql = "INSERT INTO " . POLL_OPTIONS_TABLE . " (topic_id, poll_option_text)
VALUES (" . intval($topic_id) . ", '" . $db->sql_escape($poll_options[$i]) . "')";
$db->sql_query($sql);
}
else if ($poll_options[$i] != $cur_poll_options[$i])
{
$sql = "UPDATE " . POLL_OPTIONS_TABLE . "
SET poll_option_text = '" . $db->sql_escape($poll_options[$i]) . "'
WHERE poll_option_id = " . $cur_poll_options[$i]['poll_option_id'];
$db->sql_query($sql);
}
}
}
}
// Fulltext parse
if ($mode != 'edit' || $message_md5 != $post_checksum)
{
$result = $search->add($mode, $post_id, $message, $subject);
}
// Sync forums, topics and users ...
if ($mode != 'edit')
{
// Update forums: last post info, topics, posts ... we need to update
// each parent too ...
$forum_ids = intval($forum_id);
if (!empty($forum_parents))
{
$forum_parents = unserialize($forum_parents);
foreach ($forum_parents as $parent_forum_id => $parent_name)
{
$forum_ids .= ', ' . $parent_forum_id;
}
}
$forum_topics_sql = ($mode == 'post') ? ', forum_topics = forum_topics + 1' : '';
$forum_sql = array(
'forum_last_post_id' => intval($post_id),
'forum_last_post_time' => $current_time,
'forum_last_poster_id' => intval($user->data['user_id']),
'forum_last_poster_name'=> ($user->data['user_id'] == ANONYMOUS) ? stripslashes($username) : $user->data['username'],
);
$sql = 'UPDATE ' . FORUMS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $forum_sql) . ', forum_posts = forum_posts + 1' . $forum_topics_sql . ' WHERE forum_id IN (' . $forum_ids . ')';
$db->sql_query($sql);
// Update topic: first/last post info, replies
$topic_sql = array(
'topic_last_post_id' => intval($post_id),
'topic_last_post_time' => $current_time,
'topic_last_poster_id' => intval($user->data['user_id']),
'topic_last_poster_name'=> ($username != '') ? stripslashes($username) : (($user->data['user_id'] == ANONYMOUS) ? '' : stripslashes($user->data['username'])),
);
if ($mode == 'post')
{
$topic_sql = array_merge($topic_sql, array(
'topic_first_post_id' => intval($post_id),
));
}
$topic_replies_sql = ($mode == 'reply') ? ', topic_replies = topic_replies + 1' : '';
$sql = 'UPDATE ' . TOPICS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $topic_sql) . $topic_replies_sql . ' WHERE topic_id = ' . intval($topic_id);
$db->sql_query($sql);
// Update user post count ... if appropriate
if (!empty($enable_post_count) && $user->data['user_id'] != ANONYMOUS)
{
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_posts = user_posts + 1
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
}
// post counts for index, etc.
if ($mode == 'post')
{
set_config('num_topics', $config['num_topics'] + 1, TRUE);
}
set_config('num_posts', $config['num_posts'] + 1, TRUE);
}
// Topic notification
if (!empty($notify) && ($mode == 'post' || empty($notify_set)))
{
$sql = "INSERT INTO " . TOPICS_WATCH_TABLE . " (user_id, topic_id)
VALUES (" . $user->data['user_id'] . ", $topic_id)";
$db->sql_query($sql);
}
else if (empty($notify) && !empty($notify_set))
{
$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
WHERE user_id = " . $user->data['user_id'] . "
AND topic_id = $topic_id";
$db->sql_query($sql);
}
// Mark this topic as read and posted to.
$mark_mode = ($mode == 'reply' || $mode == 'newtopic') ? 'post' : 'topic';
markread($mark_mode, $forum_id, $topic_id, $post_id);
$db->sql_transaction('commit');
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="5; url=' . "viewtopic.$phpEx$SID&amp;f=$forum_id&amp;p=$post_id#$post_id" . '">')
$misc_info = array(
'topic_first_post_id' => $topic_first_post_id,
'post_id' => $post_id,
'topic_id' => $topic_id,
'forum_id' => $forum_id,
'enable_moderate' => $enable_moderate,
'icon_id' => $icon_id,
'poster_id' => $poster_id,
'enable_sig' => $enable_html,
'enable_bbcode' => $enable_bbcode,
'enable_html' => $enable_html,
'enable_smilies' => $enable_smilies,
'enable_urls' => $enable_urls,
'enable_post_count' => $enable_post_count,
'message_md5' => $message_md5,
'post_checksum' => $post_checksum,
'forum_parents' => $forum_parents,
'notify' => $notify,
'notify_set' => $notify_set
);
$message = (!empty($enable_moderate)) ? 'POST_STORED_MOD' : 'POST_STORED';
$message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="viewtopic.' . $phpEx . $SID .'&p=' . $post_id . '#' . $post_id . '">', '</a>') . '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="viewforum.' . $phpEx . $SID .'&amp;f=' . intval($forum_id) . '">', '</a>');
trigger_error($message);
} // Store message, sync counters
$parse_msg->submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_uid, $poll, $misc_info);
}
// Houston, we have an error ...
$post_text = &stripslashes($message);
$post_subject = $topic_title = &stripslashes($subject);
$post_text = stripslashes($message);
$post_subject = $topic_title = stripslashes($subject);
}
$template->assign_vars(array(
'ERROR_MESSAGE' => $err_msg)
);
} // isset($post)
// PROCESS SUBMIT
// --------------
// -----------
// DECODE TEXT -> This will/should be handled by bbcode.php eventually
if ($mode != 'post')
if ($err_msg)
{
$server_protocol = ($config['cookie_secure']) ? 'https://' : 'http://';
$server_port = ($config['server_port'] <> 80) ? ':' . trim($config['server_port']) . '/' : '/';
$match = array(
'#<!\-\- b \-\-><b>(.*?)</b><!\-\- b \-\->#s',
'#<!\-\- u \-\-><u>(.*?)</u><!\-\- u \-\->#s',
'#<!\-\- e \-\-><a href="mailto:(.*?)">.*?</a><!\-\- e \-\->#',
'#<!\-\- m \-\-><a href="(.*?)" target="_blank">.*?</a><!\-\- m \-\->#',
'#<!\-\- w \-\-><a href="http:\/\/(.*?)" target="_blank">.*?</a><!\-\- w \-\->#',
'#<!\-\- l \-\-><a href="(.*?)" target="_blank">.*?</a><!\-\- l \-\->#',
'#<!\-\- s(.*?) \-\-><img src="\{SMILE_PATH\}\/.*? \/><!\-\- s\1 \-\->#',
);
$replace = array(
'[b]\1[/b]',
'[u]\1[/u]',
'\1',
'\1',
'\1',
$server_protocol . trim($config['server_name']) . $server_port . preg_replace('/^\/?(.*?)(\/)?$/', '\1', trim($config['script_path'])) . '/\1',
'\1',
);
$preview = false;
}
if ($preview)
{
if (empty($censors))
{
$censors = array();
obtain_word_list($censors);
}
$post_text = preg_replace($match, $replace, $post_text);
$poll_options = preg_replace($match, $replace, $poll_options);
$post_time = $current_time;
$preview_message = $parse_msg->format_display(stripslashes($message), $enable_html, $enable_bbcode, $bbcode_uid, $enable_urls, $enable_smilies, $enable_sig);
if (sizeof($censors))
{
$preview_subject = preg_replace($censors['match'], $censors['replace'], $subject);
}
else
{
$preview_subject = $subject;
}
}
// DECODE TEXT
// -------------------
decode_text($post_text);
decode_text($subject);
if ($mode == 'quote')
{
quote_text($post_text, $post_username);
}
// -----------------------------
// MAIN POSTING PAGE BEGINS HERE
// Forum moderators?
get_moderators($moderators, intval($forum_id));
get_moderators($moderators, $forum_id);
// Generate smilies and topic icon listings
generate_smilies('inline');
// Topic icons
$s_topic_icons = generate_topic_icons($mode, intval($enable_icons));
// Generate Topic icons
$s_topic_icons = generate_topic_icons($mode, $enable_icons);
// Topic type selection ... only for first post in topic.
$topic_type_toggle = '';
if ( ($mode == 'post') || (($mode == 'edit') && (intval($post_id) == intval($topic_first_post_id))) )
if ( ($mode == 'post') || (($mode == 'edit') && ($post_id == $topic_first_post_id)) )
{
$topic_types = array(
'sticky' => array('const' => POST_STICKY, 'lang' => 'POST_STICKY'),
'announce' => array('const' => POST_ANNOUNCE, 'lang' => 'POST_ANNOUNCEMENT')
// 'global_announce' => array('const' => POST_GLOBAL_ANNOUNCE, 'lang' => 'POST_GLOBAL_ANNOUNCE')
);
@reset($topic_types);
@ -621,7 +423,7 @@ if ( ($mode == 'post') || (($mode == 'edit') && (intval($post_id) == intval($top
if ($perm['f_' . $auth_key])
{
$topic_type_toggle .= '<input type="radio" name="topic_type" value="' . $topic_value['const'] . '"';
if (intval($topic_type) == $topic_value['const'])
if ($topic_type == $topic_value['const'])
{
$topic_type_toggle .= ' checked="checked"';
}
@ -631,26 +433,27 @@ if ( ($mode == 'post') || (($mode == 'edit') && (intval($post_id) == intval($top
if ($topic_type_toggle != '')
{
$topic_type_toggle = (($mode == 'edit') ? $user->lang['CHANGE_TOPIC_TO'] : $user->lang['POST_TOPIC_AS']) . ': <input type="radio" name="topic_type" value="' . POST_NORMAL . '"' . ((intval($topic_type) == POST_NORMAL) ? ' checked="checked"' : '') . ' /> ' . $user->lang['POST_NORMAL'] . '&nbsp;&nbsp;' . $topic_type_toggle;
$topic_type_toggle = (($mode == 'edit') ? $user->lang['CHANGE_TOPIC_TO'] : $user->lang['POST_TOPIC_AS']) . ': <input type="radio" name="topic_type" value="' . POST_NORMAL . '"' . (($topic_type == POST_NORMAL) ? ' checked="checked"' : '') . ' /> ' . $user->lang['POST_NORMAL'] . '&nbsp;&nbsp;' . $topic_type_toggle;
}
}
// HTML, BBCode, Smilies, Images and Flash status
$html_status = ($config['allow_html'] && $auth->acl_get('f_html', $forum_id)) ? true : false;
$bbcode_status = ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false;
$smilies_status = ($config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false;
$img_status = ($config['allow_img'] && $auth->acl_get('f_img', $forum_id)) ? true : false;
$flash_status = ($config['allow_flash'] && $auth->acl_get('f_flash', $forum_id)) ? true : false;
$html_status = (intval($config['allow_html']) && $auth->acl_get('f_html', $forum_id)) ? true : false;
$bbcode_status = (intval($config['allow_bbcode']) && $auth->acl_get('f_bbcode', $forum_id)) ? true : false;
$smilies_status = (intval($config['allow_smilies']) && $auth->acl_get('f_smilies', $forum_id)) ? true : false;
$img_status = (intval($config['allow_img']) && $auth->acl_get('f_img', $forum_id)) ? true : false;
$flash_status = (intval($config['allow_flash']) && $auth->acl_get('f_flash', $forum_id)) ? true : false;
$html_checked = (isset($enable_html)) ? !$enable_html : (($config['allow_html']) ? !$user->data['user_allowhtml'] : 1);
$bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : (($config['allow_bbcode']) ? !$user->data['user_allowbbcode'] : 1);
$smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : (($config['allow_smilies']) ? !$user->data['user_allowsmile'] : 1);
$html_checked = (isset($enable_html)) ? !$enable_html : ((intval($config['allow_html'])) ? !$user->data['user_allowhtml'] : 1);
$bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : ((intval($config['allow_bbcode'])) ? !$user->data['user_allowbbcode'] : 1);
$smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : ((intval($config['allow_smilies'])) ? !$user->data['user_allowsmile'] : 1);
$urls_checked = (isset($enable_urls)) ? !$enable_urls : 0;
$sig_checked = (isset($attach_sig)) ? $attach_sig : (($config['allow_sigs']) ? $user->data['user_atachsig'] : 0);
$sig_checked = (isset($attach_sig)) ? $attach_sig : ((intval($config['allow_sigs'])) ? $user->data['user_atachsig'] : 0);
$notify_checked = (isset($notify_set)) ? $notify_set : (($user->data['user_id'] != ANONYMOUS) ? $user->data['user_notify'] : 0);
$lock_topic_checked = (isset($topic_lock)) ? $topic_lock : (($topic_status == ITEM_LOCKED) ? 1 : 0);
// Page title & action URL, include session_id for security purpose
$s_action = "posting.$phpEx?sid=" . $user->session_id . "&amp;mode=$mode&amp;f=" . intval($forum_id);
$s_action = "posting.$phpEx?sid=" . $user->session_id . "&amp;mode=$mode&amp;f=" . $forum_id;
switch ($mode)
{
case 'post':
@ -671,226 +474,89 @@ switch ($mode)
// Build navigation links
$forum_data = array(
'parent_id' => intval($parent_id),
'parent_id' => $parent_id,
'forum_parents' => $forum_parents,
'forum_name' => $forum_name,
'forum_id' => intval($forum_id),
'forum_id' => $forum_id,
'forum_desc' => ''
);
generate_forum_nav($forum_data);
// Start assigning vars for main posting page ...
$template->assign_vars(array(
'FORUM_NAME' => $forum_name,
'FORUM_DESC' => !empty($forum_desc) ? strip_tags($forum_desc) : '',
'TOPIC_TITLE' => ($mode != 'post') ? $topic_title : '',
'USERNAME' => $post_username,
'SUBJECT' => (!empty($topic_title)) ? $topic_title : $post_subject,
'MESSAGE' => trim($post_text),
'HTML_STATUS' => ($html_status) ? $user->lang['HTML_IS_ON'] : $user->lang['HTML_IS_OFF'],
'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>'),
'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
'MODERATORS' => (sizeof($moderators)) ? implode(', ', $moderators[$forum_id]) : $user->lang['NONE'],
'L_POST_A' => $page_title,
'L_MESSAGE_BODY_EXPLAIN'=> (intval($config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '',
'L_POST_A' => $page_title,
'L_ICON' => ($mode == 'reply' || $mode == 'quote') ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'],
'L_MESSAGE_BODY_EXPLAIN'=> (intval($config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '',
'U_VIEW_FORUM' => "viewforum.$phpEx$SID&amp;f=" . intval($forum_id),
'U_VIEWTOPIC' => ($mode != 'post') ? "viewtopic.$phpEx$SID&amp;" . intval($forum_id) . "&amp;t=" . intval($topic_id) : '',
'U_REVIEW_TOPIC' => ($mode != 'post') ? "posting.$phpEx$SID&amp;mode=topicreview&amp;f=" . intval($forum_id) . "&amp;t=" . intval($topic_id) : '',
'FORUM_NAME' => $forum_name,
'FORUM_DESC' => (!empty($forum_desc)) ? strip_tags($forum_desc) : '',
'TOPIC_TITLE' => $topic_title,
'MODERATORS' => (sizeof($moderators)) ? implode(', ', $moderators[$forum_id]) : $user->lang['NONE'],
'USERNAME' => $post_username,
'SUBJECT' => (!empty($topic_title)) ? $topic_title : $post_subject,
'PREVIEW_SUBJECT' => ($preview) ? $preview_subject : '',
'MESSAGE' => trim($post_text),
'PREVIEW_MESSAGE' => ($preview) ? $preview_message : '',
'HTML_STATUS' => ($html_status) ? $user->lang['HTML_IS_ON'] : $user->lang['HTML_IS_OFF'],
'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>'),
'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
'MINI_POST_IMG' => $user->img('goto_post', $user->lang['POST']),
'POST_DATE' => ($post_time) ? $user->format_date($post_time) : '',
'ERROR_MESSAGE' => $err_msg,
'S_SHOW_TOPIC_ICONS' => $s_topic_icons,
'U_VIEW_FORUM' => "viewforum.$phpEx$SID&amp;f=" . $forum_id,
'U_VIEWTOPIC' => ($mode != 'post') ? "viewtopic.$phpEx$SID&amp;" . $forum_id . "&amp;t=" . $topic_id : '',
'S_DISPLAY_PREVIEW' => ($preview),
'S_DISPLAY_USERNAME' => ($user->data['user_id'] == ANONYMOUS || ($mode == 'edit' && $post_username)) ? true : false,
'S_SHOW_TOPIC_ICONS' => $s_topic_icons,
'S_DELETE_ALLOWED' => ($mode == 'edit' && ( ($post_id == $topic_last_post_id && $poster_id == $user->data['user_id'] && $perm['u_delete']) || ($perm['m_delete']))) ? true : false,
'S_HTML_ALLOWED' => $html_status,
'S_HTML_CHECKED' => ($html_checked) ? 'checked="checked"' : '',
'S_BBCODE_ALLOWED' => $bbcode_status,
'S_BBCODE_CHECKED' => ($bbcode_checked) ? 'checked="checked"' : '',
'S_SMILIES_ALLOWED' => $smilies_status,
'S_SMILIES_CHECKED' => ($smilies_checked) ? 'checked="checked"' : '',
'S_MAGIC_URL_CHECKED' => ($urls_checked) ? 'checked="checked"' : '',
'S_SIG_ALLOWED' => ($perm['f_sigs']) ? true : false,
'S_SIGNATURE_CHECKED' => ($sig_checked) ? 'checked="checked"' : '',
'S_NOTIFY_ALLOWED' => ($user->data['user_id'] != ANONYMOUS) ? true : false,
'S_NOTIFY_CHECKED' => ($notify_checked) ? 'checked="checked"' : '',
'S_DISPLAY_USERNAME' => ($user->data['user_id'] == ANONYMOUS || ($mode == 'edit' && $post_username)) ? true : false,
'S_SAVE_ALLOWED' => ($auth->acl_gets('f_save', 'm_', 'a_', $forum_id)) ? true : false,
'S_HTML_ALLOWED' => $html_status,
'S_BBCODE_ALLOWED' => $bbcode_status,
'S_SMILIES_ALLOWED' => $smilies_status,
'S_SIG_ALLOWED' => ($auth->acl_gets('f_sigs', 'm_', 'a_', $forum_id)) ? true : false,
'S_NOTIFY_ALLOWED' => ($user->data['user_id'] != ANONYMOUS) ? true : false,
'S_DELETE_ALLOWED' => ($mode == 'edit' && (($post_id == $topic_last_post_id && $poster_id == $user->data['user_id'] && $auth->acl_get('f_delete', intval($forum_id))) || $auth->acl_gets('m_delete', 'a_', intval($forum_id)))) ? true : false,
'S_TYPE_TOGGLE' => $topic_type_toggle,
'S_LOCK_TOPIC_ALLOWED' => (($mode == 'edit' || $mode == 'reply' || $mode == 'quote') && ($auth->acl_get('m_lock', 'a_', intval($forum_id)))) ? true : false,
'S_DISPLAY_REVIEW' => ($mode == 'reply' || $mode == 'quote') ? true : false,
'S_TOPIC_ID' => intval($topic_id),
'S_POST_ACTION' => $s_action,
'S_HIDDEN_FIELDS' => ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $topic_last_post_id . '" />' : '')
'S_LOCK_TOPIC_ALLOWED' => ( ($mode == 'edit' || $mode == 'reply' || $mode == 'quote') && ($perm['m_lock']) ) ? true : false,
'S_LOCK_TOPIC_CHECKED' => ($lock_topic_checked) ? 'checked="checked"' : '',
'S_MAGIC_URL_CHECKED' => ($urls_checked) ? 'checked="checked"' : '',
'S_TYPE_TOGGLE' => $topic_type_toggle,
'S_SAVE_ALLOWED' => ($perm['f_save']) ? true : false,
'S_POST_ACTION' => $s_action,
'S_HIDDEN_FIELDS' => ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $topic_last_post_id . '" />' : '')
);
// Poll entry
if ((($mode == 'post' || ($mode == 'edit' && intval($post_id) == intval($topic_first_post_id) && empty($poll_last_vote))) && $auth->acl_get('f_poll', intval($forum_id))) || $auth->acl_gets('m_edit', 'a_', $forum_id))
{
$template->assign_vars(array(
'S_SHOW_POLL_BOX' => true,
'S_POLL_DELETE' => ($mode == 'edit' && !empty($poll_options) && ((empty($poll_last_vote) && $poster_id == $user->data['user_id'] && $auth->acl_get('f_delete', intval($forum_id))) || $auth->acl_gets('m_delete', 'a_', intval($forum_id)))) ? true : false,
'L_POLL_OPTIONS_EXPLAIN'=> sprintf($user->lang['POLL_OPTIONS_EXPLAIN'], $config['max_poll_options']),
'POLL_TITLE' => $poll_title,
'POLL_OPTIONS' => (!empty($poll_options)) ? implode("\n", $poll_options) : '',
'POLL_LENGTH' => $poll_length)
);
}
// Attachment entry
if ($auth->acl_gets('f_attach', 'm_edit', 'a_', $forum_id))
{
$template->assign_vars(array(
'S_SHOW_ATTACH_BOX' => true,)
);
}
// Output page ...
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'posting_body.html')
);
make_jumpbox('viewforum.'.$phpEx);
// Topic review
if ($mode == 'reply' || $mode == 'quote')
{
topic_review(intval($topic_id), true);
}
make_jumpbox('viewforum.'.$phpEx);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
// ---------
// FUNCTIONS
function topic_review($topic_id, $is_inline_review = false)
function debug_print_permissions($perm)
{
global $SID, $db, $config, $template, $user, $auth, $phpEx, $phpbb_root_path, $starttime;
global $censors;
global $forum_id;
// Define censored word matches
if (empty($censors))
@reset($perm);
echo '<span class="gensmall">Permission Settings -> Forum ID ' . $forum_id . ': <br />';
while (list($perm_key, $authed) = each($perm))
{
$censors = array();
obtain_word_list($censors);
echo $perm_key . ' -> ' . (($authed) ? 'yes' : 'no') . '<br />';
}
if (!$is_inline_review)
{
// Get topic info ...
$sql = "SELECT t.topic_title, f.forum_id
FROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f
WHERE t.topic_id = $topic_id
AND f.forum_id = t.forum_id";
$result = $db->sql_query($sql);
if (!($row = $db->sql_fetchrow($result)))
{
trigger_error($user->lang['NO_TOPIC']);
}
$forum_id = intval($row['forum_id']);
$topic_title = $row['topic_title'];
if (!$auth->acl_gets('f_read', 'm_', 'a_', $forum_id))
{
trigger_error($user->lang['SORRY_AUTH_READ']);
}
if (count($orig_word))
{
$topic_title = preg_replace($censors['match'], $censors['replace'], $topic_title);
}
}
else
{
$template->assign_vars(array(
'S_DISPLAY_INLINE' => true)
);
}
// Go ahead and pull all data for this topic
$sql = "SELECT u.username, u.user_id, p.*
FROM " . POSTS_TABLE . " p, " . USERS_TABLE . " u
WHERE p.topic_id = $topic_id
AND p.poster_id = u.user_id
ORDER BY p.post_time DESC
LIMIT " . $config['posts_per_page'];
$result = $db->sql_query($sql);
// Okay, let's do the loop, yeah come on baby let's do the loop
// and it goes like this ...
if ($row = $db->sql_fetchrow($result))
{
$i = 0;
do
{
$poster_id = $row['user_id'];
$poster = $row['username'];
// Handle anon users posting with usernames
if($poster_id == ANONYMOUS && $row['post_username'] != '')
{
$poster = $row['post_username'];
$poster_rank = $user->lang['GUEST'];
}
$post_subject = ($row['post_subject'] != '') ? $row['post_subject'] : '';
$message = $row['post_text'];
if ($row['enable_smilies'])
{
$message = str_replace('<img src="{SMILE_PATH}', '<img src="' . $phpbb_root_path . $config['smilies_path'], $message);
}
if (count($orig_word))
{
$post_subject = preg_replace($censors['match'], $censors['replace'], $post_subject);
$message = preg_replace($censors['match'], $censors['replace'], $message);
}
$template->assign_block_vars('postrow', array(
'MINI_POST_IMG' => $user->img('goto_post', $user->lang['POST']),
'POSTER_NAME' => $poster,
'POST_DATE' => $user->format_date($row['post_time']),
'POST_SUBJECT' => $post_subject,
'MESSAGE' => nl2br($message),
'S_ROW_COUNT' => $i++)
);
}
while ($row = $db->sql_fetchrow($result));
}
else
{
trigger_error($user->lang['NO_TOPIC']);
}
$db->sql_freeresult($result);
$template->assign_vars(array(
'L_MESSAGE' => $user->lang['MESSAGE'],
'L_POSTED' => $user->lang['POSTED'],
'L_POST_SUBJECT'=> $user->lang['POST_SUBJECT'],
'L_TOPIC_REVIEW'=> $user->lang['TOPIC_REVIEW'])
);
if (!$is_inline_review)
{
$page_title = $user->lang['TOPIC_REVIEW'] . ' - ' . $topic_title;
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'posting_topic_review.html')
);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
}
echo '</span>';
}
?>

15
phpBB/templates/subSilver/posting_body.html
View File

@ -36,16 +36,17 @@ function checkForm()
</script>
<script language="javascript" type="text/javascript" src="templates/subSilver/editor.js"></script>
<form action="{S_POST_ACTION}" method="post" name="post" onsubmit="return checkForm(this)"><table width="100%" cellspacing="2" cellpadding="2" border="0" align="center">
<form action="{S_POST_ACTION}" method="post" name="post" onsubmit="return checkForm(this)">
<table width="100%" cellspacing="2" cellpadding="2" border="0" align="center">
<tr>
<td colspan="2" align="left" valign="bottom"><a class="titles" href="{U_VIEW_FORUM}" title="{FORUM_DESC}">{FORUM_NAME}</a><!-- IF TOPIC_TITLE --> :: <a class="titles" href="{U_VIEWTOPIC}">{TOPIC_TITLE}</a><!-- ENDIF --><br /><span class="gensmall"><b>{L_MODERATORS}: {MODERATORS}</b><br /><br /><b>{LOGGED_IN_USER_LIST}</b></span></td>
<td colspan="2" align="left" valign="bottom"><a class="titles" href="{U_VIEW_FORUM}" title="{FORUM_DESC}">{FORUM_NAME}</a><!-- IF TOPIC_TITLE --> :: <a class="titles" href="{U_VIEWTOPIC}">{TOPIC_TITLE}</a><!-- ENDIF --><br /><b class="gensmall">{L_MODERATORS}: {MODERATORS}</b><br /><br /><b class="gensmall">{LOGGED_IN_USER_LIST}</b></td>
</tr>
<tr>
<td width="100%" align="left" valign="middle"><span class="nav"><a href="{U_INDEX}">{L_INDEX}</a><!-- BEGIN navlinks --> -> <a href="{navlinks.U_VIEW_FORUM}">{navlinks.FORUM_NAME}</a><!-- END navlinks --></span></td>
<td class="nav" width="100%" align="left" valign="middle"><a href="{U_INDEX}">{L_INDEX}</a><!-- BEGIN navlinks --> -> <a href="{navlinks.U_VIEW_FORUM}">{navlinks.FORUM_NAME}</a><!-- END navlinks --></td>
</tr>
</table>
{POST_PREVIEW_BOX}
<!-- IF S_DISPLAY_PREVIEW --><!-- INCLUDE posting_preview.html --><!-- ENDIF -->
<table class="tablebg" width="100%" cellspacing="1" cellpadding="3" border="0">
<tr>
@ -119,13 +120,13 @@ function checkForm()
<option value="18">{L_FONT_LARGE}</option>
<option value="24">{L_FONT_HUGE}</option>
</select></td>
<td nowrap="nowrap" align="right"><span class="gensmall"><a href="javascript:bbstyle(-1)" onmouseover="helpline('a')">{L_CLOSE_TAGS}</a></span></td>
<td class="gensmall" nowrap="nowrap" align="right"><a href="javascript:bbstyle(-1)" onmouseover="helpline('a')">{L_CLOSE_TAGS}</a></td>
</tr>
</table></td>
</tr>
<tr>
<td colspan="10" width="450"><input type="text" name="helpbox" size="45" maxlength="100" style="width:450px; font-size:10px" class="helpline" value="{L_STYLES_TIP}" /></td>
<td align="center"><span class="genmed">{L_FONT_COLOR}</span></td>
<td class="genmed" align="center">{L_FONT_COLOR}</td>
</tr>
<tr>
<td colspan="10"><textarea style="width:450px" name="message" rows="15" cols="35" tabindex="3" onselect="storeCaret(this);" onclick="storeCaret(this);" onkeyup="storeCaret(this);">{MESSAGE}</textarea></td>
@ -196,7 +197,7 @@ function checkForm()
<!-- ENDIF -->
<!-- IF S_LOCK_TOPIC_ALLOWED -->
<tr>
<td><input type="checkbox" name="lock_topic" /></td>
<td><input type="checkbox" name="lock_topic" {S_LOCK_TOPIC_CHECKED} /></td>
<td class="gen">{L_LOCK_TOPIC}</td>
</tr>
<!-- ENDIF -->

12
phpBB/templates/subSilver/posting_preview.html
View File

@ -1,22 +1,22 @@
<table class="forumline" width="100%" cellspacing="1" cellpadding="4" border="0">
<table class="tablebg" width="100%" cellspacing="1" cellpadding="4" border="0">
<tr>
<th height="25" class="thHead">{L_PREVIEW}</th>
<th height="25">{L_PREVIEW}</th>
</tr>
<tr>
<td class="row1"><img src="templates/subSilver/images/icon_minipost.gif" alt="{L_POST}" /><span class="postdetails">{L_POSTED}: {POST_DATE} &nbsp;&nbsp;&nbsp; {L_POST_SUBJECT}: {POST_SUBJECT}</span></td>
<td class="row1">{MINI_POST_IMG}<span class="postdetails">{L_POSTED}: {POST_DATE} &nbsp;&nbsp;&nbsp; {L_POST_SUBJECT}: {PREVIEW_SUBJECT}</span></td>
</tr>
<tr>
<td class="row1"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
<span class="postbody">{MESSAGE}</span>
<span class="postbody">{PREVIEW_MESSAGE}</span>
</td>
</tr>
</table></td>
</tr>
<tr>
<td class="spaceRow" height="1"><img src="templates/subSilver/images/spacer.gif" width="1" height="1" /></td>
<tr>
<td class="spacer" height="1"><img src="images/spacer.gif" alt="" width="1" height="1" /></td>
</tr>
</table>

4
phpBB/templates/subSilver/posting_smilies.html
View File

@ -19,9 +19,9 @@ function emoticon(text) {
<table width="100%" cellspacing="2" cellpadding="0" border="0">
<tr>
<td><table class="forumline" width="100%" cellspacing="1" cellpadding="4" border="0">
<td><table class="tablebg" width="100%" cellspacing="1" cellpadding="4" border="0">
<tr>
<th class="thHead" height="25">{L_EMOTICONS}</th>
<th height="25">{L_EMOTICONS}</th>
</tr>
<tr>
<td class="row1" align="center" valign="middle"><!-- BEGIN emoticon --> <a href="javascript:emoticon('{emoticon.SMILEY_CODE}')"><img src="{emoticon.SMILEY_IMG}" width="{emoticon.SMILEY_WIDTH}" height="{emoticon.SMILEY_HEIGHT}" border="0" alt="{emoticon.SMILEY_DESC}" title="{emoticon.SMILEY_DESC}" hspace="2" vspace="2" onclick="emoticon('{emoticon.SMILEY_CODE}');return false" /></a> <!-- END emoticon --><br /><a class="nav" href="javascript:window.close();">{L_CLOSE_WINDOW}</a></td>

4
phpBB/templates/subSilver/posting_topic_review.html
View File

@ -1,8 +1,8 @@
<!-- IF S_DISPLAY_INLINE -->
<table border="0" cellpadding="3" cellspacing="1" width="100%" class="forumline">
<table class="tablebg" border="0" cellpadding="3" cellspacing="1" width="100%">
<tr>
<td class="cat" height="28" align="center"><b><span class="cattitle">{L_TOPIC_REVIEW}</span></b></td>
<td height="28" align="center"><b>{L_TOPIC_REVIEW}</b></td>
</tr>
<tr>
<td class="row1"><iframe width="100%" height="300" src="{U_REVIEW_TOPIC}">