1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
248:
249:
250:
251:
252:
253:
254:
255:
256:
257:
258:
259:
260:
261:
262:
263:
264:
265:
266:
267:
268:
269:
270:
271:
272:
273:
274:
275:
276:
277:
278:
279:
280:
281:
282:
283:
284:
285:
286:
287:
288:
289:
290:
291:
292:
293:
294:
295:
296:
297:
298:
299:
300:
301:
302:
303:
304:
305:
306:
307:
308:
309:
310:
311:
312:
313:
314:
315:
316:
317:
318:
319:
320:
321:
322:
323:
324:
325:
326:
327:
328:
329:
330:
331:
|
<?php
$filename="newthread.php";
require("./global.php");
$lang->load("POST,POSTINGS,MAIL");
if($_REQUEST['action']=="announce") {
if(!isset($threadid) || $thread['important']!=2) eval("error(\"".$lang->get4eval("LANG_GLOBAL_ERROR_FALSELINK")."\");");
if(!checkmodpermissions("m_can_announce")) access_error();
$action="announce";
if(isset($_POST['send'])) {
$boardids = $_POST['boardids'];
if(count($boardids)) {
$boardids = implode("','$threadid'),('",$boardids);
$db->unbuffered_query("INSERT IGNORE INTO bb".$n."_announcements (boardid,threadid) VALUES ('$boardids','$threadid')",1);
}
header("Location: thread.php?threadid=$threadid&sid=$session[hash]");
exit();
}
$result = $db->unbuffered_query("SELECT boardid, parentid, boardorder, title, invisible FROM bb".$n."_boards ORDER by parentid ASC, boardorder ASC");
while ($row = $db->fetch_array($result)) $boardcache[$row['parentid']][$row['boardorder']][$row['boardid']] = $row;
$permissioncache=getPermissions();
$board_options=makeboardselect(0,1,$boardid);
$navbar=getNavbar($board['parentlist']);
eval ("\$navbar .= \"".$tpl->get("navbar_board")."\";");
eval("\$tpl->output(\"".$tpl->get("newthread_announce")."\");");
exit();
}
unset($message);
unset($topic);
unset($guestname);
if(!isset($boardid)) eval("error(\"".$lang->get4eval("LANG_GLOBAL_ERROR_FALSELINK")."\");");
if($board['isboard']!=1 || $board['closed']==1 || !checkpermissions("can_start_topic")) access_error();
/* checkbox preselect */
if($newthread_default_checked_0==1) $checked[0]="checked=\"checked\"";
if($wbbuserdata['emailnotify']==1) $checked[1]="checked=\"checked\"";
if($newthread_default_checked_2==1) $checked[2]="checked=\"checked\"";
if($newthread_default_checked_3==1) $checked[3]="checked=\"checked\"";
if($newthread_default_checked_4==1) $checked[4]="checked=\"checked\"";
if($newthread_default_checked_5==1) $checked[5]="checked=\"checked\"";
if($newthread_default_checked_6==1) $checked[6]="checked=\"checked\"";
$imp_checked[0]="checked=\"checked\"";
if(isset($_POST['send'])) {
/* get topic & stop shooting */
$topic=wbb_trim($_POST['topic']);
if($dostopshooting==1) $topic=stopShooting($topic);
/* get message & strip crap */
$message=stripcrap(wbb_trim($_POST['message']));
/* get guestname */
if(!$wbbuserdata['userid']) $guestname=wbb_trim($_POST['guestname']);
/* check attachmentid:start */
if(isset($_POST['attachment_id']) && checkpermissions("can_upload_attachments")==1) {
$attachment_id=intval($_POST['attachment_id']);
if($attachment_id!=0) {
list($attachment_verify) = $db->query_first("SELECT COUNT(*) FROM bb".$n."_posts WHERE attachmentid = '$attachment_id'");
if($attachment_verify!=0) $attachment_id=0;
}
}
else $attachment_id=0;
/* check attachmentid:end */
/* posting feature rights:start */
if(isset($_POST['iconid']) && checkpermissions("can_use_post_icons")==1) $iconid=intval($_POST['iconid']);
else $iconid=0;
if(!checkpermissions("can_use_post_smilies") || (isset($_POST['disablesmilies']) && $_POST['disablesmilies']==1)) $allowsmilies=0;
else $allowsmilies=1;
if(!checkpermissions("can_use_post_html") || (isset($_POST['disablehtml']) && $_POST['disablehtml']==1)) $allowhtml=0;
else $allowhtml=1;
if(!checkpermissions("can_use_post_bbcode") || (isset($_POST['disablebbcode']) && $_POST['disablebbcode']==1)) $allowbbcode=0;
else $allowbbcode=1;
if(!checkpermissions("can_use_post_images") || (isset($_POST['disableimages']) && $_POST['disableimages']==1)) $allowimages=0;
else $allowimages=1;
/* posting feature rights:end */
if(!isset($_POST['preview'])) {
$error="";
/* verify guestname */
if(!$wbbuserdata['userid']) {
$wbbuserdata['username']=$guestname;
if(!$wbbuserdata['username'] || !verify_username($wbbuserdata['username'])) $error .= $lang->items['LANG_POST_ERROR2'];
}
/* check message */
if(!$topic || !$message) $error .= $lang->items['LANG_POSTINGS_ERROR1'];
if(flood_control($wbbuserdata['userid'],$REMOTE_ADDR,$wbbuserdata['avoid_fc'])) eval ("\$error .= \"".$lang->get4eval("LANG_POST_ERROR3")."\";");
if($wbbuserdata['max_post_image']!=-1 && substr_count(strtolower($message),"[img]")>$wbbuserdata['max_post_image']) $error .= $lang->items['LANG_POST_ERROR4'];
if($error) eval ("\$newthread_error = \"".$tpl->get("newthread_error")."\";");
else {
/* parse url */
if($_POST['parseurl']==1 && $allowbbcode==1) $message=parseURL($message);
/* thread already exists? */
$result = $db->query_first("SELECT threadid FROM bb".$n."_threads WHERE boardid = '".$boardid."' AND starterid='$wbbuserdata[userid]' AND starter='".addslashes($wbbuserdata['username'])."' AND topic='".addslashes($topic)."' AND starttime>='".(time() - $dpvtime)."'", 1);
if ($result['threadid']) {
header("Location: thread.php?threadid=$result[threadid]&sid=$session[hash]");
exit();
}
/* verify poll */
if(isset($_POST['poll_id'])) {
$poll_id=intval($_POST['poll_id']);
$poll_verify = $db->query_first("SELECT threadid FROM bb".$n."_polls WHERE pollid = '$poll_id'");
if($poll_verify['threadid'] || $poll_verify['threadid']!=0) $poll_id=0;
}
else $poll_id=0;
/* avoid moderation */
if(checkpermissions("can_post_without_moderation")==1) $board['moderatenew']=0;
$time=time();
/* mod options */
if(intval($_POST['important'])==1 && checkmodpermissions("m_can_thread_top")) $important=1;
elseif(intval($_POST['important'])==2 && checkmodpermissions("m_can_announce")) $important=2;
else $important=0;
/* verify prefix */
if(isset($_POST['prefix']) && $_POST['prefix'] && $board['prefixuse']>0 && checkpermissions("can_use_prefix")) {
if($board['prefixuse']==1) $ch_prefix = $default_prefix;
if($board['prefixuse']==2) $ch_prefix = $default_prefix."\n".$board['prefix'];
if($board['prefixuse']==3) $ch_prefix = $board['prefix'];
$ch_prefix = preg_replace("/\s*\n\s*/","\n",wbb_trim($ch_prefix));
$ch_prefix = explode("\n",$ch_prefix);
if(in_array($_POST['prefix'], $ch_prefix)) $prefix=$_POST['prefix'];
else $prefix="";
}
else $prefix="";
/* insert thread */
$db->query("INSERT INTO bb".$n."_threads (boardid,prefix,topic,iconid,starttime,starterid,starter,lastposttime,lastposterid,lastposter,attachments,pollid,important,visible) VALUES ('$boardid','".addslashes($prefix)."','".addslashes($topic)."','$iconid','$time','$wbbuserdata[userid]','".addslashes($wbbuserdata['username'])."','$time','$wbbuserdata[userid]','".addslashes($wbbuserdata['username'])."','".(($attachment_id) ? (1) : (0))."','$poll_id','$important','".(($board['moderatenew']==10 || $board['moderatenew']==11) ? (0) : (1))."')");
$threadid=$db->insert_id();
/* set poll threadid */
if($_POST['poll_id']) $db->unbuffered_query("UPDATE bb".$n."_polls SET threadid='$threadid' WHERE pollid='$poll_id'",1);
/* insert post */
$db->query("INSERT INTO bb".$n."_posts (threadid,userid,username,iconid,posttopic,posttime,message,attachmentid,allowsmilies,allowhtml,allowbbcode,allowimages,showsignature,ipaddress,visible) VALUES
('$threadid','$wbbuserdata[userid]','".addslashes($wbbuserdata['username'])."','$iconid','".addslashes($topic)."','$time','".addslashes($message)."','$attachment_id','$allowsmilies','$allowhtml','$allowbbcode','$allowimages','".intval($_POST['showsignature'])."','".addslashes($REMOTE_ADDR)."','".(($board['moderatenew']==10 || $board['moderatenew']==11) ? (0) : (1))."')");
$postid=$db->insert_id();
/* set attachment postid */
if($attachment_id) $db->unbuffered_query("UPDATE bb".$n."_attachments SET postid='$postid' WHERE attachmentid='$attachment_id'",1);
/* insert subscription */
if($_POST['emailnotify']==1 && $wbbuserdata['userid']) $db->unbuffered_query("INSERT INTO bb".$n."_subscribethreads (userid,threadid,emailnotify,countemails) VALUES ($wbbuserdata[userid],$threadid,1,0)",1);
/* wordmatch */
wordmatch($postid,$message,$topic);
/* mod subscriptions */
$subscriptions="";
$langpacks = array();
$langpacks[$lang->languagepackid]=$lang;
$result=$db->query("SELECT u.userid, u.email, u.username, l.languagepackid FROM bb".$n."_moderators m LEFT JOIN bb".$n."_users u USING(userid) LEFT JOIN bb".$n."_languagepacks l ON(l.languagepackid=u.langid) WHERE m.userid<>'$wbbuserdata[userid]' AND m.boardid ='".$boardid."' AND m.notify_newthread=1");
while($row=$db->fetch_array($result)) {
$subscriptions .= "," . $row['userid'];
if(!isset($langpacks[$row['languagepackid']])) {
$langpacks[$row['languagepackid']]=new language(intval($row['languagepackid']));
$langpacks[$row['languagepackid']]->load("OWN,MAIL");
}
$master_board_name_email = getlangvar($o_master_board_name, $langpacks[$row['languagepackid']], 0);
$board['title'] = getlangvar($board['o_title'], $langpacks[$row['languagepackid']], 0);
eval ("\$mail_subject = \"".$langpacks[$row['languagepackid']]->get4eval("LANG_MAIL_MOD_NEWTHREAD_SUBJECT")."\";");
eval ("\$mail_text = \"".$langpacks[$row['languagepackid']]->get4eval("LANG_MAIL_MOD_NEWTHREAD_TEXT")."\";");
mailer($row['email'],$mail_subject,$mail_text);
}
if($board['moderatenew']==10 || $board['moderatenew']==11) redirect($lang->items['LANG_POST_REDIRECT'],"board.php?boardid=$boardid&sid=$session[hash]",10);
else {
/* update board info */
$db->unbuffered_query("UPDATE bb".$n."_boards SET threadcount=threadcount+1, postcount=postcount+1, lastthreadid='$threadid', lastposttime='$time', lastposterid='$wbbuserdata[userid]', lastposter='".addslashes($wbbuserdata['username'])."' WHERE boardid IN ($board[parentlist],$boardid)",1);
/* update global threadcount & postcount */
$db->unbuffered_query("UPDATE bb".$n."_stats SET threadcount=threadcount+1, postcount=postcount+1",1);
/* update userposts & rank */
if($board['countuserposts']==1 && $wbbuserdata['userid']) {
$wbbuserdata['userposts']+=1;
list($rankid)=$db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid IN ('0','$wbbuserdata[rankgroupid]') AND needposts<='$wbbuserdata[userposts]' AND gender IN ('0','$wbbuserdata[gender]') ORDER BY needposts DESC, gender DESC",1);
$db->unbuffered_query("UPDATE bb".$n."_users SET userposts=userposts+1".(($rankid!=$wbbuserdata['rankid']) ? (", rankid='$rankid'") : (""))." WHERE userid = '$wbbuserdata[userid]'",1);
checkPosts4AI();
}
/* subscriptions */
$result=$db->query("SELECT u.email, u.username, s.countemails, l.languagepackid FROM bb".$n."_subscribeboards s LEFT JOIN bb".$n."_users u USING(userid) LEFT JOIN bb".$n."_languagepacks l ON(l.languagepackid=u.langid) WHERE s.boardid='$boardid' AND s.userid NOT IN (" . $wbbuserdata['userid'] . $subscriptions . ") AND s.emailnotify=1 AND s.countemails<'$maxnotifymails' AND u.email is not null");
while($row=$db->fetch_array($result)) {
if(!isset($langpacks[$row['languagepackid']])) {
$langpacks[$row['languagepackid']]=new language(intval($row['languagepackid']));
$langpacks[$row['languagepackid']]->load("OWN,MAIL");
}
$master_board_name_email = getlangvar($o_master_board_name, $langpacks[$row['languagepackid']], 0);
$board['title'] = getlangvar($board['o_title'], $langpacks[$row['languagepackid']], 0);
eval ("\$mail_subject = \"".$langpacks[$row['languagepackid']]->get4eval("LANG_MAIL_NEWTHREAD_SUBJECT")."\";");
eval ("\$mail_text = \"".$langpacks[$row['languagepackid']]->get4eval("LANG_MAIL_NEWTHREAD_TEXT")."\";");
mailer($row['email'],$mail_subject,$mail_text);
}
$db->unbuffered_query("UPDATE bb".$n."_subscribeboards SET countemails=countemails+1 WHERE boardid='$boardid' AND userid<>'$wbbuserdata[userid]' AND emailnotify=1 AND countemails<'$maxnotifymails'",1);
if($important==2) {
$db->unbuffered_query("INSERT INTO bb".$n."_announcements (boardid,threadid) VALUES ('$boardid','$threadid')",1);
header("Location: newthread.php?action=announce&threadid=$threadid&sid=$session[hash]");
}
else header("Location: thread.php?threadid=$threadid&sid=$session[hash]");
exit();
}
}
}
else {
include("./acp/lib/class_parse.php");
$parse = new parse($docensor,75,$wbbuserdata['showimages'],"",$usecode);
$preview_topic=htmlconverter(textwrap($topic));
$preview_message=$parse->doparse((($_POST['parseurl']==1 && $allowbbcode) ? (parseURL($message)) : ($message)),$allowsmilies,$allowhtml,$allowbbcode,$allowimages);
if($iconid!=0) {
$result = $db->query_first("SELECT * FROM bb".$n."_icons WHERE iconid = '$iconid'");
$preview_posticon=makeimgtag($result['iconpath'],getlangvar($result['icontitle'], $lang),0);
}
eval ("\$preview_window = \"".$tpl->get("newthread_preview")."\";");
}
if($_POST['parseurl']==1 && !$_POST['disablebbcode']) $checked[0]="checked=\"checked\"";
else $checked[0]="";
if($_POST['emailnotify']==1) $checked[1]="checked=\"checked\"";
else $checked[1]="";
if($_POST['disablesmilies']==1) $checked[2]="checked=\"checked\"";
else $checked[2]="";
if($_POST['disablehtml']==1) $checked[3]="checked=\"checked\"";
else $checked[3]="";
if($_POST['disablebbcode']==1) $checked[4]="checked=\"checked\"";
else $checked[4]="";
if($_POST['disableimages']==1) $checked[5]="checked=\"checked\"";
else $checked[5]="";
if($_POST['showsignature']==1) $checked[6]="checked=\"checked\"";
else $checked[6]="";
if(isset($_POST['important'])) {
if($_POST['important']==2) $imp_checked[2]="checked=\"checked\"";
if($_POST['important']==1) $imp_checked[1]="checked=\"checked\"";
if($_POST['important']!=0) $imp_checked[0]="";
}
if(isset($_POST['attachmentname'])) $attachmentname=$_POST['attachmentname'];
else $attachmentname="";
if(isset($_POST['attachment_id'])) $attachment_id=$_POST['attachment_id'];
else $attachment_id=0;
}
$navbar=getNavbar($board['parentlist']);
eval ("\$navbar .= \"".$tpl->get("navbar_board")."\";");
eval ("\$newthread_username = \"".$tpl->get("newthread_username")."\";");
if(!isset($iconid)) $iconid=0;
if(checkpermissions("can_use_post_icons")==1) $newthread_icons = getIcons($iconid);
if(checkpermissions("can_use_post_bbcode")==1) $bbcode_buttons = getcodebuttons();
if(checkpermissions("can_use_post_smilies")==1) $bbcode_smilies = getclickysmilies($smilie_table_cols,$smilie_table_rows);
$note="";
if(checkpermissions("can_use_post_html")==0) $note .= $lang->items['LANG_POSTINGS_HTML_NOT_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_HTML_ALLOW'];
if(checkpermissions("can_use_post_bbcode")==0) $note .= $lang->items['LANG_POSTINGS_BBCODE_NOT_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_BBCODE_ALLOW'];
if(checkpermissions("can_use_post_smilies")==0) $note .= $lang->items['LANG_POSTINGS_SMILIES_NOT_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_SMILIES_ALLOW'];
if(checkpermissions("can_use_post_images")==0) $note .= $lang->items['LANG_POSTINGS_HTML_IMAGES_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_IMAGES_ALLOW'];
if(checkpermissions("can_upload_attachments")==1) eval ("\$attachment = \"".$tpl->get("newthread_attachment")."\";");
else $attachment="";
if(isset($message)) $message=htmlconverter($message);
if(isset($topic)) $topic=htmlconverter($topic);
if(isset($guestname)) $guestname=htmlconverter($guestname);
if($board['prefixuse']>0 && checkpermissions("can_use_prefix")) {
if($board['prefixuse']==1) $ch_prefix = $default_prefix;
if($board['prefixuse']==2) $ch_prefix = $default_prefix."\n".$board['prefix'];
if($board['prefixuse']==3) $ch_prefix = $board['prefix'];
$ch_prefix = preg_replace("/\s*\n\s*/","\n",wbb_trim($ch_prefix));
$ch_prefix = explode("\n",$ch_prefix);
sort($ch_prefix);
$prefix_options="";
$_POST['prefix']=htmlconverter($_POST['prefix']);
for($i=0;$i<count($ch_prefix);$i++) {
$ch_prefix[$i]=htmlconverter($ch_prefix[$i]);
$prefix_options.=makeoption($ch_prefix[$i],$ch_prefix[$i],$_POST['prefix'],1);
}
if($prefix_options!="") eval ("\$select_prefix = \"".$tpl->get("newthread_prefix")."\";");
}
eval ("\$headinclude .= \"".$tpl->get("bbcode_script")."\";");
eval("\$tpl->output(\"".$tpl->get("newthread")."\");");
?> |