[Wbblite] closed

1:
2:
3:
4:
5:
6:
7:
8:
9:
10:

<?php
$filename="newthread.php";

require("./global.php");

if($_REQUEST['action']=="announce") {
 if(!isset($threadid) || $thread['important']!=2) eval("error("".$tpl->get("error_falselink")."");");
 if(($wbbuserdata['issupermod']==0 && $modpermissions['userid']!=$wbbuserdata['userid']) || !$wbbuserdata['userid']) access_error();
 $action="announce";

1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:

if($board['allowbbcode']==1) $bbcode_buttons = getcodebuttons();
if($board['allowsmilies']==1) $bbcode_smilies = getclickysmilies($smilie_table_cols,$smilie_table_rows);

eval ("\$note .= "".$tpl->get("note_html_".ifelse($board['allowhtml']==0,"not_")."allow")."";");
eval ("\$note .= "".$tpl->get("note_bbcode_".ifelse($board['allowbbcode']==0,"not_")."allow")."";");
eval ("\$note .= "".$tpl->get("note_smilies_".ifelse($board['allowsmilies']==0,"not_")."allow")."";");
eval ("\$note .= "".$tpl->get("note_images_".ifelse($board['allowimages']==0,"not_")."allow")."";");

if($wbbuserdata['canpostpoll'] && $board['allowpolls']==1) eval ("\$poll = "".$tpl->get("newthread_poll")."";");
if($wbbuserdata['issupermod'] || ($wbbuserdata['userid'] && $modpermissions['userid']==$wbbuserdata['userid'])) eval ("\$newthread_important = "".$tpl->get("newthread_important")."";");

if(isset($message)) $message=parse::convertHTML($message);
if(isset($topic)) $topic=str_replace(""",""",$topic);
if(isset($guestname)) $guestname=str_replace(""",""",$guestname);

eval("\$tpl->output("".$tpl->get("newthread")."");");
?>

1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:

<?php
$filename="newthread.php";

require("./global.php");

if($_REQUEST['action']=="announce") {
 if(!isset($threadid) || $thread['important']!=2) eval("error("".$tpl->get("error_falselink")."");");
 if(($wbbuserdata['issupermod']==0 && $modpermissions['userid']!=$wbbuserdata['userid']) || !$wbbuserdata['userid']) access_error();
 $action="announce";

 if(isset($_POST['send'])) {
  $boardids = $_POST['boardids'];
  if(count($boardids)) {
   $boardids = implode("','$threadid'),('",$boardids);
   $db->query("INSERT IGNORE INTO bb".$n."_announcements (boardid,threadid) VALUES ('$boardids','$threadid')");
  }

  header("Location: thread.php?threadid=$threadid&sid=$session[hash]");
  exit();
 }

 $result = $db->query("SELECT boardid, parentid, boardorder, title, invisible FROM bb".$n."_boards ORDER by parentid ASC, boardorder ASC");
 while ($row = $db->fetch_array($result)) $boardcache[$row['parentid']][$row['boardorder']][$row['boardid']] = $row;

 $result = $db->query("SELECT * FROM bb".$n."_permissions WHERE groupid = '$wbbuserdata[groupid]'");
 while ($row = $db->fetch_array($result)) $permissioncache[$row['boardid']] = $row;

 $board_options=makeboardselect(0,1,$boardid);

 $navbar=getNavbar($board['parentlist']);
 eval ("\$navbar .= "".$tpl->get("navbar_board")."";");

 eval("\$tpl->output("".$tpl->get("newthread_announce")."");");
 exit();
}

require("./acp/lib/class_parse.php");

unset($message);
unset($topic);
unset($guestname);

if(!isset($boardid)) eval("error("".$tpl->get("error_falselink")."");");
if($wbbuserdata['canstarttopic']==0 || $board['startpermission']==0 || $board['closed']==1 || $board['isboard']==0) access_error();

if($newthread_default_checked_0==1) $checked[0]="checked";
if($wbbuserdata['emailnotify']==1) $checked[1]="checked";
if($newthread_default_checked_2==1) $checked[2]="checked";
if($newthread_default_checked_3==1) $checked[3]="checked";
$imp_checked[0]="checked";


if(isset($_POST['send'])) {
 $topic=trim($_POST['topic']);
 if($dostopshooting==1) $topic=stopShooting($topic);
 $message=stripcrap(trim($_POST['message']));
 if(isset($_POST['iconid'])) $iconid=intval($_POST['iconid']);
 else $iconid=0;
 if(!$wbbuserdata['userid']) $guestname=trim($_POST['guestname']);

 if(!isset($_POST['preview'])) {
  $error="";
  if(!$wbbuserdata['userid']) {
   $wbbuserdata['username']=$guestname;
   if(!$wbbuserdata['username'] || !verify_username($wbbuserdata['username'])) eval ("\$error .= "".$tpl->get("newthread_error2")."";");
   $wbbuserdata['username']=htmlspecialchars($wbbuserdata['username']);
  }
  if(!$topic || !$message) eval ("\$error .= "".$tpl->get("newthread_error1")."";");
  if(flood_control($wbbuserdata['userid'],$REMOTE_ADDR,$wbbuserdata['avoidfc'])) eval ("\$error .= "".$tpl->get("newthread_error3")."";");
  if($wbbuserdata['maxpostimage']!=-1 && substr_count(strtolower($message),"[img]")>$wbbuserdata['maxpostimage']) eval ("\$error .= "".$tpl->get("newthread_error4")."";");
  if($error) eval ("\$newthread_error .= "".$tpl->get("newthread_error")."";");
  else {
   if($_POST['parseurl']==1) $message=parseURL($message);
   $result=$db->query_first("SELECT postid FROM bb".$n."_posts WHERE userid='$wbbuserdata[userid]' AND username='".addslashes($wbbuserdata['username'])."' AND iconid='$iconid' AND posttopic='".addslashes(htmlspecialchars($topic))."' AND message='".addslashes($message)."' AND ipaddress='".$REMOTE_ADDR."' AND posttime>='".(time()-$dpvtime)."'",1);
   if($result['postid']) {
    header("Location: thread.php?postid=$result[postid]&sid=$session[hash]#post$result[postid]");
    exit();
   }

   if(isset($_POST['poll_id'])) {
    $poll_id=intval($_POST['poll_id']);
    $poll_verify = $db->query_first("SELECT threadid FROM bb".$n."_polls WHERE pollid = '$poll_id'");
    if($poll_verify['threadid'] || $poll_verify['threadid']!=0) $poll_id=0;
   }
   else $poll_id=0;

   if($wbbuserdata['canpostwithoutmoderation']==1) $board['moderatenew']=0;
   $time=time();
   if(isset($_POST['important']) && ($wbbuserdata['issupermod'] || ($modpermissions['userid']==$wbbuserdata['userid'] && $wbbuserdata['userid']))) $important=intval($_POST['important']);
   else $important=0;

   $db->query("INSERT INTO bb".$n."_threads (threadid,boardid,topic,iconid,starttime,starterid,starter,lastposttime,lastposterid,lastposter,pollid,important,visible) VALUES (NULL,'$boardid','".addslashes(htmlspecialchars($topic))."','$iconid','$time','$wbbuserdata[userid]','".addslashes($wbbuserdata[username])."','$time','$wbbuserdata[userid]','".addslashes($wbbuserdata[username])."','$poll_id','$important','".ifelse($board['moderatenew']==10 || $board['moderatenew']==11,0,1)."')");
   $threadid=$db->insert_id();

   if($_POST['poll_id']) $db->unbuffered_query("UPDATE bb".$n."_polls SET threadid='$threadid' WHERE pollid='$poll_id'",1);

   $db->query("INSERT INTO bb".$n."_posts (postid,threadid,userid,username,iconid,posttopic,posttime,message,allowsmilies,showsignature,ipaddress,visible) VALUES (NULL,'$threadid','$wbbuserdata[userid]','".addslashes($wbbuserdata['username'])."','$iconid','".addslashes(htmlspecialchars($topic))."','$time','".addslashes($message)."','".(1-intval($_POST['disablesmilies']))."','".intval($_POST['showsignature'])."','".$REMOTE_ADDR."','".ifelse($board['moderatenew']==10 || $board['moderatenew']==11,0,1)."')");
   $postid=$db->insert_id();

   if($_POST['emailnotify']==1 && $wbbuserdata['userid']) $db->query("INSERT INTO bb".$n."_subscribethreads (userid,threadid,emailnotify,countemails) VALUES ($wbbuserdata[userid],$threadid,1,0)");

   wordmatch($postid,$message,$topic);
   if($board['moderatenew']==10 || $board['moderatenew']==11) eval("redirect("".$tpl->get("redirect_waiting4moderation")."","board.php?boardid=$boardid&sid=$session[hash]",10);");
   else {
    $db->query("UPDATE bb".$n."_boards SET threadcount=threadcount+1, postcount=postcount+1, lastthreadid='$threadid', lastposttime='$time', lastposterid='$wbbuserdata[userid]', lastposter='".addslashes($wbbuserdata[username])."' WHERE boardid IN ($board[parentlist],$boardid)");
     $wbbuserdata['userposts']+=1;
     list($rankid)=$db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid IN ('0','$wbbuserdata[groupid]') AND needposts<='$wbbuserdata[userposts]' AND gender IN ('0','$wbbuserdata[gender]') ORDER BY needposts DESC, gender DESC LIMIT 1");
     $db->query("UPDATE bb".$n."_users SET userposts=userposts+1".ifelse($rankid!=$wbbuserdata['rankid'],", rankid='$rankid'","")." WHERE userid = '$wbbuserdata[userid]'");

    $result=$db->query("SELECT u.email, u.username, s.countemails FROM bb".$n."_subscribeboards s LEFT JOIN bb".$n."_users u USING(userid) WHERE s.boardid='$boardid' AND s.userid<>'$wbbuserdata[userid]' AND s.emailnotify=1 AND s.countemails<'$maxnotifymails' AND u.email is not null");
    while($row=$db->fetch_array($result)) {
     eval ("\$mail_subject = "".$tpl->get("ms_newthread")."";");
     if($row['countemails']==$maxnotifymails-1) eval ("\$mail_text = "".$tpl->get("mt_newthread_lastone")."";");
     else eval ("\$mail_text = "".$tpl->get("mt_newthread")."";");
     mailer($row['email'],$mail_subject,$mail_text);
    }
    $db->query("UPDATE bb".$n."_subscribeboards SET countemails=countemails+1 WHERE boardid='$boardid' AND userid<>'$wbbuserdata[userid]' AND emailnotify=1 AND countemails<'$maxnotifymails'");

    if($important==2) {
     $db->unbuffered_query("INSERT INTO bb".$n."_announcements (boardid,threadid) VALUES ('$boardid','$threadid')",1);
     header("Location: newthread.php?action=announce&threadid=$threadid&sid=$session[hash]");
    }
    else header("Location: thread.php?threadid=$threadid&sid=$session[hash]");
    exit();
   }
  }
 }
 else {
  $allowsmilies=1-intval($_POST['disablesmilies']);
  $parse = new parse($docensor,75,$allowsmilies*$board['allowsmilies'],$board['allowbbcode'],$wbbuserdata['showimages'],$usecode);
  $preview_topic=$parse->textwrap(htmlspecialchars($topic),30);
  $preview_message=$parse->doparse(ifelse($_POST['parseurl']==1,parseURL($message),$message),$allowsmilies*$board['allowsmilies'],$board['allowhtml'],$board['allowbbcode'],$board['allowimages']);
  if($iconid) {
   $result = $db->query_first("SELECT * FROM bb".$n."_icons WHERE iconid = '$iconid'");
   $preview_posticon=makeimgtag($result['iconpath'],$result['icontitle']);
  }
  eval ("\$preview_window = "".$tpl->get("newthread_preview")."";");
 }
 if($_POST['parseurl']==1) $checked[0]="checked";
 else $checked[0]="";
 if($_POST['emailnotify']==1) $checked[1]="checked";
 else $checked[1]="";
 if($_POST['disablesmilies']==1) $checked[2]="checked";
 else $checked[2]="";
 if($_POST['showsignature']==1) $checked[3]="checked";
 else $checked[3]="";
 if(isset($_POST['important'])) {
  if($_POST['important']==2) $imp_checked[2]="checked";
  if($_POST['important']==1) $imp_checked[1]="checked";
  if($_POST['important']!=0) $imp_checked[0]="";
 }

}

$navbar=getNavbar($board['parentlist']);
eval ("\$navbar .= "".$tpl->get("navbar_board")."";");

if($wbbuserdata['userid']==0) eval ("\$newthread_username .= "".$tpl->get("newthread_username_input")."";");
else eval ("\$newthread_username .= "".$tpl->get("newthread_username")."";");

if(!isset($iconid)) $iconid=0;

if($board['allowicons']==1) {
 $ICONselected[$iconid]="checked";
 $result = $db->query("SELECT * FROM bb".$n."_icons ORDER BY iconorder ASC");
 $iconcount=0;
 while($row=$db->fetch_array($result)) {
  $row_iconid=$row['iconid'];
  eval ("\$choice_posticons .= "".$tpl->get("newthread_iconbit")."";");
  if($iconcount==6) {
   $choice_posticons.="<br>";
   $iconcount=0;
  }
  else $iconcount++;
 }
 eval ("\$newthread_icons .= "".$tpl->get("newthread_icons")."";");
}

if($board['allowbbcode']==1) $bbcode_buttons = getcodebuttons();
if($board['allowsmilies']==1) $bbcode_smilies = getclickysmilies($smilie_table_cols,$smilie_table_rows);

eval ("\$note .= "".$tpl->get("note_html_".ifelse($board['allowhtml']==0,"not_")."allow")."";");
eval ("\$note .= "".$tpl->get("note_bbcode_".ifelse($board['allowbbcode']==0,"not_")."allow")."";");
eval ("\$note .= "".$tpl->get("note_smilies_".ifelse($board['allowsmilies']==0,"not_")."allow")."";");
eval ("\$note .= "".$tpl->get("note_images_".ifelse($board['allowimages']==0,"not_")."allow")."";");

if($wbbuserdata['canpostpoll'] && $board['allowpolls']==1) eval ("\$poll = "".$tpl->get("newthread_poll")."";");
if($wbbuserdata['issupermod'] || ($wbbuserdata['userid'] && $modpermissions['userid']==$wbbuserdata['userid'])) eval ("\$newthread_important = "".$tpl->get("newthread_important")."";");

if(isset($message)) $message=parse::convertHTML($message);
if(isset($topic)) $topic=str_replace(""","&quot;",$topic);
if(isset($guestname)) $guestname=str_replace(""","&quot;",$guestname);

eval("\$tpl->output("".$tpl->get("newthread")."");");
?>

1:

$db->query("INSERT INTO bb".$n."_threads (threadid,boardid,topic,iconid,starttime,starterid,starter,lastposttime,lastposterid,lastposter,pollid,important,visible) VALUES (NULL,'$boardid','".addslashes(htmlspecialchars($topic))."','$iconid','$time','$wbbuserdata[userid]','".addslashes($wbbuserdata[username])."','$time','$wbbuserdata[userid]','".addslashes($wbbuserdata[username])."','$poll_id','$important','".ifelse($board['moderatenew']==10 || $board['moderatenew']==11,0,1)."')");

1:
2:
3:
4:
5:
6:

#### Anfang Themenbeschreibung ####
    $topicdescr = $HTTP_POST_VARS['subjectdescr'];
    $topicdescr = htmlspecialchars($topicdescr);
    $db->query("INSERT INTO bb".$n."_threads (threadid,boardid,topic,iconid,starttime,starterid,starter,lastposttime,lastposterid,lastposter,pollid,important,visible,descr) VALUES (NULL,'$boardid','".addslashes(htmlspecialchars($topic))."','$iconid','$time','$wbbuserdata[userid]','".addslashes($wbbuserdata[username])."','$time','$wbbuserdata[userid]','".addslashes($wbbuserdata[username])."','$poll_id','$important','".ifelse($board['moderatenew']==10 || $board['moderatenew']==11,0,1)."','".$topicdescr."')");    
    #### Ende Themenbeschreibung ####
    ### Original: $db->query("INSERT INTO bb".$n."_threads (threadid,boardid,topic,iconid,starttime,starterid,starter,lastposttime,lastposterid,lastposter,pollid,important,visible) VALUES (NULL,'$boardid','".addslashes(htmlspecialchars($topic))."','$iconid','$time','$wbbuserdata[userid]','".addslashes($wbbuserdata[username])."','$time','$wbbuserdata[userid]','".addslashes($wbbuserdata[username])."','$poll_id','$important','".ifelse($board['moderatenew']==10 || $board['moderatenew']==11,0,1)."')");

1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:

{!DOCTYPE}
<html>
<head>
<title>$master_board_name - Neues Thema erstellen</title>
$headinclude

$topicdescr = $HTTP_POST_VARS['subjectdescr']; 

<script language="javascript">
<!--
var postmaxchars = $postmaxchars;
function validate(theform) {
 if (theform.message.value=="" || theform.topic.value=="") {
  alert("Thema- und Nachrichtfeld müssen ausgefüllt werden!");
  return false;
 }
 if (postmaxchars != 0) {
  if (theform.message.value.length > postmaxchars) {
   alert("Ihre Nachricht ist zu lang. Bitte reduzieren Sie Ihre Nachricht auf "+postmaxchars+" Zeichen. Momentan ist sie "+theform.message.value.length+" Zeichen lang.");
   return false;
  }
  else return true;
 }
 else return true;
}
function checklength(theform) {
 if (postmaxchars != 0) message = " Die maximale Grenze liegt bei "+postmaxchars+" Zeichen.";
 else message = "";
 alert("Ihre Nachricht ist "+theform.message.value.length+" Zeichen lang."+message);
}
//-->
</script>
<script language="Javascript" src="bbcode.js"></script>
</head>

<body id="bg">
$header
 <tr bgcolor="{tablecolora}" id="tablea">
  <td><table cellpadding=0 cellspacing=0 border=0 width="100%">
   <tr>
    <td><smallfont><b><a href="index.php?sid=$session[hash]">$master_board_name</a>$navbar » Neues Thema erstellen</b></font></td>
    <td align="right"><smallfont><b>$usercbar</b></font></td>
   </tr>
  </table></td>
 </tr>
</table><br>$preview_window $newthread_error
<table cellpadding=4 cellspacing=1 border=0 width="{tableinwidth}" bgcolor="{tableinbordercolor}">
 <tr bgcolor="{tabletitlecolor}" id="tabletitle"><form action="newthread.php" method="post" name="bbform" onSubmit="return validate(this)">
  <td colspan=2><normalfont color="{fontcolorsecond}"><B>Neues Thema erstellen</B></font></td>
 </tr>
 <tr bgcolor="{tablecolorb}" id="tableb">
  <td><normalfont>Benutzername:</font></td>
  <td>$newthread_username</td>
 </tr>
 <tr bgcolor="{tablecolora}" id="tablea">
  <td><normalfont><b>Thema:</b></font></td>
  <td><input class="input" type="text" name="topic" value="$topic" SIZE=40 MAXLENGTH=100></td>
 </tr>
 <tr bgcolor="{tablecolora}" id="tablea">
  <td><normalfont><b>Beschreibung:</b></font></td>
  <td><input class="input" type="text" name="subjectdescr" value="$topicdescr" SIZE=40 MAXLENGTH=50></td>
 </tr>
 $newthread_icons
 <tr bgcolor="{tablecolora}" id="tablea">
  <td valign="top"><normalfont><b>Nachricht:</b></font>
   <p><table cellpadding=4 cellspacing=1 border=0 bgcolor="{tableinbordercolor}">
    <tr>
     <td bgcolor="{tablecolorb}" id="tableb" nowrap><smallfont>$note</font></td>
    </tr>
   </table></p>
   <p>$bbcode_smilies</p>
  </td>
  <td><table>
   <tr>
    <td align="center">$bbcode_buttons</td>
   </tr>
   <tr>
    <td><textarea name="message" rows=15 cols=60 wrap="soft" onChange=getActiveText(this) onclick=getActiveText(this) onFocus=getActiveText(this)>$message</textarea><br><smallfont><a href="javascript:checklength(document.bbform);">Nachrichtenl&auml;nge &uuml;berpr&uuml;fen</a></font></td>
   </tr>
  </table></td>
 </tr>
 <tr bgcolor="{tablecolorb}" id="tableb">
  <td valign="top"><normalfont>Optionen:</font></td>
  <td><smallfont><input type="checkbox" name="parseurl" value="1" $checked[0]> <B>URLs automatisch umwandeln:</B> f&uuml;gt automatisch [url] und [/url] in Internet-Adressen ein.
   <br><input type="checkbox" name="emailnotify" value="1" $checked[1]> <B>Benachrichtigung:</B> M&ouml;chten Sie &uuml;ber weitere Antworten per eMail benachrichtigt werden?
   <br><input type="checkbox" name="disablesmilies" value="1" $checked[2]> <B>Smilies in diesem Beitrag deaktivieren.</b>
   <br><input type="checkbox" name="showsignature" value="1" $checked[3]> <B>Signatur anzeigen:</B> Soll die im Profil eingestellte Signatur an den Beitrag angehangen werden?
   </font></td>
 </tr>
 $newthread_important
 $poll
</table>
<p align="center">
 <input type="hidden" name="send" value="send">
 <input type="hidden" name="boardid" value="$boardid">
 <input type="hidden" name="sid" value="$session[hash]">
 <input class="input" type="submit" name="submit" accesskey="S" value="Neues Thema erstellen">
 <input class="input" type="submit" name="preview" accesskey="P" value="Vorschau">
 <input class="input" type="reset" accesskey="R" value="Zur&uuml;cksetzen">
</p></form>
$footer
</body>
</html>