1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
|
<?php
$filename="newthread.php";
require("./global.php");
if($_REQUEST['action']=="announce") {
if(!isset($threadid) || $thread['important']!=2) eval("error("".$tpl->get("error_falselink")."");");
if(($wbbuserdata['issupermod']==0 && $modpermissions['userid']!=$wbbuserdata['userid']) || !$wbbuserdata['userid']) access_error();
$action="announce";
if(isset($_POST['send'])) {
$boardids = $_POST['boardids'];
if(count($boardids)) {
$boardids = implode("','$threadid'),('",$boardids);
$db->query("INSERT IGNORE INTO bb".$n."_announcements (boardid,threadid) VALUES ('$boardids','$threadid')");
}
header("Location: thread.php?threadid=$threadid&sid=$session[hash]");
exit();
}
$result = $db->query("SELECT boardid, parentid, boardorder, title, invisible FROM bb".$n."_boards ORDER by parentid ASC, boardorder ASC");
while ($row = $db->fetch_array($result)) $boardcache[$row['parentid']][$row['boardorder']][$row['boardid']] = $row;
$result = $db->query("SELECT * FROM bb".$n."_permissions WHERE groupid = '$wbbuserdata[groupid]'");
while ($row = $db->fetch_array($result)) $permissioncache[$row['boardid']] = $row;
$board_options=makeboardselect(0,1,$boardid);
$navbar=getNavbar($board['parentlist']);
eval ("\$navbar .= "".$tpl->get("navbar_board")."";");
eval("\$tpl->output("".$tpl->get("newthread_announce")."");");
exit();
}
require("./acp/lib/class_parse.php");
unset($message);
unset($topic);
unset($guestname);
if(!isset($boardid)) eval("error("".$tpl->get("error_falselink")."");");
if($wbbuserdata['canstarttopic']==0 || $board['startpermission']==0 || $board['closed']==1 || $board['isboard']==0) access_error();
if($newthread_default_checked_0==1) $checked[0]="checked";
if($wbbuserdata['emailnotify']==1) $checked[1]="checked";
if($newthread_default_checked_2==1) $checked[2]="checked";
if($newthread_default_checked_3==1) $checked[3]="checked";
$imp_checked[0]="checked";
if(isset($_POST['send'])) {
$topic=trim($_POST['topic']);
if($dostopshooting==1) $topic=stopShooting($topic);
$message=stripcrap(trim($_POST['message']));
if(isset($_POST['iconid'])) $iconid=intval($_POST['iconid']);
else $iconid=0;
if(!$wbbuserdata['userid']) $guestname=trim($_POST['guestname']);
if(!isset($_POST['preview'])) {
$error="";
if(!$wbbuserdata['userid']) {
$wbbuserdata['username']=$guestname;
if(!$wbbuserdata['username'] || !verify_username($wbbuserdata['username'])) eval ("\$error .= "".$tpl->get("newthread_error2")."";");
$wbbuserdata['username']=htmlspecialchars($wbbuserdata['username']);
}
if(!$topic || !$message) eval ("\$error .= "".$tpl->get("newthread_error1")."";");
if(flood_control($wbbuserdata['userid'],$REMOTE_ADDR,$wbbuserdata['avoidfc'])) eval ("\$error .= "".$tpl->get("newthread_error3")."";");
if($wbbuserdata['maxpostimage']!=-1 && substr_count(strtolower($message),"[img]")>$wbbuserdata['maxpostimage']) eval ("\$error .= "".$tpl->get("newthread_error4")."";");
if($error) eval ("\$newthread_error .= "".$tpl->get("newthread_error")."";");
else {
if($_POST['parseurl']==1) $message=parseURL($message);
$result=$db->query_first("SELECT postid FROM bb".$n."_posts WHERE userid='$wbbuserdata[userid]' AND username='".addslashes($wbbuserdata['username'])."' AND iconid='$iconid' AND posttopic='".addslashes(htmlspecialchars($topic))."' AND message='".addslashes($message)."' AND ipaddress='".$REMOTE_ADDR."' AND posttime>='".(time()-$dpvtime)."'",1);
if($result['postid']) {
header("Location: thread.php?postid=$result[postid]&sid=$session[hash]#post$result[postid]");
exit();
}
if(isset($_POST['poll_id'])) {
$poll_id=intval($_POST['poll_id']);
$poll_verify = $db->query_first("SELECT threadid FROM bb".$n."_polls WHERE pollid = '$poll_id'");
if($poll_verify['threadid'] || $poll_verify['threadid']!=0) $poll_id=0;
}
else $poll_id=0;
if($wbbuserdata['canpostwithoutmoderation']==1) $board['moderatenew']=0;
$time=time();
if(isset($_POST['important']) && ($wbbuserdata['issupermod'] || ($modpermissions['userid']==$wbbuserdata['userid'] && $wbbuserdata['userid']))) $important=intval($_POST['important']);
else $important=0;
$db->query("INSERT INTO bb".$n."_threads (threadid,boardid,topic,iconid,starttime,starterid,starter,lastposttime,lastposterid,lastposter,pollid,important,visible,thx) VALUES (NULL,'$boardid','".addslashes(htmlspecialchars($topic))."','$iconid','$time','$wbbuserdata[userid]','".addslashes($wbbuserdata[username])."','$time','$wbbuserdata[userid]','".addslashes($wbbuserdata[username])."','$poll_id','$important','".ifelse($board['moderatenew']==10 || $board['moderatenew']==11,0,1)."')");
$threadid=$db->insert_id();
if($_POST['poll_id']) $db->unbuffered_query("UPDATE bb".$n."_polls SET threadid='$threadid' WHERE pollid='$poll_id'",1);
$db->query("INSERT INTO bb".$n."_posts (postid,threadid,userid,username,iconid,posttopic,posttime,message,allowsmilies,showsignature,ipaddress,visible) VALUES (NULL,'$threadid','$wbbuserdata[userid]','".addslashes($wbbuserdata['username'])."','$iconid','".addslashes(htmlspecialchars($topic))."','$time','".addslashes($message)."','".(1-intval($_POST['disablesmilies']))."','".intval($_POST['showsignature'])."','".$REMOTE_ADDR."','".ifelse($board['moderatenew']==10 || $board['moderatenew']==11,0,1)."')");
$postid=$db->insert_id();
if($_POST['emailnotify']==1 && $wbbuserdata['userid']) $db->query("INSERT INTO bb".$n."_subscribethreads (userid,threadid,emailnotify,countemails) VALUES ($wbbuserdata[userid],$threadid,1,0)");
wordmatch($postid,$message,$topic);
if($board['moderatenew']==10 || $board['moderatenew']==11) eval("redirect("".$tpl->get("redirect_waiting4moderation")."","board.php?boardid=$boardid&sid=$session[hash]",10);");
else {
$db->query("UPDATE bb".$n."_boards SET threadcount=threadcount+1, postcount=postcount+1, lastthreadid='$threadid', lastposttime='$time', lastposterid='$wbbuserdata[userid]', lastposter='".addslashes($wbbuserdata[username])."' WHERE boardid IN ($board[parentlist],$boardid)");
$wbbuserdata['userposts']+=1;
list($rankid)=$db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid IN ('0','$wbbuserdata[groupid]') AND needposts<='$wbbuserdata[userposts]' AND gender IN ('0','$wbbuserdata[gender]') ORDER BY needposts DESC, gender DESC LIMIT 1");
$db->query("UPDATE bb".$n."_users SET userposts=userposts+1".ifelse($rankid!=$wbbuserdata['rankid'],", rankid='$rankid'","")." WHERE userid = '$wbbuserdata[userid]'");
$result=$db->query("SELECT u.email, u.username, s.countemails FROM bb".$n."_subscribeboards s LEFT JOIN bb".$n."_users u USING(userid) WHERE s.boardid='$boardid' AND s.userid<>'$wbbuserdata[userid]' AND s.emailnotify=1 AND s.countemails<'$maxnotifymails' AND u.email is not null");
while($row=$db->fetch_array($result)) {
eval ("\$mail_subject = "".$tpl->get("ms_newthread")."";");
if($row['countemails']==$maxnotifymails-1) eval ("\$mail_text = "".$tpl->get("mt_newthread_lastone")."";");
else eval ("\$mail_text = "".$tpl->get("mt_newthread")."";");
mailer($row['email'],$mail_subject,$mail_text);
}
$db->query("UPDATE bb".$n."_subscribeboards SET countemails=countemails+1 WHERE boardid='$boardid' AND userid<>'$wbbuserdata[userid]' AND emailnotify=1 AND countemails<'$maxnotifymails'");
if($important==2) {
$db->unbuffered_query("INSERT INTO bb".$n."_announcements (boardid,threadid) VALUES ('$boardid','$threadid')",1);
header("Location: newthread.php?action=announce&threadid=$threadid&sid=$session[hash]");
}
else header("Location: thread.php?threadid=$threadid&sid=$session[hash]");
exit();
}
}
}
else {
$allowsmilies=1-intval($_POST['disablesmilies']);
$parse = new parse($docensor,75,$allowsmilies*$board['allowsmilies'],$board['allowbbcode'],$wbbuserdata['showimages'],$usecode);
$preview_topic=$parse->textwrap(htmlspecialchars($topic),30);
$preview_message=$parse->doparse(ifelse($_POST['parseurl']==1,parseURL($message),$message),$allowsmilies*$board['allowsmilies'],$board['allowhtml'],$board['allowbbcode'],$board['allowimages']);
if($iconid) {
$result = $db->query_first("SELECT * FROM bb".$n."_icons WHERE iconid = '$iconid'");
$preview_posticon=makeimgtag($result['iconpath'],$result['icontitle']);
}
eval ("\$preview_window = "".$tpl->get("newthread_preview")."";");
}
if($_POST['parseurl']==1) $checked[0]="checked";
else $checked[0]="";
if($_POST['emailnotify']==1) $checked[1]="checked";
else $checked[1]="";
if($_POST['disablesmilies']==1) $checked[2]="checked";
else $checked[2]="";
if($_POST['showsignature']==1) $checked[3]="checked";
else $checked[3]="";
if(isset($_POST['important'])) {
if($_POST['important']==2) $imp_checked[2]="checked";
if($_POST['important']==1) $imp_checked[1]="checked";
if($_POST['important']!=0) $imp_checked[0]="";
}
}
$navbar=getNavbar($board['parentlist']);
eval ("\$navbar .= "".$tpl->get("navbar_board")."";");
if($wbbuserdata['userid']==0) eval ("\$newthread_username .= "".$tpl->get("newthread_username_input")."";");
else eval ("\$newthread_username .= "".$tpl->get("newthread_username")."";");
if(!isset($iconid)) $iconid=0;
if($board['allowicons']==1) {
$ICONselected[$iconid]="checked";
$result = $db->query("SELECT * FROM bb".$n."_icons ORDER BY iconorder ASC");
$iconcount=0;
while($row=$db->fetch_array($result)) {
$row_iconid=$row['iconid'];
eval ("\$choice_posticons .= "".$tpl->get("newthread_iconbit")."";");
if($iconcount==6) {
$choice_posticons.="<br>";
$iconcount=0;
}
else $iconcount++;
}
eval ("\$newthread_icons .= "".$tpl->get("newthread_icons")."";");
}
if($board['allowbbcode']==1) $bbcode_buttons = getcodebuttons();
if($board['allowsmilies']==1) $bbcode_smilies = getclickysmilies($smilie_table_cols,$smilie_table_rows);
eval ("\$note .= "".$tpl->get("note_html_".ifelse($board['allowhtml']==0,"not_")."allow")."";");
eval ("\$note .= "".$tpl->get("note_bbcode_".ifelse($board['allowbbcode']==0,"not_")."allow")."";");
eval ("\$note .= "".$tpl->get("note_smilies_".ifelse($board['allowsmilies']==0,"not_")."allow")."";");
eval ("\$note .= "".$tpl->get("note_images_".ifelse($board['allowimages']==0,"not_")."allow")."";");
if($wbbuserdata['canpostpoll'] && $board['allowpolls']==1) eval ("\$poll = "".$tpl->get("newthread_poll")."";");
if($wbbuserdata['issupermod'] || ($wbbuserdata['userid'] && $modpermissions['userid']==$wbbuserdata['userid'])) eval ("\$newthread_important = "".$tpl->get("newthread_important")."";");
if(isset($message)) $message=parse::convertHTML($message);
if(isset($topic)) $topic=str_replace(""",""",$topic);
if(isset($guestname)) $guestname=str_replace(""",""",$guestname);
eval("\$tpl->output("".$tpl->get("newthread")."");");
?>
|