| Cleanup |
24th January 2014 23:03 |
Hi guys
can anyone help me and adapt this mod for this please?
ts_ajax.php
PHP Code:
<?php
function isvalidusername( $username )
{
if ( !preg_match( "|[^a-z\\|A-Z\\|0-9]|", $username ) )
{
return true;
}
return false;
}
function show_response( $message )
{
global $shoutboxcharset;
header( "Expires: Sat, 1 Jan 2000 01:00:00 GMT" );
header( "Last-Modified: ".gmdate( "D, d M Y H:i:s" )."GMT" );
header( "Cache-Control: no-cache, must-revalidate" );
header( "Pragma: no-cache" );
header( "Content-type: text/plain; charset={$shoutboxcharset}" );
exit( $message );
}
function show_msg( $message = "", $error = true, $color = "red", $strong = true, $extra = "", $extra2 = "" )
{
global $shoutboxcharset;
header( "Expires: Sat, 1 Jan 2000 01:00:00 GMT" );
header( "Last-Modified: ".gmdate( "D, d M Y H:i:s" )."GMT" );
header( "Cache-Control: no-cache, must-revalidate" );
header( "Pragma: no-cache" );
header( "Content-type: text/html; charset={$shoutboxcharset}" );
if ( $error )
{
exit( "<error>".$message."</error>" );
}
exit( $extra.( !empty( $color ) ? "<font color=\"".$color."\">" : "" ).( $strong ? "<strong>" : "" ).$message.( $strong ? "</strong>" : "" ).( "" ).$extra2 );
}
function is_forum_mod( $forumid = 0, $userid = 0 )
{
if ( !$forumid || !$userid )
{
return false;
}
if ( !( $query = sql_query( "SELECT userid FROM ".TSF_PREFIX."moderators WHERE forumid={$forumid} AND userid={$userid}" ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 63 );
}
return 0 < mysql_num_rows( $query ) ? true : false;
}
function allowcomments( $torrentid = 0 )
{
global $is_mod;
$query = sql_query( "SELECT allowcomments FROM torrents WHERE id = ".sqlesc( $torrentid ) );
if ( !mysql_num_rows( $query ) )
{
return false;
}
$allowcomments = mysql_result( $query, 0, "allowcomments" );
if ( $allowcomments != "yes" && !$is_mod )
{
return false;
}
return true;
}
define( "SKIP_LOCATION_SAVE", true );
define( "DEBUGMODE", false );
define( "IN_AJAX", true );
define( "SKIP_MOD_QUERIES", true );
define( "THIS_SCRIPT", "ts_ajax.php" );
require( "./global.php" );
define( "TS_AJAX_VERSION", "1.2.4 by xam" );
if ( strtoupper( $_SERVER['REQUEST_METHOD'] ) != "POST" && $_GET['action'] != "quick_edit" && $_GET['action'] != "autocomplete" )
{
exit( );
}
if ( isset( $_POST['action'] ) && $_POST['action'] == "save_quick_edit" && 0 < $CURUSER['id'] )
{
$lang->load( "comment" );
$commentid = intval( $_POST['cid'] );
if ( !is_valid_id( $commentid ) )
{
show_msg( $lang->global['notorrentid'] );
}
if ( $usergroups['cancomment'] == "no" )
{
show_msg( $lang->global['nopermission'] );
}
if ( !( $query = sql_query( "SELECT cancomment FROM ts_u_perm WHERE userid = ".sqlesc( $CURUSER['id'] ) ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 99 );
}
if ( 0 < mysql_num_rows( $query ) )
{
$commentperm = mysql_fetch_assoc( $query );
if ( $commentperm['cancomment'] == "0" )
{
show_msg( $lang->global['nopermission'] );
}
}
if ( !( $res = sql_query( "SELECT c.text, c.user, t.id as torrentid FROM comments AS c JOIN torrents AS t ON c.torrent = t.id WHERE c.id= ".sqlesc( $commentid ) ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 109 );
}
$arr = mysql_fetch_assoc( $res );
if ( !$arr )
{
show_msg( $lang->global['notorrentid'] );
}
if ( $arr['user'] != $CURUSER['id'] && !$is_mod )
{
show_msg( $lang->global['nopermission'] );
}
if ( allowcomments( $arr['torrentid'] ) == false )
{
show_msg( $lang->comment['closed'] );
}
if ( $_POST['text'] != $arr['text'] )
{
$msgtext = fixAjaxText( $_POST['text'] );
if ( $msgtext == "" )
{
show_msg( $lang->global['dontleavefieldsblank'] );
}
if ( strtolower( $shoutboxcharset ) != "utf-8" )
{
if ( function_exists( "iconv" ) )
{
$msgtext = iconv( "UTF-8", $shoutboxcharset, $msgtext );
}
else if ( function_exists( "mb_convert_encoding" ) )
{
$msgtext = mb_convert_encoding( $msgtext, $shoutboxcharset, "UTF-8" );
}
else if ( strtolower( $shoutboxcharset ) == "iso-8859-1" )
{
$msgtext = utf8_decode( $msgtext );
}
}
$editedat = get_date_time( );
if ( !sql_query( "UPDATE comments SET text = ".sqlesc( $msgtext ).", editedat=".sqlesc( $editedat ).", editedby=".sqlesc( $CURUSER['id'] )." WHERE id= ".sqlesc( $commentid ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 149 );
}
$edit_date = my_datee( $dateformat, $editedat );
$edit_time = my_datee( $timeformat, $editedat );
$p_text = "<p><font size='1' class='small'>".$lang->global['lastedited']." <a href='".$BASEURL."/userdetails.php?id=".$CURUSER['id']."'><b>".$CURUSER['username']."</b></a> {$edit_date} {$edit_time}</font></p>\n";
}
show_msg( format_comment( $_POST['text'] ).( isset( $p_text ) ? $p_text : "" ), false, NULL, false );
}
else if ( isset( $_GET['action'] ) && $_GET['action'] == "quick_edit" && 0 < $CURUSER['id'] )
{
$lang->load( "comment" );
$commentid = intval( $_GET['cid'] );
if ( !is_valid_id( $commentid ) )
{
show_msg( $lang->global['notorrentid'] );
}
if ( $usergroups['cancomment'] == "no" )
{
show_msg( $lang->global['nopermission'] );
}
if ( !( $query = sql_query( "SELECT cancomment FROM ts_u_perm WHERE userid = ".sqlesc( $CURUSER['id'] ) ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 168 );
}
if ( 0 < mysql_num_rows( $query ) )
{
$commentperm = mysql_fetch_assoc( $query );
if ( $commentperm['cancomment'] == "0" )
{
show_msg( $lang->global['nopermission'] );
}
}
if ( !( $res = sql_query( "SELECT c.text, c.user, t.id as torrentid FROM comments AS c JOIN torrents AS t ON c.torrent = t.id WHERE c.id= ".sqlesc( $commentid ) ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 178 );
}
$arr = mysql_fetch_assoc( $res );
if ( !$arr )
{
show_msg( $lang->global['notorrentid'] );
}
if ( $arr['user'] != $CURUSER['id'] && !$is_mod )
{
show_msg( $lang->global['nopermission'] );
}
if ( allowcomments( $arr['torrentid'] ) == false )
{
show_msg( $lang->comment['closed'] );
}
show_msg( htmlspecialchars_uni( $arr['text'] ), false, NULL, false );
}
else if ( isset( $_POST['ajax_quick_reply'], $_POST['tid'] ) && isset( $_POST['message'] ) && isset( $CURUSER ) )
{
if ( $usergroups['isforummod'] == "yes" || $usergroups['cansettingspanel'] == "yes" || $usergroups['issupermod'] == "yes" )
{
$moderator = true;
}
else
{
$moderator = false;
}
$lang->load( "tsf_forums" );
$tid = isset( $_POST['tid'] ) ? intval( $_POST['tid'] ) : 0;
if ( !is_valid_id( $tid ) )
{
show_msg( $lang->tsf_forums['invalid_tid'] );
}
if ( !( $query = sql_query( "SELECT\n\t\t\tt.subject as threadsubject, t.closed, t.sticky, f.type, f.name as currentforum, f.fid as currentforumid, f.moderate, ff.name as deepforum, ff.fid as deepforumid, ff.moderate as moderaterf\n\t\t\tFROM ".TSF_PREFIX."threads t\n\t\t\tLEFT JOIN ".TSF_PREFIX."forums f ON (f.fid=t.fid)\n\t\t\tLEFT JOIN ".TSF_PREFIX."forums ff ON (ff.fid=f.pid)\n\t\t\tWHERE t.tid = ".sqlesc( $tid )." LIMIT 0, 1" ) ) )
{
show_msg( "dberror1" );
}
if ( mysql_num_rows( $query ) == 0 )
{
show_msg( $lang->tsf_forums['invalid_tid'] );
}
$thread = mysql_fetch_assoc( $query );
$forummoderator = is_forum_mod( $thread['type'] == "s" ? $thread['deepforumid'] : $thread['currentforumid'], $CURUSER['id'] );
if ( ( $thread['moderate'] == 1 || $thread['moderaterf'] == 1 ) && ( $forummoderator || $moderator ) )
{
$thread['moderate'] = 0;
$thread['moderaterf'] = 0;
}
$visible = $thread['moderate'] == 1 || $thread['moderaterf'] == 1 ? 0 : 1;
if ( !( $query = sql_query( "SELECT * FROM ".TSF_PREFIX."forumpermissions WHERE gid = ".sqlesc( $CURUSER['usergroup'] ) ) ) )
{
show_msg( "dberror2" );
}
while ( $perm = mysql_fetch_assoc( $query ) )
{
$permissions[$perm['fid']] = $perm;
}
if ( $permissions[$thread['currentforumid']]['canview'] != "yes" || $permissions[$thread['currentforumid']]['canpostreplys'] != "yes" )
{
show_msg( $lang->global['nopermission'] );
}
else if ( $thread['closed'] == "yes" && !$moderator && !$forummoderator )
{
show_msg( $lang->tsf_forums['thread_closed'] );
}
$useparent = false;
if ( $thread['type'] == "s" )
{
$useparent = true;
}
$subject = $lang->tsf_forums['re'].$thread['threadsubject'];
$threadsubject = ts_remove_badwords( $subject );
$replyto = 0;
$fid = 0 + $thread['currentforumid'];
$error = "";
$uid = sqlesc( $CURUSER['id'] );
$username = sqlesc( $CURUSER['username'] );
$dateline = sqlesc( TIMENOW );
$message = fixAjaxText( $_POST['message'] );
$message = strval( $message );
if ( strtolower( $shoutboxcharset ) != "utf-8" )
{
if ( function_exists( "iconv" ) )
{
$message = iconv( "UTF-8", $shoutboxcharset, $message );
}
else if ( function_exists( "mb_convert_encoding" ) )
{
$message = mb_convert_encoding( $message, $shoutboxcharset, "UTF-8" );
}
else if ( strtolower( $shoutboxcharset ) == "iso-8859-1" )
{
$message = utf8_decode( $message );
}
}
$ipaddress = sqlesc( $CURUSER['ip'] );
$closed = $_POST['closethread'] == "1" && ( $moderator || $forummoderator ) ? "yes" : "no";
$sticky = $_POST['stickthread'] == "1" && ( $moderator || $forummoderator ) ? 1 : 0;
$subscribe = isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? 1 : 0;
if ( !( $query = sql_query( "SELECT userid FROM ".TSF_PREFIX."subscribe WHERE tid = ".sqlesc( $tid )." AND userid = ".$uid ) ) )
{
show_msg( "dberror3" );
}
if ( $subscribe && mysql_num_rows( $query ) == 0 )
{
if ( !sql_query( "INSERT INTO ".TSF_PREFIX."subscribe (tid,userid) VALUES (".sqlesc( $tid ).",".$uid.")" ) )
{
show_msg( "dberror4" );
}
}
$extraquery = "";
if ( $moderator || $forummoderator )
{
$extraquery = ", closed = ".sqlesc( $closed ).", sticky = ".sqlesc( $sticky );
}
if ( strlen( $_POST['message'] ) < $f_minmsglength )
{
show_msg( $lang->tsf_forums['too_short'] );
}
if ( !( $query = sql_query( "SELECT dateline FROM ".TSF_PREFIX."posts WHERE uid = ".sqlesc( $CURUSER['id'] )." ORDER by dateline DESC LIMIT 1" ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 313 );
}
if ( mysql_num_rows( $query ) )
{
$last_post = mysql_result( $query, 0, "dateline" );
$floodcheck = flood_check( $lang->tsf_forums['a_post'], $last_post, true );
if ( $floodcheck != "" )
{
show_msg( str_replace( array( "<font color=\"#9f040b\" size=\"2\">", "</font>", "<b>", "</b>" ), "", $floodcheck ) );
}
}
if ( !sql_query( "INSERT INTO ".TSF_PREFIX."posts (tid,replyto,fid,subject,uid,username,dateline,message,ipaddress,visible) VALUES ({$tid},{$replyto},{$fid}, ".sqlesc( $subject ).", {$uid}, {$username}, {$dateline}, ".sqlesc( $message ).", {$ipaddress},{$visible})" ) )
{
show_msg( "dberror5" );
}
$pid = mysql_insert_id( );
if ( !sql_query( "UPDATE ".TSF_PREFIX."threads SET replies = replies + 1, lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}{$extraquery} WHERE tid = ".sqlesc( $tid ) ) )
{
show_msg( "dberror6" );
}
if ( !sql_query( "UPDATE ".TSF_PREFIX."forums SET posts = posts + 1, lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}, lastposttid = {$tid}, lastpostsubject = ".sqlesc( $subject )." WHERE fid = '{$fid}'" ) )
{
show_msg( "dberror7" );
}
if ( $useparent )
{
if ( !sql_query( "UPDATE ".TSF_PREFIX."forums SET lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}, lastposttid = {$tid}, lastpostsubject = ".sqlesc( $subject )." WHERE fid = '{$thread['deepforumid']}'" ) )
{
show_msg( "dberror7" );
}
}
if ( !sql_query( "UPDATE users SET totalposts = totalposts + 1 WHERE id = {$uid}" ) )
{
show_msg( "dberror8" );
}
sql_query( "REPLACE INTO ".TSF_PREFIX."threadsread SET tid='{$tid}', uid='".$CURUSER['id']."', dateline='".TIMENOW."'" );
$TSSEConfig->TSLoadConfig( "KPS" );
KPS( "+", $kpscomment, $CURUSER['id'] );
$lastseen = my_datee( $dateformat, $CURUSER['last_access'] )." ".my_datee( $timeformat, $CURUSER['last_access'] );
$downloaded = mksize( $CURUSER['downloaded'] );
$uploaded = mksize( $CURUSER['uploaded'] );
include_once( INC_PATH."/functions_ratio.php" );
$ratio = get_user_ratio( $CURUSER['uploaded'], $CURUSER['downloaded'] );
$ratio = str_replace( "'", "\\'", $ratio );
require( INC_PATH."/function_user_rank.php" );
if ( ( TS_Match( $CURUSER['options'], "I3" ) || TS_Match( $CURUSER['options'], "I4" ) ) && !$moderator && !$forummoderator )
{
$tooltip = $lang->tsf_forums['deny'];
}
else
{
$tooltip = sprintf( $lang->tsf_forums['tooltip'], $lastseen, $downloaded, $uploaded, $ratio );
}
$poster = "<a href=\"#\" id=\"quickmenu".$pid."\"><i onmouseover=\"ddrivetip('{$tooltip}', 200)\"; onmouseout=\"hideddrivetip()\">".get_user_color( htmlspecialchars_uni( $CURUSER['username'] ), $usergroups['namestyle'] )."</i></a>";
include_once( INC_PATH."/functions_icons.php" );
$usericons = get_user_icons( array_merge( $CURUSER, $usergroups ) );
$usertitle = "";
if ( !empty( $CURUSER['title'] ) )
{
$usertitle = "<font class=\"smalltext\"><strong>".htmlspecialchars_uni( $CURUSER['title'] )."</strong></font>";
}
$poster_title = $lang->tsf_forums['usergroup'].$usergroups['title'];
$avatar = "";
if ( TS_Match( $CURUSER['options'], "D1" ) )
{
$avatar = get_user_avatar( $CURUSER['avatar'] );
}
$join_date = $lang->tsf_forums['jdate'].my_datee( $regdateformat, $CURUSER['added'] );
$totalposts = $lang->tsf_forums['totalposts'].ts_nf( $CURUSER['totalposts'] + 1 );
$UserOn = sprintf( $lang->tsf_forums['user_online'], $CURUSER['username'] );
$status = "<img src=\"".$pic_base_url."friends/online.png\" border=\"0\" alt=\"".$UserOn."\" title=\"".$UserOn."\" class=\"inlineimg\" />";
$CURUSER['countryname'] = "";
$CURUSER['flagpic'] = "";
if ( !( $query = @sql_query( "SELECT flagpic,name as countryname FROM countries WHERE id = ".@sqlesc( $CURUSER['country'] ) ) ) )
{
show_msg( "dberror9" );
}
if ( 0 < mysql_num_rows( $query ) )
{
$CURUSER['countryname'] = mysql_result( $query, 0, "countryname" );
$CURUSER['flagpic'] = mysql_result( $query, 0, "flagpic" );
}
$country = "{$lang->tsf_forums['country']}<img src='{$pic_base_url}flag/{$CURUSER['flagpic']}' alt='{$CURUSER['countryname']}' title='{$CURUSER['countryname']}' style='margin-center: 2pt' height='10px' class='inlineimg'>";
$signature = "";
if ( !empty( $CURUSER['signature'] ) && TS_Match( $CURUSER['options'], "H1" ) )
{
$signature = "<hr align=\"left\" size=\"1\" width=\"65%\">".format_comment( $CURUSER['signature'], true, true, true, true, "signatures" );
}
$ABuffer = array( );
if ( !( $AwardQuery = sql_query( "SELECT a.id, a.userid, a.reason, a.date, aw.award_name, aw.award_image FROM ts_awards_users a LEFT JOIN ts_awards aw ON (a.award_id=aw.award_id)" ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 404 );
}
while ( mysql_num_rows( $AwardQuery ) && ( $Award = mysql_fetch_assoc( $AwardQuery ) ) )
{
$ATooltip = "<strong>".htmlspecialchars_uni( $Award['award_name'] )."</strong><small>".addslashes( htmlspecialchars_uni( $Award['reason'] ) )."</small>";
$ABuffer[$Award['userid']][$Award['id']] = "\n\t\t\t<i onmouseover=\"ddrivetip('".$ATooltip."', 200)\"; onmouseout=\"hideddrivetip()\"><img src=\"".$pic_base_url."awardmedals/".htmlspecialchars_uni( $Award['award_image'] )."\" border=\"0\" alt=\"\" title=\"\" class=\"inlineimg\" width=\"10\" height=\"19\" style=\"padding-top: 3px; cursor: pointer;\" /></i> ";
}
if ( isset( $ABuffer[$CURUSER['id']] ) )
{
$UserAwards = $lang->tsf_forums['awards'].": ";
foreach ( $ABuffer[$CURUSER['id']] as $Awid => $Awimage )
{
$UserAwards .= $Awimage;
}
}
$imagepath = "{$pic_base_url}friends/";
if ( TS_Match( $CURUSER['options'], "L1" ) )
{
$UserGender = "<img src=\"".$imagepath."Male.png\" alt=\"".$lang->global['male']."\" title=\"".$lang->global['male']."\" border=\"0\" class=\"inlineimg\" />";
}
else if ( TS_Match( $CURUSER['options'], "L2" ) )
{
$UserGender = "<img src=\"".$imagepath."Female.png\" alt=\"".$lang->global['female']."\" title=\"".$lang->global['female']."\" border=\"0\" class=\"inlineimg\" />";
}
else
{
$UserGender = "<img src=\"".$imagepath."NA.png\" alt=\"--\" title=\"--\" border=\"0\" class=\"inlineimg\" />";
}
include_once( INC_PATH."/function_warnlevel.php" );
$_warnlevel = get_warn_level( $CURUSER['timeswarned'] );
$deletebutton = "<input value=\"".$lang->tsf_forums['delete_post']."\" onclick=\"jumpto('deletepost.php?tid=".$tid."\\&pid=".$pid."&page=".( isset( $_POST['page'] ) ? intval( $_POST['page'] ) : 0 )."');\" type=\"button\">";
$post_date = my_datee( $dateformat, TIMENOW )." ".my_datee( $timeformat, TIMENOW );
define( "IS_THIS_USER_POSTED", true );
$deletebutton = "";
$editbutton = "";
$quotebutton = "";
$quickreplybutton = "";
$showpagenumber = isset( $_POST['page'] ) && is_valid_id( $_POST['page'] ) ? "&page=".intval( $_POST['page'] ) : "";
if ( $moderator || $forummoderator || $permissions[$fid]['candeleteposts'] == "yes" && $closed != "yes" )
{
$deletebutton = "<input value=\"".$lang->tsf_forums['delete_post']."\" onclick=\"jumpto('deletepost.php?tid=".$tid."&pid=".$pid."&page=".( isset( $_POST['page'] ) ? intval( $_POST['page'] ) : 0 )."');\" type=\"button\" />";
}
if ( $moderator || $forummoderator || $permissions[$fid]['canpostreplys'] == "yes" && $closed != "yes" )
{
if ( $visible == 0 && !$moderator && !$forummoderator )
{
$quotebutton = "";
$quickreplybutton = "";
}
else
{
$QuoteTag = htmlspecialchars( mysql_real_escape_string( "<<<@!1!@>>>" ) );
$quotebutton = "<input value=\"".$lang->tsf_forums['quote_post']."\" onclick=\"jumpto('newreply.php?tid=".$tid."&pid=".$pid."');\" type=\"button\" />";
$quickreplybutton = "<input type=\"button\" id=\"quote_".$pid."\" value=\"".$lang->tsf_forums['quick_reply']."\" onclick=\"parseQuote('".$QuoteTag."', 'message', ".$tid.", ".$pid.");\" />";
}
}
if ( $moderator || $forummoderator || $permissions[$fid]['caneditposts'] == "yes" && $closed != "yes" )
{
$onclick = "onclick=\"jumpto('editpost.php?tid=".$tid."&pid=".$pid.$showpagenumber."');\"";
if ( $useajax == "yes" )
{
$onclick = "onclick=\"TSQuickEditPost('post_message_".$pid."','".$tid."','editpost.php?tid=".$tid."&pid=".$pid.$showpagenumber."');bookmarkscroll.scrollTo('post_message_".$pid."');\"";
}
$editbutton = "<input value=\"".$lang->tsf_forums['edit_post']."\" ".$onclick." type=\"button\" />";
}
$str2 = "\n\t\t<!-- start: post#".$pid." -->\n\t\t\n\t\t<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"5\" style=\"clear: both;\">\n\t\t\t<tr>\n\t\t\t\t<td colspan=\"2\" class=\"subheader\" name=\"pid".$pid."\">\n\t\t\t\t\t<div style=\"float: right;\">\n\t\t\t\t\t\t<strong>".$lang->tsf_forums['post']."<a href=\"#pid".$pid."\">#".intval( $_POST['postcount'] )."</a></strong>\n\t\t\t\t\t</div>\n\t\t\t\t\t<div style=\"float: left;\">\n\t\t\t\t\t\t<a name=\"pid".$pid."\" id=\"pid".$pid."\"></a><img src=\"./images/post_old.gif\" border=\"0\" class=\"inlineimg\" /> ".$post_date."\n\t\t\t\t\t</div>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"trow1\" style=\"text-align: center;\" valign=\"top\" width=\"20%\">\n\t\t\t\t\t".$poster."\n\t\t\t\t\t".$usertitle."\n\t\t\t\t\t".$avatar."\n\t\t\t\t\t".user_rank( $CURUSER )."\n\t\t\t\t\t".$join_date."\n\t\t\t\t\t".$totalposts."\n\t\t\t\t\t".$country."\n\t\t\t\t\t".( isset( $UserAwards ) ? $UserAwards."" : "" )."\n\t\t\t\t\t".$UserGender." ".$status." ".$usericons."\n\t\t\t\t\t".$_warnlevel."\n\t\t\t\t</td>\n\t\t\t\t<script type=\"text/javascript\">\n\t\t\t\t\tmenu_register(\"quickmenu".$pid."\", false);\n\t\t\t\t</script>\n\t\t\t\t<td class=\"trow1\" style=\"text-align: left;\" valign=\"top\" width=\"80%\">\n\t\t\t\t\t".( $visible == 1 ? "<img src=\"./images/icons/icon1.gif\" border=\"0\" class=\"inlineimg\" />" : "<img src=\"images/moderation.png\" alt=\"".$lang->tsf_forums['moderatemsg7']."\" title=\"".$lang->tsf_forums['moderatemsg7']."\" border=\"0\" class=\"inlineimg\" />" )."\n\t\t\t\t\t<span class=\"smalltext\"><strong>".htmlspecialchars_uni( $threadsubject )."</strong></span><hr />\n\t\t\t\t\t".( $thread['moderate'] == 0 && $thread['moderaterf'] == 0 ? "" : show_notice( $lang->tsf_forums['moderatemsg1'] )."<hr />" )."\n\t\t\t\t\t<div id=\"post_message_".$pid."\" name=\"post_message_".$pid."\" style=\"display: inline;\">".format_comment( $message )."</div>\n\t\t\t\t\t".$signature."\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\" width=\"15%\" valign=\"middle\" style=\"white-space: nowrap; text-align: center;\">\n\t\t\t\t\t<input value=\"".$lang->tsf_forums['top']."\" onclick=\"bookmarkscroll.scrollTo('top');\" type=\"button\" /> <input value=\"".$lang->tsf_forums['report_post']."\" onclick=\"TSOpenPopup('".$BASEURL."/report.php?type=4&reporting=".$pid."&extra=".$tid."&page=".( isset( $_POST['page'] ) ? intval( $_POST['page'] ) : 0 )."', 'report', 500, 300); return false;\" type=\"button\" />\n\t\t\t\t</td>\n\t\t\t\t<td class=\"subheader\" style=\"text-align: center;\" valign=\"top\">\n\t\t\t\t\t<div style=\"float: right;\">\n\t\t\t\t\t\t".$deletebutton."\n\t\t\t\t\t\t".$editbutton."\n\t\t\t\t\t\t".$quotebutton."\n\t\t\t\t\t\t".$quickreplybutton."\n\t\t\t\t\t</div>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t\t<!-- end: post#".$pid." -->\n\n\t<div id=\"quickmenu".$pid."_menu\" class=\"menu_popup\" style=\"display:none;\">\n\t\t<table border=\"1\" cellspacing=\"0\" cellpadding=\"5\">\n\t\t\t<tr>\n\t\t\t\t<td align=\"center\" class=\"thead\"><b>".$lang->global['quickmenu']." ".$CURUSER['username']."</b></td>\n\t\t\t</tr>\n\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\"><a href=\"".tsf_seo_clean_text( strip_tags( $poster ), "u", $CURUSER['id'], "", "ts" )."\">".$lang->global['qinfo1']."</a></td>\n\t\t\t</tr>\n\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\"><a href=\"".$BASEURL."/sendmessage.php?receiver=".$CURUSER['id']."\">".sprintf( $lang->global['qinfo2'], $CURUSER['username'] )."</td>\n\t\t\t</tr>\n\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\"><a href=\"".$BASEURL."/tsf_forums/tsf_search.php?action=finduserposts&id=".$CURUSER['id']."\">".sprintf( $lang->global['qinfo3'], $CURUSER['username'] )."</a></td>\n\t\t\t</tr>\n\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\"><a href=\"".$BASEURL."/tsf_forums/tsf_search.php?action=finduserthreads&id=".$CURUSER['id']."\">".sprintf( $lang->global['qinfo4'], $CURUSER['username'] )."</a></td>\n\t\t\t</tr>\n\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\"><a href=\"".$BASEURL."/friends.php?action=add_friend&friendid=".$CURUSER['id']."\">".sprintf( $lang->global['qinfo5'], $CURUSER['username'] )."</td>\n\t\t\t</tr>\n\n\t\t\t".( $moderator ? "\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\"><a href=\"".$BASEURL."/".$staffcp_path."/index.php?run_tool=edit_user&username=".$CURUSER['username']."\">".$lang->global['qinfo6']."</a></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\"><a href=\"".$BASEURL."/".$staffcp_path."/index.php?run_tool=warn_user&username=".$CURUSER['username']."\">".$lang->global['qinfo7']."</a></td>\n\t\t\t</tr>\n\t\t\t<tr>" : "" )."\n\t\t</table>\n\t</div>";
function send_sub_mails( )
{
global $CURUSER;
global $SITENAME;
global $SITEEMAIL;
global $BASEURL;
global $tid;
global $subject;
global $lang;
global $rootpath;
require_once( INC_PATH."/functions_pm.php" );
if ( !( $query = sql_query( "SELECT s.*, u.email, u.username FROM ".TSF_PREFIX."subscribe s LEFT JOIN users u ON (s.userid=u.id) WHERE s.tid = ".sqlesc( $tid )." AND s.userid != ".sqlesc( $CURUSER['id'] ) ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 581 );
}
while ( 0 < mysql_num_rows( $query ) && ( $sub = mysql_fetch_assoc( $query ) ) )
{
send_pm( $sub['userid'], sprintf( $lang->tsf_forums['msubs'], $sub['username'], $subject, $CURUSER['username'], $BASEURL, $tid, $SITENAME ), $subject );
sent_mail( $sub['email'], $subject, sprintf( $lang->tsf_forums['msubs'], $sub['username'], $subject, $CURUSER['username'], $BASEURL, $tid, $SITENAME ), "subs", false );
}
}
if ( $thread['moderate'] == 0 && $thread['moderaterf'] == 0 )
{
send_sub_mails( );
}
show_msg( $str2, false, "", false );
}
else if ( isset( $_POST['ajax_quick_comment'], $_POST['id'] ) && isset( $_POST['text'] ) && isset( $CURUSER ) )
{
if ( $usergroups['cancomment'] == "no" )
{
show_msg( $lang->global['nopermission'] );
}
if ( !( $query = sql_query( "SELECT cancomment FROM ts_u_perm WHERE userid = ".sqlesc( $CURUSER['id'] ) ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 603 );
}
if ( 0 < mysql_num_rows( $query ) )
{
$commentperm = mysql_fetch_assoc( $query );
if ( $commentperm['cancomment'] == "0" )
{
show_msg( $lang->global['nopermission'] );
}
}
$torrentid = intval( $_POST['id'] );
$lang->load( "comment" );
if ( allowcomments( $torrentid ) == false )
{
show_msg( $lang->comment['closed'] );
}
$text = fixAjaxText( $_POST['text'] );
$text = strval( $text );
if ( strtolower( $shoutboxcharset ) != "utf-8" )
{
if ( function_exists( "iconv" ) )
{
$text = iconv( "UTF-8", $shoutboxcharset, $text );
}
else if ( function_exists( "mb_convert_encoding" ) )
{
$text = mb_convert_encoding( $text, $shoutboxcharset, "UTF-8" );
}
else if ( strtolower( $shoutboxcharset ) == "iso-8859-1" )
{
$text = utf8_decode( $text );
}
}
if ( !( $query = sql_query( "SELECT added FROM comments WHERE user = ".sqlesc( $CURUSER['id'] )." ORDER by added DESC LIMIT 1" ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 639 );
}
if ( 0 < mysql_num_rows( $query ) )
{
$last_comment = mysql_result( $query, 0, "added" );
}
else
{
$last_comment = "";
}
$floodmsg = flood_check( $lang->comment['floodcomment'], $last_comment, true );
$res = sql_query( "SELECT name, owner FROM torrents WHERE id = ".sqlesc( $torrentid ) );
$arr = mysql_fetch_assoc( $res );
if ( !empty( $floodmsg ) )
{
show_msg( str_replace( array( "<font color=\"#9f040b\" size=\"2\">", "</font>", "<b>", "</b>" ), "", $floodmsg ) );
}
else if ( !$arr )
{
show_msg( $lang->global['notorrentid'] );
}
else if ( empty( $text ) || empty( $torrentid ) || !is_valid_id( $torrentid ) )
{
show_msg( $lang->global['dontleavefieldsblank'] );
}
$commentposted = false;
if ( !$is_mod && 0 < $CURUSER['id'] )
{
$query = sql_query( "SELECT id, user, text FROM comments WHERE torrent = ".sqlesc( $torrentid )." ORDER by added DESC LIMIT 1" );
if ( 0 < mysql_num_rows( $query ) )
{
$lastcommentuserid = mysql_result( $query, 0, "user" );
if ( $lastcommentuserid == $CURUSER['id'] )
{
$oldtext = mysql_result( $query, 0, "text" );
$newid = $cid = mysql_result( $query, 0, "id" );
if ( strtoupper( substr( PHP_OS, 0, 3 ) == "WIN" ) )
{
$eol = "\r\n";
}
else if ( strtoupper( substr( PHP_OS, 0, 3 ) == "MAC" ) )
{
$eol = "\r";
}
else
{
$eol = "\n";
}
$newtext = $text = $oldtext.$eol.$eol.$text;
if ( $usergroups['cancomment'] == "moderate" )
{
$message = sprintf( $lang->comment['modmsg'], $CURUSER['username'], "[URL]".$BASEURL."/details.php?id=".$torrentid."&tab=comments&showlast=true&viewcomm=".$newid."#cid".$newid."[/URL]" );
sql_query( "INSERT INTO staffmessages (sender, added, msg, subject) VALUES(0, NOW(), ".sqlesc( $message ).", ".sqlesc( $lang->comment['modmsgsubject'] ).")" );
sql_query( "UPDATE comments SET text = {$newtext}, visible = 0 WHERE id = '{$newid}'" );
}
else
{
sql_query( "UPDATE comments SET text = ".sqlesc( $newtext )." WHERE id = '{$newid}'" );
}
if ( mysql_affected_rows( ) )
{
$commentposted = true;
}
}
}
}
if ( !$commentposted )
{
sql_query( "INSERT INTO comments (user, torrent, added, text, visible) VALUES (".sqlesc( $CURUSER['id'] ).", ".sqlesc( $torrentid ).", ".sqlesc( get_date_time( ) ).", ".sqlesc( $text ).", ".( $usergroups['cancomment'] == "moderate" ? 0 : 1 ).")" );
$cid = mysql_insert_id( );
sql_query( "UPDATE torrents SET comments = comments + 1 WHERE id = ".sqlesc( $torrentid ) );
$ras = sql_query( "SELECT options FROM users WHERE id = ".sqlesc( $arr['owner'] ) );
$arg = mysql_fetch_assoc( $ras );
if ( TS_Match( $arg['options'], "C1" ) && $CURUSER['id'] != $arr['owner'] )
{
require_once( INC_PATH."/functions_pm.php" );
send_pm( $arr['owner'], sprintf( $lang->comment['newcommenttxt'], "[url=".$BASEURL."/details.php?id=".$torrentid."#startcomments]".$arr['name']."[/url]" ), $lang->comment['newcommentsub'] );
}
if ( $usergroups['cancomment'] == "moderate" )
{
$message = sprintf( $lang->comment['modmsg'], $CURUSER['username'], "[URL]".$BASEURL."/details.php?id=".$torrentid."&tab=comments&showlast=true&viewcomm=".$cid."#cid".$cid."[/URL]" );
sql_query( "INSERT INTO staffmessages (sender, added, msg, subject) VALUES(0, NOW(), ".sqlesc( $message ).", ".sqlesc( $lang->comment['modmsgsubject'] ).")" );
}
else
{
KPS( "+", "{$kpscomment}", $CURUSER['id'] );
}
}
require_once( INC_PATH."/commenttable.php" );
require_once( INC_PATH."/functions_quick_editor.php" );
if ( !( $subres = sql_query( "SELECT c.id, c.torrent as torrentid, c.text, c.user, c.added, c.editedby, c.editedat, c.modnotice, c.modeditid, c.modeditusername, c.modedittime, c.totalvotes, c.visible, uu.username as editedbyuname, gg.namestyle as editbynamestyle, u.added as registered, u.enabled, u.warned, u.leechwarn, u.username, u.title, u.usergroup, u.last_access, u.options, u.donor, u.uploaded, u.downloaded, u.avatar as useravatar, u.signature, g.title as grouptitle, g.namestyle FROM comments c LEFT JOIN users uu ON (c.editedby=uu.id) LEFT JOIN usergroups gg ON (uu.usergroup=gg.gid) LEFT JOIN users u ON (c.user=u.id) LEFT JOIN usergroups g ON (u.usergroup=g.gid) WHERE c.id = ".sqlesc( $cid )." ORDER BY c.id" ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 738 );
}
$allrows = array( );
while ( $subrow = mysql_fetch_assoc( $subres ) )
{
$allrows[] = $subrow;
}
$lcid = 0;
if ( isset( $_POST['lcid'] ) )
{
$lcid = intval( $_POST['lcid'] );
}
define( "LCID", $lcid );
$showcommenttable = commenttable( $allrows, "", "", false, true, true );
show_msg( $showcommenttable, false, "", false );
}
else if ( !empty( $_POST['username'] ) )
{
$lang->load( "signup" );
@$username = @trim( $_POST['username'] );
if ( empty( $username ) || !isvalidusername( $username ) )
{
show_msg( $lang->signup['une3'], false );
}
if ( strlen( $username ) < 3 )
{
show_msg( $lang->signup['une1'], false );
}
if ( 12 < strlen( $username ) )
{
show_msg( $lang->signup['une2'], false );
}
$query = sql_query( "SELECT username FROM users WHERE username = ".sqlesc( $username ) );
if ( 0 < mysql_num_rows( $query ) )
{
show_msg( $lang->signup['une4'], false );
}
else
{
$TSSEConfig->TSLoadConfig( "SIGNUP" );
$usernames = preg_split( "/\\s+/", $illegalusernames, 0 - 1, PREG_SPLIT_NO_EMPTY );
foreach ( $usernames as $val )
{
if ( strpos( strtolower( $username ), strtolower( $val ) ) !== false )
{
show_msg( $lang->signup['une4'], false );
}
}
show_msg( $lang->signup['uavailable'], false, "green" );
}
}
else if ( !empty( $_POST['email'] ) )
{
$lang->load( "signup" );
@$email = @trim( $_POST['email'] );
require_once( INC_PATH."/functions_EmailBanned.php" );
if ( empty( $email ) || !check_email( $email ) )
{
show_msg( $lang->signup['invalidemail'], false );
}
else if ( EmailBanned( $email ) )
{
show_msg( $lang->signup['invalidemail2'], false );
}
$query = sql_query( "SELECT email FROM users WHERE email = ".sqlesc( $email ) );
if ( mysql_num_rows( $query ) == 0 )
{
show_msg( $lang->signup['eavailable'], false, "green" );
}
else
{
show_msg( $lang->signup['invalidemail3'], false );
}
}
else if ( isset( $_POST['vid'] ) && !empty( $_POST['cid'] ) )
{
$Cid = intval( $_POST['cid'] );
$Uid = intval( $CURUSER['id'] );
$Vid = $_POST['vid'] == "1" ? "1" : "-1";
if ( is_valid_id( $Cid ) && is_valid_id( $Uid ) )
{
if ( !sql_query( "REPLACE INTO comments_votes VALUES ('".$Cid."', '".$Uid."', '".$Vid."')" ) )
{
sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 823 );
}
if ( !( $Query = sql_query( "SELECT vid FROM comments_votes WHERE cid = '".$Cid."'" ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 824 );
}
$Negative = 0;
$Positive = 0;
if ( 0 < mysql_num_rows( $Query ) )
{
while ( $Votes = mysql_fetch_assoc( $Query ) )
{
if ( $Votes['vid'] == "-1" )
{
$Negative += 1;
}
else
{
$Positive += 1;
}
}
}
else if ( $Vid == "-1" )
{
$Negative += 1;
}
else
{
$Positive += 1;
}
if ( !sql_query( "UPDATE comments SET totalvotes = '".$Positive."|".$Negative."' WHERE id = '".$Cid."'" ) )
{
sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 854 );
}
echo $Positive - $Negative;
exit( );
}
}
?>
newreply.php
PHP Code:
<?php
define( "THIS_SCRIPT", "newreply.php" );
require( "./global.php" );
$tid = intval( TS_Global( "tid" ) );
$pid = intval( TS_Global( "pid" ) );
$canpostattachments = false;
ini_set( "memory_limit", "250M" );
if ( !is_valid_id( $tid ) || !empty( $pid ) && !is_valid_id( $pid ) )
{
stderr( $lang->global['error'], $lang->tsf_forums['invalid_tid'] );
exit( );
}
if ( !( $query = sql_query( "SELECT\r\n\t\t\tt.subject as threadsubject, t.closed, t.sticky, f.type, f.name as currentforum, f.fid as currentforumid, f.moderate, ff.name as deepforum, ff.fid as deepforumid, ff.moderate as moderaterf\r\n\t\t\tFROM ".TSF_PREFIX."threads t\r\n\t\t\tLEFT JOIN ".TSF_PREFIX."forums f ON (f.fid=t.fid)\r\n\t\t\tLEFT JOIN ".TSF_PREFIX."forums ff ON (ff.fid=f.pid)\r\n\t\t\tWHERE t.tid = ".sqlesc( $tid )." LIMIT 0, 1" ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\newreply.php", 46 );
}
if ( mysql_num_rows( $query ) == 0 )
{
stderr( $lang->global['error'], $lang->tsf_forums['invalid_tid'] );
exit( );
}
$thread = $orjthreadarray = mysql_fetch_assoc( $query );
$forummoderator = is_forum_mod( $thread['type'] == "s" ? $thread['deepforumid'] : $thread['currentforumid'], $CURUSER['id'] );
if ( ( $thread['moderate'] == 1 || $thread['moderaterf'] == 1 ) && ( $forummoderator || $moderator ) )
{
$thread['moderate'] = 0;
$thread['moderaterf'] = 0;
}
$visible = $thread['moderate'] == 1 || $thread['moderaterf'] == 1 ? 0 : 1;
if ( $permissions[$thread['currentforumid']]['canview'] != "yes" || $permissions[$thread['currentforumid']]['canpostreplys'] != "yes" )
{
print_no_permission( true );
exit( );
}
else
{
if ( $thread['closed'] == "yes" && !$moderator && !$forummoderator )
{
stderr( $lang->global['error'], $lang->tsf_forums['thread_closed'] );
exit( );
}
}
$useparent = false;
if ( $thread['type'] == "s" )
{
$useparent = true;
}
if ( $permissions[$thread['currentforumid']]['canpostattachments'] == "yes" )
{
$canpostattachments = true;
}
if ( !empty( $pid ) )
{
if ( !( $query = sql_query( "SELECT p.message, p.tid, p.subject, u.username FROM ".TSF_PREFIX."posts p LEFT JOIN users u ON (p.uid=u.id) WHERE p.pid = ".sqlesc( $pid ) ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\newreply.php", 90 );
}
@$p_tid = @mysql_result( $query, 0, "p.tid" );
if ( $p_tid != $tid )
{
stderr( $lang->global['error'], $lang->tsf_forums['invalid_post'] );
exit( );
}
$subject = mysql_result( $query, 0, "p.subject" );
$message = mysql_result( $query, 0, "p.message" );
while ( !$forummoderator && !$moderator && preg_match( "/\\[hide\\](.*?)\\[\\/hide\\]/is", $message ) && preg_match( "#\\[hide\\](.*?)\\[\\/hide\\](\r\n?|\n?)#si", $message ) )
{
$message = preg_replace( "#\\[hide\\](.*?)\\[\\/hide\\](\r\n?|\n?)#si", "", $message );
}
$username = mysql_result( $query, 0, "u.username" );
$subject = preg_replace( "#RE:\\s?#i", "", $subject );
$subject = $lang->tsf_forums['re'].$subject;
$threadsubject = ts_remove_badwords( $subject );
$message = "<<<@!2!@>>>";
$replyto = $pid;
}
else
{
$subject = $lang->tsf_forums['re'].$thread['threadsubject'];
$threadsubject = ts_remove_badwords( $subject );
}
if ( !isset( $replyto ) )
{
$replyto = 0;
}
$fid = 0 + $thread['currentforumid'];
$prvp = showPreview( "message" );
if ( $_SERVER['REQUEST_METHOD'] == "POST" && isset( $_POST['submit'] ) )
{
$error = "";
$subject = isset( $_POST['subject'] ) ? $_POST['subject'] : "";
$uid = sqlesc( $CURUSER['id'] );
$username = sqlesc( $CURUSER['username'] );
$dateline = sqlesc( TIMENOW );
$message = isset( $_POST['message'] ) ? $_POST['message'] : "";
$ipaddress = sqlesc( $CURUSER['ip'] );
$closed = isset( $_POST['closethread'] ) && $_POST['closethread'] == "yes" && ( $moderator || $forummoderator ) ? "yes" : "no";
$sticky = isset( $_POST['stickthread'] ) && $_POST['stickthread'] == "yes" && ( $moderator || $forummoderator ) ? 1 : 0;
$subscribe = isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? 1 : 0;
if ( !( $query = sql_query( "SELECT userid FROM ".TSF_PREFIX."subscribe WHERE tid = ".sqlesc( $tid )." AND userid = ".$uid ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\newreply.php", 143 );
}
if ( $subscribe && mysql_num_rows( $query ) == 0 )
{
if ( !sql_query( "INSERT INTO ".TSF_PREFIX."subscribe (tid,userid) VALUES (".sqlesc( $tid ).",".$uid.")" ) )
{
sqlerr( "C:\\idezender\\Encoded\\newreply.php", 146 );
}
}
$extraquery = "";
if ( $moderator || $forummoderator )
{
$extraquery = ", closed = ".sqlesc( $closed ).", sticky = ".sqlesc( $sticky );
}
if ( strlen( $subject ) < $f_minmsglength || strlen( $message ) < $f_minmsglength )
{
$error = $lang->tsf_forums['too_short'];
}
$subject = sqlesc( $subject );
$message = sqlesc( $message );
if ( !( $query = sql_query( "SELECT dateline FROM ".TSF_PREFIX."posts WHERE uid = ".sqlesc( $CURUSER['id'] )." ORDER by dateline DESC LIMIT 1" ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\newreply.php", 164 );
}
if ( 0 < mysql_num_rows( $query ) )
{
$last_post = mysql_result( $query, 0, "dateline" );
$floodcheck = flood_check( $lang->tsf_forums['a_post'], $last_post, true );
if ( $floodcheck != "" )
{
$error = $floodcheck;
}
}
if ( empty( $error ) )
{
$iq1 = $iq2 = "";
$iconid = isset( $_POST['iconid'] ) ? intval( $_POST['iconid'] ) : "";
if ( is_valid_id( $iconid ) )
{
$iq1 = "iconid,";
$iq2 = "{$iconid},";
}
if ( !sql_query( "INSERT INTO ".TSF_PREFIX."posts ({$iq1}tid,replyto,fid,subject,uid,username,dateline,message,ipaddress,visible) VALUES ({$iq2}{$tid},{$replyto},{$fid}, {$subject}, {$uid}, {$username}, {$dateline}, {$message}, {$ipaddress},{$visible})" ) )
{
sqlerr( "C:\\idezender\\Encoded\\newreply.php", 184 );
}
$pid = mysql_insert_id( );
if ( !sql_query( "UPDATE ".TSF_PREFIX."threads SET replies = replies + 1, lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}{$extraquery} WHERE tid = ".sqlesc( $tid ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\newreply.php", 187 );
}
if ( !sql_query( "UPDATE ".TSF_PREFIX."forums SET posts = posts + 1, lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}, lastposttid = {$tid}, lastpostsubject = {$subject} WHERE fid = '{$fid}'" ) )
{
sqlerr( "C:\\idezender\\Encoded\\newreply.php", 189 );
}
if ( $useparent )
{
if ( !sql_query( "UPDATE ".TSF_PREFIX."forums SET lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}, lastposttid = {$tid}, lastpostsubject = {$subject} WHERE fid = '{$thread['deepforumid']}'" ) )
{
sqlerr( "C:\\idezender\\Encoded\\newreply.php", 193 );
}
}
$TSSEConfig->TSLoadConfig( "KPS" );
KPS( "+", $kpscomment, $uid );
send_sub_mails( );
if ( !sql_query( "UPDATE users SET totalposts = totalposts + 1 WHERE id = {$uid}" ) )
{
sqlerr( "C:\\idezender\\Encoded\\newreply.php", 201 );
}
if ( $canpostattachments && $pid && $tid )
{
$error = array( );
$i = 0;
while ( $i < 3 )
{
if ( 0 < $_FILES['attachment']['size'][$i] )
{
if ( !is_uploaded_file( $_FILES['attachment']['tmp_name'][$i] ) || empty( $_FILES['attachment']['tmp_name'][$i] ) )
{
$error[] = $lang->tsf_forums['a_error2']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")";
}
else
{
$ext = get_extension( $_FILES['attachment']['name'][$i] );
$allowed_ext = explode( ",", $f_allowed_types );
if ( !in_array( $ext, $allowed_ext, true ) )
{
$error[] = $lang->tsf_forums['a_error3']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")";
}
else if ( $f_upload_maxsize * 1024 < $_FILES['attachment']['size'][$i] && !$moderator )
{
$error[] = sprintf( $lang->tsf_forums['a_error4'], mksize( $f_upload_maxsize * 1024 ) )." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")";
}
else if ( file_exists( $f_upload_path.$_FILES['attachment']['name'][$i] ) )
{
$error[] = $lang->tsf_forums['a_error5']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")";
}
else
{
$_FILES['attachment']['name'][$i] = str_replace( ".".$ext, "", $_FILES['attachment']['name'][$i] );
$find = array( "/[^a-zA-Z0-9\\s]/", "/\\s+/" );
$replace = array( "_", "_" );
$filename = strtolower( preg_replace( $find, $replace, $_FILES['attachment']['name'][$i] ) ).".".$ext;
$moved = @move_uploaded_file( $_FILES['attachment']['tmp_name'][$i], $f_upload_path.$filename );
if ( !$moved )
{
$error[] = $lang->tsf_forums['a_error2']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")";
}
}
}
if ( count( $error ) == 0 )
{
$a_name = sqlesc( $filename );
$a_size = sqlesc( 0 + $_FILES['attachment']['size'][$i] );
if ( !sql_query( "INSERT INTO ".TSF_PREFIX."attachments (a_name,a_size,a_tid,a_pid,visible) VALUES ({$a_name},{$a_size},{$tid},{$pid},{$visible})" ) )
{
sqlerr( "C:\\idezender\\Encoded\\newreply.php", 248 );
}
}
}
++$i;
}
}
if ( $thread['moderate'] == 0 && $thread['moderaterf'] == 0 )
{
define( "FORCE_REDIRECT_MESSAGE", true );
$lastpage = get_last_post( $tid );
redirect( "tsf_forums/showthread.php?tid={$tid}&page={$lastpage}&pid={$pid}&scrollto=pid{$pid}", $lang->tsf_forums['post_done']."".( is_array( $error ) && 0 < count( $error ) ? implode( "", $error ) : "" ) );
}
else
{
stdhead( "{$SITENAME} TSF FORUMS : ".TSF_VERSION." :: ".str_replace( "&", "&", $orjthreadarray['currentforum'] ) );
add_breadcrumb( $orjthreadarray['deepforum'], ( $useparent ? "forumdisplay" : "index" ).".php?fid={$orjthreadarray['deepforumid']}" );
add_breadcrumb( $orjthreadarray['currentforum'], "forumdisplay.php?fid={$fid}" );
add_breadcrumb( htmlspecialchars_uni( $threadsubject ), "showthread.php?tid={$tid}" );
add_breadcrumb( $lang->tsf_forums['new_reply'] );
build_breadcrumb( );
stdmsg( $lang->global['sys_message'], $lang->tsf_forums['moderatemsg1'] );
stdfoot( );
exit( );
}
exit( );
}
}
add_breadcrumb( $thread['deepforum'], ( $useparent ? "forumdisplay" : "index" ).".php?fid={$thread['deepforumid']}" );
add_breadcrumb( $thread['currentforum'], "forumdisplay.php?fid={$fid}" );
add_breadcrumb( htmlspecialchars_uni( $threadsubject ), "showthread.php?tid={$tid}" );
add_breadcrumb( $lang->tsf_forums['new_reply'] );
stdhead( "{$SITENAME} TSF FORUMS : ".TSF_VERSION." :: ".str_replace( "&", "&", $thread['currentforum'] ) );
if ( isset( $warningmessage ) )
{
echo $warningmessage;
}
build_breadcrumb( );
define( "IN_EDITOR", true );
include_once( INC_PATH."/editor.php" );
$str = "\r\n<form method=\"post\" name=\"newreply\" action=\"".$_SERVER['SCRIPT_NAME']."\" enctype=\"multipart/form-data\">\r\n<input type=\"hidden\" name=\"tid\" value=\"".$tid."\">\r\n<input type=\"hidden\" name=\"replyto\" value=\"".$replyto."\">";
if ( !empty( $prvp ) )
{
$str .= $prvp;
}
if ( isset( $error ) )
{
stdmsg( $lang->global['error'], $error, false );
}
if ( $array_icon_list = show_icon_list( ) )
{
$postoptionstitle = array(
"1" => $lang->tsf_forums['picons1']
);
$postoptions = array(
"1" => $array_icon_list
);
}
if ( $moderator || $forummoderator )
{
if ( isset( $postoptionstitle, $postoptions ) )
{
array_push( $postoptionstitle, $lang->tsf_forums['mod_options'] );
array_push( $postoptions, "<label><input class=\"checkbox\" name=\"closethread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['closethread'] ) && $_POST['closethread'] == "yes" ? " checked=\"checked\"" : $thread['closed'] == "yes" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_c']."</label>\r\n\t\t\t\t<label><input class=\"checkbox\" name=\"stickthread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['stickthread'] ) && $_POST['stickthread'] == "yes" ? " checked=\"checked\"" : $thread['sticky'] == "1" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_s']."</label></span>" );
}
else
{
$postoptionstitle = array(
"1" => $lang->tsf_forums['mod_options']
);
$postoptions = array(
"1" => "<label><input class=\"checkbox\" name=\"closethread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['closethread'] ) && $_POST['closethread'] == "yes" ? " checked=\"checked\"" : $thread['closed'] == "yes" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_c']."</label>\r\n\t\t\t\t<label><input class=\"checkbox\" name=\"stickthread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['stickthread'] ) && $_POST['stickthread'] == "yes" ? " checked=\"checked\"" : $thread['sticky'] == "1" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_s']."</label></span>"
);
}
}
if ( $canpostattachments )
{
if ( isset( $postoptionstitle, $postoptions ) )
{
array_push( $postoptionstitle, $lang->tsf_forums['attachment'] );
array_push( $postoptions, "<label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label>" );
array_push( $postoptionstitle, "<b>".$lang->tsf_forums['subs'].":</b>" );
array_push( $postoptions, "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs'] );
}
else
{
$postoptionstitle = array(
"1" => $lang->tsf_forums['attachment'],
"2" => "<b>".$lang->tsf_forums['subs'].":</b>"
);
$postoptions = array(
"1" => "<label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label>",
"2" => "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs']
);
}
}
else if ( isset( $postoptionstitle, $postoptions ) )
{
array_push( $postoptionstitle, $lang->tsf_forums['subs'].":" );
array_push( $postoptions, "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs'] );
}
else
{
$postoptionstitle = array(
"1" => $lang->tsf_forums['subs'].":"
);
$postoptions = array(
"1" => "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs']
);
}
$str .= insert_editor( true, isset( $_POST['subject'] ) ? $_POST['subject'] : $threadsubject, isset( $_POST['message'] ) ? $_POST['message'] : isset( $message ) ? $message : "", $lang->tsf_forums['new_reply_head'], $lang->tsf_forums['new_reply_head2'].htmlspecialchars_uni( $threadsubject ), $postoptionstitle, $postoptions );
echo $str;
if ( !( $query = sql_query( "\r\n\t\t\tSELECT p.*, u.username\r\n\t\t\tFROM ".TSF_PREFIX."posts p\r\n\t\t\tLEFT JOIN users u ON (p.uid=u.id)\r\n\t\t\tWHERE p.tid = '{$tid}' AND p.visible = '1'\r\n\t\t\tORDER BY p.dateline DESC LIMIT 0, 5\r\n\t\t" ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\newreply.php", 375 );
}
if ( mysql_num_rows( $query ) )
{
echo "\r\n\t\r\n\t<table border=\"0\" cellspacing=\"0\" cellpadding=\"5\" class=\"tborder\">\r\n\t<tr>\r\n\t<td class=\"thead\" align=\"center\"><strong>".$lang->tsf_forums['thread_review']."</strong></td>\r\n\t</tr>";
while ( $post = mysql_fetch_assoc( $query ) )
{
$reviewpostdate = my_datee( $dateformat, $post['dateline'] )." ".my_datee( $timeformat, $post['dateline'] );
$reviewmessage = format_comment( $post['message'] );
echo "\r\n\t\t<tr>\r\n\t\t\t<td class=\"subheader\">\r\n\t\t\t\t<span class=\"smalltext\"><strong>".$lang->tsf_forums['posted_by']." ".$post['username']." - ".$reviewpostdate."</strong></span>\r\n\t\t\t</td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t\t<td class=\"trow1\">\r\n\t\t\t\t".$reviewmessage."\r\n\t\t\t</td>\r\n\t\t</tr>";
}
echo "</table>";
}
stdfoot( );
?>
newthread.php
PHP Code:
<?php
define( "THIS_SCRIPT", "newthread.php" );
require( "./global.php" );
$fid = intval( TS_Global( "fid" ) );
$polloptions = isset( $_POST['polloptions'] ) ? intval( $_POST['polloptions'] ) : 4;
$createpoll = isset( $_POST['createpoll'] ) && $_POST['createpoll'] == "yes" ? "yes" : "no";
$canpostattachments = false;
if ( is_valid_id( $fid ) )
{
print_no_permission( true );
exit( );
if ( !( $query = @sql_query( "SELECT f.name, f.pid, f.type, f.moderate, ff.name as realforum, ff.fid as realforumid, ff.moderate as moderaterf FROM ".TSF_PREFIX."forums f LEFT JOIN ".TSF_PREFIX."forums ff ON (ff.fid=f.pid) WHERE f.fid = ".@sqlesc( $fid ) ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\newthread.php", 42 );
}
if ( mysql_num_rows( $query ) == 0 )
{
stderr( $lang->global['error'], $lang->tsf_forums['invalidfid'] );
exit( );
}
$realforum = mysql_result( $query, 0, "realforum" );
$realforumid = mysql_result( $query, 0, "realforumid" );
$forumname = mysql_result( $query, 0, "f.name" );
$parent = mysql_result( $query, 0, "f.pid" );
$type = mysql_result( $query, 0, "f.type" );
$moderateForum = mysql_result( $query, 0, "f.moderate" );
$moderateForumRF = mysql_result( $query, 0, "ff.moderaterf" );
$forummoderator = is_forum_mod( $type == "s" ? $realforumid : $fid, $CURUSER['id'] );
if ( ( $moderateForum == 1 || $moderateForumRF == 1 ) && ( $forummoderator || $moderator ) )
{
$moderateForum = 0;
$moderateForumRF = 0;
}
$visible = $moderateForum == 1 || $moderateForumRF == 1 ? 0 : 1;
if ( $permissions[$fid]['canpostattachments'] == "yes" )
{
$canpostattachments = true;
}
if ( $permissions[$fid]['canview'] != "yes" || $permissions[$fid]['canpostthreads'] != "yes" )
{
print_no_permission( true );
exit( );
}
else
{
if ( $type == "c" )
{
stderr( $lang->global['error'], $lang->tsf_forums['cant_post'] );
exit( );
}
}
$useparent = false;
if ( $type == "s" )
{
$useparent = true;
}
add_breadcrumb( $realforum, ( $useparent ? "forumdisplay" : "index" ).".php?fid={$realforumid}" );
add_breadcrumb( $forumname, "forumdisplay.php?fid={$fid}" );
add_breadcrumb( $lang->tsf_forums['new_thread'] );
}
else
{
stderr( $lang->global['error'], $lang->tsf_forums['invalidfid'] );
exit( );
}
if ( $_SERVER['REQUEST_METHOD'] == "POST" && isset( $_POST['submit'] ) )
{
$error = "";
$subject = isset( $_POST['subject'] ) ? $_POST['subject'] : "";
$uid = sqlesc( $CURUSER['id'] );
$username = sqlesc( $CURUSER['username'] );
$dateline = sqlesc( TIMENOW );
$message = isset( $_POST['message'] ) ? $_POST['message'] : "";
$ipaddress = sqlesc( $CURUSER['ip'] );
$closed = isset( $_POST['closethread'] ) && $_POST['closethread'] == "yes" && ( $moderator || $forummoderator ) ? "yes" : "no";
$sticky = isset( $_POST['stickthread'] ) && $_POST['stickthread'] == "yes" && ( $moderator || $forummoderator ) ? 1 : 0;
$subscribe = isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? 1 : 0;
if ( strlen( $subject ) < $f_minmsglength || strlen( $message ) < $f_minmsglength )
{
$error = $lang->tsf_forums['too_short'];
}
$subject = sqlesc( $subject );
$message = sqlesc( $message );
if ( !( $query = sql_query( "SELECT dateline FROM ".TSF_PREFIX."posts WHERE uid = ".sqlesc( $CURUSER['id'] )." ORDER by dateline DESC LIMIT 1" ) ) )
{
sqlerr( "C:\\idezender\\Encoded\\newthread.php", 118 );
}
if ( 0 < mysql_num_rows( $query ) )
{
$last_post = mysql_result( $query, 0, "dateline" );
$floodcheck = flood_check( $lang->tsf_forums['a_post'], $last_post, true );
if ( $floodcheck != "" )
{
$error = $floodcheck;
}
}
if ( empty( $error ) )
{
$iq1 = $iq2 = "";
$iconid = isset( $_POST['iconid'] ) ? intval( $_POST['iconid'] ) : 0;
if ( is_valid_id( $iconid ) )
{
$iq1 = "iconid,";
$iq2 = "{$iconid},";
}
if ( !@sql_query( "INSERT INTO ".TSF_PREFIX."posts ({$iq1}fid,subject,uid,username,dateline,message,ipaddress,visible) VALUES ({$iq2}{$fid}, {$subject}, {$uid}, {$username}, {$dateline}, {$message}, {$ipaddress},{$visible})" ) )
{
sqlerr( "C:\\idezender\\Encoded\\newthread.php", 138 );
}
$pid = mysql_insert_id( );
if ( !@sql_query( "INSERT INTO ".TSF_PREFIX."threads ({$iq1}fid,subject,uid,username,dateline,firstpost,lastpost,lastposter,lastposteruid,closed,sticky,visible) VALUES ({$iq2}{$fid},{$subject},{$uid},{$username},{$dateline},{$pid},{$dateline},{$username},{$uid},".@sqlesc( $closed ).",{$sticky},{$visible})" ) )
{
sqlerr( "C:\\idezender\\Encoded\\newthread.php", 141 );
}
$tid = mysql_insert_id( );
if ( $subscribe )
{
if ( !sql_query( "INSERT INTO ".TSF_PREFIX."subscribe (tid,userid) VALUES (".sqlesc( $tid ).",".$uid.")" ) )
{
sqlerr( "C:\\idezender\\Encoded\\newthread.php", 146 );
}
}
if ( !@sql_query( "UPDATE ".TSF_PREFIX."posts SET tid = {$tid} WHERE pid = '{$pid}'" ) )
{
sqlerr( "C:\\idezender\\Encoded\\newthread.php", 149 );
}
if ( !@sql_query( "UPDATE ".TSF_PREFIX."forums SET threads = threads + 1, posts = posts + 1, lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}, lastposttid = {$tid}, lastpostsubject = {$subject} WHERE fid = '{$fid}'" ) )
{
sqlerr( "C:\\idezender\\Encoded\\newthread.php", 151 );
}
if ( $useparent )
{
if ( !@sql_query( "UPDATE ".TSF_PREFIX."forums SET lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}, lastposttid = {$tid}, lastpostsubject = {$subject} WHERE fid = '{$realforumid}'" ) )
{
sqlerr( "C:\\idezender\\Encoded\\newthread.php", 155 );
}
}
if ( !@sql_query( "UPDATE users SET totalposts = totalposts + 1 WHERE id = {$uid}" ) )
{
sqlerr( "C:\\idezender\\Encoded\\newthread.php", 158 );
}
$TSSEConfig->TSLoadConfig( "KPS" );
KPS( "+", $kpscomment, $uid );
if ( $canpostattachments && $pid && $tid && isset( $_FILES ) )
{
$error = array( );
$i = 0;
while ( $i < 3 )
{
if ( isset( $_FILES['attachment']['size'][$i] ) && 0 < $_FILES['attachment']['size'][$i] )
{
if ( !is_uploaded_file( $_FILES['attachment']['tmp_name'][$i] ) || empty( $_FILES['attachment']['tmp_name'][$i] ) )
{
$error[] = $lang->tsf_forums['a_error2']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")";
}
else
{
$ext = get_extension( $_FILES['attachment']['name'][$i] );
$allowed_ext = explode( ",", $f_allowed_types );
if ( !in_array( $ext, $allowed_ext, true ) )
{
$error[] = $lang->tsf_forums['a_error3']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")";
}
else if ( $f_upload_maxsize * 1024 < $_FILES['attachment']['size'][$i] && !$moderator )
{
$error[] = sprintf( $lang->tsf_forums['a_error4'], mksize( $f_upload_maxsize * 1024 ) )." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")";
}
else if ( file_exists( $f_upload_path.$_FILES['attachment']['name'][$i] ) )
{
$error[] = $lang->tsf_forums['a_error5']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")";
}
else
{
$_FILES['attachment']['name'][$i] = str_replace( ".".$ext, "", $_FILES['attachment']['name'][$i] );
$find = array( "/[^a-zA-Z0-9\\s]/", "/\\s+/" );
$replace = array( "_", "_" );
$filename = strtolower( preg_replace( $find, $replace, $_FILES['attachment']['name'][$i] ) ).".".$ext;
$moved = @move_uploaded_file( $_FILES['attachment']['tmp_name'][$i], $f_upload_path.$filename );
if ( !$moved )
{
$error[] = $lang->tsf_forums['a_error2']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")";
}
}
}
if ( count( $error ) == 0 )
{
$a_name = sqlesc( $filename );
$a_size = sqlesc( 0 + $_FILES['attachment']['size'][$i] );
if ( !sql_query( "INSERT INTO ".TSF_PREFIX."attachments (a_name,a_size,a_tid,a_pid,visible) VALUES ({$a_name},{$a_size},{$tid},{$pid},{$visible})" ) )
{
sqlerr( "C:\\idezender\\Encoded\\newthread.php", 208 );
}
}
}
++$i;
}
}
if ( $createpoll == "yes" && $usergroups['cancreatepoll'] == "yes" )
{
define( "FORCE_REDIRECT_MESSAGE", true );
redirect( "tsf_forums/poll.php?do=new&tid={$tid}&polloptions={$polloptions}", $lang->tsf_forums['poll10']."".( is_array( $error ) && 0 < count( $error ) ? implode( "", $error ) : "" ) );
exit( );
}
if ( $moderateForum == 0 && $moderateForumRF == 0 )
{
define( "FORCE_REDIRECT_MESSAGE", true );
redirect( "tsf_forums/showthread.php?tid={$tid}", $lang->tsf_forums['thread_created']."".( is_array( $error ) && 0 < count( $error ) ? implode( "", $error ) : "" ) );
}
else
{
$new_thread_in = sprintf( $lang->tsf_forums['new_thread_in'], str_replace( "&", "&", $forumname ) );
stdhead( $new_thread_in );
build_breadcrumb( );
stdmsg( $lang->global['sys_message'], $lang->tsf_forums['moderatemsg1'] );
stdfoot( );
exit( );
}
exit( );
}
}
$new_thread_in = sprintf( $lang->tsf_forums['new_thread_in'], str_replace( "&", "&", $forumname ) );
stdhead( $new_thread_in );
if ( isset( $warningmessage ) )
{
echo $warningmessage;
}
build_breadcrumb( );
$prvp = showPreview( "message" );
define( "IN_EDITOR", true );
include_once( INC_PATH."/editor.php" );
$str = "\r\n<form method=\"post\" name=\"newthread\" action=\"".$_SERVER['SCRIPT_NAME']."\" enctype=\"multipart/form-data\">\r\n<input type=\"hidden\" name=\"fid\" value=\"".$fid."\">";
if ( !empty( $prvp ) )
{
$str .= $prvp;
}
if ( isset( $error ) )
{
stdmsg( $lang->global['error'], $error, false );
}
if ( $array_icon_list = show_icon_list( ) )
{
$postoptionstitle = array(
"1" => $lang->tsf_forums['picons1']
);
$postoptions = array(
"1" => $array_icon_list
);
}
if ( $moderator || $forummoderator )
{
if ( isset( $postoptionstitle, $postoptions ) )
{
array_push( $postoptionstitle, $lang->tsf_forums['mod_options'] );
array_push( $postoptions, "<label><input class=\"checkbox\" name=\"closethread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['closethread'] ) && $_POST['closethread'] == "yes" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_c']."</label><label><input class=\"checkbox\" name=\"stickthread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['stickthread'] ) && $_POST['stickthread'] == "yes" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_s']."</label></span>" );
}
else
{
$postoptionstitle = array(
"1" => $lang->tsf_forums['mod_options']
);
$postoptions = array(
"1" => "\r\n\t\t\t\t\t<label><input class=\"checkbox\" name=\"closethread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['closethread'] ) && $_POST['closethread'] == "yes" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_c']."</label>\r\n\t\t\t\t\t<label><input class=\"checkbox\" name=\"stickthread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['stickthread'] ) && $_POST['stickthread'] == "yes" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_s']."</label></span>"
);
}
}
if ( $canpostattachments )
{
if ( isset( $postoptionstitle, $postoptions ) )
{
array_push( $postoptionstitle, $lang->tsf_forums['attachment'] );
array_push( $postoptions, "<label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label>" );
array_push( $postoptionstitle, "<b>".$lang->tsf_forums['subs'].":</b>" );
array_push( $postoptions, "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs'] );
}
else
{
$postoptionstitle = array(
"1" => $lang->tsf_forums['attachment'],
"2" => "<b>".$lang->tsf_forums['subs'].":</b>"
);
$postoptions = array(
"1" => "<label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label>",
"2" => "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs']
);
}
}
else if ( isset( $postoptionstitle, $postoptions ) )
{
array_push( $postoptionstitle, $lang->tsf_forums['subs'].":" );
array_push( $postoptions, "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs'] );
}
else
{
$postoptionstitle = array(
"1" => $lang->tsf_forums['subs'].":"
);
$postoptions = array(
"1" => "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs']
);
}
if ( $usergroups['cancreatepoll'] == "yes" )
{
if ( isset( $postoptionstitle, $postoptions ) )
{
array_push( $postoptionstitle, $lang->tsf_forums['poll1'].":" );
array_push( $postoptions, "<label><input class=\"checkbox\" name=\"createpoll\" value=\"yes\" type=\"checkbox\"".( $createpoll == "yes" ? " checked=\"checked\"" : "" )."> ".$lang->tsf_forums['poll2']."</label>".$lang->tsf_forums['poll3']." <label><input size=\"2\" name=\"polloptions\" value=\"".$polloptions."\" type=\"text\"></label>" );
}
else
{
$postoptionstitle = array(
"1" => $lang->tsf_forums['poll1'].":"
);
$postoptions = array(
"1" => "<label><input class=\"checkbox\" name=\"createpoll\" value=\"yes\" type=\"checkbox\"".( $createpoll == "yes" ? " checked=\"checked\"" : "" )."> ".$lang->tsf_forums['poll2']."</label>".$lang->tsf_forums['poll3']." <label><input size=\"2\" name=\"polloptions\" value=\"".$polloptions."\" type=\"text\"></label>"
);
}
}
$str .= insert_editor( true, isset( $_POST['subject'] ) ? $_POST['subject'] : "", isset( $_POST['message'] ) ? $_POST['message'] : "", $lang->tsf_forums['new_thread_head'], $new_thread_in, $postoptionstitle, $postoptions );
echo $str;
stdfoot( );
?>
it would really be appreciated
thank you |
