Hi guys
can anyone help me and adapt this mod for this please?
ts_ajax.php
PHP Code:
<?php
function isvalidusername( $username ) { if ( !preg_match( "|[^a-z\\|A-Z\\|0-9]|", $username ) ) { return true; } return false; }
function show_response( $message ) { global $shoutboxcharset; header( "Expires: Sat, 1 Jan 2000 01:00:00 GMT" ); header( "Last-Modified: ".gmdate( "D, d M Y H:i:s" )."GMT" ); header( "Cache-Control: no-cache, must-revalidate" ); header( "Pragma: no-cache" ); header( "Content-type: text/plain; charset={$shoutboxcharset}" ); exit( $message ); }
function show_msg( $message = "", $error = true, $color = "red", $strong = true, $extra = "", $extra2 = "" ) { global $shoutboxcharset; header( "Expires: Sat, 1 Jan 2000 01:00:00 GMT" ); header( "Last-Modified: ".gmdate( "D, d M Y H:i:s" )."GMT" ); header( "Cache-Control: no-cache, must-revalidate" ); header( "Pragma: no-cache" ); header( "Content-type: text/html; charset={$shoutboxcharset}" ); if ( $error ) { exit( "<error>".$message."</error>" ); } exit( $extra.( !empty( $color ) ? "<font color=\"".$color."\">" : "" ).( $strong ? "<strong>" : "" ).$message.( $strong ? "</strong>" : "" ).( "" ).$extra2 ); }
function is_forum_mod( $forumid = 0, $userid = 0 ) { if ( !$forumid || !$userid ) { return false; } if ( !( $query = sql_query( "SELECT userid FROM ".TSF_PREFIX."moderators WHERE forumid={$forumid} AND userid={$userid}" ) ) ) { sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 63 ); } return 0 < mysql_num_rows( $query ) ? true : false; }
function allowcomments( $torrentid = 0 ) { global $is_mod; $query = sql_query( "SELECT allowcomments FROM torrents WHERE id = ".sqlesc( $torrentid ) ); if ( !mysql_num_rows( $query ) ) { return false; } $allowcomments = mysql_result( $query, 0, "allowcomments" ); if ( $allowcomments != "yes" && !$is_mod ) { return false; } return true; }
define( "SKIP_LOCATION_SAVE", true ); define( "DEBUGMODE", false ); define( "IN_AJAX", true ); define( "SKIP_MOD_QUERIES", true ); define( "THIS_SCRIPT", "ts_ajax.php" ); require( "./global.php" ); define( "TS_AJAX_VERSION", "1.2.4 by xam" ); if ( strtoupper( $_SERVER['REQUEST_METHOD'] ) != "POST" && $_GET['action'] != "quick_edit" && $_GET['action'] != "autocomplete" ) { exit( ); } if ( isset( $_POST['action'] ) && $_POST['action'] == "save_quick_edit" && 0 < $CURUSER['id'] ) { $lang->load( "comment" ); $commentid = intval( $_POST['cid'] ); if ( !is_valid_id( $commentid ) ) { show_msg( $lang->global['notorrentid'] ); } if ( $usergroups['cancomment'] == "no" ) { show_msg( $lang->global['nopermission'] ); } if ( !( $query = sql_query( "SELECT cancomment FROM ts_u_perm WHERE userid = ".sqlesc( $CURUSER['id'] ) ) ) ) { sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 99 ); } if ( 0 < mysql_num_rows( $query ) ) { $commentperm = mysql_fetch_assoc( $query ); if ( $commentperm['cancomment'] == "0" ) { show_msg( $lang->global['nopermission'] ); } } if ( !( $res = sql_query( "SELECT c.text, c.user, t.id as torrentid FROM comments AS c JOIN torrents AS t ON c.torrent = t.id WHERE c.id= ".sqlesc( $commentid ) ) ) ) { sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 109 ); } $arr = mysql_fetch_assoc( $res ); if ( !$arr ) { show_msg( $lang->global['notorrentid'] ); } if ( $arr['user'] != $CURUSER['id'] && !$is_mod ) { show_msg( $lang->global['nopermission'] ); } if ( allowcomments( $arr['torrentid'] ) == false ) { show_msg( $lang->comment['closed'] ); } if ( $_POST['text'] != $arr['text'] ) { $msgtext = fixAjaxText( $_POST['text'] ); if ( $msgtext == "" ) { show_msg( $lang->global['dontleavefieldsblank'] ); } if ( strtolower( $shoutboxcharset ) != "utf-8" ) { if ( function_exists( "iconv" ) ) { $msgtext = iconv( "UTF-8", $shoutboxcharset, $msgtext ); } else if ( function_exists( "mb_convert_encoding" ) ) { $msgtext = mb_convert_encoding( $msgtext, $shoutboxcharset, "UTF-8" ); } else if ( strtolower( $shoutboxcharset ) == "iso-8859-1" ) { $msgtext = utf8_decode( $msgtext ); } } $editedat = get_date_time( ); if ( !sql_query( "UPDATE comments SET text = ".sqlesc( $msgtext ).", editedat=".sqlesc( $editedat ).", editedby=".sqlesc( $CURUSER['id'] )." WHERE id= ".sqlesc( $commentid ) ) ) { sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 149 ); } $edit_date = my_datee( $dateformat, $editedat ); $edit_time = my_datee( $timeformat, $editedat ); $p_text = "<p><font size='1' class='small'>".$lang->global['lastedited']." <a href='".$BASEURL."/userdetails.php?id=".$CURUSER['id']."'><b>".$CURUSER['username']."</b></a> {$edit_date} {$edit_time}</font></p>\n"; } show_msg( format_comment( $_POST['text'] ).( isset( $p_text ) ? $p_text : "" ), false, NULL, false ); } else if ( isset( $_GET['action'] ) && $_GET['action'] == "quick_edit" && 0 < $CURUSER['id'] ) { $lang->load( "comment" ); $commentid = intval( $_GET['cid'] ); if ( !is_valid_id( $commentid ) ) { show_msg( $lang->global['notorrentid'] ); } if ( $usergroups['cancomment'] == "no" ) { show_msg( $lang->global['nopermission'] ); } if ( !( $query = sql_query( "SELECT cancomment FROM ts_u_perm WHERE userid = ".sqlesc( $CURUSER['id'] ) ) ) ) { sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 168 ); } if ( 0 < mysql_num_rows( $query ) ) { $commentperm = mysql_fetch_assoc( $query ); if ( $commentperm['cancomment'] == "0" ) { show_msg( $lang->global['nopermission'] ); } } if ( !( $res = sql_query( "SELECT c.text, c.user, t.id as torrentid FROM comments AS c JOIN torrents AS t ON c.torrent = t.id WHERE c.id= ".sqlesc( $commentid ) ) ) ) { sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 178 ); } $arr = mysql_fetch_assoc( $res ); if ( !$arr ) { show_msg( $lang->global['notorrentid'] ); } if ( $arr['user'] != $CURUSER['id'] && !$is_mod ) { show_msg( $lang->global['nopermission'] ); } if ( allowcomments( $arr['torrentid'] ) == false ) { show_msg( $lang->comment['closed'] ); } show_msg( htmlspecialchars_uni( $arr['text'] ), false, NULL, false ); } else if ( isset( $_POST['ajax_quick_reply'], $_POST['tid'] ) && isset( $_POST['message'] ) && isset( $CURUSER ) ) { if ( $usergroups['isforummod'] == "yes" || $usergroups['cansettingspanel'] == "yes" || $usergroups['issupermod'] == "yes" ) { $moderator = true; } else { $moderator = false; } $lang->load( "tsf_forums" ); $tid = isset( $_POST['tid'] ) ? intval( $_POST['tid'] ) : 0; if ( !is_valid_id( $tid ) ) { show_msg( $lang->tsf_forums['invalid_tid'] ); } if ( !( $query = sql_query( "SELECT\n\t\t\tt.subject as threadsubject, t.closed, t.sticky, f.type, f.name as currentforum, f.fid as currentforumid, f.moderate, ff.name as deepforum, ff.fid as deepforumid, ff.moderate as moderaterf\n\t\t\tFROM ".TSF_PREFIX."threads t\n\t\t\tLEFT JOIN ".TSF_PREFIX."forums f ON (f.fid=t.fid)\n\t\t\tLEFT JOIN ".TSF_PREFIX."forums ff ON (ff.fid=f.pid)\n\t\t\tWHERE t.tid = ".sqlesc( $tid )." LIMIT 0, 1" ) ) ) { show_msg( "dberror1" ); } if ( mysql_num_rows( $query ) == 0 ) { show_msg( $lang->tsf_forums['invalid_tid'] ); } $thread = mysql_fetch_assoc( $query ); $forummoderator = is_forum_mod( $thread['type'] == "s" ? $thread['deepforumid'] : $thread['currentforumid'], $CURUSER['id'] ); if ( ( $thread['moderate'] == 1 || $thread['moderaterf'] == 1 ) && ( $forummoderator || $moderator ) ) { $thread['moderate'] = 0; $thread['moderaterf'] = 0; } $visible = $thread['moderate'] == 1 || $thread['moderaterf'] == 1 ? 0 : 1; if ( !( $query = sql_query( "SELECT * FROM ".TSF_PREFIX."forumpermissions WHERE gid = ".sqlesc( $CURUSER['usergroup'] ) ) ) ) { show_msg( "dberror2" ); } while ( $perm = mysql_fetch_assoc( $query ) ) { $permissions[$perm['fid']] = $perm; } if ( $permissions[$thread['currentforumid']]['canview'] != "yes" || $permissions[$thread['currentforumid']]['canpostreplys'] != "yes" ) { show_msg( $lang->global['nopermission'] ); } else if ( $thread['closed'] == "yes" && !$moderator && !$forummoderator ) { show_msg( $lang->tsf_forums['thread_closed'] ); } $useparent = false; if ( $thread['type'] == "s" ) { $useparent = true; } $subject = $lang->tsf_forums['re'].$thread['threadsubject']; $threadsubject = ts_remove_badwords( $subject ); $replyto = 0; $fid = 0 + $thread['currentforumid']; $error = ""; $uid = sqlesc( $CURUSER['id'] ); $username = sqlesc( $CURUSER['username'] ); $dateline = sqlesc( TIMENOW ); $message = fixAjaxText( $_POST['message'] ); $message = strval( $message ); if ( strtolower( $shoutboxcharset ) != "utf-8" ) { if ( function_exists( "iconv" ) ) { $message = iconv( "UTF-8", $shoutboxcharset, $message ); } else if ( function_exists( "mb_convert_encoding" ) ) { $message = mb_convert_encoding( $message, $shoutboxcharset, "UTF-8" ); } else if ( strtolower( $shoutboxcharset ) == "iso-8859-1" ) { $message = utf8_decode( $message ); } } $ipaddress = sqlesc( $CURUSER['ip'] ); $closed = $_POST['closethread'] == "1" && ( $moderator || $forummoderator ) ? "yes" : "no"; $sticky = $_POST['stickthread'] == "1" && ( $moderator || $forummoderator ) ? 1 : 0; $subscribe = isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? 1 : 0; if ( !( $query = sql_query( "SELECT userid FROM ".TSF_PREFIX."subscribe WHERE tid = ".sqlesc( $tid )." AND userid = ".$uid ) ) ) { show_msg( "dberror3" ); } if ( $subscribe && mysql_num_rows( $query ) == 0 ) { if ( !sql_query( "INSERT INTO ".TSF_PREFIX."subscribe (tid,userid) VALUES (".sqlesc( $tid ).",".$uid.")" ) ) { show_msg( "dberror4" ); } } $extraquery = ""; if ( $moderator || $forummoderator ) { $extraquery = ", closed = ".sqlesc( $closed ).", sticky = ".sqlesc( $sticky ); } if ( strlen( $_POST['message'] ) < $f_minmsglength ) { show_msg( $lang->tsf_forums['too_short'] ); } if ( !( $query = sql_query( "SELECT dateline FROM ".TSF_PREFIX."posts WHERE uid = ".sqlesc( $CURUSER['id'] )." ORDER by dateline DESC LIMIT 1" ) ) ) { sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 313 ); } if ( mysql_num_rows( $query ) ) { $last_post = mysql_result( $query, 0, "dateline" ); $floodcheck = flood_check( $lang->tsf_forums['a_post'], $last_post, true ); if ( $floodcheck != "" ) { show_msg( str_replace( array( "<font color=\"#9f040b\" size=\"2\">", "</font>", "<b>", "</b>" ), "", $floodcheck ) ); } } if ( !sql_query( "INSERT INTO ".TSF_PREFIX."posts (tid,replyto,fid,subject,uid,username,dateline,message,ipaddress,visible) VALUES ({$tid},{$replyto},{$fid}, ".sqlesc( $subject ).", {$uid}, {$username}, {$dateline}, ".sqlesc( $message ).", {$ipaddress},{$visible})" ) ) { show_msg( "dberror5" ); } $pid = mysql_insert_id( ); if ( !sql_query( "UPDATE ".TSF_PREFIX."threads SET replies = replies + 1, lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}{$extraquery} WHERE tid = ".sqlesc( $tid ) ) ) { show_msg( "dberror6" ); } if ( !sql_query( "UPDATE ".TSF_PREFIX."forums SET posts = posts + 1, lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}, lastposttid = {$tid}, lastpostsubject = ".sqlesc( $subject )." WHERE fid = '{$fid}'" ) ) { show_msg( "dberror7" ); } if ( $useparent ) { if ( !sql_query( "UPDATE ".TSF_PREFIX."forums SET lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}, lastposttid = {$tid}, lastpostsubject = ".sqlesc( $subject )." WHERE fid = '{$thread['deepforumid']}'" ) ) { show_msg( "dberror7" ); } } if ( !sql_query( "UPDATE users SET totalposts = totalposts + 1 WHERE id = {$uid}" ) ) { show_msg( "dberror8" ); } sql_query( "REPLACE INTO ".TSF_PREFIX."threadsread SET tid='{$tid}', uid='".$CURUSER['id']."', dateline='".TIMENOW."'" ); $TSSEConfig->TSLoadConfig( "KPS" ); KPS( "+", $kpscomment, $CURUSER['id'] ); $lastseen = my_datee( $dateformat, $CURUSER['last_access'] )." ".my_datee( $timeformat, $CURUSER['last_access'] ); $downloaded = mksize( $CURUSER['downloaded'] ); $uploaded = mksize( $CURUSER['uploaded'] ); include_once( INC_PATH."/functions_ratio.php" ); $ratio = get_user_ratio( $CURUSER['uploaded'], $CURUSER['downloaded'] ); $ratio = str_replace( "'", "\\'", $ratio ); require( INC_PATH."/function_user_rank.php" ); if ( ( TS_Match( $CURUSER['options'], "I3" ) || TS_Match( $CURUSER['options'], "I4" ) ) && !$moderator && !$forummoderator ) { $tooltip = $lang->tsf_forums['deny']; } else { $tooltip = sprintf( $lang->tsf_forums['tooltip'], $lastseen, $downloaded, $uploaded, $ratio ); } $poster = "<a href=\"#\" id=\"quickmenu".$pid."\"><i onmouseover=\"ddrivetip('{$tooltip}', 200)\"; onmouseout=\"hideddrivetip()\">".get_user_color( htmlspecialchars_uni( $CURUSER['username'] ), $usergroups['namestyle'] )."</i></a>"; include_once( INC_PATH."/functions_icons.php" ); $usericons = get_user_icons( array_merge( $CURUSER, $usergroups ) ); $usertitle = ""; if ( !empty( $CURUSER['title'] ) ) { $usertitle = "<font class=\"smalltext\"><strong>".htmlspecialchars_uni( $CURUSER['title'] )."</strong></font><br />"; } $poster_title = $lang->tsf_forums['usergroup'].$usergroups['title']; $avatar = ""; if ( TS_Match( $CURUSER['options'], "D1" ) ) { $avatar = get_user_avatar( $CURUSER['avatar'] ); } $join_date = $lang->tsf_forums['jdate'].my_datee( $regdateformat, $CURUSER['added'] ); $totalposts = $lang->tsf_forums['totalposts'].ts_nf( $CURUSER['totalposts'] + 1 ); $UserOn = sprintf( $lang->tsf_forums['user_online'], $CURUSER['username'] ); $status = "<img src=\"".$pic_base_url."friends/online.png\" border=\"0\" alt=\"".$UserOn."\" title=\"".$UserOn."\" class=\"inlineimg\" />"; $CURUSER['countryname'] = ""; $CURUSER['flagpic'] = ""; if ( !( $query = @sql_query( "SELECT flagpic,name as countryname FROM countries WHERE id = ".@sqlesc( $CURUSER['country'] ) ) ) ) { show_msg( "dberror9" ); } if ( 0 < mysql_num_rows( $query ) ) { $CURUSER['countryname'] = mysql_result( $query, 0, "countryname" ); $CURUSER['flagpic'] = mysql_result( $query, 0, "flagpic" ); } $country = "{$lang->tsf_forums['country']}<img src='{$pic_base_url}flag/{$CURUSER['flagpic']}' alt='{$CURUSER['countryname']}' title='{$CURUSER['countryname']}' style='margin-center: 2pt' height='10px' class='inlineimg'>"; $signature = ""; if ( !empty( $CURUSER['signature'] ) && TS_Match( $CURUSER['options'], "H1" ) ) { $signature = "<hr align=\"left\" size=\"1\" width=\"65%\">".format_comment( $CURUSER['signature'], true, true, true, true, "signatures" ); } $ABuffer = array( ); if ( !( $AwardQuery = sql_query( "SELECT a.id, a.userid, a.reason, a.date, aw.award_name, aw.award_image FROM ts_awards_users a LEFT JOIN ts_awards aw ON (a.award_id=aw.award_id)" ) ) ) { sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 404 ); } while ( mysql_num_rows( $AwardQuery ) && ( $Award = mysql_fetch_assoc( $AwardQuery ) ) ) { $ATooltip = "<strong>".htmlspecialchars_uni( $Award['award_name'] )."</strong><br /><small>".addslashes( htmlspecialchars_uni( $Award['reason'] ) )."</small>"; $ABuffer[$Award['userid']][$Award['id']] = "\n\t\t\t<i onmouseover=\"ddrivetip('".$ATooltip."', 200)\"; onmouseout=\"hideddrivetip()\"><img src=\"".$pic_base_url."awardmedals/".htmlspecialchars_uni( $Award['award_image'] )."\" border=\"0\" alt=\"\" title=\"\" class=\"inlineimg\" width=\"10\" height=\"19\" style=\"padding-top: 3px; cursor: pointer;\" /></i> "; } if ( isset( $ABuffer[$CURUSER['id']] ) ) { $UserAwards = $lang->tsf_forums['awards'].": "; foreach ( $ABuffer[$CURUSER['id']] as $Awid => $Awimage ) { $UserAwards .= $Awimage; } } $imagepath = "{$pic_base_url}friends/"; if ( TS_Match( $CURUSER['options'], "L1" ) ) { $UserGender = "<img src=\"".$imagepath."Male.png\" alt=\"".$lang->global['male']."\" title=\"".$lang->global['male']."\" border=\"0\" class=\"inlineimg\" />"; } else if ( TS_Match( $CURUSER['options'], "L2" ) ) { $UserGender = "<img src=\"".$imagepath."Female.png\" alt=\"".$lang->global['female']."\" title=\"".$lang->global['female']."\" border=\"0\" class=\"inlineimg\" />"; } else { $UserGender = "<img src=\"".$imagepath."NA.png\" alt=\"--\" title=\"--\" border=\"0\" class=\"inlineimg\" />"; } include_once( INC_PATH."/function_warnlevel.php" ); $_warnlevel = get_warn_level( $CURUSER['timeswarned'] ); $deletebutton = "<input value=\"".$lang->tsf_forums['delete_post']."\" onclick=\"jumpto('deletepost.php?tid=".$tid."\\&pid=".$pid."&page=".( isset( $_POST['page'] ) ? intval( $_POST['page'] ) : 0 )."');\" type=\"button\">"; $post_date = my_datee( $dateformat, TIMENOW )." ".my_datee( $timeformat, TIMENOW ); define( "IS_THIS_USER_POSTED", true ); $deletebutton = ""; $editbutton = ""; $quotebutton = ""; $quickreplybutton = ""; $showpagenumber = isset( $_POST['page'] ) && is_valid_id( $_POST['page'] ) ? "&page=".intval( $_POST['page'] ) : ""; if ( $moderator || $forummoderator || $permissions[$fid]['candeleteposts'] == "yes" && $closed != "yes" ) { $deletebutton = "<input value=\"".$lang->tsf_forums['delete_post']."\" onclick=\"jumpto('deletepost.php?tid=".$tid."&pid=".$pid."&page=".( isset( $_POST['page'] ) ? intval( $_POST['page'] ) : 0 )."');\" type=\"button\" />"; } if ( $moderator || $forummoderator || $permissions[$fid]['canpostreplys'] == "yes" && $closed != "yes" ) { if ( $visible == 0 && !$moderator && !$forummoderator ) { $quotebutton = ""; $quickreplybutton = ""; } else { $QuoteTag = htmlspecialchars( mysql_real_escape_string( "<<<@!1!@>>>" ) ); $quotebutton = "<input value=\"".$lang->tsf_forums['quote_post']."\" onclick=\"jumpto('newreply.php?tid=".$tid."&pid=".$pid."');\" type=\"button\" />"; $quickreplybutton = "<input type=\"button\" id=\"quote_".$pid."\" value=\"".$lang->tsf_forums['quick_reply']."\" onclick=\"parseQuote('".$QuoteTag."', 'message', ".$tid.", ".$pid.");\" />"; } } if ( $moderator || $forummoderator || $permissions[$fid]['caneditposts'] == "yes" && $closed != "yes" ) { $onclick = "onclick=\"jumpto('editpost.php?tid=".$tid."&pid=".$pid.$showpagenumber."');\""; if ( $useajax == "yes" ) { $onclick = "onclick=\"TSQuickEditPost('post_message_".$pid."','".$tid."','editpost.php?tid=".$tid."&pid=".$pid.$showpagenumber."');bookmarkscroll.scrollTo('post_message_".$pid."');\""; } $editbutton = "<input value=\"".$lang->tsf_forums['edit_post']."\" ".$onclick." type=\"button\" />"; } $str2 = "\n\t\t<!-- start: post#".$pid." -->\n\t\t<br />\n\t\t<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"5\" style=\"clear: both;\">\n\t\t\t<tr>\n\t\t\t\t<td colspan=\"2\" class=\"subheader\" name=\"pid".$pid."\">\n\t\t\t\t\t<div style=\"float: right;\">\n\t\t\t\t\t\t<strong>".$lang->tsf_forums['post']."<a href=\"#pid".$pid."\">#".intval( $_POST['postcount'] )."</a></strong>\n\t\t\t\t\t</div>\n\t\t\t\t\t<div style=\"float: left;\">\n\t\t\t\t\t\t<a name=\"pid".$pid."\" id=\"pid".$pid."\"></a><img src=\"./images/post_old.gif\" border=\"0\" class=\"inlineimg\" /> ".$post_date."\n\t\t\t\t\t</div>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"trow1\" style=\"text-align: center;\" valign=\"top\" width=\"20%\">\n\t\t\t\t\t".$poster."<br />\n\t\t\t\t\t".$usertitle."\n\t\t\t\t\t".$avatar."<br />\n\t\t\t\t\t".user_rank( $CURUSER )."<br />\n\t\t\t\t\t".$join_date."<br />\n\t\t\t\t\t".$totalposts."<br />\n\t\t\t\t\t".$country."<br />\n\t\t\t\t\t".( isset( $UserAwards ) ? $UserAwards."<br />" : "" )."\n\t\t\t\t\t".$UserGender." ".$status." ".$usericons."\n\t\t\t\t\t".$_warnlevel."\n\t\t\t\t</td>\n\t\t\t\t<script type=\"text/javascript\">\n\t\t\t\t\tmenu_register(\"quickmenu".$pid."\", false);\n\t\t\t\t</script>\n\t\t\t\t<td class=\"trow1\" style=\"text-align: left;\" valign=\"top\" width=\"80%\">\n\t\t\t\t\t".( $visible == 1 ? "<img src=\"./images/icons/icon1.gif\" border=\"0\" class=\"inlineimg\" />" : "<img src=\"images/moderation.png\" alt=\"".$lang->tsf_forums['moderatemsg7']."\" title=\"".$lang->tsf_forums['moderatemsg7']."\" border=\"0\" class=\"inlineimg\" />" )."\n\t\t\t\t\t<span class=\"smalltext\"><strong>".htmlspecialchars_uni( $threadsubject )."</strong></span><hr />\n\t\t\t\t\t".( $thread['moderate'] == 0 && $thread['moderaterf'] == 0 ? "" : show_notice( $lang->tsf_forums['moderatemsg1'] )."<hr />" )."\n\t\t\t\t\t<div id=\"post_message_".$pid."\" name=\"post_message_".$pid."\" style=\"display: inline;\">".format_comment( $message )."</div>\n\t\t\t\t\t".$signature."\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\" width=\"15%\" valign=\"middle\" style=\"white-space: nowrap; text-align: center;\">\n\t\t\t\t\t<input value=\"".$lang->tsf_forums['top']."\" onclick=\"bookmarkscroll.scrollTo('top');\" type=\"button\" /> <input value=\"".$lang->tsf_forums['report_post']."\" onclick=\"TSOpenPopup('".$BASEURL."/report.php?type=4&reporting=".$pid."&extra=".$tid."&page=".( isset( $_POST['page'] ) ? intval( $_POST['page'] ) : 0 )."', 'report', 500, 300); return false;\" type=\"button\" />\n\t\t\t\t</td>\n\t\t\t\t<td class=\"subheader\" style=\"text-align: center;\" valign=\"top\">\n\t\t\t\t\t<div style=\"float: right;\">\n\t\t\t\t\t\t".$deletebutton."\n\t\t\t\t\t\t".$editbutton."\n\t\t\t\t\t\t".$quotebutton."\n\t\t\t\t\t\t".$quickreplybutton."\n\t\t\t\t\t</div>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t\t<!-- end: post#".$pid." -->\n\n\t<div id=\"quickmenu".$pid."_menu\" class=\"menu_popup\" style=\"display:none;\">\n\t\t<table border=\"1\" cellspacing=\"0\" cellpadding=\"5\">\n\t\t\t<tr>\n\t\t\t\t<td align=\"center\" class=\"thead\"><b>".$lang->global['quickmenu']." ".$CURUSER['username']."</b></td>\n\t\t\t</tr>\n\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\"><a href=\"".tsf_seo_clean_text( strip_tags( $poster ), "u", $CURUSER['id'], "", "ts" )."\">".$lang->global['qinfo1']."</a></td>\n\t\t\t</tr>\n\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\"><a href=\"".$BASEURL."/sendmessage.php?receiver=".$CURUSER['id']."\">".sprintf( $lang->global['qinfo2'], $CURUSER['username'] )."</td>\n\t\t\t</tr>\n\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\"><a href=\"".$BASEURL."/tsf_forums/tsf_search.php?action=finduserposts&id=".$CURUSER['id']."\">".sprintf( $lang->global['qinfo3'], $CURUSER['username'] )."</a></td>\n\t\t\t</tr>\n\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\"><a href=\"".$BASEURL."/tsf_forums/tsf_search.php?action=finduserthreads&id=".$CURUSER['id']."\">".sprintf( $lang->global['qinfo4'], $CURUSER['username'] )."</a></td>\n\t\t\t</tr>\n\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\"><a href=\"".$BASEURL."/friends.php?action=add_friend&friendid=".$CURUSER['id']."\">".sprintf( $lang->global['qinfo5'], $CURUSER['username'] )."</td>\n\t\t\t</tr>\n\n\t\t\t".( $moderator ? "\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\"><a href=\"".$BASEURL."/".$staffcp_path."/index.php?run_tool=edit_user&username=".$CURUSER['username']."\">".$lang->global['qinfo6']."</a></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"subheader\"><a href=\"".$BASEURL."/".$staffcp_path."/index.php?run_tool=warn_user&username=".$CURUSER['username']."\">".$lang->global['qinfo7']."</a></td>\n\t\t\t</tr>\n\t\t\t<tr>" : "" )."\n\t\t</table>\n\t</div>"; function send_sub_mails( ) { global $CURUSER; global $SITENAME; global $SITEEMAIL; global $BASEURL; global $tid; global $subject; global $lang; global $rootpath; require_once( INC_PATH."/functions_pm.php" ); if ( !( $query = sql_query( "SELECT s.*, u.email, u.username FROM ".TSF_PREFIX."subscribe s LEFT JOIN users u ON (s.userid=u.id) WHERE s.tid = ".sqlesc( $tid )." AND s.userid != ".sqlesc( $CURUSER['id'] ) ) ) ) { sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 581 ); } while ( 0 < mysql_num_rows( $query ) && ( $sub = mysql_fetch_assoc( $query ) ) ) { send_pm( $sub['userid'], sprintf( $lang->tsf_forums['msubs'], $sub['username'], $subject, $CURUSER['username'], $BASEURL, $tid, $SITENAME ), $subject ); sent_mail( $sub['email'], $subject, sprintf( $lang->tsf_forums['msubs'], $sub['username'], $subject, $CURUSER['username'], $BASEURL, $tid, $SITENAME ), "subs", false ); } } if ( $thread['moderate'] == 0 && $thread['moderaterf'] == 0 ) { send_sub_mails( ); } show_msg( $str2, false, "", false ); } else if ( isset( $_POST['ajax_quick_comment'], $_POST['id'] ) && isset( $_POST['text'] ) && isset( $CURUSER ) ) { if ( $usergroups['cancomment'] == "no" ) { show_msg( $lang->global['nopermission'] ); } if ( !( $query = sql_query( "SELECT cancomment FROM ts_u_perm WHERE userid = ".sqlesc( $CURUSER['id'] ) ) ) ) { sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 603 ); } if ( 0 < mysql_num_rows( $query ) ) { $commentperm = mysql_fetch_assoc( $query ); if ( $commentperm['cancomment'] == "0" ) { show_msg( $lang->global['nopermission'] ); } } $torrentid = intval( $_POST['id'] ); $lang->load( "comment" ); if ( allowcomments( $torrentid ) == false ) { show_msg( $lang->comment['closed'] ); } $text = fixAjaxText( $_POST['text'] ); $text = strval( $text ); if ( strtolower( $shoutboxcharset ) != "utf-8" ) { if ( function_exists( "iconv" ) ) { $text = iconv( "UTF-8", $shoutboxcharset, $text ); } else if ( function_exists( "mb_convert_encoding" ) ) { $text = mb_convert_encoding( $text, $shoutboxcharset, "UTF-8" ); } else if ( strtolower( $shoutboxcharset ) == "iso-8859-1" ) { $text = utf8_decode( $text ); } } if ( !( $query = sql_query( "SELECT added FROM comments WHERE user = ".sqlesc( $CURUSER['id'] )." ORDER by added DESC LIMIT 1" ) ) ) { sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 639 ); } if ( 0 < mysql_num_rows( $query ) ) { $last_comment = mysql_result( $query, 0, "added" ); } else { $last_comment = ""; } $floodmsg = flood_check( $lang->comment['floodcomment'], $last_comment, true ); $res = sql_query( "SELECT name, owner FROM torrents WHERE id = ".sqlesc( $torrentid ) ); $arr = mysql_fetch_assoc( $res ); if ( !empty( $floodmsg ) ) { show_msg( str_replace( array( "<font color=\"#9f040b\" size=\"2\">", "</font>", "<b>", "</b>" ), "", $floodmsg ) ); } else if ( !$arr ) { show_msg( $lang->global['notorrentid'] ); } else if ( empty( $text ) || empty( $torrentid ) || !is_valid_id( $torrentid ) ) { show_msg( $lang->global['dontleavefieldsblank'] ); } $commentposted = false; if ( !$is_mod && 0 < $CURUSER['id'] ) { $query = sql_query( "SELECT id, user, text FROM comments WHERE torrent = ".sqlesc( $torrentid )." ORDER by added DESC LIMIT 1" ); if ( 0 < mysql_num_rows( $query ) ) { $lastcommentuserid = mysql_result( $query, 0, "user" ); if ( $lastcommentuserid == $CURUSER['id'] ) { $oldtext = mysql_result( $query, 0, "text" ); $newid = $cid = mysql_result( $query, 0, "id" ); if ( strtoupper( substr( PHP_OS, 0, 3 ) == "WIN" ) ) { $eol = "\r\n"; } else if ( strtoupper( substr( PHP_OS, 0, 3 ) == "MAC" ) ) { $eol = "\r"; } else { $eol = "\n"; } $newtext = $text = $oldtext.$eol.$eol.$text; if ( $usergroups['cancomment'] == "moderate" ) { $message = sprintf( $lang->comment['modmsg'], $CURUSER['username'], "[URL]".$BASEURL."/details.php?id=".$torrentid."&tab=comments&showlast=true&viewcomm=".$newid."#cid".$newid."[/URL]" ); sql_query( "INSERT INTO staffmessages (sender, added, msg, subject) VALUES(0, NOW(), ".sqlesc( $message ).", ".sqlesc( $lang->comment['modmsgsubject'] ).")" ); sql_query( "UPDATE comments SET text = {$newtext}, visible = 0 WHERE id = '{$newid}'" ); } else { sql_query( "UPDATE comments SET text = ".sqlesc( $newtext )." WHERE id = '{$newid}'" ); } if ( mysql_affected_rows( ) ) { $commentposted = true; } } } } if ( !$commentposted ) { sql_query( "INSERT INTO comments (user, torrent, added, text, visible) VALUES (".sqlesc( $CURUSER['id'] ).", ".sqlesc( $torrentid ).", ".sqlesc( get_date_time( ) ).", ".sqlesc( $text ).", ".( $usergroups['cancomment'] == "moderate" ? 0 : 1 ).")" ); $cid = mysql_insert_id( ); sql_query( "UPDATE torrents SET comments = comments + 1 WHERE id = ".sqlesc( $torrentid ) ); $ras = sql_query( "SELECT options FROM users WHERE id = ".sqlesc( $arr['owner'] ) ); $arg = mysql_fetch_assoc( $ras ); if ( TS_Match( $arg['options'], "C1" ) && $CURUSER['id'] != $arr['owner'] ) { require_once( INC_PATH."/functions_pm.php" ); send_pm( $arr['owner'], sprintf( $lang->comment['newcommenttxt'], "[url=".$BASEURL."/details.php?id=".$torrentid."#startcomments]".$arr['name']."[/url]" ), $lang->comment['newcommentsub'] ); } if ( $usergroups['cancomment'] == "moderate" ) { $message = sprintf( $lang->comment['modmsg'], $CURUSER['username'], "[URL]".$BASEURL."/details.php?id=".$torrentid."&tab=comments&showlast=true&viewcomm=".$cid."#cid".$cid."[/URL]" ); sql_query( "INSERT INTO staffmessages (sender, added, msg, subject) VALUES(0, NOW(), ".sqlesc( $message ).", ".sqlesc( $lang->comment['modmsgsubject'] ).")" ); } else { KPS( "+", "{$kpscomment}", $CURUSER['id'] ); } } require_once( INC_PATH."/commenttable.php" ); require_once( INC_PATH."/functions_quick_editor.php" ); if ( !( $subres = sql_query( "SELECT c.id, c.torrent as torrentid, c.text, c.user, c.added, c.editedby, c.editedat, c.modnotice, c.modeditid, c.modeditusername, c.modedittime, c.totalvotes, c.visible, uu.username as editedbyuname, gg.namestyle as editbynamestyle, u.added as registered, u.enabled, u.warned, u.leechwarn, u.username, u.title, u.usergroup, u.last_access, u.options, u.donor, u.uploaded, u.downloaded, u.avatar as useravatar, u.signature, g.title as grouptitle, g.namestyle FROM comments c LEFT JOIN users uu ON (c.editedby=uu.id) LEFT JOIN usergroups gg ON (uu.usergroup=gg.gid) LEFT JOIN users u ON (c.user=u.id) LEFT JOIN usergroups g ON (u.usergroup=g.gid) WHERE c.id = ".sqlesc( $cid )." ORDER BY c.id" ) ) ) { sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 738 ); } $allrows = array( ); while ( $subrow = mysql_fetch_assoc( $subres ) ) { $allrows[] = $subrow; } $lcid = 0; if ( isset( $_POST['lcid'] ) ) { $lcid = intval( $_POST['lcid'] ); } define( "LCID", $lcid ); $showcommenttable = commenttable( $allrows, "", "", false, true, true ); show_msg( $showcommenttable, false, "", false ); } else if ( !empty( $_POST['username'] ) ) { $lang->load( "signup" ); @$username = @trim( $_POST['username'] ); if ( empty( $username ) || !isvalidusername( $username ) ) { show_msg( $lang->signup['une3'], false ); } if ( strlen( $username ) < 3 ) { show_msg( $lang->signup['une1'], false ); } if ( 12 < strlen( $username ) ) { show_msg( $lang->signup['une2'], false ); } $query = sql_query( "SELECT username FROM users WHERE username = ".sqlesc( $username ) ); if ( 0 < mysql_num_rows( $query ) ) { show_msg( $lang->signup['une4'], false ); } else { $TSSEConfig->TSLoadConfig( "SIGNUP" ); $usernames = preg_split( "/\\s+/", $illegalusernames, 0 - 1, PREG_SPLIT_NO_EMPTY ); foreach ( $usernames as $val ) { if ( strpos( strtolower( $username ), strtolower( $val ) ) !== false ) { show_msg( $lang->signup['une4'], false ); } } show_msg( $lang->signup['uavailable'], false, "green" ); } } else if ( !empty( $_POST['email'] ) ) { $lang->load( "signup" ); @$email = @trim( $_POST['email'] ); require_once( INC_PATH."/functions_EmailBanned.php" ); if ( empty( $email ) || !check_email( $email ) ) { show_msg( $lang->signup['invalidemail'], false ); } else if ( EmailBanned( $email ) ) { show_msg( $lang->signup['invalidemail2'], false ); } $query = sql_query( "SELECT email FROM users WHERE email = ".sqlesc( $email ) ); if ( mysql_num_rows( $query ) == 0 ) { show_msg( $lang->signup['eavailable'], false, "green" ); } else { show_msg( $lang->signup['invalidemail3'], false ); } } else if ( isset( $_POST['vid'] ) && !empty( $_POST['cid'] ) ) { $Cid = intval( $_POST['cid'] ); $Uid = intval( $CURUSER['id'] ); $Vid = $_POST['vid'] == "1" ? "1" : "-1"; if ( is_valid_id( $Cid ) && is_valid_id( $Uid ) ) { if ( !sql_query( "REPLACE INTO comments_votes VALUES ('".$Cid."', '".$Uid."', '".$Vid."')" ) ) { sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 823 ); } if ( !( $Query = sql_query( "SELECT vid FROM comments_votes WHERE cid = '".$Cid."'" ) ) ) { sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 824 ); } $Negative = 0; $Positive = 0; if ( 0 < mysql_num_rows( $Query ) ) { while ( $Votes = mysql_fetch_assoc( $Query ) ) { if ( $Votes['vid'] == "-1" ) { $Negative += 1; } else { $Positive += 1; } } } else if ( $Vid == "-1" ) { $Negative += 1; } else { $Positive += 1; } if ( !sql_query( "UPDATE comments SET totalvotes = '".$Positive."|".$Negative."' WHERE id = '".$Cid."'" ) ) { sqlerr( "C:\\idezender\\Encoded\\ts_ajax.php", 854 ); } echo $Positive - $Negative; exit( ); } } ?>
newreply.php
PHP Code:
<?php
define( "THIS_SCRIPT", "newreply.php" ); require( "./global.php" ); $tid = intval( TS_Global( "tid" ) ); $pid = intval( TS_Global( "pid" ) ); $canpostattachments = false; ini_set( "memory_limit", "250M" ); if ( !is_valid_id( $tid ) || !empty( $pid ) && !is_valid_id( $pid ) ) { stderr( $lang->global['error'], $lang->tsf_forums['invalid_tid'] ); exit( ); } if ( !( $query = sql_query( "SELECT\r\n\t\t\tt.subject as threadsubject, t.closed, t.sticky, f.type, f.name as currentforum, f.fid as currentforumid, f.moderate, ff.name as deepforum, ff.fid as deepforumid, ff.moderate as moderaterf\r\n\t\t\tFROM ".TSF_PREFIX."threads t\r\n\t\t\tLEFT JOIN ".TSF_PREFIX."forums f ON (f.fid=t.fid)\r\n\t\t\tLEFT JOIN ".TSF_PREFIX."forums ff ON (ff.fid=f.pid)\r\n\t\t\tWHERE t.tid = ".sqlesc( $tid )." LIMIT 0, 1" ) ) ) { sqlerr( "C:\\idezender\\Encoded\\newreply.php", 46 ); } if ( mysql_num_rows( $query ) == 0 ) { stderr( $lang->global['error'], $lang->tsf_forums['invalid_tid'] ); exit( ); } $thread = $orjthreadarray = mysql_fetch_assoc( $query ); $forummoderator = is_forum_mod( $thread['type'] == "s" ? $thread['deepforumid'] : $thread['currentforumid'], $CURUSER['id'] ); if ( ( $thread['moderate'] == 1 || $thread['moderaterf'] == 1 ) && ( $forummoderator || $moderator ) ) { $thread['moderate'] = 0; $thread['moderaterf'] = 0; } $visible = $thread['moderate'] == 1 || $thread['moderaterf'] == 1 ? 0 : 1; if ( $permissions[$thread['currentforumid']]['canview'] != "yes" || $permissions[$thread['currentforumid']]['canpostreplys'] != "yes" ) { print_no_permission( true ); exit( ); } else { if ( $thread['closed'] == "yes" && !$moderator && !$forummoderator ) { stderr( $lang->global['error'], $lang->tsf_forums['thread_closed'] ); exit( ); } } $useparent = false; if ( $thread['type'] == "s" ) { $useparent = true; } if ( $permissions[$thread['currentforumid']]['canpostattachments'] == "yes" ) { $canpostattachments = true; } if ( !empty( $pid ) ) { if ( !( $query = sql_query( "SELECT p.message, p.tid, p.subject, u.username FROM ".TSF_PREFIX."posts p LEFT JOIN users u ON (p.uid=u.id) WHERE p.pid = ".sqlesc( $pid ) ) ) ) { sqlerr( "C:\\idezender\\Encoded\\newreply.php", 90 ); } @$p_tid = @mysql_result( $query, 0, "p.tid" ); if ( $p_tid != $tid ) { stderr( $lang->global['error'], $lang->tsf_forums['invalid_post'] ); exit( ); } $subject = mysql_result( $query, 0, "p.subject" ); $message = mysql_result( $query, 0, "p.message" ); while ( !$forummoderator && !$moderator && preg_match( "/\\[hide\\](.*?)\\[\\/hide\\]/is", $message ) && preg_match( "#\\[hide\\](.*?)\\[\\/hide\\](\r\n?|\n?)#si", $message ) ) { $message = preg_replace( "#\\[hide\\](.*?)\\[\\/hide\\](\r\n?|\n?)#si", "", $message ); } $username = mysql_result( $query, 0, "u.username" ); $subject = preg_replace( "#RE:\\s?#i", "", $subject ); $subject = $lang->tsf_forums['re'].$subject; $threadsubject = ts_remove_badwords( $subject ); $message = "<<<@!2!@>>>"; $replyto = $pid; } else { $subject = $lang->tsf_forums['re'].$thread['threadsubject']; $threadsubject = ts_remove_badwords( $subject ); } if ( !isset( $replyto ) ) { $replyto = 0; } $fid = 0 + $thread['currentforumid']; $prvp = showPreview( "message" ); if ( $_SERVER['REQUEST_METHOD'] == "POST" && isset( $_POST['submit'] ) ) { $error = ""; $subject = isset( $_POST['subject'] ) ? $_POST['subject'] : ""; $uid = sqlesc( $CURUSER['id'] ); $username = sqlesc( $CURUSER['username'] ); $dateline = sqlesc( TIMENOW ); $message = isset( $_POST['message'] ) ? $_POST['message'] : ""; $ipaddress = sqlesc( $CURUSER['ip'] ); $closed = isset( $_POST['closethread'] ) && $_POST['closethread'] == "yes" && ( $moderator || $forummoderator ) ? "yes" : "no"; $sticky = isset( $_POST['stickthread'] ) && $_POST['stickthread'] == "yes" && ( $moderator || $forummoderator ) ? 1 : 0; $subscribe = isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? 1 : 0; if ( !( $query = sql_query( "SELECT userid FROM ".TSF_PREFIX."subscribe WHERE tid = ".sqlesc( $tid )." AND userid = ".$uid ) ) ) { sqlerr( "C:\\idezender\\Encoded\\newreply.php", 143 ); } if ( $subscribe && mysql_num_rows( $query ) == 0 ) { if ( !sql_query( "INSERT INTO ".TSF_PREFIX."subscribe (tid,userid) VALUES (".sqlesc( $tid ).",".$uid.")" ) ) { sqlerr( "C:\\idezender\\Encoded\\newreply.php", 146 ); } } $extraquery = ""; if ( $moderator || $forummoderator ) { $extraquery = ", closed = ".sqlesc( $closed ).", sticky = ".sqlesc( $sticky ); } if ( strlen( $subject ) < $f_minmsglength || strlen( $message ) < $f_minmsglength ) { $error = $lang->tsf_forums['too_short']; } $subject = sqlesc( $subject ); $message = sqlesc( $message ); if ( !( $query = sql_query( "SELECT dateline FROM ".TSF_PREFIX."posts WHERE uid = ".sqlesc( $CURUSER['id'] )." ORDER by dateline DESC LIMIT 1" ) ) ) { sqlerr( "C:\\idezender\\Encoded\\newreply.php", 164 ); } if ( 0 < mysql_num_rows( $query ) ) { $last_post = mysql_result( $query, 0, "dateline" ); $floodcheck = flood_check( $lang->tsf_forums['a_post'], $last_post, true ); if ( $floodcheck != "" ) { $error = $floodcheck; } } if ( empty( $error ) ) { $iq1 = $iq2 = ""; $iconid = isset( $_POST['iconid'] ) ? intval( $_POST['iconid'] ) : ""; if ( is_valid_id( $iconid ) ) { $iq1 = "iconid,"; $iq2 = "{$iconid},"; } if ( !sql_query( "INSERT INTO ".TSF_PREFIX."posts ({$iq1}tid,replyto,fid,subject,uid,username,dateline,message,ipaddress,visible) VALUES ({$iq2}{$tid},{$replyto},{$fid}, {$subject}, {$uid}, {$username}, {$dateline}, {$message}, {$ipaddress},{$visible})" ) ) { sqlerr( "C:\\idezender\\Encoded\\newreply.php", 184 ); } $pid = mysql_insert_id( ); if ( !sql_query( "UPDATE ".TSF_PREFIX."threads SET replies = replies + 1, lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}{$extraquery} WHERE tid = ".sqlesc( $tid ) ) ) { sqlerr( "C:\\idezender\\Encoded\\newreply.php", 187 ); } if ( !sql_query( "UPDATE ".TSF_PREFIX."forums SET posts = posts + 1, lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}, lastposttid = {$tid}, lastpostsubject = {$subject} WHERE fid = '{$fid}'" ) ) { sqlerr( "C:\\idezender\\Encoded\\newreply.php", 189 ); } if ( $useparent ) { if ( !sql_query( "UPDATE ".TSF_PREFIX."forums SET lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}, lastposttid = {$tid}, lastpostsubject = {$subject} WHERE fid = '{$thread['deepforumid']}'" ) ) { sqlerr( "C:\\idezender\\Encoded\\newreply.php", 193 ); } } $TSSEConfig->TSLoadConfig( "KPS" ); KPS( "+", $kpscomment, $uid ); send_sub_mails( ); if ( !sql_query( "UPDATE users SET totalposts = totalposts + 1 WHERE id = {$uid}" ) ) { sqlerr( "C:\\idezender\\Encoded\\newreply.php", 201 ); } if ( $canpostattachments && $pid && $tid ) { $error = array( ); $i = 0; while ( $i < 3 ) { if ( 0 < $_FILES['attachment']['size'][$i] ) { if ( !is_uploaded_file( $_FILES['attachment']['tmp_name'][$i] ) || empty( $_FILES['attachment']['tmp_name'][$i] ) ) { $error[] = $lang->tsf_forums['a_error2']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")"; } else { $ext = get_extension( $_FILES['attachment']['name'][$i] ); $allowed_ext = explode( ",", $f_allowed_types ); if ( !in_array( $ext, $allowed_ext, true ) ) { $error[] = $lang->tsf_forums['a_error3']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")"; } else if ( $f_upload_maxsize * 1024 < $_FILES['attachment']['size'][$i] && !$moderator ) { $error[] = sprintf( $lang->tsf_forums['a_error4'], mksize( $f_upload_maxsize * 1024 ) )." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")"; } else if ( file_exists( $f_upload_path.$_FILES['attachment']['name'][$i] ) ) { $error[] = $lang->tsf_forums['a_error5']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")"; } else { $_FILES['attachment']['name'][$i] = str_replace( ".".$ext, "", $_FILES['attachment']['name'][$i] ); $find = array( "/[^a-zA-Z0-9\\s]/", "/\\s+/" ); $replace = array( "_", "_" ); $filename = strtolower( preg_replace( $find, $replace, $_FILES['attachment']['name'][$i] ) ).".".$ext; $moved = @move_uploaded_file( $_FILES['attachment']['tmp_name'][$i], $f_upload_path.$filename ); if ( !$moved ) { $error[] = $lang->tsf_forums['a_error2']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")"; } } } if ( count( $error ) == 0 ) { $a_name = sqlesc( $filename ); $a_size = sqlesc( 0 + $_FILES['attachment']['size'][$i] ); if ( !sql_query( "INSERT INTO ".TSF_PREFIX."attachments (a_name,a_size,a_tid,a_pid,visible) VALUES ({$a_name},{$a_size},{$tid},{$pid},{$visible})" ) ) { sqlerr( "C:\\idezender\\Encoded\\newreply.php", 248 ); } } } ++$i; } } if ( $thread['moderate'] == 0 && $thread['moderaterf'] == 0 ) { define( "FORCE_REDIRECT_MESSAGE", true ); $lastpage = get_last_post( $tid ); redirect( "tsf_forums/showthread.php?tid={$tid}&page={$lastpage}&pid={$pid}&scrollto=pid{$pid}", $lang->tsf_forums['post_done']."<br />".( is_array( $error ) && 0 < count( $error ) ? implode( "<br />", $error ) : "" ) ); } else { stdhead( "{$SITENAME} TSF FORUMS : ".TSF_VERSION." :: ".str_replace( "&", "&", $orjthreadarray['currentforum'] ) ); add_breadcrumb( $orjthreadarray['deepforum'], ( $useparent ? "forumdisplay" : "index" ).".php?fid={$orjthreadarray['deepforumid']}" ); add_breadcrumb( $orjthreadarray['currentforum'], "forumdisplay.php?fid={$fid}" ); add_breadcrumb( htmlspecialchars_uni( $threadsubject ), "showthread.php?tid={$tid}" ); add_breadcrumb( $lang->tsf_forums['new_reply'] ); build_breadcrumb( ); stdmsg( $lang->global['sys_message'], $lang->tsf_forums['moderatemsg1'] ); stdfoot( ); exit( ); } exit( ); } } add_breadcrumb( $thread['deepforum'], ( $useparent ? "forumdisplay" : "index" ).".php?fid={$thread['deepforumid']}" ); add_breadcrumb( $thread['currentforum'], "forumdisplay.php?fid={$fid}" ); add_breadcrumb( htmlspecialchars_uni( $threadsubject ), "showthread.php?tid={$tid}" ); add_breadcrumb( $lang->tsf_forums['new_reply'] ); stdhead( "{$SITENAME} TSF FORUMS : ".TSF_VERSION." :: ".str_replace( "&", "&", $thread['currentforum'] ) ); if ( isset( $warningmessage ) ) { echo $warningmessage; } build_breadcrumb( ); define( "IN_EDITOR", true ); include_once( INC_PATH."/editor.php" ); $str = "\r\n<form method=\"post\" name=\"newreply\" action=\"".$_SERVER['SCRIPT_NAME']."\" enctype=\"multipart/form-data\">\r\n<input type=\"hidden\" name=\"tid\" value=\"".$tid."\">\r\n<input type=\"hidden\" name=\"replyto\" value=\"".$replyto."\">"; if ( !empty( $prvp ) ) { $str .= $prvp; } if ( isset( $error ) ) { stdmsg( $lang->global['error'], $error, false ); } if ( $array_icon_list = show_icon_list( ) ) { $postoptionstitle = array( "1" => $lang->tsf_forums['picons1'] ); $postoptions = array( "1" => $array_icon_list ); } if ( $moderator || $forummoderator ) { if ( isset( $postoptionstitle, $postoptions ) ) { array_push( $postoptionstitle, $lang->tsf_forums['mod_options'] ); array_push( $postoptions, "<label><input class=\"checkbox\" name=\"closethread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['closethread'] ) && $_POST['closethread'] == "yes" ? " checked=\"checked\"" : $thread['closed'] == "yes" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_c']."</label><br />\r\n\t\t\t\t<label><input class=\"checkbox\" name=\"stickthread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['stickthread'] ) && $_POST['stickthread'] == "yes" ? " checked=\"checked\"" : $thread['sticky'] == "1" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_s']."</label></span>" ); } else { $postoptionstitle = array( "1" => $lang->tsf_forums['mod_options'] ); $postoptions = array( "1" => "<label><input class=\"checkbox\" name=\"closethread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['closethread'] ) && $_POST['closethread'] == "yes" ? " checked=\"checked\"" : $thread['closed'] == "yes" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_c']."</label><br />\r\n\t\t\t\t<label><input class=\"checkbox\" name=\"stickthread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['stickthread'] ) && $_POST['stickthread'] == "yes" ? " checked=\"checked\"" : $thread['sticky'] == "1" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_s']."</label></span>" ); } } if ( $canpostattachments ) { if ( isset( $postoptionstitle, $postoptions ) ) { array_push( $postoptionstitle, $lang->tsf_forums['attachment'] ); array_push( $postoptions, "<label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><br /><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><br /><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label>" ); array_push( $postoptionstitle, "<b>".$lang->tsf_forums['subs'].":</b>" ); array_push( $postoptions, "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs'] ); } else { $postoptionstitle = array( "1" => $lang->tsf_forums['attachment'], "2" => "<b>".$lang->tsf_forums['subs'].":</b>" ); $postoptions = array( "1" => "<label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><br /><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><br /><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label>", "2" => "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs'] ); } } else if ( isset( $postoptionstitle, $postoptions ) ) { array_push( $postoptionstitle, $lang->tsf_forums['subs'].":" ); array_push( $postoptions, "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs'] ); } else { $postoptionstitle = array( "1" => $lang->tsf_forums['subs'].":" ); $postoptions = array( "1" => "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs'] ); } $str .= insert_editor( true, isset( $_POST['subject'] ) ? $_POST['subject'] : $threadsubject, isset( $_POST['message'] ) ? $_POST['message'] : isset( $message ) ? $message : "", $lang->tsf_forums['new_reply_head'], $lang->tsf_forums['new_reply_head2'].htmlspecialchars_uni( $threadsubject ), $postoptionstitle, $postoptions ); echo $str; if ( !( $query = sql_query( "\r\n\t\t\tSELECT p.*, u.username\r\n\t\t\tFROM ".TSF_PREFIX."posts p\r\n\t\t\tLEFT JOIN users u ON (p.uid=u.id)\r\n\t\t\tWHERE p.tid = '{$tid}' AND p.visible = '1'\r\n\t\t\tORDER BY p.dateline DESC LIMIT 0, 5\r\n\t\t" ) ) ) { sqlerr( "C:\\idezender\\Encoded\\newreply.php", 375 ); } if ( mysql_num_rows( $query ) ) { echo "\r\n\t<br />\r\n\t<table border=\"0\" cellspacing=\"0\" cellpadding=\"5\" class=\"tborder\">\r\n\t<tr>\r\n\t<td class=\"thead\" align=\"center\"><strong>".$lang->tsf_forums['thread_review']."</strong></td>\r\n\t</tr>"; while ( $post = mysql_fetch_assoc( $query ) ) { $reviewpostdate = my_datee( $dateformat, $post['dateline'] )." ".my_datee( $timeformat, $post['dateline'] ); $reviewmessage = format_comment( $post['message'] ); echo "\r\n\t\t<tr>\r\n\t\t\t<td class=\"subheader\">\r\n\t\t\t\t<span class=\"smalltext\"><strong>".$lang->tsf_forums['posted_by']." ".$post['username']." - ".$reviewpostdate."</strong></span>\r\n\t\t\t</td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t\t<td class=\"trow1\">\r\n\t\t\t\t".$reviewmessage."\r\n\t\t\t</td>\r\n\t\t</tr>"; } echo "</table>"; } stdfoot( ); ?>
newthread.php
PHP Code:
<?php
define( "THIS_SCRIPT", "newthread.php" ); require( "./global.php" ); $fid = intval( TS_Global( "fid" ) ); $polloptions = isset( $_POST['polloptions'] ) ? intval( $_POST['polloptions'] ) : 4; $createpoll = isset( $_POST['createpoll'] ) && $_POST['createpoll'] == "yes" ? "yes" : "no"; $canpostattachments = false; if ( is_valid_id( $fid ) ) { print_no_permission( true ); exit( ); if ( !( $query = @sql_query( "SELECT f.name, f.pid, f.type, f.moderate, ff.name as realforum, ff.fid as realforumid, ff.moderate as moderaterf FROM ".TSF_PREFIX."forums f LEFT JOIN ".TSF_PREFIX."forums ff ON (ff.fid=f.pid) WHERE f.fid = ".@sqlesc( $fid ) ) ) ) { sqlerr( "C:\\idezender\\Encoded\\newthread.php", 42 ); } if ( mysql_num_rows( $query ) == 0 ) { stderr( $lang->global['error'], $lang->tsf_forums['invalidfid'] ); exit( ); } $realforum = mysql_result( $query, 0, "realforum" ); $realforumid = mysql_result( $query, 0, "realforumid" ); $forumname = mysql_result( $query, 0, "f.name" ); $parent = mysql_result( $query, 0, "f.pid" ); $type = mysql_result( $query, 0, "f.type" ); $moderateForum = mysql_result( $query, 0, "f.moderate" ); $moderateForumRF = mysql_result( $query, 0, "ff.moderaterf" ); $forummoderator = is_forum_mod( $type == "s" ? $realforumid : $fid, $CURUSER['id'] ); if ( ( $moderateForum == 1 || $moderateForumRF == 1 ) && ( $forummoderator || $moderator ) ) { $moderateForum = 0; $moderateForumRF = 0; } $visible = $moderateForum == 1 || $moderateForumRF == 1 ? 0 : 1; if ( $permissions[$fid]['canpostattachments'] == "yes" ) { $canpostattachments = true; } if ( $permissions[$fid]['canview'] != "yes" || $permissions[$fid]['canpostthreads'] != "yes" ) { print_no_permission( true ); exit( ); } else { if ( $type == "c" ) { stderr( $lang->global['error'], $lang->tsf_forums['cant_post'] ); exit( ); } } $useparent = false; if ( $type == "s" ) { $useparent = true; } add_breadcrumb( $realforum, ( $useparent ? "forumdisplay" : "index" ).".php?fid={$realforumid}" ); add_breadcrumb( $forumname, "forumdisplay.php?fid={$fid}" ); add_breadcrumb( $lang->tsf_forums['new_thread'] ); } else { stderr( $lang->global['error'], $lang->tsf_forums['invalidfid'] ); exit( ); } if ( $_SERVER['REQUEST_METHOD'] == "POST" && isset( $_POST['submit'] ) ) { $error = ""; $subject = isset( $_POST['subject'] ) ? $_POST['subject'] : ""; $uid = sqlesc( $CURUSER['id'] ); $username = sqlesc( $CURUSER['username'] ); $dateline = sqlesc( TIMENOW ); $message = isset( $_POST['message'] ) ? $_POST['message'] : ""; $ipaddress = sqlesc( $CURUSER['ip'] ); $closed = isset( $_POST['closethread'] ) && $_POST['closethread'] == "yes" && ( $moderator || $forummoderator ) ? "yes" : "no"; $sticky = isset( $_POST['stickthread'] ) && $_POST['stickthread'] == "yes" && ( $moderator || $forummoderator ) ? 1 : 0; $subscribe = isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? 1 : 0; if ( strlen( $subject ) < $f_minmsglength || strlen( $message ) < $f_minmsglength ) { $error = $lang->tsf_forums['too_short']; } $subject = sqlesc( $subject ); $message = sqlesc( $message ); if ( !( $query = sql_query( "SELECT dateline FROM ".TSF_PREFIX."posts WHERE uid = ".sqlesc( $CURUSER['id'] )." ORDER by dateline DESC LIMIT 1" ) ) ) { sqlerr( "C:\\idezender\\Encoded\\newthread.php", 118 ); } if ( 0 < mysql_num_rows( $query ) ) { $last_post = mysql_result( $query, 0, "dateline" ); $floodcheck = flood_check( $lang->tsf_forums['a_post'], $last_post, true ); if ( $floodcheck != "" ) { $error = $floodcheck; } } if ( empty( $error ) ) { $iq1 = $iq2 = ""; $iconid = isset( $_POST['iconid'] ) ? intval( $_POST['iconid'] ) : 0; if ( is_valid_id( $iconid ) ) { $iq1 = "iconid,"; $iq2 = "{$iconid},"; } if ( !@sql_query( "INSERT INTO ".TSF_PREFIX."posts ({$iq1}fid,subject,uid,username,dateline,message,ipaddress,visible) VALUES ({$iq2}{$fid}, {$subject}, {$uid}, {$username}, {$dateline}, {$message}, {$ipaddress},{$visible})" ) ) { sqlerr( "C:\\idezender\\Encoded\\newthread.php", 138 ); } $pid = mysql_insert_id( ); if ( !@sql_query( "INSERT INTO ".TSF_PREFIX."threads ({$iq1}fid,subject,uid,username,dateline,firstpost,lastpost,lastposter,lastposteruid,closed,sticky,visible) VALUES ({$iq2}{$fid},{$subject},{$uid},{$username},{$dateline},{$pid},{$dateline},{$username},{$uid},".@sqlesc( $closed ).",{$sticky},{$visible})" ) ) { sqlerr( "C:\\idezender\\Encoded\\newthread.php", 141 ); } $tid = mysql_insert_id( ); if ( $subscribe ) { if ( !sql_query( "INSERT INTO ".TSF_PREFIX."subscribe (tid,userid) VALUES (".sqlesc( $tid ).",".$uid.")" ) ) { sqlerr( "C:\\idezender\\Encoded\\newthread.php", 146 ); } } if ( !@sql_query( "UPDATE ".TSF_PREFIX."posts SET tid = {$tid} WHERE pid = '{$pid}'" ) ) { sqlerr( "C:\\idezender\\Encoded\\newthread.php", 149 ); } if ( !@sql_query( "UPDATE ".TSF_PREFIX."forums SET threads = threads + 1, posts = posts + 1, lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}, lastposttid = {$tid}, lastpostsubject = {$subject} WHERE fid = '{$fid}'" ) ) { sqlerr( "C:\\idezender\\Encoded\\newthread.php", 151 ); } if ( $useparent ) { if ( !@sql_query( "UPDATE ".TSF_PREFIX."forums SET lastpost = {$dateline}, lastposter = {$username}, lastposteruid = {$uid}, lastposttid = {$tid}, lastpostsubject = {$subject} WHERE fid = '{$realforumid}'" ) ) { sqlerr( "C:\\idezender\\Encoded\\newthread.php", 155 ); } } if ( !@sql_query( "UPDATE users SET totalposts = totalposts + 1 WHERE id = {$uid}" ) ) { sqlerr( "C:\\idezender\\Encoded\\newthread.php", 158 ); } $TSSEConfig->TSLoadConfig( "KPS" ); KPS( "+", $kpscomment, $uid ); if ( $canpostattachments && $pid && $tid && isset( $_FILES ) ) { $error = array( ); $i = 0; while ( $i < 3 ) { if ( isset( $_FILES['attachment']['size'][$i] ) && 0 < $_FILES['attachment']['size'][$i] ) { if ( !is_uploaded_file( $_FILES['attachment']['tmp_name'][$i] ) || empty( $_FILES['attachment']['tmp_name'][$i] ) ) { $error[] = $lang->tsf_forums['a_error2']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")"; } else { $ext = get_extension( $_FILES['attachment']['name'][$i] ); $allowed_ext = explode( ",", $f_allowed_types ); if ( !in_array( $ext, $allowed_ext, true ) ) { $error[] = $lang->tsf_forums['a_error3']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")"; } else if ( $f_upload_maxsize * 1024 < $_FILES['attachment']['size'][$i] && !$moderator ) { $error[] = sprintf( $lang->tsf_forums['a_error4'], mksize( $f_upload_maxsize * 1024 ) )." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")"; } else if ( file_exists( $f_upload_path.$_FILES['attachment']['name'][$i] ) ) { $error[] = $lang->tsf_forums['a_error5']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")"; } else { $_FILES['attachment']['name'][$i] = str_replace( ".".$ext, "", $_FILES['attachment']['name'][$i] ); $find = array( "/[^a-zA-Z0-9\\s]/", "/\\s+/" ); $replace = array( "_", "_" ); $filename = strtolower( preg_replace( $find, $replace, $_FILES['attachment']['name'][$i] ) ).".".$ext; $moved = @move_uploaded_file( $_FILES['attachment']['tmp_name'][$i], $f_upload_path.$filename ); if ( !$moved ) { $error[] = $lang->tsf_forums['a_error2']." (".htmlspecialchars_uni( $_FILES['attachment']['name'][$i] ).")"; } } } if ( count( $error ) == 0 ) { $a_name = sqlesc( $filename ); $a_size = sqlesc( 0 + $_FILES['attachment']['size'][$i] ); if ( !sql_query( "INSERT INTO ".TSF_PREFIX."attachments (a_name,a_size,a_tid,a_pid,visible) VALUES ({$a_name},{$a_size},{$tid},{$pid},{$visible})" ) ) { sqlerr( "C:\\idezender\\Encoded\\newthread.php", 208 ); } } } ++$i; } } if ( $createpoll == "yes" && $usergroups['cancreatepoll'] == "yes" ) { define( "FORCE_REDIRECT_MESSAGE", true ); redirect( "tsf_forums/poll.php?do=new&tid={$tid}&polloptions={$polloptions}", $lang->tsf_forums['poll10']."<br />".( is_array( $error ) && 0 < count( $error ) ? implode( "<br />", $error ) : "" ) ); exit( ); } if ( $moderateForum == 0 && $moderateForumRF == 0 ) { define( "FORCE_REDIRECT_MESSAGE", true ); redirect( "tsf_forums/showthread.php?tid={$tid}", $lang->tsf_forums['thread_created']."<br />".( is_array( $error ) && 0 < count( $error ) ? implode( "<br />", $error ) : "" ) ); } else { $new_thread_in = sprintf( $lang->tsf_forums['new_thread_in'], str_replace( "&", "&", $forumname ) ); stdhead( $new_thread_in ); build_breadcrumb( ); stdmsg( $lang->global['sys_message'], $lang->tsf_forums['moderatemsg1'] ); stdfoot( ); exit( ); } exit( ); } } $new_thread_in = sprintf( $lang->tsf_forums['new_thread_in'], str_replace( "&", "&", $forumname ) ); stdhead( $new_thread_in ); if ( isset( $warningmessage ) ) { echo $warningmessage; } build_breadcrumb( ); $prvp = showPreview( "message" ); define( "IN_EDITOR", true ); include_once( INC_PATH."/editor.php" ); $str = "\r\n<form method=\"post\" name=\"newthread\" action=\"".$_SERVER['SCRIPT_NAME']."\" enctype=\"multipart/form-data\">\r\n<input type=\"hidden\" name=\"fid\" value=\"".$fid."\">"; if ( !empty( $prvp ) ) { $str .= $prvp; } if ( isset( $error ) ) { stdmsg( $lang->global['error'], $error, false ); } if ( $array_icon_list = show_icon_list( ) ) { $postoptionstitle = array( "1" => $lang->tsf_forums['picons1'] ); $postoptions = array( "1" => $array_icon_list ); } if ( $moderator || $forummoderator ) { if ( isset( $postoptionstitle, $postoptions ) ) { array_push( $postoptionstitle, $lang->tsf_forums['mod_options'] ); array_push( $postoptions, "<label><input class=\"checkbox\" name=\"closethread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['closethread'] ) && $_POST['closethread'] == "yes" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_c']."</label><br /><label><input class=\"checkbox\" name=\"stickthread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['stickthread'] ) && $_POST['stickthread'] == "yes" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_s']."</label></span>" ); } else { $postoptionstitle = array( "1" => $lang->tsf_forums['mod_options'] ); $postoptions = array( "1" => "\r\n\t\t\t\t\t<label><input class=\"checkbox\" name=\"closethread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['closethread'] ) && $_POST['closethread'] == "yes" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_c']."</label><br />\r\n\t\t\t\t\t<label><input class=\"checkbox\" name=\"stickthread\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['stickthread'] ) && $_POST['stickthread'] == "yes" ? " checked=\"checked\"" : "" ).">".$lang->tsf_forums['mod_options_s']."</label></span>" ); } } if ( $canpostattachments ) { if ( isset( $postoptionstitle, $postoptions ) ) { array_push( $postoptionstitle, $lang->tsf_forums['attachment'] ); array_push( $postoptions, "<label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><br /><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><br /><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label>" ); array_push( $postoptionstitle, "<b>".$lang->tsf_forums['subs'].":</b>" ); array_push( $postoptions, "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs'] ); } else { $postoptionstitle = array( "1" => $lang->tsf_forums['attachment'], "2" => "<b>".$lang->tsf_forums['subs'].":</b>" ); $postoptions = array( "1" => "<label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><br /><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label><br /><label><input name=\"attachment[]\" size=\"50\" type=\"file\"></label>", "2" => "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs'] ); } } else if ( isset( $postoptionstitle, $postoptions ) ) { array_push( $postoptionstitle, $lang->tsf_forums['subs'].":" ); array_push( $postoptions, "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs'] ); } else { $postoptionstitle = array( "1" => $lang->tsf_forums['subs'].":" ); $postoptions = array( "1" => "<label><input class=\"checkbox\" name=\"subscribe\" value=\"yes\" type=\"checkbox\"".( isset( $_POST['subscribe'] ) && $_POST['subscribe'] == "yes" ? " checked=\"checked\"" : "" )."></label> ".$lang->tsf_forums['isubs'] ); } if ( $usergroups['cancreatepoll'] == "yes" ) { if ( isset( $postoptionstitle, $postoptions ) ) { array_push( $postoptionstitle, $lang->tsf_forums['poll1'].":" ); array_push( $postoptions, "<label><input class=\"checkbox\" name=\"createpoll\" value=\"yes\" type=\"checkbox\"".( $createpoll == "yes" ? " checked=\"checked\"" : "" )."> ".$lang->tsf_forums['poll2']."</label><br />".$lang->tsf_forums['poll3']." <label><input size=\"2\" name=\"polloptions\" value=\"".$polloptions."\" type=\"text\"></label>" ); } else { $postoptionstitle = array( "1" => $lang->tsf_forums['poll1'].":" ); $postoptions = array( "1" => "<label><input class=\"checkbox\" name=\"createpoll\" value=\"yes\" type=\"checkbox\"".( $createpoll == "yes" ? " checked=\"checked\"" : "" )."> ".$lang->tsf_forums['poll2']."</label><br />".$lang->tsf_forums['poll3']." <label><input size=\"2\" name=\"polloptions\" value=\"".$polloptions."\" type=\"text\"></label>" ); } } $str .= insert_editor( true, isset( $_POST['subject'] ) ? $_POST['subject'] : "", isset( $_POST['message'] ) ? $_POST['message'] : "", $lang->tsf_forums['new_thread_head'], $new_thread_in, $postoptionstitle, $postoptions ); echo $str; stdfoot( ); ?>
it would really be appreciated
thank you
|