Location: PHPKode > projects > DarkCodex Forum System > darkcodex/newpost.php
<?php
include ("config.inc");
include ("forum.inc");

# -----------------------
# Connect to the database 
$dbh =  db_connect();
$cookie = get_cookie();

$Username = $cookie[Username];
$Password = $cookie[Password];
$user = authenticate($Username,$Password);

# ------------------
# Check for any bans
check_ban($user[Username]);
                                                
# --------------
# Get the input
$FORM = get_input();

# --------------------
# Assign the variables
$Username = $user[Username];
$Password = $user[Password];
$Board    = $FORM[Board];
$what     = $FORM[what];
$page     = $FORM[page];
$view     = $FORM[view];
$sb       = $FORM[sb];

$Board_q = db_quote($Board);

# -----------------------
# Grab the security level
$user_security = $user[Security];
if (empty($user_security)) { $user_security = $config[anon_security];}
# -----------------------
# Lets grab the User info
$Email = $user[EReplies];
$Eselected;

if ($Email == "On"){
    $Eselected = "checked";
}

$TextCols = $user[TextCols];
$TextRows = $user[TextRows];
if (empty($TextCols)) { $TextCols = "80";}
if (empty($TextRows)) { $TextRows = "5";}

# ------------------
# Get the board info
$query = <<<END_SQL
    SELECT HTML,Anonymous,Locked,Markup,Security
    FROM Boards
    WHERE Keyword = $Board_q
END_SQL;
$sth = mysql_query($query,$dbh) or die ("Query syntax error: " . mysql_error() . ". Query: $query");

# ---------------------------
# Assign the retreived values
list($HTML,$Anonymous,$Locked,$Markup,$Security) = mysql_fetch_array($sth);

# -----------------------------------------------------------------
# If there are no anonymous postings, make sure they have logged in
if ( ($Anonymous == "Off") && (!$user[Username]) ) {
    mysql_free_result($sth);
    not_right("Anonymous postings are not allowed on this forum.  You need to have a Username and be logged in before posting on this board.");
}

# ----------------------------------------------------------
# Find out if they are supposed to be making a new post here
if ($Security > $user_security) {
    not_right("You do not have a high enough Security level to be making posts on this forum.");
}

# -----------------
# Give them a page 
send_header("Make a New Post","bypass",$Username,$Password);
table_header("Make a New Post");
print "<table cellspacing=0 border=0 width=100% bgcolor=$config[tddark]>";
print "<tr><td>";
print "Fill out the form below to post a message on the board.";

# -------------------------------
# HTML is disabled, let them know
if($HTML == "Off"){
    print " HTML is disabled for this board so you may not use it in your posts.";
} else {
    print " HTML is enabled so you may use it in your posts.";
}

# --------------------------------------------
# Markup is disabled, so we better let them know
if($Markup == "Off"){
    print " Markup is disabled for this board so you may not use markup in your posts.";
}  else {
    print " Markup is enabled so you may use <a href=\"$config[cgiurl]/faq.php#html\">Markup on in your posts</a>.";
}

# --------------------------------------  
# Anonymous is enabled, so let them know
$Anon = '';
if($Anonymous == "On"){
    print" Anonymous postings are allowed, so if you do not have a Username just put Anonymous in the Username field and leave the password blank.  If you post as Anonymous you will not be able to have replies Emailed to you.";
    $Anon = "Anonymous";
} else {
    print" Anonymous postings are not allowed, so you will need to register a Username before you can post.";
}
 
# ------------------------------------ 
# The board is locked, so let them know
if($Locked != "Open"){
    print" This board is read only, so you must be an administrator to post on it.";
}
print "</td></tr><tr><td bgcolor=$config[tdlight]>";

# -----------------------------------------------------
# Let's find out if they get the default preview or not.
$Preview = $user[Preview];
if (empty($Preview)) { $Preview = $config[Preview];}

# -----------------------------------------------------------------------
# If we are allowing file attachments and we are dealing with a Mozilla 4+
# Browser then we need a multipart/form-data form
$check = browser_check();
if( ($Preview == "off") && ($check == "true") && ($config[files]) ) {
    print "<form method=POST enctype='multipart/form-data' action=\"$config[cgiurl]/addpost.php\">";
} elseif ($Preview == "off") {
    print "<form method=POST action=\"$config[cgiurl]/addpost.php\">";
} else {
    print "<form method=POST action=\"$config[cgiurl]/previewpost.php\">";
}  
print <<<END_HTML

  <input type=hidden name=Board value="$Board">
  <input type=hidden name=what value="$what">
  <input type=hidden name=page value="$page">
  <input type=hidden name=view value="$view">
  <input type=hidden name=sb value="$sb">
END_HTML;
if ($Username) {
    print "<p>Username<br><b>$Username</b><p>";
} else {
    print <<<END_HTML
    
    Username (between 3 and 16 characters)<br>
    <input type=text name=Username value="$Anon">
    <p>
    Password (between 4 and 10 characters)<br>
    <input type=password name=Password value="">
    <p>
END_HTML;
}
print <<<END_HTML
  Subject<br>
  <input type=text name=Subject>
  <p>
  Post<br>
  <textarea cols=$TextCols rows=$TextRows wrap=soft name="Body"></textarea>
  <p> 
  <input type=checkbox name=mail value=1 $Eselected> 
  E-mail all replies to real email address
  </p><p>
END_HTML;
  
# ------------------------------------------------------------------------
# If we are allowing file attachments and we are dealing with a Mozilla 4+
# browser then we will allow file attachments
$check=browser_check();
if( ($check == "true") && ($config[files]) && ($Preview == "on") ) {
    print "File attachments are allowed.  You will be able to attach a file to your post on the next screen.<br>";
}
if ( ($check == "true") && ($config[files]) && ($Preview == "off") ) {
    if ($Username) {
	print "<br>You may attach a file to your post if you want.  File size is limited to $config[filesize] bytes<br>";
	print "<input type=file name=attach accept=\"*\">";
    } else {
	print "<br>Although File attachments are allowed, you cannot post files as the Anonymous user.";
    }
} elseif ( ($check != "true") && ($config[files]) && ($Preview == "off") ) {
    print "<br>Although File attachments are allowed, you must be using a Mozilla 4+ compatible browser for this feature.";
}  

if ($Preview == "off") {
    print "<br><br><input type=submit value=\"Add Post\">";
} else {
    print "<input type=submit value=\"Preview Post\">";
}
print <<<END_HTML
  <input type=reset value="Clear Form">
  </form>
  </td></tr></table>
END_HTML;

# -------------
# Send a footer
mysql_free_result($sth);
send_footer();
Return current item: DarkCodex Forum System