Location: PHPKode > projects > DarkCodex Forum System > darkcodex/newreply.php
<?php
include ("config.inc");
include ("forum.inc");

# -----------------------
# Connect to the database 
$dbh = db_connect();
$cookie   = get_cookie();
$Username = $cookie[Username];
$Password = $cookie[Password];
$user     = authenticate($Username,$Password);
$query = '';

# ------------------
# Check for any bans
check_ban($user[Username]);

$FORM = get_input();
                                                
# ---------------------
# Assign the variables
$Username = $user[Username];
$Password = $user[Password];
$Board    = $FORM[Board];
$Number   = $FORM[Number];
$page     = $FORM[page];
$view     = $FORM[view];
$what     = $FORM[what];
$mode     = $FORM[mode];
$sb       = $FORM[sb];

# ----------------------------
# Let's get the security level
$user_security = $user[Security];
if (empty ($user_security) ) { $user_security = $config[anon_security];}

# --------------------------
# Lets get their preferences 
$Email = $user[Email];

if ($Email == "On"){
    $Eselected = "checked";
}
$TextCols = $user[TextCols];
$TextRows = $user[TextRows];
if (empty($TextCols)) {  $TextCols = "80";}
if (empty($TextRows)) {  $TextRows = "5";}

# -----------------
# Get the post info
$query = <<<END_SQL
    SELECT Main,Subject,Body
    FROM $Board
    WHERE Number = $Number
END_SQL;

$sth = mysql_query($query) or die ("Query syntax error: " . mysql_error() . ". Query: $query");

# ----------------
# Assign the stuff
list($Main,$Subject,$Body) = mysql_fetch_array($sth);

# -----------------------------------------------------
# Make sure we only put one Re: in front of the subject
if (!(ereg("Re:", $Subject))){
    $Subject = "Re: ".$Subject;
}

# ----------------------
# Convert "'s to &quot;
$Subject = preg_replace('/"/', '&quot;', $Subject);
$Body = preg_replace('/"/', '&quot;', $Body);

# ------------------
# Get the board info
$Board_q = db_quote($Board);
$query = <<<END_SQL
    SELECT HTML,Anonymous,Locked,Markup,Security
    FROM Boards
    WHERE Keyword = $Board_q
END_SQL;

$sth = mysql_query($query) or die ("Query syntax error: " . mysql_error() . ". Query: $query");

# ----------------
# Assign the stuff  
list($HTML,$Anonymous,$Locked,$Markup,$Security) = mysql_fetch_array($sth);

# -----------------------------------------------------------------
# If there are no anonymous postings, make sure they have logged in
if ( ($Anonymous == "Off") && (empty($user[Username])) ) {
    mysql_free_result($sth);
    not_right("Anonymous postings are not allowed on this forum.  You need to have a Username and be logged in before posting on this board.");
}

# ----------------------------------------------------------
# Find out if they are supposed to be replying on this board
if ($Security > $user_security) {
    not_right("You do not have a high enough Security level to make replies on this forum.");
}

# ---------------
# Send the header
send_header("Make a reply");
table_header("Make a reply");
print "<table cellspacing=0 border=0 width=100% bgcolor=$config[tddark]>";
print "<tr><td>";
print "Fill out the form below to post a reply on the board.";

# Check if HTML is enabled or not
if($HTML == "Off") {
    print " HTML is disabled for this board, so you may not use it in your posts.";
} else {
    print " HTML is enabled for this board, so you may use it in your posts.";
}

# --------------------------------------------
# Markup is disabled, so we better let them know
if($Markup == "Off"){
    print " Markup is disabled for this board so you may not use Markup in your posts.";
# ----------------------------------
# Markup is enabled, so let them know
}  else {
    print " Markup is enabled so you may use <a href=\"$config[cgiurl]/faq.php#html\">Markup on in your posts</a>.";
}

# --------------------------------------
# Anonymous is enabled, so let them know
$Anon = '';
if($Anonymous == "On"){
    print" Anonymous postings are allowed, so if you do not have a Username just put Anonymous in the Username field and leave the password blank.  If you post as Anonymous you will not be able to have replies emailed to you.";
    $Anon = "Anonymous";

# ---------------------------------------
# Anonymous is disabled, so let them know
} else {
    print" Anonymous postings are not allowed, so you will need to register a Username before you can post.";
}

# ------------------------------------- 
# The board is locked, so let them know
if($Locked != "Open"){
    print" This board is read only, so you must be an administrator to post on it.";
}
print <<<END_HTML
  </p>
  </td></tr><tr><td bgcolor=$config[tdlight]>
END_HTML;

# -----------------------------------------------------
# Let's find out if they get the default preview or not.
$Preview = $user[Preview];
if (empty($Preview)) { $Preview = $config[Preview];}

# If we are allowing file attachments and we are dealing with a Mozilla 4+
# Browser then we need a multipart/form-data form
$check = browser_check();
if( ($Preview == "off") && ($check == "true") && ($config[files])) {
    print "<form method=POST enctype='multipart/form-data' action=\"$config[cgiurl]/addpost.php\">";
} elseif ($Preview == "off") {
    print "<form method=POST action =\"$config[cgiurl]/addpost.php\">";
} else {
    print "<form method=POST action =\"$config[cgiurl]/previewpost.php\">";
}

print <<<END_HTML
  <form method=POST action="$config[cgiurl]/previewpost.php">
  <input type=hidden name=Board value="$Board">
  <input type=hidden name=Main value="$Main">
  <input type=hidden name=Parent value="$Number">
  <input type=hidden name=page value="$page">
  <input type=hidden name=view value="$view">
  <input type=hidden name=what value="$what">
  <input type=hidden name=oldnumber value="$Number">
  <input type=hidden name=mode value="$mode">
  <input type=hidden name=sb value="$sb">
END_HTML;
if ($Username) {
    print "<p>Username<br><b>$Username</b><p>";
} else {
    print <<<END_HTML
      Username (between 3 and 16 characters)<br>
      <input type=text name=Username value="$Anon">
      <p>
      Password (between 4 and 10 characters)<br>
      <input type=password name=Password value="">
      <p>
END_HTML;
}
print <<<END_HTML
    Subject<br>
  <input type=text name=Subject value="$Subject">
  <p>
  Post<br>
  <textarea cols=$TextCols rows=$TextRows wrap=soft name="Body"></textarea>
  <p>
  <input type=checkbox name=mail value=1 $Eselected> 
  E-Mail all replies to real email address
  <p>
END_HTML;

# ------------------------------------------------------------------------
# If we are allowing file attachments and we are dealing with a Mozilla 4+
# browser then we will allow file attachments
$check = browser_check();
if( ($check == "true") && ($config[files]) && ($Preview == "on") ){
    print "File attachments are allowed.  You will be able to attach a file to your post on the next screen.<br>";
}

if ( ($check == "true") && ($config[files]) && ($Preview == "off")) {
    if ($Username) {
      print "<br>You may attach a file to your post if you want.  File size is limited to $config[filesize] bytes<br>";
      print "<input type=file name=attach accept=\"*\">";
    } else {
      print "<br>Although File attachments are allowed, you cannot post files as the Anonymous user.";
    } 
} elseif ( ($check != "true") && ($config[files]) && ($Preview == "off") ) {
    print "<br>Although File attachments are allowed, you must be using a Mozilla 4+ compatible browser for this feature.";
}

if ($Preview == "off") {
    print "<br><br><input type=submit value = \"Add Post\">";
} else {
    print "<input type=submit value = \"Preview Post\">";
}
print <<<END_HTML
  <input type=reset value = "Clear Form">
  </form>
  </td></tr></table>
  <p>
END_HTML;

table_header("In response to:");
print "<table cellspacing=0 border=0 width=100% bgcolor=$config[tdlight]>";
print "<tr><td>";
$Body = preg_replace("/&quot;/", '"', $Body);
print "$Body";
print "</td></tr></table>";

# ----------------
# Send the footer
mysql_free_result($sth);
send_footer();
?>
Return current item: DarkCodex Forum System