Location: PHPKode > projects > Gnew > Gnew-2013.1/posts/add.php
<?php
// -----------------------------------------------------------------------------
// $Id: add.php 682 2013-03-28 14:17:41Z raoul $
//
// Copyright (C) 2013 Raoul Proença
// License: GNU GPL version 3 (see copying.txt file)
// Website: http://www.gnew.fr/
// -----------------------------------------------------------------------------
// This program is free software: you can redistribute it and/or modify it under
// the terms of the GNU General Public License as published by the Free Software
// Foundation, either version 3 of the License, or (at your option) any later
// version.
//
// This program is distributed in the hope that it will be useful, but WITHOUT
// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
// FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
// details.
//
// You should have received a copy of the GNU General Public License along with
// this program. If not, see <http://www.gnu.org/licenses/>.
// -----------------------------------------------------------------------------

include('./../includes/common.php');

page_header($lang['POSTS_ADD']);

// User logged?
if ($_SESSION['user_id'] > 0)
{
    // Add or preview forms?
    if (isset($_POST['add']) || isset($_POST['preview']))
    {
        // Thread start
        if (empty($_POST['thread_id']))
        {
            $post_active = true;
        }
        // Addition of posts to the thread
        else
        {
            // First post of a thread (thread_id = post_id)
            $sql->query('SELECT post_active
                         FROM ' . TABLE_POSTS . '
                         WHERE post_id = \'' . $_POST['thread_id'] . '\'');
            $table_posts = $sql->fetch();
            // Closed thread?
            if ($table_posts['post_active'])
            {
                $post_active = true;
            }
            else
            {
                $post_active = false;
            }
        }
        // Evaluates to true or false
        if ($post_active)
        {
            $error = '';
            if (!trim($_POST['post_subject']))
            {
                $error .= $lang['ERROR_NO_SUBJECT'];
            }
            if (!trim($_POST['post_text']))
            {
                $error .= $lang['ERROR_NO_TEXT'];
            }
            // Anti-flood
            $sql->query('SELECT MAX(post_creation) AS last_post
                         FROM ' . TABLE_POSTS . '
                         WHERE user_id = \'' . $_SESSION['user_id'] . '\'');
            $table_posts = $sql->fetch();
            if ($table_posts['last_post'] >= (time() - $settings['posts_interval']))
            {
                $error .= sprintf($lang['ERROR_POSTS_INTERVAL'], $settings['posts_interval']);
            }
            // Thread expiry
            if (!empty($_POST['thread_id']))
            {
                $sql->query('SELECT MAX(post_creation) AS last_post
                             FROM ' . TABLE_POSTS . '
                             WHERE thread_id = \'' . $_POST['thread_id'] . '\'');
                $table_posts = $sql->fetch();
                if (($table_posts['last_post'] + (60 * 60 * 24 * $settings['threads_expiry'])) < time())
                {
                    $error .= sprintf($lang['ERROR_THREAD_EXPIRY'], $settings['threads_expiry']);
                }
            }
            if ($error)
            {
                error_template($error);
            }
            else
            {
                $post_subject = utf8_entities($_POST['post_subject']);
                if ($settings['allow_html'])
                {
                    $post_text2 = do_html($_POST['post_text']);
                }
                else
                {
                    $post_text2 = utf8_entities($_POST['post_text']);
                }
                $post_text = $post_text2;
                $post_text2 = make_clickable($post_text2);
                $post_text2 = do_bbcodes($post_text2);
                if ($settings['allow_emoticons'])
                {
                    $post_text2 = do_emoticons($post_text2);
                }
                // Preview form
                if (isset($_POST['preview']))
                {
                    // remove_form_data();
                    $post_text2 = undo_escape_sequences($post_text2);
                    if ($settings['allow_html'])
                    {
                        $html_support = $lang['HTML_ENABLED'];
                    }
                    else
                    {
                        $html_support = $lang['HTML_DISABLED'];
                    }
                    if (!empty($users['user_signature']))
                    {
                        $user_signature = '<br />&#45;&#45;<br />' . $users['user_signature'];
                    }
                    else
                    {
                        $user_signature = '';
                    }
                    $template->set_file('preview', 'posts/preview.htpl');
                    $template->set_var(array('CATEGORY_ID' => $_POST['category_id'],
                                             'EMOTICONS_LIST' => get_emoticons_list(0),
                                             'HTML_SUPPORT' => $html_support,
                                             'POST_POSTED' => sprintf($lang['POSTED_BY'], $_SESSION['user_id'], $users['user_name'], format_date(time())),
                                             'POST_SUBJECT' => $post_subject,
                                             'POST_TEXT' => $post_text,
                                             'POST_TEXT2' => $post_text2,
                                             'USER_AVATAR' => $users['user_avatar'],
                                             'USER_SIGNATURE' => $user_signature));
                    // Thread start
                    if (empty($_POST['thread_id']))
                    {
                        $template->set_var(array('HIDDEN_SUBJECT' => '',
                                                 'HIDDEN_THREAD' => '',
                                                 'POST_SUBJECT2' => '<input type="text" name="post_subject" value="' . $post_subject . '" size="25" maxlength="128" class="required" />'));
                    }
                    // Addition of posts to the thread
                    else
                    {
                        $template->set_var(array('HIDDEN_SUBJECT' => '<input type="hidden" name="post_subject" value="' . $post_subject . '" />',
                                                 'HIDDEN_THREAD' => '<input type="hidden" name="thread_id" value="' . $_POST['thread_id'] . '" />',
                                                 'POST_SUBJECT2' => '<strong>' . $post_subject . '</strong>'));
                    }
                    $template->parse('preview');
                }
                // Add form
                else
                {
                    $sql->query('INSERT INTO ' . TABLE_POSTS . ' (category_id, user_id, post_active, post_subject, post_text, post_creation)
                                 VALUES (\'' . $_POST['category_id'] . '\', \'' . $_SESSION['user_id'] . '\', \'1\', \'' . $post_subject . '\', \'' . $post_text2 . '\', \'' . time() . '\')');
                    $id = $sql->insert_id();
                    // Start a thread
                    if (empty($_POST['thread_id']))
                    {
                        $sql->query('UPDATE ' . TABLE_POSTS . '
                                     SET thread_id = \'' . $id . '\'
                                     WHERE post_id = \'' . $id . '\'');
                        $sql->query('UPDATE ' . TABLE_CATEGORIES . '
                                     SET category_posts = category_posts + 1, category_threads = category_threads + 1
                                     WHERE category_id = \'' . $_POST['category_id'] . '\'');
                    }
                    // Add post to the thread - post_sticky is set by admin
                    else
                    {
                        // First post of the thread
                        $sql->query('SELECT post_sticky
                                     FROM ' . TABLE_POSTS . '
                                     WHERE post_id = \'' . $_POST['thread_id'] . '\'');
                        $table_posts = $sql->fetch();
                        $sql->query('UPDATE ' . TABLE_POSTS . '
                                     SET thread_id = \'' . $_POST['thread_id'] . '\', post_sticky = \'' . $table_posts['post_sticky'] . '\'
                                     WHERE post_id = \'' . $id . '\'');
                        $sql->query('UPDATE ' . TABLE_CATEGORIES . '
                                     SET category_posts = category_posts + 1
                                     WHERE category_id = \'' . $_POST['category_id'] . '\'');
                    }
                    $sql->query('UPDATE ' . TABLE_USERS . '
                                 SET user_posts = user_posts + 1
                                 WHERE user_id = \'' . $_SESSION['user_id'] . '\'');
                    make_posts_feed();
                    $GLOBALS['cache']->clean(TABLE_CATEGORIES);
                    $GLOBALS['cache']->clean(TABLE_POSTS);
                    $GLOBALS['cache']->clean(TABLE_USERS);
                    // Redirect to new thread
                    if (empty($_POST['thread_id']))
                    {
                        success_template($lang['POST_ADDED'], './../posts/read.php?category_id=' . $_POST['category_id'] . '&thread_id=' . $id);
                    }
                    // Redirect to existing thread
                    else
                    {
                        success_template($lang['POST_ADDED'], './../posts/read.php?category_id=' . $_POST['category_id'] . '&thread_id=' . $_POST['thread_id']);
                    }
                }
            }
        }
        else
        {
            error_template($lang['ERROR_THREAD_CLOSED']);
        }
    }
    else
    {
        error_template($lang['ERROR_NO_DATA']);
    }
}
else
{
    error_template($lang['ERROR_USER_OFFLINE']);
}

page_footer();

?>
Return current item: Gnew