Location: PHPKode > projects > L-Forum > l-forum/new.php
<?

include "config.php";
include "lib/init.inc";

if(!empty($r)){
   $q=new Query("select * from articles where id = $r");
   $prow=$q->row();
   if($prow['moderation_state']==2||$prow['moderation_state']==3)
      error_f($lang['msg_locked']);
   $subj=(ereg("^Re: ", $prow['subject']) ? $prow['subject'] : "Re: ".
         $prow['subject'] );
}

if(empty($GLOBALS['HTTP_VIA'])){
   $ip = $GLOBALS['REMOTE_ADDR'];
   if(!$ip)
      $ip = $GLOBALS['REMOTE_HOST'];
}
else{
   $z = split(",", $GLOBALS['HTTP_X_FORWARDED_FOR']);
   $ip = $z[0];
}

if($block_ip){
   $q=new Query("select * from block_ip where ip = '$ip'");
   if($q->nr()>0)
      error_f($lang['ban']);
}


if(empty($p)){
   $head = str_replace("__TITLE__", $lang['new_message'], $design['head']);
   echo $head;
   include "themes/".$theme."/header.inc";
?>

<form method=post enctype="multipart/form-data" action="<? echo $PHP_SELF ?>">
<input type=hidden name=f value=<?echo $f?>>
<? echo $design['posthead'] ?>

<tr><td bgcolor="<? echo $design['oddcolor'] ?>">
<? echo $lang['from'] ?>:</td><td  bgcolor="<? echo $design['oddcolor'] ?>">
<input type=text size=20 name="from" value="<?
if(isset($f_from)){
   if(get_magic_quotes_gpc())
      $f_from = stripslashes(stripslashes($f_from));
   echo $f_from;
}?>"></td></tr>
<tr><td  bgcolor="<? echo $design['evencolor'] ?>">
<? echo $lang['email'] ?>:</td><td bgcolor="<? echo $design['evencolor'] ?>">
<input type=text size=20 name="email" value="<?
if(isset($f_mail)) echo $f_mail;
?>"></td></tr>
<tr><td bgcolor="<? echo $design['oddcolor'] ?>">
<? echo $lang['subject'] ?>:</td><td bgcolor="<? echo $design['oddcolor'] ?>">
<input type=text size=20 name="subject" value="<?
if(isset($subj))
   echo $subj;
?>"></td></tr>
<tr><td bgcolor="<? echo $design['evencolor'] ?>" colspan=2 align=center>
<textarea name=body cols=60 rows=20>
<?
if(!empty($r)&&$cite){
   $body = eregi_replace("<[^>]+>", "", $prow['body']);
   echo ereg_replace("^", "> ", ereg_replace("\n", "\n> ", $body))."\n\n";
}
?>
</textarea></td></tr>
<?
if($forum_array[$f]['upload']){
?>
<tr><td bgcolor="<? echo $design['oddcolor']?>"><? echo $lang['att'] ?></td>
<td bgcolor="<? echo $design['oddcolor']?>">
<input type=file name=attachment>
</td>
</tr>
<?
}
?>
<tr><td bgcolor="<? echo $design['evencolor'] ?>" colspan=2 align=center>
<input type=submit value="<? echo $lang['send'] ?>"></td></tr>
<input type=hidden name=p value=1>
<? 
echo $design['postfoot'];
if(!empty($r))
   echo "<input type=hidden name=r value=$r>";
?>

</form>

<?
   include "themes/".$theme."/footer.inc";
   echo $design['footer'];
}
else{

// Errors
   if($req_email&&empty($email)){
      $err[]=$lang['no_email'];
   }
   else if(!empty($email)){
      if($ext_mail){
	 if(!extmailcheck($email))
	    $err[]=$lang['not_proper_email'];
      }
      else
	 if(!validate_email($email))
	    $err[]=$lang['not_proper_email'];
   }
   
   if(empty($from))
      $err[]=$lang['no_from'];


   if(eregi("^".$admin_res."$", $from))
      auth(2);
   
   setcookie("f_from", $from, time()+999999999);
   setcookie("f_mail", $email, time()+999999999);
   
   if(empty($subject))
      $err[]=$lang['no_subject'];
   if(!empty($err))
      error_f($err);
   
   if(!$enable_html)
      $body=htmlspecialchars($body);

   $body = wrap($body, $wrapsize);

// Translate links to html links

   $body = eregi_replace("((http|https|ftp)://([a-z0-9-]+\.)+[a-z]{2,3}/([a-zA-Z0-9\~\.]+/)*(([-a-zA-Z0-9])+(\.([-a-zA-Z0-9])+)+)*)", "<a href=\"\\1\">\\1</a>", $body);

// Translate e-mails to links

   $body = eregi_replace("(mailto:)(.+@[[:alpha:]]+(\.[[:alpha:]]+)+)", "<a href=\"\\1\\2\">\\2</a>", $body);
   
   if(!get_magic_quotes_gpc()){
      $subject = addslashes($subject);
      $from = addslashes($from);
      $body = addslashes($body);
      $email = addslashes($email); // This is just for security
   }

   if(!empty($attachment)&&$attachment!='none'){
      if($attachment_size>$max_size)
         error_f($lang['too_big']);
      $att_sql = "$attachment_name";
   }
   else
      $att_sql = "";
   
   $level=0;
   switch($db_type){
      case 'postgres':
	 $q = new Query("select * from articles_id_seq");
	 $row = $q->row();
	 if($row['is_called']=='f')
	    $lastval = 1;
	 else
	    $lastval = $row['last_value']+1;
	 break;
      case 'mysql':
         $lastval = 0;
         break;
   }
   
   $root = $lastval;
  
   $subs = serialize(Array());
   switch($db_type){
      case 'postgres':
	 $inc = "NEXTVAL('articles_id_seq')";
	 $now = "'now'";
	 break;
      case 'mysql':
	 $inc = "0";
	 $now = "NOW()";
         break;
   }

   if(!empty($r)){
      $root = $prow['root'];
      $level = $prow['level']+1;
   }
   else
      $r = '';

   if($forum_array[$f]['moderation'])
      $mod_state = 1;
   else
      $mod_state = 0;
   
   $q=new Query("insert into articles (id, time, author, email, subject, body, is_parent, subs, parent, level, root, ip, views, forum, attach, moderation_state) values($inc, $now, '$from', '$email', '$subject', '$body', '$false', '$subs', '$r', $level, '$root', '$ip', 0, $f, '$att_sql', $mod_state)");

   switch($db_type){
      case 'mysql':
         $lastval = mysql_insert_id();
         if(empty($r)){
            $q = new Query("update articles set root = $lastval where id = $lastval");
         }
         break;
   }

   if(!empty($att_sql)){
      if(!@copy($attachment, "upload/$lastval")){
         $q = new Query("delete from articles where id = $lastval");
         error_f($lang['copy_err']);
      }
   }
   
   if(!empty($r)){   
      $subs = unserialize($prow['subs']);
      $subs[] = $lastval;
      $subs = serialize($subs);
      $q = new Query("update articles set subs = '$subs', is_parent = '1' where id = $r");
   }

   if($forum_array[$f]['moderation'])
      redirect("moderated.php?f=$f");
   else
      redirect("./read.php?f=$f&i=$lastval");

}
?>
Return current item: L-Forum