<?PHP
ob_start();
session_start();
include("includes/globals.php.inc");
include("includes/functions.php");
include("lang/English.php");
if(strtolower($sxSetup['Language']) != 'english') include("lang/".$sxSetup['Language'].".php");
include("themes/$THEME_FOLDER/config.php.inc");
protectComponentPage(6);
if ((!$replyid) AND (!$editid) AND (!$forumid))
{
header("Location: forums.php");
die();
}
if (!$sxSetup['ForumAnonymous'])
{
if (!loggedIn())
{
header("Location: forums.php?loginError=true");
die();
}
if ((intval($THIS_USER) == 0) OR ($THIS_USER == '0') OR ($THIS_USER == ''))
{
header("Location: forums.php?loginError=true");
die();
}
}
$query = "SELECT * FROM $DB_Forums_Posts WHERE id='$replyid'";
$result = mysql_query($query, $Link) or queryError("71", mysql_error());
$ROW = mysql_fetch_object($result);
if ($ROW->locked == 1)
{
header("Location: forums.php?message=".str_replace(" ","_",$sxLang['MessageForumTopicLocked']));
die();
}
if ($editid)
{
$query = "SELECT * FROM $DB_Forums_Posts WHERE id='$editid'";
$result = mysql_query($query, $Link) or queryError("71", mysql_error());
$ROW = mysql_fetch_object($result);
if ((($THIS_USER == $ROW->userid) AND ((!$sxSetup['ForumEditTimeout']) OR ($ROW->timestamp>($NOW-$sxSetup['ForumEditTimeoutSeconds']))))OR((userModerator())OR(userAdmin())))
$editable = true;
else
$editable = false;
if(!$editable)
{
header("Location: forums.php");
die();
}
}
if ($Edit)
{
if ((($THIS_USER == $ROW->userid) AND ((!$sxSetup['ForumEditTimeout']) OR ($ROW->timestamp>($NOW-$sxSetup['ForumEditTimeoutSeconds']))))OR((userModerator())OR(userAdmin())))
{
// Sticky
$db_sticky = 0;
if(((userAdmin()) OR (userModerator())) AND ($sticky == 1))
$db_sticky = 1;
$topic = htmlspecialchars($topic);
$query = "UPDATE $DB_Forums_Posts SET topic='$topic', content='$content', sticky='$db_sticky', lastedit='$NOW' WHERE id='$editid'";
$result = mysql_query($query, $Link) or queryError("71", mysql_error());
$query = "SELECT * FROM $DB_Forums_Posts WHERE id='$editid'";
$result = mysql_query($query, $Link) or queryError("71", mysql_error());
$ROW = mysql_fetch_object($result);
if ($ROW->replyto)
$topicid = $ROW->replyto;
else
$topicid = $ROW->id;
$query = "SELECT * FROM $DB_Forums_Posts WHERE id='$topicid' OR replyto='$topicid' ORDER BY timestamp ".$sxThemeConfig['ForumOrder'];
$result = mysql_query($query, $Link) or queryError("71", mysql_error());
$total = mysql_num_rows($result);
$sxTopicCount = 1;
while ($ROW = mysql_fetch_object($result))
{
if ($ROW->id == $editid)
$sxThisTopicNumber = $sxTopicCount;
else
$sxTopicCount += 1;
}
// Compute return page
$sxPageMod = $sxThisTopicNumber%$sxSetup['ForumPostsPerPage'];
$page = ($sxThisTopicNumber/$sxSetup['ForumPostsPerPage']) - ($sxPageMod/$sxSetup['ForumPostsPerPage']);
if($sxPageMod > 0)
$page = $page + 1;
header("Location: forums_topic.php?topicid=$topicid&page=$page#$editid");
die();
}
else
{
header("Location: forums.php");
die();
}
}
if ((($Post) OR ($Reply)) AND (strlen($content) > 0))
{
protectPrivateForum($forumid);
$topic = htmlspecialchars($topic);
// Sticky
$db_sticky = 0;
if (((userAdmin()) OR (userModerator())) AND ($sticky == 1) AND ($Post))
$db_sticky = 1;
$process_post = false;
// If form is secured
if(($sxSetup['FormSecurity'] == 1)AND($THIS_USER == 0))
{
// Validate the code
if(validateSecurityCode(htmlspecialchars($security_code), intval($codeid,10)) == true)
$process_post = true;
else
$message = $sxLang['MessageSecurityCodeRejected'];
}
else
$process_post = true;
if($process_post)
{
$query = "INSERT INTO $DB_Forums_Posts
(topic, content, timestamp, updated, lastedit, userid, forumid, replyto, views, locked, sticky) VALUES
('$topic', '$content', '$NOW', '$NOW', '$NOW', '$THIS_USER', '$forumid', '$replyid', '0', '0', '$db_sticky')";
$result = mysql_query($query, $Link) or queryError("71", mysql_error());
if ($replyid)
{
$query = "UPDATE $DB_Forums_Posts SET updated='$NOW' WHERE id='$replyid'";
$result = mysql_query($query, $Link) or queryError("71", mysql_error());
}
$query = "SELECT * FROM $DB_Forums_Posts WHERE timestamp='$NOW' AND userid='$THIS_USER'";
$result = mysql_query($query, $Link) or queryError("71", mysql_error());
$ROW = mysql_fetch_object($result);
// Subscribe to topic
if ($subscribe == 1)
{
if ($replyid)
$sxToSubscribe = $replyid;
else
$sxToSubscribe = $ROW->id;
if( !sxForumSubscription('topic', $sxToSubscribe))
{
$query2 = "INSERT INTO $DB_Forums_Notify (userid, notified, id_type, id_num) VALUES ('$THIS_USER', '0', 'topic', '$sxToSubscribe')";
$result2 = mysql_query($query2, $Link) or queryError("69", mysql_error());
}
}
$query2 = "SELECT * FROM $DB_Users";
$result2 = mysql_query($query2, $Link) or queryError("71", mysql_error());
while ($ROW2 = mysql_fetch_object($result2))
{
$found = false;
$query3 = "SELECT * FROM $DB_Forums_Private WHERE forumid='$forumid'";
$result3 = mysql_query($query3, $Link) or queryError("71", mysql_error());
if (mysql_num_rows($result3))
{
while ($ROW3 = mysql_fetch_object($result3))
{
$query4 = "SELECT * FROM $DB_Users_Assoc WHERE userid='$ROW2->id' AND typeid='$ROW3->typeid'";
$result4 = mysql_query($query4, $Link) or queryError("71", mysql_error());
if (mysql_num_rows($result4))
$found = true;
}
if ($found)
{
$query4 = "INSERT INTO $DB_Forums_Unread (userid, postid) VALUES ('$ROW2->id', '$ROW->id')";
$result4 = mysql_query($query4, $Link) or queryError("71", mysql_error());
}
}
else
{
$query4 = "INSERT INTO $DB_Forums_Unread (userid, postid) VALUES ('$ROW2->id', '$ROW->id')";
$result4 = mysql_query($query4, $Link) or queryError("71", mysql_error());
}
}
if ($replyid)
$topicid = $replyid;
else
$topicid = $ROW->id;
$query = "SELECT * FROM $DB_Forums_Posts WHERE id='$topicid' OR replyto='$topicid'";
$result = mysql_query($query, $Link) or queryError("71", mysql_error());
$total = mysql_num_rows($result);
$pages = (int)($total/$sxSetup['ForumPostsPerPage']);
if ($total%$sxSetup['ForumPostsPerPage'] > 0)
$pages = $pages + 1;
sxForumSubscriptionNotify($topicid);
header("Location: forums_topic.php?topicid=$topicid&page=$pages#$ROW->id");
die();
}
}
if (($replyid) OR ($editid))
{
$query = "SELECT * FROM $DB_Forums_Posts WHERE id='$replyid' OR id='$editid'";
$result = mysql_query($query, $Link) or queryError("71", mysql_error());
$ROW = mysql_fetch_object($result);
$topic_name = $ROW->topic;
$forumid = $ROW->forumid;
}
protectPrivateForum($forumid);
$query = "SELECT * FROM $DB_Forums WHERE id='$forumid'";
$result = mysql_query($query, $Link) or queryError("71", mysql_error());
$ROW = mysql_fetch_object($result);
$forum_name = $ROW->name;
if( $editid)
{
$queryE = "SELECT * FROM $DB_Forums_Posts WHERE id='$editid'";
$resultE = mysql_query($queryE, $Link) or queryError("71", mysql_error());
$ROWE = mysql_fetch_object($resultE);
}
if($editid)
$sxForumPostTrail = $sxLang['ForumEditPost'];
elseif($replyid)
{
if($topic_name)
$sxForumPostTrail = '<a href="forums_topic.php?topicid=' . $replyid . '">' . $topic_name . '</a> > '.$sxLang['ForumReply'];
else
$sxForumPostTrail = '<a href="forums_topic.php?topicid=' . $replyid . '">[' . $sxLang['ForumUntitledTopic'] . ']</a> > '.$sxLang['ForumReply'];
}
else
$sxForumPostTrail = $sxLang['ForumHeadingPostNew'];
// Secure imaging
if($sxSetup['FormSecurity'] == 1)
$sxSecureImage = sxCreateSecurityImage();
$sxTitleAddendum = getComponentName("6").' - '.$forum_name.' - '.strip_tags($sxForumPostTrail);
include("themes/$THEME_FOLDER/header.php");
?>
<script language="javascript" type="text/javascript">
<!--
function popUp(URL)
{
day = new Date();
id = day.getTime();
eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=1,location=0,statusbar=0,menubar=0,resizable=0,width=300,height=275');");
}
function submitIt(myForm){
if(myForm.topic.value == ""){
alert("<?PHP echo $sxLang['ForumJSTopicEmpty']; ?>");
myForm.topic.select();
return false;
}
if(myForm.content.value == ""){
alert("<?PHP echo $sxLang['ForumJSContentEmpty']; ?>");
myForm.content.select();
return false;
}
}
//-->
</script>
<div class="bodyWrapper">
<?PHP if($message) echo '<div class="message">' .$message . '</div>'; ?>
<table border="0" cellpadding="3" cellspacing="0" width="<?PHP echo $sxSetup['ForumWidth']; ?>" align="center">
<tr>
<td><span class="sxSmallText"><a href="forums.php"><?PHP echo getComponentName("6"); ?></a> >
<a href="forums_view.php?forumid=<?PHP echo $forumid; ?>"><?PHP echo $forum_name; ?></a> >
<?PHP echo $sxForumPostTrail; ?></span><br /><br /></td>
</tr>
</table>
<table border="0" cellspacing="1" cellpadding="6" width="<?PHP echo $sxSetup['ForumWidth']; ?>" align="center">
<form name="sxFormForumPost" action="<?PHP echo $PHP_SELF; ?>" method="post" onsubmit="return submitIt(this)"><tr>
<td class="tableColumn" colspan="2"><?PHP
if($editid) echo $sxLang['ForumHeadingPostEdit'];
elseif($replyid) echo $sxLang['ForumHeadingPostReply'];
else echo $sxLang['ForumHeadingPostNew'];
?>
</td>
</tr>
<?PHP
if($Preview)
{
echo '<tr><td colspan="2"><hr size="1" noshade="noshade" /></td></tr>';
echo '<tr><td valign="top" align="right" width="150"><strong>' . $sxLang['Preview'] . '</strong></td><td>';
echo nl2br(strip_tags(preg_replace('/<a([^>]+)>/i', '<a\\1 rel="nofollow">', stripslashes($content)), $sxThemeConfig['ForumAllowedTags'])) . '<br /></td></tr><tr><td colspan="2"><hr size="1" noshade="noshade" /></td></tr>';
}
?>
<tr>
<td class="sxTdItem"><?PHP echo $sxLang['ForumItemTopic']; ?></td>
<td valign="top"><input name="topic" style="width:450px;" type="text" value="<?PHP
if($replyid)
echo $sxLang['ForumRe'].': ' .$topic_name;
elseif($topic)
echo htmlspecialchars(stripslashes($topic));
elseif($editid)
echo $ROWE->topic;
?>" maxlength="255" /></td>
</tr>
<tr>
<td class="sxTdItem"><?PHP echo $sxLang['ForumItemMessage']; ?><br /><br /><span class="sxSmallText"><a href="javascript:popUp('forums_tags.php')"><?PHP echo $sxLang['HTMLEnabled']; ?></a></span></td>
<td valign="top"><textarea name="content" style="width:450px;height:300px;"><?PHP
if($content) echo stripslashes($content);
elseif($editid) echo $ROWE->content; ?></textarea></td>
</tr>
<tr>
<td class="sxTdItem"> </td>
<td valign="top">
<?PHP if($THIS_USER != 0){ if(!sxForumSubscription('forum', $forumid)){ if((!$editid)AND(!(($replyid)AND(sxForumSubscription('topic', $replyid)))) ){ ?>
<input type="checkbox" name="subscribe" value="1" <?PHP if( (($content)AND($subscribe == 1)) OR ((!$replyid)AND(!$editid))) echo 'checked="checked"'; ?> /> <?PHP echo $sxLang['ForumTopicSubscribe']; ?><br />
<?PHP }} else echo $sxLang['ForumTopicSubscribed'].'<br />'; } if (((userAdmin()) OR (userModerator())) AND (!$replyid)) { ?>
<input type="checkbox" name="sticky" value="1" <?PHP if ( (($content)AND($sticky == 1)) OR (($editid)AND($ROWE->sticky == 1)) ) echo 'checked="checked"'; ?> /> <?PHP echo $sxLang['ForumTopicSticky']; ?>
<?PHP } ?>
</td>
</tr>
<?PHP if(($sxSetup['FormSecurity'] == 1)AND($THIS_USER == 0)){ ?>
<tr>
<td class="sxTdItem"> </td>
<td><img src="<?PHP echo $sxSecureImage['url']; ?>" /><br /><?PHP echo $sxLang['GeneralItemSecureCase']; ?></td>
</tr>
<tr>
<td class="sxTdItem"><?PHP echo $sxLang['GeneralItemSecureCode']; ?></td>
<td><input name="security_code" type="text" id="security_code" maxlength="255" />
<input type="hidden" name="codeid" value="<?PHP echo $sxSecureImage['codeid']; ?>" /></td>
</tr>
<?PHP } ?>
<tr>
<td> </td>
<td align="center">
<input name="Preview" style="width:150px;" type="submit" value="<?PHP echo $sxLang['ButtonPreview']; ?>" class="sxButton" />
<?PHP
if($editid) echo '<input type="hidden" name="editid" value="' . $editid . '" /><input type="hidden" name="forumid" value="' . $forumid . '" /><input name="Edit" style="width:150px;" type="submit" value="' . $sxLang['ForumHeadingPostEdit'] . '" class="sxButton" />';
elseif($replyid) echo '<input type="hidden" name="replyid" value="' . $replyid . '" /><input type="hidden" name="forumid" value="' . $forumid . '" /><input name="Reply" style="width:150px;" type="submit" value="' . $sxLang['ForumHeadingPostReply'] . '" class="sxButton" />';
else echo '<input type="hidden" name="forumid" value="' . $forumid . '" /><input name="Post" style="width:150px;" type="submit" class="sxButton" value="' . $sxLang['ForumHeadingPostNew'] . '" />';
?>
</td>
</tr></form>
</table><?PHP if($replyid){ ?><br />
<table border="0" cellspacing="1" cellpadding="6" width="<?PHP echo $sxSetup['ForumWidth']; ?>" align="center">
<tr>
<td class="tableColumn"><?PHP echo $sxLang['ForumItemTopic']; ?></td>
</tr>
<tr>
<td>
<iframe name="sxForumReview" id="sxForumReview" align="middle" frameborder="0" height="400" width="<?PHP echo $sxSetup['ForumWidth']-12; ?>" scrolling="auto" src="forums_topic.php?topicid=<?PHP echo $replyid; ?>&reviewMode=1">
</iframe></td>
</tr>
</table><?PHP } ?>
</div>
<!-- background refresh -->
<iframe src ="../includes/session_keepalive.php?interval=<?PHP echo $sxThemeConfig['AdminKeepAlive']; ?>&bgcolor=<?PHP echo urlencode($sxThemeConfig['SiteBaseColor']); ?>" scrolling="no" height="1" marginheight="0" marginwidth="0" frameborder="0" align="right" width="1"></iframe>
<?PHP
include("themes/$THEME_FOLDER/footer.php");
ob_end_flush();
?>