Location: PHPKode > projects > SiteX > forums_post.php
<?PHP
ob_start();
session_start();

include("includes/globals.php.inc");
include("includes/functions.php");
include("lang/English.php");
if(strtolower($sxSetup['Language']) != 'english') include("lang/".$sxSetup['Language'].".php");
include("themes/$THEME_FOLDER/config.php.inc");

protectComponentPage(6);

if ((!$replyid) AND (!$editid) AND (!$forumid))
{
	header("Location: forums.php");
	die();
}

if (!$sxSetup['ForumAnonymous'])
{
	if (!loggedIn())
	{
		header("Location: forums.php?loginError=true");
		die();
	}
	if ((intval($THIS_USER) == 0) OR ($THIS_USER == '0') OR ($THIS_USER == ''))
	{
		header("Location: forums.php?loginError=true");
		die();
	}
}

$query = "SELECT * FROM $DB_Forums_Posts WHERE id='$replyid'";
$result = mysql_query($query, $Link) or queryError("71", mysql_error());
$ROW = mysql_fetch_object($result);

if ($ROW->locked == 1)
{
	header("Location: forums.php?message=".str_replace(" ","_",$sxLang['MessageForumTopicLocked']));
	die();
}

if ($editid)
{
	$query = "SELECT * FROM $DB_Forums_Posts WHERE id='$editid'";
	$result = mysql_query($query, $Link) or queryError("71", mysql_error());
	$ROW = mysql_fetch_object($result);
	
	if ((($THIS_USER == $ROW->userid) AND ((!$sxSetup['ForumEditTimeout']) OR ($ROW->timestamp>($NOW-$sxSetup['ForumEditTimeoutSeconds']))))OR((userModerator())OR(userAdmin())))
		$editable = true;
	else
		$editable = false;
	
	if(!$editable)
	{
		header("Location: forums.php");
		die();
	}
}

if ($Edit)
{
	if ((($THIS_USER == $ROW->userid) AND ((!$sxSetup['ForumEditTimeout']) OR ($ROW->timestamp>($NOW-$sxSetup['ForumEditTimeoutSeconds']))))OR((userModerator())OR(userAdmin())))
	{
		// Sticky
		$db_sticky = 0;
		if(((userAdmin()) OR (userModerator())) AND ($sticky == 1))
			$db_sticky = 1;
		
		$topic = htmlspecialchars($topic);
		
		$query = "UPDATE $DB_Forums_Posts SET topic='$topic', content='$content', sticky='$db_sticky', lastedit='$NOW' WHERE id='$editid'";
		$result = mysql_query($query, $Link) or queryError("71", mysql_error());
		
		$query = "SELECT * FROM $DB_Forums_Posts WHERE id='$editid'";
		$result = mysql_query($query, $Link) or queryError("71", mysql_error());
		$ROW = mysql_fetch_object($result);
		
		if ($ROW->replyto)
			$topicid = $ROW->replyto;
		else
			$topicid = $ROW->id;
		
		$query = "SELECT * FROM $DB_Forums_Posts WHERE id='$topicid' OR replyto='$topicid' ORDER BY timestamp ".$sxThemeConfig['ForumOrder'];
		$result = mysql_query($query, $Link) or queryError("71", mysql_error());
		$total = mysql_num_rows($result);
		$sxTopicCount = 1;
		
		while ($ROW = mysql_fetch_object($result))
		{
			if ($ROW->id == $editid)
				$sxThisTopicNumber = $sxTopicCount;
			else
				$sxTopicCount += 1;
		}
		
		// Compute return page
		$sxPageMod = $sxThisTopicNumber%$sxSetup['ForumPostsPerPage'];
		$page = ($sxThisTopicNumber/$sxSetup['ForumPostsPerPage']) - ($sxPageMod/$sxSetup['ForumPostsPerPage']);
		if($sxPageMod > 0)
			$page = $page + 1;
		
		header("Location: forums_topic.php?topicid=$topicid&page=$page#$editid");
		die();
	}
	else
	{
		header("Location: forums.php");
		die();
	}
}

if ((($Post) OR ($Reply)) AND (strlen($content) > 0))
{
	protectPrivateForum($forumid);
	$topic = htmlspecialchars($topic);
	
	// Sticky
	$db_sticky = 0;
	if (((userAdmin()) OR (userModerator())) AND ($sticky == 1) AND ($Post))
		$db_sticky = 1;
	
	$process_post = false;
	
	// If form is secured
	if(($sxSetup['FormSecurity'] == 1)AND($THIS_USER == 0))
	{
		// Validate the code
		if(validateSecurityCode(htmlspecialchars($security_code), intval($codeid,10)) == true)
			$process_post = true;
		else
			$message = $sxLang['MessageSecurityCodeRejected'];
	}
	else
		$process_post = true;
	
	if($process_post)
	{
		$query = "INSERT INTO $DB_Forums_Posts
				  (topic, content, timestamp, updated, lastedit, userid, forumid, replyto, views, locked, sticky) VALUES
				  ('$topic', '$content', '$NOW', '$NOW', '$NOW', '$THIS_USER', '$forumid', '$replyid', '0', '0', '$db_sticky')";
		$result = mysql_query($query, $Link) or queryError("71", mysql_error());
		
		if ($replyid)
		{
			$query = "UPDATE $DB_Forums_Posts SET updated='$NOW' WHERE id='$replyid'";
			$result = mysql_query($query, $Link) or queryError("71", mysql_error());
		}
		
		$query = "SELECT * FROM $DB_Forums_Posts WHERE timestamp='$NOW' AND userid='$THIS_USER'";
		$result = mysql_query($query, $Link) or queryError("71", mysql_error());
		$ROW = mysql_fetch_object($result);
		
		// Subscribe to topic
		if ($subscribe == 1)
		{
			if ($replyid)
				$sxToSubscribe = $replyid;
			else
				$sxToSubscribe = $ROW->id;
	
			if( !sxForumSubscription('topic', $sxToSubscribe))
			{		
				$query2 = "INSERT INTO $DB_Forums_Notify (userid, notified, id_type, id_num) VALUES ('$THIS_USER', '0', 'topic', '$sxToSubscribe')";
				$result2 = mysql_query($query2, $Link) or queryError("69", mysql_error());
			}
		}
	
		$query2 = "SELECT * FROM $DB_Users";
		$result2 = mysql_query($query2, $Link) or queryError("71", mysql_error());
		while ($ROW2 = mysql_fetch_object($result2))
		{
			$found = false;
			$query3 = "SELECT * FROM $DB_Forums_Private WHERE forumid='$forumid'";
			$result3 = mysql_query($query3, $Link) or queryError("71", mysql_error());
			if (mysql_num_rows($result3))
			{
				while ($ROW3 = mysql_fetch_object($result3))
				{
					$query4 = "SELECT * FROM $DB_Users_Assoc WHERE userid='$ROW2->id' AND typeid='$ROW3->typeid'";
					$result4 = mysql_query($query4, $Link) or queryError("71", mysql_error());
					if (mysql_num_rows($result4))
						$found = true;
				}
				if ($found)
				{
					$query4 = "INSERT INTO $DB_Forums_Unread (userid, postid) VALUES ('$ROW2->id', '$ROW->id')";
					$result4 = mysql_query($query4, $Link) or queryError("71", mysql_error());
				}
			}
			else
			{
				$query4 = "INSERT INTO $DB_Forums_Unread (userid, postid) VALUES ('$ROW2->id', '$ROW->id')";
				$result4 = mysql_query($query4, $Link) or queryError("71", mysql_error());
			}
		}
		
		if ($replyid)
			$topicid = $replyid;
		else
			$topicid = $ROW->id;
		
		$query = "SELECT * FROM $DB_Forums_Posts WHERE id='$topicid' OR replyto='$topicid'";
		$result = mysql_query($query, $Link) or queryError("71", mysql_error());
		$total = mysql_num_rows($result);
		
		$pages = (int)($total/$sxSetup['ForumPostsPerPage']);
		if ($total%$sxSetup['ForumPostsPerPage'] > 0)
			$pages = $pages + 1;
		
		sxForumSubscriptionNotify($topicid);
		
		header("Location: forums_topic.php?topicid=$topicid&page=$pages#$ROW->id");
		die();
	}
}

if (($replyid) OR ($editid))
{
	$query = "SELECT * FROM $DB_Forums_Posts WHERE id='$replyid' OR id='$editid'";
	$result = mysql_query($query, $Link) or queryError("71", mysql_error());
	$ROW = mysql_fetch_object($result);
	$topic_name = $ROW->topic;
	$forumid = $ROW->forumid;
}

protectPrivateForum($forumid);

$query = "SELECT * FROM $DB_Forums WHERE id='$forumid'";
$result = mysql_query($query, $Link) or queryError("71", mysql_error());
$ROW = mysql_fetch_object($result);
$forum_name = $ROW->name;

if( $editid)
{
	$queryE = "SELECT * FROM $DB_Forums_Posts WHERE id='$editid'";
	$resultE = mysql_query($queryE, $Link) or queryError("71", mysql_error());
	$ROWE = mysql_fetch_object($resultE);
}

if($editid)
	$sxForumPostTrail = $sxLang['ForumEditPost'];

elseif($replyid)
{
	if($topic_name)
		$sxForumPostTrail = '<a href="forums_topic.php?topicid=' . $replyid . '">' . $topic_name . '</a> > '.$sxLang['ForumReply'];
	else
		$sxForumPostTrail = '<a href="forums_topic.php?topicid=' . $replyid . '">[' . $sxLang['ForumUntitledTopic'] . ']</a> > '.$sxLang['ForumReply'];
}
else
	$sxForumPostTrail = $sxLang['ForumHeadingPostNew'];
	
// Secure imaging
if($sxSetup['FormSecurity'] == 1)
	$sxSecureImage = sxCreateSecurityImage();

$sxTitleAddendum = getComponentName("6").' - '.$forum_name.' - '.strip_tags($sxForumPostTrail);
include("themes/$THEME_FOLDER/header.php");
?>
<script language="javascript" type="text/javascript">
<!--
function popUp(URL)
{
	day = new Date();
	id = day.getTime();
	eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=1,location=0,statusbar=0,menubar=0,resizable=0,width=300,height=275');");
}

function submitIt(myForm){
	if(myForm.topic.value == ""){
		alert("<?PHP echo $sxLang['ForumJSTopicEmpty']; ?>");
		myForm.topic.select();
		return false;
	}
	if(myForm.content.value == ""){
		alert("<?PHP echo $sxLang['ForumJSContentEmpty']; ?>");
		myForm.content.select();
		return false;
	}
}
//-->
</script>
  <div class="bodyWrapper">
  <?PHP if($message) echo '<div class="message">' .$message . '</div>'; ?>
  <table border="0" cellpadding="3" cellspacing="0" width="<?PHP echo $sxSetup['ForumWidth']; ?>" align="center">
	<tr>
	  <td><span class="sxSmallText"><a href="forums.php"><?PHP echo getComponentName("6"); ?></a> >
	  <a href="forums_view.php?forumid=<?PHP echo $forumid; ?>"><?PHP echo $forum_name; ?></a> >
	  <?PHP echo $sxForumPostTrail; ?></span><br /><br /></td>
	</tr>
  </table>
  <table border="0" cellspacing="1" cellpadding="6" width="<?PHP echo $sxSetup['ForumWidth']; ?>" align="center">
	<form name="sxFormForumPost" action="<?PHP echo $PHP_SELF; ?>" method="post" onsubmit="return submitIt(this)"><tr>
	  <td class="tableColumn" colspan="2"><?PHP
	  if($editid) 		echo $sxLang['ForumHeadingPostEdit'];
	  elseif($replyid) 	echo $sxLang['ForumHeadingPostReply'];
	  else 				echo $sxLang['ForumHeadingPostNew'];
	  ?>
	  </td>
	</tr>
	<?PHP
	if($Preview)
	{
		echo '<tr><td colspan="2"><hr size="1" noshade="noshade" /></td></tr>';
		echo '<tr><td valign="top" align="right" width="150"><strong>' . $sxLang['Preview'] . '</strong></td><td>';
		echo nl2br(strip_tags(preg_replace('/<a([^>]+)>/i', '<a\\1 rel="nofollow">', stripslashes($content)), $sxThemeConfig['ForumAllowedTags'])) . '<br /></td></tr><tr><td colspan="2"><hr size="1" noshade="noshade" /></td></tr>';
	}
	?>
	<tr>
	  <td class="sxTdItem"><?PHP echo $sxLang['ForumItemTopic']; ?></td>
	  <td valign="top"><input name="topic" style="width:450px;" type="text" value="<?PHP
	  if($replyid)
	  	echo $sxLang['ForumRe'].': ' .$topic_name;
	  elseif($topic)
	  	echo htmlspecialchars(stripslashes($topic));
	  elseif($editid)
	  	echo $ROWE->topic; 
	  ?>" maxlength="255" /></td>
	</tr>
	<tr>
	  <td class="sxTdItem"><?PHP echo $sxLang['ForumItemMessage']; ?><br /><br /><span class="sxSmallText"><a href="javascript:popUp('forums_tags.php')"><?PHP echo $sxLang['HTMLEnabled']; ?></a></span></td>
	  <td valign="top"><textarea name="content" style="width:450px;height:300px;"><?PHP
	  if($content) echo stripslashes($content);
	  elseif($editid) echo $ROWE->content; ?></textarea></td>
	</tr>
	<tr>
	  <td class="sxTdItem">&nbsp;</td>
	  <td valign="top">
	  <?PHP if($THIS_USER != 0){ if(!sxForumSubscription('forum', $forumid)){ if((!$editid)AND(!(($replyid)AND(sxForumSubscription('topic', $replyid)))) ){ ?>
	  <input type="checkbox" name="subscribe" value="1" <?PHP if( (($content)AND($subscribe == 1)) OR ((!$replyid)AND(!$editid))) echo 'checked="checked"'; ?> /> <?PHP echo $sxLang['ForumTopicSubscribe']; ?><br />
	  <?PHP }} else echo $sxLang['ForumTopicSubscribed'].'<br />'; } if (((userAdmin()) OR (userModerator())) AND (!$replyid)) { ?>
	  <input type="checkbox" name="sticky" value="1" <?PHP if ( (($content)AND($sticky == 1)) OR (($editid)AND($ROWE->sticky == 1)) ) echo 'checked="checked"'; ?> /> <?PHP echo $sxLang['ForumTopicSticky']; ?>
	  <?PHP } ?>
	  </td>
	</tr>
	<?PHP if(($sxSetup['FormSecurity'] == 1)AND($THIS_USER == 0)){ ?>
	<tr> 
	  <td class="sxTdItem">&nbsp;</td>
	  <td><img src="<?PHP echo $sxSecureImage['url']; ?>" /><br /><?PHP echo $sxLang['GeneralItemSecureCase']; ?></td>
	</tr>
	<tr> 
	  <td class="sxTdItem"><?PHP echo $sxLang['GeneralItemSecureCode']; ?></td>
	  <td><input name="security_code" type="text" id="security_code" maxlength="255" />
		  <input type="hidden" name="codeid" value="<?PHP echo $sxSecureImage['codeid']; ?>" /></td>
	</tr>
	<?PHP } ?>
	<tr>
	  <td>&nbsp;</td>
	  <td align="center">
	  <input name="Preview" style="width:150px;" type="submit" value="<?PHP echo $sxLang['ButtonPreview']; ?>"  class="sxButton" />
	  <?PHP
	  if($editid)		echo '<input type="hidden" name="editid" value="' . $editid . '" /><input type="hidden" name="forumid" value="' . $forumid . '" /><input name="Edit" style="width:150px;" type="submit" value="' . $sxLang['ForumHeadingPostEdit'] . '" class="sxButton" />';
	  elseif($replyid) 	echo '<input type="hidden" name="replyid" value="' . $replyid . '" /><input type="hidden" name="forumid" value="' . $forumid . '" /><input name="Reply" style="width:150px;" type="submit" value="' . $sxLang['ForumHeadingPostReply'] . '" class="sxButton" />';
	  else 				echo '<input type="hidden" name="forumid" value="' . $forumid . '" /><input name="Post" style="width:150px;" type="submit" class="sxButton" value="' . $sxLang['ForumHeadingPostNew'] . '" />';
	  ?>
	  </td>
	</tr></form>
  </table><?PHP if($replyid){ ?><br />
  <table border="0" cellspacing="1" cellpadding="6" width="<?PHP echo $sxSetup['ForumWidth']; ?>" align="center">
	<tr>
	 <td class="tableColumn"><?PHP echo $sxLang['ForumItemTopic']; ?></td>
	</tr>
	<tr>
	 <td>
	 <iframe name="sxForumReview" id="sxForumReview" align="middle" frameborder="0" height="400" width="<?PHP echo $sxSetup['ForumWidth']-12; ?>" scrolling="auto" src="forums_topic.php?topicid=<?PHP echo $replyid; ?>&reviewMode=1">
	 </iframe></td>
	</tr>
  </table><?PHP } ?>
  </div>
  <!-- background refresh -->
  <iframe src ="../includes/session_keepalive.php?interval=<?PHP echo $sxThemeConfig['AdminKeepAlive']; ?>&bgcolor=<?PHP echo urlencode($sxThemeConfig['SiteBaseColor']); ?>" scrolling="no" height="1" marginheight="0" marginwidth="0" frameborder="0" align="right" width="1"></iframe>
<?PHP
include("themes/$THEME_FOLDER/footer.php");
ob_end_flush();
?>
Return current item: SiteX