<?php
/*
Viscacha - A bulletin board solution for easily managing your content
Copyright (C) 2004-2009 The Viscacha Project
Author: Matthias Mohr (et al.)
Publisher: The Viscacha Project, http://www.viscacha.org
Start Date: May 22, 2004
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
error_reporting(E_ALL);
define('SCRIPTNAME', 'newtopic');
define('VISCACHA_CORE', '1');
include ("data/config.inc.php");
include ("classes/function.viscacha_frontend.php");
$board = $gpc->get('id', int);
$fid = $gpc->get('fid', str);
$my->p = $slog->Permissions($board);
$catbid = $scache->load('cat_bid');
$fc = $catbid->get();
if (empty($board) || !isset($fc[$board])) {
error($lang->phrase('query_string_error'));
}
$last = $fc[$board];
forum_opt($last, 'posttopics');
if ($config['tpcallow'] == 1 && $my->p['attachments'] == 1) {
$p_upload = 1;
}
else {
$p_upload = 0;
}
$topforums = get_headboards($fc, $last, true);
$breadcrumb->Add($last['name'], "showforum.php?id=".$last['id'].SID2URL_x);
$breadcrumb->Add($lang->phrase('newtopic_title'));
($code = $plugins->load('newtopic_start')) ? eval($code) : null;
if ($_GET['action'] == "startvote") {
$result = $db->query("SELECT id, vquestion, name, board FROM {$db->pre}topics WHERE id = '{$_GET['topic_id']}' LIMIT 1");
$info = $db->fetch_assoc($result);
$my->mp = $slog->ModPermissions($info['board']);
$temp = $gpc->get('temp', int, 2);
if ($temp < 2) {
$temp = 2;
}
if ($temp > 50) {
$temp = 50;
}
($code = $plugins->load('newtopic_startvote_start')) ? eval($code) : null;
$error = array();
if ($my->p['addvotes'] == 0 || !empty($info['vquestion']) || ($info['name'] != $my->id && $my->mp[0] == 0)) {
$error[] = $lang->phrase('not_allowed');
}
if ($db->num_rows($result) != 1) {
$error[] = $lang->phrase('query_string_error');
}
if (count($error) > 0) {
errorLogin($error,"showforum.php?id=".$info['board'].SID2URL_x);
}
if (is_hash($fid)) {
$data = $gpc->unescape(import_error_data($fid));
for ($i = 1; $i <= $temp; $i++) {
if (!isset($data[$i])) {
$data[$i] = '';
}
}
}
else {
$data = array_fill(1, $temp, '');
$data['question'] = '';
}
$breadcrumb->Add($lang->phrase('add_vote_to_thread'));
echo $tpl->parse("header");
echo $tpl->parse("menu");
($code = $plugins->load('newtopic_startvote_prepared')) ? eval($code) : null;
echo $tpl->parse("newtopic/startvote");
($code = $plugins->load('newtopic_startvote_end')) ? eval($code) : null;
}
elseif ($_GET['action'] == "savevote") {
$temp = $gpc->get('temp', int);
$topic_id = $gpc->get('topic_id', int);
if (!empty($_POST['Update'])) {
$_POST['notice']['question'] = $_POST['question'];
$fid = save_error_data($_POST['notice'], $fid);
$slog->updatelogged();
$db->close();
sendStatusCode(307, $config['furl']."/newtopic.php?action=startvote&id={$board}&topic_id={$topic_id}&temp={$temp}&fid=".$fid.SID2URL_x);
exit;
}
if ($my->p['addvotes'] == 0 || !empty($info['vquestion'])) {
errorLogin($lang->phrase('not_allowed'),"showforum.php?id=".$info['board'].SID2URL_x);
}
$result = $db->query("SELECT id, vquestion, board FROM {$db->pre}topics WHERE id = '{$topic_id}' LIMIT 1");
$info = $db->fetch_assoc($result);
$error = array();
if ($db->num_rows($result) != 1) {
$error[] = $lang->phrase('query_string_error');
}
if (strxlen($_POST['question']) > $config['maxtitlelength']) {
$error[] = $lang->phrase('question_too_long');
}
if (strxlen($_POST['question']) < $config['mintitlelength']) {
$error[] = $lang->phrase('question_too_short');
}
$i = 1;
foreach ($_POST['notice'] as $id => $uval) {
$uval = trim($uval);
if (strlen($uval) >= 255) {
$error[] = $lang->phrase('vote_reply_too_long');
}
if (strlen($uval) == 0) {
unset($_POST['notice'][$id]);
}
else {
$_POST['notice'][$id] = $uval;
}
$i++;
}
if (count_filled($_POST['notice']) < 2) {
$error[] = $lang->phrase('min_replies_vote');
}
if (count_filled($_POST['notice']) > 50) {
$error[] = $lang->phrase('max_replies_vote');
}
($code = $plugins->load('newtopic_savevote_errorhandling')) ? eval($code) : null;
if (count($error) > 0) {
$_POST['notice']['question'] = $_POST['question'];
($code = $plugins->load('newtopic_savevote_errordata')) ? eval($code) : null;
$fid = save_error_data($_POST['notice'], $fid);
error($error,"newtopic.php?action=startvote&id={$info['board']}&topic_id={$topic_id}&temp={$temp}&fid=".$fid.SID2URL_x);
}
else {
$sqlwhere = array();
foreach ($_POST['notice'] as $uval) {
$sqlwhere[] = "({$topic_id}, '{$uval}')";
}
$sqlwhere = implode(", ",$sqlwhere);
($code = $plugins->load('newtopic_savevote_queries')) ? eval($code) : null;
$db->query("UPDATE {$db->pre}topics SET vquestion = '{$_POST['question']}' WHERE id = '{$info['id']}'");
$db->query("INSERT INTO {$db->pre}vote (tid, answer) VALUES {$sqlwhere}");
$inserted = $db->affected_rows();
if ($inserted > 1) {
ok($lang->phrase('data_success'),"showtopic.php?id={$topic_id}".SID2URL_x);
}
else {
$db->query("UPDATE {$db->pre}topics SET vquestion = '' WHERE id = '{$topic_id}'");
error($lang->phrase('add_vote_failed'),"showtopic.php?id={$topic_id}".SID2URL_x);
}
}
}
elseif ($_GET['action'] == "save") {
$digest = $gpc->get('digest', int);
$error = array();
if (is_hash($fid)) {
$error_data = import_error_data($fid);
}
$human = empty($error_data['human']) ? false : $error_data['human'];
if (!$my->vlogin) {
if ($config['botgfxtest_posts'] > 0 && $human == false) {
$captcha = newCAPTCHA('posts');
$status = $captcha->check();
if ($status == CAPTCHA_FAILURE) {
$error[] = $lang->phrase('veriword_failed');
}
elseif ($status == CAPTCHA_MISTAKE) {
$error[] = $lang->phrase('veriword_mistake');
}
else {
$human = true;
}
}
if (!check_mail($_POST['email']) && ($config['guest_email_optional'] == 0 || !empty($_POST['email']))) {
$error[] = $lang->phrase('illegal_mail');
}
if (double_udata('name',$_POST['name']) == false) {
$error[] = $lang->phrase('username_registered');
}
if (is_id($_POST['name'])) {
$error[] = $lang->phrase('username_registered');
}
if (strxlen($_POST['name']) > $config['maxnamelength']) {
$error[] = $lang->phrase('name_too_long');
}
if (strxlen($_POST['name']) < $config['minnamelength']) {
$error[] = $lang->phrase('name_too_short');
}
if (strlen($_POST['email']) > 200) {
$error[] = $lang->phrase('email_too_long');
}
$pname = $_POST['name'];
$pid = 0;
$pnameid = $_POST['name'];
}
else {
$pname = $my->name;
$pid = $my->id;
$pnameid = $my->id;
}
if (flood_protect(FLOOD_TYPE_POSTING) == false) {
$error[] = $lang->phrase('flood_control');
}
if (strxlen($_POST['comment']) > $config['maxpostlength']) {
$error[] = $lang->phrase('comment_too_long');
}
if (strxlen($_POST['comment']) < $config['minpostlength']) {
$error[] = $lang->phrase('comment_too_short');
}
if (strxlen($_POST['topic']) > $config['maxtitlelength']) {
$error[] = $lang->phrase('title_too_long');
}
if (strxlen($_POST['topic']) < $config['mintitlelength']) {
$error[] = $lang->phrase('title_too_short');
}
$prefix_obj = $scache->load('prefix');
$prefix_arr = $prefix_obj->get($board);
if (!isset($prefix_arr[$_POST['opt_0']]) && $last['prefix'] == 1) {
$error[] = $lang->phrase('prefix_not_optional');
}
BBProfile($bbcode);
$_POST['topic'] = $bbcode->parseTitle($_POST['topic']);
($code = $plugins->load('newtopic_save_errorhandling')) ? eval($code) : null;
if (count($error) > 0 || !empty($_POST['Preview'])) {
$data = array(
'topic' => $_POST['topic'],
'comment' => $_POST['comment'],
'prefix' => $_POST['opt_0'],
'dosmileys' => $_POST['dosmileys'],
'dowords' => $_POST['dowords'],
'vote' => $_POST['opt_2'],
'replies' => $_POST['temp'],
'guest' => 1,
'human' => $human,
'digest' => $digest,
'name' => null,
'email' => null,
'guest' => 0
);
if (!$my->vlogin) {
if ($config['guest_email_optional'] == 0 && empty($_POST['email'])) {
$data['email'] = '';
}
else {
$data['email'] = $_POST['email'];
}
$data['name'] = $_POST['name'];
$data['guest'] = 1;
}
($code = $plugins->load('newtopic_save_errordata')) ? eval($code) : null;
$fid = save_error_data($data, $fid);
if (!empty($_POST['Preview'])) {
$slog->updatelogged();
$db->close();
sendStatusCode(307, $config['furl']."/newtopic.php?action=preview&id={$board}&fid=".$fid.SID2URL_JS_x);
exit;
}
else {
error($error,"newtopic.php?id={$board}&fid=".$fid.SID2URL_x);
}
}
else {
set_flood(FLOOD_TYPE_POSTING);
$date = time();
if ($my->vlogin) {
$guest = 0;
}
else {
$guest = 1;
}
($code = $plugins->load('newtopic_save_savedata')) ? eval($code) : null;
$db->query("
INSERT INTO {$db->pre}topics (board,topic,name,date,last,last_name,prefix,vquestion)
VALUES ('{$board}','{$_POST['topic']}','{$pnameid}','{$date}','{$date}','{$pnameid}','{$_POST['opt_0']}','')
");
$tredirect = $db->insert_id();
$db->query("
INSERT INTO {$db->pre}replies (board,topic,topic_id,name,comment,dosmileys,dowords,email,date,tstart,ip,guest,edit,report)
VALUES ('{$board}','{$_POST['topic']}','{$tredirect}','{$pnameid}','{$_POST['comment']}','{$_POST['dosmileys']}','{$_POST['dowords']}','{$_POST['email']}','{$date}','1','{$my->ip}','{$guest}','','')
");
$rredirect = $db->insert_id();
$db->query("UPDATE {$db->pre}uploads SET topic_id = '{$tredirect}', tid = '{$rredirect}' WHERE mid = '{$pid}' AND topic_id = '0' AND tid = '0'");
// Insert notifications
if ($my->vlogin && $digest != 0) {
switch ($digest) {
case 2: $type = 'd'; break;
case 3: $type = 'w'; break;
default: $type = ''; break;
}
$db->query("INSERT INTO {$db->pre}abos (mid, tid, type) VALUES ('{$my->id}', '{$tredirect}', '{$type}')");
}
$my->mp = $slog->ModPermissions($board);
$close = $gpc->get('close', int);
$pin = $gpc->get('pin', int);
$stat = $gpc->get('status', int);
if (($close == 1 || $pin == 1) && $my->vlogin) {
if ($close == 1 && $my->mp[0] == 1) {
$db->query("UPDATE {$db->pre}topics SET status = '1' WHERE id = '{$tredirect}'");
}
if ($pin == 1 && $my->mp[0] == 1) {
$db->query("UPDATE {$db->pre}topics SET sticky = '1' WHERE id = '{$tredirect}'");
}
}
if ((($stat == 1 && $my->mp[3] == 1) || ($stat == 2 && $my->mp[2] == 1) || $stat == 9) && $my->vlogin) { // null (Kein Status) ist standard und muss nicht geƤndert werden
if ($stat == 1) {
$input = 'a';
}
elseif ($stat == 2) {
$input = 'n';
}
elseif ($stat == 9) {
$input = '';
}
$db->query("UPDATE {$db->pre}topics SET mark = '{$input}' WHERE id = '{$tredirect}'");
}
if ($config['updatepostcounter'] == 1 && $last['count_posts'] == 1) {
$db->query ("UPDATE {$db->pre}user SET posts = posts+1 WHERE id = '{$my->id}'");
}
$db->query ("UPDATE {$db->pre}forums SET topics = topics+1, last_topic = '{$tredirect}' WHERE id = '{$board}'");
$catobj = $scache->load('cat_bid');
$catobj->delete();
if (count($last['topic_notification']) > 0) {
$to = array();
foreach ($last['topic_notification'] as $mail) {
$to[] = array('mail' => $mail);
}
$lang_dir = $lang->getdir(true);
$lang->setdir($config['langdir']);
$data = $lang->get_mail('new_topic');
$lang->setdir($lang_dir);
$from = array();
xmail($to, $from, $data['title'], $data['comment']);
}
// Set topic read
$slog->setTopicRead($tredirect, $topforums);
($code = $plugins->load('newtopic_save_end')) ? eval($code) : null;
if ($_POST['opt_2'] == '1') {
ok($lang->phrase('new_thread_vote_success'),"newtopic.php?action=startvote&id={$board}&topic_id={$tredirect}&temp={$_POST['temp']}");
}
else {
ok($lang->phrase('data_success'),"showtopic.php?id={$tredirect}".SID2URL_x);
}
}
}
else {
$my->mp = $slog->ModPermissions($board);
echo $tpl->parse("header");
echo $tpl->parse("menu");
BBProfile($bbcode);
$prefix_obj = $scache->load('prefix');
$prefix_arr = $prefix_obj->get($board);
$standard_data = array(
'prefix' => 0,
'vote' => '',
'replies' => '',
'name' => '',
'email' => '',
'comment' => '',
'dosmileys' => 1,
'dowords' => 1,
'topic' => '',
'human' => false,
'digest' => 0
);
if (is_hash($fid)) {
$data = $gpc->unescape(import_error_data($fid));
$info = array($data['topic']);
if ($_GET['action'] == 'preview') {
$bbcode->setSmileys($data['dosmileys']);
if ($config['wordstatus'] == 0) {
$dowords = 0;
}
else {
$dowords = $data['dowords'];
}
$bbcode->setReplace($dowords);
$data['formatted_comment'] = $bbcode->parse($data['comment']);
$prefix = '';
if (isset($prefix_arr[$data['prefix']])) {
$prefix = $prefix_arr[$data['prefix']]['value'];
}
}
foreach ($standard_data as $key => $value) {
if (!isset($data[$key])) {
$data[$key] = $value;
}
}
}
else {
$data = $standard_data;
$_GET['action'] = $_POST['action'] = '';
}
if (count($prefix_arr) > 0) {
array_columnsort($prefix_arr, "value");
if ($last['prefix'] == 0) {
$prefix_arr_standard = $prefix_arr;
array_columnsort($prefix_arr_standard, "standard");
$standard = end($prefix_arr_standard);
if ($standard['standard'] == 1) {
$sel = key($prefix_arr_standard);
}
else {
$sel = 0;
}
unset($prefix_arr_standard, $standard);
$prefix_arr = array($lang->phrase('prefix_empty')) + $prefix_arr;
}
else {
$sel = -1;
}
if ($data['prefix'] > 0) {
$sel = $data['prefix'];
}
$inner['index_prefix'] = $tpl->parse("newtopic/index_prefix");
}
else {
$inner['index_prefix'] = '';
}
if ($config['botgfxtest_posts'] > 0 && $data['human'] == false) {
$captcha = newCAPTCHA('posts');
}
else {
$captcha = null;
}
($code = $plugins->load('newtopic_form_prepared')) ? eval($code) : null;
echo $tpl->parse("newtopic/index");
($code = $plugins->load('newtopic_form_end')) ? eval($code) : null;
}
($code = $plugins->load('newtopic_end')) ? eval($code) : null;
$slog->updatelogged();
$zeitmessung = t2();
echo $tpl->parse("footer");
$phpdoc->Out();
$db->close();
?>