diff --git a/newreply.php b/newreply.php index 7ffc38b..baff8f5 100644 --- a/newreply.php +++ b/newreply.php @@ -105,203 +105,202 @@ if($post['thread']==$id) $quotemsg="[quote={$users[$u]['name']}]{$post['text']}[/quote]\r\n"; } - print " - - $tccellh width=150> $tccellh colspan=2>  - $tccell1>{$passhint} $tccell2l colspan=2> - {$altloginjs} - Username: $inpt=username VALUE=\"".htmlspecialchars($username)."\" SIZE=25 MAXLENGTH=25 autocomplete=\"off\"> - Password: $inpp=password SIZE=13 MAXLENGTH=64 autocomplete=\"off\"> - - $tccell1>Reply: - $tccell2l width=800px valign=top>".replytoolbar(2)." - $txta=message ROWS=21 COLS=$numcols style=\"width: 100%; max-width: 800px; resize:vertical;\" ".replytoolbar(3).">". htmlspecialchars($quotemsg, ENT_QUOTES) ." - $tccell2l width=*>".moodlist(filter_int($moodid))." - - $tccell1> $tccell2l colspan=2> - $inph=action VALUE=postreply> - $inph=id VALUE=$id> - $inph=valid value=\"". md5($_SERVER['REMOTE_ADDR'] . $id ."sillysaltstring") ."\"> - $inps=submit VALUE=\"Submit reply\"> - $inps=preview VALUE=\"Preview reply\"> - $tccell1>Options:$tccell2l colspan=2> - $inpc=\"nosmilies\" id=\"nosmilies\" value=\"1\"> - - $inpc=\"nolayout\" id=\"nolayout\" value=\"1\"> - - $inpc=\"nohtml\" id=\"nohtml\" value=\"1\"> - $modoptions - $tblend -
- $tblstart$postlist$tblend - - - $fonttag$boardname - $forum[title] - $thread[title] - ".replytoolbar(4); + print " + + $tccellh width=150> $tccellh colspan=2>  + $tccell1>{$passhint} $tccell2l colspan=2> + {$altloginjs} + Username: $inpt=username VALUE=\"".htmlspecialchars($username)."\" SIZE=25 MAXLENGTH=25 autocomplete=\"off\"> + Password: $inpp=password SIZE=13 MAXLENGTH=64 autocomplete=\"off\"> + + $tccell1>Reply: + $tccell2l width=800px valign=top> + $txta=message ROWS=21 COLS=$numcols style=\"width: 100%; max-width: 800px; resize:vertical;\">". htmlspecialchars($quotemsg, ENT_QUOTES) ." + $tccell2l width=*>".moodlist(filter_int($moodid))." + + $tccell1> $tccell2l colspan=2> + $inph=action VALUE=postreply> + $inph=id VALUE=$id> + $inph=valid value=\"". md5($_SERVER['REMOTE_ADDR'] . $id ."sillysaltstring") ."\"> + $inps=submit VALUE=\"Submit reply\"> + $inps=preview VALUE=\"Preview reply\"> + $tccell1>Options:$tccell2l colspan=2> + $inpc=\"nosmilies\" id=\"nosmilies\" value=\"1\"> - + $inpc=\"nolayout\" id=\"nolayout\" value=\"1\"> - + $inpc=\"nohtml\" id=\"nohtml\" value=\"1\"> + $modoptions + $tblend +
+ $tblstart$postlist$tblend + + + $fonttag$boardname - $forum[title] - $thread[title]"; } elseif(!$_POST['action']) { - print $header; - print "$tccell1>You are not allowed to post in this thread. -
".redirect("index.php", 'return to the index page', 0).""; + print $header; + print "$tccell1>You are not allowed to post in this thread. +
".redirect("index.php", 'return to the index page', 0).""; } - if($_POST['action']=='postreply' && !($banned && $log) && $id>0) { + if ($_POST['action'] == 'postreply' && !($banned && $log) && $id > 0) { if ($log && !$password) $userid = $loguserid; else $userid = checkuser($username,$password); - $error=''; - if($userid==-1) - $error="Either you didn't enter an existing username, or you haven't entered the right password for the username."; - else{ - $user=@$sql->fetchq("SELECT * FROM users WHERE id=$userid"); - if($thread['closed']) - $error='The thread is closed and no more replies can be posted.'; - if($user['powerlevel']<$forum['minpowerreply']) - $error='Replying in this forum is restricted, and you are not allowed to post in this forum.'; - if(!$message) - $error="You didn't enter anything in the post."; + $error=''; + + if ($userid == -1) { + $error = "Either you didn't enter an existing username, or you haven't entered the right password for the username."; + } else { + $user = @$sql->fetchq("SELECT * FROM users WHERE id='$userid'"); + if ($thread['closed']) + $error = 'The thread is closed and no more replies can be posted.'; + if ($user['powerlevel']<$forum['minpowerreply']) + $error = 'Replying in this forum is restricted, and you are not allowed to post in this forum.'; + if (!$message) + $error = "You didn't enter anything in the post."; + } + + if (!$error) { + + $sign = $user['signature']; + $head = $user['postheader']; + // @TODO: Remove this code + if($user['postbg']) $head="
$head"; + + $numposts = $user['posts']+ 1; + + $numdays = (ctime()-$user['regdate'])/86400; + $tags = array(); + $message = doreplace($message,$numposts,$numdays,$username, $tags); + $tagval = $sql->escape(json_encode($tags)); + $rsign = doreplace($sign,$numposts,$numdays,$username); + $rhead = doreplace($head,$numposts,$numdays,$username); + $currenttime = ctime(); + if (filter_string($_POST['submit'])) { + + $sql->query("UPDATE `users` SET `posts` = $numposts, `lastposttime` = '$currenttime' WHERE `id` = '$userid'"); + + if (filter_bool($nolayout)) { + $headid = 0; + $signid = 0; + } else { + $headid=getpostlayoutid($head); + $signid=getpostlayoutid($sign); + } + + + $close = ""; + $stick = ""; + if ($ismod) { + if ($close) $close = "`closed` = '1',"; + else $close = "`closed` = '0',"; + if ($stick) $stick = "`sticky` = '1',"; + else $stick = "`sticky` = '0',"; + } + + $sql->query("INSERT INTO posts (thread,user,date,ip,num,headid,signid,moodid) VALUES ($id,$userid,$currenttime,'$userip',$numposts,$headid,$signid,'". $_POST['moodid'] ."')"); + $pid=mysql_insert_id(); + + $options = filter_int($nosmilies) . "|" . filter_int($nohtml); + + if($pid) $sql->query("INSERT INTO `posts_text` (`pid`,`text`,`tagval`, `options`) VALUES ('$pid','$message','$tagval', '$options')"); + + $sql->query("UPDATE `threads` SET $close $stick `replies` = `replies` + 1, `lastpostdate` = '$currenttime', `lastposter` = '$userid' WHERE `id`='$id'"); + $sql->query("UPDATE `forums` SET `numposts` = `numposts` + 1, `lastpostdate` = '$currenttime', `lastpostuser` ='$userid', `lastpostid` = '$pid' WHERE `id`='$forumid'"); + + $sql->query("UPDATE `threadsread` SET `read` = '0' WHERE `tid` = '$id'"); + $sql->query("REPLACE INTO threadsread SET `uid` = '$userid', `tid` = '$id', `time` = ". ctime() .", `read` = '1'"); + + + xk_ircout("reply", $user['name'], array( + 'forum' => $forum['title'], + 'fid' => $forumid, + 'thread' => str_replace("<", "<", $thread['title']), + 'pid' => $pid, + 'pow' => $forum['minpower'], + )); + + return header("Location: thread.php?pid=$pid#$pid"); + + + + } else { + + loadtlayout(); + $message = stripslashes($message); + $ppost = $user; + $ppost['posts']++; + $ppost['uid'] = $userid; + $ppost['num'] = $numposts; + $ppost['lastposttime'] = $currenttime; + $ppost['date'] = $currenttime; + $ppost['moodid'] = $_POST['moodid']; + + if (filter_bool($nolayout)) { + $ppost['headtext'] = ""; + $ppost['signtext'] = ""; + } else { + $ppost['headtext']=$rhead; + $ppost['signtext']=$rsign; + } + + $ppost['text'] = $message; + $ppost['options'] = filter_int($nosmilies) . "|" . filter_int($nohtml); + + if($isadmin) $ip=$userip; + + $chks = array("", "", ""); + if ($nosmilies) $chks[0] = "checked"; + if ($nolayout) $chks[1] = "checked"; + if ($nohtml) $chks[2] = "checked"; + + print "$header + + $tccellh>Post preview + $tblend$tblstart + ".threadpost($ppost,1)." + $tblend
$tblstart +
+ $tccellh width=150> $tccellh colspan=2>  + $tccell1>Reply: + $tccell2l width=800px valign=top>$txta=message ROWS=21 COLS=$numcols style=\"width: 100%; max-width: 800px; resize:vertical;\">". htmlspecialchars($message, ENT_QUOTES, "ISO-8859-1") ." + $tccell2l width=*>".moodlist($moodid)." + $tccell1> $tccell2l colspan=2> + $inps=submit VALUE=\"Submit reply\"> + $inps=preview VALUE=\"Preview reply\"> + $inph=username VALUE=\"".htmlspecialchars($username)."\"> + $inph=password VALUE=\"".htmlspecialchars($password)."\"> + $inph=valid value=\"". md5($_SERVER['REMOTE_ADDR'] . $id ."sillysaltstring") ."\"> + $inph=action VALUE=postreply> + $inph=id VALUE=$id> + $tccell1>Options:$tccell2l colspan=2> + $inpc=\"nosmilies\" id=\"nosmilies\" value=\"1\" $chks[0]> - + $inpc=\"nolayout\" id=\"nolayout\" value=\"1\" $chks[1]> - + $inpc=\"nohtml\" id=\"nohtml\" value=\"1\" $chks[2]> + $modoptions + $tblend + + $tblstart$postlist$tblend + + "; + } + } else { + print "$header$tccell1>Couldn't enter the post. $error
".redirect("thread.php?id=$id", $thread['title'], 0); + } } - if (!$error) { - - $sign =$user['signature']; - $head =$user['postheader']; - if($user['postbg']) $head="
$head"; - - $numposts = $user['posts']+ 1; - - $numdays = (ctime()-$user['regdate'])/86400; - $tags = array(); - $message = doreplace($message,$numposts,$numdays,$username, $tags); - $tagval = $sql->escape(json_encode($tags)); - $rsign = doreplace($sign,$numposts,$numdays,$username); - $rhead = doreplace($head,$numposts,$numdays,$username); - $currenttime = ctime(); - if (filter_string($_POST['submit'])) { - - if (!(!$x_hacks['host'] && $userid == 715) || true) { - - $sql->query("UPDATE `users` SET `posts` = $numposts, `lastposttime` = '$currenttime' WHERE `id` = '$userid'"); - - if ($nolayout) { - $headid = 0; - $signid = 0; - } else { - $headid=getpostlayoutid($head); - $signid=getpostlayoutid($sign); - } - - - if ($ismod) { - if ($close) $close = "`closed` = '1',"; - else $close = "`closed` = '0',"; - if ($stick) $stick = "`sticky` = '1',"; - else $stick = "`sticky` = '0',"; - } - - $sql->query("INSERT INTO posts (thread,user,date,ip,num,headid,signid,moodid) VALUES ($id,$userid,$currenttime,'$userip',$numposts,$headid,$signid,'". $_POST['moodid'] ."')"); - $pid=mysql_insert_id(); - - $options = intval($nosmilies) . "|" . intval($nohtml); - - if($pid) $sql->query("INSERT INTO `posts_text` (`pid`,`text`,`tagval`, `options`) VALUES ('$pid','$message','$tagval', '$options')"); - - $sql->query("UPDATE `threads` SET $close $stick `replies` = `replies` + 1, `lastpostdate` = '$currenttime', `lastposter` = '$userid' WHERE `id`='$id'"); - $sql->query("UPDATE `forums` SET `numposts` = `numposts` + 1, `lastpostdate` = '$currenttime', `lastpostuser` ='$userid', `lastpostid` = '$pid' WHERE `id`='$forumid'"); - - $sql->query("UPDATE `threadsread` SET `read` = '0' WHERE `tid` = '$id'"); - $sql->query("REPLACE INTO threadsread SET `uid` = '$userid', `tid` = '$id', `time` = ". ctime() .", `read` = '1'"); - - - xk_ircout("reply", $user['name'], array( - 'forum' => $forum['title'], - 'fid' => $forumid, - 'thread' => str_replace("<", "<", $thread['title']), - 'pid' => $pid, - 'pow' => $forum['minpower'], - )); - - return header("Location: thread.php?pid=$pid#$pid"); - - - } else { - print " - $tccell1>Reply posted successfully! -
".redirect("thread.php?id=$id", $thread['title'], 0) .$tblend; - } - }else{ - - loadtlayout(); - $message = stripslashes($message); - $ppost = $user; - $ppost['posts']++; - $ppost['uid'] = $userid; - $ppost['num'] = $numposts; - $ppost['lastposttime'] = $currenttime; - $ppost['date'] = $currenttime; - $ppost['moodid'] = $_POST['moodid']; - - if (filter_bool($nolayout)) { - $ppost['headtext'] = ""; - $ppost['signtext'] = ""; - } else { - $ppost['headtext']=$rhead; - $ppost['signtext']=$rsign; - } - - $ppost['text'] = $message; - $ppost['options'] = filter_int($nosmilies) . "|" . filter_int($nohtml); - - if($isadmin) $ip=$userip; - - $chks = array("", "", ""); - if ($nosmilies) $chks[0] = "checked"; - if ($nolayout) $chks[1] = "checked"; - if ($nohtml) $chks[2] = "checked"; - - print "$header - - $tccellh>Post preview - $tblend$tblstart - ".threadpost($ppost,1)." - $tblend
$tblstart -
- $tccellh width=150> $tccellh colspan=2>  - $tccell1>Reply: - $tccell2l width=800px valign=top>$txta=message ROWS=21 COLS=$numcols style=\"width: 100%; max-width: 800px; resize:vertical;\">". htmlspecialchars($message, ENT_QUOTES, "ISO-8859-1") ." - $tccell2l width=*>".moodlist($moodid)." - $tccell1> $tccell2l colspan=2> - $inps=submit VALUE=\"Submit reply\"> - $inps=preview VALUE=\"Preview reply\"> - $inph=username VALUE=\"".htmlspecialchars($username)."\"> - $inph=password VALUE=\"".htmlspecialchars($password)."\"> - $inph=valid value=\"". md5($_SERVER['REMOTE_ADDR'] . $id ."sillysaltstring") ."\"> - $inph=action VALUE=postreply> - $inph=id VALUE=$id> - $tccell1>Options:$tccell2l colspan=2> - $inpc=\"nosmilies\" id=\"nosmilies\" value=\"1\" $chks[0]> - - $inpc=\"nolayout\" id=\"nolayout\" value=\"1\" $chks[1]> - - $inpc=\"nohtml\" id=\"nohtml\" value=\"1\" $chks[2]> - $modoptions - $tblend - - $tblstart$postlist$tblend - - "; - } - }else - print "$header$tccell1>Couldn't enter the post. $error
".redirect("thread.php?id=$id", $thread['title'], 0); - } - if($thread['closed']) - print " - $tccell1>Sorry, but this thread is closed, and no more replies can be posted in it. -
".redirect("thread.php?id=$id",$thread['title'],0); - if($banned and $log) - print " - $tccell1>Sorry, but you are banned from the board, and can not post. -
".redirect("thread.php?id=$id",$thread['title'],0); - + if ($thread['closed']) { + print " + $tccell1>Sorry, but this thread is closed, and no more replies can be posted in it. +
".redirect("thread.php?id=$id",$thread['title'],0); + } elseif($banned and $log) { + print " + $tccell1>Sorry, but you are banned from the board, and can not post. +
".redirect("thread.php?id=$id",$thread['title'],0); + } print $footer; printtimedif($startingtime);