Update newreply.php to suck less and more

* Remove rest of adbox code * Mood list changed into `<select>` from `<input type=radio>` * Preview and normal reply use the same form instead of two different ones * Less but saner permission checks * Last-chance post recovery if a thread closes while replying * Smilies are mid-aligned * Textbox now expandable and shrinks to fit properly * Some other assorted crap
2025-08-01 04:32:03 -07:00 · 2019-01-02 16:59:49 -08:00
parent fdf4e65e3c
commit ca406f7268
4 changed files with 261 additions and 304 deletions
--- a/css/base.css
+++ b/css/base.css
@@ -78,3 +78,18 @@ input[type=radio] { color: black; background: white; }
 .imgtag { max-width: 100%; }
 .post { position: relative; }
 textarea.newposttextbox {
 	 max-width: 100%;
 	 width: 800px;
 	 height: 20em;
 	 resize: both;
 }
 table.table-fixed {
 	table-layout: fixed;
 }
 input, select { vertical-align: middle; }
 img[src^="images/smilies/"] { vertical-align: middle; }
--- a/lib/function.php
+++ b/lib/function.php
@@ -268,6 +268,11 @@
 */
 function v(&$v, $d = null) {
 	$v	= isset($v) ? $v : $d;
 	return $v;
 }
 function filter_int(&$v) {
 	if (!isset($v)) {
 		return null;
@@ -950,9 +955,13 @@ function jspageexpand($start, $end) {
 }
 */
-function redirect($url,$msg,$delay){
+function redirect($url,$msg,$delay = 1){
-	if($delay<1) $delay=1;
+	if ($delay >= 0) {
-	return "You will now be redirected to <a href=$url>$msg</a>...<META HTTP-EQUIV=REFRESH CONTENT=$delay;URL=$url>";
+		return "You will now be redirected to <a href=$url>$msg</a>...<META HTTP-EQUIV=REFRESH CONTENT=". max(1, $delay) .";URL=$url>";
 	} else {
 		return "Go back to <a href=$url>$msg</a>.";
 	}
 }
 function postradar($userid){
@@ -1076,49 +1085,62 @@ function errorpage($text, $redir = '', $redirurl = '') {
 	die();
 }
 function boardmessage($text, $title = "Message") {
 	global $header,$tblstart,$tccellh,$tccell1,$tblend,$footer,$startingtime;
 	print "
 		$header
 		<br>
 		$tblstart
 			<tr>
 				$tccellh><strong>$title</strong></td>
 			</tr>
 			<tr>
 				$tccell1 style='padding: 1em 0;'>$text</td>
 			</tr>
 		$tblend
 		$footer
 	";
 	printtimedif($startingtime);
 	die();
 }
 function moodlist($sel = 0, $return = false) {
 	global $loguserid, $log, $loguser;
-	$sel		= floor($sel);
+	//$sel		= $sel;
-	$a	= array("None", "neutral", "angry", "tired/upset", "playful", "doom", "delight", "guru", "hope", "puzzled", "whatever", "hyperactive", "sadness", "bleh", "embarrassed", "amused", "afraid");
+	$moodlist	= array(
-	//if ($loguserid == 1) $a[99] = "special";
+			"(default)",
-	if ($return) return $a;
+			"neutral",
 			"angry",
 			"tired/upset",
 			"playful",
 			"doom",
 			"delight",
 			"guru",
 			"hope",
 			"puzzled",
 			"whatever",
 			"hyperactive",
 			"sadness",
 			"bleh",
 			"embarrassed",
 			"amused",
 			"afraid"
 		);
-	$c[$sel]	= " checked";
+	if ($return) return $moodlist;
 	$ret		= "";
-	if ($log && $loguser['moodurl'])
+	$ret 		= "<select name='moodid'>\n";
 		$ret = '
 			<script type="text/javascript">
 				function avatarpreview(uid,pic)
 				{
 					if (pic > 0)
 					{
 						var moodav="'.htmlspecialchars($loguser['moodurl']).'";
 						document.getElementById(\'prev\').src=moodav.replace("$", pic);
 					}
 					else
 					{
 						document.getElementById(\'prev\').src="images/_.gif";
 					}
 				}
 			</script>
 		';
-	$ret .= "<b>Mood avatar list:</b><br><table cellpadding=0 border=0 cellspacing=0><tr><td width=150px style='white-space:nowrap;'>";
+	foreach($moodlist as $num => $name) {
-
+		$ret .= "\t<option value='$num'". ($sel === $num ? " selected" : "") .">$name</option>\n";
 	foreach($a as $num => $name) {
 		$jsclick = (($log && $loguser['moodurl']) ? "onclick='avatarpreview($loguserid,$num)'" : "");
 		$ret .= "<input type='radio' name='moodid' value='$num'". filter_string($c[$num]) ." id='mood$num' tabindex='". (9000 + $num) ."' style=\"height: 12px;\" $jsclick>
             <label for='mood$num' ". filter_string($c[$sel]) ." style=\"font-size: 12px;\">&nbsp;$num:&nbsp;$name</label><br>\r\n";
 	}
-	if (!$sel || !$log || !$loguser['moodurl'])
+	$ret .= "</select>\n";
 		$startimg = 'images/_.gif';
 	else
 		$startimg = htmlspecialchars(str_replace('$', $sel, $loguser['moodurl']));
 	$ret .= "</td><td><img src=\"$startimg\" id=prev></td></table>";
 	return $ret;
 }
@@ -1430,72 +1452,6 @@ function addslashes_array($data) {
 	}
 function adbox() {
 	// no longer needed. RIP
 	return "";
 	global $loguser, $bgcolor, $linkcolor;
 /*
 	$tagline	= array();
 	$tagline[]	= "Viewing this ad requires<br>ZSNES 1.42 or older!";
 	$tagline[]	= "Celebrating 5 years of<br>ripping off SMAS!";
 	$tagline[]	= "Now with 100% more<br>buggy custom sprites!";
 	$tagline[]	= "Try using AddMusic to give your hack<br>that 1999 homepage feel!";
 	$tagline[]	= "Pipe cutoff? In my SMW hack?<br>It's more likely than you think!";
 	$tagline[]	= "Just keep giving us your money!";
 	$tagline[]	= "Now with 97% more floating munchers!";
 	$tagline[]	= "Tip: If you can beat your level without<br>savestates, it's too easy!";
 	$tagline[]	= "Tip: Leave exits to level 0 for<br>easy access to that fun bonus game!";
 	$tagline[]	= "Now with 100% more Touhou fads!<br>It's like Jul, but three years behind!";
 	$tagline[]	= "Isn't as cool as this<br>witty subtitle!";
 	$tagline[]	= "Finally beta!";
 	$tagline[]	= "If this is blocking other text<br>try disabling AdBlock next time!";
 	$tagline[]	= "bsnes sucks!";
 	$tagline[]	= "Now in raspberry, papaya,<br>and roast beef flavors!";
 	$tagline[]	= "We &lt;3 terrible Japanese hacks!";
 	$tagline[]	= "573 crappy joke hacks and counting!";
 	$tagline[]	= "Don't forget your RATS tag!";
 	$tagline[]	= "Now with exclusive support for<br>127&frac12;Mbit SuperUltraFastHiDereROM!";
 	$tagline[]	= "More SMW sequels than you can<br>shake a dead horse at!";
 	$tagline[]	= "xkas v0.06 or bust!";
 	$tagline[]	= "SMWC is calling for your blood!";
 	$tagline[]	= "You can run,<br>but you can't hide!";
 	$tagline[]	= "Now with 157% more CSS3!";
 	$tagline[]	= "Stickers and cake don't mix!";
 	$tagline[]	= "Better than a 4-star crap cake<br>with garlic topping!";
 	$tagline[]	= "We need some IRC COPS!";
 	if (isset($_GET['lolol'])) {
 		$taglinec	= $_GET['lolol'] % count($tagline);
 		$taglinec	= $tagline[$taglinec];
 	}
 	else
 		$taglinec	= pick_any($tagline);
 */
 	return "
 <center>
 <!-- Beginning of Project Wonderful ad code: -->
 <!-- Ad box ID: 48901 -->
 <script type=\"text/javascript\">
 <!--
 var pw_d=document;
 pw_d.projectwonderful_adbox_id = \"48901\";
 pw_d.projectwonderful_adbox_type = \"5\";
 pw_d.projectwonderful_foreground_color = \"#$linkcolor\";
 pw_d.projectwonderful_background_color = \"#$bgcolor\";
 //-->
 </script>
 <script type=\"text/javascript\" src=\"http://www.projectwonderful.com/ad_display.js\"></script>
 <noscript><map name=\"admap48901\" id=\"admap48901\"><area href=\"http://www.projectwonderful.com/out_nojs.php?r=0&amp;c=0&amp;id=48901&amp;type=5\" shape=\"rect\" coords=\"0,0,728,90\" title=\"\" alt=\"\" target=\"_blank\" /></map>
 <table cellpadding=\"0\" border=\"0\" cellspacing=\"0\" width=\"728\" bgcolor=\"#$bgcolor\"><tr><td><img src=\"http://www.projectwonderful.com/nojs.php?id=48901&amp;type=5\" width=\"728\" height=\"90\" usemap=\"#admap48901\" border=\"0\" alt=\"\" /></td></tr><tr><td bgcolor=\"\" colspan=\"1\"><center><a style=\"font-size:10px;color:#$linkcolor;text-decoration:none;line-height:1.2;font-weight:bold;font-family:Tahoma, verdana,arial,helvetica,sans-serif;text-transform: none;letter-spacing:normal;text-shadow:none;white-space:normal;word-spacing:normal;\" href=\"http://www.projectwonderful.com/advertisehere.php?id=48901&amp;type=5\" target=\"_blank\">Ads by Project Wonderful! Your ad could be right here, right now.</a></center></td></tr></table>
 </noscript>
 <!-- End of Project Wonderful ad code. -->
 </center>";
 }
 // for you-know-who's bullshit
 function gethttpheaders() {
 	$ret = '';
--- a/lib/layout.php
+++ b/lib/layout.php
@@ -500,15 +500,7 @@
 	$header=makeheader($header1,$headlinks,$header2);
 	$footer="	</textarea></form></embed></noembed></noscript></noembed></embed></table></table>
 <br>
 <center>
 <!--
 <img src='adnonsense.php?m=d' title='generous donations to the first national bank of bad jokes and other dumb crap people post' style='margin-left: 44px;'><br>
 <img src='adnonsense.php' title='hotpod fund' style='margin: 0 22px;'><br>
 <img src='adnonsense.php?m=v' title='VPS slushie fund' style='margin-right: 44px;'>
 -->
 <br>
 	$smallfont
 	<br><br><a href=$siteurl>$sitename</a>
 	<br>". filter_string($affiliatelinks) ."
--- a/newreply.php
+++ b/newreply.php
@@ -1,189 +1,115 @@
 <?php
-	// die("Disabled.");
+
 	require 'lib/function.php';
 	$thread=$sql->fetchq("SELECT forum, closed, sticky,title,lastposter FROM threads WHERE id=$id");
 	// Stop this insanity.  Never index newreply.
 	$meta['noindex'] = true;
 	// Give failed replies a last-chance to copy and save their work,
 	// as way too often you'll miss and then it's just gone forever
 	$lastchance		= null;
 	$redirectTime	= 3;
 	if (v($_POST['message']) !== null) {
 		$lastchance		= "<br><br>You can copy and save what you were <em>going</em> to post, if you want:
 		<br><textarea class='newposttextbox' style='margin: 1em auto;'>". htmlspecialchars(stripslashes($_POST['message']), ENT_QUOTES) ."</textarea>";
 		$redirectTime	= -1;
 	}
 	if (!$thread) {
 		require_once 'lib/layout.php';
-		print "
+		boardmessage("You can't reply to threads that don't exist!<br>". redirect("index.php", "the forum index", $redirectTime) . $lastchance, "Error");
 			$header<br>$tblstart
 			$tccell1>Nice try. Next time, wait until someone makes the thread <i>before</i> trying to reply to it.<br>".redirect("index.php", 'return to the index page', 0)."
 			$tblend$footer
 		";
 		printtimedif($startingtime);
 		die();
 	}
-	$forumid=intval($thread['forum']);
+	$forumid			=intval($thread['forum']);
-	$forum=$sql->fetchq("SELECT title,minpower,minpowerreply,id,specialscheme FROM forums WHERE id=$forumid");
+	$forum				=$sql->fetchq("SELECT title,minpower,minpowerreply,id,specialscheme FROM forums WHERE id=$forumid");
 	if ($forum['minpower'] && $power < $forum['minpower']) {
-		$forum['title'] = '';
+		require_once 'lib/layout.php';
-		$thread['title'] = '(restricted thread)';
+		boardmessage("You aren't allowed to view this thread.<br>". redirect("index.php", "the forum index", $redirectTime) . $lastchance, "Error");
 	}
 	$specialscheme = $forum['specialscheme'];
 	$windowtitle="$boardname -- $forum[title]: $thread[title] -- New Reply";
-	$thread['title']=str_replace('<','&lt;',$thread['title']);
+	$specialscheme		= $forum['specialscheme'];
 	$windowtitle		= "$boardname -- $forum[title]: $thread[title] -- New reply";
 	$thread['title']	= str_replace('<','&lt;',$thread['title']);
 	require_once 'lib/layout.php';
-	$smilies=readsmilies();
+	// Do access checks. Can't post while banned...
-	if(!filter_int($ppp)) $ppp=(!$log?20:$loguser['postsperpage']);
+	if ($power < $forum['minpowerreply'] || $banned) {
-	$fonline=fonlineusers($forumid);
+		boardmessage("You aren't allowed to reply to this thread.<br>". redirect("thread.php?id=$id", "the thread", $redirectTime) . $lastchance, "Error");
-	$header=makeheader($header1,$headlinks,$header2 ."	$tblstart$tccell1s>$fonline$tblend");
+	}
-	if(mysql_num_rows($sql->query("SELECT user FROM forummods WHERE forum='$forumid' and user='$loguserid'"))) $ismod=1;
+	// ...or in a closed thread
 	if ($thread['closed']) {
 		boardmessage("You can't reply to this thread because it is closed.<br>". redirect("thread.php?id=$id", "the thread", $redirectTime) . $lastchance, "Error");
 	}
 	// Check if we are a global moderator, or a local mod of this forum
 	$modoptions	= "";
 	if ($ismod || mysql_num_rows($sql->query("SELECT user FROM forummods WHERE forum='$forumid' and user='$loguserid'"))) {
 		$ismod	= 1;
-	if ($ismod) {
+		$modoptions = "
-		if ($thread['sticky'] == 1) $sticky = "checked";
+			<tr>
-		$modoptions = "	<tr>$tccell1><b>Moderator Options:</b></td>$tccell2l colspan=2>
+				$tccell1><strong>Moderator Options:</strong></td>
-		$inpc=\"close\" id=\"close\" value=\"1\"><label for=\"close\">Close</label> -
+				$tccell2l>
-		$inpc=\"stick\" id=\"stick\" value=\"1\" $sticky><label for=\"stick\">Sticky</label>";
+					$inpc='close' id='close' value='1'><label for='close'>Close</label> -
-	}
+					$inpc='stick' id='stick' value='1'". ($thread['sticky'] ? "checked" : "") ."><label for='stick'>Sticky</label>
-
+				</td>
-	if ($forum['minpowerreply'] > $power && $forum['minpowerreply'] > 0)
+			</tr>";
 		$restricted		= true;
 	$header	= "$header
 		$fonttag<a href=index.php>$boardname</a> - <a href=forum.php?id=$forumid>$forum[title]</a> - $thread[title]<form action=newreply.php name=replier method=post autocomplete=\"off\"> $tblstart";
 	// Post preview
 	if (($power>=$forum['minpowerreply'] || $forum['minpowerreply']<1) && $id>0) {
 		$postlist="<tr>$tccellh colspan=2 style=\"font-weight:bold;\">Thread history</tr><tr>$tccellh width=150>User</td>$tccellh width=*>Post</tr>";
 		$qppp = $ppp + 1;
 		$posts=$sql->query("SELECT name,posts,sex,powerlevel,user,text,options,num FROM users u,posts p,posts_text WHERE thread=$id AND p.id=pid AND user=u.id ORDER BY p.id DESC LIMIT $qppp");
 		$i = 0;
 		while($post=$sql->fetch($posts)){
 			$bg = ((($i++) & 1) ? 'tdbg2' : 'tdbg1');
 			if ($ppp-- > 0){
 				$postnum=($post['num']?"$post[num]/":'');
 				$tcellbg="<td class='tbl $bg font' valign=top>";
 				$namecolor=getnamecolor($post['sex'],$post['powerlevel']);
 				$postlist.="<tr>
 					$tcellbg<a href=profile.php?id=$post[user]><font $namecolor>$post[name]</font></a>$smallfont<br>
 					Posts: $postnum$post[posts]</td>
 					$tcellbg".doreplace2(dofilters($post['text']), $post['options'])."</tr>
 				";
 			}
 			else{
 				$tcellbg="<td bgcolor=$tablebg1 valign=top colspan=2";
 				$postlist.="<tr>$tccellh colspan=2>This is a long thread. Click <a href=thread.php?id=$id>here</a> to view it.</td></tr>";
 			}
 		}
 	}
 	if(!filter_string($_POST['action']) && !$thread['closed'] && !($banned && $log)
 		&& ($power>=$forum['minpowerreply'] || $forum['minpowerreply']<1) && $id>0) {
 		print $header;
 		print "";
 		if ($log) {
 			$username=$loguser['name'];
 			$passhint = 'Alternate Login:';
 			$altloginjs = "<a href=\"#\" onclick=\"document.getElementById('altlogin').style.cssText=''; this.style.cssText='display:none'\">Use an alternate login</a>
 				<span id=\"altlogin\" style=\"display:none\">";
 		}
 		else {
 			$username = '';
 			$passhint = 'Login Info:';
 			$altloginjs = "<span>";
 		}
 		$quotemsg	= "";
 		if(filter_int($postid)){
 			$post=$sql->fetchq("SELECT user,text,thread FROM posts,posts_text WHERE id=$postid AND id=pid");
 			$post['text']=str_replace('<br>',$br,$post['text']);
 			$u=$post['user'];
 			$users[$u]=loaduser($u,1);
 			if($post['thread']==$id) $quotemsg="[quote={$users[$u]['name']}]{$post['text']}[/quote]\r\n";
 		}
 		print "
 			<body>
 			$tccellh width=150>&nbsp</td>$tccellh colspan=2>&nbsp<tr>
 			$tccell1><b>{$passhint}</td> $tccell2l colspan=2>
 			{$altloginjs}
 			<b>Username:</b> $inpt=username VALUE=\"".htmlspecialchars($username)."\" SIZE=25 MAXLENGTH=25 autocomplete=\"off\">
 			<!-- Hack around autocomplete, fake inputs (don't use these in the file) -->
 			<input style=\"display:none;\" type=\"text\"     name=\"__f__usernm__\">
 			<input style=\"display:none;\" type=\"password\" name=\"__f__passwd__\">
 			<b>Password:</b> $inpp=password SIZE=13 MAXLENGTH=64 autocomplete=\"off\">
 			</span><tr>
 			$tccell1><b>Reply:</td>
 			$tccell2l width=800px valign=top>
 			$txta=message ROWS=21 COLS=$numcols style=\"width: 100%; max-width: 800px; resize:vertical;\">". htmlspecialchars($quotemsg, ENT_QUOTES) ."</TEXTAREA></td>
 		$tccell2l width=*>".moodlist(filter_int($moodid))."</td><tr>
 		<tr>
 			$tccell1>&nbsp</td>$tccell2l colspan=2>
 			$inph=action VALUE=postreply>
 			$inph=id VALUE=$id>
 			$inph=valid value=\"". md5($_SERVER['REMOTE_ADDR'] . $id ."sillysaltstring") ."\">
 			$inps=submit VALUE=\"Submit reply\">
 			$inps=preview VALUE=\"Preview reply\"></td>
 		<tr>$tccell1><b>Options:</b></td>$tccell2l colspan=2>
 			$inpc=\"nosmilies\" id=\"nosmilies\" value=\"1\"><label for=\"nosmilies\">Disable Smilies</label> -
 			$inpc=\"nolayout\" id=\"nolayout\" value=\"1\"><label for=\"nolayout\">Disable Layout</label> -
 			$inpc=\"nohtml\" id=\"nohtml\" value=\"1\"><label for=\"nohtml\">Disable HTML</label></td></tr>
 			$modoptions
 			$tblend
 			<br>
 			$tblstart$postlist$tblend
 		</table>
 			</form>
 		$fonttag<a href=index.php>$boardname</a> - <a href=forum.php?id=$forumid>$forum[title]</a> - $thread[title]";
 	} elseif(!$_POST['action']) {
 		print $header;
 		print "$tccell1>You are not allowed to post in this thread.
 		<br>".redirect("index.php", 'return to the index page', 0)."</table>";
 	}
-	if ($_POST['action'] == 'postreply' && !($banned && $log) && $id > 0) {
+	if(!filter_int($ppp)) $ppp=(!$log?20:$loguser['postsperpage']);
-		if ($log && !$password)
+	$smilies	= readsmilies();
 	$fonline	= fonlineusers($forumid);
 	$header		= makeheader($header1,$headlinks,$header2 ."\t$tblstart$tccell1s>$fonline$tblend");
 	$breadcrumb	= "<a href=index.php>$boardname</a> - <a href=forum.php?id=$forumid>$forum[title]</a> - <a href='thread.php?id=$id'>$thread[title]</a> - New Reply";
 	$header		.= "$fonttag$breadcrumb";
 	// Show the new reply form?
 	$showform	= true;
 	$usererror	= "";
 	$preview	= "";
 	if (v($_POST['action']) == 'postreply') {
 		if ($log)
 			$userid = $loguserid;
 		else
-			$userid = checkuser($username,$password);
+			$userid = checkuser($_POST['username'], $_POST['password']);
-
+		if ($userid == -1 || $userid == 0) {
-		$error='';
+			$usererror	= " <strong style='color: red;'>* Invalid username or password.</strong>";
 		if ($userid == -1) {
 			$error	= "Either you didn't enter an existing username, or you haven't entered the right password for the username.";
 		} else {
 			$user	= @$sql->fetchq("SELECT * FROM users WHERE id='$userid'");
-			if ($thread['closed'])
+			if (!$user) {
-				$error	= 'The thread is closed and no more replies can be posted.';
+				boardmessage("Something went really weird? Contact an admin: Userid $userid but no user??", "This shouldn't happen");
-			if ($user['powerlevel']<$forum['minpowerreply'])
+			}
 				$error	= 'Replying in this forum is restricted, and you are not allowed to post in this forum.';
 			if (!$message)
 				$error	= "You didn't enter anything in the post.";
 		}
-		if (!$error) {
+		if ($user) {
-			$sign	= $user['signature'];
+			$sign			= $user['signature'];
-			$head	= $user['postheader'];
+			$head			= $user['postheader'];
 			// @TODO: Remove this code
 			if($user['postbg']) $head="<div style=background:url($user[postbg]);height=100%>$head";
-			$numposts		= $user['posts']+ 1;
+			$numposts		= $user['posts'] + 1;
-			$numdays		= (ctime()-$user['regdate'])/86400;
+			$numdays		= (ctime() - $user['regdate']) / 86400;
 			$tags			= array();
-			$message		= doreplace($message,$numposts,$numdays,$username, $tags);
+			$message		= doreplace($message, $numposts, $numdays, $username, $tags);
 			$tagval			= $sql->escape(json_encode($tags));
-			$rsign			= doreplace($sign,$numposts,$numdays,$username);
+			$rsign			= doreplace($sign, $numposts, $numdays, $username);
-			$rhead			= doreplace($head,$numposts,$numdays,$username);
+			$rhead			= doreplace($head, $numposts, $numdays, $username);
 			$currenttime	= ctime();
 			// Submitting a post
 			if (filter_string($_POST['submit'])) {
 				$sql->query("UPDATE `users` SET `posts` = $numposts, `lastposttime` = '$currenttime' WHERE `id` = '$userid'");
@@ -231,7 +157,7 @@
 				return header("Location: thread.php?pid=$pid#$pid");
-
+			// Previewing a post
 			} else {
 				loadtlayout();
@@ -255,57 +181,125 @@
 				$ppost['text']		= $message;
 				$ppost['options']	= filter_int($nosmilies) . "|" . filter_int($nohtml);
-				if($isadmin) $ip=$userip;
+				$ip					= "";
-				$chks = array("", "", "");
+				$preview			= "
-				if ($nosmilies) $chks[0] = "checked";
+				$tblstart
-				if ($nolayout)  $chks[1] = "checked";
+				<tr>$tccellh><strong>Post preview</strong></td></tr>
 				if ($nohtml)    $chks[2] = "checked";
 				print "$header
 				<body onload=window.document.REPLIER.message.focus()>
 				$tccellh>Post preview
 				$tblend$tblstart
 				".threadpost($ppost,1)."
 				$tblend<br>$tblstart
 				<FORM ACTION=newreply.php NAME=REPLIER METHOD=POST>
 				$tccellh width=150>&nbsp</td>$tccellh colspan=2>&nbsp<tr>
 				$tccell1><b>Reply:</td>
 				$tccell2l width=800px valign=top>$txta=message ROWS=21 COLS=$numcols style=\"width: 100%; max-width: 800px; resize:vertical;\">". htmlspecialchars($message, ENT_QUOTES) ."</TEXTAREA></td>
 				$tccell2l width=*>".moodlist($moodid)."</td><tr>
 				$tccell1>&nbsp</td>$tccell2l colspan=2>
 				$inps=submit VALUE=\"Submit reply\">
 				$inps=preview VALUE=\"Preview reply\"></td>
 				$inph=username VALUE=\"".htmlspecialchars($username)."\">
 				$inph=password VALUE=\"".htmlspecialchars($password)."\">
 				$inph=valid value=\"". md5($_SERVER['REMOTE_ADDR'] . $id ."sillysaltstring") ."\">
 				$inph=action VALUE=postreply>
 				$inph=id VALUE=$id>
 				<tr>$tccell1><b>Options:</b></td>$tccell2l colspan=2>
 				$inpc=\"nosmilies\" id=\"nosmilies\" value=\"1\" $chks[0]><label for=\"nosmilies\">Disable Smilies</label> -
 				$inpc=\"nolayout\" id=\"nolayout\" value=\"1\" $chks[1]><label for=\"nolayout\">Disable Layout</label> -
 				$inpc=\"nohtml\" id=\"nohtml\" value=\"1\" $chks[2]><label for=\"nohtml\">Disable HTML</label></td></tr>
 				$modoptions
 				$tblend
-				</FORM>
+				".threadpost($ppost,1)."
-				$tblstart$postlist$tblend
+				<br>";
 				</td></FORM>
 				";
 			}
 		} else {
 			print "$header$tccell1>Couldn't enter the post. $error<br>".redirect("thread.php?id=$id", $thread['title'], 0);
 		}
 	}
-	if ($thread['closed']) {
+
 	// Totally new reply, with optional quote
 	if ($showform) {
 		$userlogin		= "";
 		if (!$log) {
 			$userlogin	= "
 			<tr>
 				$tccell1><strong>Username:</strong></td>
 				$tccell2l>$inpt='username' size='25' maxlength='25' value='". htmlspecialchars(v($_POST['username']), ENT_QUOTES) ."'> $usererror
 			</tr>
 			<tr>$tccell1><strong>Password:</strong></td>
 				$tccell2l>$inpp='password' size='25' maxlength='64' value='". htmlspecialchars(v($_POST['password']), ENT_QUOTES) ."'>
 			</tr>
 			";
 		}
 		$quotemsg	= "";
 		if (filter_int($postid)) {
 			$post			= $sql->fetchq("SELECT user,text,thread FROM posts,posts_text WHERE id=$postid AND id=pid");
 			$post['text']	= str_replace('<br>', $br, $post['text']);
 			$u				= $post['user'];
 			$users[$u]		= loaduser($u, 1);
 			if ($post['thread'] == $id) $quotemsg = "[quote={$users[$u]['name']}]{$post['text']}[/quote]\r\n";
 		}
 		$message	= $quotemsg . stripslashes(v($_POST['message']));
 		print "$header
 		$preview
 		<form action=newreply.php name=replier method=post>
 			$tblstartf
 				<colgroup>
 					<col style='width: 150px;'>
 					<col>
 				</colgroup>
 				<tr>
 					$tccellh colspan=2><strong>New reply</strong>
 				</tr>
 				$userlogin
 				<tr>
 					$tccell1 style='width: 150px; max-width: 150px;'><strong>Reply:</strong></td>
 					$tccell2l>$txta=message class='newposttextbox'>". htmlspecialchars($message, ENT_QUOTES) ."</TEXTAREA></td>
 				<tr>
 					$tccell1>&nbsp;</td>$tccell2l>
 					$inph=action VALUE=postreply>
 					$inph=id VALUE=$id>
 					$inph=valid value='". md5($_SERVER['REMOTE_ADDR'] . $id ."sillysaltstring") ."'>
 					$inps=submit VALUE='Submit reply'>
 					$inps=preview VALUE='Preview reply'></td>
 				</tr>
 				<tr>
 					$tccell1><strong>Mood avatar:</strong></td>
 					$tccell2l>". moodlist(filter_int($moodid)) ."</td>
 				</tr>
 				<tr>
 					$tccell1><strong>Options:</strong></td>
 					$tccell2l>
 						$inpc='nosmilies' id='nosmilies' value='1'". (v($_POST['nosmilies']) ? " checked" : "") ."><label for='nosmilies'>Disable Smilies</label> -
 						$inpc='nolayout' id='nolayout' value='1'". (v($_POST['nolayout']) ? " checked" : "") ."><label for='nolayout'>Disable Layout</label> -
 						$inpc='nohtml' id='nohtml' value='1'". (v($_POST['nohtml']) ? " checked" : "") ."><label for='nohtml'>Disable HTML</label>
 					</td>
 				</tr>
 				$modoptions
 			$tblend
 			</form>
 			";
 		// Thread history view (under the form)
 		// (originally had a check for power, but that's accounted for above)
 		if (true) {
 			$postlist="<tr>$tccellh colspan=2 style=\"font-weight:bold;\">Thread history</tr><tr>$tccellh width=150>User</td>$tccellh width=*>Post</tr>";
 			$qppp = $ppp + 1;
 			$posts=$sql->query("SELECT name,posts,sex,powerlevel,user,text,options,num FROM users u,posts p,posts_text WHERE thread=$id AND p.id=pid AND user=u.id ORDER BY p.id DESC LIMIT $qppp");
 			$i = 0;
 			while($post=$sql->fetch($posts)){
 				$bg = ((($i++) & 1) ? 'tdbg2' : 'tdbg1');
 				if ($ppp-- > 0){
 					$postnum=($post['num']?"$post[num]/":'');
 					$tcellbg="<td class='tbl $bg font' valign=top>";
 					$namecolor=getnamecolor($post['sex'],$post['powerlevel']);
 					$postlist.="<tr>
 						$tcellbg<a href=profile.php?id=$post[user]><font $namecolor>$post[name]</font></a>$smallfont<br>
 						Posts: $postnum$post[posts]</td>
 						$tcellbg".doreplace2(dofilters($post['text']), $post['options'])."</tr>
 					";
 				}
 				else{
 					$tcellbg="<td bgcolor=$tablebg1 valign=top colspan=2";
 					$postlist.="<tr>$tccellh colspan=2>This is a long thread. Click <a href=thread.php?id=$id>here</a> to view it.</td></tr>";
 				}
 			}
 		}
 		print "
-		$tccell1>Sorry, but this thread is closed, and no more replies can be posted in it.
+			$tblstart
-		<br>".redirect("thread.php?id=$id",$thread['title'],0);
+				$postlist
-	} elseif($banned and $log) {
+			$tblend
-		print "
+		$fonttag
-		$tccell1>Sorry, but you are banned from the board, and can not post.
+		$breadcrumb";
 		<br>".redirect("thread.php?id=$id",$thread['title'],0);
 	}
  print $footer;
  printtimedif($startingtime);