fetchq("SELECT forum, closed, sticky,title,lastposter FROM threads WHERE id=$id"); // Stop this insanity. Never index newreply. $meta['noindex'] = true; if (!$thread) { require_once 'lib/layout.php'; print " $header
$tblstart $tccell1>Nice try. Next time, wait until someone makes the thread before trying to reply to it.
".redirect("index.php", 'return to the index page', 0)." $tblend$footer "; printtimedif($startingtime); die(); } $forumid=intval($thread['forum']); $forum=$sql->fetchq("SELECT title,minpower,minpowerreply,id,specialscheme FROM forums WHERE id=$forumid"); if ($forum['minpower'] && $power < $forum['minpower']) { $forum['title'] = ''; $thread['title'] = '(restricted thread)'; } $specialscheme = $forum['specialscheme']; $windowtitle="$boardname -- $forum[title]: $thread[title] -- New Reply"; $thread['title']=str_replace('<','<',$thread['title']); require_once 'lib/layout.php'; $smilies=readsmilies(); if(!filter_int($ppp)) $ppp=(!$log?20:$loguser['postsperpage']); $fonline=fonlineusers($forumid); $header=makeheader($header1,$headlinks,$header2 ." $tblstart$tccell1s>$fonline$tblend"); if(mysql_num_rows($sql->query("SELECT user FROM forummods WHERE forum='$forumid' and user='$loguserid'"))) $ismod=1; $modoptions = ""; if ($ismod) { if ($thread['sticky'] == 1) $sticky = "checked"; $modoptions = " $tccell1>Moderator Options:$tccell2l colspan=2> $inpc=\"close\" id=\"close\" value=\"1\"> - $inpc=\"stick\" id=\"stick\" value=\"1\" $sticky>"; } if ($forum['minpowerreply'] > $power && $forum['minpowerreply'] > 0) $restricted = true; $header = "$header $fonttag$boardname - $forum[title] - $thread[title]
$tblstart"; // Post preview if (($power>=$forum['minpowerreply'] || $forum['minpowerreply']<1) && $id>0) { $postlist="$tccellh colspan=2 style=\"font-weight:bold;\">Thread history$tccellh width=150>User$tccellh width=*>Post"; $qppp = $ppp + 1; $posts=$sql->query("SELECT name,posts,sex,powerlevel,user,text,options,num FROM users u,posts p,posts_text WHERE thread=$id AND p.id=pid AND user=u.id ORDER BY p.id DESC LIMIT $qppp"); $i = 0; while($post=$sql->fetch($posts)){ $bg = ((($i++) & 1) ? 'tdbg2' : 'tdbg1'); if ($ppp-- > 0){ $postnum=($post['num']?"$post[num]/":''); $tcellbg=""; $namecolor=getnamecolor($post['sex'],$post['powerlevel']); $postlist.=" $tcellbg$post[name]$smallfont
Posts: $postnum$post[posts] $tcellbg".doreplace2(dofilters($post['text']), $post['options'])." "; } else{ $tcellbg="=$forum['minpowerreply'] || $forum['minpowerreply']<1) && $id>0) { print $header; print ""; if ($log) { $username=$loguser['name']; $passhint = 'Alternate Login:'; $altloginjs = "Use an alternate login "; } else { $username = ''; $passhint = 'Login Info:'; $altloginjs = ""; } $quotemsg = ""; if(filter_int($postid)){ $post=$sql->fetchq("SELECT user,text,thread FROM posts,posts_text WHERE id=$postid AND id=pid"); $post['text']=str_replace('
',$br,$post['text']); $u=$post['user']; $users[$u]=loaduser($u,1); if($post['thread']==$id) $quotemsg="[quote={$users[$u]['name']}]{$post['text']}[/quote]\r\n"; } print " $tccellh width=150> $tccellh colspan=2>  $tccell1>{$passhint} $tccell2l colspan=2> {$altloginjs} Username: $inpt=username VALUE=\"".htmlspecialchars($username)."\" SIZE=25 MAXLENGTH=25 autocomplete=\"off\"> Password: $inpp=password SIZE=13 MAXLENGTH=64 autocomplete=\"off\"> $tccell1>Reply: $tccell2l width=800px valign=top> $txta=message ROWS=21 COLS=$numcols style=\"width: 100%; max-width: 800px; resize:vertical;\">". htmlspecialchars($quotemsg, ENT_QUOTES) ." $tccell2l width=*>".moodlist(filter_int($moodid))." $tccell1> $tccell2l colspan=2> $inph=action VALUE=postreply> $inph=id VALUE=$id> $inph=valid value=\"". md5($_SERVER['REMOTE_ADDR'] . $id ."sillysaltstring") ."\"> $inps=submit VALUE=\"Submit reply\"> $inps=preview VALUE=\"Preview reply\"> $tccell1>Options:$tccell2l colspan=2> $inpc=\"nosmilies\" id=\"nosmilies\" value=\"1\"> - $inpc=\"nolayout\" id=\"nolayout\" value=\"1\"> - $inpc=\"nohtml\" id=\"nohtml\" value=\"1\"> $modoptions $tblend
$tblstart$postlist$tblend $fonttag$boardname - $forum[title] - $thread[title]"; } elseif(!$_POST['action']) { print $header; print "$tccell1>You are not allowed to post in this thread.
".redirect("index.php", 'return to the index page', 0).""; } if ($_POST['action'] == 'postreply' && !($banned && $log) && $id > 0) { if ($log && !$password) $userid = $loguserid; else $userid = checkuser($username,$password); $error=''; if ($userid == -1) { $error = "Either you didn't enter an existing username, or you haven't entered the right password for the username."; } else { $user = @$sql->fetchq("SELECT * FROM users WHERE id='$userid'"); if ($thread['closed']) $error = 'The thread is closed and no more replies can be posted.'; if ($user['powerlevel']<$forum['minpowerreply']) $error = 'Replying in this forum is restricted, and you are not allowed to post in this forum.'; if (!$message) $error = "You didn't enter anything in the post."; } if (!$error) { $sign = $user['signature']; $head = $user['postheader']; // @TODO: Remove this code if($user['postbg']) $head="
$head"; $numposts = $user['posts']+ 1; $numdays = (ctime()-$user['regdate'])/86400; $tags = array(); $message = doreplace($message,$numposts,$numdays,$username, $tags); $tagval = $sql->escape(json_encode($tags)); $rsign = doreplace($sign,$numposts,$numdays,$username); $rhead = doreplace($head,$numposts,$numdays,$username); $currenttime = ctime(); if (filter_string($_POST['submit'])) { $sql->query("UPDATE `users` SET `posts` = $numposts, `lastposttime` = '$currenttime' WHERE `id` = '$userid'"); if (filter_bool($nolayout)) { $headid = 0; $signid = 0; } else { $headid=getpostlayoutid($head); $signid=getpostlayoutid($sign); } $close = ""; $stick = ""; if ($ismod) { if ($close) $close = "`closed` = '1',"; else $close = "`closed` = '0',"; if ($stick) $stick = "`sticky` = '1',"; else $stick = "`sticky` = '0',"; } $sql->query("INSERT INTO posts (thread,user,date,ip,num,headid,signid,moodid) VALUES ($id,$userid,$currenttime,'$userip',$numposts,$headid,$signid,'". $_POST['moodid'] ."')"); $pid=mysql_insert_id(); $options = filter_int($nosmilies) . "|" . filter_int($nohtml); if($pid) $sql->query("INSERT INTO `posts_text` (`pid`,`text`,`tagval`, `options`) VALUES ('$pid','$message','$tagval', '$options')"); $sql->query("UPDATE `threads` SET $close $stick `replies` = `replies` + 1, `lastpostdate` = '$currenttime', `lastposter` = '$userid' WHERE `id`='$id'"); $sql->query("UPDATE `forums` SET `numposts` = `numposts` + 1, `lastpostdate` = '$currenttime', `lastpostuser` ='$userid', `lastpostid` = '$pid' WHERE `id`='$forumid'"); $sql->query("UPDATE `threadsread` SET `read` = '0' WHERE `tid` = '$id'"); $sql->query("REPLACE INTO threadsread SET `uid` = '$userid', `tid` = '$id', `time` = ". ctime() .", `read` = '1'"); xk_ircout("reply", $user['name'], array( 'forum' => $forum['title'], 'fid' => $forumid, 'thread' => str_replace("<", "<", $thread['title']), 'pid' => $pid, 'pow' => $forum['minpower'], )); return header("Location: thread.php?pid=$pid#$pid"); } else { loadtlayout(); $message = stripslashes($message); $ppost = $user; $ppost['posts']++; $ppost['uid'] = $userid; $ppost['num'] = $numposts; $ppost['lastposttime'] = $currenttime; $ppost['date'] = $currenttime; $ppost['moodid'] = $_POST['moodid']; if (filter_bool($nolayout)) { $ppost['headtext'] = ""; $ppost['signtext'] = ""; } else { $ppost['headtext']=$rhead; $ppost['signtext']=$rsign; } $ppost['text'] = $message; $ppost['options'] = filter_int($nosmilies) . "|" . filter_int($nohtml); if($isadmin) $ip=$userip; $chks = array("", "", ""); if ($nosmilies) $chks[0] = "checked"; if ($nolayout) $chks[1] = "checked"; if ($nohtml) $chks[2] = "checked"; print "$header $tccellh>Post preview $tblend$tblstart ".threadpost($ppost,1)." $tblend
$tblstart
$tccellh width=150> $tccellh colspan=2>  $tccell1>Reply: $tccell2l width=800px valign=top>$txta=message ROWS=21 COLS=$numcols style=\"width: 100%; max-width: 800px; resize:vertical;\">". htmlspecialchars($message, ENT_QUOTES) ." $tccell2l width=*>".moodlist($moodid)." $tccell1> $tccell2l colspan=2> $inps=submit VALUE=\"Submit reply\"> $inps=preview VALUE=\"Preview reply\"> $inph=username VALUE=\"".htmlspecialchars($username)."\"> $inph=password VALUE=\"".htmlspecialchars($password)."\"> $inph=valid value=\"". md5($_SERVER['REMOTE_ADDR'] . $id ."sillysaltstring") ."\"> $inph=action VALUE=postreply> $inph=id VALUE=$id> $tccell1>Options:$tccell2l colspan=2> $inpc=\"nosmilies\" id=\"nosmilies\" value=\"1\" $chks[0]> - $inpc=\"nolayout\" id=\"nolayout\" value=\"1\" $chks[1]> - $inpc=\"nohtml\" id=\"nohtml\" value=\"1\" $chks[2]> $modoptions $tblend $tblstart$postlist$tblend "; } } else { print "$header$tccell1>Couldn't enter the post. $error
".redirect("thread.php?id=$id", $thread['title'], 0); } } if ($thread['closed']) { print " $tccell1>Sorry, but this thread is closed, and no more replies can be posted in it.
".redirect("thread.php?id=$id",$thread['title'],0); } elseif($banned and $log) { print " $tccell1>Sorry, but you are banned from the board, and can not post.
".redirect("thread.php?id=$id",$thread['title'],0); } print $footer; printtimedif($startingtime);