A lightweight forum engine written in PHP. Repository is now obsolete and read-only. http://www.pioder.pl/uforum.html
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

330 lines
9.7 KiB

  1. <?php
  2. /**
  3. * @package uForum
  4. * @file posting.php
  5. * @version $Id$
  6. * @copyright 2009(c) PioDer <pioder@wp.pl>
  7. * @link http://pioder.gim2przemysl.int.pl/
  8. * @license GNU GPL v3
  9. **/
  10. define('IN_uF', true);
  11. //include files
  12. include('./config.php');
  13. include('./includes/constants.php');
  14. include('./includes/db.php');
  15. include('./includes/errors.php');
  16. //connect to database
  17. DataBase::db_connect();
  18. include('./includes/sessions.php');
  19. include('./includes/classes/class_user.php');
  20. include('./common.php');
  21. include('./includes/misc_functions.php');
  22. include('./includes/classes/class_forum.php');
  23. include('./includes/classes/class_posting.php');
  24. include('./includes/classes/class_topic.php');
  25. include('./includes/classes/secure.php');
  26. include('./lngs/'.DefaultLang().'/main.php');
  27. $start = TimeGeneration();
  28. $default_skin = ViewSkinName();
  29. SessDelInvalid();
  30. SessRegister();
  31. SessDeleteOld();
  32. $msg='';
  33. if ($_SESSION['uid']<1)
  34. {
  35. message_forum($lng['youarenotlogd'],'login.php?mode=login');
  36. }
  37. foreach ($_POST as $name => $value)
  38. {
  39. if ($forum_config['use_censorlist'])
  40. {
  41. $_POST[$name] = Secure::UseCensorlist($value);
  42. }
  43. }
  44. $start = TimeGeneration();
  45. //add skin variables
  46. $skin = array(
  47. 'smiles'=>Post::SmilesShow(),
  48. //labels
  49. 'lsmiles'=>$lng['smiles'],
  50. 'ltopicname'=>$lng['ltopicname'],
  51. 'lsave'=>$lng['save'],
  52. 'lreset'=>$lng['reset'],
  53. 'lmsg'=>$lng['message'],
  54. 'lsticky_topic'=>$lng['sticky_topic'],
  55. 'lwritetopic'=>$lng['writetopic'],
  56. );
  57. $skin = array_push_associative($skin, GenerateHeader('',''));
  58. $stop = TimeGeneration();
  59. $skin['queries'] = ShowQueries($start, $stop);
  60. if(RANK=='2')
  61. {
  62. $skin['pa_link']='<a href="admin/index.php" class="fsmall"><b>'.$lng['pa_link'].'</b></a>';
  63. }
  64. else
  65. {
  66. $skin['pa_link']='';
  67. }
  68. switch(trim($_GET['mode']))
  69. {
  70. /**
  71. *
  72. functions for reply: normal, editing, quoting...
  73. *
  74. **/
  75. case 'qpost': //quote post
  76. {
  77. $msg ='';
  78. if (isset($_POST['textedit']))
  79. {
  80. if (($_POST['textedit'] !='' ) and (strlen(trim($_POST['textedit']))>10))
  81. {
  82. if (isset($_COOKIE['antiflood_time']))
  83. {
  84. if ($_COOKIE['antiflood_time']>time())
  85. {
  86. message_forum($lng['antiflood_enabled'],$_SERVER['REQUEST_URI']);
  87. }
  88. }
  89. else
  90. {
  91. setcookie('antiflood_time',(time() + $forum_config['time_antiflood']));
  92. }
  93. $_POST['textedit'] = Secure::TagsReplace($_POST['textedit']);
  94. $id = Post::NewPost(intval($_GET['t']),$_POST['textedit'], $_SESSION['uid']);
  95. $count = ceil(($id / 15 ));
  96. if ($count >1)
  97. {
  98. $page= '&amp;page='.$count;
  99. }
  100. else
  101. {
  102. $page='';
  103. }
  104. $stop = TimeGeneration();
  105. message_forum($lng['post_is_saved'],'topic.php?t='.$_GET['t'].$page.'#'.$id);
  106. }
  107. else
  108. {
  109. $message = $lng['perror_1'];
  110. $msg = './skins/'.$default_skin.'/post_error_body.tpl';
  111. }
  112. }
  113. else
  114. {
  115. $_POST['textedit']='[quote]'.stripslashes(Topic::PostInformation($_GET['id'],'text')).'[/quote]';
  116. }
  117. Secure::topic_exists(intval($_GET['t']));
  118. Secure::TopicLocked(intval($_GET['t']));
  119. $skin['mainpage'] = $lng['quote'];
  120. $skin['lmainpage'] = '</a>&gt; <a href="posting.php?mode=qpost&amp;id='.$_GET['id'].'&amp;t='.$_GET['t'].'"
  121. class="navigator">'.$lng['quote'];
  122. $skin['f_id'] = $_GET['id'];
  123. $skin['action'] = 'posting.php?mode=qpost&amp;id='.$_GET['id'].'&amp;t='.$_GET['t'];
  124. if ($msg=='')
  125. {
  126. $msg='./skins/'.$default_skin.'/blank.tpl';
  127. }
  128. include('./skins/'.$default_skin.'/overall_header.tpl');
  129. include('./skins/'.$default_skin.'/posting_body.tpl');
  130. include('./skins/'.$default_skin.'/overall_footer.tpl');
  131. break;
  132. }
  133. case 'edit': //edit post
  134. {
  135. if ((User::RankAdminMod($_SESSION['uid'])) or ($_SESSION['uid']==Topic::PostInformation($_GET['id'],'u_id')))
  136. {
  137. $msg ='';
  138. if (isset($_POST['textedit']))
  139. {
  140. if (($_POST['textedit'] !='' ) and (strlen(trim($_POST['textedit']))>10))
  141. {
  142. if (isset($_COOKIE['antiflood_time']))
  143. {
  144. if ($_COOKIE['antiflood_time']>time())
  145. {
  146. message_forum($lng['antiflood_enabled'],$_SERVER['REQUEST_URI']);
  147. }
  148. }
  149. else
  150. {
  151. setcookie('antiflood_time',(time() + $forum_config['time_antiflood']));
  152. }
  153. $_POST['textedit'] = Secure::TagsReplace($_POST['textedit']);
  154. Post::EditPost(intval($_GET['id']),$_POST['textedit']);
  155. $count = ceil((Topic::PostInformation(intval($_GET['id']),'tp_id') / 15 ));
  156. if ($count >1)
  157. {
  158. $page= '&amp;page='.$count;
  159. }
  160. else
  161. {
  162. $page='';
  163. }
  164. $stop = TimeGeneration();
  165. message_forum($lng['post_is_saved'],'topic.php?t='.Topic::PostInformation(intval($_GET['id']),'t_id').$page.'#p'.$_GET['id']);
  166. }
  167. else
  168. {
  169. $message = $lng['perror_1'];
  170. $msg = './skins/'.$default_skin.'/post_error_body.tpl';
  171. }
  172. }
  173. else
  174. {
  175. $_POST['textedit']=stripslashes(Topic::PostInformation($_GET['id'],'text'));
  176. }
  177. }
  178. $skin['mainpage'] = $lng['editpost'];
  179. $skin['lmainpage'] = '</a>&gt; <a href="posting.php?mode=edit&amp;id='.intval($_GET['id']).'"
  180. class="navigator">'.$lng['editpost'];
  181. $skin['f_id'] = intval($_GET['id']);
  182. $skin['action'] = 'posting.php?mode=edit&amp;id='.intval($_GET['id']);
  183. if ($msg=='')
  184. {
  185. $msg='./skins/'.$default_skin.'/blank.tpl';
  186. }
  187. include('./skins/'.$default_skin.'/overall_header.tpl');
  188. include('./skins/'.$default_skin.'/posting_body.tpl');
  189. include('./skins/'.$default_skin.'/overall_footer.tpl');
  190. break;
  191. }
  192. case 'rpost': //reply post
  193. {
  194. $msg ='';
  195. if (isset($_POST['textedit']))
  196. {
  197. if (($_POST['textedit'] !='' ) and (strlen(trim($_POST['textedit']))>10))
  198. {
  199. if (isset($_COOKIE['antiflood']))
  200. {
  201. if ($_COOKIE['antiflood_time']>time())
  202. {
  203. message_forum($lng['antiflood_enabled'],$_SERVER['REQUEST_URI']);
  204. }
  205. }
  206. else
  207. {
  208. setcookie('antiflood_time',(time() + $forum_config['time_antiflood']));
  209. }
  210. $_POST['textedit'] = Secure::TagsReplace($_POST['textedit']);
  211. $id = Post::NewPost(intval($_GET['id']),$_POST['textedit'], $_SESSION['uid']);
  212. $count =ceil(($id / 15 ));
  213. if ($count >1)
  214. {
  215. $page= '&amp;page='.$count;
  216. }
  217. else
  218. {
  219. $page='';
  220. }
  221. $stop = TimeGeneration();
  222. message_forum($lng['post_is_saved'],'topic.php?t='.$_GET['id'].$page.'#p'.$id);
  223. }
  224. else
  225. {
  226. $message = $lng['perror_1'];
  227. $msg = './skins/'.$default_skin.'/post_error_body.tpl';
  228. }
  229. }
  230. else
  231. {
  232. $_POST['textedit']='';
  233. }
  234. Secure::topic_exists(intval($_GET['id']));
  235. Secure::TopicLocked(intval($_GET['id']));
  236. $skin['mainpage'] = $lng['answer'].': '.Topic::TopicInformation(intval($_GET['id']),'name');
  237. $skin['lmainpage'] = '</a>&gt; <a href="posting.php?mode=rpost&amp;id='.intval($_GET['id']).'"
  238. class="navigator">'.$lng['answer'].': </a><a href="topic.php?t='.$_GET['id'].'"
  239. class="navigator">'.Topic::TopicInformation(intval($_GET['id']),'name');
  240. $skin['f_id'] = $_GET['id'];
  241. $skin['action'] = 'posting.php?mode=rpost&amp;id='.$_GET['id'];
  242. if ($msg=='')
  243. {
  244. $msg='./skins/'.$default_skin.'/blank.tpl';
  245. }
  246. include('./skins/'.$default_skin.'/overall_header.tpl');
  247. include('./skins/'.$default_skin.'/posting_body.tpl');
  248. include('./skins/'.$default_skin.'/overall_footer.tpl');
  249. break;
  250. }
  251. /**
  252. *
  253. Select new TOPIC
  254. *
  255. **/
  256. case 'ntopic': //new topic
  257. {
  258. $msg ='';
  259. if ((isset($_POST['textedit'])) and (isset($_POST['ntopic'])))
  260. {
  261. if (($_POST['textedit'] !='' ) and ($_POST['ntopic']!='') and (strlen(trim($_POST['textedit']))>10) and (strlen(trim($_POST['ntopic']))>5))
  262. {
  263. $_POST['textedit'] = Secure::TagsReplace($_POST['textedit']);
  264. if (isset($_COOKIE['antiflood_time']))
  265. {
  266. if ($_COOKIE['antiflood_time']>time())
  267. {
  268. message_forum($lng['antiflood_enabled'],$_SERVER['REQUEST_URI']);
  269. }
  270. }
  271. else
  272. {
  273. setcookie('antiflood_time',(time() + $forum_config['time_antiflood']));
  274. }
  275. $_POST['ntopic'] = strip_tags(addslashes($_POST['ntopic']));
  276. if (isset($_POST['topic_sticky']))
  277. {
  278. $_POST['topic_sticky']='1';
  279. }
  280. else
  281. {
  282. $_POST['topic_sticky']='0';
  283. }
  284. $last = Post::NewTopic($_POST['textedit'],$_POST['ntopic'], intval($_GET['f']), $_SESSION['uid'], $_POST['topic_sticky']);
  285. $stop = TimeGeneration();
  286. message_forum($lng['post_is_saved'],'topic.php?t='.$last);
  287. }
  288. else
  289. {
  290. $message = $lng['perror_1'];
  291. $msg = './skins/'.$default_skin.'/post_error_body.tpl';
  292. }
  293. }
  294. else
  295. {
  296. $_POST['ntopic'] = '';
  297. $_POST['textedit']='';
  298. }
  299. $sql = "SELECT `lock`, `name`, `f_id` FROM ".FORUMS_TABLE." WHERE `f_id`='".intval($_GET['f'])."'";
  300. $forum = mysql_fetch_array(DataBase::sql_query($sql, 'GENERAL', 'Could not obtain forum information'));
  301. if($forum['name']=='')
  302. {
  303. message_forum($lng['no_forum'], 'index.php');
  304. }
  305. if($forum['lock']=='1')
  306. {
  307. message_forum($lng['no_posting_forum_locked'],'index.php');
  308. }
  309. $skin['mainpage'] = $lng['writetopic'];
  310. $skin['action'] = $_SERVER['REQUEST_URI'];
  311. $skin['lmainpage'] = '</a>&gt; <a href="forum.php?f='.$_GET['f'].'" class="navigator">'.$forum['name'].'</a> &gt;<a href="posting.php?mode=ntopic&amp;f='.$_GET['f'].'" class="navigator">'.$lng['writetopic'];
  312. $skin['f_id']=$_GET['f'];
  313. if ($msg=='')
  314. {
  315. $msg='./skins/'.$default_skin.'/blank.tpl';
  316. }
  317. include('./skins/'.$default_skin.'/overall_header.tpl');
  318. include('./skins/'.$default_skin.'/posting_body.tpl');
  319. include('./skins/'.$default_skin.'/overall_footer.tpl');
  320. break;
  321. }
  322. // if no mode... :D
  323. default:
  324. {
  325. $stop = TimeGeneration();
  326. message_forum($lng['invalidmode'],'index.php');
  327. break;
  328. }
  329. }