| ' ._FORUM_IS_OFFLINE. '' : ' ' ;?> |
' : _HOME; ?>
' : _GEN_MYPROFILE; ?>
|
' : _GEN_HELP; ?>
';
echo $sbIcons['rules'] ? '
' : _GEN_RULES;
echo '';
}?>
|
setQuery("SELECT id,thread,parent FROM #__sb_messages WHERE id='$parent'");
$database->query();
if ($database->getNumRows() == 0)
{
// bad parent, create a new post
$parent = 0;
$thread = 0;
}
else
{
$database->loadObject($m);
$thread = $m->parent==0?$m->id:$m->thread;
}
if ($catid == 0 )
{
$catid = 1; //make sure there's a proper category
}
/*if ($attachfile != '' ) {
$noFileUpload=0;
include $sbp.'/file_upload.php';
if ($rc==0){
$noFileUpload=1;
}
}
if ($attachimage != '' ) {
$noImgUpload=0;
include $sbp.'/image_upload.php';
if ($rc==0){
$noImgUpload=1;
}
}*/
$messagesubject=$subject;//before we add slashes and all... used later in mail
$sb_authorname=trim(addslashes($sb_authorname));
$subject=trim(htmlspecialchars(addslashes($subject)));
$message=trim(htmlspecialchars(addslashes($message)));
if ($contentURL != "empty") { $message= $contentURL.'\n\n'.$message;}
//parse the message for some preliminary bbcode and stripping of HTML
$message = smile::bbencode_first_pass($message);
$subject = smile::bbencode_first_pass($subject);
//--
$email=trim(addslashes($email));
$topic_emoticon=(int)$topic_emoticon;
$topic_emoticon=$topic_emoticon>7?0:$topic_emoticon;
$posttime=time()+($sbConfig['board_ofset']*3600);
//check if the post must be reviewed by a Moderator prior to showing
//doesn't apply to admin/moderator posts ;-)
$holdPost=0;
if (!$is_moderator){
$database->setQuery("SELECT review FROM #__sb_categories WHERE id=$catid");
$holdPost=$database->loadResult();
}
$database->setQuery("INSERT INTO #__sb_messages (parent,thread,catid,name,userid,email,subject,time,ip,topic_emoticon,hold) VALUES('$parent','$thread','$catid','$sb_authorname','$my_id','$email','$subject','$posttime','$ip','$topic_emoticon','$holdPost')");
if ($database->query())
{
$pid=$database->insertId();
$database->setQuery("INSERT INTO #__sb_messages_text (mesid,message) VALUES('$pid','$message')");
$database->query();
if ($thread==0){
//if thread was zero, we now know to which id it belongs, so we can determine the thread and update it
$database->setQuery("UPDATE #__sb_messages SET thread='$pid' WHERE id='$pid'");
$database->query();
}
//update the user posts count
if ($my->id != 0){
$database->setQuery("UPDATE #__sb_users SET posts=posts+1 WHERE userid='$my->id'");
$database->query();
}
//Update the attachments table if an image has been attached
if ( $imagelocation != "" && ! $noImgUpload)
{
$database->setQuery("INSERT INTO #__sb_attachments (mesid, filelocation) values ('$pid','$imageLocation')");
if (!$database->query()){
echo "\n";
}
}
//Update the attachments table if an file has been attached
if ( $fileLocation != "" && ! $noFileUpload)
{
$database->setQuery("INSERT INTO #__sb_attachments (mesid, filelocation) values ('$pid','$fileLocation')");
if (!$database->query()){
echo "\n";
}
}
//Now manage the subscriptions (only if subscriptions are allowed)
if($sbConfig['allowsubscriptions'] == 1) {//they're allowed
//get the proper user credentials for each subscription to this topic
if ($thread==0){
$querythread=$pid;
} else {
$querythread=$thread;
}
//clean up the message
$mailmessage=smile::purify($message);
$database->setQuery("SELECT * FROM #__sb_subscriptions AS a"
. "\n LEFT JOIN #__users as u"
. "\n ON a.userid=u.id "
. "\n WHERE a.thread= '$querythread'");
$subsList=$database->loadObjectList();
//construct a useable URL
$messageUrl=sefRelToAbs($mosConfig_live_site."/index.php?option=com_simpleboard&Itemid=$Itemid&func=view&catid=$catid&id=$pid")."#$pid";
if(count($subsList)>0){//we got more than 0 subscriptions
require_once($sbp.'/sb_mail.php'); // include sbMail class for mailing
foreach($subsList as $subs){
$mailsubject = "$_COM_A_NOTIFICATION $board_title";
$msg = "$subs->name,\n";
$msg .= "$_COM_A_NOTIFICATION1 $board_title forum\n";
$msg .= "Subject: '".stripslashes($messagesubject)."' in Forum: '".stripslashes($catName)."'\n";
$msg .= "Posted by: ". stripslashes($sb_authorname) . "\n\n";
$msg .= "$_COM_A_NOTIFICATION2\n";
$msg .= "URL: $messageUrl\n\n";
$msg .= "Post:\n";
$msg .= stripslashes($mailmessage);
$msg .= "\n\n";
$msg .= "$_COM_A_NOTIFICATION3\n";
$msg .= "\n\n\n\n\n";
$msg .= "** Mambo Simpleboard Forum Component by Jan de Graaff **\n";
$msg .= "** the Two Shoes Mambo Factory - http://www.tsmf.net **";
if($ip != "127.0.0.1" && $my_id != $subs->id){//don't mail yourself
sbMail::send($sbConfig['email'],"Forum at ". $_SERVER['SERVER_NAME'],$subs->email,$mailsubject,$msg);
}
}
}
}
//Now manage the mail for moderators (only if configured)
if($sbConfig['mailmod'] == '1') {//they're configured
//get the proper user credentials for each moderator for this forum
$database->setQuery("SELECT * FROM #__sb_moderation AS a"
. "\n LEFT JOIN #__users AS u"
. "\n ON a.userid=u.id"
. "\n WHERE a.catid=$catid");
$modsList=$database->loadObjectList();
if(count($modsList)>0){//we got more than 0 moderators eligible for email
require_once($sbp.'/sb_mail.php'); // include sbMail class for mailing
foreach($modsList as $mods){
$mailsubject = "$_COM_A_NOTIFICATION $board_title";
$msg = "$mods->name,\n";
$msg .= "$_COM_A_NOT_MOD1 $board_title forum\n";
$msg .= "Subject: '".stripslashes($messagesubject)."' in Forum: '".stripslashes($catName)."'\n";
$msg .= "Posted by: ". stripslashes($sb_authorname) . "\n\n";
$msg .= "$_COM_A_NOT_MOD2\n";
$msg .= "URL: $messageUrl\n\n";
$msg .= "Post:\n";
$msg .= stripslashes($mailmessage);
$msg .= "\n\n";
$msg .= "$_COM_A_NOTIFICATION3\n";
$msg .= "\n\n\n\n\n";
$msg .= "** Mambo Simpleboard Forum Component by TSMF **\n";
$msg .= "** the Two Shoes Mambo Factory - http://www.tsmf.net **";
if($ip != "127.0.0.1" && $my_id != $mods->id){//don't mail yourself
//Send away
sbMail::send($sbConfig['email'],"Forum at ". $_SERVER['SERVER_NAME'],$mods->email,$mailsubject,$msg);
}
}
}
}
//now try adding any new subscriptions if asked for by the poster
if($subscribeMe == 1){
if ($thread==0){$sb_thread=$pid;}else{$sb_thread=$thread;}
$database->setQuery("INSERT INTO #__sb_subscriptions (thread,userid) VALUES ('$sb_thread','$my_id')");
if ($database->query()){
echo _POST_SUBSCRIBED_TOPIC." "; }else{ echo _POST_NO_SUBSCRIBED_TOPIC." "; } } if($holdPost==1){ echo _POST_SUCCES_REVIEW.' '._GEN_CONTINUE.'.'; }else{ echo ''; ?> |
'._SUBMIT_CANCEL."
"; echo ''; } else { if ($do=="quote") {//reply do quote //check if topic isn't locked if($replyto != 0) { $database->setQuery("select thread from #__sb_messages where id='$replyto'"); $topicID=$database->loadResult(); if ($topicID != 0){ //message replied to is not the topic post; check if the topic post itself is locked $database->setQuery("select locked from #__sb_messages where id='$topicID'"); $topicLock=$database->loadResult(); $lockedWhat=_GEN_TOPIC; }else{ //message replied to is the topic post; check if that's locked $database->setQuery("select locked from #__sb_messages where id='$replyto'"); $topicLock=$database->loadResult(); $lockedWhat=_GEN_TOPIC; } if ($topicLock==0){ //topic not locked; check if forum is locked $database->setQuery("select locked from #__sb_categories where id='$catid'"); $topicLock=$database->loadResult(); $lockedWhat=_GEN_FORUM; } } if (( ($sbConfig['pubwrite']==0 && $my_id != 0)||$sbConfig['pubwrite']==1) && ($topicLock==0 || ($topicLock==1 && $is_moderator))) {//user is allowed to make a quote $parentid=0; $replyto=(int)$replyto; if ($replyto > 0) { $database->setQuery("SELECT #__sb_messages.*,#__sb_messages_text.message FROM #__sb_messages,#__sb_messages_text WHERE id='$replyto' AND mesid='$replyto'"); $database->query(); if ($database->getNumRows() > 0) { $database->loadObject($message); //$message->message=smile::smileReplace($message->message,0, $sbs); $table = array_flip(get_html_translation_table(HTML_ENTITIES)); $quote = strtr($message->message, $table); $htmlText = "[b]".stripslashes($message->name)." "._POST_WROTE.":[/b]\n"; $htmlText .= '[quote]'.$quote."[/quote]"; $quote=smile::sbStripHtmlTags($quote); //$quote=RTESafe_sb(nl2br($quote)); $resubject = strtr($message->subject, $table); $resubject = strtolower(substr($resubject,0,strlen(_POST_RE)))==strtolower(_POST_RE)?stripslashes($resubject):_POST_RE.stripslashes($resubject); //$resubject = htmlspecialchars($resubject); $resubject=smile::sbStripHtmlTags($resubject); $parentid = $message->id; $authorName=$my_name; } } ?> "; } } else { echo "Hacking attempt!";} } else if ($do == "editpostnow") { $database->setQuery("SELECT * FROM #__sb_messages LEFT JOIN #__sb_messages_text ON #__sb_messages.id=#__sb_messages_text.mesid WHERE #__sb_messages.id='$id'"); $message1=$database->loadObjectList(); foreach($message1 as $mes) { $userid=$mes->userid; } //Check for a moderator or superadmin if ($is_moderator) { $allowEdit=1; } if ($sbConfig['useredit']==1 && $my_id != "" ) { //Now, if the author==viewer and the viewer is allowed to edit his/her own post the let them edit if ($my_id == $userid ) { $allowEdit=1; } } if ($allowEdit==1) { if ($attachfile != '' ) { include $sbp.'/file_upload.php'; } if ($attachimage != '' ) { include $sbp.'/image_upload.php'; } $message=trim(htmlspecialchars(addslashes($message))); if ($sbConfig['editMarkUp']) { $posttime=time()+($sbConfig['board_ofset']*3600); $message = $message."
"._EDIT_BY." ".$my->username.", "._EDIT_AT." ".date(_DATETIME, $posttime); } //parse the message for some preliminary bbcode and stripping of HTML $message = smile::bbencode_first_pass($message); $id=(int)$id; $database->setQuery("SELECT id FROM #__sb_messages WHERE id='$id'"); $database->query(); if ($database->getNumRows() > 0) { $database->setQuery("UPDATE #__sb_messages SET name='$sb_authorname', email='".addslashes($email)."', subject='".addslashes($subject)."', topic_emoticon='".((int)$topic_emoticon)."' WHERE id='$id'"); $dbr_nameset=$database->query(); $database->setQuery("UPDATE #__sb_messages_text SET message='$message' WHERE mesid='$id'"); if ($database->query() && $dbr_nameset) { //Update the attachments table if an image has been attached if ( $imageLocation != "" ) { $database->setQuery("INSERT INTO #__sb_attachments (mesid, filelocation) values ('$id','$imageLocation')"); if (!$database->query()){ echo "\n"; } } //Update the attachments table if an file has been attached if ( $fileLocation != "" ) { $database->setQuery("INSERT INTO #__sb_attachments (mesid, filelocation) values ('$id','$fileLocation')"); if (!$database->query()){ echo "\n"; } } echo ''; } else echo _POST_ERROR_MESSAGE_OCCURED; } else { echo _POST_INVALID; } }else{echo ("Hacking attempt");} } else if ($do == "delete") { if(!$is_moderator){ die("Hacking Attempt!");} $id=(int)$id; $database->setQuery("SELECT * FROM #__sb_messages WHERE id=$id"); $message=$database->loadObjectList(); foreach ($message as $mes) { ?> setQuery("SELECT parent,thread,subject FROM #__sb_messages WHERE id=$id"); $message=$database->loadObjectList(); foreach($message as $mes) { $thread=$mes->thread; $removechildren=(int)$removechildren; if ($mes->parent==0) { // this is the forum topic; if removed, all children must be removed as well. //first select all children ids that belong to this topic.. we need them later on //to delete the message bodies belonging to them $database->setQuery("SELECT id FROM #__sb_messages WHERE thread=$id"); //$childlist=$database->loadObjectList(); $children=implode(",",$database->loadResultArray()); $database->setQuery("DELETE FROM #__sb_messages WHERE id=$id"); if (!$database->query()) $sqlError="Could not delete the Topic post - nothing else deleted"; else {//Topic post deleted, now the rest $database->setQuery("DELETE FROM #__sb_messages WHERE thread=$id"); if (!$database->query()) $sqlError="Could not delete child posts, but Topic post was deleted. Update the database manually."; else { $database->setQuery("DELETE FROM #__sb_messages_text WHERE mesid=$id"); if (!$database->query()) $sqlError="Could not delete the text of the Topic post. Update the database manually."; $database->setQuery("DELETE FROM #__sb_messages_text WHERE mesid IN ($children)"); if (!$database->query()) $sqlError="Could not delete childs posts texts. Everything else deleted. Update the database manually."; if ($delAttachments=="delAtt") {//delete all attachments $query="SELECT filelocation FROM #__sb_attachments WHERE mesid IN ($children)"; $database->setQuery($query); $fileList=$database->loadObjectList(); if (count($fileList)>0){ foreach ($fileList as $fl){ unlink($fl->filelocation); } $database->setQuery("DELETE FROM #__sb_attachments WHERE mesid IN ($children)"); $database->query(); } } } } } // fi ($mes->parent==0) else {//this is not the Topic post, so delete it and promote the direct children one level up in //the hierarchy $thread=$mes->thread; $database->setQuery("UPDATE #__sb_messages SET parent='$mes->parent' WHERE parent='$id'"); if (!$database->query()) {$sqlError="Could not promote children in post hierarchy. Nothing deleted.";} else { $database->setQuery("DELETE FROM #__sb_messages WHERE id='$id'"); if (!$database->query()) { $sqlError="Could not delete the post. Try again.";} else { $database->setQuery("DELETE FROM #__sb_messages_text WHERE mesid='$id'"); if (!$database->query()) { $sqlError="Could not delete the posts text. Post itself is deleted. Update the database manually.";} } if ($delAttachments=="delAtt") {//delete all attachments $database->setQuery("SELECT filelocation FROM #__sb_attachments WHERE mesid=$id"); $fileList=$database->loadObjectList(); if (count($fileList)>0){ foreach ($fileList as $fl){ unlink($fl->filelocation); } $database->setQuery("DELETE FROM #__sb_attachments WHERE mesid=$id"); $database->query(); } } } } //Now, check for errors: if ($sqlError=="") { echo ''; ?> "; echo "$sqlError"; } }//foreach($message as $mes }//fi $do==deletepostnow else if ($do == "move") { if(!$is_moderator){ die("Hacking Attempt!");} $catid=(int)$catid; $id=(int)$id; //get list of available forums //$database->setQuery("SELECT id,name FROM #__sb_categories WHERE parent != '0'"); $database->setQuery( "SELECT a.*, b.name AS category" . "\nFROM #__sb_categories AS a" . "\nLEFT JOIN #__sb_categories AS b ON b.id = a.parent" . "\nWHERE a.parent != '0'" . "\nORDER BY parent, ordering"); $catlist=$database->loadObjectList(); // get topic subject: $database->setQuery("select subject from #__sb_messages where id=$id"); $topicSubject=$database->loadResult(); ?> setQuery("SELECT `subject`, `catid`, `time` AS timestamp FROM #__sb_messages WHERE `id`='$id'"); $oldRecord=$database->loadObjectList(); $newSubject=_MOVED_TOPIC." ".$oldRecord[0]->subject; $database->setQuery("SELECT MAX(time) AS timestamp FROM #__sb_messages WHERE `thread`='$id'"); $lastTimestamp=$database->loadResult(); if ($lastTimestamp == "") { $lastTimestamp = $oldRecord[0]->timestamp; } //perform the actual move //Move topic post first $database->setQuery("UPDATE #__sb_messages SET `catid`='$catid' WHERE `id`='$id'"); if ($database->query()) { //succeeded; move the rest of the thread if exists $database->setQuery("UPDATE #__sb_messages set `catid`='$catid' WHERE `thread`='$id'"); if ($database->query()) { //okay, now try to insert a 'Moved topic' notification post entry in the 'old' forum $database->setQuery("INSERT INTO #__sb_messages (`parent`, `subject`, `time`, `catid`, `moved`) VALUES ('0','$newSubject','".$lastTimestamp."','".$oldRecord[0]->catid."','1')"); if ($database->query() ) { //determine the new location for link composition $newId=$database->insertid(); $newURL = "catid=".$catid."&id=".$id; $database->setQuery("INSERT INTO #__sb_messages_text (`mesid`, `message`) VALUES ('$newId', '$newURL')"); if (! $database->query() ) { $database->stderr(true); } //and update the thread id on the 'moved' post for the right ordering when viewing the forum.. $database->setQuery("UPDATE #__sb_messages SET `thread`='$newId' WHERE `id`='$newId'"); if (! $database->query() ) { $database->stderr(true); } } //move succeeded echo ''; ?> setQuery("INSERT INTO #__sb_subscriptions (thread,userid) VALUES ('$sb_thread','$my_id')"); if ($database->query()){ echo _POST_SUBSCRIBED_TOPIC."
"; }else{ echo _POST_NO_SUBSCRIBED_TOPIC."
"; } echo ''; ?> setQuery("update #__sb_messages set ordering=1 where id=$id"); if ($database->query()){ echo '
'._POST_STICKY_SET.'
';
}else{
echo '
'._POST_STICKY_NOT_SET.'
';
}
echo '
'._POST_STICKY_UNSET.'
';
}else{
echo '
'._POST_STICKY_NOT_UNSET.'
';
}
echo '
'._POST_LOCK_SET.'
';
}else{
echo '
'._POST_LOCK_NOT_SET.'
';
}
echo '
'._POST_LOCK_UNSET.'
';
}else{
echo '
'._POST_LOCK_NOT_UNSET.'
';
}
echo '