325 lines
9.7 KiB
PHP
325 lines
9.7 KiB
PHP
|
<?php
|
|||
|
if(!defined('DATALIFEENGINE')){die("Hacking attempt!");}
|
|||
|
|
|||
|
$forum_id = intval($_REQUEST['forum_id']);
|
|||
|
$postcount = intval ($forums_array[$forum_id]['postcount']);
|
|||
|
$subscription = intval($_REQUEST['subscription']);
|
|||
|
|
|||
|
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
if ($member_id['forum_post'] >= $forum_config['min_post'] OR $member_id['user_group'] < 2){
|
|||
|
$access_topic = check_access($forums_array[$forum_id]['access_topic']);
|
|||
|
}else{
|
|||
|
$access_topic = false;
|
|||
|
forum_msg($f_lang['all_info'], "<EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> ".$forum_config['min_post']." <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>");
|
|||
|
}
|
|||
|
//<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD>.
|
|||
|
|
|||
|
if ($access_topic)
|
|||
|
{
|
|||
|
if (!$_REQUEST['subaction'])
|
|||
|
{
|
|||
|
$access_upload = check_access($forums_array[$forum_id]['access_upload']);
|
|||
|
|
|||
|
$upload_var = array('area' => "topic", 'forum_id' => $forum_id, 'topic_id' => get_salt(),);
|
|||
|
|
|||
|
$tpl->set('[not-wysywyg]', "");
|
|||
|
|
|||
|
$tpl->set('{wysiwyg}','');
|
|||
|
|
|||
|
$tpl->set('[/not-wysywyg]',"");
|
|||
|
|
|||
|
include_once SYSTEM_DIR.'/forum/sources/components/bbcode.php';
|
|||
|
|
|||
|
$topic_action_add = $a_forum_url."act=add_topic&subaction=1";
|
|||
|
|
|||
|
$tpl->load_template($tpl_dir.'addtopic.tpl');
|
|||
|
|
|||
|
$tpl->set('{bbcode}',$bb_code);
|
|||
|
$tpl->set('{topic_title}',"");
|
|||
|
$tpl->set('{topic_descr}',"");
|
|||
|
$tpl->set('{text}',"");
|
|||
|
|
|||
|
if ($is_logged)
|
|||
|
{
|
|||
|
$tpl->set_block("'\\[not-logged\\](.*?)\\[/not-logged\\]'si","");
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
$tpl->set('[not-logged]','');
|
|||
|
$tpl->set('[/not-logged]','');
|
|||
|
}
|
|||
|
|
|||
|
if (check_access($forum_config['tools_poll']))
|
|||
|
{
|
|||
|
$tpl->set('[poll]','');
|
|||
|
$tpl->set('[/poll]','');
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
$tpl->set_block("'\\[poll\\](.*?)\\[/poll\\]'si","");
|
|||
|
}
|
|||
|
|
|||
|
if (check_access($forum_config['topic_captcha']))
|
|||
|
{
|
|||
|
$tpl->set('[sec_code]',"");
|
|||
|
$tpl->set('[/sec_code]',"");
|
|||
|
|
|||
|
$path = parse_url($config['http_home_url']);
|
|||
|
$anti_bot = !defined('FORUM_SUB_DOMAIN') ? 'system/modules/' : '';
|
|||
|
|
|||
|
$tpl->set('{sec_code}',"<span id=\"dle-captcha\"><img src=\"".$path['path'].$anti_bot."antibot.php\" alt=\"${lang['sec_image']}\" border=\"0\"></span>");
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
$tpl->set('{sec_code}',"");
|
|||
|
$tpl->set_block("'\\[sec_code\\](.*?)\\[/sec_code\\]'si","");
|
|||
|
}
|
|||
|
|
|||
|
$tpl->copy_template = "<form method=\"post\" name=\"forum-post-form\" id=\"forum-post-form\" action=\"{$topic_action_add}\">".$tpl->copy_template."
|
|||
|
<input type=\"hidden\" name=\"forum_id\" value=\"{$forum_id}\" />
|
|||
|
<input type=\"hidden\" name=\"add_tid\" value=\"{$upload_var['topic_id']}\" /></form>
|
|||
|
<div id=\"uploads-form\"></div>";
|
|||
|
|
|||
|
$tpl->compile('dle_forum');
|
|||
|
|
|||
|
$tpl->clear();
|
|||
|
}
|
|||
|
|
|||
|
else
|
|||
|
{
|
|||
|
if (check_access($forum_config['topic_captcha']))
|
|||
|
{
|
|||
|
if ($_REQUEST['sec_code'] !== $_SESSION['sec_code_session'] and isset($_SESSION['sec_code_session']))
|
|||
|
{
|
|||
|
$topic_captcha = true;
|
|||
|
|
|||
|
$_SESSION['sec_code_session'] = FALSE;
|
|||
|
}
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
$topic_captcha = false;
|
|||
|
}
|
|||
|
|
|||
|
if (!$topic_captcha){
|
|||
|
|
|||
|
require_once SYSTEM_DIR.'/classes/parse.class.php';
|
|||
|
|
|||
|
$parse = new ParseFilter(Array(), Array(), 1, 1);
|
|||
|
|
|||
|
if (!$is_logged)
|
|||
|
{
|
|||
|
$name = $db->safesql($parse->process(trim($_POST['name'])));
|
|||
|
$mail = $db->safesql($parse->process(trim($_POST['mail'])));
|
|||
|
|
|||
|
$member_id['name'] = $name;
|
|||
|
|
|||
|
$db->query("SELECT name from " . USERPREFIX . "_users where LOWER(name) = '".strtolower($name)."'");
|
|||
|
|
|||
|
if (!$db->num_rows() > 0)
|
|||
|
{
|
|||
|
$name_ok = true;
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
$name_ok = false;
|
|||
|
}
|
|||
|
|
|||
|
$db->free();
|
|||
|
|
|||
|
if(preg_match("/^[\.A-z0-9_\-]+[@][A-z0-9_\-]+([.][A-z0-9_\-]+)+[A-z]{1,4}$/", $mail))
|
|||
|
{
|
|||
|
$mail_ok = true;
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
$mail_ok = false;
|
|||
|
}
|
|||
|
|
|||
|
if ($name_ok and $mail_ok)
|
|||
|
{
|
|||
|
$access_add = true;
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
$access_add = false;
|
|||
|
|
|||
|
if (!$name_ok) $stop .= $f_lang['err_name'];
|
|||
|
|
|||
|
if (!$mail_ok) $stop .= $f_lang['err_mail'];
|
|||
|
}
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
$access_add = true;
|
|||
|
}
|
|||
|
|
|||
|
$topic_title = $db->safesql($parse->process($_POST['topic_title']));
|
|||
|
$topic_descr = $db->safesql($parse->process($_POST['topic_descr']));
|
|||
|
|
|||
|
$topic_text = $parse->process($_POST['post_text']);
|
|||
|
|
|||
|
$topic_text = $db->safesql($parse->BB_Parse($topic_text, FALSE));
|
|||
|
|
|||
|
$topic_text = auto_wrap ($topic_text);
|
|||
|
|
|||
|
if (strlen($topic_text) > $forum_config['post_maxlen'])
|
|||
|
{
|
|||
|
$post_maxlen = true;
|
|||
|
|
|||
|
$stop .= $f_lang['ajax_stop_4'];
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
$post_maxlen = false;
|
|||
|
}
|
|||
|
|
|||
|
if ($topic_title and $topic_text and $access_add and !$post_maxlen)
|
|||
|
{
|
|||
|
$_IP = $db->safesql($_SERVER['REMOTE_ADDR']);
|
|||
|
|
|||
|
$vote_title = trim($db->safesql($parse->process($_POST['vote_title'])));
|
|||
|
$frage = trim($db->safesql($parse->process($_POST['frage'])));
|
|||
|
$vote_body = $db->safesql($parse->BB_Parse($parse->process($_POST['vote_body']), false));
|
|||
|
$poll_multiple = intval($_POST['poll_multiple']);
|
|||
|
|
|||
|
$_TIME = time()+($config['date_adjust']*60);
|
|||
|
$topic_date = date ("Y-m-d H:i:s", $_TIME);
|
|||
|
|
|||
|
if ($forum_config['meta_topic'])
|
|||
|
{
|
|||
|
$meta = forum_metatags($topic_title . ' ' . $topic_descr . ': ' . $topic_text);
|
|||
|
}
|
|||
|
else{ $meta = ""; }
|
|||
|
|
|||
|
$db->query("INSERT INTO " . PREFIX . "_forum_topics (forum_id, title, topic_descr, author_topic, start_date, last_date, last_poster_name, poll_title, frage, poll_body, multiple, meta_descr, meta_keywords) values ('$forum_id', '$topic_title', '$topic_descr', '$member_id[name]', '$topic_date', '$topic_date', '$member_id[name]', '$vote_title', '$frage', '$vote_body', '$poll_multiple', '$meta[description]', '$meta[keywords]')");
|
|||
|
|
|||
|
$topic_id = $db->insert_id();
|
|||
|
|
|||
|
$db->query("INSERT INTO " . PREFIX . "_forum_posts (topic_id, post_date, post_author, post_text, post_ip, is_register, e_mail, is_count) values ('$topic_id', '$topic_date', '$member_id[name]', '$topic_text', '$_IP', '$is_logged', '$mail', '$postcount')");
|
|||
|
|
|||
|
$new_pid = $db->insert_id();
|
|||
|
|
|||
|
set_first_post_id ($topic_id, $new_pid);
|
|||
|
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_forums SET topics = topics+1, f_last_tid = '$topic_id', f_last_title = '$topic_title', f_last_date ='$topic_date', f_last_poster_name = '$member_id[name]' WHERE id ='$forum_id'");
|
|||
|
|
|||
|
if ($forum_config['set_topic_post'] and $postcount and $is_logged)
|
|||
|
{
|
|||
|
$db->query("UPDATE " . PREFIX . "_users SET forum_post = forum_post+1 WHERE name = '$member_id[name]'");
|
|||
|
}
|
|||
|
|
|||
|
if ($forum_config['set_sub_last_up'] and $is_parentid = $forums_array[$forum_id]['parentid'])
|
|||
|
{
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_forums SET f_last_tid = '$topic_id', f_last_title = '$topic_title', f_last_date = '$topic_date', f_last_poster_name = '$member_id[name]', last_post_id = '$new_pid' WHERE id = '$is_parentid'");
|
|||
|
}
|
|||
|
|
|||
|
if ($subscription and $is_logged)
|
|||
|
{
|
|||
|
$db->query("SELECT * FROM " . PREFIX . "_forum_subscription WHERE topic_id = '$topic_id' and user_id = '{$member_id['user_id']}'");
|
|||
|
|
|||
|
if (!$db->num_rows() and $topic_id)
|
|||
|
{
|
|||
|
$db->query("INSERT INTO " . PREFIX . "_forum_subscription (user_id, topic_id) values ('{$member_id['user_id']}', '$topic_id')");
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
if ($_REQUEST['add_tid'])
|
|||
|
{
|
|||
|
if (stristr ($topic_text, "[attachment="))
|
|||
|
{
|
|||
|
$result = $db->query("SELECT * FROM " . PREFIX . "_forum_files
|
|||
|
WHERE topic_id = '{$_REQUEST['add_tid']}' and file_attach = '0'");
|
|||
|
|
|||
|
while ($att = $db->get_row($result))
|
|||
|
{
|
|||
|
if (stristr($topic_text, "[attachment={$att['file_id']}]") OR stristr($topic_text, "/forum/files/{$att['onserver']}"))
|
|||
|
{
|
|||
|
$update_id[] = $att['file_id'];
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
if ($update_id)
|
|||
|
{
|
|||
|
$update_list = implode(',', $update_id);
|
|||
|
|
|||
|
$db->query("UPDATE " . PREFIX . "_forum_files SET topic_id = '$topic_id', post_id = '$new_pid', file_attach = '1' WHERE file_id IN ({$update_list})");
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
if ($forum_config['topic_email'])
|
|||
|
{
|
|||
|
$topic_link = $config['http_home_url']."?do=forum&showtopic={$topic_id}";
|
|||
|
|
|||
|
include_once SYSTEM_DIR.'/classes/mail.class.php';
|
|||
|
|
|||
|
$mail = new dle_mail ($config);
|
|||
|
|
|||
|
$mail_tpl = $db->super_query("SELECT template FROM " . PREFIX . "_forum_email where name='new_topic' LIMIT 0,1");
|
|||
|
|
|||
|
$mail_tpl['template'] = stripslashes($mail_tpl['template']);
|
|||
|
|
|||
|
$mail_result = str_replace("{%username%}", $member_id[name], $mail_tpl['template']);
|
|||
|
|
|||
|
$mail_result = str_replace("{%date%}", $topic_date, $mail_result);
|
|||
|
|
|||
|
$mail_result = str_replace("{%title%}", $topic_title, $mail_result);
|
|||
|
|
|||
|
$mail_result = str_replace("{%link%}", $topic_link, $mail_result);
|
|||
|
|
|||
|
$mail->send ($config['admin_mail'], "DLE Forum - NEW TOPIC", $mail_result);
|
|||
|
}
|
|||
|
|
|||
|
if ($forum_config['mod_rewrite'])
|
|||
|
{
|
|||
|
$topic_location = $forum_url."/topic_".$topic_id;
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
$topic_location = $forum_url."showtopic=".$topic_id;
|
|||
|
}
|
|||
|
|
|||
|
$cache->clear('forum_show_last');
|
|||
|
|
|||
|
header("Location: $topic_location");
|
|||
|
}
|
|||
|
|
|||
|
else
|
|||
|
{
|
|||
|
forum_msg($f_lang['f_msg'], $f_lang['topic_add_stop'], 'stop', "<br />".$stop);
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
else
|
|||
|
{
|
|||
|
if ($topic_captcha)
|
|||
|
{
|
|||
|
forum_msg($f_lang['all_info'], $f_lang['captcha_stop']);
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
else
|
|||
|
{
|
|||
|
$group_name = $user_group[$member_id['user_group']]['group_name'];
|
|||
|
|
|||
|
forum_msg($f_lang['f_msg'], $f_lang['topic_add_ndeny'], 'user_group', $group_name);
|
|||
|
}
|
|||
|
|
|||
|
if ($forum_config['forum_bar'])
|
|||
|
{
|
|||
|
$bbr_fid = $forum_id;
|
|||
|
$bbr_fname = $forums_array[$forum_id]['name'];
|
|||
|
|
|||
|
$category_id = $forums_array[$forum_id]['main_id'];
|
|||
|
|
|||
|
$bbr_cid = $category_id;
|
|||
|
$bbr_name = $cats_array[$category_id]['cat_name'];
|
|||
|
|
|||
|
$bbr_app = $f_lang['app_newtopic'];
|
|||
|
}
|
|||
|
|
|||
|
?>
|