onokazu
onoka****@users*****
2005年 6月 11日 (土) 11:32:46 JST
Index: xoops2jp/html/modules/newbb/delete.php diff -u xoops2jp/html/modules/newbb/delete.php:1.2 xoops2jp/html/modules/newbb/delete.php:1.3 --- xoops2jp/html/modules/newbb/delete.php:1.2 Fri Mar 18 21:52:25 2005 +++ xoops2jp/html/modules/newbb/delete.php Sat Jun 11 11:32:46 2005 @@ -1,5 +1,5 @@ <?php -// $Id: delete.php,v 1.2 2005/03/18 12:52:25 onokazu Exp $ +// $Id: delete.php,v 1.3 2005/06/11 02:32:46 onokazu Exp $ // ------------------------------------------------------------------------ // // XOOPS - PHP Content Management System // // Copyright (c) 2000 XOOPS.org // @@ -32,51 +32,55 @@ include 'header.php'; $ok = 0; -$forum = isset($HTTP_GET_VARS['forum']) ? intval($HTTP_GET_VARS['forum']) : 0; -$post_id = isset($HTTP_GET_VARS['post_id']) ? intval($HTTP_GET_VARS['post_id']) : 0; -$topic_id = isset($HTTP_GET_VARS['topic_id']) ? intval($HTTP_GET_VARS['topic_id']) : 0; -$order = isset($HTTP_GET_VARS['order']) ? intval($HTTP_GET_VARS['order']) : 0; -$viewmode = (isset($HTTP_GET_VARS['viewmode']) && $HTTP_GET_VARS['viewmode'] != 'flat') ? 'thread' : 'flat'; -extract($HTTP_POST_VARS, EXTR_OVERWRITE); +$forum = isset($_GET['forum']) ? intval($_GET['forum']) : 0; +$post_id = isset($_GET['post_id']) ? intval($_GET['post_id']) : 0; +$topic_id = isset($_GET['topic_id']) ? intval($_GET['topic_id']) : 0; +$order = isset($_GET['order']) ? intval($_GET['order']) : 0; +$viewmode = (isset($_GET['viewmode']) && $_GET['viewmode'] != 'flat') ? 'thread' : 'flat'; +$forum = isset($_POST['forum']) ? intval($_POST['forum']) : 0; +$post_id = isset($_POST['post_id']) ? intval($_POST['post_id']) : 0; +$topic_id = isset($_POST['topic_id']) ? intval($_POST['topic_id']) : 0; +$order = isset($_POST['order']) ? intval($_POST['order']) : 0; +$viewmode = (isset($_POST['viewmode']) && $_POST['viewmode'] != 'flat') ? 'thread' : 'flat'; if ( empty($forum) ) { - redirect_header("index.php", 2, _MD_ERRORFORUM); - exit(); + redirect_header("index.php", 2, _MD_ERRORFORUM); + exit(); } elseif ( empty($post_id) ) { - redirect_header("viewforum.php?forum=$forum", 2, _MD_ERRORPOST); - exit(); + redirect_header("viewforum.php?forum=$forum", 2, _MD_ERRORPOST); + exit(); } if ( $xoopsUser ) { - if ( !$xoopsUser->isAdmin($xoopsModule->mid()) ) { - if ( !is_moderator($forum, $xoopsUser->uid()) ) { - redirect_header("viewtopic.php?topic_id=$topic_id&order=$order&viewmode=$viewmode&pid=$pid&forum=$forum", 2, _MD_DELNOTALLOWED); - exit(); - } - } + if ( !$xoopsUser->isAdmin($xoopsModule->mid()) ) { + if ( !is_moderator($forum, $xoopsUser->uid()) ) { + redirect_header("viewtopic.php?topic_id=$topic_id&order=$order&viewmode=$viewmode&pid=$pid&forum=$forum", 2, _MD_DELNOTALLOWED); + exit(); + } + } } else { - redirect_header("viewtopic.php?topic_id=$topic_id&order=$order&viewmode=$viewmode&pid=$pid&forum=$forum", 2, _MD_DELNOTALLOWED); - exit(); + redirect_header("viewtopic.php?topic_id=$topic_id&order=$order&viewmode=$viewmode&pid=$pid&forum=$forum", 2, _MD_DELNOTALLOWED); + exit(); } include_once 'class/class.forumposts.php'; -if ( !empty($ok) ) { - if ( !empty($post_id) ) { - $post = new ForumPosts($post_id); - $post->delete(); - sync($post->forum(), "forum"); - sync($post->topic(), "topic"); - } - if ( $post->istopic() ) { - redirect_header("viewforum.php?forum=$forum", 2, _MD_POSTSDELETED); - exit(); - } else { - redirect_header("viewtopic.php?topic_id=$topic_id&order=$order&viewmode=$viewmode&pid=$pid&forum=$forum", 2, _MD_POSTSDELETED); - exit(); - } +if ( !empty($_POST['ok']) ) { + if ( !empty($post_id) ) { + $post = new ForumPosts($post_id); + $post->delete(); + sync($post->forum(), "forum"); + sync($post->topic(), "topic"); + } + if ( $post->istopic() ) { + redirect_header("viewforum.php?forum=$forum", 2, _MD_POSTSDELETED); + exit(); + } else { + redirect_header("viewtopic.php?topic_id=$topic_id&order=$order&viewmode=$viewmode&pid=$pid&forum=$forum", 2, _MD_POSTSDELETED); + exit(); + } } else { - include XOOPS_ROOT_PATH."/header.php"; - xoops_confirm(array('post_id' => $post_id, 'viewmode' => $viewmode, 'order' => $order, 'forum' => $forum, 'topic_id' => $topic_id, 'ok' => 1), 'delete.php', _MD_AREUSUREDEL); + include XOOPS_ROOT_PATH."/header.php"; + xoops_confirm(array('post_id' => $post_id, 'viewmode' => $viewmode, 'order' => $order, 'forum' => $forum, 'topic_id' => $topic_id, 'ok' => 1), 'delete.php', _MD_AREUSUREDEL); } include XOOPS_ROOT_PATH.'/footer.php'; ?> \ No newline at end of file Index: xoops2jp/html/modules/newbb/index.php diff -u xoops2jp/html/modules/newbb/index.php:1.2 xoops2jp/html/modules/newbb/index.php:1.3 --- xoops2jp/html/modules/newbb/index.php:1.2 Fri Mar 18 21:52:25 2005 +++ xoops2jp/html/modules/newbb/index.php Sat Jun 11 11:32:46 2005 @@ -1,5 +1,5 @@ <?php -// $Id: index.php,v 1.2 2005/03/18 12:52:25 onokazu Exp $ +// $Id: index.php,v 1.3 2005/06/11 02:32:46 onokazu Exp $ // ------------------------------------------------------------------------ // // XOOPS - PHP Content Management System // // Copyright (c) 2000 XOOPS.org // @@ -39,104 +39,104 @@ $sql = 'SELECT c.* FROM '.$xoopsDB->prefix('bb_categories').' c, '.$xoopsDB->prefix("bb_forums").' f WHERE f.cat_id=c.cat_id GROUP BY c.cat_id, c.cat_title, c.cat_order ORDER BY c.cat_order'; if ( !$result = $xoopsDB->query($sql) ) { - redirect_header(XOOPS_URL.'/',1,_MD_ERROROCCURED); - exit(); + redirect_header(XOOPS_URL.'/',1,_MD_ERROROCCURED); + exit(); } -$xoopsTpl->assign(array("lang_welcomemsg" => sprintf(_MD_WELCOME,$xoopsConfig['sitename']), "lang_tostart" => _MD_TOSTART, "lang_totaltopics" => _MD_TOTALTOPICSC, "lang_totalposts" => _MD_TOTALPOSTSC, "total_topics" => get_total_topics(), "total_posts" => get_total_posts(0, 'all'), "lang_lastvisit" => sprintf(_MD_LASTVISIT,formatTimestamp($last_visit)), "lang_currenttime" => sprintf(_MD_TIMENOW,formatTimestamp(time(),"m")), "lang_forum" => _MD_FORUM, "lang_topics" => _MD_TOPICS, "lang_posts" => _MD_POSTS, "lang_lastpost" => _MD_LASTPOST, "lang_moderators" => _MD_MODERATOR)); +$xoopsTpl->assign(array("lang_welcomemsg" => sprintf(_MD_WELCOME,htmlspecialchars($xoopsConfig['sitename'], ENT_QUOTES)), "lang_tostart" => _MD_TOSTART, "lang_totaltopics" => _MD_TOTALTOPICSC, "lang_totalposts" => _MD_TOTALPOSTSC, "total_topics" => get_total_topics(), "total_posts" => get_total_posts(0, 'all'), "lang_lastvisit" => sprintf(_MD_LASTVISIT,formatTimestamp($last_visit)), "lang_currenttime" => sprintf(_MD_TIMENOW,formatTimestamp(time(),"m")), "lang_forum" => _MD_FORUM, "lang_topics" => _MD_TOPICS, "lang_posts" => _MD_POSTS, "lang_lastpost" => _MD_LASTPOST, "lang_moderators" => _MD_MODERATOR)); $viewcat = (!empty($HTTP_GET_VARS['cat'])) ? intval($HTTP_GET_VARS['cat']) : 0; $categories = array(); while ( $cat_row = $xoopsDB->fetchArray($result) ) { - $categories[] = $cat_row; + $categories[] = $cat_row; } $sql = 'SELECT f.*, u.uname, u.uid, p.topic_id, p.post_time, p.subject, p.icon FROM '.$xoopsDB->prefix('bb_forums').' f LEFT JOIN '.$xoopsDB->prefix('bb_posts').' p ON p.post_id = f.forum_last_post_id LEFT JOIN '.$xoopsDB->prefix('users').' u ON u.uid = p.uid'; if ( $viewcat != 0 ) { - $sql .= ' WHERE f.cat_id = '.$viewcat; - $xoopsTpl->assign('forum_index_title', sprintf(_MD_FORUMINDEX,$xoopsConfig['sitename'])); + $sql .= ' WHERE f.cat_id = '.$viewcat; + $xoopsTpl->assign('forum_index_title', sprintf(_MD_FORUMINDEX,htmlspecialchars($xoopsConfig['sitename'], ENT_QUOTES))); } else { - $xoopsTpl->assign('forum_index_title', ''); + $xoopsTpl->assign('forum_index_title', ''); } $sql .= ' ORDER BY f.cat_id, f.forum_id'; if ( !$result = $xoopsDB->query($sql) ) { - exit("Error"); + exit("Error"); } $forums = array(); // RMV-FIX while ( $forum_data = $xoopsDB->fetchArray($result) ) { - $forums[] = $forum_data; + $forums[] = $forum_data; } $cat_count = count($categories); if ($cat_count > 0) { - for ( $i = 0; $i < $cat_count; $i++ ) { - $categories[$i]['cat_title'] = $myts->makeTboxData4Show($categories[$i]['cat_title']); - if ( $viewcat != 0 && $categories[$i]['cat_id'] != $viewcat ) { - $xoopsTpl->append("categories", $categories[$i]); - continue; - } - $topic_lastread = newbb_get_topics_viewed(); - foreach ( $forums as $forum_row ) { - unset($last_post); - if ( $forum_row['cat_id'] == $categories[$i]['cat_id'] ) { - if ($forum_row['post_time']) { - //$forum_row['subject'] = $myts->makeTboxData4Show($forum_row['subject']); - $categories[$i]['forums']['forum_lastpost_time'][] = formatTimestamp($forum_row['post_time']); - $last_post_icon = '<a href="'.XOOPS_URL.'/modules/newbb/viewtopic.php?post_id='.$forum_row['forum_last_post_id'].'&topic_id='.$forum_row['topic_id'].'&forum='.$forum_row['forum_id'].'#forumpost'.$forum_row['forum_last_post_id'].'">'; - if ( $forum_row['icon'] ) { - $last_post_icon .= '<img src="'.XOOPS_URL.'/images/subject/'.$forum_row['icon'].'" border="0" alt="" />'; - } else { - $last_post_icon .= '<img src="'.XOOPS_URL.'/images/subject/icon1.gif" width="15" height="15" border="0" alt="" />'; - } - $last_post_icon .= '</a>'; - $categories[$i]['forums']['forum_lastpost_icon'][] = $last_post_icon; - if ( $forum_row['uid'] != 0 && $forum_row['uname'] ){ - $categories[$i]['forums']['forum_lastpost_user'][] = '<a href="'.XOOPS_URL.'/userinfo.php?uid='.$forum_row['uid'].'">' . $myts->makeTboxData4Show($forum_row['uname']).'</a>'; - } else { - $categories[$i]['forums']['forum_lastpost_user'][] = $xoopsConfig['anonymous']; - } - $forum_lastread = !empty($topic_lastread[$forum_row['topic_id']]) ? $topic_lastread[$forum_row['topic_id']] : false; - if ( $forum_row['forum_type'] == 1 ) { - $categories[$i]['forums']['forum_folder'][] = $bbImage['locked_forum']; - } elseif ( $forum_row['post_time'] > $forum_lastread && !empty($forum_row['topic_id'])) { - $categories[$i]['forums']['forum_folder'][] = $bbImage['newposts_forum']; - } else { - $categories[$i]['forums']['forum_folder'][] = $bbImage['folder_forum']; - } - } else { - // no forums, so put empty values - $categories[$i]['forums']['forum_lastpost_time'][] = ""; - $categories[$i]['forums']['forum_lastpost_icon'][] = ""; - $categories[$i]['forums']['forum_lastpost_user'][] = ""; - if ( $forum_row['forum_type'] == 1 ) { - $categories[$i]['forums']['forum_folder'][] = $bbImage['locked_forum']; - } else { - $categories[$i]['forums']['forum_folder'][] = $bbImage['folder_forum']; - } - } - $categories[$i]['forums']['forum_id'][] = $forum_row['forum_id']; - $categories[$i]['forums']['forum_name'][] = $myts->makeTboxData4Show($forum_row['forum_name']); - $categories[$i]['forums']['forum_desc'][] = $myts->makeTareaData4Show($forum_row['forum_desc']); - $categories[$i]['forums']['forum_topics'][] = $forum_row['forum_topics']; - $categories[$i]['forums']['forum_posts'][] = $forum_row['forum_posts']; - $all_moderators = get_moderators($forum_row['forum_id']); - $count = 0; - $forum_moderators = ''; - foreach ( $all_moderators as $mods) { - foreach ( $mods as $mod_id => $mod_name) { - if ( $count > 0 ) { - $forum_moderators .= ', '; - } - $forum_moderators .= '<a href="'.XOOPS_URL.'/userinfo.php?uid='.$mod_id.'">'.$myts->makeTboxData4Show($mod_name).'</a>'; - $count = 1; - } - } - $categories[$i]['forums']['forum_moderators'][] = $forum_moderators; - } - } - $xoopsTpl->append("categories", $categories[$i]); - } + for ( $i = 0; $i < $cat_count; $i++ ) { + $categories[$i]['cat_title'] = $myts->makeTboxData4Show($categories[$i]['cat_title']); + if ( $viewcat != 0 && $categories[$i]['cat_id'] != $viewcat ) { + $xoopsTpl->append("categories", $categories[$i]); + continue; + } + $topic_lastread = newbb_get_topics_viewed(); + foreach ( $forums as $forum_row ) { + unset($last_post); + if ( $forum_row['cat_id'] == $categories[$i]['cat_id'] ) { + if ($forum_row['post_time']) { + //$forum_row['subject'] = $myts->makeTboxData4Show($forum_row['subject']); + $categories[$i]['forums']['forum_lastpost_time'][] = formatTimestamp($forum_row['post_time']); + $last_post_icon = '<a href="'.XOOPS_URL.'/modules/newbb/viewtopic.php?post_id='.$forum_row['forum_last_post_id'].'&topic_id='.$forum_row['topic_id'].'&forum='.$forum_row['forum_id'].'#forumpost'.$forum_row['forum_last_post_id'].'">'; + if ( $forum_row['icon'] ) { + $last_post_icon .= '<img src="'.XOOPS_URL.'/images/subject/'.$forum_row['icon'].'" border="0" alt="" />'; + } else { + $last_post_icon .= '<img src="'.XOOPS_URL.'/images/subject/icon1.gif" width="15" height="15" border="0" alt="" />'; + } + $last_post_icon .= '</a>'; + $categories[$i]['forums']['forum_lastpost_icon'][] = $last_post_icon; + if ( $forum_row['uid'] != 0 && $forum_row['uname'] ){ + $categories[$i]['forums']['forum_lastpost_user'][] = '<a href="'.XOOPS_URL.'/userinfo.php?uid='.$forum_row['uid'].'">' . $myts->makeTboxData4Show($forum_row['uname']).'</a>'; + } else { + $categories[$i]['forums']['forum_lastpost_user'][] = $xoopsConfig['anonymous']; + } + $forum_lastread = !empty($topic_lastread[$forum_row['topic_id']]) ? $topic_lastread[$forum_row['topic_id']] : false; + if ( $forum_row['forum_type'] == 1 ) { + $categories[$i]['forums']['forum_folder'][] = $bbImage['locked_forum']; + } elseif ( $forum_row['post_time'] > $forum_lastread && !empty($forum_row['topic_id'])) { + $categories[$i]['forums']['forum_folder'][] = $bbImage['newposts_forum']; + } else { + $categories[$i]['forums']['forum_folder'][] = $bbImage['folder_forum']; + } + } else { + // no forums, so put empty values + $categories[$i]['forums']['forum_lastpost_time'][] = ""; + $categories[$i]['forums']['forum_lastpost_icon'][] = ""; + $categories[$i]['forums']['forum_lastpost_user'][] = ""; + if ( $forum_row['forum_type'] == 1 ) { + $categories[$i]['forums']['forum_folder'][] = $bbImage['locked_forum']; + } else { + $categories[$i]['forums']['forum_folder'][] = $bbImage['folder_forum']; + } + } + $categories[$i]['forums']['forum_id'][] = $forum_row['forum_id']; + $categories[$i]['forums']['forum_name'][] = $myts->makeTboxData4Show($forum_row['forum_name']); + $categories[$i]['forums']['forum_desc'][] = $myts->makeTareaData4Show($forum_row['forum_desc']); + $categories[$i]['forums']['forum_topics'][] = $forum_row['forum_topics']; + $categories[$i]['forums']['forum_posts'][] = $forum_row['forum_posts']; + $all_moderators = get_moderators($forum_row['forum_id']); + $count = 0; + $forum_moderators = ''; + foreach ( $all_moderators as $mods) { + foreach ( $mods as $mod_id => $mod_name) { + if ( $count > 0 ) { + $forum_moderators .= ', '; + } + $forum_moderators .= '<a href="'.XOOPS_URL.'/userinfo.php?uid='.$mod_id.'">'.$myts->makeTboxData4Show($mod_name).'</a>'; + $count = 1; + } + } + $categories[$i]['forums']['forum_moderators'][] = $forum_moderators; + } + } + $xoopsTpl->append("categories", $categories[$i]); + } } else { - $xoopsTpl->append("categories", array()); + $xoopsTpl->append("categories", array()); } $xoopsTpl->assign(array("img_hotfolder" => $bbImage['newposts_forum'], "img_folder" => $bbImage['folder_forum'], "img_locked" => $bbImage['locked_forum'], "lang_newposts" => _MD_NEWPOSTS, "lang_private" => _MD_PRIVATEFORUM, "lang_nonewposts" => _MD_NONEWPOSTS, "lang_search" => _MD_SEARCH, "lang_advsearch" => _MD_ADVSEARCH)); include_once XOOPS_ROOT_PATH.'/footer.php'; Index: xoops2jp/html/modules/newbb/post.php diff -u xoops2jp/html/modules/newbb/post.php:1.2 xoops2jp/html/modules/newbb/post.php:1.3 --- xoops2jp/html/modules/newbb/post.php:1.2 Fri Mar 18 21:52:25 2005 +++ xoops2jp/html/modules/newbb/post.php Sat Jun 11 11:32:46 2005 @@ -1,5 +1,5 @@ <?php -// $Id: post.php,v 1.2 2005/03/18 12:52:25 onokazu Exp $ +// $Id: post.php,v 1.3 2005/06/11 02:32:46 onokazu Exp $ // ------------------------------------------------------------------------ // // XOOPS - PHP Content Management System // // Copyright (c) 2000 XOOPS.org // @@ -31,205 +31,196 @@ include 'header.php'; foreach (array('forum', 'topic_id', 'post_id', 'order', 'pid') as $getint) { - ${$getint} = isset($HTTP_POST_VARS[$getint]) ? intval($HTTP_POST_VARS[$getint]) : 0; + ${$getint} = isset($HTTP_POST_VARS[$getint]) ? intval($HTTP_POST_VARS[$getint]) : 0; } $viewmode = (isset($HTTP_POST_VARS['viewmode']) && $HTTP_POST_VARS['viewmode'] != 'flat') ? 'thread' : 'flat'; if ( empty($forum) ) { - redirect_header("index.php", 2, _MD_ERRORFORUM); - exit(); + redirect_header("index.php", 2, _MD_ERRORFORUM); + exit(); } else { - $sql = "SELECT forum_type, forum_name, forum_access, allow_html, allow_sig, posts_per_page, hot_threshold, topics_per_page FROM ".$xoopsDB->prefix("bb_forums")." WHERE forum_id = ".$forum; - if ( !$result = $xoopsDB->query($sql) ) { - redirect_header('index.php',2,_MD_ERROROCCURED); - exit(); - } - $forumdata = $xoopsDB->fetchArray($result); - - if ( $forumdata['forum_type'] == 1 ) { - // To get here, we have a logged-in user. So, check whether that user is allowed to view - // this private forum. - $accesserror = 0; - if ( $xoopsUser ) { - if ( !$xoopsUser->isAdmin($xoopsModule->mid()) ) { - if ( !check_priv_forum_auth($xoopsUser->uid(), $HTTP_POST_VARS['forum'], true) ) { - $accesserror = 1; - } - } - } else { - $accesserror = 1; - } - - if ( $accesserror == 1 ) { - redirect_header("viewforum.php?order=".$order."&viewmode=".$viewmode."&forum=".$forum,2,_MD_NORIGHTTOPOST); - exit(); - } - } else { - $accesserror = 0; - if ( $forumdata['forum_access'] == 3 ) { - if ( $xoopsUser ) { - if ( !$xoopsUser->isAdmin($xoopsModule->mid()) ) { - if ( !is_moderator($forum, $xoopsUser->uid()) ) { - $accesserror = 1; - } - } - } else { - $accesserror = 1; - } - } elseif ( $forumdata['forum_access'] == 1 && !$xoopsUser ) { - $accesserror = 1; - } - if ( $accesserror == 1 ) { - redirect_header("viewforum.php?order=".$order."&viewmode=".$viewmode."&forum=".$forum,2,_MD_NORIGHTTOPOST); - exit(); - } + if (!XoopsMultiTokenHandler::quickValidate('newbb_post')) { + redirect_header('index.php', 2, _MD_ERROROCCURED); + exit(); } - if ( !empty($HTTP_POST_VARS['contents_preview']) ) { - include XOOPS_ROOT_PATH."/header.php"; - echo"<table width='100%' border='0' cellspacing='1' class='outer'><tr><td>"; - $myts =& MyTextSanitizer::getInstance(); - $p_subject = $myts->makeTboxData4Preview($HTTP_POST_VARS['subject']); - $nosmiley = !empty($HTTP_POST_VARS['nosmiley']) ? 1 : 0; - // 2004/12/15 contribution by minahito - // prevent hacking of nohtml value - $nohtml = !empty($HTTP_POST_VARS['nohtml']) ? $forumdata['allow_html'] : 0; - if ( $nosmiley && $nohtml ) { - $p_message = $myts->makeTareaData4Preview($HTTP_POST_VARS['message'],0,0,1); - } elseif ( $nohtml ) { - $p_message = $myts->makeTareaData4Preview($HTTP_POST_VARS['message'],0,1,1); - } elseif ( $nosmiley ) { - $p_message = $myts->makeTareaData4Preview($HTTP_POST_VARS['message'],1,0,1); - } else { - $p_message = $myts->makeTareaData4Preview($HTTP_POST_VARS['message'],1,1,1); - } - themecenterposts($p_subject,$p_message); - echo "<br />"; - $subject = $myts->makeTboxData4PreviewInForm($HTTP_POST_VARS['subject']); - $message = $myts->makeTareaData4PreviewInForm($HTTP_POST_VARS['message']); - $hidden = $myts->makeTboxData4PreviewInForm($HTTP_POST_VARS['hidden']); + $sql = "SELECT forum_type, forum_name, forum_access, allow_html, allow_sig, posts_per_page, hot_threshold, topics_per_page FROM ".$xoopsDB->prefix("bb_forums")." WHERE forum_id = ".$forum; + if ( !$result = $xoopsDB->query($sql) ) { + redirect_header('index.php',2,_MD_ERROROCCURED); + exit(); + } + $forumdata = $xoopsDB->fetchArray($result); + if (empty($forumdata['allow_html'])) { + $HTTP_POST_VARS['nohtml'] = 1; + } + if ( $forumdata['forum_type'] == 1 ) { + // To get here, we have a logged-in user. So, check whether that user is allowed to view + // this private forum. + $accesserror = 0; + if ( $xoopsUser ) { + if ( !$xoopsUser->isAdmin($xoopsModule->mid()) ) { + if ( !check_priv_forum_auth($xoopsUser->uid(), $HTTP_POST_VARS['forum'], true) ) { + $accesserror = 1; + } + } + } else { + $accesserror = 1; + } + + if ( $accesserror == 1 ) { + redirect_header("viewforum.php?order=".$order."&viewmode=".$viewmode."&forum=".$forum,2,_MD_NORIGHTTOPOST); + exit(); + } + } else { + $accesserror = 0; + if ( $forumdata['forum_access'] == 3 ) { + if ( $xoopsUser ) { + if ( !$xoopsUser->isAdmin($xoopsModule->mid()) ) { + if ( !is_moderator($forum, $xoopsUser->uid()) ) { + $accesserror = 1; + } + } + } else { + $accesserror = 1; + } + } elseif ( $forumdata['forum_access'] == 1 && !$xoopsUser ) { + $accesserror = 1; + } + if ( $accesserror == 1 ) { + redirect_header("viewforum.php?order=".$order."&viewmode=".$viewmode."&forum=".$forum,2,_MD_NORIGHTTOPOST); + exit(); + } + } + if ( !empty($HTTP_POST_VARS['contents_preview']) ) { + include XOOPS_ROOT_PATH."/header.php"; + echo"<table width='100%' border='0' cellspacing='1' class='outer'><tr><td>"; + $myts =& MyTextSanitizer::getInstance(); + $p_subject = $myts->makeTboxData4Preview($HTTP_POST_VARS['subject']); + $dosmiley = empty($HTTP_POST_VARS['nosmiley']) ? 1 : 0; + $dohtml = empty($HTTP_POST_VARS['nohtml']) ? 1 : 0; + $p_message = $myts->makeTareaData4Preview($HTTP_POST_VARS['message'], $dohtml, $dosmiley, 1); + + themecenterposts($p_subject,$p_message); + echo "<br />"; + $subject = $myts->makeTboxData4PreviewInForm($HTTP_POST_VARS['subject']); + $message = $myts->makeTareaData4PreviewInForm($HTTP_POST_VARS['message']); + $hidden = $myts->makeTboxData4PreviewInForm($HTTP_POST_VARS['hidden']); $notify = !empty($HTTP_POST_VARS['notify']) ? 1 : 0; - $attachsig = !empty($HTTP_POST_VARS['attachsig']) ? 1 : 0; - include 'include/forumform.inc.php'; - echo"</td></tr></table>"; - } else { - include_once 'class/class.forumposts.php'; - if ( !empty($post_id) ) { - $editerror = 0; - $forumpost = new ForumPosts($post_id); - if ( $xoopsUser ) { - if ( !$xoopsUser->isAdmin($xoopsModule->mid()) ) { - if ($forumpost->islocked() || ($forumpost->uid() != $xoopsUser->getVar("uid") && !is_moderator($forum, $xoopsUser->getVar("uid")))) { - $editerror = 1; - } - } - } else { - $editerror = 1; - } - if ( $editerror == 1 ) { - redirect_header("viewtopic.php?topic_id=".$topic_id."&post_id=".$post_id."&order=".$order."&viewmode=".$viewmode."&pid=".$pid."&forum=".$forum,2,_MD_EDITNOTALLOWED); - exit(); - } - $editor = $xoopsUser->getVar("uname"); - $on_date .= _MD_ON." ".formatTimestamp(time()); - //$message .= "\n\n<small>[ "._MD_EDITEDBY." ".$editor." ".$on_date." ]</small>"; - } else { - $isreply = 0; - $isnew = 1; - if ( $xoopsUser && empty($HTTP_POST_VARS['noname']) ) { - $uid = $xoopsUser->getVar("uid"); - } else { - if ( $forumdata['forum_access'] == 2 ) { - $uid = 0; - } else { - if ( !empty($topic_id) ) { - redirect_header("viewtopic.php?topic_id=".$topic_id."&order=".$order."&viewmode=".$viewmode."&pid=".$pid."&forum=".$forum,2,_MD_ANONNOTALLOWED); - } else { - redirect_header("viewforum.php?forum=".$forum,2,_MD_ANONNOTALLOWED); - } - exit(); - } - } - $forumpost = new ForumPosts(); - $forumpost->setForum($forum); - if (isset($pid) && $pid != "") { - $forumpost->setParent($pid); - } - if (!empty($topic_id)) { - $forumpost->setTopicId($topic_id); - $isreply = 1; - } - $forumpost->setIp($HTTP_SERVER_VARS['REMOTE_ADDR']); - $forumpost->setUid($uid); - } - $subject = xoops_trim($HTTP_POST_VARS['subject']); - $subject = ($subject == '') ? _NOTITLE : $subject; - $forumpost->setSubject($subject); - $forumpost->setText($HTTP_POST_VARS['message']); - // 2004/12/15 contribution by minahito - // prevent hacking of nohtml value - if (!empty($HTTP_POST_VARS['nohtml']) && $forumdata['allow_html']) { - $forumpost->setNohtml(0); - } else { - $forumpost->setNohtml(1); - } - $forumpost->setNosmiley($HTTP_POST_VARS['nosmiley']); - $forumpost->setIcon($HTTP_POST_VARS['icon']); - $forumpost->setAttachsig($HTTP_POST_VARS['attachsig']); - if (!$postid = $forumpost->store()) { - include_once(XOOPS_ROOT_PATH.'/header.php'); - xoops_error('Could not insert forum post'); - include_once(XOOPS_ROOT_PATH.'/footer.php'); - exit(); - } - if (is_object($xoopsUser) && !empty($isnew)) { - $xoopsUser->incrementPost(); - } - // RMV-NOTIFY - // Define tags for notification message - $tags = array(); - $tags['THREAD_NAME'] = $HTTP_POST_VARS['subject']; - $tags['THREAD_URL'] = XOOPS_URL . '/modules/' . $xoopsModule->dirname() . '/viewtopic.php?forum=' . $forum . '&post_id='.$postid.'&topic_id=' . $forumpost->topic(); - $tags['POST_URL'] = $tags['THREAD_URL'] . '#forumpost' . $postid; - include_once 'include/notification.inc.php'; - $forum_info = newbb_notify_iteminfo ('forum', $forum); - $tags['FORUM_NAME'] = $forum_info['name']; - $tags['FORUM_URL'] = $forum_info['url']; - $notification_handler =& xoops_gethandler('notification'); - if (!empty($isnew)) { - if (empty($isreply)) { - // Notify of new thread - $notification_handler->triggerEvent('forum', $forum, 'new_thread', $tags); - } else { - // Notify of new post - $notification_handler->triggerEvent('thread', $topic_id, 'new_post', $tags); - } - $notification_handler->triggerEvent('global', 0, 'new_post', $tags); - $notification_handler->triggerEvent('forum', $forum, 'new_post', $tags); - $myts =& MyTextSanitizer::getInstance(); - $tags['POST_CONTENT'] = $myts->stripSlashesGPC($HTTP_POST_VARS['message']); - $tags['POST_NAME'] = $myts->stripSlashesGPC($HTTP_POST_VARS['subject']); - $notification_handler->triggerEvent('global', 0, 'new_fullpost', $tags); - } - - // If user checked notification box, subscribe them to the - // appropriate event; if unchecked, then unsubscribe - - if (!empty($xoopsUser) && !empty($xoopsModuleConfig['notification_enabled'])) { - if (!empty($HTTP_POST_VARS['notify'])) { - $notification_handler->subscribe('thread', $forumpost->getTopicId(), 'new_post'); - } else { - $notification_handler->unsubscribe('thread', $forumpost->getTopicId(), 'new_post'); - } - } - - if ( $HTTP_POST_VARS['viewmode'] == "flat" ) { - redirect_header("viewtopic.php?topic_id=".$forumpost->topic()."&post_id=".$postid."&order=".$order."&viewmode=flat&pid=".$pid."&forum=".$forum."#forumpost".$postid."",2,_MD_THANKSSUBMIT); - exit(); - } else { - $post_id = $forumpost->postid(); - redirect_header("viewtopic.php?topic_id=".$forumpost->topic()."&post_id=".$postid."&order=".$order."&viewmode=thread&pid=".$pid."&forum=".$forum."#forumpost".$postid."",2,_MD_THANKSSUBMIT); - exit(); - } - } - include XOOPS_ROOT_PATH.'/footer.php'; + $attachsig = !empty($HTTP_POST_VARS['attachsig']) ? 1 : 0; + include 'include/forumform.inc.php'; + echo"</td></tr></table>"; + } else { + include_once 'class/class.forumposts.php'; + if ( !empty($post_id) ) { + $editerror = 0; + $forumpost = new ForumPosts($post_id); + if ( $xoopsUser ) { + if ( !$xoopsUser->isAdmin($xoopsModule->mid()) ) { + if ($forumpost->islocked() || ($forumpost->uid() != $xoopsUser->getVar("uid") && !is_moderator($forum, $xoopsUser->getVar("uid")))) { + $editerror = 1; + } + } + } else { + $editerror = 1; + } + if ( $editerror == 1 ) { + redirect_header("viewtopic.php?topic_id=".$topic_id."&post_id=".$post_id."&order=".$order."&viewmode=".$viewmode."&pid=".$pid."&forum=".$forum,2,_MD_EDITNOTALLOWED); + exit(); + } + $editor = $xoopsUser->getVar("uname"); + $on_date .= _MD_ON." ".formatTimestamp(time()); + //$message .= "\n\n<small>[ "._MD_EDITEDBY." ".$editor." ".$on_date." ]</small>"; + } else { + $isreply = 0; + $isnew = 1; + if ( $xoopsUser && empty($HTTP_POST_VARS['noname']) ) { + $uid = $xoopsUser->getVar("uid"); + } else { + if ( $forumdata['forum_access'] == 2 ) { + $uid = 0; + } else { + if ( !empty($topic_id) ) { + redirect_header("viewtopic.php?topic_id=".$topic_id."&order=".$order."&viewmode=".$viewmode."&pid=".$pid."&forum=".$forum,2,_MD_ANONNOTALLOWED); + } else { + redirect_header("viewforum.php?forum=".$forum,2,_MD_ANONNOTALLOWED); + } + exit(); + } + } + $forumpost = new ForumPosts(); + $forumpost->setForum($forum); + if (isset($pid) && $pid != "") { + $forumpost->setParent($pid); + } + if (!empty($topic_id)) { + $forumpost->setTopicId($topic_id); + $isreply = 1; + } + $forumpost->setIp($HTTP_SERVER_VARS['REMOTE_ADDR']); + $forumpost->setUid($uid); + } + $subject = xoops_trim($HTTP_POST_VARS['subject']); + $subject = ($subject == '') ? _NOTITLE : $subject; + $forumpost->setSubject($subject); + $forumpost->setText($HTTP_POST_VARS['message']); + $forumpost->setNohtml($HTTP_POST_VARS['nohtml']); + $forumpost->setNosmiley($HTTP_POST_VARS['nosmiley']); + $forumpost->setIcon($HTTP_POST_VARS['icon']); + $forumpost->setAttachsig($HTTP_POST_VARS['attachsig']); + if (!$postid = $forumpost->store()) { + include_once(XOOPS_ROOT_PATH.'/header.php'); + xoops_error('Could not insert forum post'); + include_once(XOOPS_ROOT_PATH.'/footer.php'); + exit(); + } + if (is_object($xoopsUser) && !empty($isnew)) { + $xoopsUser->incrementPost(); + } + // RMV-NOTIFY + // Define tags for notification message + $tags = array(); + $tags['THREAD_NAME'] = $HTTP_POST_VARS['subject']; + $tags['THREAD_URL'] = XOOPS_URL . '/modules/' . $xoopsModule->dirname() . '/viewtopic.php?forum=' . $forum . '&post_id='.$postid.'&topic_id=' . $forumpost->topic(); + $tags['POST_URL'] = $tags['THREAD_URL'] . '#forumpost' . $postid; + include_once 'include/notification.inc.php'; + $forum_info = newbb_notify_iteminfo ('forum', $forum); + $tags['FORUM_NAME'] = $forum_info['name']; + $tags['FORUM_URL'] = $forum_info['url']; + $notification_handler =& xoops_gethandler('notification'); + if (!empty($isnew)) { + if (empty($isreply)) { + // Notify of new thread + $notification_handler->triggerEvent('forum', $forum, 'new_thread', $tags); + } else { + // Notify of new post + $notification_handler->triggerEvent('thread', $topic_id, 'new_post', $tags); + } + $notification_handler->triggerEvent('global', 0, 'new_post', $tags); + $notification_handler->triggerEvent('forum', $forum, 'new_post', $tags); + $myts =& MyTextSanitizer::getInstance(); + $tags['POST_CONTENT'] = $myts->stripSlashesGPC($HTTP_POST_VARS['message']); + $tags['POST_NAME'] = $myts->stripSlashesGPC($HTTP_POST_VARS['subject']); + $notification_handler->triggerEvent('global', 0, 'new_fullpost', $tags); + } + + // If user checked notification box, subscribe them to the + // appropriate event; if unchecked, then unsubscribe + + if (!empty($xoopsUser) && !empty($xoopsModuleConfig['notification_enabled'])) { + if (!empty($HTTP_POST_VARS['notify'])) { + $notification_handler->subscribe('thread', $forumpost->getTopicId(), 'new_post'); + } else { + $notification_handler->unsubscribe('thread', $forumpost->getTopicId(), 'new_post'); + } + } + + if ( $HTTP_POST_VARS['viewmode'] == "flat" ) { + redirect_header("viewtopic.php?topic_id=".$forumpost->topic()."&post_id=".$postid."&order=".$order."&viewmode=flat&pid=".$pid."&forum=".$forum."#forumpost".$postid."",2,_MD_THANKSSUBMIT); + exit(); + } else { + $post_id = $forumpost->postid(); + redirect_header("viewtopic.php?topic_id=".$forumpost->topic()."&post_id=".$postid."&order=".$order."&viewmode=thread&pid=".$pid."&forum=".$forum."#forumpost".$postid."",2,_MD_THANKSSUBMIT); + exit(); + } + } + include XOOPS_ROOT_PATH.'/footer.php'; } ?>