vb.org Archive - View Single Post

Bro_Joey_Gowdy · #**353** 07-09-2002, 12:00 PM

here is my newreply.php

[quote]
<?php
error_reporting(7);

$templatesused = "quotereply,newpost_postpreview,email_notify,email subject_notify,redirect_postthanks,email_moderator ,emailsubject_moderator,threadreview,threadreviewb it,newpost_attachment,newpost_disablesmiliesoption ,forumrules,newreply,posticons,posticonbit";
$templatesused.=",vbcode_smilies,vbcode_smiliebit, vbcode_smilies_getmore,vbcode_buttons,vbcode_sizeb its,vbcode_fontbits,vbcode_colorbits";

require("./global.php");

// get decent textarea size for user's browser
$textareacols = gettextareawidth();

$action = trim($action);
if (!isset($action) or $action=="") {
$action="newreply";
}

unset ($postpreview);
unset ($parseurlchecked);
unset ($emailchecked);
unset ($disablesmilieschecked);
unset ($signaturechecked);
unset ($previewchecked);
$rate = array();

// check for valid thread or post

if (isset($postid)) {
$postid=verifyid("post",$postid,0);
if ($postid!=0) {
$postinfo=getpostinfo($postid);
$threadid=$postinfo[threadid];
if ($postinfo[userid]==0) {
$originalposter=$postinfo[username];
} else {
$getusername=$DB_site->query_first("SELECT username FROM user WHERE userid='$postinfo[userid]'");
$originalposter=$getusername[username];
}
if ($postinfo[title]!="") {
$title="Re: ".unhtmlspecialchars($postinfo[title]);
}
$postdate=vbdate($dateformat,$postinfo[dateline]);
$posttime=vbdate($timeformat,$postinfo[dateline]);
$pagetext=$postinfo[pagetext];
$pagetext = preg_replace("/(\

Quote:

)(.*)(\[\/quote])/siU", "", $pagetext);
eval("\$message = \"".gettemplate("quotereply",1,0)."\";");
}
}

$threadid=verifyid("thread",$threadid);

$threadinfo=getthreadinfo($threadid);

if (!$threadinfo[visible]) {
$idname="thread";
eval("standarderror(\"".gettemplate("error_invalid id")."\");");
}
if (!$threadinfo[open]) {
if (!ismoderator($threadinfo[forumid],"canopenclose")) {
eval("standardredirect(\"".gettemplate("redirect_t hreadclosed")."\",\"showthread.php?s=$session[sessionhash]&threadid=$threadid\");");
exit;
}
}

$permissions=getpermissions($threadinfo[forumid]);
if (($bbuserinfo['userid']!=$threadinfo['postuserid'] or $bbuserinfo['userid']==0) and (!$permissions['canviewothers'] or !$permissions['canreplyothers'])) {
show_nopermission();
}
if (!$permissions['canview'] or (!$permissions['canreplyown'] and $bbuserinfo['userid']==$threadinfo['postuserid'])) {
show_nopermission();
}

updateuserforum($threadinfo['forumid']);

// ############################### start post reply ###############################
if ($HTTP_POST_VARS['action']=="postreply") {

// check for subject and message
$message=trim($message);
if ($message=="") {
eval("standarderror(\"".gettemplate("error_nosubje ct")."\");");
exit;
}

// decode check boxes
$parseurl=iif(trim($parseurl)=="yes",1,0);
$email=iif(trim($email)=="yes",1,0);
$allowsmilie=iif(trim($disablesmilies)=="yes",0,1) ;
$signature=iif(trim($signature)=="yes",1,0);
$preview=iif(trim($preview)!="",1,0);

if ($wordwrap!=0) {
$threadinfo[title]=dowordwrap($threadinfo[title]);
}

$foruminfo=getforuminfo($threadinfo[forumid]);
$forumid=$foruminfo['forumid'];

if ($foruminfo['allowposting']==0) {
eval("standarderror(\"".gettemplate("error_forumcl osed")."\");");
}

$visible=!$foruminfo[moderatenew];

// auto bypass queueing for admins/mods
if (ismoderator($foruminfo[forumid])) {
$visible=1;
}

if ($parseurl) {
$message=parseurl($message);
}
// remove sessionhash from urls:
$message=ereg_replace("&sessionhash=[a-z0-9]{32}","",$message);
$message=ereg_replace("\\?sessionhash=[a-z0-9]{32}","",$message);
$message=ereg_replace("&s=[a-z0-9]{32}","",$message);
$message=ereg_replace("\\?s=[a-z0-9]{32}(&)?","?",$message);

if (strlen($message)>$postmaxchars and $postmaxchars!=0) {
eval("standarderror(\"".gettemplate("error_toolong ")."\");");
}

if ($preview) {
$previewpost=1;
$previewmessage=bbcodeparse($message,$threadinfo[forumid],$allowsmilie);

if ($signature) {
$post['signature'] = bbcodeparse($bbuserinfo['signature'],0,$allowsmilie);
eval("\$post[signature] = \"".gettemplate("postbit_signature")."\";");
$previewmessage.=$post['signature'];
}

eval("\$postpreview=\"".gettemplate("newpost_postp review")."\";");

$parseurlchecked=iif($parseurl,"checked","");
$emailchecked=iif($email,"checked","");
$disablesmilieschecked=iif(!$allowsmilie,"checked" ,"");
$signaturechecked=iif($signature,"checked","");
$previewchecked=0;

if ($rating) {
$rate["$rating"] = " selected";
}

$action="newreply";
} else {

$username = $HTTP_POST_VARS['username'];
$password = $HTTP_POST_VARS['password'];

if (isset($username) and !isset($bbuserinfo['username'])) {
$username = trim($username);
$username = eregi_replace("( ){2,}", " ", $username);

if (!$username) {
eval("standarderror(\"".gettemplate("error_nousern ame")."\");");
}
if ($userinfo=$DB_site->query_first("
SELECT user.*,userfield.*
FROM user,userfield
WHERE (username='".addslashes(htmlspecialchars($username ))."' OR
username='".addslashes(eregi_replace("[^A-Za-z0-9]","",$username))."') AND
user.userid=userfield.userid")) {
if (!$password) {
eval("standarderror(\"".gettemplate("error_usernam etaken")."\");");
} elseif (md5($password)!=$userinfo['password']) {
eval("standarderror(\"".gettemplate("error_wrongpa ssword")."\");");
} else {
$bbuserinfo = $userinfo;
$postusername = $bbuserinfo['username'];

if ($user['cookieuser']==1) {
vbsetcookie("bbuserid",$user['userid']);
vbsetcookie("bbpassword",$user['password']);
}
$DB_site->query("UPDATE session SET userid='$bbuserinfo[userid]' WHERE sessionhash='".addslashes($session['dbsessionhash'])."'");
}
} else {
$postusername = htmlspecialchars($username);
}
} else {
$postusername = $bbuserinfo['username'];
}

if ($enablefloodcheck) {
if ($bbuserinfo[userid]!=0 and time()-$bbuserinfo[lastpost]<=$floodchecktime and !ismoderator($foruminfo[forumid])) {
eval("standarderror(\"".gettemplate("error_floodch eck")."\");");
exit;
}
}

// check max images
if ($maximages!=0) {
$parsedmessage=bbcodeparse($message,$forumid,$allo wsmilie);
if (countchar($parsedmessage,"<img")>$maximages) {
eval("standarderror(\"".gettemplate("error_toomany images")."\");");
exit;
}
}

if ($logip==1 or $logip==2) {
if ($temp = getenv("REMOTE_ADDR")) {
$ipaddress = $temp;
} else if ($temp = $REMOTE_ADDR) {
$ipaddress = $temp;
} else {
$ipaddress = $HTTP_HOST;
}
} else {
$ipaddress="";
}

if (!isset($iconid) or $iconid=="") {
$iconid=0;
}
$iconid = intval($iconid);

$permissions=getpermissions($threadinfo['forumid']);
if (($bbuserinfo['userid']!=$threadinfo['postuserid'] or $bbuserinfo['userid']==0) and (!$permissions['canviewothers'] or !$permissions['canreplyothers'])) {
show_nopermission();
}
if (!$permissions['canview'] or (!$permissions['canreplyown'] and $bbuserinfo['userid']==$threadinfo['postuserid'])) {
show_nopermission();
}

/*if ($bbuserinfo[userid]==0) {
$postusername=$bbuserinfo[username];
} else {
$postusername="";
}*/

$title=censortext($title);
$message=censortext($message);

// sort attachement
if (is_array($HTTP_POST_FILES)) {
$attachment = $HTTP_POST_FILES['attachment']['tmp_name'];
$attachment_name = $HTTP_POST_FILES['attachment']['name'];
$attachment_size = $HTTP_POST_FILES['attachment']['size'];
}
if ($permissions[canpostattachment] and trim($attachment)!="none" and trim($attachment)!="" and trim($attachment_name)!="") {
$attachmentid=acceptupload($foruminfo[moderateattach]);
} else {
$attachmentid=0;
}

if ($email&&$bbuserinfo[userid]!=0) {
if (!$checkid=$DB_site->query_first("SELECT subscribethreadid FROM subscribethread WHERE userid=$bbuserinfo[userid] AND threadid=$threadid")) {
$DB_site->query("INSERT INTO subscribethread (subscribethreadid,userid,threadid) VALUES (NULL,$bbuserinfo[userid],$threadid)");
}
}
// see if there has been a post identical to this in the last 5 mins. If so, update that one, as user has probably done a double post
$datecut=time()-300;
if ($prevpost=$DB_site->query_first("SELECT attachmentid,postid,visible FROM post WHERE threadid='$threadid' AND username='".addslashes($postusername)."' AND userid='$bbuserinfo[userid]' AND title='".addslashes(htmlspecialchars($title))."' AND dateline>$datecut AND pagetext='".addslashes($message)."'")) {
$postid=$prevpost[postid];

if ($prevpost[attachmentid]!=0) {
$DB_site->query("DELETE FROM attachment WHERE attachmentid = '$prevpost[attachmentid]'");
if ($attachmentid==0) {
$DB_site->query("UPDATE thread SET attach = attach - 1 WHERE threadid = '$threadid'");
}
}
$DB_site->query("UPDATE post SET title='".addslashes(htmlspecialchars($title))."',p agetext='".addslashes($message)."',allowsmilie='$a llowsmilie',showsignature='$signature',iconid='$ic onid',attachmentid='$attachmentid' WHERE postid='$postid'");

// redirect
if ($prevpost[visible]) {
$goto="showthread.php?s=$session[sessionhash]&postid=$postid#post$postid";
} else {
$goto="forumdisplay.php?s=$session[sessionhash]&forumid=$forumid";
}
eval("standardredirect(\"".gettemplate("redirect_p ostthanks")."\",\"$goto\");");

} else {
if ($visible) {
sendnotification ($threadinfo['threadid'], $bbuserinfo['userid'], 0);
}

if ($attachmentid and !$foruminfo[moderateattach]) {
$DB_site->query("UPDATE thread SET attach = attach + 1 WHERE threadid = '$threadid'");
}
$DB_site->query("INSERT INTO post (postid,threadid,title,username,userid,dateline,at tachmentid,pagetext,allowsmilie,showsignature,ipad dress,iconid,visible) VALUES (NULL,'$threadid','".addslashes(htmlspecialchars($ title))."','".addslashes($postusername)."','$bbuse rinfo[userid]','".time()."','$attachmentid','".addslashes($mess age)."','$allowsmilie','$signature','$ipaddress',' $iconid','$visible')");
$postid=$DB_site->insert_id();

indexpost($postid,0);

if ($visible) {
if ($threadinfo[replycount]%10==0) {
$replies=$DB_site->query_first("SELECT COUNT(*)-1 AS replies FROM post WHERE threadid='$threadid'");
$DB_site->query("UPDATE thread SET lastpost='".time()."',replycount='$replies[replies]',lastposter='".addslashes($postusername)."' WHERE threadid='$threadid'");
} else {
$DB_site->query("UPDATE thread SET lastpost='".time()."',replycount=replycount+1,last poster='".addslashes($postusername)."' WHERE threadid='$threadid'");
}
}

if ($rating > 0 and $rating < 6 and $foruminfo['allowratings'] == 1) {
if ($permissions['canthreadrate']) {
$vote = intval($rating);
if ($ratingsel = $DB_site->query_first("SELECT vote, threadrateid
FROM threadrate
WHERE userid='$bbuserinfo[userid]'
AND threadid = '$threadid'")) {
if ($votechange) {
if ($vote != $ratingsel['vote']) {
$voteupdate = $vote - $ratingsel['vote'];
$DB_site->query("UPDATE threadrate SET vote='$vote'
WHERE threadrateid=$ratingsel[threadrateid]");
$DB_site->query("UPDATE thread SET votetotal=votetotal+$voteupdate
WHERE threadid='$threadid'");
}
}
} else {
$DB_site->query("INSERT INTO threadrate (threadid,userid,vote)
VALUES ('$threadid','$bbuserinfo[userid]','$vote')");
$DB_site->query("UPDATE thread SET votetotal=votetotal+$vote,votenum=votenum+1
WHERE threadid='$threadid'");
}
}
}

// update forum stuff
if ($visible==1) {
$DB_site->query("UPDATE forum SET replycount=replycount+1,lastpost='".time()."',last poster='".addslashes($postusername)."' WHERE forumid IN ($foruminfo[parentlist])");
}

// update user stuff
$dotitle="";
if ($bbuserinfo[userid]!=0)
{

// Stars Hack
if ($foruminfo[countposts]) {
$usergstars=$DB_site->query_first("SELECT starlevel,starimg FROM usergroup WHERE usergroupid='$bbuserinfo[usergroupid]'");
if ($usergstars[starlevel]=="") {
$getstars=$DB_site->query_first("SELECT starlevel,starimg FROM stars WHERE minposts<=$bbuserinfo[posts]+1 ORDER BY minposts DESC LIMIT 1");
$userstarlvl=$getstars[starlevel];
$userstarimg=$getstars[starimg];
} else {
$userstarlvl=$usergstars[starlevel];
$userstarimg=$usergstars[starimg];
}
$dostars=",starlevel='$userstarlvl',starimg='$user starimg'";
}
// Stars Hack End

if ($bbuserinfo[customtitle]==0 && $foruminfo[countposts])
{
$usergroup=$DB_site->query_first("SELECT usertitle FROM usergroup WHERE usergroupid='$bbuserinfo[usergroupid]'");
if ($usergroup[usertitle]=="") {

$getprofilefield=$DB_site->query_first("SELECT profilefieldid from profilefield where 1 and title = 'Ranksystem' LIMIT 0, 1");
$gettitle=$DB_site->query_first("Select rankdetail.title from user left join userfield on user.userid = userfield.userid left join rankdetail on userfield.field" . $getprofilefield[profilefieldid] . " = rankdetail.rankid where user.userid= $bbuserinfo[userid] and rankdetail.minposts <= user.posts+1 ORDER BY rankdetail.minposts DESC LIMIT 1");
$usertitle=$gettitle[title];
} else {
$usertitle=$usergroup[usertitle];
}
$dotitle="usertitle='".addslashes($usertitle)."'," ;
}

// Stars Hack
$DB_site->query("UPDATE user SET
".iif ($foruminfo[countposts],"posts=posts+1,","")."
$dotitle"."lastpost='".time()."'$dostars WHERE userid='$bbuserinfo[userid]'");
// Stars Hack End
}

// send email to moderators
if ($enableemail) {
$moderators=$DB_site->query_first("SELECT newpostemail FROM forum WHERE forumid='$threadinfo[forumid]'");

$mods=$DB_site->query("SELECT DISTINCT user.email FROM moderator LEFT JOIN user USING (userid) WHERE moderator.forumid IN ($foruminfo[parentlist]) AND moderator.newpostemail=1");
while ($mod=$DB_site->fetch_array($mods)) {
$moderators[newpostemail].=' '.$mod[email];
}
$moderators[newpostemail]=trim($moderators[newpostemail]);

if ($moderators[newpostemail]!="") {
$bbuserinfo['username']=unhtmlspecialchars($bbuserinfo['username']); //for emails
$mods=explode(" ",$moderators[newpostemail]);
while (list($key,$val)=each($mods)) {
if (trim($val)!="") {
$subject=$threadtitle;
$toemail=$val;

eval("\$emailmsg = \"".gettemplate("email_moderator",1,0)."\";");
eval("\$emailsubject = \"".gettemplate("emailsubject_moderator",1,0)."\"; ");

mail($toemail,$emailsubject,$emailmsg,"From: \"$bbtitle Mailer\" <$webmasteremail>");
}
}
$bbuserinfo['username']=htmlspecialchars($bbuserinfo['username']); //back to norm
}
}

// redirect
if ($visible) {
$goto="showthread.php?s=$session[sessionhash]&postid=$postid#post$postid";
} else {
$goto="forumdisplay.php?s=$session[sessionhash]&forumid=$threadinfo[forumid]";
}
eval("standardredirect(\"".gettemplate("redirect_p ostthanks")."\",\"$goto\");");
}
}
}

// ############################### start new reply ###############################
if ($action=="newreply") {

if ($wordwrap!=0) {
$threadinfo[title]=dowordwrap($threadinfo[title]);
}

$message = htmlspecialchars($message); // Without this, a </textarea> in the message breaks the form on preview
$title = htmlspecialchars($title);

$foruminfo=getforuminfo($threadinfo[forumid]);

$threadratingoption = '';
if ($foruminfo['allowratings']==1 and $permissions['canthreadrate']==1) {
if ($rating=$DB_site->query_first("SELECT vote, threadrateid FROM threadrate
WHERE userid = $bbuserinfo[userid] AND threadid = '$threadid'")) {
if ($votechange) {
$rate[$rating[vote]] = " selected";
eval("\$threadratingoption = \"".gettemplate("newreply_ratethread")."\";");
} else {
$threadratingoption = "";
}
} else {
eval("\$threadratingoption = \"".gettemplate("newreply_ratethread")."\";");
}
}

if ($foruminfo['allowposting']==0) {
eval("standarderror(\"".gettemplate("error_forumcl osed")."\");");
}

$bbcodeon=iif($foruminfo[allowbbcode],$ontext,$offtext);
$imgcodeon=iif($foruminfo[allowimages],$ontext,$offtext);
$htmlcodeon=iif($foruminfo[allowhtml],$ontext,$offtext);
$smilieson=iif($foruminfo[allowsmilies],$ontext,$offtext);

// draw nav bar
$navbar=makenavbar($threadid,"thread",1);

unset($ignore);
$ignorelist = explode(' ', $bbuserinfo['ignorelist']);
while ( list($key, $val)=each($ignorelist) ) {
$ignore[$val] = 1;
}
if ($ignore) {
eval("\$ignoreduser = \"".gettemplate("threadreviewbit_ignore")."\";" );
} else {
$ignoreduser = '';
}

if (($bbuserinfo[maxposts] != -1) and ($bbuserinfo[maxposts] != 0)) {
$maxposts = $bbuserinfo[maxposts];
}
$posts=$DB_site->query("
SELECT IF(post.userid=0,post.username,user.username) AS username,
post.pagetext,post.allowsmilie,post.userid FROM post
LEFT JOIN user ON user.userid=post.userid
WHERE post.visible=1 AND post.threadid='$threadid'
ORDER BY dateline DESC LIMIT " . ($maxposts+1)); // return +1 so that check later will still work

$threadreviewbits = '';
while ($post=$DB_site->fetch_array($posts)) {
if ($postcounter++ < $maxposts) {
if ($postcounter%2 == 0) {
$backcolor = "#F1F1F1";
$post[bgclass] = "alt1";
} else {
$backcolor = "#DFDFDF";
$post[bgclass] = "alt2";
}
$username=$post[username];
if ($ignore[$post[userid]]) {
$reviewmessage = $ignoreduser;
} else {
$reviewmessage = bbcodeparse($post[pagetext],$threadinfo[forumid],$post[allowsmilie]);
}
eval("\$threadreviewbits .= \"".gettemplate("threadreviewbit")."\";");
} else {
break;
}
}
if ($DB_site->num_rows($posts)>$maxposts) {
eval("\$threadreviewbits .= \"".gettemplate("threadreview")."\";");
}

if ($bbuserinfo[userid]!=0 and !$previewpost) {
if ($bbuserinfo[signature]!="") {
$signaturechecked="CHECKED";
}
if ($bbuserinfo[emailnotification]!=0) {
$emailchecked="checked";
}
}

if ($foruminfo[allowicons]) {
$posticons=chooseicons($iconid);
} else {
$posticons="";
}

if (!isset($parseurl)) {
$parseurlchecked="CHECKED";
}

$maxattachsize_temp = getmaxattachsize();

if (phpversion() < '4.0.3') {
$enctype = 'enctype="multipart/form-data"';
} else if (ini_get('file_uploads')) {
$enctype = 'enctype="multipart/form-data"';
} else {
$enctype = '';
}

if ($permissions[canpostattachment] and (!$safeupload or function_exists("is_uploaded_file"))) {
eval("\$attachmentoption = \"".gettemplate("newpost_attachment")."\";");
} else {
$attachmentoption="";
}

$vbcode_smilies = '';
$vbcode_buttons = '';
if ($foruminfo[allowsmilies]) {
if ($bbuserinfo[showvbcode] && $allowvbcodebuttons) {
$vbcode_smilies = getclickysmilies();
}
eval("\$disablesmiliesoption = \"".gettemplate("newpost_disablesmiliesoption")."\ ";");
} else {
$disablesmiliesoption="";
}
if ($bbuserinfo[showvbcode] && $allowvbcodebuttons) {
$vbcode_buttons = getcodebuttons();
}

getforumrules($foruminfo,$permissions);

eval("dooutput(\"".gettemplate("newreply")."\");") ;

}

?>

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01228 seconds Memory Usage 1,911KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_quote (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (1)postbit_onlinestatus (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: