Beehive PHP Cross Reference Discussion Forums

Source: /post.php - 963 lines - 35963 bytes - Summary - Text - Print

   1  <?php
   2  
   3  /*======================================================================
   4  
   5  Copyright Project Beehive Forum 2002
   6  
   7  This file is part of Beehive Forum.
   8  
   9  Beehive Forum is free software; you can redistribute it and/or modify
  10  it under the terms of the GNU General Public License as published by
  11  the Free Software Foundation; either version 3 of the License, or
  12  (at your option) any later version.
  13  
  14  Beehive Forum is distributed in the hope that it will be useful,
  15  but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17  GNU General Public License for more details.
  18  
  19  You should have received a copy of the GNU General Public License
  20  along with Beehive; if not, write to the Free Software
  21  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
  22  USA
  23  
  24  ======================================================================*/
  25  
  26  // Bootstrap
  27  require_once  'boot.php';
  28  
  29  // Required includes
  30  require_once  BH_INCLUDE_PATH . 'admin.inc.php';
  31  require_once  BH_INCLUDE_PATH . 'attachments.inc.php';
  32  require_once  BH_INCLUDE_PATH . 'constants.inc.php';
  33  require_once  BH_INCLUDE_PATH . 'email.inc.php';
  34  require_once  BH_INCLUDE_PATH . 'emoticons.inc.php';
  35  require_once  BH_INCLUDE_PATH . 'fixhtml.inc.php';
  36  require_once  BH_INCLUDE_PATH . 'folder.inc.php';
  37  require_once  BH_INCLUDE_PATH . 'form.inc.php';
  38  require_once  BH_INCLUDE_PATH . 'format.inc.php';
  39  require_once  BH_INCLUDE_PATH . 'forum.inc.php';
  40  require_once  BH_INCLUDE_PATH . 'header.inc.php';
  41  require_once  BH_INCLUDE_PATH . 'html.inc.php';
  42  require_once  BH_INCLUDE_PATH . 'messages.inc.php';
  43  require_once  BH_INCLUDE_PATH . 'perm.inc.php';
  44  require_once  BH_INCLUDE_PATH . 'poll.inc.php';
  45  require_once  BH_INCLUDE_PATH . 'post.inc.php';
  46  require_once  BH_INCLUDE_PATH . 'session.inc.php';
  47  require_once  BH_INCLUDE_PATH . 'thread.inc.php';
  48  require_once  BH_INCLUDE_PATH . 'user.inc.php';
  49  require_once  BH_INCLUDE_PATH . 'word_filter.inc.php';
  50  // End Required includes
  51  
  52  // Check we're logged in correctly
  53  if (!session::logged_in()) {
  54      html_guest_error();
  55  }
  56  
  57  if (!folder_get_by_type_allowed(FOLDER_ALLOW_NORMAL_THREAD)) {
  58      html_message_type_error();
  59  }
  60  
  61  $show_sigs = session::show_sigs();
  62  
  63  $page_prefs = session::get_post_page_prefs();
  64  
  65  $high_interest = (isset($_SESSION['MARK_AS_OF_INT']) && $_SESSION['MARK_AS_OF_INT'] == 'Y') ? 'Y' : 'N';
  66  
  67  $valid = true;
  68  
  69  $new_thread = false;
  70  
  71  $to_logon_array = array();
  72  
  73  $reply_to_pid = null;
  74  
  75  $reply_message = null;
  76  
  77  $threadtitle = null;
  78  
  79  $fid = null;
  80  
  81  $folder_dropdown = null;
  82  
  83  if (($sig = user_get_sig($_SESSION['UID'])) !== false) {
  84      $sig = fix_html($sig);
  85  }
  86  
  87  if (isset($_POST['newthread']) && (isset($_POST['post']) || isset($_POST['preview']))) {
  88  
  89      $new_thread = true;
  90  
  91      if (isset($_POST['threadtitle']) && strlen(trim($_POST['threadtitle'])) > 0) {
  92  
  93          $threadtitle = trim($_POST['threadtitle']);
  94  
  95      } else {
  96  
  97          $error_msg_array[] = gettext("You must enter a title for the thread!");
  98          $valid = false;
  99      }
 100  
 101      if (isset($_POST['fid']) && is_numeric($_POST['fid'])) {
 102  
 103          if (folder_thread_type_allowed($_POST['fid'], FOLDER_ALLOW_NORMAL_THREAD)) {
 104  
 105              $fid = $_POST['fid'];
 106  
 107          } else {
 108  
 109              $error_msg_array[] = gettext("You cannot post this thread type in that folder!");
 110              $valid = false;
 111          }
 112  
 113      } else if ($valid) {
 114  
 115          $error_msg_array[] = gettext("Please select a folder");
 116          $valid = false;
 117      }
 118  
 119  } else if (!isset($_POST['reply_to'])) {
 120  
 121      $valid = false;
 122  }
 123  
 124  if (isset($_POST['attachment']) && is_array($_POST['attachment'])) {
 125      $attachments = array_filter($_POST['attachment'], 'is_md5');
 126  } else {
 127      $attachments = array();
 128  }
 129  
 130  if (isset($_POST['dedupe']) && is_numeric($_POST['dedupe'])) {
 131      $dedupe = $_POST['dedupe'];
 132  } else {
 133      $dedupe = time();
 134  }
 135  
 136  if (isset($_POST['post']) || isset($_POST['preview']) || isset($_POST['move']) || isset($_POST['emots_toggle']) || isset($_POST['sig_toggle'])) {
 137  
 138      if (isset($_POST['post_interest'])) {
 139  
 140          if ($_POST['post_interest'] == "Y") {
 141              $high_interest = "Y";
 142          } else {
 143              $high_interest = "N";
 144          }
 145  
 146      } else {
 147  
 148          $high_interest = 'N';
 149      }
 150  
 151      if (isset($_POST['sticky'])) {
 152  
 153          if ($_POST['sticky'] == 'Y') {
 154              $sticky = 'Y';
 155          } else {
 156              $sticky = 'N';
 157          }
 158  
 159      } else {
 160  
 161          $sticky = 'N';
 162      }
 163  
 164      if (isset($_POST['closed'])) {
 165  
 166          if ($_POST['closed'] == 'Y') {
 167              $closed = 'Y';
 168          } else {
 169              $closed = 'N';
 170          }
 171  
 172      } else {
 173  
 174          $closed = 'N';
 175      }
 176  }
 177  
 178  if (isset($_POST['post']) || isset($_POST['preview'])) {
 179  
 180      if (isset($_POST['content']) && strlen(trim($_POST['content'])) > 0) {
 181  
 182          $content = fix_html(emoticons_strip($_POST['content']));
 183  
 184          if (attachments_embed_check($content)) {
 185  
 186              $error_msg_array[] = gettext("You are not allowed to embed attachments in your posts.");
 187              $valid = false;
 188          }
 189  
 190      } else {
 191  
 192          $error_msg_array[] = gettext("You must enter some content for the post!");
 193          $valid = false;
 194      }
 195  
 196      if (isset($_POST['sig'])) {
 197  
 198          $sig = fix_html(emoticons_strip($_POST['sig']));
 199  
 200          if (attachments_embed_check($sig)) {
 201  
 202              $error_msg_array[] = gettext("You are not allowed to embed attachments in your signature.");
 203              $valid = false;
 204          }
 205      }
 206  }
 207  
 208  if (isset($_POST['more'])) {
 209  
 210      if (isset($_POST['content']) && strlen(trim($_POST['content'])) > 0) {
 211          $content = fix_html(emoticons_strip($_POST['content']));
 212      }
 213  }
 214  
 215  if (isset($_POST['emots_toggle']) || isset($_POST['sig_toggle'])) {
 216  
 217      if (isset($_POST['newthread'])) {
 218  
 219          if (isset($_POST['threadtitle']) && strlen(trim($_POST['threadtitle'])) > 0) {
 220              $threadtitle = trim($_POST['threadtitle']);
 221          }
 222  
 223          if (isset($_POST['fid']) && is_numeric($_POST['fid'])) {
 224  
 225              if (folder_thread_type_allowed($_POST['fid'], FOLDER_ALLOW_NORMAL_THREAD)) {
 226  
 227                  $fid = $_POST['fid'];
 228  
 229              } else {
 230  
 231                  $error_msg_array[] = gettext("You cannot post this thread type in that folder!");
 232                  $valid = false;
 233              }
 234          }
 235      }
 236  
 237      if (isset($_POST['content']) && strlen(trim($_POST['content'])) > 0) {
 238          $content = fix_html(emoticons_strip($_POST['content']));
 239      }
 240  
 241      if (isset($_POST['sig'])) {
 242          $sig = fix_html(emoticons_strip($_POST['sig']));
 243      }
 244  
 245      if (isset($_POST['emots_toggle'])) {
 246  
 247          $page_prefs = (double)$page_prefs ^ POST_EMOTICONS_DISPLAY;
 248  
 249      } else if (isset($_POST['sig_toggle'])) {
 250  
 251          $page_prefs = (double)$page_prefs ^ POST_SIGNATURE_DISPLAY;
 252      }
 253  
 254      $user_prefs = array(
 255          'POST_PAGE' => $page_prefs
 256      );
 257  
 258      if (!user_update_prefs($_SESSION['UID'], $user_prefs)) {
 259  
 260          $error_msg_array[] = gettext("Some or all of your user account details could not be updated. Please try again later.");
 261          $valid = false;
 262      }
 263  }
 264  
 265  if (!isset($content)) $content = "";
 266  
 267  if (!isset($sig)) $sig = "";
 268  
 269  if (isset($_GET['reply_to']) && validate_msg($_GET['reply_to'])) {
 270  
 271      list($tid, $reply_to_pid) = explode(".", $_GET['reply_to']);
 272  
 273      if (isset($_GET['return_msg']) && validate_msg($_GET['return_msg'])) {
 274          $return_msg = $_GET['return_msg'];
 275      } else {
 276          $return_msg = $_GET['reply_to'];
 277      }
 278  
 279      if (!($fid = thread_get_folder_fid($tid))) {
 280          html_draw_error(gettext("The requested thread could not be found or access was denied."));
 281      }
 282  
 283      if (session::check_perm(USER_PERM_EMAIL_CONFIRM, 0)) {
 284  
 285          html_email_confirmation_error();
 286          exit;
 287      }
 288  
 289      if (!session::check_perm(USER_PERM_POST_CREATE, $fid)) {
 290          html_draw_error(gettext("You cannot reply to posts in this folder"));
 291      }
 292  
 293      if (isset($_GET['quote_list']) && strlen(trim($_GET['quote_list'])) > 0) {
 294  
 295          $quote_list = array_filter(explode(',', $_GET['quote_list']), 'is_numeric');
 296  
 297          sort($quote_list);
 298  
 299          $content_array = array();
 300  
 301          foreach ($quote_list as $quote_pid) {
 302  
 303              if (($message_array = messages_get($tid, $quote_pid)) !== false) {
 304  
 305                  $message_author = htmlentities_array(format_user_name($message_array['FROM_LOGON'], $message_array['FROM_NICKNAME']));
 306  
 307                  $message_content = message_get_content($tid, $quote_pid);
 308                  $message_content = message_apply_formatting($message_content, true);
 309  
 310                  $message_link = "messages.php?webtag=$webtag&amp;msg=$tid.$quote_pid";
 311  
 312                  $content_array[] = sprintf(
 313                      '<div class="quotetext"><b>%s:</b> <a href="%s">%s</a></div>
 314                       <div class="quote">%s</div>',
 315                      gettext('quote'),
 316                      $message_link,
 317                      $message_author,
 318                      fix_html($message_content)
 319                  );
 320              }
 321          }
 322  
 323          $content_array[] = '<p>&nbsp;</p>';
 324  
 325          if (sizeof($content_array) > 0) {
 326              $content = implode('', $content_array);
 327          }
 328      }
 329  
 330      $new_thread = false;
 331  
 332  } else if (isset($_POST['reply_to']) && validate_msg($_POST['reply_to'])) {
 333  
 334      list($tid, $reply_to_pid) = explode(".", $_POST['reply_to']);
 335  
 336      if (isset($_POST['return_msg']) && validate_msg($_POST['return_msg'])) {
 337          $return_msg = $_POST['return_msg'];
 338      } else {
 339          $return_msg = $_POST['reply_to'];
 340      }
 341  
 342      if (!($fid = thread_get_folder_fid($tid))) {
 343          html_draw_error(gettext("The requested thread could not be found or access was denied."));
 344      }
 345  
 346      if (session::check_perm(USER_PERM_EMAIL_CONFIRM, 0)) {
 347  
 348          html_email_confirmation_error();
 349          exit;
 350      }
 351  
 352      if (!session::check_perm(USER_PERM_POST_CREATE, $fid)) {
 353          html_draw_error(gettext("You cannot reply to posts in this folder"));
 354      }
 355  
 356      if (sizeof($attachments) > 0 && !session::check_perm(USER_PERM_POST_ATTACHMENTS | USER_PERM_POST_READ, $fid)) {
 357  
 358          $error_msg_array[] = gettext("You cannot post attachments in this folder. Remove attachments to continue.");
 359          $valid = false;
 360      }
 361  
 362      if (sizeof($attachments) > 0 && !attachments_check_post_space($_SESSION['UID'], $attachments)) {
 363  
 364          $max_post_attachment_space = forum_get_setting('attachments_max_post_space', 'is_numeric', 1048576);
 365          $error_msg_array[] = gettext(sprintf("You have too many files attached to this post. Maximum attachment space per post is %s", format_file_size($max_post_attachment_space)));
 366          $valid = false;
 367      }
 368  
 369      $new_thread = false;
 370  
 371  } else {
 372  
 373      $new_thread = true;
 374  
 375      if (isset($_GET['fid']) && is_numeric($_GET['fid'])) {
 376          $fid = $_GET['fid'];
 377      } else if (isset($_POST['fid']) && is_numeric($_POST['fid'])) {
 378          $fid = $_POST['fid'];
 379      }
 380  
 381      if (isset($fid) && !folder_is_valid($fid)) {
 382  
 383          $error_msg_array[] = gettext("Invalid Folder ID. Check that a folder with this ID exists!");
 384          $valid = false;
 385      }
 386  
 387      if (session::check_perm(USER_PERM_EMAIL_CONFIRM, 0)) {
 388  
 389          html_email_confirmation_error();
 390          exit;
 391      }
 392  
 393      if (isset($fid) && !session::check_perm(USER_PERM_THREAD_CREATE | USER_PERM_POST_READ, $fid)) {
 394  
 395          $error_msg_array[] = gettext("You cannot create new threads in this folder");
 396          $valid = false;
 397      }
 398  
 399      if (isset($fid) && sizeof($attachments) > 0 && !session::check_perm(USER_PERM_POST_ATTACHMENTS | USER_PERM_POST_READ, $fid)) {
 400  
 401          $error_msg_array[] = gettext("You cannot post attachments in this folder. Remove attachments to continue.");
 402          $valid = false;
 403      }
 404  
 405      if (sizeof($attachments) > 0 && !attachments_check_post_space($_SESSION['UID'], $attachments)) {
 406  
 407          $max_post_attachment_space = forum_get_setting('attachments_max_post_space', 'is_numeric', 1048576);
 408          $error_msg_array[] = gettext(sprintf("You have too many files attached to this post. Maximum attachment space per post is %s", format_file_size($max_post_attachment_space)));
 409          $valid = false;
 410      }
 411  }
 412  
 413  if (!$new_thread) {
 414  
 415      if (!($reply_message = messages_get($tid, $reply_to_pid))) {
 416          html_draw_error(gettext("That post does not exist in this thread!"));
 417      }
 418  
 419      if (!$thread_data = thread_get($tid)) {
 420          html_draw_error(gettext("The requested thread could not be found or access was denied."));
 421      }
 422  
 423      $reply_message['CONTENT'] = message_get_content($tid, $reply_to_pid);
 424  
 425      if (((perm_get_user_permissions($reply_message['FROM_UID']) & USER_PERM_WORMED) && !session::check_perm(USER_PERM_FOLDER_MODERATE, $fid)) || ((!isset($reply_message['CONTENT']) || $reply_message['CONTENT'] == "") && $thread_data['POLL_FLAG'] != 'Y' && $reply_to_pid != 0)) {
 426          html_draw_error(gettext("Message not found. Check that it hasn't been deleted."));
 427      }
 428  }
 429  
 430  if (isset($_POST['to_logon'])) {
 431  
 432      if (strlen(trim($_POST['to_logon'])) > 0) {
 433  
 434          $to_logon_array = preg_split('/,\s*/u', trim($_POST['to_logon'], ', '));
 435  
 436          $to_logon_array = array_filter(array_map('trim', $to_logon_array), 'strlen');
 437  
 438          foreach ($to_logon_array as $key => $recipient) {
 439  
 440              $to_logon = trim($recipient);
 441  
 442              unset($to_logon_array[$key]);
 443  
 444              if (($to_user = user_get_by_logon($to_logon)) !== false) {
 445  
 446                  $to_logon_array[$to_user['UID']] = array(
 447                      'UID' => $to_user['UID'],
 448                      'LOGON' => $to_user['LOGON'],
 449                      'NICKNAME' => $to_user['NICKNAME']
 450                  );
 451  
 452              } else {
 453  
 454                  $error_msg_array[] = sprintf(gettext("User %s not found"), $to_logon);
 455                  $valid = false;
 456              }
 457          }
 458  
 459          $to_logon = implode(', ', array_map('user_get_logon_callback', $to_logon_array));
 460  
 461          if ($valid && sizeof($to_logon_array) > 10) {
 462  
 463              $error_msg_array[] = gettext("There is a limit of 10 recipients per message. Please amend your recipient list.");
 464              $valid = false;
 465          }
 466      }
 467  
 468  } else if (isset($tid) && isset($reply_to_pid) && ($reply_to_pid > 0)) {
 469  
 470      $to_logon = $reply_message['FROM_LOGON'];
 471  
 472      $to_logon_array[$reply_message['FROM_UID']] = array(
 473          'UID' => $reply_message['FROM_UID'],
 474          'LOGON' => $reply_message['FROM_LOGON'],
 475          'NICKNAME' => $reply_message['FROM_NICKNAME']
 476      );
 477  }
 478  
 479  $allow_html = true;
 480  $allow_sig = true;
 481  
 482  if (isset($fid) && !session::check_perm(USER_PERM_HTML_POSTING, $fid)) {
 483      $allow_html = false;
 484  }
 485  
 486  if (isset($fid) && !session::check_perm(USER_PERM_SIGNATURE, $fid)) {
 487      $allow_sig = false;
 488  }
 489  
 490  if ($allow_html == false) {
 491  
 492      $content = htmlentities_array($content);
 493      $sig = htmlentities_array($sig);
 494  }
 495  
 496  if ((mb_strlen($content) + mb_strlen($sig)) >= 65535) {
 497  
 498      $error_msg_array[] = sprintf(
 499          gettext("Combined Message and signature length must be less than 65,535 characters (currently: %s)"),
 500          number_format(mb_strlen($content) + mb_strlen($sig))
 501      );
 502  
 503      $valid = false;
 504  }
 505  
 506  if ($valid && isset($_POST['post'])) {
 507  
 508      if (post_check_frequency()) {
 509  
 510          if (post_check_ddkey($dedupe)) {
 511  
 512              if ($new_thread) {
 513  
 514                  if (session::check_perm(USER_PERM_FOLDER_MODERATE, $fid)) {
 515  
 516                      $closed = isset($_POST['closed']) && $_POST['closed'] == 'Y' ? true : false;
 517                      $sticky = isset($_POST['sticky']) && $_POST['sticky'] == 'Y' ? 'Y' : 'N';
 518  
 519                  } else {
 520  
 521                      $closed = false;
 522                      $sticky = "N";
 523                  }
 524  
 525                  $tid = post_create_thread($fid, $_SESSION['UID'], $threadtitle, "N", $sticky, $closed);
 526  
 527                  $reply_to_pid = 0;
 528  
 529              } else {
 530  
 531                  if (isset($thread_data['CLOSED']) && $thread_data['CLOSED'] > 0 && (!session::check_perm(USER_PERM_FOLDER_MODERATE, $fid))) {
 532                      html_draw_error(gettext("This thread is closed, you cannot post in it!"));
 533                  }
 534  
 535                  if (session::check_perm(USER_PERM_FOLDER_MODERATE, $fid)) {
 536  
 537                      $closed = isset($_POST['closed']) && $_POST['closed'] == 'Y' ? true : false;
 538                      $sticky = isset($_POST['sticky']) && $_POST['sticky'] == 'Y' ? 'Y' : 'N';
 539  
 540                      if (isset($closed) && $closed == "Y") {
 541                          thread_set_closed($tid, true);
 542                      } else {
 543                          thread_set_closed($tid, false);
 544                      }
 545  
 546                      if (isset($sticky) && $sticky == "Y") {
 547                          thread_set_sticky($tid, true);
 548                      } else {
 549                          thread_set_sticky($tid, false);
 550                      }
 551                  }
 552              }
 553  
 554              if (isset($tid) && is_numeric($tid)) {
 555  
 556                  if ($allow_sig == true && strlen(trim($sig)) > 0) {
 557                      $content .= "<div class=\"sig\">$sig</div>";
 558                  }
 559  
 560                  if (($new_pid = post_create($fid, $tid, $reply_to_pid, $_SESSION['UID'], $to_logon_array, $content)) !== false) {
 561  
 562                      if ($high_interest == "Y") {
 563                          thread_set_high_interest($tid);
 564                      }
 565  
 566                      email_send_notification($tid, $new_pid);
 567  
 568                      email_send_thread_subscription($tid, $new_pid);
 569  
 570                      email_send_folder_subscription($fid, $tid, $new_pid);
 571  
 572                      if (perm_check_folder_permissions($fid, USER_PERM_POST_APPROVAL, $_SESSION['UID']) && !perm_is_moderator($_SESSION['UID'], $fid)) {
 573                          admin_send_post_approval_notification($fid);
 574                      }
 575  
 576                      if (sizeof($attachments) > 0 && ($attachments_array = attachments_get($_SESSION['UID'], $attachments)) !== false) {
 577  
 578                          foreach ($attachments_array as $attachment) {
 579  
 580                              post_add_attachment($tid, $new_pid, $attachment['aid']);
 581                          }
 582                      }
 583                  }
 584              }
 585          }
 586  
 587          if ($new_thread && isset($tid) && is_numeric($tid)) {
 588  
 589              $uri = "discussion.php?webtag=$webtag&msg=$tid.1";
 590  
 591          } else {
 592  
 593              if (isset($return_msg)) {
 594  
 595                  $uri = "discussion.php?webtag=$webtag&msg=$return_msg";
 596  
 597              } else if (isset($tid) && is_numeric($tid) && isset($reply_to_pid) && is_numeric($reply_to_pid)) {
 598  
 599                  $uri = "discussion.php?webtag=$webtag&msg=$tid.$reply_to_pid";
 600  
 601              } else {
 602  
 603                  $uri = "discussion.php?webtag=$webtag";
 604              }
 605  
 606              if (isset($tid) && is_numeric($tid) && isset($new_pid) && is_numeric($new_pid)) {
 607                  $uri .= "&post_success=$tid.$new_pid";
 608              }
 609          }
 610  
 611          header_redirect($uri);
 612          exit;
 613  
 614      } else {
 615  
 616          $error_msg_array[] = sprintf(gettext("You can only post once every %s seconds. Please try again later."), forum_get_setting('minimum_post_frequency', 'is_numeric', 0));
 617      }
 618  }
 619  
 620  if (!isset($fid)) {
 621      $fid = 1;
 622  }
 623  
 624  if (($new_thread && !($folder_dropdown = folder_draw_dropdown($fid, "fid", "", FOLDER_ALLOW_NORMAL_THREAD, USER_PERM_THREAD_CREATE, "", "post_folder_dropdown")))) {
 625      html_draw_error(gettext("You cannot create new threads."));
 626  }
 627  
 628  if (isset($thread_data['CLOSED']) && $thread_data['CLOSED'] > 0 && !session::check_perm(USER_PERM_FOLDER_MODERATE, $fid)) {
 629      html_draw_error(gettext("This thread is closed, you cannot post in it!"));
 630  }
 631  
 632  html_draw_top(sprintf("title=%s", gettext("Post message")), "resize_width=960", "basetarget=_blank", "js/post.js", "js/poll.js", "js/attachments.js", "js/emoticons.js", 'js/search.js', 'js/search_popup.js', 'ckeditor/ckeditor.js', 'js/fineuploader.min.js', 'class=window_title');
 633  
 634  echo "<h1>", gettext("Post message"), "</h1>\n";
 635  
 636  if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
 637      html_display_error_array($error_msg_array, '960', 'left');
 638  }
 639  
 640  if (!$new_thread && isset($thread_data['CLOSED']) && $thread_data['CLOSED'] > 0 && session::check_perm(USER_PERM_FOLDER_MODERATE, $fid)) {
 641      html_display_warning_msg(gettext("Warning: this thread is closed for posting to normal users."), '960', 'left');
 642  }
 643  
 644  echo "<br /><form accept-charset=\"utf-8\" name=\"f_post\" action=\"post.php\" method=\"post\" target=\"_self\">\n";
 645  echo "  ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
 646  echo "  ", form_input_hidden('dedupe', htmlentities_array($dedupe)), "\n";
 647  echo "  <table cellpadding=\"0\" cellspacing=\"0\" width=\"960\" class=\"max_width\">\n";
 648  echo "    <tr>\n";
 649  echo "      <td align=\"left\">\n";
 650  echo "        <table class=\"box\" width=\"100%\">\n";
 651  echo "          <tr>\n";
 652  echo "            <td align=\"left\" class=\"posthead\">\n";
 653  
 654  if ($valid && isset($_POST['preview'])) {
 655  
 656      echo "              <table class=\"posthead\" width=\"100%\">\n";
 657      echo "                <tr>\n";
 658      echo "                  <td align=\"left\" class=\"subhead\">", gettext("Message Preview"), "</td>\n";
 659      echo "                </tr>\n";
 660  
 661      $preview_message['RECIPIENTS'] = $to_logon_array;
 662  
 663      $preview_fuser = user_get($_SESSION['UID']);
 664  
 665      $preview_message['FROM_LOGON'] = $preview_fuser['LOGON'];
 666      $preview_message['FROM_NICKNAME'] = $preview_fuser['NICKNAME'];
 667      $preview_message['FROM_UID'] = $preview_fuser['UID'];
 668  
 669      $preview_message['CONTENT'] = $content;
 670  
 671      if ($allow_sig == true && strlen(trim($sig)) > 0) {
 672          $preview_message['CONTENT'] = $preview_message['CONTENT'] . "<div class=\"sig\">" . $sig . "</div>";
 673      }
 674  
 675      $preview_message['CREATED'] = time();
 676      $preview_message['ATTACHMENTS'] = $attachments;
 677  
 678      echo "                <tr>\n";
 679      echo "                  <td align=\"left\"><br />";
 680  
 681      message_display(0, $preview_message, 0, 0, 0, false, false, false, $show_sigs, true);
 682  
 683      echo "                  </td>\n";
 684      echo "                </tr>\n";
 685      echo "                <tr>\n";
 686      echo "                  <td align=\"left\">&nbsp;</td>\n";
 687      echo "                </tr>\n";
 688      echo "              </table>\n";
 689  }
 690  
 691  if (!isset($threadtitle)) $threadtitle = "";
 692  
 693  echo "              <table class=\"posthead\" width=\"100%\">\n";
 694  
 695  if ($new_thread) {
 696  
 697      echo "                <tr>\n";
 698      echo "                  <td align=\"left\" class=\"subhead\" colspan=\"2\">", gettext("Create new thread"), "</td>\n";
 699      echo "                </tr>\n";
 700  
 701  } else {
 702  
 703      echo "                <tr>\n";
 704      echo "                  <td align=\"left\" class=\"subhead\" colspan=\"2\">", gettext("Post Reply"), "</td>\n";
 705      echo "                </tr>\n";
 706  }
 707  
 708  echo "                <tr>\n";
 709  echo "                  <td align=\"left\" valign=\"top\" width=\"210\">\n";
 710  echo "                    <table class=\"posthead\" width=\"100%\" cellpadding=\"0\">\n";
 711  
 712  if ($new_thread) {
 713  
 714      echo "                      <tr>\n";
 715      echo "                        <td align=\"left\"><h2>", gettext("Folder"), "</h2></td>\n";
 716      echo "                      </tr>\n";
 717      echo "                      <tr>\n";
 718      echo "                        <td align=\"left\">$folder_dropdown</td>\n";
 719      echo "                      </tr>\n";
 720      echo "                      <tr>\n";
 721      echo "                        <td align=\"left\"><h2>", gettext("Thread title"), "</h2></td>\n";
 722      echo "                      </tr>\n";
 723      echo "                      <tr>\n";
 724      echo "                        <td align=\"left\">", form_input_text("threadtitle", htmlentities_array($threadtitle), null, null, null, "thread_title"), form_input_hidden("newthread", "Y"), "</td>\n";
 725      echo "                      </tr>\n";
 726  
 727  } else {
 728  
 729      echo "                      <tr>\n";
 730      echo "                        <td align=\"left\"><h2>", gettext("Folder"), "</h2></td>\n";
 731      echo "                      </tr>\n";
 732      echo "                      <tr>\n";
 733      echo "                        <td align=\"left\">", word_filter_add_ob_tags($thread_data['FOLDER_TITLE'], true), "</td>\n";
 734      echo "                      </tr>\n";
 735      echo "                      <tr>\n";
 736      echo "                        <td align=\"left\"><h2>", gettext("Thread title"), "</h2></td>\n";
 737      echo "                      </tr>\n";
 738      echo "                      <tr>\n";
 739      echo "                        <td align=\"left\">", word_filter_add_ob_tags($thread_data['TITLE'], true), form_input_hidden("reply_to", htmlentities_array("$tid.$reply_to_pid")), form_input_hidden('return_msg', htmlentities_array($return_msg)), "</td>\n";
 740      echo "                      </tr>\n";
 741  }
 742  
 743  echo "                      <tr>\n";
 744  echo "                        <td align=\"left\"><h2>", gettext("To"), "</h2></td>\n";
 745  echo "                      </tr>\n";
 746  echo "                      <tr>\n";
 747  echo "                        <td align=\"left\" style=\"white-space: nowrap\">", form_input_text_search("to_logon", isset($to_logon) ? htmlentities_array($to_logon) : "", null, null, SEARCH_LOGON, true, sprintf('title="%s"', gettext("Separate recipients by a comma")), "post_to_others multiple", gettext("Leave blank for all")), "</td>\n";
 748  echo "                      </tr>\n";
 749  echo "                      <tr>\n";
 750  echo "                        <td align=\"left\">&nbsp;</td>\n";
 751  echo "                      </tr>\n";
 752  echo "                      <tr>\n";
 753  echo "                        <td align=\"left\"><h2>", gettext("Thread options"), "</h2></td>\n";
 754  echo "                      </tr>\n";
 755  echo "                      <tr>\n";
 756  echo "                        <td align=\"left\">", form_checkbox("post_interest", "Y", gettext("Set thread to high interest"), $high_interest == "Y"), "</td>\n";
 757  echo "                      </tr>\n";
 758  
 759  if (session::check_perm(USER_PERM_FOLDER_MODERATE, $fid)) {
 760  
 761      echo "                      <tr>\n";
 762      echo "                        <td align=\"left\">&nbsp;</td>\n";
 763      echo "                      </tr>\n";
 764      echo "                      <tr>\n";
 765      echo "                        <td align=\"left\"><h2>", gettext("Admin"), "</h2></td>\n";
 766      echo "                      </tr>\n";
 767      echo "                      <tr>\n";
 768      echo "                        <td align=\"left\">", form_checkbox("closed", "Y", gettext("Close for posting"), isset($closed) ? $closed == 'Y' : isset($thread_data['CLOSED']) && $thread_data['CLOSED'] > 0 ? true : false), "</td>\n";
 769      echo "                      </tr>\n";
 770      echo "                      <tr>\n";
 771      echo "                        <td align=\"left\">", form_checkbox("sticky", "Y", gettext("Make sticky"), isset($sticky) ? $sticky == 'Y' : isset($thread_data['STICKY']) && $thread_data['STICKY'] == "Y" ? true : false), "</td>\n";
 772      echo "                      </tr>\n";
 773  }
 774  
 775  if (isset($_SESSION['EMOTICONS']) && strlen(trim($_SESSION['EMOTICONS'])) > 0) {
 776      $user_emoticon_pack = $_SESSION['EMOTICONS'];
 777  } else {
 778      $user_emoticon_pack = forum_get_setting('default_emoticons', 'strlen', 'default');
 779  }
 780  
 781  if (($emoticon_preview_html = emoticons_preview($user_emoticon_pack)) !== false) {
 782  
 783      echo "                      <tr>\n";
 784      echo "                        <td align=\"left\">&nbsp;</td>\n";
 785      echo "                      </tr>\n";
 786      echo "                      <tr>\n";
 787      echo "                        <td align=\"left\">\n";
 788      echo "                          <table width=\"196\" class=\"messagefoot\" cellspacing=\"0\">\n";
 789      echo "                            <tr>\n";
 790      echo "                              <td align=\"left\" class=\"subhead\">", gettext("Emoticons"), "</td>\n";
 791  
 792      if (($page_prefs & POST_EMOTICONS_DISPLAY) > 0) {
 793          echo "                              <td class=\"subhead\" align=\"right\">", form_submit_image('hide.png', 'emots_toggle', 'hide', null, 'button_image toggle_button'), "&nbsp;</td>\n";
 794      } else {
 795          echo "                              <td class=\"subhead\" align=\"right\">", form_submit_image('show.png', 'emots_toggle', 'show', null, 'button_image toggle_button'), "&nbsp;</td>\n";
 796      }
 797  
 798      echo "                            </tr>\n";
 799      echo "                            <tr>\n";
 800      echo "                              <td align=\"left\" colspan=\"2\">\n";
 801  
 802      if (($page_prefs & POST_EMOTICONS_DISPLAY) > 0) {
 803          echo "                                <div class=\"emots_toggle\">{$emoticon_preview_html}</div>\n";
 804      } else {
 805          echo "                                <div class=\"emots_toggle\" style=\"display: none\">{$emoticon_preview_html}</div>\n";
 806      }
 807  
 808      echo "                              </td>\n";
 809      echo "                            </tr>\n";
 810      echo "                          </table>\n";
 811      echo "                        </td>\n";
 812      echo "                      </tr>\n";
 813  }
 814  
 815  echo "                    </table>\n";
 816  echo "                  </td>\n";
 817  echo "                  <td align=\"left\" valign=\"top\" width=\"740\">\n";
 818  echo "                    <table class=\"posthead\" width=\"100%\">\n";
 819  echo "                      <tr>\n";
 820  echo "                        <td align=\"left\">\n";
 821  echo "                          <h2>", gettext("Message"), "</h2>\n";
 822  echo "                          ", form_textarea("content", htmlentities_array(emoticons_apply($content)), 22, 100, 'tabindex="1"', 'post_content editor focus'), "\n";
 823  echo "                        </td>\n";
 824  echo "                      </tr>\n";
 825  echo "                      <tr>\n";
 826  echo "                        <td align=\"left\">\n";
 827  
 828  echo form_submit("post", gettext("Post"), "tabindex=\"2\""), "\n";
 829  
 830  echo form_submit("preview", gettext("Preview"), "tabindex=\"3\""), "\n";
 831  
 832  if (isset($return_msg)) {
 833      echo "<a href=\"discussion.php?webtag=$webtag&amp;msg=$return_msg\" class=\"button\" target=\"_self\"><span>", gettext("Cancel"), "</span></a>\n";
 834  } else if (isset($tid) && is_numeric($tid) && isset($reply_to_pid) && is_numeric($reply_to_pid)) {
 835      echo "<a href=\"discussion.php?webtag=$webtag&amp;msg=$tid.$reply_to_pid\" class=\"button\" target=\"_self\"><span>", gettext("Cancel"), "</span></a>\n";
 836  } else {
 837      echo "<a href=\"discussion.php?webtag=$webtag\" class=\"button\" target=\"_self\"><span>", gettext("Cancel"), "</span></a>\n";
 838  }
 839  
 840  if (attachments_check_dir() && (session::check_perm(USER_PERM_POST_ATTACHMENTS | USER_PERM_POST_READ, $fid) || $new_thread)) {
 841  
 842      echo "                        </td>\n";
 843      echo "                      </tr>\n";
 844      echo "                      <tr>\n";
 845      echo "                        <td align=\"left\">&nbsp;</td>\n";
 846      echo "                      </tr>\n";
 847      echo "                      <tr>\n";
 848      echo "                        <td align=\"left\">\n";
 849      echo "                          <table class=\"messagefoot\" width=\"722\" cellspacing=\"0\">\n";
 850      echo "                            <tr>\n";
 851      echo "                              <td align=\"left\" class=\"subhead\">", gettext("Attachments"), "</td>\n";
 852  
 853      if (($page_prefs & POST_ATTACHMENT_DISPLAY) > 0) {
 854          echo "                              <td class=\"subhead\" align=\"right\">", form_submit_image('hide.png', 'attachment_toggle', 'hide', null, 'button_image toggle_button'), "&nbsp;</td>\n";
 855      } else {
 856          echo "                              <td class=\"subhead\" align=\"right\">", form_submit_image('show.png', 'attachment_toggle', 'show', null, 'button_image toggle_button'), "&nbsp;</td>\n";
 857      }
 858  
 859      echo "                            </tr>\n";
 860      echo "                            <tr>\n";
 861      echo "                              <td align=\"left\" colspan=\"2\">\n";
 862      echo "                                <div class=\"attachments attachment_toggle\" style=\"display: ", (($page_prefs & POST_ATTACHMENT_DISPLAY) > 0) ? "block" : "none", "\">\n";
 863      echo "                                  ", attachments_form($_SESSION['UID'], $attachments), "\n";
 864      echo "                                </div>\n";
 865      echo "                              </td>\n";
 866      echo "                            </tr>\n";
 867      echo "                          </table>\n";
 868  }
 869  
 870  if ($allow_sig == true) {
 871  
 872      echo "                        </td>\n";
 873      echo "                      </tr>\n";
 874      echo "                      <tr>\n";
 875      echo "                        <td align=\"left\">&nbsp;</td>\n";
 876      echo "                      </tr>\n";
 877      echo "                      <tr>\n";
 878      echo "                        <td align=\"left\">\n";
 879      echo "                          <table class=\"messagefoot\" width=\"722\" cellspacing=\"0\">\n";
 880      echo "                            <tr>\n";
 881      echo "                              <td align=\"left\" class=\"subhead\">", gettext("Signature"), "</td>\n";
 882  
 883      if (($page_prefs & POST_SIGNATURE_DISPLAY) > 0) {
 884          echo "                              <td class=\"subhead\" align=\"right\">", form_submit_image('hide.png', 'sig_toggle', 'hide', null, 'button_image toggle_button'), "&nbsp;</td>\n";
 885      } else {
 886          echo "                              <td class=\"subhead\" align=\"right\">", form_submit_image('show.png', 'sig_toggle', 'show', null, 'button_image toggle_button'), "&nbsp;</td>\n";
 887      }
 888  
 889      echo "                            </tr>\n";
 890      echo "                            <tr>\n";
 891      echo "                              <td align=\"left\" colspan=\"2\">\n";
 892      echo "                                <div class=\"sig_toggle\" style=\"display: ", (($page_prefs & POST_SIGNATURE_DISPLAY) > 0) ? "block" : "none", "\">\n";
 893      echo "                                  ", form_textarea("sig", htmlentities_array(emoticons_apply($sig)), 7, 100, 'tabindex="7"', 'signature_content editor');
 894      echo "                                </div>\n";
 895      echo "                              </td>\n";
 896      echo "                            </tr>\n";
 897      echo "                          </table>\n";
 898  }
 899  
 900  echo "                        </td>\n";
 901  echo "                      </tr>\n";
 902  echo "                    </table>\n";
 903  echo "                  </td>\n";
 904  echo "                </tr>\n";
 905  echo "                <tr>\n";
 906  echo "                  <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
 907  echo "                </tr>\n";
 908  echo "              </table>\n";
 909  
 910  if (!$new_thread && $reply_to_pid > 0) {
 911  
 912      echo "              <table class=\"posthead\" width=\"100%\">\n";
 913      echo "                <tr>\n";
 914      echo "                  <td align=\"left\" class=\"subhead\">", gettext("In reply to"), "</td>\n";
 915      echo "                </tr>\n";
 916  
 917      if (($thread_data['POLL_FLAG'] == 'Y') && ($reply_message['PID'] == 1)) {
 918  
 919          echo "                <tr>\n";
 920          echo "                  <td align=\"left\"><br />";
 921  
 922          poll_display($tid, $thread_data['LENGTH'], $reply_to_pid, $thread_data['FID'], false, false, $show_sigs, true);
 923  
 924          echo "                  </td>\n";
 925          echo "                </tr>\n";
 926  
 927      } else {
 928  
 929          echo "                <tr>\n";
 930          echo "                  <td align=\"left\"><br />";
 931  
 932          message_display($tid, $reply_message, $thread_data['LENGTH'], $reply_to_pid, $thread_data['FID'], false, false, false, $show_sigs, true);
 933  
 934          echo "                  </td>\n";
 935          echo "                </tr>\n";
 936      }
 937  
 938      echo "                <tr>\n";
 939      echo "                  <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
 940      echo "                </tr>\n";
 941      echo "              </table>\n";
 942  }
 943  
 944  echo "            </td>\n";
 945  echo "          </tr>\n";
 946  echo "        </table>\n";
 947  echo "      </td>\n";
 948  echo "    </tr>\n";
 949  echo "  </table>\n";
 950  
 951  if (!$new_thread) {
 952  
 953      echo "  <br />\n";
 954      echo "  <table  width=\"960\">\n";
 955      echo "    <tr>\n";
 956      echo "      <td align=\"center\"><img src=\"", html_style_image('current_thread.png'), "\" border=\"0\" alt=\"\" />&nbsp;<a href=\"index.php?webtag=$webtag&amp;msg={$thread_data['TID']}.1\" target=\"_blank\" title=\"", gettext("Review entire thread in new window"), "\">", gettext("Review Thread"), "</a></td>\n";
 957      echo "    </tr>\n";
 958      echo "  </table>\n";
 959  }
 960  
 961  echo "</form>\n";
 962  
 963  html_draw_bottom();

title

Description

title

Description

title

Description

title

title

Body