if (!defined("IN_FUSION")) { die("Access Denied"); } if (isset($_POST['previewreply'])) { $message = trim(stripinput(censorwords($_POST['message']))); $sig_checked = isset($_POST['show_sig']) ? " checked='checked'" : ""; $disable_smileys_check = isset($_POST['disable_smileys']) || preg_match("#\[code\](.*?)\[/code\]#si", $message) ? " checked='checked'" : ""; if ($settings['thread_notify']) $notify_checked = isset($_POST['notify_me']) ? " checked='checked'" : ""; if ($message == "") { $previewmessage = $locale['421']; } else { $previewmessage = $message; if ($sig_checked) { $previewmessage = $previewmessage."\n\n".$userdata['user_sig']; } if (!$disable_smileys_check) { $previewmessage = parsesmileys($previewmessage); } $previewmessage = parseubb($previewmessage); $previewmessage = nl2br($previewmessage); } $is_mod = iMOD && iUSER < "102" ? true : false; opentable($locale['402']); echo "

".$settings['sitename']." :: ".$caption."

\n"; echo "\n\n"; echo "\n\n"; echo "\n\n"; echo "\n"; echo "\n\n\n\n"; echo "\n

".$tdata['thread_subject']."
".$userdata['user_name']."	".$locale['426'].showdate("forumdate", time())."
\n"; if ($userdata['user_avatar'] && file_exists(IMAGES."avatars/".$userdata['user_avatar'])) { echo " \n"; } echo "".getuserlevel($userdata['user_level'])." \n"; echo "".$locale['423']." ".$userdata['user_posts']." \n"; echo "".$locale['425']." ".showdate("%d.%m.%y", $userdata['user_joined'])." \n"; echo "	".$previewmessage."

\n"; closetable(); } if (isset($_POST['postreply'])) { $message = trim(stripinput(censorwords($_POST['message']))); $flood = false; $error = 0; $sig = isset($_POST['show_sig']) ? "1" : "0"; $smileys = isset($_POST['disable_smileys']) || preg_match("#\[code\](.*?)\[/code\]#si", $message) ? "0" : "1"; if (iMEMBER) { if ($message != "") { require_once INCLUDES."flood_include.php"; if (!flood_control("post_datestamp", DB_POSTS, "post_author='".$userdata['user_id']."'")) { if (!iADMIN) { $result = dbquery("SELECT * FROM ".DB_POSTS." WHERE forum_id='".$_GET['forum_id']."' AND thread_id='".$_GET['thread_id']."' ORDER BY post_datestamp DESC LIMIT 1"); $rows = dbrows($result); if ($rows) { $data = dbarray($result); $same_message = $data['post_message'].'\n\n[b]Wiadomość doklejona dnia '.showdate('forumdate', time()).'[/b]\n'.$message; if ($data['post_author']==$userdata['user_id']) { $same_user = true; } else { $same_user = false; } } else { $same_user = false; } } else { $same_user = false; } if ($same_user) { $result = dbquery("UPDATE ".DB_POSTS." SET post_message='$same_message', post_showsig='$sig', post_smileys='$smileys', post_edituser='".$userdata['user_id']."', post_edittime='".time()."' WHERE post_id='".$data['post_id']."'"); $newpost_id = $data['post_id']; $result = dbquery("SELECT post_id, post_author, post_datestamp FROM ".DB_POSTS." WHERE thread_id='".$_GET['thread_id']."' ORDER BY post_datestamp DESC LIMIT 0,1"); $data = dbarray($result); $result = dbquery("UPDATE ".DB_POSTS." SET post_datestamp='".time()."' WHERE post_id='".$data['post_id']."'"); $result = dbquery("UPDATE ".DB_THREADS." SET thread_lastpost='".time()."', thread_lastpostid='".$data['post_id']."' WHERE thread_id='".$_GET['thread_id']."'"); $result = dbquery("UPDATE ".DB_FORUMS." SET forum_lastpost='".time()."', forum_lastuser='".$data['post_author']." ' WHERE forum_id='".$_GET['forum_id']."'"); } else { $result = dbquery("INSERT INTO ".DB_POSTS." (forum_id, thread_id, post_message, post_showsig, post_smileys, post_author, post_datestamp, post_ip, post_edituser, post_edittime) VALUES ('".$_GET['forum_id']."', '".$_GET['thread_id']."', '$message', '$sig', '$smileys', '".$userdata['user_id']."', '".time()."', '".USER_IP."', '0', '0')"); $newpost_id = mysql_insert_id(); $result = dbquery("UPDATE ".DB_FORUMS." SET forum_lastpost='".time()."', forum_postcount=forum_postcount+1, forum_lastuser='".$userdata['user_id']."' WHERE forum_id='".$_GET['forum_id']."'"); $result = dbquery("UPDATE ".DB_THREADS." SET thread_lastpost='".time()."', thread_lastpostid='$newpost_id', thread_postcount=thread_postcount+1, thread_lastuser='".$userdata['user_id']."' WHERE thread_id='".$_GET['thread_id']."'"); $result = dbquery("UPDATE ".DB_USERS." SET user_posts=user_posts+1 WHERE user_id='".$userdata['user_id']."'"); if ($settings['thread_notify'] && isset($_POST['notify_me'])) { if (!dbcount("(thread_id)", DB_THREAD_NOTIFY, "thread_id='".$_GET['thread_id']."' AND notify_user='".$userdata['user_id']."'")) { $result = dbquery("INSERT INTO ".DB_THREAD_NOTIFY." (thread_id, notify_datestamp, notify_user, notify_status) VALUES('".$_GET['thread_id']."', '".time()."', '".$userdata['user_id']."', '1')"); } } } if ($fdata['forum_attach'] && checkgroup($fdata['forum_attach'])) { $attach = $_FILES['attach']; if ($attach['name'] != "" && !empty($attach['name']) && is_uploaded_file($attach['tmp_name'])) { $attachname = substr($attach['name'], 0, strrpos($attach['name'], ".")); $attachext = strtolower(strrchr($attach['name'],".")); if (preg_match("/^[-0-9A-Z_\[\]]+$/i", $attachname) && $attach['size'] <= $settings['attachmax']) { $attachtypes = explode(",", $settings['attachtypes']); if (in_array($attachext, $attachtypes)) { $attachname = attach_exists(strtolower($attach['name'])); move_uploaded_file($attach['tmp_name'], FORUM."attachments/".$attachname); chmod(FORUM."attachments/".$attachname,0644); if (in_array($attachext, $imagetypes) && (!@getimagesize(FORUM."attachments/".$attachname) || !@verify_image(FORUM."attachments/".$attachname))) { unlink(FORUM."attachments/".$attachname); $error = 1; } if (!$error) $result = dbquery("INSERT INTO ".DB_FORUM_ATTACHMENTS." (thread_id, post_id, attach_name, attach_ext, attach_size) VALUES ('".$_GET['thread_id']."', '".$newpost_id."', '$attachname', '$attachext', '".$attach['size']."')"); } else { @unlink($attach['tmp_name']); $error = 1; } } else { @unlink($attach['tmp_name']); $error = 2; } } } } else { redirect("viewforum.php?forum_id=".$_GET['forum_id']); } } else { $error = 3; } } else { $error = 4; } if ($error > 2) { redirect("postify.php?post=reply&error=$error&forum_id=".$_GET['forum_id']."&thread_id=".$_GET['thread_id']); } else { redirect("postify.php?post=reply&error=$error&forum_id=".$_GET['forum_id']."&thread_id=".$_GET['thread_id']."&post_id=$newpost_id"); } } else { if (!isset($_POST['previewreply'])) { $message = ""; $disable_smileys_check = ""; $sig_checked = " checked='checked'"; if ($settings['thread_notify']) { if (dbcount("(thread_id)", DB_THREAD_NOTIFY, "thread_id='".$_GET['thread_id']."' AND notify_user='".$userdata['user_id']."'")) { $notify_checked = " checked='checked'"; } else { $notify_checked = ""; } } } if (isset($_GET['quote']) && isnum($_GET['quote'])) { $result = dbquery( "SELECT * FROM ".DB_POSTS." INNER JOIN ".DB_USERS." ON ".DB_POSTS.".post_author=".DB_USERS.".user_id WHERE thread_id='".$_GET['thread_id']."' and post_id='".$_GET['quote']."'" ); if (dbrows($result)) { $data = dbarray($result); $message = "[quote][b]".$data['user_name'].$locale['429']."[/b]\n".strip_bbcodes($data['post_message'])."[/quote]"; } } add_to_title($locale['global_201'].$locale['403']); echo ""; opentable($locale['403']); if (!isset($_POST['previewreply'])) echo "

".$settings['sitename']." :: ".$caption."

\n"; echo "\n"; closetable(); echo ""; }

".$locale['461']."	$message
	".display_bbcodes("99%", "message")."
".$locale['463']."	\n"; echo " ".$locale['482'].""; if (array_key_exists("user_sig", $userdata) && $userdata['user_sig']) { echo " \n ".$locale['483'].""; } if ($settings['thread_notify']) { echo " \n ".$locale['486'].""; } echo "
".$locale['464']."	\n"; echo "".sprintf($locale['466'], parsebytesize($settings['attachmax']), str_replace(',', ' ', $settings['attachtypes']))."
\n"; echo "\n"; echo "\n"; echo "