punbb/post.php
changeset 7 98bbc533541c
equal deleted inserted replaced
6:5e1f1e916419 7:98bbc533541c
       
     1 <?php
       
     2 /***********************************************************************
       
     3 
       
     4   Copyright (C) 2002-2008  PunBB.org
       
     5 
       
     6   This file is part of PunBB.
       
     7 
       
     8   PunBB is free software; you can redistribute it and/or modify it
       
     9   under the terms of the GNU General Public License as published
       
    10   by the Free Software Foundation; either version 2 of the License,
       
    11   or (at your option) any later version.
       
    12 
       
    13   PunBB is distributed in the hope that it will be useful, but
       
    14   WITHOUT ANY WARRANTY; without even the implied warranty of
       
    15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
       
    16   GNU General Public License for more details.
       
    17 
       
    18   You should have received a copy of the GNU General Public License
       
    19   along with this program; if not, write to the Free Software
       
    20   Foundation, Inc., 59 Temple Place, Suite 330, Boston,
       
    21   MA  02111-1307  USA
       
    22 
       
    23 ************************************************************************/
       
    24 
       
    25 
       
    26 // if (!defined('PUN_ROOT'))
       
    27 // 	define('PUN_ROOT', './');
       
    28 // require PUN_ROOT.'include/common.php';
       
    29 
       
    30 // import globals (I really hope this isn't dangerous)
       
    31 foreach ( $GLOBALS as $key => $_ )
       
    32 {
       
    33   $$key =& $GLOBALS[$key];
       
    34 }
       
    35 
       
    36 ($hook = get_hook('po_start')) ? eval($hook) : null;
       
    37 
       
    38 if ($pun_user['g_read_board'] == '0')
       
    39 	message($lang_common['No view']);
       
    40 
       
    41 // Load the post.php language file
       
    42 require PUN_ROOT.'lang/'.$pun_user['language'].'/post.php';
       
    43 
       
    44 
       
    45 $tid = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
       
    46 $fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
       
    47 if ($tid < 1 && $fid < 1 || $tid > 0 && $fid > 0)
       
    48 	message($lang_common['Bad request']);
       
    49 
       
    50 
       
    51 // Fetch some info about the topic and/or the forum
       
    52 if ($tid)
       
    53 {
       
    54 	$query = array(
       
    55 		'SELECT'	=> 'f.id, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, t.subject, t.closed, s.user_id AS is_subscribed',
       
    56 		'FROM'		=> 'topics AS t',
       
    57 		'JOINS'		=> array(
       
    58 			array(
       
    59 				'INNER JOIN'	=> 'forums AS f',
       
    60 				'ON'			=> 'f.id=t.forum_id'
       
    61 			),
       
    62 			array(
       
    63 				'LEFT JOIN'		=> 'forum_perms AS fp',
       
    64 				'ON'			=> '(fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].')'
       
    65 			),
       
    66 			array(
       
    67 				'LEFT JOIN'		=> 'subscriptions AS s',
       
    68 				'ON'			=> '(t.id=s.topic_id AND s.user_id='.$pun_user['id'].')'
       
    69 			)
       
    70 		),
       
    71 		'WHERE'		=> '(fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$tid
       
    72 	);
       
    73 }
       
    74 else
       
    75 {
       
    76 	$query = array(
       
    77 		'SELECT'	=> 'f.id, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics',
       
    78 		'FROM'		=> 'forums AS f',
       
    79 		'JOINS'		=> array(
       
    80 			array(
       
    81 				'LEFT JOIN'		=> 'forum_perms AS fp',
       
    82 				'ON'			=> '(fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].')'
       
    83 			)
       
    84 		),
       
    85 		'WHERE'		=> '(fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$fid
       
    86 	);
       
    87 }
       
    88 
       
    89 ($hook = get_hook('po_qr_get_forum_info')) ? eval($hook) : null;
       
    90 $result = $pun_db->query_build($query) or error(__FILE__, __LINE__);
       
    91 
       
    92 if (!$pun_db->num_rows($result))
       
    93 	message($lang_common['Bad request']);
       
    94 
       
    95 $cur_posting = $pun_db->fetch_assoc($result);
       
    96 $is_subscribed = $tid && $cur_posting['is_subscribed'];
       
    97 
       
    98 
       
    99 // Is someone trying to post into a redirect forum?
       
   100 if ($cur_posting['redirect_url'] != '')
       
   101 	message($lang_common['Bad request']);
       
   102 
       
   103 // Sort out who the moderators are and if we are currently a moderator (or an admin)
       
   104 $mods_array = ($cur_posting['moderators'] != '') ? unserialize($cur_posting['moderators']) : array();
       
   105 // $pun_user['is_admmod'] = ($session->user_level >= USER_LEVEL_ADMIN || ($pun_user['g_moderator'] == '1' && array_key_exists($pun_user['username'], $mods_array))) ? true : false;
       
   106 $pun_user['is_admmod'] = $session->user_level >= USER_LEVEL_MOD || ($pun_user['g_moderator'] == '1' && array_key_exists($pun_user['username'], $mods_array));
       
   107 
       
   108 // Do we have permission to post?
       
   109 if ((($tid && (($cur_posting['post_replies'] == '' && $pun_user['g_post_replies'] == '0') || $cur_posting['post_replies'] == '0')) ||
       
   110 	($fid && (($cur_posting['post_topics'] == '' && $pun_user['g_post_topics'] == '0') || $cur_posting['post_topics'] == '0')) ||
       
   111 	(isset($cur_posting['closed']) && $cur_posting['closed'] == '1')) &&
       
   112 	!$pun_user['is_admmod'])
       
   113 	message($lang_common['No permission']);
       
   114 
       
   115 
       
   116 // Start with a clean slate
       
   117 $errors = array();
       
   118 
       
   119 // Did someone just hit "Submit" or "Preview"?
       
   120 if (isset($_POST['form_sent']))
       
   121 {
       
   122 	($hook = get_hook('po_form_submitted')) ? eval($hook) : null;
       
   123 
       
   124 	// Make sure form_user is correct
       
   125 	if (($pun_user['is_guest'] && $_POST['form_user'] != 'Guest') || (!$pun_user['is_guest'] && $_POST['form_user'] != $pun_user['username']))
       
   126 		message($lang_common['Bad request']);
       
   127 
       
   128 	// Flood protection
       
   129 	if (!$pun_user['is_guest'] && !isset($_POST['preview']) && $pun_user['last_post'] != '' && (time() - $pun_user['last_post']) < $pun_user['g_post_flood'] && (time() - $pun_user['last_post']) >= 0)
       
   130 		$errors[] = sprintf($lang_post['Flood'], $pun_user['g_post_flood']);
       
   131 
       
   132 	// If it's a new topic
       
   133 	if ($fid)
       
   134 	{
       
   135 		$subject = trim($_POST['req_subject']);
       
   136 
       
   137 		if ($subject == '')
       
   138 			$errors[] = $lang_post['No subject'];
       
   139 		else if (pun_strlen($subject) > 70)
       
   140 			$errors[] = $lang_post['Too long subject'];
       
   141 		else if ($pun_config['p_subject_all_caps'] == '0' && strtoupper($subject) == $subject && !$pun_user['is_admmod'])
       
   142 			$subject = ucwords(strtolower($subject));
       
   143 	}
       
   144 
       
   145 	// If the user is logged in we get the username and e-mail from $pun_user
       
   146 	if (!$pun_user['is_guest'])
       
   147 	{
       
   148 		$username = $pun_user['username'];
       
   149 		$email = $pun_user['email'];
       
   150 	}
       
   151 	// Otherwise it should be in $_POST
       
   152 	else
       
   153 	{
       
   154 		$username = trim($_POST['req_username']);
       
   155 		$email = strtolower(trim(($pun_config['p_force_guest_email'] == '1') ? $_POST['req_email'] : $_POST['email']));
       
   156 
       
   157 		// Load the profile.php language file
       
   158 		require PUN_ROOT.'lang/'.$pun_user['language'].'/profile.php';
       
   159 
       
   160 		// It's a guest, so we have to validate the username
       
   161 		$errors = array_merge($errors, validate_username($username));
       
   162 
       
   163 		if ($pun_config['p_force_guest_email'] == '1' || $email != '')
       
   164 		{
       
   165 			require PUN_ROOT.'include/email.php';
       
   166 			if (!is_valid_email($email))
       
   167 				$errors[] = $lang_common['Invalid e-mail'];
       
   168 		}
       
   169 	}
       
   170 
       
   171 	// If we're an administrator or moderator, make sure the CSRF token in $_POST is valid
       
   172 	if (($session->user_level >= USER_LEVEL_ADMIN || $pun_user['g_moderator'] == '1') && $_POST['csrf_token'] !== generate_form_token(get_current_url()))
       
   173 		$errors[] = $lang_post['CSRF token mismatch'];
       
   174 
       
   175 	// Clean up message from POST
       
   176 	$message = pun_linebreaks(trim($_POST['req_message']));
       
   177 
       
   178 	if ($message == '')
       
   179 		$errors[] = $lang_post['No message'];
       
   180 	else if (strlen($message) > 65535)
       
   181 		$errors[] = $lang_post['Too long message'];
       
   182 	else if ($pun_config['p_message_all_caps'] == '0' && strtoupper($message) == $message && !$pun_user['is_admmod'])
       
   183 		$message = ucwords(strtolower($message));
       
   184 
       
   185 	// Validate BBCode syntax
       
   186 	if ($pun_config['p_message_bbcode'] == '1' && strpos($message, '[') !== false && strpos($message, ']') !== false)
       
   187 	{
       
   188 		require PUN_ROOT.'include/parser.php';
       
   189 		$message = preparse_bbcode($message, $errors);
       
   190 	}
       
   191 
       
   192 	$hide_smilies = isset($_POST['hide_smilies']) ? 1 : 0;
       
   193 	$subscribe = isset($_POST['subscribe']) ? 1 : 0;
       
   194 
       
   195 	$now = time();
       
   196 
       
   197 	// Did everything go according to plan?
       
   198 	if (empty($errors) && !isset($_POST['preview']))
       
   199 	{
       
   200 		($hook = get_hook('po_pre_post_added')) ? eval($hook) : null;
       
   201 
       
   202 		// If it's a reply
       
   203 		if ($tid)
       
   204 		{
       
   205 			add_post(array(
       
   206 					'is_guest'		=>	$pun_user['is_guest'],
       
   207 					'poster'		=>	$username,
       
   208 					'poster_id'		=>	$pun_user['id'],	// Always 1 for guest posts
       
   209 					'poster_email'	=>	($pun_user['is_guest'] && $email != '') ? $email : null,	// Always null for non-guest posts
       
   210 					'subject'		=>	$cur_posting['subject'],
       
   211 					'message'		=>	$message,
       
   212 					'hide_smilies'	=>	$hide_smilies,
       
   213 					'posted'		=>	$now,
       
   214 					'subscr_action'	=>	($pun_config['o_subscriptions'] == '1' && $subscribe && !$is_subscribed) ? 1 : (($pun_config['o_subscriptions'] == '1' && !$subscribe && $is_subscribed) ? 2 : 0),
       
   215 					'topic_id'		=>	$tid,
       
   216 					'forum_id'		=>	$cur_posting['id']
       
   217 				),
       
   218 				$new_pid	// By ref
       
   219 			);
       
   220 		}
       
   221 		// If it's a new topic
       
   222 		else if ($fid)
       
   223 		{
       
   224 			add_topic(array(
       
   225 				'is_guest'		=>	$pun_user['is_guest'],
       
   226 				'poster'		=>	$username,
       
   227 				'poster_id'		=>	$pun_user['id'],	// Always 1 for guest posts
       
   228 				'poster_email'	=>	($pun_user['is_guest'] && $email != '') ? $email : null,	// Always null for non-guest posts
       
   229 				'subject'		=>	$subject,
       
   230 				'message'		=>	$message,
       
   231 				'hide_smilies'	=>	$hide_smilies,
       
   232 				'posted'		=>	$now,
       
   233 				'subscribe'		=>	($pun_config['o_subscriptions'] == '1' && (isset($_POST['subscribe']) && $_POST['subscribe'] == '1')),
       
   234 				'forum_id'		=>	$fid
       
   235 				),
       
   236 				$new_tid,	// By ref
       
   237 				$new_pid	// By ref
       
   238 			);
       
   239 		}
       
   240 
       
   241 		if (!$pun_user['is_guest'])
       
   242 		{
       
   243 			// If the posting user is logged in, increment his/her post count
       
   244 			$query = array(
       
   245 				'UPDATE'	=> 'users',
       
   246 				'SET'		=> 'num_posts=num_posts+1, last_post='.$now,
       
   247 				'WHERE'		=> 'id='.$pun_user['id'],
       
   248 				'PARAMS'	=> array(
       
   249 					'LOW_PRIORITY'	=> 1	// MySQL only
       
   250 				)
       
   251 			);
       
   252 
       
   253 			($hook = get_hook('po_qr_increment_num_posts')) ? eval($hook) : null;
       
   254 			$pun_db->query_build($query) or error(__FILE__, __LINE__);
       
   255 
       
   256 			// Add/update the topic in our list of tracked topics
       
   257 			$tracked_topics = get_tracked_topics();
       
   258 			$tracked_topics['topics'][$tid ? $tid : $new_tid] = time();
       
   259 			set_tracked_topics($tracked_topics);
       
   260 		}
       
   261 
       
   262 		pun_redirect(pun_link($pun_url['post'], $new_pid), $lang_post['Post redirect']);
       
   263 	}
       
   264 }
       
   265 
       
   266 
       
   267 // Are we quoting someone?
       
   268 if ($tid && isset($_GET['qid']))
       
   269 {
       
   270 	$qid = intval($_GET['qid']);
       
   271 	if ($qid < 1)
       
   272 		message($lang_common['Bad request']);
       
   273 
       
   274 	// Get the quote and quote poster
       
   275 	$query = array(
       
   276 		'SELECT'	=> 'p.poster, p.message',
       
   277 		'FROM'		=> 'posts AS p',
       
   278 		'WHERE'		=> 'id='.$qid.' AND topic_id='.$tid
       
   279 	);
       
   280 
       
   281 	($hook = get_hook('po_qr_get_quote')) ? eval($hook) : null;
       
   282 	$result = $pun_db->query_build($query) or error(__FILE__, __LINE__);
       
   283 	if (!$pun_db->num_rows($result))
       
   284 		message($lang_common['Bad request']);
       
   285 
       
   286 	list($q_poster, $q_message) = $pun_db->fetch_row($result);
       
   287 
       
   288 	$q_message = str_replace('[img]', '[url]', $q_message);
       
   289 	$q_message = str_replace('[/img]', '[/url]', $q_message);
       
   290 	$q_message = htmlspecialchars($q_message);
       
   291 
       
   292 	if ($pun_config['p_message_bbcode'] == '1')
       
   293 	{
       
   294 		// If username contains a square bracket, we add "" or '' around it (so we know when it starts and ends)
       
   295 		if (strpos($q_poster, '[') !== false || strpos($q_poster, ']') !== false)
       
   296 		{
       
   297 			if (strpos($q_poster, '\'') !== false)
       
   298 				$q_poster = '"'.$q_poster.'"';
       
   299 			else
       
   300 				$q_poster = '\''.$q_poster.'\'';
       
   301 		}
       
   302 		else
       
   303 		{
       
   304 			// Get the characters at the start and end of $q_poster
       
   305 			$ends = substr($q_poster, 0, 1).substr($q_poster, -1, 1);
       
   306 
       
   307 			// Deal with quoting "Username" or 'Username' (becomes '"Username"' or "'Username'")
       
   308 			if ($ends == '\'\'')
       
   309 				$q_poster = '"'.$q_poster.'"';
       
   310 			else if ($ends == '""')
       
   311 				$q_poster = '\''.$q_poster.'\'';
       
   312 		}
       
   313 
       
   314 		$pun_page['quote'] = '[quote='.$q_poster.']'.$q_message.'[/quote]'."\n";
       
   315 	}
       
   316 	else
       
   317 		$pun_page['quote'] = '> '.sprintf($lang_common['User wrote'], $q_poster).':'."\n\n".'> '.$q_message."\n";
       
   318 }
       
   319 
       
   320 // Setup error messages
       
   321 if (!empty($errors))
       
   322 {
       
   323 	$pun_page['errors'] = array();
       
   324 
       
   325 	while (list(, $cur_error) = each($errors))
       
   326 		$pun_page['errors'][] = '<li class="warn"><span>'.$cur_error.'</span></li>';
       
   327 }
       
   328 
       
   329 // Setup form
       
   330 $pun_page['set_count'] = $pun_page['fld_count'] = 0;
       
   331 $pun_page['form_action'] = ($tid ? pun_link($pun_url['new_reply'], $tid) : pun_link($pun_url['new_topic'], $fid));
       
   332 
       
   333 $pun_page['hidden_fields'] = array(
       
   334 	'<input type="hidden" name="form_sent" value="1" />',
       
   335 	'<input type="hidden" name="form_user" value="'.((!$pun_user['is_guest']) ? htmlspecialchars($pun_user['username']) : 'Guest').'" />'
       
   336 );
       
   337 if ($pun_user['is_admmod'])
       
   338 {
       
   339 	$pun_page['hidden_fields'][] = '<input type="hidden" name="csrf_token" value="'.generate_form_token(get_current_url()).'" />';
       
   340 }
       
   341 
       
   342 // Setup help
       
   343 $pun_page['main_head_options'] = array();
       
   344 if ($pun_config['p_message_bbcode'] == '1')
       
   345 	$pun_page['main_head_options'][] = '<a class="exthelp" href="'.pun_link($pun_url['help'], 'bbcode').'" title="'.sprintf($lang_common['Help page'], $lang_common['BBCode']).'"><span>'.$lang_common['BBCode'].'</span></a>';
       
   346 if ($pun_config['p_message_img_tag'] == '1')
       
   347 	$pun_page['main_head_options'][] = '<a class="exthelp" href="'.pun_link($pun_url['help'], 'img').'" title="'.sprintf($lang_common['Help page'], $lang_common['Images']).'"><span>'.$lang_common['Images'].'</span></a>';
       
   348 if ($pun_config['o_smilies'] == '1')
       
   349 	$pun_page['main_head_options'][] = '<a class="exthelp" href="'.pun_link($pun_url['help'], 'smilies').'" title="'.sprintf($lang_common['Help page'], $lang_common['Smilies']).'"><span>'.$lang_common['Smilies'].'</span></a>';
       
   350 
       
   351 // Setup breadcrumbs
       
   352 $pun_page['crumbs'][] = array($pun_config['o_board_title'], pun_link($pun_url['index']));
       
   353 $pun_page['crumbs'][] = array($cur_posting['forum_name'], pun_link($pun_url['forum'], $cur_posting['id']));
       
   354 if ($tid) $pun_page['crumbs'][] = array($cur_posting['subject'], pun_link($pun_url['topic'], $tid));
       
   355 $pun_page['crumbs'][] = $tid ? $lang_post['Post reply'] : $lang_post['Post new topic'];
       
   356 
       
   357 ($hook = get_hook('po_pre_header_load')) ? eval($hook) : null;
       
   358 
       
   359 define('PUN_PAGE', 'post');
       
   360 require PUN_ROOT.'header.php';
       
   361 
       
   362 ?>
       
   363 <div id="pun-main" class="main">
       
   364 
       
   365 	<h1><span><?php echo end($pun_page['crumbs']) ?></span></h1>
       
   366 <?php
       
   367 
       
   368 // If preview selected and there are no errors
       
   369 if (isset($_POST['preview']) && empty($pun_page['errors']))
       
   370 {
       
   371 	require_once PUN_ROOT.'include/parser.php';
       
   372 	$pun_page['preview_message'] = parse_message(trim($_POST['req_message']), $hide_smilies);
       
   373 
       
   374 ?>
       
   375 	<div class="main-head">
       
   376 		<h2><span><?php echo $tid ? $lang_post['Preview reply'] : $lang_post['Preview new topic']; ?></span></h2>
       
   377 	</div>
       
   378 
       
   379 	<div id="post-preview" class="main-content topic">
       
   380 		<div class="post firstpost">
       
   381 			<div class="postmain">
       
   382 				<div class="posthead">
       
   383 					<h3><?php echo $lang_post['Preview info'] ?></h3>
       
   384 				</div>
       
   385 				<div class="postbody">
       
   386 					<div class="user">
       
   387 						<h4 class="user-ident"><strong class="username"><?php echo $pun_user['username'] ?></strong></h4>
       
   388 					</div>
       
   389 					<div class="post-entry">
       
   390 						<div class="entry-content">
       
   391 						<?php echo $pun_page['preview_message']."\n" ?>
       
   392 						</div>
       
   393 					</div>
       
   394 				</div>
       
   395 			</div>
       
   396 		</div>
       
   397 	</div>
       
   398 <?php
       
   399 
       
   400 }
       
   401 
       
   402 ?>
       
   403 	<div class="main-head">
       
   404 		<h2><span><?php echo $lang_post['Compose your'].' '.($tid ? $lang_post['New reply'] : $lang_post['New topic']) ?></span></h2>
       
   405 <?php if (!empty($pun_page['main_head_options'])): ?>		<p class="main-options"><?php printf($lang_common['You may use'], implode(' ', $pun_page['main_head_options'])) ?></p>
       
   406 <?php endif; ?>	</div>
       
   407 
       
   408 	<div class="main-content frm">
       
   409 <?php
       
   410 
       
   411 // If there were any errors, show them
       
   412 if (isset($pun_page['errors']))
       
   413 {
       
   414 
       
   415 ?>
       
   416 		<div class="frm-error">
       
   417 			<h3 class="warn"><?php echo $lang_post['Post errors'] ?></h3>
       
   418 			<ul>
       
   419 				<?php echo implode("\n\t\t\t\t\t", $pun_page['errors'])."\n" ?>
       
   420 			</ul>
       
   421 		</div>
       
   422 <?php
       
   423 
       
   424 }
       
   425 
       
   426 ?>
       
   427 		<div id="req-msg" class="frm-warn">
       
   428 			<p class="important"><?php printf($lang_common['Required warn'], '<em class="req-text">'.$lang_common['Required'].'</em>') ?></p>
       
   429 		</div>
       
   430 
       
   431 		<form id="afocus" class="frm-form" method="post" accept-charset="utf-8" action="<?php echo $pun_page['form_action'] ?>">
       
   432 			<div class="hidden">
       
   433 				<?php echo implode("\n\t\t\t\t", $pun_page['hidden_fields'])."\n" ?>
       
   434 			</div>
       
   435 <?php
       
   436 
       
   437 ($hook = get_hook('po_pre_guest_info_fieldset')) ? eval($hook) : null;
       
   438 
       
   439 if ($pun_user['is_guest'])
       
   440 {
       
   441 	$pun_page['email_form_name'] = ($pun_config['p_force_guest_email'] == '1') ? 'req_email' : 'email';
       
   442 
       
   443 ?>
       
   444 			<fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>">
       
   445 				<legend class="frm-legend"><strong><?php echo $lang_post['Guest post legend'] ?></strong></legend>
       
   446 <?php ($hook = get_hook('po_guest_info_start')) ? eval($hook) : null; ?>
       
   447 				<div class="frm-fld text required">
       
   448 					<label for="fld<?php echo ++$pun_page['fld_count'] ?>">
       
   449 						<span class="fld-label"><?php echo $lang_post['Guest name'] ?></span><br />
       
   450 						<span class="fld-input"><input type="text" id="fld<?php echo $pun_page['fld_count'] ?>" name="req_username" value="<?php if (isset($_POST['req_username'])) echo htmlspecialchars($username); ?>" size="35" maxlength="25" /></span>
       
   451 						<em class="req-text"><?php echo $lang_common['Required'] ?></em>
       
   452 					</label>
       
   453 				</div>
       
   454 <?php ($hook = get_hook('po_post_guest_name_div')) ? eval($hook) : null; ?>
       
   455 				<div class="frm-fld text<?php if ($pun_config['p_force_guest_email'] == '1') echo ' required' ?>">
       
   456 					<label for="fld<?php echo ++$pun_page['fld_count'] ?>">
       
   457 						<span class="fld-label"><?php echo $lang_post['Guest e-mail'] ?></span><br />
       
   458 						<span class="fld-input"><input type="text" id="fld<?php echo $pun_page['fld_count'] ?>" name="<?php echo $pun_page['email_form_name'] ?>" value="<?php if (isset($_POST[$pun_page['email_form_name']])) echo htmlspecialchars($email); ?>" size="35" maxlength="80" /></span>
       
   459 						<?php if ($pun_config['p_force_guest_email'] == '1') echo '<em class="req-text">'.$lang_common['Required'].'</em>' ?>
       
   460 					</label>
       
   461 				</div>
       
   462 <?php ($hook = get_hook('po_guest_info_end')) ? eval($hook) : null; ?>
       
   463 			</fieldset>
       
   464 <?php
       
   465 
       
   466 }
       
   467 
       
   468 ($hook = get_hook('po_pre_req_info_fieldset')) ? eval($hook) : null;
       
   469 
       
   470 ?>
       
   471 			<fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>">
       
   472 				<legend class="frm-legend"><strong><?php echo $lang_common['Required information'] ?></strong></legend>
       
   473 <?php
       
   474 
       
   475 ($hook = get_hook('po_req_info_fieldset_start')) ? eval($hook) : null;
       
   476 
       
   477 if ($fid)
       
   478 {
       
   479 
       
   480 ?>
       
   481 				<div class="frm-fld text required longtext">
       
   482 					<label for="fld<?php echo ++$pun_page['fld_count'] ?>">
       
   483 						<span class="fld-label"><?php echo $lang_post['Topic subject'] ?></span><br />
       
   484 						<span class="fld-input"><input id="fld<?php echo $pun_page['fld_count'] ?>" type="text" name="req_subject" value="<?php if (isset($_POST['req_subject'])) echo htmlspecialchars($subject); ?>" size="80" maxlength="70" /></span>
       
   485 						<em class="req-text"><?php echo $lang_common['Required'] ?></em>
       
   486 					</label>
       
   487 				</div>
       
   488 <?php
       
   489 
       
   490 }
       
   491 
       
   492 ($hook = get_hook('po_pre_post_contents')) ? eval($hook) : null;
       
   493 
       
   494 ?>
       
   495 				<div class="frm-fld text textarea required">
       
   496 					<label for="fld<?php echo ++$pun_page['fld_count'] ?>">
       
   497 						<span class="fld-label"><?php echo $lang_post['Write message'] ?></span><br />
       
   498 						<span class="fld-input"><textarea id="fld<?php echo $pun_page['fld_count'] ?>" name="req_message" rows="14" cols="95"><?php echo isset($_POST['req_message']) ? htmlspecialchars($message) : (isset($pun_page['quote']) ? $pun_page['quote'] : ''); ?></textarea></span><br />
       
   499 						<em class="req-text"><?php echo $lang_common['Required'] ?></em>
       
   500 					</label>
       
   501 				</div>
       
   502 			</fieldset>
       
   503 <?php
       
   504 
       
   505 $pun_page['checkboxes'] = array();
       
   506 if ($pun_config['o_smilies'] == '1')
       
   507 	$pun_page['checkboxes'][] = '<div class="radbox"><label for="fld'.(++$pun_page['fld_count']).'"><input type="checkbox" id="fld'.$pun_page['fld_count'].'" name="hide_smilies" value="1"'.(isset($_POST['hide_smilies']) ? ' checked="checked"' : '').' /> '.$lang_post['Hide smilies'].'</label></div>';
       
   508 
       
   509 // Check/uncheck the checkbox for subscriptions depending on scenario
       
   510 if (!$pun_user['is_guest'] && $pun_config['o_subscriptions'] == '1')
       
   511 {
       
   512 	$subscr_checked = false;
       
   513 
       
   514 	// If it's a preview
       
   515 	if (isset($_POST['preview']))
       
   516 		$subscr_checked = isset($_POST['subscribe']) ? true : false;
       
   517 	// If auto subscribed
       
   518 	else if ($pun_user['auto_notify'])
       
   519 		$subscr_checked = true;
       
   520 	// If already subscribed to the topic
       
   521 	else if ($is_subscribed)
       
   522 		$subscr_checked = true;
       
   523 
       
   524 	$pun_page['checkboxes'][] = '<div class="radbox"><label for="fld'.(++$pun_page['fld_count']).'"><input type="checkbox" id="fld'.$pun_page['fld_count'].'" name="subscribe" value="1"'.($subscr_checked ? ' checked="checked"' : '').' /> '.($is_subscribed ? $lang_post['Stay subscribed'] : $lang_post['Subscribe']).'</label></div>';
       
   525 }
       
   526 
       
   527 ($hook = get_hook('po_pre_optional_fieldset')) ? eval($hook) : null;
       
   528 
       
   529 if (!empty($pun_page['checkboxes']))
       
   530 {
       
   531 
       
   532 ?>
       
   533 			<fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>">
       
   534 				<legend class="frm-legend"><strong><?php echo $lang_post['Optional legend'] ?></strong></legend>
       
   535 				<fieldset class="frm-group">
       
   536 					<legend><span><?php echo $lang_post['Post settings'] ?></span></legend>
       
   537 					<?php echo implode("\n\t\t\t\t\t\t", $pun_page['checkboxes'])."\n"; ?>
       
   538 				</fieldset>
       
   539 			</fieldset>
       
   540 <?php
       
   541 
       
   542 }
       
   543 
       
   544 ($hook = get_hook('po_post_optional_fieldset')) ? eval($hook) : null;
       
   545 
       
   546 ?>
       
   547 			<div class="frm-buttons">
       
   548 				<span class="submit"><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" accesskey="s" title="<?php echo $lang_common['Submit title'] ?>" /></span>
       
   549 				<span class="submit"><input type="submit" name="preview" value="<?php echo $lang_common['Preview'] ?>" accesskey="p" title="<?php echo $lang_common['Preview title'] ?>" /></span>
       
   550 			</div>
       
   551 		</form>
       
   552 	</div>
       
   553 
       
   554 <?php
       
   555 
       
   556 
       
   557 // Check if the topic review is to be displayed
       
   558 if ($tid && $pun_config['o_topic_review'] != '0')
       
   559 {
       
   560 	require_once PUN_ROOT.'include/parser.php';
       
   561 
       
   562 	// Get posts to display in topic review
       
   563 	$query = array(
       
   564 		'SELECT'	=> 'p.id, p.poster, p.message, p.hide_smilies, p.posted',
       
   565 		'FROM'		=> 'posts AS p',
       
   566 		'WHERE'		=> 'topic_id='.$tid,
       
   567 		'ORDER BY'	=>	'id DESC',
       
   568 		'LIMIT'		=>	$pun_config['o_topic_review']
       
   569 	);
       
   570 
       
   571 	($hook = get_hook('po_qr_get_topic_review_posts')) ? eval($hook) : null;
       
   572 	$result = $pun_db->query_build($query) or error(__FILE__, __LINE__);
       
   573 
       
   574 ?>
       
   575 
       
   576 	<div class="main-head">
       
   577 		<h2><span><?php echo $lang_post['Topic review'] ?></span></h2>
       
   578 	</div>
       
   579 
       
   580 	<div class="main-content topic">
       
   581 <?php
       
   582 
       
   583 	$pun_page['item_count'] = 0;
       
   584 
       
   585 	while ($cur_post = $pun_db->fetch_assoc($result))
       
   586 	{
       
   587 		++$pun_page['item_count'];
       
   588 
       
   589 		$pun_page['item_head'] = array(
       
   590 			'<strong>'.$pun_page['item_count'].'</strong>',
       
   591 			'<cite class="author">'.$lang_common['Posted by'].' '.htmlspecialchars($cur_post['poster']).'</cite>',
       
   592 			'<a class="permalink" rel="bookmark" title="'.$lang_post['Permalink post'].'" href="'.pun_link($pun_url['post'], $cur_post['id']).'">'.format_time($cur_post['posted']).'</a>'
       
   593 		);
       
   594 
       
   595 		$pun_page['message'] = parse_message($cur_post['message'], $cur_post['hide_smilies']);
       
   596 
       
   597 		($hook = get_hook('po_topic_review_row_pre_display')) ? eval($hook) : null;
       
   598 
       
   599 ?>
       
   600 		<div class="post<?php echo ($pun_page['item_count'] == 1) ? ' firstpost' : '' ?>">
       
   601 			<div class="postmain">
       
   602 				<div class="posthead">
       
   603 					<h3><?php echo implode(' ', $pun_page['item_head']) ?></h3>
       
   604 				</div>
       
   605 				<div class="postbody">
       
   606 					<div class="user">
       
   607 						<h4 class="user-ident"><strong class="username"><?php echo $cur_post['poster'] ?></strong></h4>
       
   608 					</div>
       
   609 					<div class="post-entry">
       
   610 						<div class="entry-content">
       
   611 						<?php echo $pun_page['message']."\n" ?>
       
   612 						</div>
       
   613 					</div>
       
   614 				</div>
       
   615 			</div>
       
   616 		</div>
       
   617 <?php
       
   618 
       
   619 	}
       
   620 
       
   621 ?>
       
   622 	</div>
       
   623 <?php
       
   624 
       
   625 }
       
   626 
       
   627 ?>
       
   628 </div>
       
   629 <?php
       
   630 
       
   631 ($hook = get_hook('po_end')) ? eval($hook) : null;
       
   632 
       
   633 require PUN_ROOT.'footer.php';