24 |
24 |
25 |
25 |
26 if (isset($_GET['action'])) |
26 if (isset($_GET['action'])) |
27 define('PUN_QUIET_VISIT', 1); |
27 define('PUN_QUIET_VISIT', 1); |
28 |
28 |
29 define('PUN_ROOT', './'); |
29 //define('PUN_ROOT', './'); |
30 require PUN_ROOT.'include/common.php'; |
30 //require PUN_ROOT.'include/common.php'; |
|
31 |
|
32 global $pun_db, $pun_user, $pun_config, $lang_common; |
|
33 |
31 |
34 |
32 |
35 |
33 // Load the misc.php language file |
36 // Load the misc.php language file |
34 require PUN_ROOT.'lang/'.$pun_user['language'].'/misc.php'; |
37 require PUN_ROOT.'lang/'.$pun_user['language'].'/misc.php'; |
35 |
38 |
62 else if ($action == 'markread') |
65 else if ($action == 'markread') |
63 { |
66 { |
64 if ($pun_user['is_guest']) |
67 if ($pun_user['is_guest']) |
65 message($lang_common['No permission']); |
68 message($lang_common['No permission']); |
66 |
69 |
67 $db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user last visit data', __FILE__, __LINE__, $db->error()); |
70 $pun_db->query('UPDATE '.$pun_db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user last visit data', __FILE__, __LINE__, $pun_db->error()); |
68 |
71 |
69 redirect('index.php', $lang_misc['Mark read redirect']); |
72 pun_redirect('index.php', $lang_misc['Mark read redirect']); |
70 } |
73 } |
71 |
74 |
72 |
75 |
73 else if (isset($_GET['email'])) |
76 else if (isset($_GET['email'])) |
74 { |
77 { |
77 |
80 |
78 $recipient_id = intval($_GET['email']); |
81 $recipient_id = intval($_GET['email']); |
79 if ($recipient_id < 2) |
82 if ($recipient_id < 2) |
80 message($lang_common['Bad request']); |
83 message($lang_common['Bad request']); |
81 |
84 |
82 $result = $db->query('SELECT username, email, email_setting FROM '.$db->prefix.'users WHERE id='.$recipient_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
85 $result = $pun_db->query('SELECT username, email, email_setting FROM '.$pun_db->prefix.'users WHERE id='.$recipient_id) or error('Unable to fetch user info', __FILE__, __LINE__, $pun_db->error()); |
83 if (!$db->num_rows($result)) |
86 if (!$pun_db->num_rows($result)) |
84 message($lang_common['Bad request']); |
87 message($lang_common['Bad request']); |
85 |
88 |
86 list($recipient, $recipient_email, $email_setting) = $db->fetch_row($result); |
89 list($recipient, $recipient_email, $email_setting) = $pun_db->fetch_row($result); |
87 |
90 |
88 if ($email_setting == 2 && $pun_user['g_id'] > PUN_MOD) |
91 if ($email_setting == 2 && $pun_user['g_id'] < PUN_MOD) |
89 message($lang_misc['Form e-mail disabled']); |
92 message($lang_misc['Form e-mail disabled']); |
90 |
93 |
91 |
94 |
92 if (isset($_POST['form_sent'])) |
95 if (isset($_POST['form_sent'])) |
93 { |
96 { |
118 |
121 |
119 require_once PUN_ROOT.'include/email.php'; |
122 require_once PUN_ROOT.'include/email.php'; |
120 |
123 |
121 pun_mail($recipient_email, $mail_subject, $mail_message, '"'.str_replace('"', '', $pun_user['username']).'" <'.$pun_user['email'].'>'); |
124 pun_mail($recipient_email, $mail_subject, $mail_message, '"'.str_replace('"', '', $pun_user['username']).'" <'.$pun_user['email'].'>'); |
122 |
125 |
123 redirect(htmlspecialchars($_POST['redirect_url']), $lang_misc['E-mail sent redirect']); |
126 pun_redirect(htmlspecialchars($_POST['redirect_url']), $lang_misc['E-mail sent redirect']); |
124 } |
127 } |
125 |
128 |
126 |
129 |
127 // Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the users profile after the e-mail is sent) |
130 // Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the users profile after the e-mail is sent) |
128 $redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($pun_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php'; |
131 $redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($pun_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php'; |
176 $reason = pun_linebreaks(pun_trim($_POST['req_reason'])); |
179 $reason = pun_linebreaks(pun_trim($_POST['req_reason'])); |
177 if ($reason == '') |
180 if ($reason == '') |
178 message($lang_misc['No reason']); |
181 message($lang_misc['No reason']); |
179 |
182 |
180 // Get the topic ID |
183 // Get the topic ID |
181 $result = $db->query('SELECT topic_id FROM '.$db->prefix.'posts WHERE id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error()); |
184 $result = $pun_db->query('SELECT topic_id FROM '.$pun_db->prefix.'posts WHERE id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $pun_db->error()); |
182 if (!$db->num_rows($result)) |
185 if (!$pun_db->num_rows($result)) |
183 message($lang_common['Bad request']); |
186 message($lang_common['Bad request']); |
184 |
187 |
185 $topic_id = $db->result($result); |
188 $topic_id = $pun_db->result($result); |
186 |
189 |
187 // Get the subject and forum ID |
190 // Get the subject and forum ID |
188 $result = $db->query('SELECT subject, forum_id FROM '.$db->prefix.'topics WHERE id='.$topic_id) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error()); |
191 $result = $pun_db->query('SELECT subject, forum_id FROM '.$pun_db->prefix.'topics WHERE id='.$topic_id) or error('Unable to fetch topic info', __FILE__, __LINE__, $pun_db->error()); |
189 if (!$db->num_rows($result)) |
192 if (!$pun_db->num_rows($result)) |
190 message($lang_common['Bad request']); |
193 message($lang_common['Bad request']); |
191 |
194 |
192 list($subject, $forum_id) = $db->fetch_row($result); |
195 list($subject, $forum_id) = $pun_db->fetch_row($result); |
193 |
196 |
194 // Should we use the internal report handling? |
197 // Should we use the internal report handling? |
195 if ($pun_config['o_report_method'] == 0 || $pun_config['o_report_method'] == 2) |
198 if ($pun_config['o_report_method'] == 0 || $pun_config['o_report_method'] == 2) |
196 $db->query('INSERT INTO '.$db->prefix.'reports (post_id, topic_id, forum_id, reported_by, created, message) VALUES('.$post_id.', '.$topic_id.', '.$forum_id.', '.$pun_user['id'].', '.time().', \''.$db->escape($reason).'\')' ) or error('Unable to create report', __FILE__, __LINE__, $db->error()); |
199 $pun_db->query('INSERT INTO '.$pun_db->prefix.'reports (post_id, topic_id, forum_id, reported_by, created, message) VALUES('.$post_id.', '.$topic_id.', '.$forum_id.', '.$pun_user['id'].', '.time().', \''.$pun_db->escape($reason).'\')' ) or error('Unable to create report', __FILE__, __LINE__, $pun_db->error()); |
197 |
200 |
198 // Should we e-mail the report? |
201 // Should we e-mail the report? |
199 if ($pun_config['o_report_method'] == 1 || $pun_config['o_report_method'] == 2) |
202 if ($pun_config['o_report_method'] == 1 || $pun_config['o_report_method'] == 2) |
200 { |
203 { |
201 // We send it to the complete mailing-list in one swoop |
204 // We send it to the complete mailing-list in one swoop |
208 |
211 |
209 pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message); |
212 pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message); |
210 } |
213 } |
211 } |
214 } |
212 |
215 |
213 redirect('viewtopic.php?pid='.$post_id.'#p'.$post_id, $lang_misc['Report redirect']); |
216 pun_redirect('viewtopic.php?pid='.$post_id.'#p'.$post_id, $lang_misc['Report redirect']); |
214 } |
217 } |
215 |
218 |
216 |
219 |
217 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Report post']; |
220 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Report post']; |
218 $required_fields = array('req_reason' => $lang_misc['Reason']); |
221 $required_fields = array('req_reason' => $lang_misc['Reason']); |
250 |
253 |
251 $topic_id = intval($_GET['subscribe']); |
254 $topic_id = intval($_GET['subscribe']); |
252 if ($topic_id < 1) |
255 if ($topic_id < 1) |
253 message($lang_common['Bad request']); |
256 message($lang_common['Bad request']); |
254 |
257 |
255 $result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error()); |
258 $result = $pun_db->query('SELECT 1 FROM '.$pun_db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $pun_db->error()); |
256 if ($db->num_rows($result)) |
259 if ($pun_db->num_rows($result)) |
257 message($lang_misc['Already subscribed']); |
260 message($lang_misc['Already subscribed']); |
258 |
261 |
259 $db->query('INSERT INTO '.$db->prefix.'subscriptions (user_id, topic_id) VALUES('.$pun_user['id'].' ,'.$topic_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error()); |
262 $pun_db->query('INSERT INTO '.$pun_db->prefix.'subscriptions (user_id, topic_id) VALUES('.$pun_user['id'].' ,'.$topic_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $pun_db->error()); |
260 |
263 |
261 redirect('viewtopic.php?id='.$topic_id, $lang_misc['Subscribe redirect']); |
264 pun_redirect('viewtopic.php?id='.$topic_id, $lang_misc['Subscribe redirect']); |
262 } |
265 } |
263 |
266 |
264 |
267 |
265 else if (isset($_GET['unsubscribe'])) |
268 else if (isset($_GET['unsubscribe'])) |
266 { |
269 { |
269 |
272 |
270 $topic_id = intval($_GET['unsubscribe']); |
273 $topic_id = intval($_GET['unsubscribe']); |
271 if ($topic_id < 1) |
274 if ($topic_id < 1) |
272 message($lang_common['Bad request']); |
275 message($lang_common['Bad request']); |
273 |
276 |
274 $result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error()); |
277 $result = $pun_db->query('SELECT 1 FROM '.$pun_db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $pun_db->error()); |
275 if (!$db->num_rows($result)) |
278 if (!$pun_db->num_rows($result)) |
276 message($lang_misc['Not subscribed']); |
279 message($lang_misc['Not subscribed']); |
277 |
280 |
278 $db->query('DELETE FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to remove subscription', __FILE__, __LINE__, $db->error()); |
281 $pun_db->query('DELETE FROM '.$pun_db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to remove subscription', __FILE__, __LINE__, $pun_db->error()); |
279 |
282 |
280 redirect('viewtopic.php?id='.$topic_id, $lang_misc['Unsubscribe redirect']); |
283 pun_redirect('viewtopic.php?id='.$topic_id, $lang_misc['Unsubscribe redirect']); |
281 } |
284 } |
282 |
285 |
283 |
286 |
284 else |
287 else |
285 message($lang_common['Bad request']); |
288 message($lang_common['Bad request']); |