[ Index ]

PHP Cross Reference of phpBB-3.2.8-deutsch

title

Body

[close]

/ -> posting.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  define('IN_PHPBB', true);
  18  $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
  19  $phpEx = substr(strrchr(__FILE__, '.'), 1);
  20  include($phpbb_root_path . 'common.' . $phpEx);
  21  include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
  22  include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
  23  include($phpbb_root_path . 'includes/message_parser.' . $phpEx);
  24  
  25  
  26  // Start session management
  27  $user->session_begin();
  28  $auth->acl($user->data);
  29  
  30  
  31  // Grab only parameters needed here
  32  $post_id    = $request->variable('p', 0);
  33  $topic_id    = $request->variable('t', 0);
  34  $forum_id    = $request->variable('f', 0);
  35  $draft_id    = $request->variable('d', 0);
  36  
  37  $preview    = (isset($_POST['preview'])) ? true : false;
  38  $save        = (isset($_POST['save'])) ? true : false;
  39  $load        = (isset($_POST['load'])) ? true : false;
  40  $confirm    = $request->is_set_post('confirm');
  41  $cancel        = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false;
  42  
  43  $refresh    = (isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['cancel_unglobalise']) || $save || $load || $preview);
  44  $submit = $request->is_set_post('post') && !$refresh && !$preview;
  45  $mode        = $request->variable('mode', '');
  46  
  47  // If the user is not allowed to delete the post, we try to soft delete it, so we overwrite the mode here.
  48  if ($mode == 'delete' && (($confirm && !$request->is_set_post('delete_permanent')) || !$auth->acl_gets('f_delete', 'm_delete', $forum_id)))
  49  {
  50      $mode = 'soft_delete';
  51  }
  52  
  53  $error = $post_data = array();
  54  $current_time = time();
  55  
  56  /**
  57  * This event allows you to alter the above parameters, such as submit and mode
  58  *
  59  * Note: $refresh must be true to retain previously submitted form data.
  60  *
  61  * Note: The template class will not work properly until $user->setup() is
  62  * called, and it has not been called yet. Extensions requiring template
  63  * assignments should use an event that comes later in this file.
  64  *
  65  * @event core.modify_posting_parameters
  66  * @var    int        post_id        ID of the post
  67  * @var    int        topic_id    ID of the topic
  68  * @var    int        forum_id    ID of the forum
  69  * @var    int        draft_id    ID of the draft
  70  * @var    bool    submit        Whether or not the form has been submitted
  71  * @var    bool    preview        Whether or not the post is being previewed
  72  * @var    bool    save        Whether or not a draft is being saved
  73  * @var    bool    load        Whether or not a draft is being loaded
  74  * @var    bool    cancel        Whether or not to cancel the form (returns to
  75  *                            viewtopic or viewforum depending on if the user
  76  *                            is posting a new topic or editing a post)
  77  * @var    bool    refresh        Whether or not to retain previously submitted data
  78  * @var    string    mode        What action to take if the form has been submitted
  79  *                            post|reply|quote|edit|delete|bump|smilies|popup
  80  * @var    array    error        Any error strings; a non-empty array aborts
  81  *                            form submission.
  82  *                            NOTE: Should be actual language strings, NOT
  83  *                            language keys.
  84  * @since 3.1.0-a1
  85  * @changed 3.1.2-RC1            Removed 'delete' var as it does not exist
  86  * @changed 3.2.4-RC1        Remove unused 'lastclick' var
  87  */
  88  $vars = array(
  89      'post_id',
  90      'topic_id',
  91      'forum_id',
  92      'draft_id',
  93      'submit',
  94      'preview',
  95      'save',
  96      'load',
  97      'cancel',
  98      'refresh',
  99      'mode',
 100      'error',
 101  );
 102  extract($phpbb_dispatcher->trigger_event('core.modify_posting_parameters', compact($vars)));
 103  
 104  // Was cancel pressed? If so then redirect to the appropriate page
 105  if ($cancel)
 106  {
 107      $f = ($forum_id) ? 'f=' . $forum_id . '&amp;' : '';
 108      $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx")));
 109      redirect($redirect);
 110  }
 111  
 112  if (in_array($mode, array('post', 'reply', 'quote', 'edit', 'delete')) && !$forum_id)
 113  {
 114      trigger_error('NO_FORUM');
 115  }
 116  
 117  /* @var $phpbb_content_visibility \phpbb\content_visibility */
 118  $phpbb_content_visibility = $phpbb_container->get('content.visibility');
 119  
 120  // We need to know some basic information in all cases before we do anything.
 121  switch ($mode)
 122  {
 123      case 'post':
 124          $sql = 'SELECT *
 125              FROM ' . FORUMS_TABLE . "
 126              WHERE forum_id = $forum_id";
 127      break;
 128  
 129      case 'bump':
 130      case 'reply':
 131          if (!$topic_id)
 132          {
 133              trigger_error('NO_TOPIC');
 134          }
 135  
 136          // Force forum id
 137          $sql = 'SELECT forum_id
 138              FROM ' . TOPICS_TABLE . '
 139              WHERE topic_id = ' . $topic_id;
 140          $result = $db->sql_query($sql);
 141          $f_id = (int) $db->sql_fetchfield('forum_id');
 142          $db->sql_freeresult($result);
 143  
 144          $forum_id = (!$f_id) ? $forum_id : $f_id;
 145  
 146          $sql = 'SELECT f.*, t.*
 147              FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
 148              WHERE t.topic_id = $topic_id
 149                  AND f.forum_id = t.forum_id
 150                  AND " . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id, 't.');
 151      break;
 152  
 153      case 'quote':
 154      case 'edit':
 155      case 'delete':
 156      case 'soft_delete':
 157          if (!$post_id)
 158          {
 159              $user->setup('posting');
 160              trigger_error('NO_POST');
 161          }
 162  
 163          // Force forum id
 164          $sql = 'SELECT forum_id
 165              FROM ' . POSTS_TABLE . '
 166              WHERE post_id = ' . $post_id;
 167          $result = $db->sql_query($sql);
 168          $f_id = (int) $db->sql_fetchfield('forum_id');
 169          $db->sql_freeresult($result);
 170  
 171          $forum_id = (!$f_id) ? $forum_id : $f_id;
 172  
 173          $sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield
 174              FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u
 175              WHERE p.post_id = $post_id
 176                  AND t.topic_id = p.topic_id
 177                  AND u.user_id = p.poster_id
 178                  AND f.forum_id = t.forum_id
 179                  AND " . $phpbb_content_visibility->get_visibility_sql('post', $forum_id, 'p.');
 180      break;
 181  
 182      case 'smilies':
 183          $sql = '';
 184          generate_smilies('window', $forum_id);
 185      break;
 186  
 187      case 'popup':
 188          if ($forum_id)
 189          {
 190              $sql = 'SELECT forum_style
 191                  FROM ' . FORUMS_TABLE . '
 192                  WHERE forum_id = ' . $forum_id;
 193          }
 194          else
 195          {
 196              phpbb_upload_popup();
 197              return;
 198          }
 199      break;
 200  
 201      default:
 202          $sql = '';
 203      break;
 204  }
 205  
 206  if (!$sql)
 207  {
 208      $user->setup('posting');
 209      trigger_error('NO_POST_MODE');
 210  }
 211  
 212  $result = $db->sql_query($sql);
 213  $post_data = $db->sql_fetchrow($result);
 214  $db->sql_freeresult($result);
 215  
 216  if (!$post_data)
 217  {
 218      if (!($mode == 'post' || $mode == 'bump' || $mode == 'reply'))
 219      {
 220          $user->setup('posting');
 221      }
 222      trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST');
 223  }
 224  
 225  /**
 226  * This event allows you to bypass reply/quote test of an unapproved post.
 227  *
 228  * @event core.posting_modify_row_data
 229  * @var    array    post_data    All post data from database
 230  * @var    string    mode        What action to take if the form has been submitted
 231  *                            post|reply|quote|edit|delete|bump|smilies|popup
 232  * @var    int        topic_id    ID of the topic
 233  * @var    int        forum_id    ID of the forum
 234  * @since 3.2.8-RC1
 235  */
 236  $vars = array(
 237      'post_data',
 238      'mode',
 239      'topic_id',
 240      'forum_id',
 241  );
 242  extract($phpbb_dispatcher->trigger_event('core.posting_modify_row_data', compact($vars)));
 243  
 244  // Not able to reply to unapproved posts/topics
 245  // TODO: add more descriptive language key
 246  if ($auth->acl_get('m_approve', $forum_id) && ((($mode == 'reply' || $mode == 'bump') && $post_data['topic_visibility'] != ITEM_APPROVED) || ($mode == 'quote' && $post_data['post_visibility'] != ITEM_APPROVED)))
 247  {
 248      trigger_error(($mode == 'reply' || $mode == 'bump') ? 'TOPIC_UNAPPROVED' : 'POST_UNAPPROVED');
 249  }
 250  
 251  if ($mode == 'popup')
 252  {
 253      phpbb_upload_popup($post_data['forum_style']);
 254      return;
 255  }
 256  
 257  $user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
 258  
 259  if ($config['enable_post_confirm'] && !$user->data['is_registered'])
 260  {
 261      $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']);
 262      $captcha->init(CONFIRM_POST);
 263  }
 264  
 265  // Use post_row values in favor of submitted ones...
 266  $forum_id    = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id;
 267  $topic_id    = (!empty($post_data['topic_id'])) ? (int) $post_data['topic_id'] : (int) $topic_id;
 268  $post_id    = (!empty($post_data['post_id'])) ? (int) $post_data['post_id'] : (int) $post_id;
 269  
 270  // Need to login to passworded forum first?
 271  if ($post_data['forum_password'])
 272  {
 273      login_forum_box(array(
 274          'forum_id'            => $forum_id,
 275          'forum_name'        => $post_data['forum_name'],
 276          'forum_password'    => $post_data['forum_password'])
 277      );
 278  }
 279  
 280  // Check permissions
 281  if ($user->data['is_bot'])
 282  {
 283      redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 284  }
 285  
 286  // Is the user able to read within this forum?
 287  if (!$auth->acl_get('f_read', $forum_id))
 288  {
 289      if ($user->data['user_id'] != ANONYMOUS)
 290      {
 291          trigger_error('USER_CANNOT_READ');
 292      }
 293      $message = $user->lang['LOGIN_EXPLAIN_POST'];
 294  
 295      if ($request->is_ajax())
 296      {
 297          $json = new phpbb\json_response();
 298          $json->send(array(
 299              'title'        => $user->lang['INFORMATION'],
 300              'message'    => $message,
 301          ));
 302      }
 303  
 304      login_box('', $message);
 305  }
 306  
 307  // Permission to do the action asked?
 308  $is_authed = false;
 309  
 310  switch ($mode)
 311  {
 312      case 'post':
 313          if ($auth->acl_get('f_post', $forum_id))
 314          {
 315              $is_authed = true;
 316          }
 317      break;
 318  
 319      case 'bump':
 320          if ($auth->acl_get('f_bump', $forum_id))
 321          {
 322              $is_authed = true;
 323          }
 324      break;
 325  
 326      case 'quote':
 327  
 328          $post_data['post_edit_locked'] = 0;
 329  
 330      // no break;
 331  
 332      case 'reply':
 333          if ($auth->acl_get('f_reply', $forum_id))
 334          {
 335              $is_authed = true;
 336          }
 337      break;
 338  
 339      case 'edit':
 340          if ($user->data['is_registered'] && $auth->acl_gets('f_edit', 'm_edit', $forum_id))
 341          {
 342              $is_authed = true;
 343          }
 344      break;
 345  
 346      case 'delete':
 347          if ($user->data['is_registered'] && ($auth->acl_get('m_delete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id))))
 348          {
 349              $is_authed = true;
 350          }
 351  
 352      // no break;
 353  
 354      case 'soft_delete':
 355          if (!$is_authed && $user->data['is_registered'] && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $post_data['post_edit_locked']))
 356          {
 357              // Fall back to soft_delete if we have no permissions to delete posts but to soft delete them
 358              $is_authed = true;
 359              $mode = 'soft_delete';
 360          }
 361      break;
 362  }
 363  /**
 364  * This event allows you to do extra auth checks and verify if the user
 365  * has the required permissions
 366  *
 367  * Extensions should only change the error and is_authed variables.
 368  *
 369  * @event core.modify_posting_auth
 370  * @var    int        post_id        ID of the post
 371  * @var    int        topic_id    ID of the topic
 372  * @var    int        forum_id    ID of the forum
 373  * @var    int        draft_id    ID of the draft
 374  * @var    bool    submit        Whether or not the form has been submitted
 375  * @var    bool    preview        Whether or not the post is being previewed
 376  * @var    bool    save        Whether or not a draft is being saved
 377  * @var    bool    load        Whether or not a draft is being loaded
 378  * @var    bool    refresh        Whether or not to retain previously submitted data
 379  * @var    string    mode        What action to take if the form has been submitted
 380  *                            post|reply|quote|edit|delete|bump|smilies|popup
 381  * @var    array    error        Any error strings; a non-empty array aborts
 382  *                            form submission.
 383  *                            NOTE: Should be actual language strings, NOT
 384  *                            language keys.
 385  * @var    bool    is_authed    Does the user have the required permissions?
 386  * @var    array    post_data    All post data from database
 387  * @since 3.1.3-RC1
 388  * @changed 3.1.10-RC1 Added post_data
 389  * @changed 3.2.4-RC1         Remove unused 'lastclick' var
 390  */
 391  $vars = array(
 392      'post_id',
 393      'topic_id',
 394      'forum_id',
 395      'draft_id',
 396      'submit',
 397      'preview',
 398      'save',
 399      'load',
 400      'refresh',
 401      'mode',
 402      'error',
 403      'is_authed',
 404      'post_data',
 405  );
 406  extract($phpbb_dispatcher->trigger_event('core.modify_posting_auth', compact($vars)));
 407  
 408  if (!$is_authed || !empty($error))
 409  {
 410      $check_auth = ($mode == 'quote') ? 'reply' : (($mode == 'soft_delete') ? 'delete' : $mode);
 411  
 412      if ($user->data['is_registered'])
 413      {
 414          trigger_error(empty($error) ? 'USER_CANNOT_' . strtoupper($check_auth) : implode('<br/>', $error));
 415      }
 416      $message = $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)];
 417  
 418      if ($request->is_ajax())
 419      {
 420          $json = new phpbb\json_response();
 421          $json->send(array(
 422              'title'        => $user->lang['INFORMATION'],
 423              'message'    => $message,
 424          ));
 425      }
 426  
 427      login_box('', $message);
 428  }
 429  
 430  // Is the user able to post within this forum?
 431  if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply')))
 432  {
 433      trigger_error('USER_CANNOT_FORUM_POST');
 434  }
 435  
 436  // Forum/Topic locked?
 437  if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED)) && !$auth->acl_get('m_edit', $forum_id))
 438  {
 439      trigger_error(($post_data['forum_status'] == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED');
 440  }
 441  
 442  // Can we edit this post ... if we're a moderator with rights then always yes
 443  // else it depends on editing times, lock status and if we're the correct user
 444  if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id))
 445  {
 446      $force_edit_allowed = false;
 447  
 448      $s_cannot_edit = $user->data['user_id'] != $post_data['poster_id'];
 449      $s_cannot_edit_time = $config['edit_time'] && $post_data['post_time'] <= time() - ($config['edit_time'] * 60);
 450      $s_cannot_edit_locked = $post_data['post_edit_locked'];
 451  
 452      /**
 453      * This event allows you to modify the conditions for the "cannot edit post" checks
 454      *
 455      * @event core.posting_modify_cannot_edit_conditions
 456      * @var    array    post_data    Array with post data
 457      * @var    bool    force_edit_allowed        Allow the user to edit the post (all permissions and conditions are ignored)
 458      * @var    bool    s_cannot_edit            User can not edit the post because it's not his
 459      * @var    bool    s_cannot_edit_locked    User can not edit the post because it's locked
 460      * @var    bool    s_cannot_edit_time        User can not edit the post because edit_time has passed
 461      * @since 3.1.0-b4
 462      */
 463      $vars = array(
 464          'post_data',
 465          'force_edit_allowed',
 466          's_cannot_edit',
 467          's_cannot_edit_locked',
 468          's_cannot_edit_time',
 469      );
 470      extract($phpbb_dispatcher->trigger_event('core.posting_modify_cannot_edit_conditions', compact($vars)));
 471  
 472      if (!$force_edit_allowed)
 473      {
 474          if ($s_cannot_edit)
 475          {
 476              trigger_error('USER_CANNOT_EDIT');
 477          }
 478          else if ($s_cannot_edit_time)
 479          {
 480              trigger_error('CANNOT_EDIT_TIME');
 481          }
 482          else if ($s_cannot_edit_locked)
 483          {
 484              trigger_error('CANNOT_EDIT_POST_LOCKED');
 485          }
 486      }
 487  }
 488  
 489  // Handle delete mode...
 490  if ($mode == 'delete' || $mode == 'soft_delete')
 491  {
 492      if ($mode == 'soft_delete' && $post_data['post_visibility'] == ITEM_DELETED)
 493      {
 494          $user->setup('posting');
 495          trigger_error('NO_POST');
 496      }
 497  
 498      $delete_reason = $request->variable('delete_reason', '', true);
 499      phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, ($mode == 'soft_delete' && !$request->is_set_post('delete_permanent')), $delete_reason);
 500      return;
 501  }
 502  
 503  // Handle bump mode...
 504  if ($mode == 'bump')
 505  {
 506      if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id'])
 507          && check_link_hash($request->variable('hash', ''), "topic_{$post_data['topic_id']}"))
 508      {
 509          $meta_url = phpbb_bump_topic($forum_id, $topic_id, $post_data, $current_time);
 510          meta_refresh(3, $meta_url);
 511          $message = $user->lang['TOPIC_BUMPED'];
 512  
 513          if (!$request->is_ajax())
 514          {
 515              $message .= '<br /><br />' . $user->lang('VIEW_MESSAGE', '<a href="' . $meta_url . '">', '</a>');
 516              $message .= '<br /><br />' . $user->lang('RETURN_FORUM', '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
 517          }
 518  
 519          trigger_error($message);
 520      }
 521  
 522      trigger_error('BUMP_ERROR');
 523  }
 524  
 525  // Subject length limiting to 60 characters if first post...
 526  if ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_data['post_id']))
 527  {
 528      $template->assign_var('S_NEW_MESSAGE', true);
 529  }
 530  
 531  // Determine some vars
 532  if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS)
 533  {
 534      $post_data['quote_username'] = (!empty($post_data['post_username'])) ? $post_data['post_username'] : $user->lang['GUEST'];
 535  }
 536  else
 537  {
 538      $post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : '';
 539  }
 540  
 541  $post_data['post_edit_locked']    = (isset($post_data['post_edit_locked'])) ? (int) $post_data['post_edit_locked'] : 0;
 542  $post_data['post_subject_md5']    = (isset($post_data['post_subject']) && $mode == 'edit') ? md5($post_data['post_subject']) : '';
 543  $post_data['post_subject']        = (in_array($mode, array('quote', 'edit'))) ? $post_data['post_subject'] : ((isset($post_data['topic_title'])) ? $post_data['topic_title'] : '');
 544  $post_data['topic_time_limit']    = (isset($post_data['topic_time_limit'])) ? (($post_data['topic_time_limit']) ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit']) : 0;
 545  $post_data['poll_length']        = (!empty($post_data['poll_length'])) ? (int) $post_data['poll_length'] / 86400 : 0;
 546  $post_data['poll_start']        = (!empty($post_data['poll_start'])) ? (int) $post_data['poll_start'] : 0;
 547  $post_data['icon_id']            = (!isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply'))) ? 0 : (int) $post_data['icon_id'];
 548  $post_data['poll_options']        = array();
 549  
 550  // Get Poll Data
 551  if ($post_data['poll_start'])
 552  {
 553      $sql = 'SELECT poll_option_text
 554          FROM ' . POLL_OPTIONS_TABLE . "
 555          WHERE topic_id = $topic_id
 556          ORDER BY poll_option_id";
 557      $result = $db->sql_query($sql);
 558  
 559      while ($row = $db->sql_fetchrow($result))
 560      {
 561          $post_data['poll_options'][] = trim($row['poll_option_text']);
 562      }
 563      $db->sql_freeresult($result);
 564  }
 565  
 566  /**
 567  * This event allows you to modify the post data before parsing
 568  *
 569  * @event core.posting_modify_post_data
 570  * @var    int        forum_id    ID of the forum
 571  * @var    string    mode        What action to take if the form has been submitted
 572  *                            post|reply|quote|edit|delete|bump|smilies|popup
 573  * @var    array    post_data    Array with post data
 574  * @var    int        post_id        ID of the post
 575  * @var    int        topic_id    ID of the topic
 576  * @since 3.2.2-RC1
 577  */
 578  $vars = array(
 579      'forum_id',
 580      'mode',
 581      'post_data',
 582      'post_id',
 583      'topic_id',
 584  );
 585  extract($phpbb_dispatcher->trigger_event('core.posting_modify_post_data', compact($vars)));
 586  
 587  if ($mode == 'edit')
 588  {
 589      $original_poll_data = array(
 590          'poll_title'        => $post_data['poll_title'],
 591          'poll_length'        => $post_data['poll_length'],
 592          'poll_max_options'    => $post_data['poll_max_options'],
 593          'poll_option_text'    => implode("\n", $post_data['poll_options']),
 594          'poll_start'        => $post_data['poll_start'],
 595          'poll_last_vote'    => $post_data['poll_last_vote'],
 596          'poll_vote_change'    => $post_data['poll_vote_change'],
 597      );
 598  }
 599  
 600  $orig_poll_options_size = count($post_data['poll_options']);
 601  
 602  $message_parser = new parse_message();
 603  /* @var $plupload \phpbb\plupload\plupload */
 604  $plupload = $phpbb_container->get('plupload');
 605  
 606  /* @var $mimetype_guesser \phpbb\mimetype\guesser */
 607  $mimetype_guesser = $phpbb_container->get('mimetype.guesser');
 608  $message_parser->set_plupload($plupload);
 609  
 610  if (isset($post_data['post_text']))
 611  {
 612      $message_parser->message = &$post_data['post_text'];
 613      unset($post_data['post_text']);
 614  }
 615  
 616  // Set some default variables
 617  $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0);
 618  
 619  /**
 620  * This event allows you to modify the default variables for post_data, and unset them in post_data if needed
 621  *
 622  * @event core.posting_modify_default_variables
 623  * @var    array    post_data    Array with post data
 624  * @var    array    uninit        Array with default vars to put into post_data, if they aren't there
 625  * @since 3.2.5-RC1
 626  */
 627  $vars = array(
 628      'post_data',
 629      'uninit',
 630  );
 631  extract($phpbb_dispatcher->trigger_event('core.posting_modify_default_variables', compact($vars)));
 632  
 633  foreach ($uninit as $var_name => $default_value)
 634  {
 635      if (!isset($post_data[$var_name]))
 636      {
 637          $post_data[$var_name] = $default_value;
 638      }
 639  }
 640  unset($uninit);
 641  
 642  // Always check if the submitted attachment data is valid and belongs to the user.
 643  // Further down (especially in submit_post()) we do not check this again.
 644  $message_parser->get_submitted_attachment_data($post_data['poster_id']);
 645  
 646  if ($post_data['post_attachment'] && !$submit && !$refresh && !$preview && $mode == 'edit')
 647  {
 648      // Do not change to SELECT *
 649      $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename, filesize
 650          FROM ' . ATTACHMENTS_TABLE . "
 651          WHERE post_msg_id = $post_id
 652              AND in_message = 0
 653              AND is_orphan = 0
 654          ORDER BY attach_id DESC";
 655      $result = $db->sql_query($sql);
 656      $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));
 657      $db->sql_freeresult($result);
 658  }
 659  
 660  if ($post_data['poster_id'] == ANONYMOUS)
 661  {
 662      $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['post_username']) : '';
 663  }
 664  else
 665  {
 666      $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['username']) : '';
 667  }
 668  
 669  $post_data['enable_urls'] = $post_data['enable_magic_url'];
 670  
 671  if ($mode != 'edit')
 672  {
 673      $post_data['enable_sig']        = ($config['allow_sig'] && $user->optionget('attachsig')) ? true: false;
 674      $post_data['enable_smilies']    = ($config['allow_smilies'] && $user->optionget('smilies')) ? true : false;
 675      $post_data['enable_bbcode']        = ($config['allow_bbcode'] && $user->optionget('bbcode')) ? true : false;
 676      $post_data['enable_urls']        = true;
 677  }
 678  
 679  if ($mode == 'post')
 680  {
 681      $post_data['topic_status']        = ($request->is_set_post('lock_topic') && $auth->acl_gets('m_lock', 'f_user_lock', $forum_id)) ? ITEM_LOCKED : ITEM_UNLOCKED;
 682  }
 683  
 684  $post_data['enable_magic_url'] = $post_data['drafts'] = false;
 685  
 686  // User own some drafts?
 687  if ($user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
 688  {
 689      $sql = 'SELECT draft_id
 690          FROM ' . DRAFTS_TABLE . '
 691          WHERE user_id = ' . $user->data['user_id'] .
 692              (($forum_id) ? ' AND forum_id = ' . (int) $forum_id : '') .
 693              (($topic_id) ? ' AND topic_id = ' . (int) $topic_id : '') .
 694              (($draft_id) ? " AND draft_id <> $draft_id" : '');
 695      $result = $db->sql_query_limit($sql, 1);
 696  
 697      if ($db->sql_fetchrow($result))
 698      {
 699          $post_data['drafts'] = true;
 700      }
 701      $db->sql_freeresult($result);
 702  }
 703  
 704  $check_value = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
 705  
 706  // Check if user is watching this topic
 707  if ($mode != 'post' && $config['allow_topic_notify'] && $user->data['is_registered'])
 708  {
 709      $sql = 'SELECT topic_id
 710          FROM ' . TOPICS_WATCH_TABLE . '
 711          WHERE topic_id = ' . $topic_id . '
 712              AND user_id = ' . $user->data['user_id'];
 713      $result = $db->sql_query($sql);
 714      $post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id');
 715      $db->sql_freeresult($result);
 716  }
 717  
 718  // Do we want to edit our post ?
 719  if ($mode == 'edit' && $post_data['bbcode_uid'])
 720  {
 721      $message_parser->bbcode_uid = $post_data['bbcode_uid'];
 722  }
 723  
 724  // HTML, BBCode, Smilies, Images and Flash status
 725  $bbcode_status    = ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false;
 726  $smilies_status    = ($config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false;
 727  $img_status        = ($bbcode_status && $auth->acl_get('f_img', $forum_id)) ? true : false;
 728  $url_status        = ($config['allow_post_links']) ? true : false;
 729  $flash_status    = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false;
 730  $quote_status    = true;
 731  
 732  // Save Draft
 733  if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
 734  {
 735      $subject = $request->variable('subject', '', true);
 736      $subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject;
 737      $message = $request->variable('message', '', true);
 738  
 739      if ($subject && $message)
 740      {
 741          if (confirm_box(true))
 742          {
 743              $message_parser->message = $message;
 744              $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
 745  
 746              $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 747                  'user_id'        => (int) $user->data['user_id'],
 748                  'topic_id'        => (int) $topic_id,
 749                  'forum_id'        => (int) $forum_id,
 750                  'save_time'        => (int) $current_time,
 751                  'draft_subject'    => (string) $subject,
 752                  'draft_message'    => (string) $message_parser->message)
 753              );
 754              $db->sql_query($sql);
 755  
 756              $meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=$topic_id");
 757  
 758              meta_refresh(3, $meta_info);
 759  
 760              $message = $user->lang['DRAFT_SAVED'] . '<br /><br />';
 761              $message .= ($mode != 'post') ? sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>') . '<br /><br />' : '';
 762              $message .= sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
 763  
 764              trigger_error($message);
 765          }
 766          else
 767          {
 768              $s_hidden_fields = build_hidden_fields(array(
 769                  'mode'        => $mode,
 770                  'save'        => true,
 771                  'f'            => $forum_id,
 772                  't'            => $topic_id,
 773                  'subject'    => $subject,
 774                  'message'    => $message,
 775                  'attachment_data' => $message_parser->attachment_data,
 776                  )
 777              );
 778  
 779              $hidden_fields = array(
 780                  'icon_id'            => 0,
 781  
 782                  'disable_bbcode'    => false,
 783                  'disable_smilies'    => false,
 784                  'disable_magic_url'    => false,
 785                  'attach_sig'        => true,
 786                  'lock_topic'        => false,
 787  
 788                  'topic_type'        => POST_NORMAL,
 789                  'topic_time_limit'    => 0,
 790  
 791                  'poll_title'        => '',
 792                  'poll_option_text'    => '',
 793                  'poll_max_options'    => 1,
 794                  'poll_length'        => 0,
 795                  'poll_vote_change'    => false,
 796              );
 797  
 798              foreach ($hidden_fields as $name => $default)
 799              {
 800                  if (!isset($_POST[$name]))
 801                  {
 802                      // Don't include it, if its not available
 803                      unset($hidden_fields[$name]);
 804                      continue;
 805                  }
 806  
 807                  if (is_bool($default))
 808                  {
 809                      // Use the string representation
 810                      $hidden_fields[$name] = $request->variable($name, '');
 811                  }
 812                  else
 813                  {
 814                      $hidden_fields[$name] = $request->variable($name, $default);
 815                  }
 816              }
 817  
 818              $s_hidden_fields .= build_hidden_fields($hidden_fields);
 819  
 820              confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields);
 821          }
 822      }
 823      else
 824      {
 825          if (utf8_clean_string($subject) === '')
 826          {
 827              $error[] = $user->lang['EMPTY_SUBJECT'];
 828          }
 829  
 830          if (utf8_clean_string($message) === '')
 831          {
 832              $error[] = $user->lang['TOO_FEW_CHARS'];
 833          }
 834      }
 835      unset($subject, $message);
 836  }
 837  
 838  // Load requested Draft
 839  if ($draft_id && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $user->data['is_registered'] && $auth->acl_get('u_savedrafts'))
 840  {
 841      $sql = 'SELECT draft_subject, draft_message
 842          FROM ' . DRAFTS_TABLE . "
 843          WHERE draft_id = $draft_id
 844              AND user_id = " . $user->data['user_id'];
 845      $result = $db->sql_query_limit($sql, 1);
 846      $row = $db->sql_fetchrow($result);
 847      $db->sql_freeresult($result);
 848  
 849      if ($row)
 850      {
 851          $post_data['post_subject'] = $row['draft_subject'];
 852          $message_parser->message = $row['draft_message'];
 853  
 854          $template->assign_var('S_DRAFT_LOADED', true);
 855      }
 856      else
 857      {
 858          $draft_id = 0;
 859      }
 860  }
 861  
 862  // Load draft overview
 863  if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_data['drafts'])
 864  {
 865      load_drafts($topic_id, $forum_id);
 866  }
 867  
 868  /** @var \phpbb\textformatter\utils_interface $bbcode_utils */
 869  $bbcode_utils = $phpbb_container->get('text_formatter.utils');
 870  
 871  if ($submit || $preview || $refresh)
 872  {
 873      $post_data['topic_cur_post_id']    = $request->variable('topic_cur_post_id', 0);
 874      $post_data['post_subject']        = $request->variable('subject', '', true);
 875      $message_parser->message        = $request->variable('message', '', true);
 876  
 877      $post_data['username']            = $request->variable('username', $post_data['username'], true);
 878      $post_data['post_edit_reason']    = ($request->variable('edit_reason', false, false, \phpbb\request\request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? $request->variable('edit_reason', '', true) : '';
 879  
 880      $post_data['orig_topic_type']    = $post_data['topic_type'];
 881      $post_data['topic_type']        = $request->variable('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL));
 882      $post_data['topic_time_limit']    = $request->variable('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0));
 883  
 884      if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id))
 885      {
 886          $post_data['icon_id'] = $request->variable('icon', (int) $post_data['icon_id']);
 887      }
 888  
 889      $post_data['enable_bbcode']        = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true;
 890      $post_data['enable_smilies']    = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true;
 891      $post_data['enable_urls']        = (isset($_POST['disable_magic_url'])) ? 0 : 1;
 892      $post_data['enable_sig']        = (!$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig')) ? false : ((isset($_POST['attach_sig']) && $user->data['is_registered']) ? true : false);
 893  
 894      if ($config['allow_topic_notify'] && $user->data['is_registered'])
 895      {
 896          $notify = (isset($_POST['notify'])) ? true : false;
 897      }
 898      else
 899      {
 900          $notify = false;
 901      }
 902  
 903      $topic_lock            = (isset($_POST['lock_topic'])) ? true : false;
 904      $post_lock            = (isset($_POST['lock_post'])) ? true : false;
 905      $poll_delete        = (isset($_POST['poll_delete'])) ? true : false;
 906  
 907      if ($submit)
 908      {
 909          $status_switch = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
 910          $status_switch = ($status_switch != $check_value);
 911      }
 912      else
 913      {
 914          $status_switch = 1;
 915      }
 916  
 917      // Delete Poll
 918      if ($poll_delete && $mode == 'edit' && count($post_data['poll_options']) &&
 919          ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id)))
 920      {
 921          if ($submit && check_form_key('posting'))
 922          {
 923              $sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . "
 924                  WHERE topic_id = $topic_id";
 925              $db->sql_query($sql);
 926  
 927              $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . "
 928                  WHERE topic_id = $topic_id";
 929              $db->sql_query($sql);
 930  
 931              $topic_sql = array(
 932                  'poll_title'        => '',
 933                  'poll_start'         => 0,
 934                  'poll_length'        => 0,
 935                  'poll_last_vote'    => 0,
 936                  'poll_max_options'    => 0,
 937                  'poll_vote_change'    => 0
 938              );
 939  
 940              $sql = 'UPDATE ' . TOPICS_TABLE . '
 941                  SET ' . $db->sql_build_array('UPDATE', $topic_sql) . "
 942                  WHERE topic_id = $topic_id";
 943              $db->sql_query($sql);
 944          }
 945  
 946          $post_data['poll_title'] = $post_data['poll_option_text'] = '';
 947          $post_data['poll_vote_change'] = $post_data['poll_max_options'] = $post_data['poll_length'] = 0;
 948      }
 949      else
 950      {
 951          $post_data['poll_title']        = $request->variable('poll_title', '', true);
 952          $post_data['poll_length']        = $request->variable('poll_length', 0);
 953          $post_data['poll_option_text']    = $request->variable('poll_option_text', '', true);
 954          $post_data['poll_max_options']    = $request->variable('poll_max_options', 1);
 955          $post_data['poll_vote_change']    = ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0;
 956      }
 957  
 958      // If replying/quoting and last post id has changed
 959      // give user option to continue submit or return to post
 960      // notify and show user the post made between his request and the final submit
 961      if (($mode == 'reply' || $mode == 'quote') && $post_data['topic_cur_post_id'] && $post_data['topic_cur_post_id'] != $post_data['topic_last_post_id'])
 962      {
 963          // Only do so if it is allowed forum-wide
 964          if ($post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
 965          {
 966              if (topic_review($topic_id, $forum_id, 'post_review', $post_data['topic_cur_post_id']))
 967              {
 968                  $template->assign_var('S_POST_REVIEW', true);
 969              }
 970  
 971              $submit = false;
 972              $refresh = true;
 973          }
 974      }
 975  
 976      // Parse Attachments - before checksum is calculated
 977      if ($message_parser->check_attachment_form_token($language, $request, 'posting'))
 978      {
 979          $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh);
 980      }
 981  
 982      /**
 983      * This event allows you to modify message text before parsing
 984      *
 985      * @event core.posting_modify_message_text
 986      * @var    array    post_data    Array with post data
 987      * @var    string    mode        What action to take if the form is submitted
 988      *                post|reply|quote|edit|delete|bump|smilies|popup
 989      * @var    int    post_id        ID of the post
 990      * @var    int    topic_id    ID of the topic
 991      * @var    int    forum_id    ID of the forum
 992      * @var    bool    submit        Whether or not the form has been submitted
 993      * @var    bool    preview        Whether or not the post is being previewed
 994      * @var    bool    save        Whether or not a draft is being saved
 995      * @var    bool    load        Whether or not a draft is being loaded
 996      * @var    bool    cancel        Whether or not to cancel the form (returns to
 997      *                viewtopic or viewforum depending on if the user
 998      *                is posting a new topic or editing a post)
 999      * @var    bool    refresh        Whether or not to retain previously submitted data
1000      * @var    object    message_parser    The message parser object
1001      * @var    array    error        Array of errors
1002      * @since 3.1.2-RC1
1003      * @changed 3.1.11-RC1 Added error
1004      */
1005      $vars = array(
1006          'post_data',
1007          'mode',
1008          'post_id',
1009          'topic_id',
1010          'forum_id',
1011          'submit',
1012          'preview',
1013          'save',
1014          'load',
1015          'cancel',
1016          'refresh',
1017          'message_parser',
1018          'error',
1019      );
1020      extract($phpbb_dispatcher->trigger_event('core.posting_modify_message_text', compact($vars)));
1021  
1022      // Grab md5 'checksum' of new message
1023      $message_md5 = md5($message_parser->message);
1024  
1025      // If editing and checksum has changed we know the post was edited while we're editing
1026      // Notify and show user the changed post
1027      if ($mode == 'edit' && $post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
1028      {
1029          $edit_post_message_checksum = $request->variable('edit_post_message_checksum', '');
1030          $edit_post_subject_checksum = $request->variable('edit_post_subject_checksum', '');
1031  
1032          // $post_data['post_checksum'] is the checksum of the post submitted in the meantime
1033          // $message_md5 is the checksum of the post we're about to submit
1034          // $edit_post_message_checksum is the checksum of the post we're editing
1035          // ...
1036  
1037          // We make sure nobody else made exactly the same change
1038          // we're about to submit by also checking $message_md5 != $post_data['post_checksum']
1039          if ($edit_post_message_checksum !== '' &&
1040              $edit_post_message_checksum != $post_data['post_checksum'] &&
1041              $message_md5 != $post_data['post_checksum']
1042              ||
1043              $edit_post_subject_checksum !== '' &&
1044              $edit_post_subject_checksum != $post_data['post_subject_md5'] &&
1045              md5($post_data['post_subject']) != $post_data['post_subject_md5'])
1046          {
1047              if (topic_review($topic_id, $forum_id, 'post_review_edit', $post_id))
1048              {
1049                  $template->assign_vars(array(
1050                      'S_POST_REVIEW'            => true,
1051  
1052                      'L_POST_REVIEW'            => $user->lang['POST_REVIEW_EDIT'],
1053                      'L_POST_REVIEW_EXPLAIN'    => $user->lang['POST_REVIEW_EDIT_EXPLAIN'],
1054                  ));
1055              }
1056  
1057              $submit = false;
1058              $refresh = true;
1059          }
1060      }
1061  
1062      // Check checksum ... don't re-parse message if the same
1063      $update_message = ($mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN) ? true : false;
1064  
1065      // Also check if subject got updated...
1066      $update_subject = $mode != 'edit' || ($post_data['post_subject_md5'] && $post_data['post_subject_md5'] != md5($post_data['post_subject']));
1067  
1068      // Parse message
1069      if ($update_message)
1070      {
1071          if (count($message_parser->warn_msg))
1072          {
1073              $error[] = implode('<br />', $message_parser->warn_msg);
1074              $message_parser->warn_msg = array();
1075          }
1076  
1077          if (!$preview || !empty($message_parser->message))
1078          {
1079              $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
1080          }
1081  
1082          // On a refresh we do not care about message parsing errors
1083          if (count($message_parser->warn_msg) && $refresh && !$preview)
1084          {
1085              $message_parser->warn_msg = array();
1086          }
1087      }
1088      else
1089      {
1090          $message_parser->bbcode_bitfield = $post_data['bbcode_bitfield'];
1091      }
1092  
1093      $ignore_flood = $auth->acl_get('u_ignoreflood') ? true : $auth->acl_get('f_ignoreflood', $forum_id);
1094      if ($mode != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$ignore_flood)
1095      {
1096          // Flood check
1097          $last_post_time = 0;
1098  
1099          if ($user->data['is_registered'])
1100          {
1101              $last_post_time = $user->data['user_lastpost_time'];
1102          }
1103          else
1104          {
1105              $sql = 'SELECT post_time AS last_post_time
1106                  FROM ' . POSTS_TABLE . "
1107                  WHERE poster_ip = '" . $user->ip . "'
1108                      AND post_time > " . ($current_time - $config['flood_interval']);
1109              $result = $db->sql_query_limit($sql, 1);
1110              if ($row = $db->sql_fetchrow($result))
1111              {
1112                  $last_post_time = $row['last_post_time'];
1113              }
1114              $db->sql_freeresult($result);
1115          }
1116  
1117          if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval']))
1118          {
1119              $error[] = $user->lang['FLOOD_ERROR'];
1120          }
1121      }
1122  
1123      // Validate username
1124      if (($post_data['username'] && !$user->data['is_registered']) || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username']))
1125      {
1126          if (!function_exists('validate_username'))
1127          {
1128              include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1129          }
1130  
1131          $user->add_lang('ucp');
1132  
1133          if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false)
1134          {
1135              $error[] = $user->lang[$result . '_USERNAME'];
1136          }
1137  
1138          if (($result = validate_string($post_data['username'], false, $config['min_name_chars'], $config['max_name_chars'])) !== false)
1139          {
1140              $min_max_amount = ($result == 'TOO_SHORT') ? $config['min_name_chars'] : $config['max_name_chars'];
1141              $error[] = $user->lang('FIELD_' . $result, $min_max_amount, $user->lang['USERNAME']);
1142          }
1143      }
1144  
1145      if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply')))
1146      {
1147          $captcha_data = array(
1148              'message'    => $request->variable('message', '', true),
1149              'subject'    => $request->variable('subject', '', true),
1150              'username'    => $request->variable('username', '', true),
1151          );
1152          $vc_response = $captcha->validate($captcha_data);
1153          if ($vc_response)
1154          {
1155              $error[] = $vc_response;
1156          }
1157      }
1158  
1159      // check form
1160      if (($submit || $preview) && !check_form_key('posting'))
1161      {
1162          $error[] = $user->lang['FORM_INVALID'];
1163      }
1164  
1165      if ($submit && $mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED && !isset($_POST['soft_delete']) && $auth->acl_get('m_approve', $forum_id))
1166      {
1167          $is_first_post = ($post_id == $post_data['topic_first_post_id'] || !$post_data['topic_posts_approved']);
1168          $is_last_post = ($post_id == $post_data['topic_last_post_id'] || !$post_data['topic_posts_approved']);
1169          $updated_post_data = $phpbb_content_visibility->set_post_visibility(ITEM_APPROVED, $post_id, $post_data['topic_id'], $post_data['forum_id'], $user->data['user_id'], time(), '', $is_first_post, $is_last_post);
1170  
1171          if (!empty($updated_post_data))
1172          {
1173              // Update the post_data, so we don't need to refetch it.
1174              $post_data = array_merge($post_data, $updated_post_data);
1175          }
1176      }
1177  
1178      // Parse subject
1179      if (!$preview && !$refresh && utf8_clean_string($post_data['post_subject']) === '' && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
1180      {
1181          $error[] = $user->lang['EMPTY_SUBJECT'];
1182      }
1183  
1184      // Check for out-of-bounds characters that are currently
1185      // not supported by utf8_bin in MySQL
1186      if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $post_data['post_subject'], $matches))
1187      {
1188          $character_list = implode('<br />', $matches[0]);
1189          $error[] = $user->lang('UNSUPPORTED_CHARACTERS_SUBJECT', $character_list);
1190      }
1191  
1192      $post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0;
1193  
1194      if ($post_data['poll_option_text'] &&
1195          ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1196          && $auth->acl_get('f_poll', $forum_id))
1197      {
1198          $poll = array(
1199              'poll_title'        => $post_data['poll_title'],
1200              'poll_length'        => $post_data['poll_length'],
1201              'poll_max_options'    => $post_data['poll_max_options'],
1202              'poll_option_text'    => $post_data['poll_option_text'],
1203              'poll_start'        => $post_data['poll_start'],
1204              'poll_last_vote'    => $post_data['poll_last_vote'],
1205              'poll_vote_change'    => $post_data['poll_vote_change'],
1206              'enable_bbcode'        => $post_data['enable_bbcode'],
1207              'enable_urls'        => $post_data['enable_urls'],
1208              'enable_smilies'    => $post_data['enable_smilies'],
1209              'img_status'        => $img_status
1210          );
1211  
1212          $message_parser->parse_poll($poll);
1213  
1214          $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array();
1215          $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
1216  
1217          /* We reset votes, therefore also allow removing options
1218          if ($post_data['poll_last_vote'] && ($poll['poll_options_size'] < $orig_poll_options_size))
1219          {
1220              $message_parser->warn_msg[] = $user->lang['NO_DELETE_POLL_OPTIONS'];
1221          }*/
1222      }
1223      else if ($mode == 'edit' && $post_id == $post_data['topic_first_post_id'] && $auth->acl_get('f_poll', $forum_id))
1224      {
1225          // The user removed all poll options, this is equal to deleting the poll.
1226          $poll = array(
1227              'poll_title'        => '',
1228              'poll_length'        => 0,
1229              'poll_max_options'    => 0,
1230              'poll_option_text'    => '',
1231              'poll_start'        => 0,
1232              'poll_last_vote'    => 0,
1233              'poll_vote_change'    => 0,
1234              'poll_options'        => array(),
1235          );
1236  
1237          $post_data['poll_options'] = array();
1238          $post_data['poll_title'] = '';
1239          $post_data['poll_start'] = $post_data['poll_length'] = $post_data['poll_max_options'] = $post_data['poll_last_vote'] = $post_data['poll_vote_change'] = 0;
1240      }
1241      else if (!$auth->acl_get('f_poll', $forum_id) && ($mode == 'edit') && ($post_id == $post_data['topic_first_post_id']) && !$bbcode_utils->is_empty($original_poll_data['poll_title']))
1242      {
1243          // We have a poll but the editing user is not permitted to create/edit it.
1244          // So we just keep the original poll-data.
1245          // Decode the poll title and options text fisrt.
1246          $original_poll_data['poll_title'] = $bbcode_utils->unparse($original_poll_data['poll_title']);
1247          $original_poll_data['poll_option_text'] = $bbcode_utils->unparse($original_poll_data['poll_option_text']);
1248          $original_poll_data['poll_options'] = explode("\n", $original_poll_data['poll_option_text']);
1249  
1250          $poll = array_merge($original_poll_data, array(
1251              'enable_bbcode'        => $post_data['enable_bbcode'],
1252              'enable_urls'        => $post_data['enable_urls'],
1253              'enable_smilies'    => $post_data['enable_smilies'],
1254              'img_status'        => $img_status,
1255          ));
1256  
1257          $message_parser->parse_poll($poll);
1258  
1259          $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array();
1260          $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
1261      }
1262      else
1263      {
1264          $poll = array();
1265      }
1266  
1267      // Check topic type
1268      if ($post_data['topic_type'] != POST_NORMAL && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
1269      {
1270          switch ($post_data['topic_type'])
1271          {
1272              case POST_GLOBAL:
1273                  $auth_option = 'f_announce_global';
1274              break;
1275  
1276              case POST_ANNOUNCE:
1277                  $auth_option = 'f_announce';
1278              break;
1279  
1280              case POST_STICKY:
1281                  $auth_option = 'f_sticky';
1282              break;
1283  
1284              default:
1285                  $auth_option = '';
1286              break;
1287          }
1288  
1289          if ($auth_option != '' && !$auth->acl_get($auth_option, $forum_id))
1290          {
1291              // There is a special case where a user edits his post whereby the topic type got changed by an admin/mod.
1292              // Another case would be a mod not having sticky permissions for example but edit permissions.
1293              if ($mode == 'edit')
1294              {
1295                  // To prevent non-authed users messing around with the topic type we reset it to the original one.
1296                  $post_data['topic_type'] = $post_data['orig_topic_type'];
1297              }
1298              else
1299              {
1300                  $error[] = $user->lang['CANNOT_POST_' . str_replace('F_', '', strtoupper($auth_option))];
1301              }
1302          }
1303      }
1304  
1305      if (count($message_parser->warn_msg))
1306      {
1307          $error[] = implode('<br />', $message_parser->warn_msg);
1308      }
1309  
1310      // DNSBL check
1311      if ($config['check_dnsbl'] && !$refresh)
1312      {
1313          if (($dnsbl = $user->check_dnsbl('post')) !== false)
1314          {
1315              $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
1316          }
1317      }
1318  
1319      /**
1320      * This event allows you to define errors before the post action is performed
1321      *
1322      * @event core.posting_modify_submission_errors
1323      * @var    array    post_data    Array with post data
1324      * @var    array    poll        Array with poll data from post (must be used instead of the post_data equivalent)
1325      * @var    string    mode        What action to take if the form is submitted
1326      *                post|reply|quote|edit|delete|bump|smilies|popup
1327      * @var    int    post_id        ID of the post
1328      * @var    int    topic_id    ID of the topic
1329      * @var    int    forum_id    ID of the forum
1330      * @var    bool    submit        Whether or not the form has been submitted
1331      * @var    array    error        Any error strings; a non-empty array aborts form submission.
1332      *                NOTE: Should be actual language strings, NOT language keys.
1333      * @since 3.1.0-RC5
1334      * @changed 3.1.5-RC1 Added poll array to the event
1335      * @changed 3.2.0-a1 Removed undefined page_title
1336      */
1337      $vars = array(
1338          'post_data',
1339          'poll',
1340          'mode',
1341          'post_id',
1342          'topic_id',
1343          'forum_id',
1344          'submit',
1345          'error',
1346      );
1347      extract($phpbb_dispatcher->trigger_event('core.posting_modify_submission_errors', compact($vars)));
1348  
1349      // Store message, sync counters
1350      if (!count($error) && $submit)
1351      {
1352          if ($submit)
1353          {
1354              // Lock/Unlock Topic
1355              $change_topic_status = $post_data['topic_status'];
1356              $perm_lock_unlock = ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED)) ? true : false;
1357  
1358              if ($post_data['topic_status'] == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock)
1359              {
1360                  $change_topic_status = ITEM_UNLOCKED;
1361              }
1362              else if ($post_data['topic_status'] == ITEM_UNLOCKED && $topic_lock && $perm_lock_unlock)
1363              {
1364                  $change_topic_status = ITEM_LOCKED;
1365              }
1366  
1367              if ($change_topic_status != $post_data['topic_status'])
1368              {
1369                  $sql = 'UPDATE ' . TOPICS_TABLE . "
1370                      SET topic_status = $change_topic_status
1371                      WHERE topic_id = $topic_id
1372                          AND topic_moved_id = 0";
1373                  $db->sql_query($sql);
1374  
1375                  $user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster']) ? 'USER_' : '';
1376  
1377                  $phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), false, array(
1378                      'forum_id' => $forum_id,
1379                      'topic_id' => $topic_id,
1380                      $post_data['topic_title']
1381                  ));
1382              }
1383  
1384              // Lock/Unlock Post Edit
1385              if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id))
1386              {
1387                  $post_data['post_edit_locked'] = ITEM_UNLOCKED;
1388              }
1389              else if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id))
1390              {
1391                  $post_data['post_edit_locked'] = ITEM_LOCKED;
1392              }
1393  
1394              $data = array(
1395                  'topic_title'            => (empty($post_data['topic_title'])) ? $post_data['post_subject'] : $post_data['topic_title'],
1396                  'topic_first_post_id'    => (isset($post_data['topic_first_post_id'])) ? (int) $post_data['topic_first_post_id'] : 0,
1397                  'topic_last_post_id'    => (isset($post_data['topic_last_post_id'])) ? (int) $post_data['topic_last_post_id'] : 0,
1398                  'topic_time_limit'        => (int) $post_data['topic_time_limit'],
1399                  'topic_attachment'        => (isset($post_data['topic_attachment'])) ? (int) $post_data['topic_attachment'] : 0,
1400                  'post_id'                => (int) $post_id,
1401                  'topic_id'                => (int) $topic_id,
1402                  'forum_id'                => (int) $forum_id,
1403                  'icon_id'                => (int) $post_data['icon_id'],
1404                  'poster_id'                => (int) $post_data['poster_id'],
1405                  'enable_sig'            => (bool) $post_data['enable_sig'],
1406                  'enable_bbcode'            => (bool) $post_data['enable_bbcode'],
1407                  'enable_smilies'        => (bool) $post_data['enable_smilies'],
1408                  'enable_urls'            => (bool) $post_data['enable_urls'],
1409                  'enable_indexing'        => (bool) $post_data['enable_indexing'],
1410                  'message_md5'            => (string) $message_md5,
1411                  'post_checksum'            => (isset($post_data['post_checksum'])) ? (string) $post_data['post_checksum'] : '',
1412                  'post_edit_reason'        => $post_data['post_edit_reason'],
1413                  'post_edit_user'        => ($mode == 'edit') ? $user->data['user_id'] : ((isset($post_data['post_edit_user'])) ? (int) $post_data['post_edit_user'] : 0),
1414                  'forum_parents'            => $post_data['forum_parents'],
1415                  'forum_name'            => $post_data['forum_name'],
1416                  'notify'                => $notify,
1417                  'notify_set'            => $post_data['notify_set'],
1418                  'poster_ip'                => (isset($post_data['poster_ip'])) ? $post_data['poster_ip'] : $user->ip,
1419                  'post_edit_locked'        => (int) $post_data['post_edit_locked'],
1420                  'bbcode_bitfield'        => $message_parser->bbcode_bitfield,
1421                  'bbcode_uid'            => $message_parser->bbcode_uid,
1422                  'message'                => $message_parser->message,
1423                  'attachment_data'        => $message_parser->attachment_data,
1424                  'filename_data'            => $message_parser->filename_data,
1425                  'topic_status'            => $post_data['topic_status'],
1426  
1427                  'topic_visibility'            => (isset($post_data['topic_visibility'])) ? $post_data['topic_visibility'] : false,
1428                  'post_visibility'            => (isset($post_data['post_visibility'])) ? $post_data['post_visibility'] : false,
1429              );
1430  
1431              if ($mode == 'edit')
1432              {
1433                  $data['topic_posts_approved'] = $post_data['topic_posts_approved'];
1434                  $data['topic_posts_unapproved'] = $post_data['topic_posts_unapproved'];
1435                  $data['topic_posts_softdeleted'] = $post_data['topic_posts_softdeleted'];
1436              }
1437  
1438              // Only return the username when it is either a guest posting or we are editing a post and
1439              // the username was supplied; otherwise post_data might hold the data of the post that is
1440              // being quoted (which could result in the username being returned being that of the quoted
1441              // post's poster, not the poster of the current post). See: PHPBB3-11769 for more information.
1442              $post_author_name = ((!$user->data['is_registered'] || $mode == 'edit') && $post_data['username'] !== '') ? $post_data['username'] : '';
1443  
1444              /**
1445              * This event allows you to define errors before the post action is performed
1446              *
1447              * @event core.posting_modify_submit_post_before
1448              * @var    array    post_data    Array with post data
1449              * @var    array    poll        Array with poll data
1450              * @var    array    data        Array with post data going to be stored in the database
1451              * @var    string    mode        What action to take if the form is submitted
1452              *                post|reply|quote|edit|delete
1453              * @var    int    post_id        ID of the post
1454              * @var    int    topic_id    ID of the topic
1455              * @var    int    forum_id    ID of the forum
1456              * @var    string    post_author_name    Author name for guest posts
1457              * @var    bool    update_message        Boolean if the post message was changed
1458              * @var    bool    update_subject        Boolean if the post subject was changed
1459              *                NOTE: Should be actual language strings, NOT language keys.
1460              * @since 3.1.0-RC5
1461              * @changed 3.1.6-RC1 remove submit and error from event  Submit and Error are checked previously prior to running event
1462              * @change 3.2.0-a1 Removed undefined page_title
1463              */
1464              $vars = array(
1465                  'post_data',
1466                  'poll',
1467                  'data',
1468                  'mode',
1469                  'post_id',
1470                  'topic_id',
1471                  'forum_id',
1472                  'post_author_name',
1473                  'update_message',
1474                  'update_subject',
1475              );
1476              extract($phpbb_dispatcher->trigger_event('core.posting_modify_submit_post_before', compact($vars)));
1477  
1478              // The last parameter tells submit_post if search indexer has to be run
1479              $redirect_url = submit_post($mode, $post_data['post_subject'], $post_author_name, $post_data['topic_type'], $poll, $data, $update_message, ($update_message || $update_subject) ? true : false);
1480  
1481              /**
1482              * This event allows you to define errors after the post action is performed
1483              *
1484              * @event core.posting_modify_submit_post_after
1485              * @var    array    post_data    Array with post data
1486              * @var    array    poll        Array with poll data
1487              * @var    array    data        Array with post data going to be stored in the database
1488              * @var    string    mode        What action to take if the form is submitted
1489              *                post|reply|quote|edit|delete
1490              * @var    int    post_id        ID of the post
1491              * @var    int    topic_id    ID of the topic
1492              * @var    int    forum_id    ID of the forum
1493              * @var    string    post_author_name    Author name for guest posts
1494              * @var    bool    update_message        Boolean if the post message was changed
1495              * @var    bool    update_subject        Boolean if the post subject was changed
1496              * @var    string    redirect_url        URL the user is going to be redirected to
1497              *                NOTE: Should be actual language strings, NOT language keys.
1498              * @since 3.1.0-RC5
1499              * @changed 3.1.6-RC1 remove submit and error from event  Submit and Error are checked previously prior to running event
1500              * @change 3.2.0-a1 Removed undefined page_title
1501              */
1502              $vars = array(
1503                  'post_data',
1504                  'poll',
1505                  'data',
1506                  'mode',
1507                  'post_id',
1508                  'topic_id',
1509                  'forum_id',
1510                  'post_author_name',
1511                  'update_message',
1512                  'update_subject',
1513                  'redirect_url',
1514              );
1515              extract($phpbb_dispatcher->trigger_event('core.posting_modify_submit_post_after', compact($vars)));
1516  
1517              if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === true) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
1518              {
1519                  $captcha->reset();
1520              }
1521  
1522              // Handle delete mode...
1523              if ($request->is_set_post('delete') || $request->is_set_post('delete_permanent'))
1524              {
1525                  $delete_reason = $request->variable('delete_reason', '', true);
1526                  phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, !$request->is_set_post('delete_permanent'), $delete_reason);
1527                  return;
1528              }
1529  
1530              // Check the permissions for post approval.
1531              // Moderators must go through post approval like ordinary users.
1532              if ((!$auth->acl_get('f_noapprove', $data['forum_id']) && empty($data['force_approved_state'])) || (isset($data['force_approved_state']) && !$data['force_approved_state']))
1533              {
1534                  meta_refresh(10, $redirect_url);
1535                  $message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD'];
1536                  $message .= (($user->data['user_id'] == ANONYMOUS) ? '' : ' '. $user->lang['POST_APPROVAL_NOTIFY']);
1537                  $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $data['forum_id']) . '">', '</a>');
1538                  trigger_error($message);
1539              }
1540  
1541              redirect($redirect_url);
1542          }
1543      }
1544  }
1545  
1546  // Preview
1547  if (!count($error) && $preview)
1548  {
1549      $post_data['post_time'] = ($mode == 'edit') ? $post_data['post_time'] : $current_time;
1550  
1551      $preview_message = $message_parser->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies'], false);
1552  
1553      $preview_signature = ($mode == 'edit') ? $post_data['user_sig'] : $user->data['user_sig'];
1554      $preview_signature_uid = ($mode == 'edit') ? $post_data['user_sig_bbcode_uid'] : $user->data['user_sig_bbcode_uid'];
1555      $preview_signature_bitfield = ($mode == 'edit') ? $post_data['user_sig_bbcode_bitfield'] : $user->data['user_sig_bbcode_bitfield'];
1556  
1557      // Signature
1558      if ($post_data['enable_sig'] && $config['allow_sig'] && $preview_signature && $auth->acl_get('f_sigs', $forum_id))
1559      {
1560          $flags = ($config['allow_sig_bbcode']) ? OPTION_FLAG_BBCODE : 0;
1561          $flags |= ($config['allow_sig_links']) ? OPTION_FLAG_LINKS : 0;
1562          $flags |= ($config['allow_sig_smilies']) ? OPTION_FLAG_SMILIES : 0;
1563  
1564          $preview_signature = generate_text_for_display($preview_signature, $preview_signature_uid, $preview_signature_bitfield, $flags, false);
1565      }
1566      else
1567      {
1568          $preview_signature = '';
1569      }
1570  
1571      $preview_subject = censor_text($post_data['post_subject']);
1572  
1573      // Poll Preview
1574      if (!$poll_delete && ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1575      && $auth->acl_get('f_poll', $forum_id))
1576      {
1577          $parse_poll = new parse_message($post_data['poll_title']);
1578          $parse_poll->bbcode_uid = $message_parser->bbcode_uid;
1579          $parse_poll->bbcode_bitfield = $message_parser->bbcode_bitfield;
1580  
1581          $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
1582  
1583          if ($post_data['poll_length'])
1584          {
1585              $poll_end = ($post_data['poll_length'] * 86400) + (($post_data['poll_start']) ? $post_data['poll_start'] : time());
1586          }
1587  
1588          $template->assign_vars(array(
1589              'S_HAS_POLL_OPTIONS'    => (count($post_data['poll_options'])),
1590              'S_IS_MULTI_CHOICE'        => ($post_data['poll_max_options'] > 1) ? true : false,
1591  
1592              'POLL_QUESTION'        => $parse_poll->message,
1593  
1594              'L_POLL_LENGTH'        => ($post_data['poll_length']) ? sprintf($user->lang['POLL_RUN_TILL'], $user->format_date($poll_end)) : '',
1595              'L_MAX_VOTES'        => $user->lang('MAX_OPTIONS_SELECT', (int) $post_data['poll_max_options']),
1596          ));
1597  
1598          $preview_poll_options = array();
1599          foreach ($post_data['poll_options'] as $poll_option)
1600          {
1601              $parse_poll->message = $poll_option;
1602              $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
1603              $preview_poll_options[] = $parse_poll->message;
1604          }
1605          unset($parse_poll);
1606  
1607          foreach ($preview_poll_options as $key => $option)
1608          {
1609              $template->assign_block_vars('poll_option', array(
1610                  'POLL_OPTION_CAPTION'    => $option,
1611                  'POLL_OPTION_ID'        => $key + 1)
1612              );
1613          }
1614          unset($preview_poll_options);
1615      }
1616  
1617      // Attachment Preview
1618      if (count($message_parser->attachment_data))
1619      {
1620          $template->assign_var('S_HAS_ATTACHMENTS', true);
1621  
1622          $update_count = array();
1623          $attachment_data = $message_parser->attachment_data;
1624  
1625          parse_attachments($forum_id, $preview_message, $attachment_data, $update_count, true);
1626  
1627          foreach ($attachment_data as $i => $attachment)
1628          {
1629              $template->assign_block_vars('attachment', array(
1630                  'DISPLAY_ATTACHMENT'    => $attachment)
1631              );
1632          }
1633          unset($attachment_data);
1634      }
1635  
1636      if (!count($error))
1637      {
1638          $template->assign_vars(array(
1639              'PREVIEW_SUBJECT'        => $preview_subject,
1640              'PREVIEW_MESSAGE'        => $preview_message,
1641              'PREVIEW_SIGNATURE'        => $preview_signature,
1642  
1643              'S_DISPLAY_PREVIEW'        => !empty($preview_message),
1644          ));
1645      }
1646  }
1647  
1648  // Remove quotes that would become nested too deep before decoding the text
1649  $generate_quote = ($mode == 'quote' && !$submit && !$preview && !$refresh);
1650  if ($generate_quote && $config['max_quote_depth'] > 0)
1651  {
1652      $tmp_bbcode_uid = $message_parser->bbcode_uid;
1653      $message_parser->bbcode_uid = $post_data['bbcode_uid'];
1654      $message_parser->remove_nested_quotes($config['max_quote_depth'] - 1);
1655      $message_parser->bbcode_uid = $tmp_bbcode_uid;
1656  }
1657  
1658  // Decode text for message display
1659  $post_data['bbcode_uid'] = ($mode == 'quote' && !$preview && !$refresh && !count($error)) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid;
1660  $message_parser->decode_message($post_data['bbcode_uid']);
1661  
1662  if ($generate_quote)
1663  {
1664      // Remove attachment bbcode tags from the quoted message to avoid mixing with the new post attachments if any
1665      $message_parser->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#uis', '\\2', $message_parser->message);
1666  
1667      $quote_attributes = array(
1668                          'author'  => $post_data['quote_username'],
1669                          'post_id' => $post_data['post_id'],
1670                          'time'    => $post_data['post_time'],
1671                          'user_id' => $post_data['poster_id'],
1672      );
1673  
1674      /**
1675      * This event allows you to modify the quote attributes of the post being quoted
1676      *
1677      * @event core.posting_modify_quote_attributes
1678      * @var    array    quote_attributes    Array with quote attributes
1679      * @var    array    post_data            Array with post data
1680      * @since 3.2.6-RC1
1681      */
1682      $vars = array(
1683          'quote_attributes',
1684          'post_data',
1685      );
1686      extract($phpbb_dispatcher->trigger_event('core.posting_modify_quote_attributes', compact($vars)));
1687  
1688      /** @var \phpbb\language\language $language */
1689      $language = $phpbb_container->get('language');
1690      phpbb_format_quote($language, $message_parser, $bbcode_utils, $bbcode_status, $quote_attributes);
1691  }
1692  
1693  if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh)
1694  {
1695      $post_data['post_subject'] = ((strpos($post_data['post_subject'], 'Re: ') !== 0) ? 'Re: ' : '') . censor_text($post_data['post_subject']);
1696  
1697      $post_subject = $post_data['post_subject'];
1698  
1699      /**
1700      * This event allows you to modify the post subject of the post being quoted
1701      *
1702      * @event core.posting_modify_post_subject
1703      * @var    string        post_subject    String with the post subject already censored.
1704      * @since 3.2.8-RC1
1705      */
1706      $vars = array('post_subject');
1707      extract($phpbb_dispatcher->trigger_event('core.posting_modify_post_subject', compact($vars)));
1708  
1709      $post_data['post_subject'] = $post_subject;
1710  }
1711  
1712  $attachment_data = $message_parser->attachment_data;
1713  $filename_data = $message_parser->filename_data;
1714  $post_data['post_text'] = $message_parser->message;
1715  
1716  if (count($post_data['poll_options']) || (isset($post_data['poll_title']) && !$bbcode_utils->is_empty($post_data['poll_title'])))
1717  {
1718      $message_parser->message = $post_data['poll_title'];
1719      $message_parser->bbcode_uid = $post_data['bbcode_uid'];
1720  
1721      $message_parser->decode_message();
1722      $post_data['poll_title'] = $message_parser->message;
1723  
1724      $message_parser->message = implode("\n", $post_data['poll_options']);
1725      $message_parser->decode_message();
1726      $post_data['poll_options'] = explode("\n", $message_parser->message);
1727  }
1728  
1729  // MAIN POSTING PAGE BEGINS HERE
1730  
1731  // Forum moderators?
1732  $moderators = array();
1733  if ($config['load_moderators'])
1734  {
1735      get_moderators($moderators, $forum_id);
1736  }
1737  
1738  // Generate smiley listing
1739  generate_smilies('inline', $forum_id);
1740  
1741  // Generate inline attachment select box
1742  posting_gen_inline_attachments($attachment_data);
1743  
1744  // Do show topic type selection only in first post.
1745  $topic_type_toggle = false;
1746  
1747  if ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']))
1748  {
1749      $topic_type_toggle = posting_gen_topic_types($forum_id, $post_data['topic_type']);
1750  }
1751  
1752  $s_topic_icons = false;
1753  if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id))
1754  {
1755      $s_topic_icons = posting_gen_topic_icons($mode, $post_data['icon_id']);
1756  }
1757  
1758  $bbcode_checked        = (isset($post_data['enable_bbcode'])) ? !$post_data['enable_bbcode'] : (($config['allow_bbcode']) ? !$user->optionget('bbcode') : 1);
1759  $smilies_checked    = (isset($post_data['enable_smilies'])) ? !$post_data['enable_smilies'] : (($config['allow_smilies']) ? !$user->optionget('smilies') : 1);
1760  $urls_checked        = (isset($post_data['enable_urls'])) ? !$post_data['enable_urls'] : 0;
1761  $sig_checked        = $post_data['enable_sig'];
1762  $lock_topic_checked    = (isset($topic_lock) && $topic_lock) ? $topic_lock : (($post_data['topic_status'] == ITEM_LOCKED) ? 1 : 0);
1763  $lock_post_checked    = (isset($post_lock)) ? $post_lock : $post_data['post_edit_locked'];
1764  
1765  // If the user is replying or posting and not already watching this topic but set to always being notified we need to overwrite this setting
1766  $notify_set            = ($mode != 'edit' && $config['allow_topic_notify'] && $user->data['is_registered'] && !$post_data['notify_set']) ? $user->data['user_notify'] : $post_data['notify_set'];
1767  $notify_checked        = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);
1768  
1769  // Page title & action URL
1770  $s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode&amp;f=$forum_id");
1771  $s_action .= ($topic_id) ? "&amp;t=$topic_id" : '';
1772  $s_action .= ($post_id) ? "&amp;p=$post_id" : '';
1773  
1774  switch ($mode)
1775  {
1776      case 'post':
1777          $page_title = $user->lang['POST_TOPIC'];
1778      break;
1779  
1780      case 'quote':
1781      case 'reply':
1782          $page_title = $user->lang['POST_REPLY'];
1783      break;
1784  
1785      case 'delete':
1786      case 'edit':
1787          $page_title = $user->lang['EDIT_POST'];
1788      break;
1789  }
1790  
1791  // Build Navigation Links
1792  generate_forum_nav($post_data);
1793  
1794  // Build Forum Rules
1795  generate_forum_rules($post_data);
1796  
1797  // Posting uses is_solved for legacy reasons. Plugins have to use is_solved to force themselves to be displayed.
1798  if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === false) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
1799  {
1800  
1801      $template->assign_vars(array(
1802          'S_CONFIRM_CODE'            => true,
1803          'CAPTCHA_TEMPLATE'            => $captcha->get_template(),
1804      ));
1805  }
1806  
1807  $s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $post_data['topic_last_post_id'] . '" />' : '';
1808  $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . $request->variable('draft_loaded', $draft_id) . '" />' : '';
1809  
1810  if ($mode == 'edit')
1811  {
1812      $s_hidden_fields .= build_hidden_fields(array(
1813          'edit_post_message_checksum'    => $post_data['post_checksum'],
1814          'edit_post_subject_checksum'    => $post_data['post_subject_md5'],
1815      ));
1816  }
1817  
1818  // Add the confirm id/code pair to the hidden fields, else an error is displayed on next submit/preview
1819  if (isset($captcha) && $captcha->is_solved() !== false)
1820  {
1821      $s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields());
1822  }
1823  
1824  $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_attachments'] || !$auth->acl_get('u_attach') || !$auth->acl_get('f_attach', $forum_id)) ? '' : ' enctype="multipart/form-data"';
1825  add_form_key('posting');
1826  
1827  /** @var \phpbb\controller\helper $controller_helper */
1828  $controller_helper = $phpbb_container->get('controller.helper');
1829  
1830  // Build array of variables for main posting page
1831  $page_data = array(
1832      'L_POST_A'                    => $page_title,
1833      'L_ICON'                    => ($mode == 'reply' || $mode == 'quote' || ($mode == 'edit' && $post_id != $post_data['topic_first_post_id'])) ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'],
1834      'L_MESSAGE_BODY_EXPLAIN'    => $user->lang('MESSAGE_BODY_EXPLAIN', (int) $config['max_post_chars']),
1835      'L_DELETE_POST_PERMANENTLY'    => $user->lang('DELETE_POST_PERMANENTLY', 1),
1836  
1837      'FORUM_NAME'            => $post_data['forum_name'],
1838      'FORUM_DESC'            => ($post_data['forum_desc']) ? generate_text_for_display($post_data['forum_desc'], $post_data['forum_desc_uid'], $post_data['forum_desc_bitfield'], $post_data['forum_desc_options']) : '',
1839      'TOPIC_TITLE'            => censor_text($post_data['topic_title']),
1840      'MODERATORS'            => (count($moderators)) ? implode($user->lang['COMMA_SEPARATOR'], $moderators[$forum_id]) : '',
1841      'USERNAME'                => ((!$preview && $mode != 'quote') || $preview) ? $post_data['username'] : '',
1842      'SUBJECT'                => $post_data['post_subject'],
1843      'MESSAGE'                => $post_data['post_text'],
1844      'BBCODE_STATUS'            => $user->lang(($bbcode_status ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '<a href="' . $controller_helper->route('phpbb_help_bbcode_controller') . '">', '</a>'),
1845      'IMG_STATUS'            => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
1846      'FLASH_STATUS'            => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
1847      'SMILIES_STATUS'        => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
1848      'URL_STATUS'            => ($bbcode_status && $url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
1849      'MAX_FONT_SIZE'            => (int) $config['max_post_font_size'],
1850      'MINI_POST_IMG'            => $user->img('icon_post_target', $user->lang['POST']),
1851      'POST_DATE'                => ($post_data['post_time']) ? $user->format_date($post_data['post_time']) : '',
1852      'ERROR'                    => (count($error)) ? implode('<br />', $error) : '',
1853      'TOPIC_TIME_LIMIT'        => (int) $post_data['topic_time_limit'],
1854      'EDIT_REASON'            => $request->variable('edit_reason', '', true),
1855      'SHOW_PANEL'            => $request->variable('show_panel', ''),
1856      'U_VIEW_FORUM'            => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"),
1857      'U_VIEW_TOPIC'            => ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=$topic_id") : '',
1858      'U_PROGRESS_BAR'        => append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&amp;mode=popup"),
1859      'UA_PROGRESS_BAR'        => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&amp;mode=popup")),
1860  
1861      'S_PRIVMSGS'                => false,
1862      'S_CLOSE_PROGRESS_WINDOW'    => (isset($_POST['add_file'])) ? true : false,
1863      'S_EDIT_POST'                => ($mode == 'edit') ? true : false,
1864      'S_EDIT_REASON'                => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
1865      'S_DISPLAY_USERNAME'        => (!$user->data['is_registered'] || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS)) ? true : false,
1866      'S_SHOW_TOPIC_ICONS'        => $s_topic_icons,
1867      'S_DELETE_ALLOWED'            => ($mode == 'edit' && (($post_id == $post_data['topic_last_post_id'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])) || $auth->acl_get('m_delete', $forum_id))) ? true : false,
1868      'S_BBCODE_ALLOWED'            => ($bbcode_status) ? 1 : 0,
1869      'S_BBCODE_CHECKED'            => ($bbcode_checked) ? ' checked="checked"' : '',
1870      'S_SMILIES_ALLOWED'            => $smilies_status,
1871      'S_SMILIES_CHECKED'            => ($smilies_checked) ? ' checked="checked"' : '',
1872      'S_SIG_ALLOWED'                => ($auth->acl_get('f_sigs', $forum_id) && $config['allow_sig'] && $user->data['is_registered']) ? true : false,
1873      'S_SIGNATURE_CHECKED'        => ($sig_checked) ? ' checked="checked"' : '',
1874      'S_NOTIFY_ALLOWED'            => (!$user->data['is_registered'] || ($mode == 'edit' && $user->data['user_id'] != $post_data['poster_id']) || !$config['allow_topic_notify'] || !$config['email_enable']) ? false : true,
1875      'S_NOTIFY_CHECKED'            => ($notify_checked) ? ' checked="checked"' : '',
1876      'S_LOCK_TOPIC_ALLOWED'        => (($mode == 'edit' || $mode == 'reply' || $mode == 'quote' || $mode == 'post') && ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED))) ? true : false,
1877      'S_LOCK_TOPIC_CHECKED'        => ($lock_topic_checked) ? ' checked="checked"' : '',
1878      'S_LOCK_POST_ALLOWED'        => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
1879      'S_LOCK_POST_CHECKED'        => ($lock_post_checked) ? ' checked="checked"' : '',
1880      'S_SOFTDELETE_CHECKED'        => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? ' checked="checked"' : '',
1881      'S_SOFTDELETE_ALLOWED'        => ($mode == 'edit' && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $lock_post_checked)) ? true : false,
1882      'S_RESTORE_ALLOWED'            => $auth->acl_get('m_approve', $forum_id),
1883      'S_IS_DELETED'                => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? true : false,
1884      'S_LINKS_ALLOWED'            => $url_status,
1885      'S_MAGIC_URL_CHECKED'        => ($urls_checked) ? ' checked="checked"' : '',
1886      'S_TYPE_TOGGLE'                => $topic_type_toggle,
1887      'S_SAVE_ALLOWED'            => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $mode != 'edit') ? true : false,
1888      'S_HAS_DRAFTS'                => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $post_data['drafts']) ? true : false,
1889      'S_FORM_ENCTYPE'            => $form_enctype,
1890  
1891      'S_BBCODE_IMG'            => $img_status,
1892      'S_BBCODE_URL'            => $url_status,
1893      'S_BBCODE_FLASH'        => $flash_status,
1894      'S_BBCODE_QUOTE'        => $quote_status,
1895  
1896      'S_POST_ACTION'            => $s_action,
1897      'S_HIDDEN_FIELDS'        => $s_hidden_fields,
1898      'S_ATTACH_DATA'            => json_encode($message_parser->attachment_data),
1899      'S_IN_POSTING'            => true,
1900  );
1901  
1902  // Build custom bbcodes array
1903  display_custom_bbcodes();
1904  
1905  // Poll entry
1906  if (($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1907      && $auth->acl_get('f_poll', $forum_id))
1908  {
1909      $page_data = array_merge($page_data, array(
1910          'S_SHOW_POLL_BOX'        => true,
1911          'S_POLL_VOTE_CHANGE'    => ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id)),
1912          'S_POLL_DELETE'            => ($mode == 'edit' && count($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))),
1913          'S_POLL_DELETE_CHECKED'    => (!empty($poll_delete)) ? true : false,
1914  
1915          'L_POLL_OPTIONS_EXPLAIN'    => $user->lang('POLL_OPTIONS_' . (($mode == 'edit') ? 'EDIT_' : '') . 'EXPLAIN', (int) $config['max_poll_options']),
1916  
1917          'VOTE_CHANGE_CHECKED'    => (!empty($post_data['poll_vote_change'])) ? ' checked="checked"' : '',
1918          'POLL_TITLE'            => (isset($post_data['poll_title'])) ? $post_data['poll_title'] : '',
1919          'POLL_OPTIONS'            => (!empty($post_data['poll_options'])) ? implode("\n", $post_data['poll_options']) : '',
1920          'POLL_MAX_OPTIONS'        => (isset($post_data['poll_max_options'])) ? (int) $post_data['poll_max_options'] : 1,
1921          'POLL_LENGTH'            => $post_data['poll_length'],
1922          )
1923      );
1924  }
1925  
1926  /**
1927  * This event allows you to modify template variables for the posting screen
1928  *
1929  * @event core.posting_modify_template_vars
1930  * @var    array    post_data    Array with post data
1931  * @var    array    moderators    Array with forum moderators
1932  * @var    string    mode        What action to take if the form is submitted
1933  *                post|reply|quote|edit|delete|bump|smilies|popup
1934  * @var    string    page_title    Title of the mode page
1935  * @var    bool    s_topic_icons    Whether or not to show the topic icons
1936  * @var    string    form_enctype    If attachments are allowed for this form
1937  *                "multipart/form-data" or empty string
1938  * @var    string    s_action    The URL to submit the POST data to
1939  * @var    string    s_hidden_fields    Concatenated hidden input tags of posting form
1940  * @var    int    post_id        ID of the post
1941  * @var    int    topic_id    ID of the topic
1942  * @var    int    forum_id    ID of the forum
1943  * @var    int    draft_id    ID of the draft
1944  * @var    bool    submit        Whether or not the form has been submitted
1945  * @var    bool    preview        Whether or not the post is being previewed
1946  * @var    bool    save        Whether or not a draft is being saved
1947  * @var    bool    load        Whether or not a draft is being loaded
1948  * @var    bool    cancel        Whether or not to cancel the form (returns to
1949  *                viewtopic or viewforum depending on if the user
1950  *                is posting a new topic or editing a post)
1951  * @var    array    error        Any error strings; a non-empty array aborts
1952  *                form submission.
1953  *                NOTE: Should be actual language strings, NOT
1954  *                language keys.
1955  * @var    bool    refresh        Whether or not to retain previously submitted data
1956  * @var    array    page_data    Posting page data that should be passed to the
1957  *                posting page via $template->assign_vars()
1958  * @var    object    message_parser    The message parser object
1959  * @since 3.1.0-a1
1960  * @changed 3.1.0-b3 Added vars post_data, moderators, mode, page_title,
1961  *        s_topic_icons, form_enctype, s_action, s_hidden_fields,
1962  *        post_id, topic_id, forum_id, submit, preview, save, load,
1963  *        delete, cancel, refresh, error, page_data, message_parser
1964  * @changed 3.1.2-RC1 Removed 'delete' var as it does not exist
1965  * @changed 3.1.5-RC1 Added poll variables to the page_data array
1966  * @changed 3.1.6-RC1 Added 'draft_id' var
1967  */
1968  $vars = array(
1969      'post_data',
1970      'moderators',
1971      'mode',
1972      'page_title',
1973      's_topic_icons',
1974      'form_enctype',
1975      's_action',
1976      's_hidden_fields',
1977      'post_id',
1978      'topic_id',
1979      'forum_id',
1980      'draft_id',
1981      'submit',
1982      'preview',
1983      'save',
1984      'load',
1985      'cancel',
1986      'refresh',
1987      'error',
1988      'page_data',
1989      'message_parser',
1990  );
1991  extract($phpbb_dispatcher->trigger_event('core.posting_modify_template_vars', compact($vars)));
1992  
1993  // Start assigning vars for main posting page ...
1994  $template->assign_vars($page_data);
1995  
1996  // Show attachment box for adding attachments if true
1997  $allowed = ($auth->acl_get('f_attach', $forum_id) && $auth->acl_get('u_attach') && $config['allow_attachments'] && $form_enctype);
1998  
1999  if ($allowed)
2000  {
2001      $max_files = ($auth->acl_get('a_') || $auth->acl_get('m_', $forum_id)) ? 0 : (int) $config['max_attachments'];
2002      $plupload->configure($cache, $template, $s_action, $forum_id, $max_files);
2003  }
2004  
2005  // Attachment entry
2006  posting_gen_attachment_entry($attachment_data, $filename_data, $allowed);
2007  
2008  // Output page ...
2009  page_header($page_title);
2010  
2011  $template->set_filenames(array(
2012      'body' => 'posting_body.html')
2013  );
2014  
2015  make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx"));
2016  
2017  // Topic review
2018  if ($mode == 'reply' || $mode == 'quote')
2019  {
2020      if (topic_review($topic_id, $forum_id))
2021      {
2022          $template->assign_var('S_DISPLAY_REVIEW', true);
2023      }
2024  }
2025  
2026  page_footer();


Generated: Sat Oct 26 11:28:42 2019 Cross-referenced by PHPXref 0.7.1