[ Index ]

PHP Cross Reference of phpBB-3.3.14-deutsch

title

Body

[close]

/ -> posting.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  define('IN_PHPBB', true);
  18  $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
  19  $phpEx = substr(strrchr(__FILE__, '.'), 1);
  20  include($phpbb_root_path . 'common.' . $phpEx);
  21  include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
  22  include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
  23  include($phpbb_root_path . 'includes/message_parser.' . $phpEx);
  24  
  25  
  26  // Start session management
  27  $user->session_begin();
  28  $auth->acl($user->data);
  29  
  30  
  31  // Grab only parameters needed here
  32  $draft_id    = $request->variable('d', 0);
  33  
  34  $preview    = (isset($_POST['preview'])) ? true : false;
  35  $save        = (isset($_POST['save'])) ? true : false;
  36  $load        = (isset($_POST['load'])) ? true : false;
  37  $confirm    = $request->is_set_post('confirm');
  38  $cancel        = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false;
  39  
  40  $refresh    = (isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $preview);
  41  $submit = $request->is_set_post('post') && !$refresh && !$preview;
  42  $mode        = $request->variable('mode', '');
  43  
  44  // Only assign required URL parameters
  45  $forum_id = 0;
  46  $topic_id = 0;
  47  $post_id = 0;
  48  
  49  switch ($mode)
  50  {
  51      case 'popup':
  52      case 'smilies':
  53          $forum_id = $request->variable('f', 0);
  54      break;
  55  
  56      case 'post':
  57          $forum_id = $request->variable('f', 0);
  58          if (!$forum_id)
  59          {
  60              trigger_error('NO_FORUM');
  61          }
  62      break;
  63  
  64      case 'bump':
  65      case 'reply':
  66          $topic_id = $request->variable('t', 0);
  67          if ($topic_id)
  68          {
  69              $sql = 'SELECT forum_id
  70                  FROM ' . TOPICS_TABLE . "
  71                  WHERE topic_id = $topic_id";
  72              $result = $db->sql_query($sql);
  73              $forum_id = (int) $db->sql_fetchfield('forum_id');
  74              $db->sql_freeresult($result);
  75          }
  76  
  77          if (!$topic_id || !$forum_id)
  78          {
  79              trigger_error('NO_TOPIC');
  80          }
  81      break;
  82  
  83      case 'edit':
  84      case 'delete':
  85      case 'quote':
  86      case 'soft_delete':
  87          $post_id = $request->variable('p', 0);
  88          if ($post_id)
  89          {
  90              $topic_forum = [];
  91  
  92              $sql = 'SELECT t.topic_id, t.forum_id
  93                  FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p
  94                  WHERE p.post_id = ' . $post_id . '
  95                  AND t.topic_id = p.topic_id';
  96              $result = $db->sql_query($sql);
  97              $topic_forum = $db->sql_fetchrow($result);
  98              $db->sql_freeresult($result);
  99          }
 100  
 101          if (!$post_id || !$topic_forum)
 102          {
 103              $user->setup('posting');
 104              trigger_error('NO_POST');
 105          }
 106  
 107          // Need to update session forum_id to valid value for proper viewonline information
 108          if (!$forum_id)
 109          {
 110              $user->page['forum'] = (int) $topic_forum['forum_id'];
 111              $user->update_session_page = true;
 112              $user->update_session_infos();
 113          }
 114  
 115          $topic_id = (int) $topic_forum['topic_id'];
 116          $forum_id = (int) $topic_forum['forum_id'];
 117  
 118      break;
 119  }
 120  
 121  // If the user is not allowed to delete the post, we try to soft delete it, so we overwrite the mode here.
 122  if ($mode == 'delete' && (($confirm && !$request->is_set_post('delete_permanent')) || !$auth->acl_gets('f_delete', 'm_delete', $forum_id)))
 123  {
 124      $mode = 'soft_delete';
 125  }
 126  
 127  $error = $post_data = array();
 128  $current_time = time();
 129  
 130  /**
 131  * This event allows you to alter the above parameters, such as submit and mode
 132  *
 133  * Note: $refresh must be true to retain previously submitted form data.
 134  *
 135  * Note: The template class will not work properly until $user->setup() is
 136  * called, and it has not been called yet. Extensions requiring template
 137  * assignments should use an event that comes later in this file.
 138  *
 139  * @event core.modify_posting_parameters
 140  * @var    int        post_id        ID of the post
 141  * @var    int        topic_id    ID of the topic
 142  * @var    int        forum_id    ID of the forum
 143  * @var    int        draft_id    ID of the draft
 144  * @var    bool    submit        Whether or not the form has been submitted
 145  * @var    bool    preview        Whether or not the post is being previewed
 146  * @var    bool    save        Whether or not a draft is being saved
 147  * @var    bool    load        Whether or not a draft is being loaded
 148  * @var    bool    cancel        Whether or not to cancel the form (returns to
 149  *                            viewtopic or viewforum depending on if the user
 150  *                            is posting a new topic or editing a post)
 151  * @var    bool    refresh        Whether or not to retain previously submitted data
 152  * @var    string    mode        What action to take if the form has been submitted
 153  *                            post|reply|quote|edit|delete|bump|smilies|popup
 154  * @var    array    error        Any error strings; a non-empty array aborts
 155  *                            form submission.
 156  *                            NOTE: Should be actual language strings, NOT
 157  *                            language keys.
 158  * @since 3.1.0-a1
 159  * @changed 3.1.2-RC1            Removed 'delete' var as it does not exist
 160  * @changed 3.2.4-RC1        Remove unused 'lastclick' var
 161  */
 162  $vars = array(
 163      'post_id',
 164      'topic_id',
 165      'forum_id',
 166      'draft_id',
 167      'submit',
 168      'preview',
 169      'save',
 170      'load',
 171      'cancel',
 172      'refresh',
 173      'mode',
 174      'error',
 175  );
 176  extract($phpbb_dispatcher->trigger_event('core.modify_posting_parameters', compact($vars)));
 177  
 178  // Was cancel pressed? If so then redirect to the appropriate page
 179  if ($cancel)
 180  {
 181      $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx")));
 182      redirect($redirect);
 183  }
 184  
 185  /* @var $phpbb_content_visibility \phpbb\content_visibility */
 186  $phpbb_content_visibility = $phpbb_container->get('content.visibility');
 187  
 188  // We need to know some basic information in all cases before we do anything.
 189  switch ($mode)
 190  {
 191      case 'post':
 192          $sql = 'SELECT *
 193              FROM ' . FORUMS_TABLE . "
 194              WHERE forum_id = $forum_id";
 195      break;
 196  
 197      case 'bump':
 198      case 'reply':
 199          $sql = 'SELECT f.*, t.*
 200              FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
 201              WHERE t.topic_id = $topic_id
 202                  AND f.forum_id = t.forum_id
 203                  AND " . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id, 't.');
 204      break;
 205  
 206      case 'quote':
 207      case 'edit':
 208      case 'delete':
 209      case 'soft_delete':
 210          $sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield
 211              FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u
 212              WHERE p.post_id = $post_id
 213                  AND t.topic_id = p.topic_id
 214                  AND u.user_id = p.poster_id
 215                  AND f.forum_id = t.forum_id
 216                  AND " . $phpbb_content_visibility->get_visibility_sql('post', $forum_id, 'p.');
 217      break;
 218  
 219      case 'smilies':
 220          $sql = '';
 221          generate_smilies('window', $forum_id);
 222      break;
 223  
 224      case 'popup':
 225          if ($forum_id)
 226          {
 227              $sql = 'SELECT forum_style
 228                  FROM ' . FORUMS_TABLE . '
 229                  WHERE forum_id = ' . $forum_id;
 230          }
 231          else
 232          {
 233              phpbb_upload_popup();
 234              return;
 235          }
 236      break;
 237  
 238      default:
 239          $sql = '';
 240      break;
 241  }
 242  
 243  if (!$sql)
 244  {
 245      $user->setup('posting');
 246      trigger_error('NO_POST_MODE');
 247  }
 248  
 249  $result = $db->sql_query($sql);
 250  $post_data = $db->sql_fetchrow($result);
 251  $db->sql_freeresult($result);
 252  
 253  if (!$post_data)
 254  {
 255      if (!($mode == 'post' || $mode == 'bump' || $mode == 'reply'))
 256      {
 257          $user->setup('posting');
 258      }
 259      trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST');
 260  }
 261  
 262  /**
 263  * This event allows you to bypass reply/quote test of an unapproved post.
 264  *
 265  * @event core.posting_modify_row_data
 266  * @var    array    post_data    All post data from database
 267  * @var    string    mode        What action to take if the form has been submitted
 268  *                            post|reply|quote|edit|delete|bump|smilies|popup
 269  * @var    int        topic_id    ID of the topic
 270  * @var    int        forum_id    ID of the forum
 271  * @since 3.2.8-RC1
 272  */
 273  $vars = array(
 274      'post_data',
 275      'mode',
 276      'topic_id',
 277      'forum_id',
 278  );
 279  extract($phpbb_dispatcher->trigger_event('core.posting_modify_row_data', compact($vars)));
 280  
 281  // Not able to reply to unapproved posts/topics
 282  // TODO: add more descriptive language key
 283  if ($auth->acl_get('m_approve', $forum_id) && ((($mode == 'reply' || $mode == 'bump') && $post_data['topic_visibility'] != ITEM_APPROVED) || ($mode == 'quote' && $post_data['post_visibility'] != ITEM_APPROVED)))
 284  {
 285      trigger_error(($mode == 'reply' || $mode == 'bump') ? 'TOPIC_UNAPPROVED' : 'POST_UNAPPROVED');
 286  }
 287  
 288  if ($mode == 'popup')
 289  {
 290      phpbb_upload_popup($post_data['forum_style']);
 291      return;
 292  }
 293  
 294  $user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
 295  
 296  // Need to login to passworded forum first?
 297  if ($post_data['forum_password'])
 298  {
 299      login_forum_box(array(
 300          'forum_id'            => $forum_id,
 301          'forum_name'        => $post_data['forum_name'],
 302          'forum_password'    => $post_data['forum_password'])
 303      );
 304  }
 305  
 306  // Check permissions
 307  if ($user->data['is_bot'])
 308  {
 309      redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 310  }
 311  
 312  // Is the user able to read within this forum?
 313  if (!$auth->acl_get('f_read', $forum_id))
 314  {
 315      if ($user->data['user_id'] != ANONYMOUS)
 316      {
 317          trigger_error('USER_CANNOT_READ');
 318      }
 319      $message = $user->lang['LOGIN_EXPLAIN_POST'];
 320  
 321      if ($request->is_ajax())
 322      {
 323          $json = new phpbb\json_response();
 324          $json->send(array(
 325              'title'        => $user->lang['INFORMATION'],
 326              'message'    => $message,
 327          ));
 328      }
 329  
 330      login_box('', $message);
 331  }
 332  
 333  // Permission to do the action asked?
 334  $is_authed = false;
 335  
 336  switch ($mode)
 337  {
 338      case 'post':
 339          if ($auth->acl_get('f_post', $forum_id))
 340          {
 341              $is_authed = true;
 342          }
 343      break;
 344  
 345      case 'bump':
 346          if ($auth->acl_get('f_bump', $forum_id))
 347          {
 348              $is_authed = true;
 349          }
 350      break;
 351  
 352      case 'quote':
 353  
 354          $post_data['post_edit_locked'] = 0;
 355  
 356      // no break;
 357  
 358      case 'reply':
 359          if ($auth->acl_get('f_reply', $forum_id))
 360          {
 361              $is_authed = true;
 362          }
 363      break;
 364  
 365      case 'edit':
 366          if ($user->data['is_registered'] && $auth->acl_gets('f_edit', 'm_edit', $forum_id))
 367          {
 368              $is_authed = true;
 369          }
 370      break;
 371  
 372      case 'delete':
 373          if ($user->data['is_registered'] && ($auth->acl_get('m_delete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id))))
 374          {
 375              $is_authed = true;
 376          }
 377  
 378      // no break;
 379  
 380      case 'soft_delete':
 381          if (!$is_authed && $user->data['is_registered'] && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $post_data['post_edit_locked']))
 382          {
 383              // Fall back to soft_delete if we have no permissions to delete posts but to soft delete them
 384              $is_authed = true;
 385              $mode = 'soft_delete';
 386          }
 387      break;
 388  }
 389  /**
 390  * This event allows you to do extra auth checks and verify if the user
 391  * has the required permissions
 392  *
 393  * Extensions should only change the error and is_authed variables.
 394  *
 395  * @event core.modify_posting_auth
 396  * @var    int        post_id        ID of the post
 397  * @var    int        topic_id    ID of the topic
 398  * @var    int        forum_id    ID of the forum
 399  * @var    int        draft_id    ID of the draft
 400  * @var    bool    submit        Whether or not the form has been submitted
 401  * @var    bool    preview        Whether or not the post is being previewed
 402  * @var    bool    save        Whether or not a draft is being saved
 403  * @var    bool    load        Whether or not a draft is being loaded
 404  * @var    bool    refresh        Whether or not to retain previously submitted data
 405  * @var    string    mode        What action to take if the form has been submitted
 406  *                            post|reply|quote|edit|delete|bump|smilies|popup
 407  * @var    array    error        Any error strings; a non-empty array aborts
 408  *                            form submission.
 409  *                            NOTE: Should be actual language strings, NOT
 410  *                            language keys.
 411  * @var    bool    is_authed    Does the user have the required permissions?
 412  * @var    array    post_data    All post data from database
 413  * @since 3.1.3-RC1
 414  * @changed 3.1.10-RC1 Added post_data
 415  * @changed 3.2.4-RC1         Remove unused 'lastclick' var
 416  */
 417  $vars = array(
 418      'post_id',
 419      'topic_id',
 420      'forum_id',
 421      'draft_id',
 422      'submit',
 423      'preview',
 424      'save',
 425      'load',
 426      'refresh',
 427      'mode',
 428      'error',
 429      'is_authed',
 430      'post_data',
 431  );
 432  extract($phpbb_dispatcher->trigger_event('core.modify_posting_auth', compact($vars)));
 433  
 434  if (!$is_authed || !empty($error))
 435  {
 436      $check_auth = ($mode == 'quote') ? 'reply' : (($mode == 'soft_delete') ? 'delete' : $mode);
 437  
 438      if ($user->data['is_registered'])
 439      {
 440          trigger_error(empty($error) ? 'USER_CANNOT_' . strtoupper($check_auth) : implode('<br/>', $error));
 441      }
 442      $message = $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)];
 443  
 444      if ($request->is_ajax())
 445      {
 446          $json = new phpbb\json_response();
 447          $json->send(array(
 448              'title'        => $user->lang['INFORMATION'],
 449              'message'    => $message,
 450          ));
 451      }
 452  
 453      login_box('', $message);
 454  }
 455  
 456  if ($config['enable_post_confirm'] && !$user->data['is_registered'])
 457  {
 458      $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']);
 459      $captcha->init(CONFIRM_POST);
 460  }
 461  
 462  // Is the user able to post within this forum?
 463  if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply')))
 464  {
 465      trigger_error('USER_CANNOT_FORUM_POST');
 466  }
 467  
 468  // Forum/Topic locked?
 469  if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED)) && !$auth->acl_get($mode == 'reply' ? 'm_lock' : 'm_edit', $forum_id))
 470  {
 471      trigger_error(($post_data['forum_status'] == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED');
 472  }
 473  
 474  // Can we edit this post ... if we're a moderator with rights then always yes
 475  // else it depends on editing times, lock status and if we're the correct user
 476  if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id))
 477  {
 478      $force_edit_allowed = false;
 479  
 480      $s_cannot_edit = $user->data['user_id'] != $post_data['poster_id'];
 481      $s_cannot_edit_time = $config['edit_time'] && $post_data['post_time'] <= time() - ($config['edit_time'] * 60);
 482      $s_cannot_edit_locked = $post_data['post_edit_locked'];
 483  
 484      /**
 485      * This event allows you to modify the conditions for the "cannot edit post" checks
 486      *
 487      * @event core.posting_modify_cannot_edit_conditions
 488      * @var    array    post_data    Array with post data
 489      * @var    bool    force_edit_allowed        Allow the user to edit the post (all permissions and conditions are ignored)
 490      * @var    bool    s_cannot_edit            User can not edit the post because it's not his
 491      * @var    bool    s_cannot_edit_locked    User can not edit the post because it's locked
 492      * @var    bool    s_cannot_edit_time        User can not edit the post because edit_time has passed
 493      * @since 3.1.0-b4
 494      */
 495      $vars = array(
 496          'post_data',
 497          'force_edit_allowed',
 498          's_cannot_edit',
 499          's_cannot_edit_locked',
 500          's_cannot_edit_time',
 501      );
 502      extract($phpbb_dispatcher->trigger_event('core.posting_modify_cannot_edit_conditions', compact($vars)));
 503  
 504      if (!$force_edit_allowed)
 505      {
 506          if ($s_cannot_edit)
 507          {
 508              trigger_error('USER_CANNOT_EDIT');
 509          }
 510          else if ($s_cannot_edit_time)
 511          {
 512              trigger_error('CANNOT_EDIT_TIME');
 513          }
 514          else if ($s_cannot_edit_locked)
 515          {
 516              trigger_error('CANNOT_EDIT_POST_LOCKED');
 517          }
 518      }
 519  }
 520  
 521  // Handle delete mode...
 522  if ($mode == 'delete' || $mode == 'soft_delete')
 523  {
 524      if ($mode == 'soft_delete' && $post_data['post_visibility'] == ITEM_DELETED)
 525      {
 526          $user->setup('posting');
 527          trigger_error('NO_POST');
 528      }
 529  
 530      $delete_reason = $request->variable('delete_reason', '', true);
 531      phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, ($mode == 'soft_delete' && !$request->is_set_post('delete_permanent')), $delete_reason);
 532      return;
 533  }
 534  
 535  // Handle bump mode...
 536  if ($mode == 'bump')
 537  {
 538      if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id'])
 539          && check_link_hash($request->variable('hash', ''), "topic_{$post_data['topic_id']}"))
 540      {
 541          $meta_url = phpbb_bump_topic($forum_id, $topic_id, $post_data, $current_time);
 542          meta_refresh(3, $meta_url);
 543          $message = $user->lang['TOPIC_BUMPED'];
 544  
 545          if (!$request->is_ajax())
 546          {
 547              $message .= '<br /><br />' . $user->lang('VIEW_MESSAGE', '<a href="' . $meta_url . '">', '</a>');
 548              $message .= '<br /><br />' . $user->lang('RETURN_FORUM', '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
 549          }
 550  
 551          trigger_error($message);
 552      }
 553  
 554      trigger_error('BUMP_ERROR');
 555  }
 556  
 557  // Subject length limiting to 60 characters if first post...
 558  if ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_data['post_id']))
 559  {
 560      $template->assign_var('S_NEW_MESSAGE', true);
 561  }
 562  
 563  // Determine some vars
 564  if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS)
 565  {
 566      $post_data['quote_username'] = (!empty($post_data['post_username'])) ? $post_data['post_username'] : $user->lang['GUEST'];
 567  }
 568  else
 569  {
 570      $post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : '';
 571  }
 572  
 573  $post_data['post_edit_locked']    = (isset($post_data['post_edit_locked'])) ? (int) $post_data['post_edit_locked'] : 0;
 574  $post_data['post_subject_md5']    = (isset($post_data['post_subject']) && $mode == 'edit') ? md5($post_data['post_subject']) : '';
 575  $post_data['post_subject']        = (in_array($mode, array('quote', 'edit'))) ? $post_data['post_subject'] : ((isset($post_data['topic_title'])) ? $post_data['topic_title'] : '');
 576  $post_data['topic_time_limit']    = (isset($post_data['topic_time_limit'])) ? (($post_data['topic_time_limit']) ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit']) : 0;
 577  $post_data['poll_length']        = (!empty($post_data['poll_length'])) ? (int) $post_data['poll_length'] / 86400 : 0;
 578  $post_data['poll_start']        = (!empty($post_data['poll_start'])) ? (int) $post_data['poll_start'] : 0;
 579  $post_data['icon_id']            = (!isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply'))) ? 0 : (int) $post_data['icon_id'];
 580  $post_data['poll_options']        = array();
 581  
 582  // Get Poll Data
 583  if ($post_data['poll_start'])
 584  {
 585      $sql = 'SELECT poll_option_text
 586          FROM ' . POLL_OPTIONS_TABLE . "
 587          WHERE topic_id = $topic_id
 588          ORDER BY poll_option_id";
 589      $result = $db->sql_query($sql);
 590  
 591      while ($row = $db->sql_fetchrow($result))
 592      {
 593          $post_data['poll_options'][] = trim($row['poll_option_text']);
 594      }
 595      $db->sql_freeresult($result);
 596  }
 597  
 598  /**
 599  * This event allows you to modify the post data before parsing
 600  *
 601  * @event core.posting_modify_post_data
 602  * @var    int        forum_id    ID of the forum
 603  * @var    string    mode        What action to take if the form has been submitted
 604  *                            post|reply|quote|edit|delete|bump|smilies|popup
 605  * @var    array    post_data    Array with post data
 606  * @var    int        post_id        ID of the post
 607  * @var    int        topic_id    ID of the topic
 608  * @since 3.2.2-RC1
 609  */
 610  $vars = array(
 611      'forum_id',
 612      'mode',
 613      'post_data',
 614      'post_id',
 615      'topic_id',
 616  );
 617  extract($phpbb_dispatcher->trigger_event('core.posting_modify_post_data', compact($vars)));
 618  
 619  if ($mode == 'edit')
 620  {
 621      $original_poll_data = array(
 622          'poll_title'        => $post_data['poll_title'],
 623          'poll_length'        => $post_data['poll_length'],
 624          'poll_max_options'    => $post_data['poll_max_options'],
 625          'poll_option_text'    => implode("\n", $post_data['poll_options']),
 626          'poll_start'        => $post_data['poll_start'],
 627          'poll_last_vote'    => $post_data['poll_last_vote'],
 628          'poll_vote_change'    => $post_data['poll_vote_change'],
 629      );
 630  }
 631  
 632  $orig_poll_options_size = count($post_data['poll_options']);
 633  
 634  $message_parser = new parse_message();
 635  /* @var $plupload \phpbb\plupload\plupload */
 636  $plupload = $phpbb_container->get('plupload');
 637  
 638  /* @var $mimetype_guesser \phpbb\mimetype\guesser */
 639  $mimetype_guesser = $phpbb_container->get('mimetype.guesser');
 640  $message_parser->set_plupload($plupload);
 641  
 642  if (isset($post_data['post_text']))
 643  {
 644      $message_parser->message = &$post_data['post_text'];
 645      unset($post_data['post_text']);
 646  }
 647  
 648  // Set some default variables
 649  $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0);
 650  
 651  /**
 652  * This event allows you to modify the default variables for post_data, and unset them in post_data if needed
 653  *
 654  * @event core.posting_modify_default_variables
 655  * @var    array    post_data    Array with post data
 656  * @var    array    uninit        Array with default vars to put into post_data, if they aren't there
 657  * @since 3.2.5-RC1
 658  */
 659  $vars = array(
 660      'post_data',
 661      'uninit',
 662  );
 663  extract($phpbb_dispatcher->trigger_event('core.posting_modify_default_variables', compact($vars)));
 664  
 665  foreach ($uninit as $var_name => $default_value)
 666  {
 667      if (!isset($post_data[$var_name]))
 668      {
 669          $post_data[$var_name] = $default_value;
 670      }
 671  }
 672  unset($uninit);
 673  
 674  // Always check if the submitted attachment data is valid and belongs to the user.
 675  // Further down (especially in submit_post()) we do not check this again.
 676  $message_parser->get_submitted_attachment_data($post_data['poster_id']);
 677  
 678  if ($post_data['post_attachment'] && !$submit && !$refresh && !$preview && $mode == 'edit')
 679  {
 680      // Do not change to SELECT *
 681      $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename, filesize
 682          FROM ' . ATTACHMENTS_TABLE . "
 683          WHERE post_msg_id = $post_id
 684              AND in_message = 0
 685              AND is_orphan = 0
 686          ORDER BY attach_id DESC";
 687      $result = $db->sql_query($sql);
 688      $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));
 689      $db->sql_freeresult($result);
 690  }
 691  
 692  if ($post_data['poster_id'] == ANONYMOUS)
 693  {
 694      $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['post_username']) : '';
 695  }
 696  else
 697  {
 698      $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['username']) : '';
 699  }
 700  
 701  $post_data['enable_urls'] = $post_data['enable_magic_url'];
 702  
 703  if ($mode != 'edit')
 704  {
 705      $post_data['enable_sig']        = ($config['allow_sig'] && $user->optionget('attachsig')) ? true: false;
 706      $post_data['enable_smilies']    = ($config['allow_smilies'] && $user->optionget('smilies')) ? true : false;
 707      $post_data['enable_bbcode']        = ($config['allow_bbcode'] && $user->optionget('bbcode')) ? true : false;
 708      $post_data['enable_urls']        = true;
 709  }
 710  
 711  if ($mode == 'post')
 712  {
 713      $post_data['topic_status']        = ($request->is_set_post('lock_topic') && $auth->acl_gets('m_lock', 'f_user_lock', $forum_id)) ? ITEM_LOCKED : ITEM_UNLOCKED;
 714  }
 715  
 716  $post_data['enable_magic_url'] = $post_data['drafts'] = false;
 717  
 718  // User own some drafts?
 719  if ($user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
 720  {
 721      $sql = 'SELECT draft_id
 722          FROM ' . DRAFTS_TABLE . '
 723          WHERE user_id = ' . $user->data['user_id'] .
 724              (($forum_id) ? ' AND forum_id = ' . (int) $forum_id : '') .
 725              (($topic_id) ? ' AND topic_id = ' . (int) $topic_id : '') .
 726              (($draft_id) ? " AND draft_id <> $draft_id" : '');
 727      $result = $db->sql_query_limit($sql, 1);
 728  
 729      if ($db->sql_fetchrow($result))
 730      {
 731          $post_data['drafts'] = true;
 732      }
 733      $db->sql_freeresult($result);
 734  }
 735  
 736  $check_value = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
 737  
 738  // Check if user is watching this topic
 739  if ($mode != 'post' && $config['allow_topic_notify'] && $user->data['is_registered'])
 740  {
 741      $sql = 'SELECT topic_id
 742          FROM ' . TOPICS_WATCH_TABLE . '
 743          WHERE topic_id = ' . $topic_id . '
 744              AND user_id = ' . $user->data['user_id'];
 745      $result = $db->sql_query($sql);
 746      $post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id');
 747      $db->sql_freeresult($result);
 748  }
 749  
 750  // Do we want to edit our post ?
 751  if ($mode == 'edit' && $post_data['bbcode_uid'])
 752  {
 753      $message_parser->bbcode_uid = $post_data['bbcode_uid'];
 754  }
 755  
 756  // HTML, BBCode, Smilies, Images and Flash status
 757  $bbcode_status    = ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false;
 758  $smilies_status    = ($config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false;
 759  $img_status        = ($bbcode_status && $auth->acl_get('f_img', $forum_id)) ? true : false;
 760  $url_status        = ($config['allow_post_links']) ? true : false;
 761  $flash_status    = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false;
 762  $quote_status    = true;
 763  
 764  /**
 765   * Event to override message BBCode status indications
 766   *
 767   * @event core.posting_modify_bbcode_status
 768   *
 769   * @var bool    bbcode_status    BBCode status
 770   * @var bool    smilies_status    Smilies status
 771   * @var bool    img_status        Image BBCode status
 772   * @var bool    url_status        URL BBCode status
 773   * @var bool    flash_status    Flash BBCode status
 774   * @var bool    quote_status    Quote BBCode status
 775   * @since 3.3.3-RC1
 776   */
 777  $vars = [
 778      'bbcode_status',
 779      'smilies_status',
 780      'img_status',
 781      'url_status',
 782      'flash_status',
 783      'quote_status',
 784  ];
 785  extract($phpbb_dispatcher->trigger_event('core.posting_modify_bbcode_status', compact($vars)));
 786  
 787  // Save Draft
 788  if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
 789  {
 790      $subject = $request->variable('subject', '', true);
 791      $subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject;
 792      $message = $request->variable('message', '', true);
 793  
 794      /**
 795       * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR.
 796       * Using their Numeric Character Reference's Hexadecimal notation.
 797       */
 798      $subject = utf8_encode_ucr($subject);
 799  
 800      if ($subject && $message)
 801      {
 802          if (confirm_box(true))
 803          {
 804              $message_parser->message = $message;
 805              $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
 806  
 807              $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 808                  'user_id'        => (int) $user->data['user_id'],
 809                  'topic_id'        => (int) $topic_id,
 810                  'forum_id'        => (int) $forum_id,
 811                  'save_time'        => (int) $current_time,
 812                  'draft_subject'    => (string) $subject,
 813                  'draft_message'    => (string) $message_parser->message)
 814              );
 815              $db->sql_query($sql);
 816  
 817              /** @var \phpbb\attachment\manager $attachment_manager */
 818              $attachment_manager = $phpbb_container->get('attachment.manager');
 819              $attachment_manager->delete('attach', array_column($message_parser->attachment_data, 'attach_id'));
 820  
 821              $meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t=$topic_id");
 822  
 823              meta_refresh(3, $meta_info);
 824  
 825              $message = $user->lang['DRAFT_SAVED'] . '<br /><br />';
 826              $message .= ($mode != 'post') ? sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>') . '<br /><br />' : '';
 827              $message .= sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
 828  
 829              trigger_error($message);
 830          }
 831          else
 832          {
 833              $s_hidden_fields = build_hidden_fields(array(
 834                  'mode'        => $mode,
 835                  'save'        => true,
 836                  'f'            => $forum_id,
 837                  't'            => $topic_id,
 838                  'subject'    => $subject,
 839                  'message'    => $message,
 840                  'attachment_data' => $message_parser->attachment_data,
 841                  )
 842              );
 843  
 844              $hidden_fields = array(
 845                  'icon_id'            => 0,
 846  
 847                  'disable_bbcode'    => false,
 848                  'disable_smilies'    => false,
 849                  'disable_magic_url'    => false,
 850                  'attach_sig'        => true,
 851                  'notify'            => false,
 852                  'lock_topic'        => false,
 853  
 854                  'topic_type'        => POST_NORMAL,
 855                  'topic_time_limit'    => 0,
 856  
 857                  'poll_title'        => '',
 858                  'poll_option_text'    => '',
 859                  'poll_max_options'    => 1,
 860                  'poll_length'        => 0,
 861                  'poll_vote_change'    => false,
 862              );
 863  
 864              foreach ($hidden_fields as $name => $default)
 865              {
 866                  if (!isset($_POST[$name]))
 867                  {
 868                      // Don't include it, if its not available
 869                      unset($hidden_fields[$name]);
 870                      continue;
 871                  }
 872  
 873                  if (is_bool($default))
 874                  {
 875                      // Use the string representation
 876                      $hidden_fields[$name] = $request->variable($name, '');
 877                  }
 878                  else
 879                  {
 880                      $hidden_fields[$name] = $request->variable($name, $default);
 881                  }
 882              }
 883  
 884              $s_hidden_fields .= build_hidden_fields($hidden_fields);
 885  
 886              confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields);
 887          }
 888      }
 889      else
 890      {
 891          if (utf8_clean_string($subject) === '')
 892          {
 893              $error[] = $user->lang['EMPTY_SUBJECT'];
 894          }
 895  
 896          if (utf8_clean_string($message) === '')
 897          {
 898              $error[] = $user->lang['TOO_FEW_CHARS'];
 899          }
 900      }
 901      unset($subject, $message);
 902  }
 903  
 904  // Load requested Draft
 905  if ($draft_id && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $user->data['is_registered'] && $auth->acl_get('u_savedrafts'))
 906  {
 907      $sql = 'SELECT draft_subject, draft_message
 908          FROM ' . DRAFTS_TABLE . "
 909          WHERE draft_id = $draft_id
 910              AND user_id = " . $user->data['user_id'];
 911      $result = $db->sql_query_limit($sql, 1);
 912      $row = $db->sql_fetchrow($result);
 913      $db->sql_freeresult($result);
 914  
 915      if ($row)
 916      {
 917          $post_data['post_subject'] = $row['draft_subject'];
 918          $message_parser->message = $row['draft_message'];
 919  
 920          $template->assign_var('S_DRAFT_LOADED', true);
 921      }
 922      else
 923      {
 924          $draft_id = 0;
 925      }
 926  }
 927  
 928  // Load draft overview
 929  if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_data['drafts'])
 930  {
 931      load_drafts($topic_id, $forum_id);
 932  }
 933  
 934  /** @var \phpbb\textformatter\utils_interface $bbcode_utils */
 935  $bbcode_utils = $phpbb_container->get('text_formatter.utils');
 936  
 937  if ($submit || $preview || $refresh)
 938  {
 939      $post_data['topic_cur_post_id']    = $request->variable('topic_cur_post_id', 0);
 940      $post_data['post_subject']        = $request->variable('subject', '', true);
 941      $message_parser->message        = $request->variable('message', '', true);
 942  
 943      $post_data['username']            = $request->variable('username', $post_data['username'], true);
 944      $post_data['post_edit_reason']    = ($request->variable('edit_reason', false, false, \phpbb\request\request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? $request->variable('edit_reason', '', true) : '';
 945  
 946      $post_data['orig_topic_type']    = $post_data['topic_type'];
 947      $post_data['topic_type']        = $request->variable('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL));
 948      $post_data['topic_time_limit']    = $request->variable('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0));
 949  
 950      if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id))
 951      {
 952          $post_data['icon_id'] = $request->variable('icon', (int) $post_data['icon_id']);
 953      }
 954  
 955      $post_data['enable_bbcode']        = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true;
 956      $post_data['enable_smilies']    = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true;
 957      $post_data['enable_urls']        = (isset($_POST['disable_magic_url'])) ? 0 : 1;
 958      $post_data['enable_sig']        = (!$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig')) ? false : ((isset($_POST['attach_sig']) && $user->data['is_registered']) ? true : false);
 959  
 960      if ($config['allow_topic_notify'] && $user->data['is_registered'])
 961      {
 962          $notify = (isset($_POST['notify'])) ? true : false;
 963      }
 964      else
 965      {
 966          $notify = false;
 967      }
 968  
 969      $topic_lock            = (isset($_POST['lock_topic'])) ? true : false;
 970      $post_lock            = (isset($_POST['lock_post'])) ? true : false;
 971      $poll_delete        = (isset($_POST['poll_delete'])) ? true : false;
 972  
 973      if ($submit)
 974      {
 975          $status_switch = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
 976          $status_switch = ($status_switch != $check_value);
 977      }
 978      else
 979      {
 980          $status_switch = 1;
 981      }
 982  
 983      // Delete Poll
 984      if ($poll_delete && $mode == 'edit' && count($post_data['poll_options']) &&
 985          ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id)))
 986      {
 987          if ($submit && check_form_key('posting'))
 988          {
 989              $sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . "
 990                  WHERE topic_id = $topic_id";
 991              $db->sql_query($sql);
 992  
 993              $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . "
 994                  WHERE topic_id = $topic_id";
 995              $db->sql_query($sql);
 996  
 997              $topic_sql = array(
 998                  'poll_title'        => '',
 999                  'poll_start'         => 0,
1000                  'poll_length'        => 0,
1001                  'poll_last_vote'    => 0,
1002                  'poll_max_options'    => 0,
1003                  'poll_vote_change'    => 0
1004              );
1005  
1006              $sql = 'UPDATE ' . TOPICS_TABLE . '
1007                  SET ' . $db->sql_build_array('UPDATE', $topic_sql) . "
1008                  WHERE topic_id = $topic_id";
1009              $db->sql_query($sql);
1010          }
1011  
1012          $post_data['poll_title'] = $post_data['poll_option_text'] = '';
1013          $post_data['poll_vote_change'] = $post_data['poll_max_options'] = $post_data['poll_length'] = 0;
1014      }
1015      else
1016      {
1017          $post_data['poll_title']        = $request->variable('poll_title', '', true);
1018          $post_data['poll_length']        = $request->variable('poll_length', 0);
1019          $post_data['poll_option_text']    = $request->variable('poll_option_text', '', true);
1020          $post_data['poll_max_options']    = $request->variable('poll_max_options', 1);
1021          $post_data['poll_vote_change']    = ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0;
1022      }
1023  
1024      // If replying/quoting and last post id has changed
1025      // give user option to continue submit or return to post
1026      // notify and show user the post made between his request and the final submit
1027      if (($mode == 'reply' || $mode == 'quote') && $post_data['topic_cur_post_id'] && $post_data['topic_cur_post_id'] != $post_data['topic_last_post_id'])
1028      {
1029          // Only do so if it is allowed forum-wide
1030          if ($post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
1031          {
1032              if (topic_review($topic_id, $forum_id, 'post_review', $post_data['topic_cur_post_id']))
1033              {
1034                  $template->assign_var('S_POST_REVIEW', true);
1035              }
1036  
1037              $submit = false;
1038              $refresh = true;
1039          }
1040      }
1041  
1042      // Parse Attachments - before checksum is calculated
1043      if ($message_parser->check_attachment_form_token($language, $request, 'posting'))
1044      {
1045          $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh);
1046      }
1047  
1048      /**
1049      * This event allows you to modify message text before parsing
1050      *
1051      * @event core.posting_modify_message_text
1052      * @var    array    post_data    Array with post data
1053      * @var    string    mode        What action to take if the form is submitted
1054      *                post|reply|quote|edit|delete|bump|smilies|popup
1055      * @var    int    post_id        ID of the post
1056      * @var    int    topic_id    ID of the topic
1057      * @var    int    forum_id    ID of the forum
1058      * @var    bool    submit        Whether or not the form has been submitted
1059      * @var    bool    preview        Whether or not the post is being previewed
1060      * @var    bool    save        Whether or not a draft is being saved
1061      * @var    bool    load        Whether or not a draft is being loaded
1062      * @var    bool    cancel        Whether or not to cancel the form (returns to
1063      *                viewtopic or viewforum depending on if the user
1064      *                is posting a new topic or editing a post)
1065      * @var    bool    refresh        Whether or not to retain previously submitted data
1066      * @var    object    message_parser    The message parser object
1067      * @var    array    error        Array of errors
1068      * @since 3.1.2-RC1
1069      * @changed 3.1.11-RC1 Added error
1070      */
1071      $vars = array(
1072          'post_data',
1073          'mode',
1074          'post_id',
1075          'topic_id',
1076          'forum_id',
1077          'submit',
1078          'preview',
1079          'save',
1080          'load',
1081          'cancel',
1082          'refresh',
1083          'message_parser',
1084          'error',
1085      );
1086      extract($phpbb_dispatcher->trigger_event('core.posting_modify_message_text', compact($vars)));
1087  
1088      // Grab md5 'checksum' of new message
1089      $message_md5 = md5($message_parser->message);
1090  
1091      // If editing and checksum has changed we know the post was edited while we're editing
1092      // Notify and show user the changed post
1093      if ($mode == 'edit' && $post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
1094      {
1095          $edit_post_message_checksum = $request->variable('edit_post_message_checksum', '');
1096          $edit_post_subject_checksum = $request->variable('edit_post_subject_checksum', '');
1097  
1098          // $post_data['post_checksum'] is the checksum of the post submitted in the meantime
1099          // $message_md5 is the checksum of the post we're about to submit
1100          // $edit_post_message_checksum is the checksum of the post we're editing
1101          // ...
1102  
1103          // We make sure nobody else made exactly the same change
1104          // we're about to submit by also checking $message_md5 != $post_data['post_checksum']
1105          if ($edit_post_message_checksum !== '' &&
1106              $edit_post_message_checksum != $post_data['post_checksum'] &&
1107              $message_md5 != $post_data['post_checksum']
1108              ||
1109              $edit_post_subject_checksum !== '' &&
1110              $edit_post_subject_checksum != $post_data['post_subject_md5'] &&
1111              md5($post_data['post_subject']) != $post_data['post_subject_md5'])
1112          {
1113              if (topic_review($topic_id, $forum_id, 'post_review_edit', $post_id))
1114              {
1115                  $template->assign_vars(array(
1116                      'S_POST_REVIEW'            => true,
1117  
1118                      'L_POST_REVIEW'            => $user->lang['POST_REVIEW_EDIT'],
1119                      'L_POST_REVIEW_EXPLAIN'    => $user->lang['POST_REVIEW_EDIT_EXPLAIN'],
1120                  ));
1121              }
1122  
1123              $submit = false;
1124              $refresh = true;
1125          }
1126      }
1127  
1128      // Check checksum ... don't re-parse message if the same
1129      $update_message = ($mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN) ? true : false;
1130  
1131      // Also check if subject got updated...
1132      $update_subject = $mode != 'edit' || ($post_data['post_subject_md5'] && $post_data['post_subject_md5'] != md5($post_data['post_subject']));
1133  
1134      // Parse message
1135      if ($update_message)
1136      {
1137          if (count($message_parser->warn_msg))
1138          {
1139              $error[] = implode('<br />', $message_parser->warn_msg);
1140              $message_parser->warn_msg = array();
1141          }
1142  
1143          if (!$preview || !empty($message_parser->message))
1144          {
1145              $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
1146          }
1147  
1148          // On a refresh we do not care about message parsing errors
1149          if (count($message_parser->warn_msg) && $refresh && !$preview)
1150          {
1151              $message_parser->warn_msg = array();
1152          }
1153      }
1154      else
1155      {
1156          $message_parser->bbcode_bitfield = $post_data['bbcode_bitfield'];
1157      }
1158  
1159      $ignore_flood = $auth->acl_get('u_ignoreflood') ? true : $auth->acl_get('f_ignoreflood', $forum_id);
1160      if ($mode != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$ignore_flood)
1161      {
1162          // Flood check
1163          $last_post_time = 0;
1164  
1165          if ($user->data['is_registered'])
1166          {
1167              $last_post_time = $user->data['user_lastpost_time'];
1168          }
1169          else
1170          {
1171              $sql = 'SELECT post_time AS last_post_time
1172                  FROM ' . POSTS_TABLE . "
1173                  WHERE poster_ip = '" . $user->ip . "'
1174                      AND post_time > " . ($current_time - $config['flood_interval']);
1175              $result = $db->sql_query_limit($sql, 1);
1176              if ($row = $db->sql_fetchrow($result))
1177              {
1178                  $last_post_time = $row['last_post_time'];
1179              }
1180              $db->sql_freeresult($result);
1181          }
1182  
1183          if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval']))
1184          {
1185              $error[] = $user->lang['FLOOD_ERROR'];
1186          }
1187      }
1188  
1189      // Validate username
1190      if (($post_data['username'] && !$user->data['is_registered']) || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username']))
1191      {
1192          if (!function_exists('validate_username'))
1193          {
1194              include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1195          }
1196  
1197          $user->add_lang('ucp');
1198  
1199          if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false)
1200          {
1201              $error[] = $user->lang[$result . '_USERNAME'];
1202          }
1203  
1204          if (($result = validate_string($post_data['username'], false, $config['min_name_chars'], $config['max_name_chars'])) !== false)
1205          {
1206              $min_max_amount = ($result == 'TOO_SHORT') ? $config['min_name_chars'] : $config['max_name_chars'];
1207              $error[] = $user->lang('FIELD_' . $result, $min_max_amount, $user->lang['USERNAME']);
1208          }
1209      }
1210  
1211      if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply')))
1212      {
1213          $captcha_data = array(
1214              'message'    => $request->variable('message', '', true),
1215              'subject'    => $request->variable('subject', '', true),
1216              'username'    => $request->variable('username', '', true),
1217          );
1218          $vc_response = $captcha->validate($captcha_data);
1219          if ($vc_response)
1220          {
1221              $error[] = $vc_response;
1222          }
1223      }
1224  
1225      // check form
1226      if (($submit || $preview) && !check_form_key('posting'))
1227      {
1228          $error[] = $user->lang['FORM_INVALID'];
1229      }
1230  
1231      if ($submit && $mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED && !$request->is_set_post('delete') && $auth->acl_get('m_approve', $forum_id))
1232      {
1233          $is_first_post = ($post_id <= $post_data['topic_first_post_id'] || !$post_data['topic_posts_approved']);
1234          $is_last_post = ($post_id >= $post_data['topic_last_post_id'] || !$post_data['topic_posts_approved']);
1235          $updated_post_data = $phpbb_content_visibility->set_post_visibility(ITEM_APPROVED, $post_id, $post_data['topic_id'], $post_data['forum_id'], $user->data['user_id'], time(), '', $is_first_post, $is_last_post);
1236  
1237          if (!empty($updated_post_data))
1238          {
1239              // Update the post_data, so we don't need to refetch it.
1240              $post_data = array_merge($post_data, $updated_post_data);
1241          }
1242      }
1243  
1244      // Parse subject
1245      if (!$preview && !$refresh && utf8_clean_string($post_data['post_subject']) === '' && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
1246      {
1247          $error[] = $user->lang['EMPTY_SUBJECT'];
1248      }
1249  
1250      /**
1251       * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR.
1252       * Using their Numeric Character Reference's Hexadecimal notation.
1253       * Check the permissions for posting Emojis first.
1254       */
1255      if ($auth->acl_get('u_emoji'))
1256      {
1257          $post_data['post_subject'] = utf8_encode_ucr($post_data['post_subject']);
1258      }
1259      else
1260      {
1261          /**
1262           * Check for out-of-bounds characters that are currently
1263           * not supported by utf8_bin in MySQL
1264           */
1265          if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $post_data['post_subject'], $matches))
1266          {
1267              $character_list = implode('<br>', $matches[0]);
1268  
1269              $error[] = $user->lang('UNSUPPORTED_CHARACTERS_SUBJECT', $character_list);
1270          }
1271      }
1272  
1273      $post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0;
1274  
1275      if ($post_data['poll_option_text'] &&
1276          ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1277          && $auth->acl_get('f_poll', $forum_id))
1278      {
1279          $poll = array(
1280              'poll_title'        => $post_data['poll_title'],
1281              'poll_length'        => $post_data['poll_length'],
1282              'poll_max_options'    => $post_data['poll_max_options'],
1283              'poll_option_text'    => $post_data['poll_option_text'],
1284              'poll_start'        => $post_data['poll_start'],
1285              'poll_last_vote'    => $post_data['poll_last_vote'],
1286              'poll_vote_change'    => $post_data['poll_vote_change'],
1287              'enable_bbcode'        => $post_data['enable_bbcode'],
1288              'enable_urls'        => $post_data['enable_urls'],
1289              'enable_smilies'    => $post_data['enable_smilies'],
1290              'img_status'        => $img_status
1291          );
1292  
1293          $message_parser->parse_poll($poll);
1294  
1295          $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array();
1296          $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
1297  
1298          /* We reset votes, therefore also allow removing options
1299          if ($post_data['poll_last_vote'] && ($poll['poll_options_size'] < $orig_poll_options_size))
1300          {
1301              $message_parser->warn_msg[] = $user->lang['NO_DELETE_POLL_OPTIONS'];
1302          }*/
1303      }
1304      else if ($mode == 'edit' && $post_id == $post_data['topic_first_post_id'] && $auth->acl_get('f_poll', $forum_id))
1305      {
1306          // The user removed all poll options, this is equal to deleting the poll.
1307          $poll = array(
1308              'poll_title'        => '',
1309              'poll_length'        => 0,
1310              'poll_max_options'    => 0,
1311              'poll_option_text'    => '',
1312              'poll_start'        => 0,
1313              'poll_last_vote'    => 0,
1314              'poll_vote_change'    => 0,
1315              'poll_options'        => array(),
1316          );
1317  
1318          $post_data['poll_options'] = array();
1319          $post_data['poll_title'] = '';
1320          $post_data['poll_start'] = $post_data['poll_length'] = $post_data['poll_max_options'] = $post_data['poll_last_vote'] = $post_data['poll_vote_change'] = 0;
1321      }
1322      else if (!$auth->acl_get('f_poll', $forum_id) && ($mode == 'edit') && ($post_id == $post_data['topic_first_post_id']) && !$bbcode_utils->is_empty($original_poll_data['poll_title']))
1323      {
1324          // We have a poll but the editing user is not permitted to create/edit it.
1325          // So we just keep the original poll-data.
1326          // Decode the poll title and options text fisrt.
1327          $original_poll_data['poll_title'] = $bbcode_utils->unparse($original_poll_data['poll_title']);
1328          $original_poll_data['poll_option_text'] = $bbcode_utils->unparse($original_poll_data['poll_option_text']);
1329          $original_poll_data['poll_options'] = explode("\n", $original_poll_data['poll_option_text']);
1330  
1331          $poll = array_merge($original_poll_data, array(
1332              'enable_bbcode'        => $post_data['enable_bbcode'],
1333              'enable_urls'        => $post_data['enable_urls'],
1334              'enable_smilies'    => $post_data['enable_smilies'],
1335              'img_status'        => $img_status,
1336          ));
1337  
1338          $message_parser->parse_poll($poll);
1339  
1340          $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array();
1341          $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
1342      }
1343      else
1344      {
1345          $poll = array();
1346      }
1347  
1348      // Check topic type
1349      if ($post_data['topic_type'] != POST_NORMAL && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
1350      {
1351          switch ($post_data['topic_type'])
1352          {
1353              case POST_GLOBAL:
1354                  $auth_option = 'f_announce_global';
1355              break;
1356  
1357              case POST_ANNOUNCE:
1358                  $auth_option = 'f_announce';
1359              break;
1360  
1361              case POST_STICKY:
1362                  $auth_option = 'f_sticky';
1363              break;
1364  
1365              default:
1366                  $auth_option = '';
1367              break;
1368          }
1369  
1370          if ($auth_option != '' && !$auth->acl_get($auth_option, $forum_id))
1371          {
1372              // There is a special case where a user edits his post whereby the topic type got changed by an admin/mod.
1373              // Another case would be a mod not having sticky permissions for example but edit permissions.
1374              if ($mode == 'edit')
1375              {
1376                  // To prevent non-authed users messing around with the topic type we reset it to the original one.
1377                  $post_data['topic_type'] = $post_data['orig_topic_type'];
1378              }
1379              else
1380              {
1381                  $error[] = $user->lang['CANNOT_POST_' . str_replace('F_', '', strtoupper($auth_option))];
1382              }
1383          }
1384      }
1385  
1386      if (count($message_parser->warn_msg))
1387      {
1388          $error[] = implode('<br />', $message_parser->warn_msg);
1389      }
1390  
1391      // DNSBL check
1392      if ($config['check_dnsbl'] && !$refresh)
1393      {
1394          if (($dnsbl = $user->check_dnsbl('post')) !== false)
1395          {
1396              $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
1397          }
1398      }
1399  
1400      /**
1401      * This event allows you to define errors before the post action is performed
1402      *
1403      * @event core.posting_modify_submission_errors
1404      * @var    array    post_data    Array with post data
1405      * @var    array    poll        Array with poll data from post (must be used instead of the post_data equivalent)
1406      * @var    string    mode        What action to take if the form is submitted
1407      *                post|reply|quote|edit|delete|bump|smilies|popup
1408      * @var    int    post_id        ID of the post
1409      * @var    int    topic_id    ID of the topic
1410      * @var    int    forum_id    ID of the forum
1411      * @var    bool    submit        Whether or not the form has been submitted
1412      * @var    array    error        Any error strings; a non-empty array aborts form submission.
1413      *                NOTE: Should be actual language strings, NOT language keys.
1414      * @since 3.1.0-RC5
1415      * @changed 3.1.5-RC1 Added poll array to the event
1416      * @changed 3.2.0-a1 Removed undefined page_title
1417      */
1418      $vars = array(
1419          'post_data',
1420          'poll',
1421          'mode',
1422          'post_id',
1423          'topic_id',
1424          'forum_id',
1425          'submit',
1426          'error',
1427      );
1428      extract($phpbb_dispatcher->trigger_event('core.posting_modify_submission_errors', compact($vars)));
1429  
1430      // Store message, sync counters
1431      if (!count($error) && $submit)
1432      {
1433          /** @var \phpbb\lock\posting $posting_lock */
1434          $posting_lock = $phpbb_container->get('posting.lock');
1435  
1436          // Get creation time and form token, must be already checked at this point
1437          $creation_time    = abs($request->variable('creation_time', 0));
1438          $form_token = $request->variable('form_token', '');
1439  
1440          if ($posting_lock->acquire($creation_time, $form_token))
1441          {
1442              // Lock/Unlock Topic
1443              $change_topic_status = $post_data['topic_status'];
1444              $perm_lock_unlock = ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED)) ? true : false;
1445  
1446              if ($post_data['topic_status'] == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock)
1447              {
1448                  $change_topic_status = ITEM_UNLOCKED;
1449              }
1450              else if ($post_data['topic_status'] == ITEM_UNLOCKED && $topic_lock && $perm_lock_unlock)
1451              {
1452                  $change_topic_status = ITEM_LOCKED;
1453              }
1454  
1455              if ($change_topic_status != $post_data['topic_status'])
1456              {
1457                  $sql = 'UPDATE ' . TOPICS_TABLE . "
1458                      SET topic_status = $change_topic_status
1459                      WHERE topic_id = $topic_id
1460                          AND topic_moved_id = 0";
1461                  $db->sql_query($sql);
1462  
1463                  $user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster']) ? 'USER_' : '';
1464  
1465                  $phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), false, array(
1466                      'forum_id' => $forum_id,
1467                      'topic_id' => $topic_id,
1468                      $post_data['topic_title']
1469                  ));
1470              }
1471  
1472              // Lock/Unlock Post Edit
1473              if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id))
1474              {
1475                  $post_data['post_edit_locked'] = ITEM_UNLOCKED;
1476              }
1477              else if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id))
1478              {
1479                  $post_data['post_edit_locked'] = ITEM_LOCKED;
1480              }
1481  
1482              $data = array(
1483                  'topic_title'            => (empty($post_data['topic_title'])) ? $post_data['post_subject'] : $post_data['topic_title'],
1484                  'topic_first_post_id'    => (isset($post_data['topic_first_post_id'])) ? (int) $post_data['topic_first_post_id'] : 0,
1485                  'topic_last_post_id'    => (isset($post_data['topic_last_post_id'])) ? (int) $post_data['topic_last_post_id'] : 0,
1486                  'topic_time_limit'        => (int) $post_data['topic_time_limit'],
1487                  'topic_attachment'        => (isset($post_data['topic_attachment'])) ? (int) $post_data['topic_attachment'] : 0,
1488                  'post_id'                => (int) $post_id,
1489                  'topic_id'                => (int) $topic_id,
1490                  'forum_id'                => (int) $forum_id,
1491                  'icon_id'                => (int) $post_data['icon_id'],
1492                  'poster_id'                => (int) $post_data['poster_id'],
1493                  'enable_sig'            => (bool) $post_data['enable_sig'],
1494                  'enable_bbcode'            => (bool) $post_data['enable_bbcode'],
1495                  'enable_smilies'        => (bool) $post_data['enable_smilies'],
1496                  'enable_urls'            => (bool) $post_data['enable_urls'],
1497                  'enable_indexing'        => (bool) $post_data['enable_indexing'],
1498                  'message_md5'            => (string) $message_md5,
1499                  'post_checksum'            => (isset($post_data['post_checksum'])) ? (string) $post_data['post_checksum'] : '',
1500                  'post_edit_reason'        => $post_data['post_edit_reason'],
1501                  'post_edit_user'        => ($mode == 'edit') ? $user->data['user_id'] : ((isset($post_data['post_edit_user'])) ? (int) $post_data['post_edit_user'] : 0),
1502                  'forum_parents'            => $post_data['forum_parents'],
1503                  'forum_name'            => $post_data['forum_name'],
1504                  'notify'                => $notify,
1505                  'notify_set'            => $post_data['notify_set'],
1506                  'poster_ip'                => (isset($post_data['poster_ip'])) ? $post_data['poster_ip'] : $user->ip,
1507                  'post_edit_locked'        => (int) $post_data['post_edit_locked'],
1508                  'bbcode_bitfield'        => $message_parser->bbcode_bitfield,
1509                  'bbcode_uid'            => $message_parser->bbcode_uid,
1510                  'message'                => $message_parser->message,
1511                  'attachment_data'        => $message_parser->attachment_data,
1512                  'filename_data'            => $message_parser->filename_data,
1513                  'topic_status'            => $post_data['topic_status'],
1514  
1515                  'topic_visibility'            => (isset($post_data['topic_visibility'])) ? $post_data['topic_visibility'] : false,
1516                  'post_visibility'            => (isset($post_data['post_visibility'])) ? $post_data['post_visibility'] : false,
1517              );
1518  
1519              if ($mode == 'edit')
1520              {
1521                  $data['topic_posts_approved'] = $post_data['topic_posts_approved'];
1522                  $data['topic_posts_unapproved'] = $post_data['topic_posts_unapproved'];
1523                  $data['topic_posts_softdeleted'] = $post_data['topic_posts_softdeleted'];
1524              }
1525  
1526              // Only return the username when it is either a guest posting or we are editing a post and
1527              // the username was supplied; otherwise post_data might hold the data of the post that is
1528              // being quoted (which could result in the username being returned being that of the quoted
1529              // post's poster, not the poster of the current post). See: PHPBB3-11769 for more information.
1530              $post_author_name = ((!$user->data['is_registered'] || $mode == 'edit') && $post_data['username'] !== '') ? $post_data['username'] : '';
1531  
1532              /**
1533              * This event allows you to define errors before the post action is performed
1534              *
1535              * @event core.posting_modify_submit_post_before
1536              * @var    array    post_data    Array with post data
1537              * @var    array    poll        Array with poll data
1538              * @var    array    data        Array with post data going to be stored in the database
1539              * @var    string    mode        What action to take if the form is submitted
1540              *                post|reply|quote|edit|delete
1541              * @var    int    post_id        ID of the post
1542              * @var    int    topic_id    ID of the topic
1543              * @var    int    forum_id    ID of the forum
1544              * @var    string    post_author_name    Author name for guest posts
1545              * @var    bool    update_message        Boolean if the post message was changed
1546              * @var    bool    update_subject        Boolean if the post subject was changed
1547              *                NOTE: Should be actual language strings, NOT language keys.
1548              * @since 3.1.0-RC5
1549              * @changed 3.1.6-RC1 remove submit and error from event  Submit and Error are checked previously prior to running event
1550              * @change 3.2.0-a1 Removed undefined page_title
1551              */
1552              $vars = array(
1553                  'post_data',
1554                  'poll',
1555                  'data',
1556                  'mode',
1557                  'post_id',
1558                  'topic_id',
1559                  'forum_id',
1560                  'post_author_name',
1561                  'update_message',
1562                  'update_subject',
1563              );
1564              extract($phpbb_dispatcher->trigger_event('core.posting_modify_submit_post_before', compact($vars)));
1565  
1566              // The last parameter tells submit_post if search indexer has to be run
1567              $redirect_url = submit_post($mode, $post_data['post_subject'], $post_author_name, $post_data['topic_type'], $poll, $data, $update_message, ($update_message || $update_subject) ? true : false);
1568  
1569              /**
1570              * This event allows you to define errors after the post action is performed
1571              *
1572              * @event core.posting_modify_submit_post_after
1573              * @var    array    post_data    Array with post data
1574              * @var    array    poll        Array with poll data
1575              * @var    array    data        Array with post data going to be stored in the database
1576              * @var    string    mode        What action to take if the form is submitted
1577              *                post|reply|quote|edit|delete
1578              * @var    int    post_id        ID of the post
1579              * @var    int    topic_id    ID of the topic
1580              * @var    int    forum_id    ID of the forum
1581              * @var    string    post_author_name    Author name for guest posts
1582              * @var    bool    update_message        Boolean if the post message was changed
1583              * @var    bool    update_subject        Boolean if the post subject was changed
1584              * @var    string    redirect_url        URL the user is going to be redirected to
1585              *                NOTE: Should be actual language strings, NOT language keys.
1586              * @since 3.1.0-RC5
1587              * @changed 3.1.6-RC1 remove submit and error from event  Submit and Error are checked previously prior to running event
1588              * @change 3.2.0-a1 Removed undefined page_title
1589              */
1590              $vars = array(
1591                  'post_data',
1592                  'poll',
1593                  'data',
1594                  'mode',
1595                  'post_id',
1596                  'topic_id',
1597                  'forum_id',
1598                  'post_author_name',
1599                  'update_message',
1600                  'update_subject',
1601                  'redirect_url',
1602              );
1603              extract($phpbb_dispatcher->trigger_event('core.posting_modify_submit_post_after', compact($vars)));
1604  
1605              if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === true) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
1606              {
1607                  $captcha->reset();
1608              }
1609  
1610              // Handle delete mode...
1611              if ($request->is_set_post('delete_permanent') || ($request->is_set_post('delete') && $post_data['post_visibility'] != ITEM_DELETED))
1612              {
1613                  $delete_reason = $request->variable('delete_reason', '', true);
1614                  phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, !$request->is_set_post('delete_permanent'), $delete_reason);
1615                  return;
1616              }
1617  
1618              // Check the permissions for post approval.
1619              // Moderators must go through post approval like ordinary users.
1620              if ((!$auth->acl_get('f_noapprove', $data['forum_id']) && empty($data['force_approved_state'])) || (isset($data['force_approved_state']) && !$data['force_approved_state']))
1621              {
1622                  meta_refresh(10, $redirect_url);
1623                  $message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD'];
1624                  $message .= (($user->data['user_id'] == ANONYMOUS) ? '' : ' '. $user->lang['POST_APPROVAL_NOTIFY']);
1625                  $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $data['forum_id']) . '">', '</a>');
1626                  trigger_error($message);
1627              }
1628  
1629              redirect($redirect_url);
1630          }
1631          else
1632          {
1633              // Posting was already locked before, hence form submission was already attempted once and is now invalid
1634              $error[] = $language->lang('FORM_INVALID');
1635          }
1636      }
1637  }
1638  
1639  // Preview
1640  if (!count($error) && $preview)
1641  {
1642      $post_data['post_time'] = ($mode == 'edit') ? $post_data['post_time'] : $current_time;
1643  
1644      $preview_message = $message_parser->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies'], false);
1645  
1646      $preview_signature = ($mode == 'edit') ? $post_data['user_sig'] : $user->data['user_sig'];
1647      $preview_signature_uid = ($mode == 'edit') ? $post_data['user_sig_bbcode_uid'] : $user->data['user_sig_bbcode_uid'];
1648      $preview_signature_bitfield = ($mode == 'edit') ? $post_data['user_sig_bbcode_bitfield'] : $user->data['user_sig_bbcode_bitfield'];
1649  
1650      // Signature
1651      if ($post_data['enable_sig'] && $config['allow_sig'] && $preview_signature && $auth->acl_get('f_sigs', $forum_id))
1652      {
1653          $flags = ($config['allow_sig_bbcode']) ? OPTION_FLAG_BBCODE : 0;
1654          $flags |= ($config['allow_sig_links']) ? OPTION_FLAG_LINKS : 0;
1655          $flags |= ($config['allow_sig_smilies']) ? OPTION_FLAG_SMILIES : 0;
1656  
1657          $preview_signature = generate_text_for_display($preview_signature, $preview_signature_uid, $preview_signature_bitfield, $flags, false);
1658      }
1659      else
1660      {
1661          $preview_signature = '';
1662      }
1663  
1664      $preview_subject = censor_text($post_data['post_subject']);
1665  
1666      // Poll Preview
1667      if (!$poll_delete && ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1668      && $auth->acl_get('f_poll', $forum_id))
1669      {
1670          $parse_poll = new parse_message($post_data['poll_title']);
1671          $parse_poll->bbcode_uid = $message_parser->bbcode_uid;
1672          $parse_poll->bbcode_bitfield = $message_parser->bbcode_bitfield;
1673  
1674          $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
1675  
1676          if ($post_data['poll_length'])
1677          {
1678              $poll_end = ($post_data['poll_length'] * 86400) + (($post_data['poll_start']) ? $post_data['poll_start'] : time());
1679          }
1680  
1681          $template->assign_vars(array(
1682              'S_HAS_POLL_OPTIONS'    => (count($post_data['poll_options'])),
1683              'S_IS_MULTI_CHOICE'        => ($post_data['poll_max_options'] > 1) ? true : false,
1684  
1685              'POLL_QUESTION'        => $parse_poll->message,
1686  
1687              'L_POLL_LENGTH'        => ($post_data['poll_length']) ? sprintf($user->lang['POLL_RUN_TILL'], $user->format_date($poll_end)) : '',
1688              'L_MAX_VOTES'        => $user->lang('MAX_OPTIONS_SELECT', (int) $post_data['poll_max_options']),
1689          ));
1690  
1691          $preview_poll_options = array();
1692          foreach ($post_data['poll_options'] as $poll_option)
1693          {
1694              $parse_poll->message = $poll_option;
1695              $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
1696              $preview_poll_options[] = $parse_poll->message;
1697          }
1698          unset($parse_poll);
1699  
1700          foreach ($preview_poll_options as $key => $option)
1701          {
1702              $template->assign_block_vars('poll_option', array(
1703                  'POLL_OPTION_CAPTION'    => $option,
1704                  'POLL_OPTION_ID'        => $key + 1)
1705              );
1706          }
1707          unset($preview_poll_options);
1708      }
1709  
1710      // Attachment Preview
1711      if (count($message_parser->attachment_data))
1712      {
1713          $template->assign_var('S_HAS_ATTACHMENTS', true);
1714  
1715          $update_count = array();
1716          $attachment_data = $message_parser->attachment_data;
1717  
1718          parse_attachments($forum_id, $preview_message, $attachment_data, $update_count, true);
1719  
1720          foreach ($attachment_data as $i => $attachment)
1721          {
1722              $template->assign_block_vars('attachment', array(
1723                  'DISPLAY_ATTACHMENT'    => $attachment)
1724              );
1725          }
1726          unset($attachment_data);
1727      }
1728  
1729      if (!count($error))
1730      {
1731          $template->assign_vars(array(
1732              'PREVIEW_SUBJECT'        => $preview_subject,
1733              'PREVIEW_MESSAGE'        => $preview_message,
1734              'PREVIEW_SIGNATURE'        => $preview_signature,
1735  
1736              'S_DISPLAY_PREVIEW'        => !empty($preview_message),
1737          ));
1738      }
1739  }
1740  
1741  // Remove quotes that would become nested too deep before decoding the text
1742  $generate_quote = ($mode == 'quote' && !$submit && !$preview && !$refresh);
1743  if ($generate_quote && $config['max_quote_depth'] > 0)
1744  {
1745      $tmp_bbcode_uid = $message_parser->bbcode_uid;
1746      $message_parser->bbcode_uid = $post_data['bbcode_uid'];
1747      $message_parser->remove_nested_quotes($config['max_quote_depth'] - 1);
1748      $message_parser->bbcode_uid = $tmp_bbcode_uid;
1749  }
1750  
1751  // Decode text for message display
1752  $post_data['bbcode_uid'] = ($mode == 'quote' && !$preview && !$refresh && !count($error)) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid;
1753  $message_parser->decode_message($post_data['bbcode_uid']);
1754  
1755  if ($generate_quote)
1756  {
1757      // Remove attachment bbcode tags from the quoted message to avoid mixing with the new post attachments if any
1758      $message_parser->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#uis', '\\2', $message_parser->message);
1759  
1760      $quote_attributes = array(
1761                          'author'  => $post_data['quote_username'],
1762                          'post_id' => $post_data['post_id'],
1763                          'time'    => $post_data['post_time'],
1764                          'user_id' => $post_data['poster_id'],
1765      );
1766  
1767      /**
1768      * This event allows you to modify the quote attributes of the post being quoted
1769      *
1770      * @event core.posting_modify_quote_attributes
1771      * @var    array    quote_attributes    Array with quote attributes
1772      * @var    array    post_data            Array with post data
1773      * @since 3.2.6-RC1
1774      */
1775      $vars = array(
1776          'quote_attributes',
1777          'post_data',
1778      );
1779      extract($phpbb_dispatcher->trigger_event('core.posting_modify_quote_attributes', compact($vars)));
1780  
1781      /** @var \phpbb\language\language $language */
1782      $language = $phpbb_container->get('language');
1783      phpbb_format_quote($language, $message_parser, $bbcode_utils, $bbcode_status, $quote_attributes);
1784  }
1785  
1786  if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh)
1787  {
1788      $post_data['post_subject'] = ((strpos($post_data['post_subject'], 'Re: ') !== 0) ? 'Re: ' : '') . censor_text($post_data['post_subject']);
1789  
1790      $post_subject = $post_data['post_subject'];
1791  
1792      /**
1793      * This event allows you to modify the post subject of the post being quoted
1794      *
1795      * @event core.posting_modify_post_subject
1796      * @var    string        post_subject    String with the post subject already censored.
1797      * @since 3.2.8-RC1
1798      */
1799      $vars = array('post_subject');
1800      extract($phpbb_dispatcher->trigger_event('core.posting_modify_post_subject', compact($vars)));
1801  
1802      $post_data['post_subject'] = $post_subject;
1803  }
1804  
1805  $attachment_data = $message_parser->attachment_data;
1806  $filename_data = $message_parser->filename_data;
1807  $post_data['post_text'] = $message_parser->message;
1808  
1809  if (count($post_data['poll_options']) || (isset($post_data['poll_title']) && !$bbcode_utils->is_empty($post_data['poll_title'])))
1810  {
1811      $message_parser->message = $post_data['poll_title'];
1812      $message_parser->bbcode_uid = $post_data['bbcode_uid'];
1813  
1814      $message_parser->decode_message();
1815      $post_data['poll_title'] = $message_parser->message;
1816  
1817      $message_parser->message = implode("\n", $post_data['poll_options']);
1818      $message_parser->decode_message();
1819      $post_data['poll_options'] = explode("\n", $message_parser->message);
1820  }
1821  
1822  // MAIN POSTING PAGE BEGINS HERE
1823  
1824  // Forum moderators?
1825  $moderators = array();
1826  if ($config['load_moderators'])
1827  {
1828      get_moderators($moderators, $forum_id);
1829  }
1830  
1831  // Generate smiley listing
1832  generate_smilies('inline', $forum_id);
1833  
1834  // Generate inline attachment select box
1835  posting_gen_inline_attachments($attachment_data);
1836  
1837  // Do show topic type selection only in first post.
1838  $topic_type_toggle = false;
1839  
1840  if ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']))
1841  {
1842      $topic_type_toggle = posting_gen_topic_types($forum_id, $post_data['topic_type']);
1843  }
1844  
1845  $s_topic_icons = false;
1846  if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id))
1847  {
1848      $s_topic_icons = posting_gen_topic_icons($mode, $post_data['icon_id']);
1849  }
1850  
1851  $bbcode_checked        = (isset($post_data['enable_bbcode'])) ? !$post_data['enable_bbcode'] : (($config['allow_bbcode']) ? !$user->optionget('bbcode') : 1);
1852  $smilies_checked    = (isset($post_data['enable_smilies'])) ? !$post_data['enable_smilies'] : (($config['allow_smilies']) ? !$user->optionget('smilies') : 1);
1853  $urls_checked        = (isset($post_data['enable_urls'])) ? !$post_data['enable_urls'] : 0;
1854  $sig_checked        = $post_data['enable_sig'];
1855  $lock_topic_checked    = (isset($topic_lock) && $topic_lock) ? $topic_lock : (($post_data['topic_status'] == ITEM_LOCKED) ? 1 : 0);
1856  $lock_post_checked    = (isset($post_lock)) ? $post_lock : $post_data['post_edit_locked'];
1857  
1858  // If the user is replying or posting and not already watching this topic but set to always being notified we need to overwrite this setting
1859  $notify_set            = ($mode != 'edit' && $config['allow_topic_notify'] && $user->data['is_registered'] && !$post_data['notify_set']) ? $user->data['user_notify'] : $post_data['notify_set'];
1860  $notify_checked        = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);
1861  
1862  // Page title & action URL
1863  $s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode");
1864  
1865  switch ($mode)
1866  {
1867      case 'post':
1868          $s_action .= $forum_id ? "&amp;f=$forum_id" : '';
1869          $page_title = $user->lang['POST_TOPIC'];
1870      break;
1871  
1872      case 'reply':
1873          $s_action .= $topic_id ? "&amp;t=$topic_id" : '';
1874          $page_title = $user->lang['POST_REPLY'];
1875      break;
1876  
1877      case 'quote':
1878          $s_action .= $post_id ? "&amp;p=$post_id" : '';
1879          $page_title = $user->lang['POST_REPLY'];
1880      break;
1881  
1882      case 'delete':
1883      case 'edit':
1884          $s_action .= $post_id ? "&amp;p=$post_id" : '';
1885          $page_title = $user->lang['EDIT_POST'];
1886      break;
1887  }
1888  
1889  // Build Navigation Links
1890  generate_forum_nav($post_data);
1891  
1892  // Build Forum Rules
1893  generate_forum_rules($post_data);
1894  
1895  // Posting uses is_solved for legacy reasons. Plugins have to use is_solved to force themselves to be displayed.
1896  if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === false) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
1897  {
1898  
1899      $template->assign_vars(array(
1900          'S_CONFIRM_CODE'            => true,
1901          'CAPTCHA_TEMPLATE'            => $captcha->get_template(),
1902      ));
1903  }
1904  
1905  $s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $post_data['topic_last_post_id'] . '" />' : '';
1906  $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . $request->variable('draft_loaded', $draft_id) . '" />' : '';
1907  
1908  if ($mode == 'edit')
1909  {
1910      $s_hidden_fields .= build_hidden_fields(array(
1911          'edit_post_message_checksum'    => $post_data['post_checksum'],
1912          'edit_post_subject_checksum'    => $post_data['post_subject_md5'],
1913      ));
1914  }
1915  
1916  // Add the confirm id/code pair to the hidden fields, else an error is displayed on next submit/preview
1917  if (isset($captcha) && $captcha->is_solved() !== false)
1918  {
1919      $s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields());
1920  }
1921  
1922  $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_attachments'] || !$auth->acl_get('u_attach') || !$auth->acl_get('f_attach', $forum_id)) ? '' : ' enctype="multipart/form-data"';
1923  add_form_key('posting');
1924  
1925  /** @var \phpbb\controller\helper $controller_helper */
1926  $controller_helper = $phpbb_container->get('controller.helper');
1927  
1928  // Build array of variables for main posting page
1929  $page_data = array(
1930      'L_POST_A'                    => $page_title,
1931      'L_ICON'                    => ($mode == 'reply' || $mode == 'quote' || ($mode == 'edit' && $post_id != $post_data['topic_first_post_id'])) ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'],
1932      'L_MESSAGE_BODY_EXPLAIN'    => $user->lang('MESSAGE_BODY_EXPLAIN', (int) $config['max_post_chars']),
1933      'L_DELETE_POST_PERMANENTLY'    => $user->lang('DELETE_POST_PERMANENTLY', 1),
1934  
1935      'FORUM_NAME'            => $post_data['forum_name'],
1936      'FORUM_DESC'            => ($post_data['forum_desc']) ? generate_text_for_display($post_data['forum_desc'], $post_data['forum_desc_uid'], $post_data['forum_desc_bitfield'], $post_data['forum_desc_options']) : '',
1937      'TOPIC_TITLE'            => censor_text($post_data['topic_title']),
1938      'MODERATORS'            => (count($moderators)) ? implode($user->lang['COMMA_SEPARATOR'], $moderators[$forum_id]) : '',
1939      'USERNAME'                => ((!$preview && $mode != 'quote') || $preview) ? $post_data['username'] : '',
1940      'SUBJECT'                => $post_data['post_subject'],
1941      'MESSAGE'                => $post_data['post_text'],
1942      'BBCODE_STATUS'            => $user->lang(($bbcode_status ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '<a href="' . $controller_helper->route('phpbb_help_bbcode_controller') . '">', '</a>'),
1943      'IMG_STATUS'            => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
1944      'FLASH_STATUS'            => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
1945      'SMILIES_STATUS'        => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
1946      'URL_STATUS'            => ($bbcode_status && $url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
1947      'MAX_FONT_SIZE'            => (int) $config['max_post_font_size'],
1948      'MINI_POST_IMG'            => $user->img('icon_post_target', $user->lang['POST']),
1949      'POST_DATE'                => ($post_data['post_time']) ? $user->format_date($post_data['post_time']) : '',
1950      'ERROR'                    => (count($error)) ? implode('<br />', $error) : '',
1951      'TOPIC_TIME_LIMIT'        => (int) $post_data['topic_time_limit'],
1952      'EDIT_REASON'            => $request->variable('edit_reason', '', true),
1953      'SHOW_PANEL'            => $request->variable('show_panel', ''),
1954      'U_VIEW_FORUM'            => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"),
1955      'U_VIEW_TOPIC'            => ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t=$topic_id") : '',
1956      'U_PROGRESS_BAR'        => append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&amp;mode=popup"),
1957      'UA_PROGRESS_BAR'        => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&amp;mode=popup")),
1958  
1959      'S_PRIVMSGS'                => false,
1960      'S_CLOSE_PROGRESS_WINDOW'    => (isset($_POST['add_file'])) ? true : false,
1961      'S_EDIT_POST'                => ($mode == 'edit') ? true : false,
1962      'S_EDIT_REASON'                => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
1963      'S_DISPLAY_USERNAME'        => (!$user->data['is_registered'] || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS)) ? true : false,
1964      'S_SHOW_TOPIC_ICONS'        => $s_topic_icons,
1965      'S_DELETE_ALLOWED'            => ($mode == 'edit' && (($post_id == $post_data['topic_last_post_id'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])) || $auth->acl_get('m_delete', $forum_id))) ? true : false,
1966      'S_BBCODE_ALLOWED'            => ($bbcode_status) ? 1 : 0,
1967      'S_BBCODE_CHECKED'            => ($bbcode_checked) ? ' checked="checked"' : '',
1968      'S_SMILIES_ALLOWED'            => $smilies_status,
1969      'S_SMILIES_CHECKED'            => ($smilies_checked) ? ' checked="checked"' : '',
1970      'S_SIG_ALLOWED'                => ($user->data['is_registered'] && $config['allow_sig'] && $auth->acl_get('f_sigs', $forum_id) && $auth->acl_get('u_sig')) ? true : false,
1971      'S_SIGNATURE_CHECKED'        => ($sig_checked) ? ' checked="checked"' : '',
1972      'S_NOTIFY_ALLOWED'            => (!$user->data['is_registered'] || ($mode == 'edit' && $user->data['user_id'] != $post_data['poster_id']) || !$config['allow_topic_notify'] || !$config['email_enable']) ? false : true,
1973      'S_NOTIFY_CHECKED'            => ($notify_checked) ? ' checked="checked"' : '',
1974      'S_LOCK_TOPIC_ALLOWED'        => (($mode == 'edit' || $mode == 'reply' || $mode == 'quote' || $mode == 'post') && ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED))) ? true : false,
1975      'S_LOCK_TOPIC_CHECKED'        => ($lock_topic_checked) ? ' checked="checked"' : '',
1976      'S_LOCK_POST_ALLOWED'        => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
1977      'S_LOCK_POST_CHECKED'        => ($lock_post_checked) ? ' checked="checked"' : '',
1978      'S_SOFTDELETE_CHECKED'        => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? ' checked="checked"' : '',
1979      'S_SOFTDELETE_ALLOWED'        => ($mode == 'edit' && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $lock_post_checked) && $post_id == $post_data['topic_last_post_id'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])) ? true : false,
1980      'S_RESTORE_ALLOWED'            => $auth->acl_get('m_approve', $forum_id),
1981      'S_IS_DELETED'                => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? true : false,
1982      'S_LINKS_ALLOWED'            => $url_status,
1983      'S_MAGIC_URL_CHECKED'        => ($urls_checked) ? ' checked="checked"' : '',
1984      'S_TYPE_TOGGLE'                => $topic_type_toggle,
1985      'S_SAVE_ALLOWED'            => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $mode != 'edit') ? true : false,
1986      'S_HAS_DRAFTS'                => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $post_data['drafts']) ? true : false,
1987      'S_FORM_ENCTYPE'            => $form_enctype,
1988  
1989      'S_BBCODE_IMG'            => $img_status,
1990      'S_BBCODE_URL'            => $url_status,
1991      'S_BBCODE_FLASH'        => $flash_status,
1992      'S_BBCODE_QUOTE'        => $quote_status,
1993  
1994      'S_POST_ACTION'            => $s_action,
1995      'S_HIDDEN_FIELDS'        => $s_hidden_fields,
1996      'S_ATTACH_DATA'            => json_encode($message_parser->attachment_data),
1997      'S_IN_POSTING'            => true,
1998  );
1999  
2000  // Build custom bbcodes array
2001  display_custom_bbcodes();
2002  
2003  // Poll entry
2004  if (($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
2005      && $auth->acl_get('f_poll', $forum_id))
2006  {
2007      $page_data = array_merge($page_data, array(
2008          'S_SHOW_POLL_BOX'        => true,
2009          'S_POLL_VOTE_CHANGE'    => ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id)),
2010          'S_POLL_DELETE'            => ($mode == 'edit' && count($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))),
2011          'S_POLL_DELETE_CHECKED'    => (!empty($poll_delete)) ? true : false,
2012  
2013          'L_POLL_OPTIONS_EXPLAIN'    => $user->lang('POLL_OPTIONS_' . (($mode == 'edit') ? 'EDIT_' : '') . 'EXPLAIN', (int) $config['max_poll_options']),
2014  
2015          'VOTE_CHANGE_CHECKED'    => (!empty($post_data['poll_vote_change'])) ? ' checked="checked"' : '',
2016          'POLL_TITLE'            => (isset($post_data['poll_title'])) ? $post_data['poll_title'] : '',
2017          'POLL_OPTIONS'            => (!empty($post_data['poll_options'])) ? implode("\n", $post_data['poll_options']) : '',
2018          'POLL_MAX_OPTIONS'        => (isset($post_data['poll_max_options'])) ? (int) $post_data['poll_max_options'] : 1,
2019          'POLL_LENGTH'            => $post_data['poll_length'],
2020          )
2021      );
2022  }
2023  
2024  /**
2025  * This event allows you to modify template variables for the posting screen
2026  *
2027  * @event core.posting_modify_template_vars
2028  * @var    array    post_data    Array with post data
2029  * @var    array    moderators    Array with forum moderators
2030  * @var    string    mode        What action to take if the form is submitted
2031  *                post|reply|quote|edit|delete|bump|smilies|popup
2032  * @var    string    page_title    Title of the mode page
2033  * @var    bool    s_topic_icons    Whether or not to show the topic icons
2034  * @var    string    form_enctype    If attachments are allowed for this form
2035  *                "multipart/form-data" or empty string
2036  * @var    string    s_action    The URL to submit the POST data to
2037  * @var    string    s_hidden_fields    Concatenated hidden input tags of posting form
2038  * @var    int    post_id        ID of the post
2039  * @var    int    topic_id    ID of the topic
2040  * @var    int    forum_id    ID of the forum
2041  * @var    int    draft_id    ID of the draft
2042  * @var    bool    submit        Whether or not the form has been submitted
2043  * @var    bool    preview        Whether or not the post is being previewed
2044  * @var    bool    save        Whether or not a draft is being saved
2045  * @var    bool    load        Whether or not a draft is being loaded
2046  * @var    bool    cancel        Whether or not to cancel the form (returns to
2047  *                viewtopic or viewforum depending on if the user
2048  *                is posting a new topic or editing a post)
2049  * @var    array    error        Any error strings; a non-empty array aborts
2050  *                form submission.
2051  *                NOTE: Should be actual language strings, NOT
2052  *                language keys.
2053  * @var    bool    refresh        Whether or not to retain previously submitted data
2054  * @var    array    page_data    Posting page data that should be passed to the
2055  *                posting page via $template->assign_vars()
2056  * @var    object    message_parser    The message parser object
2057  * @since 3.1.0-a1
2058  * @changed 3.1.0-b3 Added vars post_data, moderators, mode, page_title,
2059  *        s_topic_icons, form_enctype, s_action, s_hidden_fields,
2060  *        post_id, topic_id, forum_id, submit, preview, save, load,
2061  *        delete, cancel, refresh, error, page_data, message_parser
2062  * @changed 3.1.2-RC1 Removed 'delete' var as it does not exist
2063  * @changed 3.1.5-RC1 Added poll variables to the page_data array
2064  * @changed 3.1.6-RC1 Added 'draft_id' var
2065  */
2066  $vars = array(
2067      'post_data',
2068      'moderators',
2069      'mode',
2070      'page_title',
2071      's_topic_icons',
2072      'form_enctype',
2073      's_action',
2074      's_hidden_fields',
2075      'post_id',
2076      'topic_id',
2077      'forum_id',
2078      'draft_id',
2079      'submit',
2080      'preview',
2081      'save',
2082      'load',
2083      'cancel',
2084      'refresh',
2085      'error',
2086      'page_data',
2087      'message_parser',
2088  );
2089  extract($phpbb_dispatcher->trigger_event('core.posting_modify_template_vars', compact($vars)));
2090  
2091  // Start assigning vars for main posting page ...
2092  $template->assign_vars($page_data);
2093  
2094  // Show attachment box for adding attachments if true
2095  $allowed = ($auth->acl_get('f_attach', $forum_id) && $auth->acl_get('u_attach') && $config['allow_attachments'] && $form_enctype);
2096  
2097  if ($allowed)
2098  {
2099      $max_files = ($auth->acl_get('a_') || $auth->acl_get('m_', $forum_id)) ? 0 : (int) $config['max_attachments'];
2100      $plupload->configure($cache, $template, $s_action, $forum_id, $max_files);
2101  }
2102  
2103  // Attachment entry
2104  posting_gen_attachment_entry($attachment_data, $filename_data, $allowed, $forum_id);
2105  
2106  // Output page ...
2107  page_header($page_title);
2108  
2109  $template->set_filenames(array(
2110      'body' => 'posting_body.html')
2111  );
2112  
2113  make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx"));
2114  
2115  // Topic review
2116  if ($mode == 'reply' || $mode == 'quote')
2117  {
2118      if (topic_review($topic_id, $forum_id))
2119      {
2120          $template->assign_var('S_DISPLAY_REVIEW', true);
2121      }
2122  }
2123  
2124  page_footer();


Generated: Mon Nov 25 19:05:08 2024 Cross-referenced by PHPXref 0.7.1