[ Index ]

PHP Cross Reference of phpBB-3.3.7-deutsch

title

Body

[close]

/ -> posting.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  define('IN_PHPBB', true);
  18  $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
  19  $phpEx = substr(strrchr(__FILE__, '.'), 1);
  20  include($phpbb_root_path . 'common.' . $phpEx);
  21  include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
  22  include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
  23  include($phpbb_root_path . 'includes/message_parser.' . $phpEx);
  24  
  25  
  26  // Start session management
  27  $user->session_begin();
  28  $auth->acl($user->data);
  29  
  30  
  31  // Grab only parameters needed here
  32  $draft_id    = $request->variable('d', 0);
  33  
  34  $preview    = (isset($_POST['preview'])) ? true : false;
  35  $save        = (isset($_POST['save'])) ? true : false;
  36  $load        = (isset($_POST['load'])) ? true : false;
  37  $confirm    = $request->is_set_post('confirm');
  38  $cancel        = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false;
  39  
  40  $refresh    = (isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $preview);
  41  $submit = $request->is_set_post('post') && !$refresh && !$preview;
  42  $mode        = $request->variable('mode', '');
  43  
  44  // Only assign required URL parameters
  45  $forum_id = 0;
  46  $topic_id = 0;
  47  $post_id = 0;
  48  
  49  switch ($mode)
  50  {
  51      case 'popup':
  52      case 'smilies':
  53          $forum_id = $request->variable('f', 0);
  54      break;
  55  
  56      case 'post':
  57          $forum_id = $request->variable('f', 0);
  58          if (!$forum_id)
  59          {
  60              trigger_error('NO_FORUM');
  61          }
  62      break;
  63  
  64      case 'bump':
  65      case 'reply':
  66          $topic_id = $request->variable('t', 0);
  67          if ($topic_id)
  68          {
  69              $sql = 'SELECT forum_id
  70                  FROM ' . TOPICS_TABLE . "
  71                  WHERE topic_id = $topic_id";
  72              $result = $db->sql_query($sql);
  73              $forum_id = (int) $db->sql_fetchfield('forum_id');
  74              $db->sql_freeresult($result);
  75          }
  76  
  77          if (!$topic_id || !$forum_id)
  78          {
  79              trigger_error('NO_TOPIC');
  80          }
  81      break;
  82  
  83      case 'edit':
  84      case 'delete':
  85      case 'quote':
  86      case 'soft_delete':
  87          $post_id = $request->variable('p', 0);
  88          if ($post_id)
  89          {
  90              $topic_forum = [];
  91  
  92              $sql = 'SELECT t.topic_id, t.forum_id
  93                  FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p
  94                  WHERE p.post_id = ' . $post_id . '
  95                  AND t.topic_id = p.topic_id';
  96              $result = $db->sql_query($sql);
  97              $topic_forum = $db->sql_fetchrow($result);
  98              $db->sql_freeresult($result);
  99          }
 100  
 101          if (!$post_id || !$topic_forum)
 102          {
 103              $user->setup('posting');
 104              trigger_error('NO_POST');
 105          }
 106  
 107          $topic_id = (int) $topic_forum['topic_id'];
 108          $forum_id = (int) $topic_forum['forum_id'];
 109      break;
 110  }
 111  
 112  // If the user is not allowed to delete the post, we try to soft delete it, so we overwrite the mode here.
 113  if ($mode == 'delete' && (($confirm && !$request->is_set_post('delete_permanent')) || !$auth->acl_gets('f_delete', 'm_delete', $forum_id)))
 114  {
 115      $mode = 'soft_delete';
 116  }
 117  
 118  $error = $post_data = array();
 119  $current_time = time();
 120  
 121  /**
 122  * This event allows you to alter the above parameters, such as submit and mode
 123  *
 124  * Note: $refresh must be true to retain previously submitted form data.
 125  *
 126  * Note: The template class will not work properly until $user->setup() is
 127  * called, and it has not been called yet. Extensions requiring template
 128  * assignments should use an event that comes later in this file.
 129  *
 130  * @event core.modify_posting_parameters
 131  * @var    int        post_id        ID of the post
 132  * @var    int        topic_id    ID of the topic
 133  * @var    int        forum_id    ID of the forum
 134  * @var    int        draft_id    ID of the draft
 135  * @var    bool    submit        Whether or not the form has been submitted
 136  * @var    bool    preview        Whether or not the post is being previewed
 137  * @var    bool    save        Whether or not a draft is being saved
 138  * @var    bool    load        Whether or not a draft is being loaded
 139  * @var    bool    cancel        Whether or not to cancel the form (returns to
 140  *                            viewtopic or viewforum depending on if the user
 141  *                            is posting a new topic or editing a post)
 142  * @var    bool    refresh        Whether or not to retain previously submitted data
 143  * @var    string    mode        What action to take if the form has been submitted
 144  *                            post|reply|quote|edit|delete|bump|smilies|popup
 145  * @var    array    error        Any error strings; a non-empty array aborts
 146  *                            form submission.
 147  *                            NOTE: Should be actual language strings, NOT
 148  *                            language keys.
 149  * @since 3.1.0-a1
 150  * @changed 3.1.2-RC1            Removed 'delete' var as it does not exist
 151  * @changed 3.2.4-RC1        Remove unused 'lastclick' var
 152  */
 153  $vars = array(
 154      'post_id',
 155      'topic_id',
 156      'forum_id',
 157      'draft_id',
 158      'submit',
 159      'preview',
 160      'save',
 161      'load',
 162      'cancel',
 163      'refresh',
 164      'mode',
 165      'error',
 166  );
 167  extract($phpbb_dispatcher->trigger_event('core.modify_posting_parameters', compact($vars)));
 168  
 169  // Was cancel pressed? If so then redirect to the appropriate page
 170  if ($cancel)
 171  {
 172      $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx")));
 173      redirect($redirect);
 174  }
 175  
 176  /* @var $phpbb_content_visibility \phpbb\content_visibility */
 177  $phpbb_content_visibility = $phpbb_container->get('content.visibility');
 178  
 179  // We need to know some basic information in all cases before we do anything.
 180  switch ($mode)
 181  {
 182      case 'post':
 183          $sql = 'SELECT *
 184              FROM ' . FORUMS_TABLE . "
 185              WHERE forum_id = $forum_id";
 186      break;
 187  
 188      case 'bump':
 189      case 'reply':
 190          $sql = 'SELECT f.*, t.*
 191              FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
 192              WHERE t.topic_id = $topic_id
 193                  AND f.forum_id = t.forum_id
 194                  AND " . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id, 't.');
 195      break;
 196  
 197      case 'quote':
 198      case 'edit':
 199      case 'delete':
 200      case 'soft_delete':
 201          $sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield
 202              FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u
 203              WHERE p.post_id = $post_id
 204                  AND t.topic_id = p.topic_id
 205                  AND u.user_id = p.poster_id
 206                  AND f.forum_id = t.forum_id
 207                  AND " . $phpbb_content_visibility->get_visibility_sql('post', $forum_id, 'p.');
 208      break;
 209  
 210      case 'smilies':
 211          $sql = '';
 212          generate_smilies('window', $forum_id);
 213      break;
 214  
 215      case 'popup':
 216          if ($forum_id)
 217          {
 218              $sql = 'SELECT forum_style
 219                  FROM ' . FORUMS_TABLE . '
 220                  WHERE forum_id = ' . $forum_id;
 221          }
 222          else
 223          {
 224              phpbb_upload_popup();
 225              return;
 226          }
 227      break;
 228  
 229      default:
 230          $sql = '';
 231      break;
 232  }
 233  
 234  if (!$sql)
 235  {
 236      $user->setup('posting');
 237      trigger_error('NO_POST_MODE');
 238  }
 239  
 240  $result = $db->sql_query($sql);
 241  $post_data = $db->sql_fetchrow($result);
 242  $db->sql_freeresult($result);
 243  
 244  if (!$post_data)
 245  {
 246      if (!($mode == 'post' || $mode == 'bump' || $mode == 'reply'))
 247      {
 248          $user->setup('posting');
 249      }
 250      trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST');
 251  }
 252  
 253  /**
 254  * This event allows you to bypass reply/quote test of an unapproved post.
 255  *
 256  * @event core.posting_modify_row_data
 257  * @var    array    post_data    All post data from database
 258  * @var    string    mode        What action to take if the form has been submitted
 259  *                            post|reply|quote|edit|delete|bump|smilies|popup
 260  * @var    int        topic_id    ID of the topic
 261  * @var    int        forum_id    ID of the forum
 262  * @since 3.2.8-RC1
 263  */
 264  $vars = array(
 265      'post_data',
 266      'mode',
 267      'topic_id',
 268      'forum_id',
 269  );
 270  extract($phpbb_dispatcher->trigger_event('core.posting_modify_row_data', compact($vars)));
 271  
 272  // Not able to reply to unapproved posts/topics
 273  // TODO: add more descriptive language key
 274  if ($auth->acl_get('m_approve', $forum_id) && ((($mode == 'reply' || $mode == 'bump') && $post_data['topic_visibility'] != ITEM_APPROVED) || ($mode == 'quote' && $post_data['post_visibility'] != ITEM_APPROVED)))
 275  {
 276      trigger_error(($mode == 'reply' || $mode == 'bump') ? 'TOPIC_UNAPPROVED' : 'POST_UNAPPROVED');
 277  }
 278  
 279  if ($mode == 'popup')
 280  {
 281      phpbb_upload_popup($post_data['forum_style']);
 282      return;
 283  }
 284  
 285  $user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
 286  
 287  // Need to login to passworded forum first?
 288  if ($post_data['forum_password'])
 289  {
 290      login_forum_box(array(
 291          'forum_id'            => $forum_id,
 292          'forum_name'        => $post_data['forum_name'],
 293          'forum_password'    => $post_data['forum_password'])
 294      );
 295  }
 296  
 297  // Check permissions
 298  if ($user->data['is_bot'])
 299  {
 300      redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 301  }
 302  
 303  // Is the user able to read within this forum?
 304  if (!$auth->acl_get('f_read', $forum_id))
 305  {
 306      if ($user->data['user_id'] != ANONYMOUS)
 307      {
 308          trigger_error('USER_CANNOT_READ');
 309      }
 310      $message = $user->lang['LOGIN_EXPLAIN_POST'];
 311  
 312      if ($request->is_ajax())
 313      {
 314          $json = new phpbb\json_response();
 315          $json->send(array(
 316              'title'        => $user->lang['INFORMATION'],
 317              'message'    => $message,
 318          ));
 319      }
 320  
 321      login_box('', $message);
 322  }
 323  
 324  // Permission to do the action asked?
 325  $is_authed = false;
 326  
 327  switch ($mode)
 328  {
 329      case 'post':
 330          if ($auth->acl_get('f_post', $forum_id))
 331          {
 332              $is_authed = true;
 333          }
 334      break;
 335  
 336      case 'bump':
 337          if ($auth->acl_get('f_bump', $forum_id))
 338          {
 339              $is_authed = true;
 340          }
 341      break;
 342  
 343      case 'quote':
 344  
 345          $post_data['post_edit_locked'] = 0;
 346  
 347      // no break;
 348  
 349      case 'reply':
 350          if ($auth->acl_get('f_reply', $forum_id))
 351          {
 352              $is_authed = true;
 353          }
 354      break;
 355  
 356      case 'edit':
 357          if ($user->data['is_registered'] && $auth->acl_gets('f_edit', 'm_edit', $forum_id))
 358          {
 359              $is_authed = true;
 360          }
 361      break;
 362  
 363      case 'delete':
 364          if ($user->data['is_registered'] && ($auth->acl_get('m_delete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id))))
 365          {
 366              $is_authed = true;
 367          }
 368  
 369      // no break;
 370  
 371      case 'soft_delete':
 372          if (!$is_authed && $user->data['is_registered'] && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $post_data['post_edit_locked']))
 373          {
 374              // Fall back to soft_delete if we have no permissions to delete posts but to soft delete them
 375              $is_authed = true;
 376              $mode = 'soft_delete';
 377          }
 378      break;
 379  }
 380  /**
 381  * This event allows you to do extra auth checks and verify if the user
 382  * has the required permissions
 383  *
 384  * Extensions should only change the error and is_authed variables.
 385  *
 386  * @event core.modify_posting_auth
 387  * @var    int        post_id        ID of the post
 388  * @var    int        topic_id    ID of the topic
 389  * @var    int        forum_id    ID of the forum
 390  * @var    int        draft_id    ID of the draft
 391  * @var    bool    submit        Whether or not the form has been submitted
 392  * @var    bool    preview        Whether or not the post is being previewed
 393  * @var    bool    save        Whether or not a draft is being saved
 394  * @var    bool    load        Whether or not a draft is being loaded
 395  * @var    bool    refresh        Whether or not to retain previously submitted data
 396  * @var    string    mode        What action to take if the form has been submitted
 397  *                            post|reply|quote|edit|delete|bump|smilies|popup
 398  * @var    array    error        Any error strings; a non-empty array aborts
 399  *                            form submission.
 400  *                            NOTE: Should be actual language strings, NOT
 401  *                            language keys.
 402  * @var    bool    is_authed    Does the user have the required permissions?
 403  * @var    array    post_data    All post data from database
 404  * @since 3.1.3-RC1
 405  * @changed 3.1.10-RC1 Added post_data
 406  * @changed 3.2.4-RC1         Remove unused 'lastclick' var
 407  */
 408  $vars = array(
 409      'post_id',
 410      'topic_id',
 411      'forum_id',
 412      'draft_id',
 413      'submit',
 414      'preview',
 415      'save',
 416      'load',
 417      'refresh',
 418      'mode',
 419      'error',
 420      'is_authed',
 421      'post_data',
 422  );
 423  extract($phpbb_dispatcher->trigger_event('core.modify_posting_auth', compact($vars)));
 424  
 425  if (!$is_authed || !empty($error))
 426  {
 427      $check_auth = ($mode == 'quote') ? 'reply' : (($mode == 'soft_delete') ? 'delete' : $mode);
 428  
 429      if ($user->data['is_registered'])
 430      {
 431          trigger_error(empty($error) ? 'USER_CANNOT_' . strtoupper($check_auth) : implode('<br/>', $error));
 432      }
 433      $message = $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)];
 434  
 435      if ($request->is_ajax())
 436      {
 437          $json = new phpbb\json_response();
 438          $json->send(array(
 439              'title'        => $user->lang['INFORMATION'],
 440              'message'    => $message,
 441          ));
 442      }
 443  
 444      login_box('', $message);
 445  }
 446  
 447  if ($config['enable_post_confirm'] && !$user->data['is_registered'])
 448  {
 449      $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']);
 450      $captcha->init(CONFIRM_POST);
 451  }
 452  
 453  // Is the user able to post within this forum?
 454  if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply')))
 455  {
 456      trigger_error('USER_CANNOT_FORUM_POST');
 457  }
 458  
 459  // Forum/Topic locked?
 460  if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED)) && !$auth->acl_get($mode == 'reply' ? 'm_lock' : 'm_edit', $forum_id))
 461  {
 462      trigger_error(($post_data['forum_status'] == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED');
 463  }
 464  
 465  // Can we edit this post ... if we're a moderator with rights then always yes
 466  // else it depends on editing times, lock status and if we're the correct user
 467  if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id))
 468  {
 469      $force_edit_allowed = false;
 470  
 471      $s_cannot_edit = $user->data['user_id'] != $post_data['poster_id'];
 472      $s_cannot_edit_time = $config['edit_time'] && $post_data['post_time'] <= time() - ($config['edit_time'] * 60);
 473      $s_cannot_edit_locked = $post_data['post_edit_locked'];
 474  
 475      /**
 476      * This event allows you to modify the conditions for the "cannot edit post" checks
 477      *
 478      * @event core.posting_modify_cannot_edit_conditions
 479      * @var    array    post_data    Array with post data
 480      * @var    bool    force_edit_allowed        Allow the user to edit the post (all permissions and conditions are ignored)
 481      * @var    bool    s_cannot_edit            User can not edit the post because it's not his
 482      * @var    bool    s_cannot_edit_locked    User can not edit the post because it's locked
 483      * @var    bool    s_cannot_edit_time        User can not edit the post because edit_time has passed
 484      * @since 3.1.0-b4
 485      */
 486      $vars = array(
 487          'post_data',
 488          'force_edit_allowed',
 489          's_cannot_edit',
 490          's_cannot_edit_locked',
 491          's_cannot_edit_time',
 492      );
 493      extract($phpbb_dispatcher->trigger_event('core.posting_modify_cannot_edit_conditions', compact($vars)));
 494  
 495      if (!$force_edit_allowed)
 496      {
 497          if ($s_cannot_edit)
 498          {
 499              trigger_error('USER_CANNOT_EDIT');
 500          }
 501          else if ($s_cannot_edit_time)
 502          {
 503              trigger_error('CANNOT_EDIT_TIME');
 504          }
 505          else if ($s_cannot_edit_locked)
 506          {
 507              trigger_error('CANNOT_EDIT_POST_LOCKED');
 508          }
 509      }
 510  }
 511  
 512  // Handle delete mode...
 513  if ($mode == 'delete' || $mode == 'soft_delete')
 514  {
 515      if ($mode == 'soft_delete' && $post_data['post_visibility'] == ITEM_DELETED)
 516      {
 517          $user->setup('posting');
 518          trigger_error('NO_POST');
 519      }
 520  
 521      $delete_reason = $request->variable('delete_reason', '', true);
 522      phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, ($mode == 'soft_delete' && !$request->is_set_post('delete_permanent')), $delete_reason);
 523      return;
 524  }
 525  
 526  // Handle bump mode...
 527  if ($mode == 'bump')
 528  {
 529      if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id'])
 530          && check_link_hash($request->variable('hash', ''), "topic_{$post_data['topic_id']}"))
 531      {
 532          $meta_url = phpbb_bump_topic($forum_id, $topic_id, $post_data, $current_time);
 533          meta_refresh(3, $meta_url);
 534          $message = $user->lang['TOPIC_BUMPED'];
 535  
 536          if (!$request->is_ajax())
 537          {
 538              $message .= '<br /><br />' . $user->lang('VIEW_MESSAGE', '<a href="' . $meta_url . '">', '</a>');
 539              $message .= '<br /><br />' . $user->lang('RETURN_FORUM', '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
 540          }
 541  
 542          trigger_error($message);
 543      }
 544  
 545      trigger_error('BUMP_ERROR');
 546  }
 547  
 548  // Subject length limiting to 60 characters if first post...
 549  if ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_data['post_id']))
 550  {
 551      $template->assign_var('S_NEW_MESSAGE', true);
 552  }
 553  
 554  // Determine some vars
 555  if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS)
 556  {
 557      $post_data['quote_username'] = (!empty($post_data['post_username'])) ? $post_data['post_username'] : $user->lang['GUEST'];
 558  }
 559  else
 560  {
 561      $post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : '';
 562  }
 563  
 564  $post_data['post_edit_locked']    = (isset($post_data['post_edit_locked'])) ? (int) $post_data['post_edit_locked'] : 0;
 565  $post_data['post_subject_md5']    = (isset($post_data['post_subject']) && $mode == 'edit') ? md5($post_data['post_subject']) : '';
 566  $post_data['post_subject']        = (in_array($mode, array('quote', 'edit'))) ? $post_data['post_subject'] : ((isset($post_data['topic_title'])) ? $post_data['topic_title'] : '');
 567  $post_data['topic_time_limit']    = (isset($post_data['topic_time_limit'])) ? (($post_data['topic_time_limit']) ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit']) : 0;
 568  $post_data['poll_length']        = (!empty($post_data['poll_length'])) ? (int) $post_data['poll_length'] / 86400 : 0;
 569  $post_data['poll_start']        = (!empty($post_data['poll_start'])) ? (int) $post_data['poll_start'] : 0;
 570  $post_data['icon_id']            = (!isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply'))) ? 0 : (int) $post_data['icon_id'];
 571  $post_data['poll_options']        = array();
 572  
 573  // Get Poll Data
 574  if ($post_data['poll_start'])
 575  {
 576      $sql = 'SELECT poll_option_text
 577          FROM ' . POLL_OPTIONS_TABLE . "
 578          WHERE topic_id = $topic_id
 579          ORDER BY poll_option_id";
 580      $result = $db->sql_query($sql);
 581  
 582      while ($row = $db->sql_fetchrow($result))
 583      {
 584          $post_data['poll_options'][] = trim($row['poll_option_text']);
 585      }
 586      $db->sql_freeresult($result);
 587  }
 588  
 589  /**
 590  * This event allows you to modify the post data before parsing
 591  *
 592  * @event core.posting_modify_post_data
 593  * @var    int        forum_id    ID of the forum
 594  * @var    string    mode        What action to take if the form has been submitted
 595  *                            post|reply|quote|edit|delete|bump|smilies|popup
 596  * @var    array    post_data    Array with post data
 597  * @var    int        post_id        ID of the post
 598  * @var    int        topic_id    ID of the topic
 599  * @since 3.2.2-RC1
 600  */
 601  $vars = array(
 602      'forum_id',
 603      'mode',
 604      'post_data',
 605      'post_id',
 606      'topic_id',
 607  );
 608  extract($phpbb_dispatcher->trigger_event('core.posting_modify_post_data', compact($vars)));
 609  
 610  if ($mode == 'edit')
 611  {
 612      $original_poll_data = array(
 613          'poll_title'        => $post_data['poll_title'],
 614          'poll_length'        => $post_data['poll_length'],
 615          'poll_max_options'    => $post_data['poll_max_options'],
 616          'poll_option_text'    => implode("\n", $post_data['poll_options']),
 617          'poll_start'        => $post_data['poll_start'],
 618          'poll_last_vote'    => $post_data['poll_last_vote'],
 619          'poll_vote_change'    => $post_data['poll_vote_change'],
 620      );
 621  }
 622  
 623  $orig_poll_options_size = count($post_data['poll_options']);
 624  
 625  $message_parser = new parse_message();
 626  /* @var $plupload \phpbb\plupload\plupload */
 627  $plupload = $phpbb_container->get('plupload');
 628  
 629  /* @var $mimetype_guesser \phpbb\mimetype\guesser */
 630  $mimetype_guesser = $phpbb_container->get('mimetype.guesser');
 631  $message_parser->set_plupload($plupload);
 632  
 633  if (isset($post_data['post_text']))
 634  {
 635      $message_parser->message = &$post_data['post_text'];
 636      unset($post_data['post_text']);
 637  }
 638  
 639  // Set some default variables
 640  $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0);
 641  
 642  /**
 643  * This event allows you to modify the default variables for post_data, and unset them in post_data if needed
 644  *
 645  * @event core.posting_modify_default_variables
 646  * @var    array    post_data    Array with post data
 647  * @var    array    uninit        Array with default vars to put into post_data, if they aren't there
 648  * @since 3.2.5-RC1
 649  */
 650  $vars = array(
 651      'post_data',
 652      'uninit',
 653  );
 654  extract($phpbb_dispatcher->trigger_event('core.posting_modify_default_variables', compact($vars)));
 655  
 656  foreach ($uninit as $var_name => $default_value)
 657  {
 658      if (!isset($post_data[$var_name]))
 659      {
 660          $post_data[$var_name] = $default_value;
 661      }
 662  }
 663  unset($uninit);
 664  
 665  // Always check if the submitted attachment data is valid and belongs to the user.
 666  // Further down (especially in submit_post()) we do not check this again.
 667  $message_parser->get_submitted_attachment_data($post_data['poster_id']);
 668  
 669  if ($post_data['post_attachment'] && !$submit && !$refresh && !$preview && $mode == 'edit')
 670  {
 671      // Do not change to SELECT *
 672      $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename, filesize
 673          FROM ' . ATTACHMENTS_TABLE . "
 674          WHERE post_msg_id = $post_id
 675              AND in_message = 0
 676              AND is_orphan = 0
 677          ORDER BY attach_id DESC";
 678      $result = $db->sql_query($sql);
 679      $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));
 680      $db->sql_freeresult($result);
 681  }
 682  
 683  if ($post_data['poster_id'] == ANONYMOUS)
 684  {
 685      $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['post_username']) : '';
 686  }
 687  else
 688  {
 689      $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['username']) : '';
 690  }
 691  
 692  $post_data['enable_urls'] = $post_data['enable_magic_url'];
 693  
 694  if ($mode != 'edit')
 695  {
 696      $post_data['enable_sig']        = ($config['allow_sig'] && $user->optionget('attachsig')) ? true: false;
 697      $post_data['enable_smilies']    = ($config['allow_smilies'] && $user->optionget('smilies')) ? true : false;
 698      $post_data['enable_bbcode']        = ($config['allow_bbcode'] && $user->optionget('bbcode')) ? true : false;
 699      $post_data['enable_urls']        = true;
 700  }
 701  
 702  if ($mode == 'post')
 703  {
 704      $post_data['topic_status']        = ($request->is_set_post('lock_topic') && $auth->acl_gets('m_lock', 'f_user_lock', $forum_id)) ? ITEM_LOCKED : ITEM_UNLOCKED;
 705  }
 706  
 707  $post_data['enable_magic_url'] = $post_data['drafts'] = false;
 708  
 709  // User own some drafts?
 710  if ($user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
 711  {
 712      $sql = 'SELECT draft_id
 713          FROM ' . DRAFTS_TABLE . '
 714          WHERE user_id = ' . $user->data['user_id'] .
 715              (($forum_id) ? ' AND forum_id = ' . (int) $forum_id : '') .
 716              (($topic_id) ? ' AND topic_id = ' . (int) $topic_id : '') .
 717              (($draft_id) ? " AND draft_id <> $draft_id" : '');
 718      $result = $db->sql_query_limit($sql, 1);
 719  
 720      if ($db->sql_fetchrow($result))
 721      {
 722          $post_data['drafts'] = true;
 723      }
 724      $db->sql_freeresult($result);
 725  }
 726  
 727  $check_value = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
 728  
 729  // Check if user is watching this topic
 730  if ($mode != 'post' && $config['allow_topic_notify'] && $user->data['is_registered'])
 731  {
 732      $sql = 'SELECT topic_id
 733          FROM ' . TOPICS_WATCH_TABLE . '
 734          WHERE topic_id = ' . $topic_id . '
 735              AND user_id = ' . $user->data['user_id'];
 736      $result = $db->sql_query($sql);
 737      $post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id');
 738      $db->sql_freeresult($result);
 739  }
 740  
 741  // Do we want to edit our post ?
 742  if ($mode == 'edit' && $post_data['bbcode_uid'])
 743  {
 744      $message_parser->bbcode_uid = $post_data['bbcode_uid'];
 745  }
 746  
 747  // HTML, BBCode, Smilies, Images and Flash status
 748  $bbcode_status    = ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false;
 749  $smilies_status    = ($config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false;
 750  $img_status        = ($bbcode_status && $auth->acl_get('f_img', $forum_id)) ? true : false;
 751  $url_status        = ($config['allow_post_links']) ? true : false;
 752  $flash_status    = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false;
 753  $quote_status    = true;
 754  
 755  /**
 756   * Event to override message BBCode status indications
 757   *
 758   * @event core.posting_modify_bbcode_status
 759   *
 760   * @var bool    bbcode_status    BBCode status
 761   * @var bool    smilies_status    Smilies status
 762   * @var bool    img_status        Image BBCode status
 763   * @var bool    url_status        URL BBCode status
 764   * @var bool    flash_status    Flash BBCode status
 765   * @var bool    quote_status    Quote BBCode status
 766   * @since 3.3.3-RC1
 767   */
 768  $vars = [
 769      'bbcode_status',
 770      'smilies_status',
 771      'img_status',
 772      'url_status',
 773      'flash_status',
 774      'quote_status',
 775  ];
 776  extract($phpbb_dispatcher->trigger_event('core.posting_modify_bbcode_status', compact($vars)));
 777  
 778  // Save Draft
 779  if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
 780  {
 781      $subject = $request->variable('subject', '', true);
 782      $subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject;
 783      $message = $request->variable('message', '', true);
 784  
 785      /**
 786       * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR.
 787       * Using their Numeric Character Reference's Hexadecimal notation.
 788       */
 789      $subject = utf8_encode_ucr($subject);
 790  
 791      if ($subject && $message)
 792      {
 793          if (confirm_box(true))
 794          {
 795              $message_parser->message = $message;
 796              $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
 797  
 798              $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 799                  'user_id'        => (int) $user->data['user_id'],
 800                  'topic_id'        => (int) $topic_id,
 801                  'forum_id'        => (int) $forum_id,
 802                  'save_time'        => (int) $current_time,
 803                  'draft_subject'    => (string) $subject,
 804                  'draft_message'    => (string) $message_parser->message)
 805              );
 806              $db->sql_query($sql);
 807  
 808              /** @var \phpbb\attachment\manager $attachment_manager */
 809              $attachment_manager = $phpbb_container->get('attachment.manager');
 810              $attachment_manager->delete('attach', array_column($message_parser->attachment_data, 'attach_id'));
 811  
 812              $meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t=$topic_id");
 813  
 814              meta_refresh(3, $meta_info);
 815  
 816              $message = $user->lang['DRAFT_SAVED'] . '<br /><br />';
 817              $message .= ($mode != 'post') ? sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>') . '<br /><br />' : '';
 818              $message .= sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
 819  
 820              trigger_error($message);
 821          }
 822          else
 823          {
 824              $s_hidden_fields = build_hidden_fields(array(
 825                  'mode'        => $mode,
 826                  'save'        => true,
 827                  'f'            => $forum_id,
 828                  't'            => $topic_id,
 829                  'subject'    => $subject,
 830                  'message'    => $message,
 831                  'attachment_data' => $message_parser->attachment_data,
 832                  )
 833              );
 834  
 835              $hidden_fields = array(
 836                  'icon_id'            => 0,
 837  
 838                  'disable_bbcode'    => false,
 839                  'disable_smilies'    => false,
 840                  'disable_magic_url'    => false,
 841                  'attach_sig'        => true,
 842                  'lock_topic'        => false,
 843  
 844                  'topic_type'        => POST_NORMAL,
 845                  'topic_time_limit'    => 0,
 846  
 847                  'poll_title'        => '',
 848                  'poll_option_text'    => '',
 849                  'poll_max_options'    => 1,
 850                  'poll_length'        => 0,
 851                  'poll_vote_change'    => false,
 852              );
 853  
 854              foreach ($hidden_fields as $name => $default)
 855              {
 856                  if (!isset($_POST[$name]))
 857                  {
 858                      // Don't include it, if its not available
 859                      unset($hidden_fields[$name]);
 860                      continue;
 861                  }
 862  
 863                  if (is_bool($default))
 864                  {
 865                      // Use the string representation
 866                      $hidden_fields[$name] = $request->variable($name, '');
 867                  }
 868                  else
 869                  {
 870                      $hidden_fields[$name] = $request->variable($name, $default);
 871                  }
 872              }
 873  
 874              $s_hidden_fields .= build_hidden_fields($hidden_fields);
 875  
 876              confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields);
 877          }
 878      }
 879      else
 880      {
 881          if (utf8_clean_string($subject) === '')
 882          {
 883              $error[] = $user->lang['EMPTY_SUBJECT'];
 884          }
 885  
 886          if (utf8_clean_string($message) === '')
 887          {
 888              $error[] = $user->lang['TOO_FEW_CHARS'];
 889          }
 890      }
 891      unset($subject, $message);
 892  }
 893  
 894  // Load requested Draft
 895  if ($draft_id && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $user->data['is_registered'] && $auth->acl_get('u_savedrafts'))
 896  {
 897      $sql = 'SELECT draft_subject, draft_message
 898          FROM ' . DRAFTS_TABLE . "
 899          WHERE draft_id = $draft_id
 900              AND user_id = " . $user->data['user_id'];
 901      $result = $db->sql_query_limit($sql, 1);
 902      $row = $db->sql_fetchrow($result);
 903      $db->sql_freeresult($result);
 904  
 905      if ($row)
 906      {
 907          $post_data['post_subject'] = $row['draft_subject'];
 908          $message_parser->message = $row['draft_message'];
 909  
 910          $template->assign_var('S_DRAFT_LOADED', true);
 911      }
 912      else
 913      {
 914          $draft_id = 0;
 915      }
 916  }
 917  
 918  // Load draft overview
 919  if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_data['drafts'])
 920  {
 921      load_drafts($topic_id, $forum_id);
 922  }
 923  
 924  /** @var \phpbb\textformatter\utils_interface $bbcode_utils */
 925  $bbcode_utils = $phpbb_container->get('text_formatter.utils');
 926  
 927  if ($submit || $preview || $refresh)
 928  {
 929      $post_data['topic_cur_post_id']    = $request->variable('topic_cur_post_id', 0);
 930      $post_data['post_subject']        = $request->variable('subject', '', true);
 931      $message_parser->message        = $request->variable('message', '', true);
 932  
 933      $post_data['username']            = $request->variable('username', $post_data['username'], true);
 934      $post_data['post_edit_reason']    = ($request->variable('edit_reason', false, false, \phpbb\request\request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? $request->variable('edit_reason', '', true) : '';
 935  
 936      $post_data['orig_topic_type']    = $post_data['topic_type'];
 937      $post_data['topic_type']        = $request->variable('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL));
 938      $post_data['topic_time_limit']    = $request->variable('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0));
 939  
 940      if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id))
 941      {
 942          $post_data['icon_id'] = $request->variable('icon', (int) $post_data['icon_id']);
 943      }
 944  
 945      $post_data['enable_bbcode']        = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true;
 946      $post_data['enable_smilies']    = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true;
 947      $post_data['enable_urls']        = (isset($_POST['disable_magic_url'])) ? 0 : 1;
 948      $post_data['enable_sig']        = (!$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig')) ? false : ((isset($_POST['attach_sig']) && $user->data['is_registered']) ? true : false);
 949  
 950      if ($config['allow_topic_notify'] && $user->data['is_registered'])
 951      {
 952          $notify = (isset($_POST['notify'])) ? true : false;
 953      }
 954      else
 955      {
 956          $notify = false;
 957      }
 958  
 959      $topic_lock            = (isset($_POST['lock_topic'])) ? true : false;
 960      $post_lock            = (isset($_POST['lock_post'])) ? true : false;
 961      $poll_delete        = (isset($_POST['poll_delete'])) ? true : false;
 962  
 963      if ($submit)
 964      {
 965          $status_switch = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
 966          $status_switch = ($status_switch != $check_value);
 967      }
 968      else
 969      {
 970          $status_switch = 1;
 971      }
 972  
 973      // Delete Poll
 974      if ($poll_delete && $mode == 'edit' && count($post_data['poll_options']) &&
 975          ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id)))
 976      {
 977          if ($submit && check_form_key('posting'))
 978          {
 979              $sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . "
 980                  WHERE topic_id = $topic_id";
 981              $db->sql_query($sql);
 982  
 983              $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . "
 984                  WHERE topic_id = $topic_id";
 985              $db->sql_query($sql);
 986  
 987              $topic_sql = array(
 988                  'poll_title'        => '',
 989                  'poll_start'         => 0,
 990                  'poll_length'        => 0,
 991                  'poll_last_vote'    => 0,
 992                  'poll_max_options'    => 0,
 993                  'poll_vote_change'    => 0
 994              );
 995  
 996              $sql = 'UPDATE ' . TOPICS_TABLE . '
 997                  SET ' . $db->sql_build_array('UPDATE', $topic_sql) . "
 998                  WHERE topic_id = $topic_id";
 999              $db->sql_query($sql);
1000          }
1001  
1002          $post_data['poll_title'] = $post_data['poll_option_text'] = '';
1003          $post_data['poll_vote_change'] = $post_data['poll_max_options'] = $post_data['poll_length'] = 0;
1004      }
1005      else
1006      {
1007          $post_data['poll_title']        = $request->variable('poll_title', '', true);
1008          $post_data['poll_length']        = $request->variable('poll_length', 0);
1009          $post_data['poll_option_text']    = $request->variable('poll_option_text', '', true);
1010          $post_data['poll_max_options']    = $request->variable('poll_max_options', 1);
1011          $post_data['poll_vote_change']    = ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0;
1012      }
1013  
1014      // If replying/quoting and last post id has changed
1015      // give user option to continue submit or return to post
1016      // notify and show user the post made between his request and the final submit
1017      if (($mode == 'reply' || $mode == 'quote') && $post_data['topic_cur_post_id'] && $post_data['topic_cur_post_id'] != $post_data['topic_last_post_id'])
1018      {
1019          // Only do so if it is allowed forum-wide
1020          if ($post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
1021          {
1022              if (topic_review($topic_id, $forum_id, 'post_review', $post_data['topic_cur_post_id']))
1023              {
1024                  $template->assign_var('S_POST_REVIEW', true);
1025              }
1026  
1027              $submit = false;
1028              $refresh = true;
1029          }
1030      }
1031  
1032      // Parse Attachments - before checksum is calculated
1033      if ($message_parser->check_attachment_form_token($language, $request, 'posting'))
1034      {
1035          $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh);
1036      }
1037  
1038      /**
1039      * This event allows you to modify message text before parsing
1040      *
1041      * @event core.posting_modify_message_text
1042      * @var    array    post_data    Array with post data
1043      * @var    string    mode        What action to take if the form is submitted
1044      *                post|reply|quote|edit|delete|bump|smilies|popup
1045      * @var    int    post_id        ID of the post
1046      * @var    int    topic_id    ID of the topic
1047      * @var    int    forum_id    ID of the forum
1048      * @var    bool    submit        Whether or not the form has been submitted
1049      * @var    bool    preview        Whether or not the post is being previewed
1050      * @var    bool    save        Whether or not a draft is being saved
1051      * @var    bool    load        Whether or not a draft is being loaded
1052      * @var    bool    cancel        Whether or not to cancel the form (returns to
1053      *                viewtopic or viewforum depending on if the user
1054      *                is posting a new topic or editing a post)
1055      * @var    bool    refresh        Whether or not to retain previously submitted data
1056      * @var    object    message_parser    The message parser object
1057      * @var    array    error        Array of errors
1058      * @since 3.1.2-RC1
1059      * @changed 3.1.11-RC1 Added error
1060      */
1061      $vars = array(
1062          'post_data',
1063          'mode',
1064          'post_id',
1065          'topic_id',
1066          'forum_id',
1067          'submit',
1068          'preview',
1069          'save',
1070          'load',
1071          'cancel',
1072          'refresh',
1073          'message_parser',
1074          'error',
1075      );
1076      extract($phpbb_dispatcher->trigger_event('core.posting_modify_message_text', compact($vars)));
1077  
1078      // Grab md5 'checksum' of new message
1079      $message_md5 = md5($message_parser->message);
1080  
1081      // If editing and checksum has changed we know the post was edited while we're editing
1082      // Notify and show user the changed post
1083      if ($mode == 'edit' && $post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
1084      {
1085          $edit_post_message_checksum = $request->variable('edit_post_message_checksum', '');
1086          $edit_post_subject_checksum = $request->variable('edit_post_subject_checksum', '');
1087  
1088          // $post_data['post_checksum'] is the checksum of the post submitted in the meantime
1089          // $message_md5 is the checksum of the post we're about to submit
1090          // $edit_post_message_checksum is the checksum of the post we're editing
1091          // ...
1092  
1093          // We make sure nobody else made exactly the same change
1094          // we're about to submit by also checking $message_md5 != $post_data['post_checksum']
1095          if ($edit_post_message_checksum !== '' &&
1096              $edit_post_message_checksum != $post_data['post_checksum'] &&
1097              $message_md5 != $post_data['post_checksum']
1098              ||
1099              $edit_post_subject_checksum !== '' &&
1100              $edit_post_subject_checksum != $post_data['post_subject_md5'] &&
1101              md5($post_data['post_subject']) != $post_data['post_subject_md5'])
1102          {
1103              if (topic_review($topic_id, $forum_id, 'post_review_edit', $post_id))
1104              {
1105                  $template->assign_vars(array(
1106                      'S_POST_REVIEW'            => true,
1107  
1108                      'L_POST_REVIEW'            => $user->lang['POST_REVIEW_EDIT'],
1109                      'L_POST_REVIEW_EXPLAIN'    => $user->lang['POST_REVIEW_EDIT_EXPLAIN'],
1110                  ));
1111              }
1112  
1113              $submit = false;
1114              $refresh = true;
1115          }
1116      }
1117  
1118      // Check checksum ... don't re-parse message if the same
1119      $update_message = ($mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN) ? true : false;
1120  
1121      // Also check if subject got updated...
1122      $update_subject = $mode != 'edit' || ($post_data['post_subject_md5'] && $post_data['post_subject_md5'] != md5($post_data['post_subject']));
1123  
1124      // Parse message
1125      if ($update_message)
1126      {
1127          if (count($message_parser->warn_msg))
1128          {
1129              $error[] = implode('<br />', $message_parser->warn_msg);
1130              $message_parser->warn_msg = array();
1131          }
1132  
1133          if (!$preview || !empty($message_parser->message))
1134          {
1135              $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
1136          }
1137  
1138          // On a refresh we do not care about message parsing errors
1139          if (count($message_parser->warn_msg) && $refresh && !$preview)
1140          {
1141              $message_parser->warn_msg = array();
1142          }
1143      }
1144      else
1145      {
1146          $message_parser->bbcode_bitfield = $post_data['bbcode_bitfield'];
1147      }
1148  
1149      $ignore_flood = $auth->acl_get('u_ignoreflood') ? true : $auth->acl_get('f_ignoreflood', $forum_id);
1150      if ($mode != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$ignore_flood)
1151      {
1152          // Flood check
1153          $last_post_time = 0;
1154  
1155          if ($user->data['is_registered'])
1156          {
1157              $last_post_time = $user->data['user_lastpost_time'];
1158          }
1159          else
1160          {
1161              $sql = 'SELECT post_time AS last_post_time
1162                  FROM ' . POSTS_TABLE . "
1163                  WHERE poster_ip = '" . $user->ip . "'
1164                      AND post_time > " . ($current_time - $config['flood_interval']);
1165              $result = $db->sql_query_limit($sql, 1);
1166              if ($row = $db->sql_fetchrow($result))
1167              {
1168                  $last_post_time = $row['last_post_time'];
1169              }
1170              $db->sql_freeresult($result);
1171          }
1172  
1173          if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval']))
1174          {
1175              $error[] = $user->lang['FLOOD_ERROR'];
1176          }
1177      }
1178  
1179      // Validate username
1180      if (($post_data['username'] && !$user->data['is_registered']) || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username']))
1181      {
1182          if (!function_exists('validate_username'))
1183          {
1184              include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1185          }
1186  
1187          $user->add_lang('ucp');
1188  
1189          if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false)
1190          {
1191              $error[] = $user->lang[$result . '_USERNAME'];
1192          }
1193  
1194          if (($result = validate_string($post_data['username'], false, $config['min_name_chars'], $config['max_name_chars'])) !== false)
1195          {
1196              $min_max_amount = ($result == 'TOO_SHORT') ? $config['min_name_chars'] : $config['max_name_chars'];
1197              $error[] = $user->lang('FIELD_' . $result, $min_max_amount, $user->lang['USERNAME']);
1198          }
1199      }
1200  
1201      if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply')))
1202      {
1203          $captcha_data = array(
1204              'message'    => $request->variable('message', '', true),
1205              'subject'    => $request->variable('subject', '', true),
1206              'username'    => $request->variable('username', '', true),
1207          );
1208          $vc_response = $captcha->validate($captcha_data);
1209          if ($vc_response)
1210          {
1211              $error[] = $vc_response;
1212          }
1213      }
1214  
1215      // check form
1216      if (($submit || $preview) && !check_form_key('posting'))
1217      {
1218          $error[] = $user->lang['FORM_INVALID'];
1219      }
1220  
1221      if ($submit && $mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED && !$request->is_set_post('delete') && $auth->acl_get('m_approve', $forum_id))
1222      {
1223          $is_first_post = ($post_id <= $post_data['topic_first_post_id'] || !$post_data['topic_posts_approved']);
1224          $is_last_post = ($post_id >= $post_data['topic_last_post_id'] || !$post_data['topic_posts_approved']);
1225          $updated_post_data = $phpbb_content_visibility->set_post_visibility(ITEM_APPROVED, $post_id, $post_data['topic_id'], $post_data['forum_id'], $user->data['user_id'], time(), '', $is_first_post, $is_last_post);
1226  
1227          if (!empty($updated_post_data))
1228          {
1229              // Update the post_data, so we don't need to refetch it.
1230              $post_data = array_merge($post_data, $updated_post_data);
1231          }
1232      }
1233  
1234      // Parse subject
1235      if (!$preview && !$refresh && utf8_clean_string($post_data['post_subject']) === '' && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
1236      {
1237          $error[] = $user->lang['EMPTY_SUBJECT'];
1238      }
1239  
1240      /**
1241       * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR.
1242       * Using their Numeric Character Reference's Hexadecimal notation.
1243       * Check the permissions for posting Emojis first.
1244       */
1245      if ($auth->acl_get('u_emoji'))
1246      {
1247          $post_data['post_subject'] = utf8_encode_ucr($post_data['post_subject']);
1248      }
1249      else
1250      {
1251          /**
1252           * Check for out-of-bounds characters that are currently
1253           * not supported by utf8_bin in MySQL
1254           */
1255          if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $post_data['post_subject'], $matches))
1256          {
1257              $character_list = implode('<br>', $matches[0]);
1258  
1259              $error[] = $user->lang('UNSUPPORTED_CHARACTERS_SUBJECT', $character_list);
1260          }
1261      }
1262  
1263      $post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0;
1264  
1265      if ($post_data['poll_option_text'] &&
1266          ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1267          && $auth->acl_get('f_poll', $forum_id))
1268      {
1269          $poll = array(
1270              'poll_title'        => $post_data['poll_title'],
1271              'poll_length'        => $post_data['poll_length'],
1272              'poll_max_options'    => $post_data['poll_max_options'],
1273              'poll_option_text'    => $post_data['poll_option_text'],
1274              'poll_start'        => $post_data['poll_start'],
1275              'poll_last_vote'    => $post_data['poll_last_vote'],
1276              'poll_vote_change'    => $post_data['poll_vote_change'],
1277              'enable_bbcode'        => $post_data['enable_bbcode'],
1278              'enable_urls'        => $post_data['enable_urls'],
1279              'enable_smilies'    => $post_data['enable_smilies'],
1280              'img_status'        => $img_status
1281          );
1282  
1283          $message_parser->parse_poll($poll);
1284  
1285          $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array();
1286          $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
1287  
1288          /* We reset votes, therefore also allow removing options
1289          if ($post_data['poll_last_vote'] && ($poll['poll_options_size'] < $orig_poll_options_size))
1290          {
1291              $message_parser->warn_msg[] = $user->lang['NO_DELETE_POLL_OPTIONS'];
1292          }*/
1293      }
1294      else if ($mode == 'edit' && $post_id == $post_data['topic_first_post_id'] && $auth->acl_get('f_poll', $forum_id))
1295      {
1296          // The user removed all poll options, this is equal to deleting the poll.
1297          $poll = array(
1298              'poll_title'        => '',
1299              'poll_length'        => 0,
1300              'poll_max_options'    => 0,
1301              'poll_option_text'    => '',
1302              'poll_start'        => 0,
1303              'poll_last_vote'    => 0,
1304              'poll_vote_change'    => 0,
1305              'poll_options'        => array(),
1306          );
1307  
1308          $post_data['poll_options'] = array();
1309          $post_data['poll_title'] = '';
1310          $post_data['poll_start'] = $post_data['poll_length'] = $post_data['poll_max_options'] = $post_data['poll_last_vote'] = $post_data['poll_vote_change'] = 0;
1311      }
1312      else if (!$auth->acl_get('f_poll', $forum_id) && ($mode == 'edit') && ($post_id == $post_data['topic_first_post_id']) && !$bbcode_utils->is_empty($original_poll_data['poll_title']))
1313      {
1314          // We have a poll but the editing user is not permitted to create/edit it.
1315          // So we just keep the original poll-data.
1316          // Decode the poll title and options text fisrt.
1317          $original_poll_data['poll_title'] = $bbcode_utils->unparse($original_poll_data['poll_title']);
1318          $original_poll_data['poll_option_text'] = $bbcode_utils->unparse($original_poll_data['poll_option_text']);
1319          $original_poll_data['poll_options'] = explode("\n", $original_poll_data['poll_option_text']);
1320  
1321          $poll = array_merge($original_poll_data, array(
1322              'enable_bbcode'        => $post_data['enable_bbcode'],
1323              'enable_urls'        => $post_data['enable_urls'],
1324              'enable_smilies'    => $post_data['enable_smilies'],
1325              'img_status'        => $img_status,
1326          ));
1327  
1328          $message_parser->parse_poll($poll);
1329  
1330          $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array();
1331          $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
1332      }
1333      else
1334      {
1335          $poll = array();
1336      }
1337  
1338      // Check topic type
1339      if ($post_data['topic_type'] != POST_NORMAL && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
1340      {
1341          switch ($post_data['topic_type'])
1342          {
1343              case POST_GLOBAL:
1344                  $auth_option = 'f_announce_global';
1345              break;
1346  
1347              case POST_ANNOUNCE:
1348                  $auth_option = 'f_announce';
1349              break;
1350  
1351              case POST_STICKY:
1352                  $auth_option = 'f_sticky';
1353              break;
1354  
1355              default:
1356                  $auth_option = '';
1357              break;
1358          }
1359  
1360          if ($auth_option != '' && !$auth->acl_get($auth_option, $forum_id))
1361          {
1362              // There is a special case where a user edits his post whereby the topic type got changed by an admin/mod.
1363              // Another case would be a mod not having sticky permissions for example but edit permissions.
1364              if ($mode == 'edit')
1365              {
1366                  // To prevent non-authed users messing around with the topic type we reset it to the original one.
1367                  $post_data['topic_type'] = $post_data['orig_topic_type'];
1368              }
1369              else
1370              {
1371                  $error[] = $user->lang['CANNOT_POST_' . str_replace('F_', '', strtoupper($auth_option))];
1372              }
1373          }
1374      }
1375  
1376      if (count($message_parser->warn_msg))
1377      {
1378          $error[] = implode('<br />', $message_parser->warn_msg);
1379      }
1380  
1381      // DNSBL check
1382      if ($config['check_dnsbl'] && !$refresh)
1383      {
1384          if (($dnsbl = $user->check_dnsbl('post')) !== false)
1385          {
1386              $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
1387          }
1388      }
1389  
1390      /**
1391      * This event allows you to define errors before the post action is performed
1392      *
1393      * @event core.posting_modify_submission_errors
1394      * @var    array    post_data    Array with post data
1395      * @var    array    poll        Array with poll data from post (must be used instead of the post_data equivalent)
1396      * @var    string    mode        What action to take if the form is submitted
1397      *                post|reply|quote|edit|delete|bump|smilies|popup
1398      * @var    int    post_id        ID of the post
1399      * @var    int    topic_id    ID of the topic
1400      * @var    int    forum_id    ID of the forum
1401      * @var    bool    submit        Whether or not the form has been submitted
1402      * @var    array    error        Any error strings; a non-empty array aborts form submission.
1403      *                NOTE: Should be actual language strings, NOT language keys.
1404      * @since 3.1.0-RC5
1405      * @changed 3.1.5-RC1 Added poll array to the event
1406      * @changed 3.2.0-a1 Removed undefined page_title
1407      */
1408      $vars = array(
1409          'post_data',
1410          'poll',
1411          'mode',
1412          'post_id',
1413          'topic_id',
1414          'forum_id',
1415          'submit',
1416          'error',
1417      );
1418      extract($phpbb_dispatcher->trigger_event('core.posting_modify_submission_errors', compact($vars)));
1419  
1420      // Store message, sync counters
1421      if (!count($error) && $submit)
1422      {
1423          if ($submit)
1424          {
1425              // Lock/Unlock Topic
1426              $change_topic_status = $post_data['topic_status'];
1427              $perm_lock_unlock = ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED)) ? true : false;
1428  
1429              if ($post_data['topic_status'] == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock)
1430              {
1431                  $change_topic_status = ITEM_UNLOCKED;
1432              }
1433              else if ($post_data['topic_status'] == ITEM_UNLOCKED && $topic_lock && $perm_lock_unlock)
1434              {
1435                  $change_topic_status = ITEM_LOCKED;
1436              }
1437  
1438              if ($change_topic_status != $post_data['topic_status'])
1439              {
1440                  $sql = 'UPDATE ' . TOPICS_TABLE . "
1441                      SET topic_status = $change_topic_status
1442                      WHERE topic_id = $topic_id
1443                          AND topic_moved_id = 0";
1444                  $db->sql_query($sql);
1445  
1446                  $user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster']) ? 'USER_' : '';
1447  
1448                  $phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), false, array(
1449                      'forum_id' => $forum_id,
1450                      'topic_id' => $topic_id,
1451                      $post_data['topic_title']
1452                  ));
1453              }
1454  
1455              // Lock/Unlock Post Edit
1456              if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id))
1457              {
1458                  $post_data['post_edit_locked'] = ITEM_UNLOCKED;
1459              }
1460              else if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id))
1461              {
1462                  $post_data['post_edit_locked'] = ITEM_LOCKED;
1463              }
1464  
1465              $data = array(
1466                  'topic_title'            => (empty($post_data['topic_title'])) ? $post_data['post_subject'] : $post_data['topic_title'],
1467                  'topic_first_post_id'    => (isset($post_data['topic_first_post_id'])) ? (int) $post_data['topic_first_post_id'] : 0,
1468                  'topic_last_post_id'    => (isset($post_data['topic_last_post_id'])) ? (int) $post_data['topic_last_post_id'] : 0,
1469                  'topic_time_limit'        => (int) $post_data['topic_time_limit'],
1470                  'topic_attachment'        => (isset($post_data['topic_attachment'])) ? (int) $post_data['topic_attachment'] : 0,
1471                  'post_id'                => (int) $post_id,
1472                  'topic_id'                => (int) $topic_id,
1473                  'forum_id'                => (int) $forum_id,
1474                  'icon_id'                => (int) $post_data['icon_id'],
1475                  'poster_id'                => (int) $post_data['poster_id'],
1476                  'enable_sig'            => (bool) $post_data['enable_sig'],
1477                  'enable_bbcode'            => (bool) $post_data['enable_bbcode'],
1478                  'enable_smilies'        => (bool) $post_data['enable_smilies'],
1479                  'enable_urls'            => (bool) $post_data['enable_urls'],
1480                  'enable_indexing'        => (bool) $post_data['enable_indexing'],
1481                  'message_md5'            => (string) $message_md5,
1482                  'post_checksum'            => (isset($post_data['post_checksum'])) ? (string) $post_data['post_checksum'] : '',
1483                  'post_edit_reason'        => $post_data['post_edit_reason'],
1484                  'post_edit_user'        => ($mode == 'edit') ? $user->data['user_id'] : ((isset($post_data['post_edit_user'])) ? (int) $post_data['post_edit_user'] : 0),
1485                  'forum_parents'            => $post_data['forum_parents'],
1486                  'forum_name'            => $post_data['forum_name'],
1487                  'notify'                => $notify,
1488                  'notify_set'            => $post_data['notify_set'],
1489                  'poster_ip'                => (isset($post_data['poster_ip'])) ? $post_data['poster_ip'] : $user->ip,
1490                  'post_edit_locked'        => (int) $post_data['post_edit_locked'],
1491                  'bbcode_bitfield'        => $message_parser->bbcode_bitfield,
1492                  'bbcode_uid'            => $message_parser->bbcode_uid,
1493                  'message'                => $message_parser->message,
1494                  'attachment_data'        => $message_parser->attachment_data,
1495                  'filename_data'            => $message_parser->filename_data,
1496                  'topic_status'            => $post_data['topic_status'],
1497  
1498                  'topic_visibility'            => (isset($post_data['topic_visibility'])) ? $post_data['topic_visibility'] : false,
1499                  'post_visibility'            => (isset($post_data['post_visibility'])) ? $post_data['post_visibility'] : false,
1500              );
1501  
1502              if ($mode == 'edit')
1503              {
1504                  $data['topic_posts_approved'] = $post_data['topic_posts_approved'];
1505                  $data['topic_posts_unapproved'] = $post_data['topic_posts_unapproved'];
1506                  $data['topic_posts_softdeleted'] = $post_data['topic_posts_softdeleted'];
1507              }
1508  
1509              // Only return the username when it is either a guest posting or we are editing a post and
1510              // the username was supplied; otherwise post_data might hold the data of the post that is
1511              // being quoted (which could result in the username being returned being that of the quoted
1512              // post's poster, not the poster of the current post). See: PHPBB3-11769 for more information.
1513              $post_author_name = ((!$user->data['is_registered'] || $mode == 'edit') && $post_data['username'] !== '') ? $post_data['username'] : '';
1514  
1515              /**
1516              * This event allows you to define errors before the post action is performed
1517              *
1518              * @event core.posting_modify_submit_post_before
1519              * @var    array    post_data    Array with post data
1520              * @var    array    poll        Array with poll data
1521              * @var    array    data        Array with post data going to be stored in the database
1522              * @var    string    mode        What action to take if the form is submitted
1523              *                post|reply|quote|edit|delete
1524              * @var    int    post_id        ID of the post
1525              * @var    int    topic_id    ID of the topic
1526              * @var    int    forum_id    ID of the forum
1527              * @var    string    post_author_name    Author name for guest posts
1528              * @var    bool    update_message        Boolean if the post message was changed
1529              * @var    bool    update_subject        Boolean if the post subject was changed
1530              *                NOTE: Should be actual language strings, NOT language keys.
1531              * @since 3.1.0-RC5
1532              * @changed 3.1.6-RC1 remove submit and error from event  Submit and Error are checked previously prior to running event
1533              * @change 3.2.0-a1 Removed undefined page_title
1534              */
1535              $vars = array(
1536                  'post_data',
1537                  'poll',
1538                  'data',
1539                  'mode',
1540                  'post_id',
1541                  'topic_id',
1542                  'forum_id',
1543                  'post_author_name',
1544                  'update_message',
1545                  'update_subject',
1546              );
1547              extract($phpbb_dispatcher->trigger_event('core.posting_modify_submit_post_before', compact($vars)));
1548  
1549              // The last parameter tells submit_post if search indexer has to be run
1550              $redirect_url = submit_post($mode, $post_data['post_subject'], $post_author_name, $post_data['topic_type'], $poll, $data, $update_message, ($update_message || $update_subject) ? true : false);
1551  
1552              /**
1553              * This event allows you to define errors after the post action is performed
1554              *
1555              * @event core.posting_modify_submit_post_after
1556              * @var    array    post_data    Array with post data
1557              * @var    array    poll        Array with poll data
1558              * @var    array    data        Array with post data going to be stored in the database
1559              * @var    string    mode        What action to take if the form is submitted
1560              *                post|reply|quote|edit|delete
1561              * @var    int    post_id        ID of the post
1562              * @var    int    topic_id    ID of the topic
1563              * @var    int    forum_id    ID of the forum
1564              * @var    string    post_author_name    Author name for guest posts
1565              * @var    bool    update_message        Boolean if the post message was changed
1566              * @var    bool    update_subject        Boolean if the post subject was changed
1567              * @var    string    redirect_url        URL the user is going to be redirected to
1568              *                NOTE: Should be actual language strings, NOT language keys.
1569              * @since 3.1.0-RC5
1570              * @changed 3.1.6-RC1 remove submit and error from event  Submit and Error are checked previously prior to running event
1571              * @change 3.2.0-a1 Removed undefined page_title
1572              */
1573              $vars = array(
1574                  'post_data',
1575                  'poll',
1576                  'data',
1577                  'mode',
1578                  'post_id',
1579                  'topic_id',
1580                  'forum_id',
1581                  'post_author_name',
1582                  'update_message',
1583                  'update_subject',
1584                  'redirect_url',
1585              );
1586              extract($phpbb_dispatcher->trigger_event('core.posting_modify_submit_post_after', compact($vars)));
1587  
1588              if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === true) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
1589              {
1590                  $captcha->reset();
1591              }
1592  
1593              // Handle delete mode...
1594              if ($request->is_set_post('delete_permanent') || ($request->is_set_post('delete') && $post_data['post_visibility'] != ITEM_DELETED))
1595              {
1596                  $delete_reason = $request->variable('delete_reason', '', true);
1597                  phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, !$request->is_set_post('delete_permanent'), $delete_reason);
1598                  return;
1599              }
1600  
1601              // Check the permissions for post approval.
1602              // Moderators must go through post approval like ordinary users.
1603              if ((!$auth->acl_get('f_noapprove', $data['forum_id']) && empty($data['force_approved_state'])) || (isset($data['force_approved_state']) && !$data['force_approved_state']))
1604              {
1605                  meta_refresh(10, $redirect_url);
1606                  $message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD'];
1607                  $message .= (($user->data['user_id'] == ANONYMOUS) ? '' : ' '. $user->lang['POST_APPROVAL_NOTIFY']);
1608                  $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $data['forum_id']) . '">', '</a>');
1609                  trigger_error($message);
1610              }
1611  
1612              redirect($redirect_url);
1613          }
1614      }
1615  }
1616  
1617  // Preview
1618  if (!count($error) && $preview)
1619  {
1620      $post_data['post_time'] = ($mode == 'edit') ? $post_data['post_time'] : $current_time;
1621  
1622      $preview_message = $message_parser->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies'], false);
1623  
1624      $preview_signature = ($mode == 'edit') ? $post_data['user_sig'] : $user->data['user_sig'];
1625      $preview_signature_uid = ($mode == 'edit') ? $post_data['user_sig_bbcode_uid'] : $user->data['user_sig_bbcode_uid'];
1626      $preview_signature_bitfield = ($mode == 'edit') ? $post_data['user_sig_bbcode_bitfield'] : $user->data['user_sig_bbcode_bitfield'];
1627  
1628      // Signature
1629      if ($post_data['enable_sig'] && $config['allow_sig'] && $preview_signature && $auth->acl_get('f_sigs', $forum_id))
1630      {
1631          $flags = ($config['allow_sig_bbcode']) ? OPTION_FLAG_BBCODE : 0;
1632          $flags |= ($config['allow_sig_links']) ? OPTION_FLAG_LINKS : 0;
1633          $flags |= ($config['allow_sig_smilies']) ? OPTION_FLAG_SMILIES : 0;
1634  
1635          $preview_signature = generate_text_for_display($preview_signature, $preview_signature_uid, $preview_signature_bitfield, $flags, false);
1636      }
1637      else
1638      {
1639          $preview_signature = '';
1640      }
1641  
1642      $preview_subject = censor_text($post_data['post_subject']);
1643  
1644      // Poll Preview
1645      if (!$poll_delete && ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1646      && $auth->acl_get('f_poll', $forum_id))
1647      {
1648          $parse_poll = new parse_message($post_data['poll_title']);
1649          $parse_poll->bbcode_uid = $message_parser->bbcode_uid;
1650          $parse_poll->bbcode_bitfield = $message_parser->bbcode_bitfield;
1651  
1652          $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
1653  
1654          if ($post_data['poll_length'])
1655          {
1656              $poll_end = ($post_data['poll_length'] * 86400) + (($post_data['poll_start']) ? $post_data['poll_start'] : time());
1657          }
1658  
1659          $template->assign_vars(array(
1660              'S_HAS_POLL_OPTIONS'    => (count($post_data['poll_options'])),
1661              'S_IS_MULTI_CHOICE'        => ($post_data['poll_max_options'] > 1) ? true : false,
1662  
1663              'POLL_QUESTION'        => $parse_poll->message,
1664  
1665              'L_POLL_LENGTH'        => ($post_data['poll_length']) ? sprintf($user->lang['POLL_RUN_TILL'], $user->format_date($poll_end)) : '',
1666              'L_MAX_VOTES'        => $user->lang('MAX_OPTIONS_SELECT', (int) $post_data['poll_max_options']),
1667          ));
1668  
1669          $preview_poll_options = array();
1670          foreach ($post_data['poll_options'] as $poll_option)
1671          {
1672              $parse_poll->message = $poll_option;
1673              $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
1674              $preview_poll_options[] = $parse_poll->message;
1675          }
1676          unset($parse_poll);
1677  
1678          foreach ($preview_poll_options as $key => $option)
1679          {
1680              $template->assign_block_vars('poll_option', array(
1681                  'POLL_OPTION_CAPTION'    => $option,
1682                  'POLL_OPTION_ID'        => $key + 1)
1683              );
1684          }
1685          unset($preview_poll_options);
1686      }
1687  
1688      // Attachment Preview
1689      if (count($message_parser->attachment_data))
1690      {
1691          $template->assign_var('S_HAS_ATTACHMENTS', true);
1692  
1693          $update_count = array();
1694          $attachment_data = $message_parser->attachment_data;
1695  
1696          parse_attachments($forum_id, $preview_message, $attachment_data, $update_count, true);
1697  
1698          foreach ($attachment_data as $i => $attachment)
1699          {
1700              $template->assign_block_vars('attachment', array(
1701                  'DISPLAY_ATTACHMENT'    => $attachment)
1702              );
1703          }
1704          unset($attachment_data);
1705      }
1706  
1707      if (!count($error))
1708      {
1709          $template->assign_vars(array(
1710              'PREVIEW_SUBJECT'        => $preview_subject,
1711              'PREVIEW_MESSAGE'        => $preview_message,
1712              'PREVIEW_SIGNATURE'        => $preview_signature,
1713  
1714              'S_DISPLAY_PREVIEW'        => !empty($preview_message),
1715          ));
1716      }
1717  }
1718  
1719  // Remove quotes that would become nested too deep before decoding the text
1720  $generate_quote = ($mode == 'quote' && !$submit && !$preview && !$refresh);
1721  if ($generate_quote && $config['max_quote_depth'] > 0)
1722  {
1723      $tmp_bbcode_uid = $message_parser->bbcode_uid;
1724      $message_parser->bbcode_uid = $post_data['bbcode_uid'];
1725      $message_parser->remove_nested_quotes($config['max_quote_depth'] - 1);
1726      $message_parser->bbcode_uid = $tmp_bbcode_uid;
1727  }
1728  
1729  // Decode text for message display
1730  $post_data['bbcode_uid'] = ($mode == 'quote' && !$preview && !$refresh && !count($error)) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid;
1731  $message_parser->decode_message($post_data['bbcode_uid']);
1732  
1733  if ($generate_quote)
1734  {
1735      // Remove attachment bbcode tags from the quoted message to avoid mixing with the new post attachments if any
1736      $message_parser->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#uis', '\\2', $message_parser->message);
1737  
1738      $quote_attributes = array(
1739                          'author'  => $post_data['quote_username'],
1740                          'post_id' => $post_data['post_id'],
1741                          'time'    => $post_data['post_time'],
1742                          'user_id' => $post_data['poster_id'],
1743      );
1744  
1745      /**
1746      * This event allows you to modify the quote attributes of the post being quoted
1747      *
1748      * @event core.posting_modify_quote_attributes
1749      * @var    array    quote_attributes    Array with quote attributes
1750      * @var    array    post_data            Array with post data
1751      * @since 3.2.6-RC1
1752      */
1753      $vars = array(
1754          'quote_attributes',
1755          'post_data',
1756      );
1757      extract($phpbb_dispatcher->trigger_event('core.posting_modify_quote_attributes', compact($vars)));
1758  
1759      /** @var \phpbb\language\language $language */
1760      $language = $phpbb_container->get('language');
1761      phpbb_format_quote($language, $message_parser, $bbcode_utils, $bbcode_status, $quote_attributes);
1762  }
1763  
1764  if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh)
1765  {
1766      $post_data['post_subject'] = ((strpos($post_data['post_subject'], 'Re: ') !== 0) ? 'Re: ' : '') . censor_text($post_data['post_subject']);
1767  
1768      $post_subject = $post_data['post_subject'];
1769  
1770      /**
1771      * This event allows you to modify the post subject of the post being quoted
1772      *
1773      * @event core.posting_modify_post_subject
1774      * @var    string        post_subject    String with the post subject already censored.
1775      * @since 3.2.8-RC1
1776      */
1777      $vars = array('post_subject');
1778      extract($phpbb_dispatcher->trigger_event('core.posting_modify_post_subject', compact($vars)));
1779  
1780      $post_data['post_subject'] = $post_subject;
1781  }
1782  
1783  $attachment_data = $message_parser->attachment_data;
1784  $filename_data = $message_parser->filename_data;
1785  $post_data['post_text'] = $message_parser->message;
1786  
1787  if (count($post_data['poll_options']) || (isset($post_data['poll_title']) && !$bbcode_utils->is_empty($post_data['poll_title'])))
1788  {
1789      $message_parser->message = $post_data['poll_title'];
1790      $message_parser->bbcode_uid = $post_data['bbcode_uid'];
1791  
1792      $message_parser->decode_message();
1793      $post_data['poll_title'] = $message_parser->message;
1794  
1795      $message_parser->message = implode("\n", $post_data['poll_options']);
1796      $message_parser->decode_message();
1797      $post_data['poll_options'] = explode("\n", $message_parser->message);
1798  }
1799  
1800  // MAIN POSTING PAGE BEGINS HERE
1801  
1802  // Forum moderators?
1803  $moderators = array();
1804  if ($config['load_moderators'])
1805  {
1806      get_moderators($moderators, $forum_id);
1807  }
1808  
1809  // Generate smiley listing
1810  generate_smilies('inline', $forum_id);
1811  
1812  // Generate inline attachment select box
1813  posting_gen_inline_attachments($attachment_data);
1814  
1815  // Do show topic type selection only in first post.
1816  $topic_type_toggle = false;
1817  
1818  if ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']))
1819  {
1820      $topic_type_toggle = posting_gen_topic_types($forum_id, $post_data['topic_type']);
1821  }
1822  
1823  $s_topic_icons = false;
1824  if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id))
1825  {
1826      $s_topic_icons = posting_gen_topic_icons($mode, $post_data['icon_id']);
1827  }
1828  
1829  $bbcode_checked        = (isset($post_data['enable_bbcode'])) ? !$post_data['enable_bbcode'] : (($config['allow_bbcode']) ? !$user->optionget('bbcode') : 1);
1830  $smilies_checked    = (isset($post_data['enable_smilies'])) ? !$post_data['enable_smilies'] : (($config['allow_smilies']) ? !$user->optionget('smilies') : 1);
1831  $urls_checked        = (isset($post_data['enable_urls'])) ? !$post_data['enable_urls'] : 0;
1832  $sig_checked        = $post_data['enable_sig'];
1833  $lock_topic_checked    = (isset($topic_lock) && $topic_lock) ? $topic_lock : (($post_data['topic_status'] == ITEM_LOCKED) ? 1 : 0);
1834  $lock_post_checked    = (isset($post_lock)) ? $post_lock : $post_data['post_edit_locked'];
1835  
1836  // If the user is replying or posting and not already watching this topic but set to always being notified we need to overwrite this setting
1837  $notify_set            = ($mode != 'edit' && $config['allow_topic_notify'] && $user->data['is_registered'] && !$post_data['notify_set']) ? $user->data['user_notify'] : $post_data['notify_set'];
1838  $notify_checked        = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);
1839  
1840  // Page title & action URL
1841  $s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode");
1842  
1843  switch ($mode)
1844  {
1845      case 'post':
1846          $s_action .= $forum_id ? "&amp;f=$forum_id" : '';
1847          $page_title = $user->lang['POST_TOPIC'];
1848      break;
1849  
1850      case 'reply':
1851          $s_action .= $topic_id ? "&amp;t=$topic_id" : '';
1852          $page_title = $user->lang['POST_REPLY'];
1853      break;
1854  
1855      case 'quote':
1856          $s_action .= $post_id ? "&amp;p=$post_id" : '';
1857          $page_title = $user->lang['POST_REPLY'];
1858      break;
1859  
1860      case 'delete':
1861      case 'edit':
1862          $s_action .= $post_id ? "&amp;p=$post_id" : '';
1863          $page_title = $user->lang['EDIT_POST'];
1864      break;
1865  }
1866  
1867  // Build Navigation Links
1868  generate_forum_nav($post_data);
1869  
1870  // Build Forum Rules
1871  generate_forum_rules($post_data);
1872  
1873  // Posting uses is_solved for legacy reasons. Plugins have to use is_solved to force themselves to be displayed.
1874  if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === false) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
1875  {
1876  
1877      $template->assign_vars(array(
1878          'S_CONFIRM_CODE'            => true,
1879          'CAPTCHA_TEMPLATE'            => $captcha->get_template(),
1880      ));
1881  }
1882  
1883  $s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $post_data['topic_last_post_id'] . '" />' : '';
1884  $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . $request->variable('draft_loaded', $draft_id) . '" />' : '';
1885  
1886  if ($mode == 'edit')
1887  {
1888      $s_hidden_fields .= build_hidden_fields(array(
1889          'edit_post_message_checksum'    => $post_data['post_checksum'],
1890          'edit_post_subject_checksum'    => $post_data['post_subject_md5'],
1891      ));
1892  }
1893  
1894  // Add the confirm id/code pair to the hidden fields, else an error is displayed on next submit/preview
1895  if (isset($captcha) && $captcha->is_solved() !== false)
1896  {
1897      $s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields());
1898  }
1899  
1900  $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_attachments'] || !$auth->acl_get('u_attach') || !$auth->acl_get('f_attach', $forum_id)) ? '' : ' enctype="multipart/form-data"';
1901  add_form_key('posting');
1902  
1903  /** @var \phpbb\controller\helper $controller_helper */
1904  $controller_helper = $phpbb_container->get('controller.helper');
1905  
1906  // Build array of variables for main posting page
1907  $page_data = array(
1908      'L_POST_A'                    => $page_title,
1909      'L_ICON'                    => ($mode == 'reply' || $mode == 'quote' || ($mode == 'edit' && $post_id != $post_data['topic_first_post_id'])) ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'],
1910      'L_MESSAGE_BODY_EXPLAIN'    => $user->lang('MESSAGE_BODY_EXPLAIN', (int) $config['max_post_chars']),
1911      'L_DELETE_POST_PERMANENTLY'    => $user->lang('DELETE_POST_PERMANENTLY', 1),
1912  
1913      'FORUM_NAME'            => $post_data['forum_name'],
1914      'FORUM_DESC'            => ($post_data['forum_desc']) ? generate_text_for_display($post_data['forum_desc'], $post_data['forum_desc_uid'], $post_data['forum_desc_bitfield'], $post_data['forum_desc_options']) : '',
1915      'TOPIC_TITLE'            => censor_text($post_data['topic_title']),
1916      'MODERATORS'            => (count($moderators)) ? implode($user->lang['COMMA_SEPARATOR'], $moderators[$forum_id]) : '',
1917      'USERNAME'                => ((!$preview && $mode != 'quote') || $preview) ? $post_data['username'] : '',
1918      'SUBJECT'                => $post_data['post_subject'],
1919      'MESSAGE'                => $post_data['post_text'],
1920      'BBCODE_STATUS'            => $user->lang(($bbcode_status ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '<a href="' . $controller_helper->route('phpbb_help_bbcode_controller') . '">', '</a>'),
1921      'IMG_STATUS'            => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
1922      'FLASH_STATUS'            => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
1923      'SMILIES_STATUS'        => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
1924      'URL_STATUS'            => ($bbcode_status && $url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
1925      'MAX_FONT_SIZE'            => (int) $config['max_post_font_size'],
1926      'MINI_POST_IMG'            => $user->img('icon_post_target', $user->lang['POST']),
1927      'POST_DATE'                => ($post_data['post_time']) ? $user->format_date($post_data['post_time']) : '',
1928      'ERROR'                    => (count($error)) ? implode('<br />', $error) : '',
1929      'TOPIC_TIME_LIMIT'        => (int) $post_data['topic_time_limit'],
1930      'EDIT_REASON'            => $request->variable('edit_reason', '', true),
1931      'SHOW_PANEL'            => $request->variable('show_panel', ''),
1932      'U_VIEW_FORUM'            => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"),
1933      'U_VIEW_TOPIC'            => ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t=$topic_id") : '',
1934      'U_PROGRESS_BAR'        => append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&amp;mode=popup"),
1935      'UA_PROGRESS_BAR'        => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&amp;mode=popup")),
1936  
1937      'S_PRIVMSGS'                => false,
1938      'S_CLOSE_PROGRESS_WINDOW'    => (isset($_POST['add_file'])) ? true : false,
1939      'S_EDIT_POST'                => ($mode == 'edit') ? true : false,
1940      'S_EDIT_REASON'                => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
1941      'S_DISPLAY_USERNAME'        => (!$user->data['is_registered'] || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS)) ? true : false,
1942      'S_SHOW_TOPIC_ICONS'        => $s_topic_icons,
1943      'S_DELETE_ALLOWED'            => ($mode == 'edit' && (($post_id == $post_data['topic_last_post_id'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])) || $auth->acl_get('m_delete', $forum_id))) ? true : false,
1944      'S_BBCODE_ALLOWED'            => ($bbcode_status) ? 1 : 0,
1945      'S_BBCODE_CHECKED'            => ($bbcode_checked) ? ' checked="checked"' : '',
1946      'S_SMILIES_ALLOWED'            => $smilies_status,
1947      'S_SMILIES_CHECKED'            => ($smilies_checked) ? ' checked="checked"' : '',
1948      'S_SIG_ALLOWED'                => ($auth->acl_get('f_sigs', $forum_id) && $config['allow_sig'] && $user->data['is_registered']) ? true : false,
1949      'S_SIGNATURE_CHECKED'        => ($sig_checked) ? ' checked="checked"' : '',
1950      'S_NOTIFY_ALLOWED'            => (!$user->data['is_registered'] || ($mode == 'edit' && $user->data['user_id'] != $post_data['poster_id']) || !$config['allow_topic_notify'] || !$config['email_enable']) ? false : true,
1951      'S_NOTIFY_CHECKED'            => ($notify_checked) ? ' checked="checked"' : '',
1952      'S_LOCK_TOPIC_ALLOWED'        => (($mode == 'edit' || $mode == 'reply' || $mode == 'quote' || $mode == 'post') && ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED))) ? true : false,
1953      'S_LOCK_TOPIC_CHECKED'        => ($lock_topic_checked) ? ' checked="checked"' : '',
1954      'S_LOCK_POST_ALLOWED'        => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
1955      'S_LOCK_POST_CHECKED'        => ($lock_post_checked) ? ' checked="checked"' : '',
1956      'S_SOFTDELETE_CHECKED'        => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? ' checked="checked"' : '',
1957      'S_SOFTDELETE_ALLOWED'        => ($mode == 'edit' && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $lock_post_checked) && $post_id == $post_data['topic_last_post_id'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])) ? true : false,
1958      'S_RESTORE_ALLOWED'            => $auth->acl_get('m_approve', $forum_id),
1959      'S_IS_DELETED'                => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? true : false,
1960      'S_LINKS_ALLOWED'            => $url_status,
1961      'S_MAGIC_URL_CHECKED'        => ($urls_checked) ? ' checked="checked"' : '',
1962      'S_TYPE_TOGGLE'                => $topic_type_toggle,
1963      'S_SAVE_ALLOWED'            => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $mode != 'edit') ? true : false,
1964      'S_HAS_DRAFTS'                => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $post_data['drafts']) ? true : false,
1965      'S_FORM_ENCTYPE'            => $form_enctype,
1966  
1967      'S_BBCODE_IMG'            => $img_status,
1968      'S_BBCODE_URL'            => $url_status,
1969      'S_BBCODE_FLASH'        => $flash_status,
1970      'S_BBCODE_QUOTE'        => $quote_status,
1971  
1972      'S_POST_ACTION'            => $s_action,
1973      'S_HIDDEN_FIELDS'        => $s_hidden_fields,
1974      'S_ATTACH_DATA'            => json_encode($message_parser->attachment_data),
1975      'S_IN_POSTING'            => true,
1976  );
1977  
1978  // Build custom bbcodes array
1979  display_custom_bbcodes();
1980  
1981  // Poll entry
1982  if (($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1983      && $auth->acl_get('f_poll', $forum_id))
1984  {
1985      $page_data = array_merge($page_data, array(
1986          'S_SHOW_POLL_BOX'        => true,
1987          'S_POLL_VOTE_CHANGE'    => ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id)),
1988          'S_POLL_DELETE'            => ($mode == 'edit' && count($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))),
1989          'S_POLL_DELETE_CHECKED'    => (!empty($poll_delete)) ? true : false,
1990  
1991          'L_POLL_OPTIONS_EXPLAIN'    => $user->lang('POLL_OPTIONS_' . (($mode == 'edit') ? 'EDIT_' : '') . 'EXPLAIN', (int) $config['max_poll_options']),
1992  
1993          'VOTE_CHANGE_CHECKED'    => (!empty($post_data['poll_vote_change'])) ? ' checked="checked"' : '',
1994          'POLL_TITLE'            => (isset($post_data['poll_title'])) ? $post_data['poll_title'] : '',
1995          'POLL_OPTIONS'            => (!empty($post_data['poll_options'])) ? implode("\n", $post_data['poll_options']) : '',
1996          'POLL_MAX_OPTIONS'        => (isset($post_data['poll_max_options'])) ? (int) $post_data['poll_max_options'] : 1,
1997          'POLL_LENGTH'            => $post_data['poll_length'],
1998          )
1999      );
2000  }
2001  
2002  /**
2003  * This event allows you to modify template variables for the posting screen
2004  *
2005  * @event core.posting_modify_template_vars
2006  * @var    array    post_data    Array with post data
2007  * @var    array    moderators    Array with forum moderators
2008  * @var    string    mode        What action to take if the form is submitted
2009  *                post|reply|quote|edit|delete|bump|smilies|popup
2010  * @var    string    page_title    Title of the mode page
2011  * @var    bool    s_topic_icons    Whether or not to show the topic icons
2012  * @var    string    form_enctype    If attachments are allowed for this form
2013  *                "multipart/form-data" or empty string
2014  * @var    string    s_action    The URL to submit the POST data to
2015  * @var    string    s_hidden_fields    Concatenated hidden input tags of posting form
2016  * @var    int    post_id        ID of the post
2017  * @var    int    topic_id    ID of the topic
2018  * @var    int    forum_id    ID of the forum
2019  * @var    int    draft_id    ID of the draft
2020  * @var    bool    submit        Whether or not the form has been submitted
2021  * @var    bool    preview        Whether or not the post is being previewed
2022  * @var    bool    save        Whether or not a draft is being saved
2023  * @var    bool    load        Whether or not a draft is being loaded
2024  * @var    bool    cancel        Whether or not to cancel the form (returns to
2025  *                viewtopic or viewforum depending on if the user
2026  *                is posting a new topic or editing a post)
2027  * @var    array    error        Any error strings; a non-empty array aborts
2028  *                form submission.
2029  *                NOTE: Should be actual language strings, NOT
2030  *                language keys.
2031  * @var    bool    refresh        Whether or not to retain previously submitted data
2032  * @var    array    page_data    Posting page data that should be passed to the
2033  *                posting page via $template->assign_vars()
2034  * @var    object    message_parser    The message parser object
2035  * @since 3.1.0-a1
2036  * @changed 3.1.0-b3 Added vars post_data, moderators, mode, page_title,
2037  *        s_topic_icons, form_enctype, s_action, s_hidden_fields,
2038  *        post_id, topic_id, forum_id, submit, preview, save, load,
2039  *        delete, cancel, refresh, error, page_data, message_parser
2040  * @changed 3.1.2-RC1 Removed 'delete' var as it does not exist
2041  * @changed 3.1.5-RC1 Added poll variables to the page_data array
2042  * @changed 3.1.6-RC1 Added 'draft_id' var
2043  */
2044  $vars = array(
2045      'post_data',
2046      'moderators',
2047      'mode',
2048      'page_title',
2049      's_topic_icons',
2050      'form_enctype',
2051      's_action',
2052      's_hidden_fields',
2053      'post_id',
2054      'topic_id',
2055      'forum_id',
2056      'draft_id',
2057      'submit',
2058      'preview',
2059      'save',
2060      'load',
2061      'cancel',
2062      'refresh',
2063      'error',
2064      'page_data',
2065      'message_parser',
2066  );
2067  extract($phpbb_dispatcher->trigger_event('core.posting_modify_template_vars', compact($vars)));
2068  
2069  // Start assigning vars for main posting page ...
2070  $template->assign_vars($page_data);
2071  
2072  // Show attachment box for adding attachments if true
2073  $allowed = ($auth->acl_get('f_attach', $forum_id) && $auth->acl_get('u_attach') && $config['allow_attachments'] && $form_enctype);
2074  
2075  if ($allowed)
2076  {
2077      $max_files = ($auth->acl_get('a_') || $auth->acl_get('m_', $forum_id)) ? 0 : (int) $config['max_attachments'];
2078      $plupload->configure($cache, $template, $s_action, $forum_id, $max_files);
2079  }
2080  
2081  // Attachment entry
2082  posting_gen_attachment_entry($attachment_data, $filename_data, $allowed, $forum_id);
2083  
2084  // Output page ...
2085  page_header($page_title);
2086  
2087  $template->set_filenames(array(
2088      'body' => 'posting_body.html')
2089  );
2090  
2091  make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx"));
2092  
2093  // Topic review
2094  if ($mode == 'reply' || $mode == 'quote')
2095  {
2096      if (topic_review($topic_id, $forum_id))
2097      {
2098          $template->assign_var('S_DISPLAY_REVIEW', true);
2099      }
2100  }
2101  
2102  page_footer();


Generated: Thu Mar 24 21:31:15 2022 Cross-referenced by PHPXref 0.7.1