[ Index ]

PHP Cross Reference of phpBB-3.3.0-deutsch

title

Body

[close]

/ -> posting.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  define('IN_PHPBB', true);
  18  $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
  19  $phpEx = substr(strrchr(__FILE__, '.'), 1);
  20  include($phpbb_root_path . 'common.' . $phpEx);
  21  include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
  22  include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
  23  include($phpbb_root_path . 'includes/message_parser.' . $phpEx);
  24  
  25  
  26  // Start session management
  27  $user->session_begin();
  28  $auth->acl($user->data);
  29  
  30  
  31  // Grab only parameters needed here
  32  $post_id    = $request->variable('p', 0);
  33  $topic_id    = $request->variable('t', 0);
  34  $forum_id    = $request->variable('f', 0);
  35  $draft_id    = $request->variable('d', 0);
  36  
  37  $preview    = (isset($_POST['preview'])) ? true : false;
  38  $save        = (isset($_POST['save'])) ? true : false;
  39  $load        = (isset($_POST['load'])) ? true : false;
  40  $confirm    = $request->is_set_post('confirm');
  41  $cancel        = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false;
  42  
  43  $refresh    = (isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $preview);
  44  $submit = $request->is_set_post('post') && !$refresh && !$preview;
  45  $mode        = $request->variable('mode', '');
  46  
  47  // If the user is not allowed to delete the post, we try to soft delete it, so we overwrite the mode here.
  48  if ($mode == 'delete' && (($confirm && !$request->is_set_post('delete_permanent')) || !$auth->acl_gets('f_delete', 'm_delete', $forum_id)))
  49  {
  50      $mode = 'soft_delete';
  51  }
  52  
  53  $error = $post_data = array();
  54  $current_time = time();
  55  
  56  /**
  57  * This event allows you to alter the above parameters, such as submit and mode
  58  *
  59  * Note: $refresh must be true to retain previously submitted form data.
  60  *
  61  * Note: The template class will not work properly until $user->setup() is
  62  * called, and it has not been called yet. Extensions requiring template
  63  * assignments should use an event that comes later in this file.
  64  *
  65  * @event core.modify_posting_parameters
  66  * @var    int        post_id        ID of the post
  67  * @var    int        topic_id    ID of the topic
  68  * @var    int        forum_id    ID of the forum
  69  * @var    int        draft_id    ID of the draft
  70  * @var    bool    submit        Whether or not the form has been submitted
  71  * @var    bool    preview        Whether or not the post is being previewed
  72  * @var    bool    save        Whether or not a draft is being saved
  73  * @var    bool    load        Whether or not a draft is being loaded
  74  * @var    bool    cancel        Whether or not to cancel the form (returns to
  75  *                            viewtopic or viewforum depending on if the user
  76  *                            is posting a new topic or editing a post)
  77  * @var    bool    refresh        Whether or not to retain previously submitted data
  78  * @var    string    mode        What action to take if the form has been submitted
  79  *                            post|reply|quote|edit|delete|bump|smilies|popup
  80  * @var    array    error        Any error strings; a non-empty array aborts
  81  *                            form submission.
  82  *                            NOTE: Should be actual language strings, NOT
  83  *                            language keys.
  84  * @since 3.1.0-a1
  85  * @changed 3.1.2-RC1            Removed 'delete' var as it does not exist
  86  * @changed 3.2.4-RC1        Remove unused 'lastclick' var
  87  */
  88  $vars = array(
  89      'post_id',
  90      'topic_id',
  91      'forum_id',
  92      'draft_id',
  93      'submit',
  94      'preview',
  95      'save',
  96      'load',
  97      'cancel',
  98      'refresh',
  99      'mode',
 100      'error',
 101  );
 102  extract($phpbb_dispatcher->trigger_event('core.modify_posting_parameters', compact($vars)));
 103  
 104  // Was cancel pressed? If so then redirect to the appropriate page
 105  if ($cancel)
 106  {
 107      $f = ($forum_id) ? 'f=' . $forum_id . '&amp;' : '';
 108      $redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", $f . 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx")));
 109      redirect($redirect);
 110  }
 111  
 112  if (in_array($mode, array('post', 'reply', 'quote', 'edit', 'delete')) && !$forum_id)
 113  {
 114      trigger_error('NO_FORUM');
 115  }
 116  
 117  /* @var $phpbb_content_visibility \phpbb\content_visibility */
 118  $phpbb_content_visibility = $phpbb_container->get('content.visibility');
 119  
 120  // We need to know some basic information in all cases before we do anything.
 121  switch ($mode)
 122  {
 123      case 'post':
 124          $sql = 'SELECT *
 125              FROM ' . FORUMS_TABLE . "
 126              WHERE forum_id = $forum_id";
 127      break;
 128  
 129      case 'bump':
 130      case 'reply':
 131          if (!$topic_id)
 132          {
 133              trigger_error('NO_TOPIC');
 134          }
 135  
 136          // Force forum id
 137          $sql = 'SELECT forum_id
 138              FROM ' . TOPICS_TABLE . '
 139              WHERE topic_id = ' . $topic_id;
 140          $result = $db->sql_query($sql);
 141          $f_id = (int) $db->sql_fetchfield('forum_id');
 142          $db->sql_freeresult($result);
 143  
 144          $forum_id = (!$f_id) ? $forum_id : $f_id;
 145  
 146          $sql = 'SELECT f.*, t.*
 147              FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
 148              WHERE t.topic_id = $topic_id
 149                  AND f.forum_id = t.forum_id
 150                  AND " . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id, 't.');
 151      break;
 152  
 153      case 'quote':
 154      case 'edit':
 155      case 'delete':
 156      case 'soft_delete':
 157          if (!$post_id)
 158          {
 159              $user->setup('posting');
 160              trigger_error('NO_POST');
 161          }
 162  
 163          // Force forum id
 164          $sql = 'SELECT forum_id
 165              FROM ' . POSTS_TABLE . '
 166              WHERE post_id = ' . $post_id;
 167          $result = $db->sql_query($sql);
 168          $f_id = (int) $db->sql_fetchfield('forum_id');
 169          $db->sql_freeresult($result);
 170  
 171          $forum_id = (!$f_id) ? $forum_id : $f_id;
 172  
 173          $sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield
 174              FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u
 175              WHERE p.post_id = $post_id
 176                  AND t.topic_id = p.topic_id
 177                  AND u.user_id = p.poster_id
 178                  AND f.forum_id = t.forum_id
 179                  AND " . $phpbb_content_visibility->get_visibility_sql('post', $forum_id, 'p.');
 180      break;
 181  
 182      case 'smilies':
 183          $sql = '';
 184          generate_smilies('window', $forum_id);
 185      break;
 186  
 187      case 'popup':
 188          if ($forum_id)
 189          {
 190              $sql = 'SELECT forum_style
 191                  FROM ' . FORUMS_TABLE . '
 192                  WHERE forum_id = ' . $forum_id;
 193          }
 194          else
 195          {
 196              phpbb_upload_popup();
 197              return;
 198          }
 199      break;
 200  
 201      default:
 202          $sql = '';
 203      break;
 204  }
 205  
 206  if (!$sql)
 207  {
 208      $user->setup('posting');
 209      trigger_error('NO_POST_MODE');
 210  }
 211  
 212  $result = $db->sql_query($sql);
 213  $post_data = $db->sql_fetchrow($result);
 214  $db->sql_freeresult($result);
 215  
 216  if (!$post_data)
 217  {
 218      if (!($mode == 'post' || $mode == 'bump' || $mode == 'reply'))
 219      {
 220          $user->setup('posting');
 221      }
 222      trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST');
 223  }
 224  
 225  /**
 226  * This event allows you to bypass reply/quote test of an unapproved post.
 227  *
 228  * @event core.posting_modify_row_data
 229  * @var    array    post_data    All post data from database
 230  * @var    string    mode        What action to take if the form has been submitted
 231  *                            post|reply|quote|edit|delete|bump|smilies|popup
 232  * @var    int        topic_id    ID of the topic
 233  * @var    int        forum_id    ID of the forum
 234  * @since 3.2.8-RC1
 235  */
 236  $vars = array(
 237      'post_data',
 238      'mode',
 239      'topic_id',
 240      'forum_id',
 241  );
 242  extract($phpbb_dispatcher->trigger_event('core.posting_modify_row_data', compact($vars)));
 243  
 244  // Not able to reply to unapproved posts/topics
 245  // TODO: add more descriptive language key
 246  if ($auth->acl_get('m_approve', $forum_id) && ((($mode == 'reply' || $mode == 'bump') && $post_data['topic_visibility'] != ITEM_APPROVED) || ($mode == 'quote' && $post_data['post_visibility'] != ITEM_APPROVED)))
 247  {
 248      trigger_error(($mode == 'reply' || $mode == 'bump') ? 'TOPIC_UNAPPROVED' : 'POST_UNAPPROVED');
 249  }
 250  
 251  if ($mode == 'popup')
 252  {
 253      phpbb_upload_popup($post_data['forum_style']);
 254      return;
 255  }
 256  
 257  $user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
 258  
 259  // Use post_row values in favor of submitted ones...
 260  $forum_id    = (!empty($post_data['forum_id'])) ? (int) $post_data['forum_id'] : (int) $forum_id;
 261  $topic_id    = (!empty($post_data['topic_id'])) ? (int) $post_data['topic_id'] : (int) $topic_id;
 262  $post_id    = (!empty($post_data['post_id'])) ? (int) $post_data['post_id'] : (int) $post_id;
 263  
 264  // Need to login to passworded forum first?
 265  if ($post_data['forum_password'])
 266  {
 267      login_forum_box(array(
 268          'forum_id'            => $forum_id,
 269          'forum_name'        => $post_data['forum_name'],
 270          'forum_password'    => $post_data['forum_password'])
 271      );
 272  }
 273  
 274  // Check permissions
 275  if ($user->data['is_bot'])
 276  {
 277      redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 278  }
 279  
 280  // Is the user able to read within this forum?
 281  if (!$auth->acl_get('f_read', $forum_id))
 282  {
 283      if ($user->data['user_id'] != ANONYMOUS)
 284      {
 285          trigger_error('USER_CANNOT_READ');
 286      }
 287      $message = $user->lang['LOGIN_EXPLAIN_POST'];
 288  
 289      if ($request->is_ajax())
 290      {
 291          $json = new phpbb\json_response();
 292          $json->send(array(
 293              'title'        => $user->lang['INFORMATION'],
 294              'message'    => $message,
 295          ));
 296      }
 297  
 298      login_box('', $message);
 299  }
 300  
 301  // Permission to do the action asked?
 302  $is_authed = false;
 303  
 304  switch ($mode)
 305  {
 306      case 'post':
 307          if ($auth->acl_get('f_post', $forum_id))
 308          {
 309              $is_authed = true;
 310          }
 311      break;
 312  
 313      case 'bump':
 314          if ($auth->acl_get('f_bump', $forum_id))
 315          {
 316              $is_authed = true;
 317          }
 318      break;
 319  
 320      case 'quote':
 321  
 322          $post_data['post_edit_locked'] = 0;
 323  
 324      // no break;
 325  
 326      case 'reply':
 327          if ($auth->acl_get('f_reply', $forum_id))
 328          {
 329              $is_authed = true;
 330          }
 331      break;
 332  
 333      case 'edit':
 334          if ($user->data['is_registered'] && $auth->acl_gets('f_edit', 'm_edit', $forum_id))
 335          {
 336              $is_authed = true;
 337          }
 338      break;
 339  
 340      case 'delete':
 341          if ($user->data['is_registered'] && ($auth->acl_get('m_delete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id))))
 342          {
 343              $is_authed = true;
 344          }
 345  
 346      // no break;
 347  
 348      case 'soft_delete':
 349          if (!$is_authed && $user->data['is_registered'] && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $post_data['post_edit_locked']))
 350          {
 351              // Fall back to soft_delete if we have no permissions to delete posts but to soft delete them
 352              $is_authed = true;
 353              $mode = 'soft_delete';
 354          }
 355      break;
 356  }
 357  /**
 358  * This event allows you to do extra auth checks and verify if the user
 359  * has the required permissions
 360  *
 361  * Extensions should only change the error and is_authed variables.
 362  *
 363  * @event core.modify_posting_auth
 364  * @var    int        post_id        ID of the post
 365  * @var    int        topic_id    ID of the topic
 366  * @var    int        forum_id    ID of the forum
 367  * @var    int        draft_id    ID of the draft
 368  * @var    bool    submit        Whether or not the form has been submitted
 369  * @var    bool    preview        Whether or not the post is being previewed
 370  * @var    bool    save        Whether or not a draft is being saved
 371  * @var    bool    load        Whether or not a draft is being loaded
 372  * @var    bool    refresh        Whether or not to retain previously submitted data
 373  * @var    string    mode        What action to take if the form has been submitted
 374  *                            post|reply|quote|edit|delete|bump|smilies|popup
 375  * @var    array    error        Any error strings; a non-empty array aborts
 376  *                            form submission.
 377  *                            NOTE: Should be actual language strings, NOT
 378  *                            language keys.
 379  * @var    bool    is_authed    Does the user have the required permissions?
 380  * @var    array    post_data    All post data from database
 381  * @since 3.1.3-RC1
 382  * @changed 3.1.10-RC1 Added post_data
 383  * @changed 3.2.4-RC1         Remove unused 'lastclick' var
 384  */
 385  $vars = array(
 386      'post_id',
 387      'topic_id',
 388      'forum_id',
 389      'draft_id',
 390      'submit',
 391      'preview',
 392      'save',
 393      'load',
 394      'refresh',
 395      'mode',
 396      'error',
 397      'is_authed',
 398      'post_data',
 399  );
 400  extract($phpbb_dispatcher->trigger_event('core.modify_posting_auth', compact($vars)));
 401  
 402  if (!$is_authed || !empty($error))
 403  {
 404      $check_auth = ($mode == 'quote') ? 'reply' : (($mode == 'soft_delete') ? 'delete' : $mode);
 405  
 406      if ($user->data['is_registered'])
 407      {
 408          trigger_error(empty($error) ? 'USER_CANNOT_' . strtoupper($check_auth) : implode('<br/>', $error));
 409      }
 410      $message = $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)];
 411  
 412      if ($request->is_ajax())
 413      {
 414          $json = new phpbb\json_response();
 415          $json->send(array(
 416              'title'        => $user->lang['INFORMATION'],
 417              'message'    => $message,
 418          ));
 419      }
 420  
 421      login_box('', $message);
 422  }
 423  
 424  if ($config['enable_post_confirm'] && !$user->data['is_registered'])
 425  {
 426      $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']);
 427      $captcha->init(CONFIRM_POST);
 428  }
 429  
 430  // Is the user able to post within this forum?
 431  if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply')))
 432  {
 433      trigger_error('USER_CANNOT_FORUM_POST');
 434  }
 435  
 436  // Forum/Topic locked?
 437  if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED)) && !$auth->acl_get('m_edit', $forum_id))
 438  {
 439      trigger_error(($post_data['forum_status'] == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED');
 440  }
 441  
 442  // Can we edit this post ... if we're a moderator with rights then always yes
 443  // else it depends on editing times, lock status and if we're the correct user
 444  if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id))
 445  {
 446      $force_edit_allowed = false;
 447  
 448      $s_cannot_edit = $user->data['user_id'] != $post_data['poster_id'];
 449      $s_cannot_edit_time = $config['edit_time'] && $post_data['post_time'] <= time() - ($config['edit_time'] * 60);
 450      $s_cannot_edit_locked = $post_data['post_edit_locked'];
 451  
 452      /**
 453      * This event allows you to modify the conditions for the "cannot edit post" checks
 454      *
 455      * @event core.posting_modify_cannot_edit_conditions
 456      * @var    array    post_data    Array with post data
 457      * @var    bool    force_edit_allowed        Allow the user to edit the post (all permissions and conditions are ignored)
 458      * @var    bool    s_cannot_edit            User can not edit the post because it's not his
 459      * @var    bool    s_cannot_edit_locked    User can not edit the post because it's locked
 460      * @var    bool    s_cannot_edit_time        User can not edit the post because edit_time has passed
 461      * @since 3.1.0-b4
 462      */
 463      $vars = array(
 464          'post_data',
 465          'force_edit_allowed',
 466          's_cannot_edit',
 467          's_cannot_edit_locked',
 468          's_cannot_edit_time',
 469      );
 470      extract($phpbb_dispatcher->trigger_event('core.posting_modify_cannot_edit_conditions', compact($vars)));
 471  
 472      if (!$force_edit_allowed)
 473      {
 474          if ($s_cannot_edit)
 475          {
 476              trigger_error('USER_CANNOT_EDIT');
 477          }
 478          else if ($s_cannot_edit_time)
 479          {
 480              trigger_error('CANNOT_EDIT_TIME');
 481          }
 482          else if ($s_cannot_edit_locked)
 483          {
 484              trigger_error('CANNOT_EDIT_POST_LOCKED');
 485          }
 486      }
 487  }
 488  
 489  // Handle delete mode...
 490  if ($mode == 'delete' || $mode == 'soft_delete')
 491  {
 492      if ($mode == 'soft_delete' && $post_data['post_visibility'] == ITEM_DELETED)
 493      {
 494          $user->setup('posting');
 495          trigger_error('NO_POST');
 496      }
 497  
 498      $delete_reason = $request->variable('delete_reason', '', true);
 499      phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, ($mode == 'soft_delete' && !$request->is_set_post('delete_permanent')), $delete_reason);
 500      return;
 501  }
 502  
 503  // Handle bump mode...
 504  if ($mode == 'bump')
 505  {
 506      if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id'])
 507          && check_link_hash($request->variable('hash', ''), "topic_{$post_data['topic_id']}"))
 508      {
 509          $meta_url = phpbb_bump_topic($forum_id, $topic_id, $post_data, $current_time);
 510          meta_refresh(3, $meta_url);
 511          $message = $user->lang['TOPIC_BUMPED'];
 512  
 513          if (!$request->is_ajax())
 514          {
 515              $message .= '<br /><br />' . $user->lang('VIEW_MESSAGE', '<a href="' . $meta_url . '">', '</a>');
 516              $message .= '<br /><br />' . $user->lang('RETURN_FORUM', '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
 517          }
 518  
 519          trigger_error($message);
 520      }
 521  
 522      trigger_error('BUMP_ERROR');
 523  }
 524  
 525  // Subject length limiting to 60 characters if first post...
 526  if ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_data['post_id']))
 527  {
 528      $template->assign_var('S_NEW_MESSAGE', true);
 529  }
 530  
 531  // Determine some vars
 532  if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS)
 533  {
 534      $post_data['quote_username'] = (!empty($post_data['post_username'])) ? $post_data['post_username'] : $user->lang['GUEST'];
 535  }
 536  else
 537  {
 538      $post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : '';
 539  }
 540  
 541  $post_data['post_edit_locked']    = (isset($post_data['post_edit_locked'])) ? (int) $post_data['post_edit_locked'] : 0;
 542  $post_data['post_subject_md5']    = (isset($post_data['post_subject']) && $mode == 'edit') ? md5($post_data['post_subject']) : '';
 543  $post_data['post_subject']        = (in_array($mode, array('quote', 'edit'))) ? $post_data['post_subject'] : ((isset($post_data['topic_title'])) ? $post_data['topic_title'] : '');
 544  $post_data['topic_time_limit']    = (isset($post_data['topic_time_limit'])) ? (($post_data['topic_time_limit']) ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit']) : 0;
 545  $post_data['poll_length']        = (!empty($post_data['poll_length'])) ? (int) $post_data['poll_length'] / 86400 : 0;
 546  $post_data['poll_start']        = (!empty($post_data['poll_start'])) ? (int) $post_data['poll_start'] : 0;
 547  $post_data['icon_id']            = (!isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply'))) ? 0 : (int) $post_data['icon_id'];
 548  $post_data['poll_options']        = array();
 549  
 550  // Get Poll Data
 551  if ($post_data['poll_start'])
 552  {
 553      $sql = 'SELECT poll_option_text
 554          FROM ' . POLL_OPTIONS_TABLE . "
 555          WHERE topic_id = $topic_id
 556          ORDER BY poll_option_id";
 557      $result = $db->sql_query($sql);
 558  
 559      while ($row = $db->sql_fetchrow($result))
 560      {
 561          $post_data['poll_options'][] = trim($row['poll_option_text']);
 562      }
 563      $db->sql_freeresult($result);
 564  }
 565  
 566  /**
 567  * This event allows you to modify the post data before parsing
 568  *
 569  * @event core.posting_modify_post_data
 570  * @var    int        forum_id    ID of the forum
 571  * @var    string    mode        What action to take if the form has been submitted
 572  *                            post|reply|quote|edit|delete|bump|smilies|popup
 573  * @var    array    post_data    Array with post data
 574  * @var    int        post_id        ID of the post
 575  * @var    int        topic_id    ID of the topic
 576  * @since 3.2.2-RC1
 577  */
 578  $vars = array(
 579      'forum_id',
 580      'mode',
 581      'post_data',
 582      'post_id',
 583      'topic_id',
 584  );
 585  extract($phpbb_dispatcher->trigger_event('core.posting_modify_post_data', compact($vars)));
 586  
 587  if ($mode == 'edit')
 588  {
 589      $original_poll_data = array(
 590          'poll_title'        => $post_data['poll_title'],
 591          'poll_length'        => $post_data['poll_length'],
 592          'poll_max_options'    => $post_data['poll_max_options'],
 593          'poll_option_text'    => implode("\n", $post_data['poll_options']),
 594          'poll_start'        => $post_data['poll_start'],
 595          'poll_last_vote'    => $post_data['poll_last_vote'],
 596          'poll_vote_change'    => $post_data['poll_vote_change'],
 597      );
 598  }
 599  
 600  $orig_poll_options_size = count($post_data['poll_options']);
 601  
 602  $message_parser = new parse_message();
 603  /* @var $plupload \phpbb\plupload\plupload */
 604  $plupload = $phpbb_container->get('plupload');
 605  
 606  /* @var $mimetype_guesser \phpbb\mimetype\guesser */
 607  $mimetype_guesser = $phpbb_container->get('mimetype.guesser');
 608  $message_parser->set_plupload($plupload);
 609  
 610  if (isset($post_data['post_text']))
 611  {
 612      $message_parser->message = &$post_data['post_text'];
 613      unset($post_data['post_text']);
 614  }
 615  
 616  // Set some default variables
 617  $uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0);
 618  
 619  /**
 620  * This event allows you to modify the default variables for post_data, and unset them in post_data if needed
 621  *
 622  * @event core.posting_modify_default_variables
 623  * @var    array    post_data    Array with post data
 624  * @var    array    uninit        Array with default vars to put into post_data, if they aren't there
 625  * @since 3.2.5-RC1
 626  */
 627  $vars = array(
 628      'post_data',
 629      'uninit',
 630  );
 631  extract($phpbb_dispatcher->trigger_event('core.posting_modify_default_variables', compact($vars)));
 632  
 633  foreach ($uninit as $var_name => $default_value)
 634  {
 635      if (!isset($post_data[$var_name]))
 636      {
 637          $post_data[$var_name] = $default_value;
 638      }
 639  }
 640  unset($uninit);
 641  
 642  // Always check if the submitted attachment data is valid and belongs to the user.
 643  // Further down (especially in submit_post()) we do not check this again.
 644  $message_parser->get_submitted_attachment_data($post_data['poster_id']);
 645  
 646  if ($post_data['post_attachment'] && !$submit && !$refresh && !$preview && $mode == 'edit')
 647  {
 648      // Do not change to SELECT *
 649      $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename, filesize
 650          FROM ' . ATTACHMENTS_TABLE . "
 651          WHERE post_msg_id = $post_id
 652              AND in_message = 0
 653              AND is_orphan = 0
 654          ORDER BY attach_id DESC";
 655      $result = $db->sql_query($sql);
 656      $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));
 657      $db->sql_freeresult($result);
 658  }
 659  
 660  if ($post_data['poster_id'] == ANONYMOUS)
 661  {
 662      $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['post_username']) : '';
 663  }
 664  else
 665  {
 666      $post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['username']) : '';
 667  }
 668  
 669  $post_data['enable_urls'] = $post_data['enable_magic_url'];
 670  
 671  if ($mode != 'edit')
 672  {
 673      $post_data['enable_sig']        = ($config['allow_sig'] && $user->optionget('attachsig')) ? true: false;
 674      $post_data['enable_smilies']    = ($config['allow_smilies'] && $user->optionget('smilies')) ? true : false;
 675      $post_data['enable_bbcode']        = ($config['allow_bbcode'] && $user->optionget('bbcode')) ? true : false;
 676      $post_data['enable_urls']        = true;
 677  }
 678  
 679  if ($mode == 'post')
 680  {
 681      $post_data['topic_status']        = ($request->is_set_post('lock_topic') && $auth->acl_gets('m_lock', 'f_user_lock', $forum_id)) ? ITEM_LOCKED : ITEM_UNLOCKED;
 682  }
 683  
 684  $post_data['enable_magic_url'] = $post_data['drafts'] = false;
 685  
 686  // User own some drafts?
 687  if ($user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
 688  {
 689      $sql = 'SELECT draft_id
 690          FROM ' . DRAFTS_TABLE . '
 691          WHERE user_id = ' . $user->data['user_id'] .
 692              (($forum_id) ? ' AND forum_id = ' . (int) $forum_id : '') .
 693              (($topic_id) ? ' AND topic_id = ' . (int) $topic_id : '') .
 694              (($draft_id) ? " AND draft_id <> $draft_id" : '');
 695      $result = $db->sql_query_limit($sql, 1);
 696  
 697      if ($db->sql_fetchrow($result))
 698      {
 699          $post_data['drafts'] = true;
 700      }
 701      $db->sql_freeresult($result);
 702  }
 703  
 704  $check_value = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
 705  
 706  // Check if user is watching this topic
 707  if ($mode != 'post' && $config['allow_topic_notify'] && $user->data['is_registered'])
 708  {
 709      $sql = 'SELECT topic_id
 710          FROM ' . TOPICS_WATCH_TABLE . '
 711          WHERE topic_id = ' . $topic_id . '
 712              AND user_id = ' . $user->data['user_id'];
 713      $result = $db->sql_query($sql);
 714      $post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id');
 715      $db->sql_freeresult($result);
 716  }
 717  
 718  // Do we want to edit our post ?
 719  if ($mode == 'edit' && $post_data['bbcode_uid'])
 720  {
 721      $message_parser->bbcode_uid = $post_data['bbcode_uid'];
 722  }
 723  
 724  // HTML, BBCode, Smilies, Images and Flash status
 725  $bbcode_status    = ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false;
 726  $smilies_status    = ($config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false;
 727  $img_status        = ($bbcode_status && $auth->acl_get('f_img', $forum_id)) ? true : false;
 728  $url_status        = ($config['allow_post_links']) ? true : false;
 729  $flash_status    = ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false;
 730  $quote_status    = true;
 731  
 732  // Save Draft
 733  if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
 734  {
 735      $subject = $request->variable('subject', '', true);
 736      $subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject;
 737      $message = $request->variable('message', '', true);
 738  
 739      if ($subject && $message)
 740      {
 741          if (confirm_box(true))
 742          {
 743              $message_parser->message = $message;
 744              $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
 745  
 746              $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 747                  'user_id'        => (int) $user->data['user_id'],
 748                  'topic_id'        => (int) $topic_id,
 749                  'forum_id'        => (int) $forum_id,
 750                  'save_time'        => (int) $current_time,
 751                  'draft_subject'    => (string) $subject,
 752                  'draft_message'    => (string) $message_parser->message)
 753              );
 754              $db->sql_query($sql);
 755  
 756              $meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=$topic_id");
 757  
 758              meta_refresh(3, $meta_info);
 759  
 760              $message = $user->lang['DRAFT_SAVED'] . '<br /><br />';
 761              $message .= ($mode != 'post') ? sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>') . '<br /><br />' : '';
 762              $message .= sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
 763  
 764              trigger_error($message);
 765          }
 766          else
 767          {
 768              $s_hidden_fields = build_hidden_fields(array(
 769                  'mode'        => $mode,
 770                  'save'        => true,
 771                  'f'            => $forum_id,
 772                  't'            => $topic_id,
 773                  'subject'    => $subject,
 774                  'message'    => $message,
 775                  'attachment_data' => $message_parser->attachment_data,
 776                  )
 777              );
 778  
 779              $hidden_fields = array(
 780                  'icon_id'            => 0,
 781  
 782                  'disable_bbcode'    => false,
 783                  'disable_smilies'    => false,
 784                  'disable_magic_url'    => false,
 785                  'attach_sig'        => true,
 786                  'lock_topic'        => false,
 787  
 788                  'topic_type'        => POST_NORMAL,
 789                  'topic_time_limit'    => 0,
 790  
 791                  'poll_title'        => '',
 792                  'poll_option_text'    => '',
 793                  'poll_max_options'    => 1,
 794                  'poll_length'        => 0,
 795                  'poll_vote_change'    => false,
 796              );
 797  
 798              foreach ($hidden_fields as $name => $default)
 799              {
 800                  if (!isset($_POST[$name]))
 801                  {
 802                      // Don't include it, if its not available
 803                      unset($hidden_fields[$name]);
 804                      continue;
 805                  }
 806  
 807                  if (is_bool($default))
 808                  {
 809                      // Use the string representation
 810                      $hidden_fields[$name] = $request->variable($name, '');
 811                  }
 812                  else
 813                  {
 814                      $hidden_fields[$name] = $request->variable($name, $default);
 815                  }
 816              }
 817  
 818              $s_hidden_fields .= build_hidden_fields($hidden_fields);
 819  
 820              confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields);
 821          }
 822      }
 823      else
 824      {
 825          if (utf8_clean_string($subject) === '')
 826          {
 827              $error[] = $user->lang['EMPTY_SUBJECT'];
 828          }
 829  
 830          if (utf8_clean_string($message) === '')
 831          {
 832              $error[] = $user->lang['TOO_FEW_CHARS'];
 833          }
 834      }
 835      unset($subject, $message);
 836  }
 837  
 838  // Load requested Draft
 839  if ($draft_id && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $user->data['is_registered'] && $auth->acl_get('u_savedrafts'))
 840  {
 841      $sql = 'SELECT draft_subject, draft_message
 842          FROM ' . DRAFTS_TABLE . "
 843          WHERE draft_id = $draft_id
 844              AND user_id = " . $user->data['user_id'];
 845      $result = $db->sql_query_limit($sql, 1);
 846      $row = $db->sql_fetchrow($result);
 847      $db->sql_freeresult($result);
 848  
 849      if ($row)
 850      {
 851          $post_data['post_subject'] = $row['draft_subject'];
 852          $message_parser->message = $row['draft_message'];
 853  
 854          $template->assign_var('S_DRAFT_LOADED', true);
 855      }
 856      else
 857      {
 858          $draft_id = 0;
 859      }
 860  }
 861  
 862  // Load draft overview
 863  if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_data['drafts'])
 864  {
 865      load_drafts($topic_id, $forum_id);
 866  }
 867  
 868  /** @var \phpbb\textformatter\utils_interface $bbcode_utils */
 869  $bbcode_utils = $phpbb_container->get('text_formatter.utils');
 870  
 871  if ($submit || $preview || $refresh)
 872  {
 873      $post_data['topic_cur_post_id']    = $request->variable('topic_cur_post_id', 0);
 874      $post_data['post_subject']        = $request->variable('subject', '', true);
 875      $message_parser->message        = $request->variable('message', '', true);
 876  
 877      $post_data['username']            = $request->variable('username', $post_data['username'], true);
 878      $post_data['post_edit_reason']    = ($request->variable('edit_reason', false, false, \phpbb\request\request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? $request->variable('edit_reason', '', true) : '';
 879  
 880      $post_data['orig_topic_type']    = $post_data['topic_type'];
 881      $post_data['topic_type']        = $request->variable('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL));
 882      $post_data['topic_time_limit']    = $request->variable('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0));
 883  
 884      if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id))
 885      {
 886          $post_data['icon_id'] = $request->variable('icon', (int) $post_data['icon_id']);
 887      }
 888  
 889      $post_data['enable_bbcode']        = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true;
 890      $post_data['enable_smilies']    = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true;
 891      $post_data['enable_urls']        = (isset($_POST['disable_magic_url'])) ? 0 : 1;
 892      $post_data['enable_sig']        = (!$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig')) ? false : ((isset($_POST['attach_sig']) && $user->data['is_registered']) ? true : false);
 893  
 894      if ($config['allow_topic_notify'] && $user->data['is_registered'])
 895      {
 896          $notify = (isset($_POST['notify'])) ? true : false;
 897      }
 898      else
 899      {
 900          $notify = false;
 901      }
 902  
 903      $topic_lock            = (isset($_POST['lock_topic'])) ? true : false;
 904      $post_lock            = (isset($_POST['lock_post'])) ? true : false;
 905      $poll_delete        = (isset($_POST['poll_delete'])) ? true : false;
 906  
 907      if ($submit)
 908      {
 909          $status_switch = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
 910          $status_switch = ($status_switch != $check_value);
 911      }
 912      else
 913      {
 914          $status_switch = 1;
 915      }
 916  
 917      // Delete Poll
 918      if ($poll_delete && $mode == 'edit' && count($post_data['poll_options']) &&
 919          ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id)))
 920      {
 921          if ($submit && check_form_key('posting'))
 922          {
 923              $sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . "
 924                  WHERE topic_id = $topic_id";
 925              $db->sql_query($sql);
 926  
 927              $sql = 'DELETE FROM ' . POLL_VOTES_TABLE . "
 928                  WHERE topic_id = $topic_id";
 929              $db->sql_query($sql);
 930  
 931              $topic_sql = array(
 932                  'poll_title'        => '',
 933                  'poll_start'         => 0,
 934                  'poll_length'        => 0,
 935                  'poll_last_vote'    => 0,
 936                  'poll_max_options'    => 0,
 937                  'poll_vote_change'    => 0
 938              );
 939  
 940              $sql = 'UPDATE ' . TOPICS_TABLE . '
 941                  SET ' . $db->sql_build_array('UPDATE', $topic_sql) . "
 942                  WHERE topic_id = $topic_id";
 943              $db->sql_query($sql);
 944          }
 945  
 946          $post_data['poll_title'] = $post_data['poll_option_text'] = '';
 947          $post_data['poll_vote_change'] = $post_data['poll_max_options'] = $post_data['poll_length'] = 0;
 948      }
 949      else
 950      {
 951          $post_data['poll_title']        = $request->variable('poll_title', '', true);
 952          $post_data['poll_length']        = $request->variable('poll_length', 0);
 953          $post_data['poll_option_text']    = $request->variable('poll_option_text', '', true);
 954          $post_data['poll_max_options']    = $request->variable('poll_max_options', 1);
 955          $post_data['poll_vote_change']    = ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0;
 956      }
 957  
 958      // If replying/quoting and last post id has changed
 959      // give user option to continue submit or return to post
 960      // notify and show user the post made between his request and the final submit
 961      if (($mode == 'reply' || $mode == 'quote') && $post_data['topic_cur_post_id'] && $post_data['topic_cur_post_id'] != $post_data['topic_last_post_id'])
 962      {
 963          // Only do so if it is allowed forum-wide
 964          if ($post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
 965          {
 966              if (topic_review($topic_id, $forum_id, 'post_review', $post_data['topic_cur_post_id']))
 967              {
 968                  $template->assign_var('S_POST_REVIEW', true);
 969              }
 970  
 971              $submit = false;
 972              $refresh = true;
 973          }
 974      }
 975  
 976      // Parse Attachments - before checksum is calculated
 977      if ($message_parser->check_attachment_form_token($language, $request, 'posting'))
 978      {
 979          $message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh);
 980      }
 981  
 982      /**
 983      * This event allows you to modify message text before parsing
 984      *
 985      * @event core.posting_modify_message_text
 986      * @var    array    post_data    Array with post data
 987      * @var    string    mode        What action to take if the form is submitted
 988      *                post|reply|quote|edit|delete|bump|smilies|popup
 989      * @var    int    post_id        ID of the post
 990      * @var    int    topic_id    ID of the topic
 991      * @var    int    forum_id    ID of the forum
 992      * @var    bool    submit        Whether or not the form has been submitted
 993      * @var    bool    preview        Whether or not the post is being previewed
 994      * @var    bool    save        Whether or not a draft is being saved
 995      * @var    bool    load        Whether or not a draft is being loaded
 996      * @var    bool    cancel        Whether or not to cancel the form (returns to
 997      *                viewtopic or viewforum depending on if the user
 998      *                is posting a new topic or editing a post)
 999      * @var    bool    refresh        Whether or not to retain previously submitted data
1000      * @var    object    message_parser    The message parser object
1001      * @var    array    error        Array of errors
1002      * @since 3.1.2-RC1
1003      * @changed 3.1.11-RC1 Added error
1004      */
1005      $vars = array(
1006          'post_data',
1007          'mode',
1008          'post_id',
1009          'topic_id',
1010          'forum_id',
1011          'submit',
1012          'preview',
1013          'save',
1014          'load',
1015          'cancel',
1016          'refresh',
1017          'message_parser',
1018          'error',
1019      );
1020      extract($phpbb_dispatcher->trigger_event('core.posting_modify_message_text', compact($vars)));
1021  
1022      // Grab md5 'checksum' of new message
1023      $message_md5 = md5($message_parser->message);
1024  
1025      // If editing and checksum has changed we know the post was edited while we're editing
1026      // Notify and show user the changed post
1027      if ($mode == 'edit' && $post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
1028      {
1029          $edit_post_message_checksum = $request->variable('edit_post_message_checksum', '');
1030          $edit_post_subject_checksum = $request->variable('edit_post_subject_checksum', '');
1031  
1032          // $post_data['post_checksum'] is the checksum of the post submitted in the meantime
1033          // $message_md5 is the checksum of the post we're about to submit
1034          // $edit_post_message_checksum is the checksum of the post we're editing
1035          // ...
1036  
1037          // We make sure nobody else made exactly the same change
1038          // we're about to submit by also checking $message_md5 != $post_data['post_checksum']
1039          if ($edit_post_message_checksum !== '' &&
1040              $edit_post_message_checksum != $post_data['post_checksum'] &&
1041              $message_md5 != $post_data['post_checksum']
1042              ||
1043              $edit_post_subject_checksum !== '' &&
1044              $edit_post_subject_checksum != $post_data['post_subject_md5'] &&
1045              md5($post_data['post_subject']) != $post_data['post_subject_md5'])
1046          {
1047              if (topic_review($topic_id, $forum_id, 'post_review_edit', $post_id))
1048              {
1049                  $template->assign_vars(array(
1050                      'S_POST_REVIEW'            => true,
1051  
1052                      'L_POST_REVIEW'            => $user->lang['POST_REVIEW_EDIT'],
1053                      'L_POST_REVIEW_EXPLAIN'    => $user->lang['POST_REVIEW_EDIT_EXPLAIN'],
1054                  ));
1055              }
1056  
1057              $submit = false;
1058              $refresh = true;
1059          }
1060      }
1061  
1062      // Check checksum ... don't re-parse message if the same
1063      $update_message = ($mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN) ? true : false;
1064  
1065      // Also check if subject got updated...
1066      $update_subject = $mode != 'edit' || ($post_data['post_subject_md5'] && $post_data['post_subject_md5'] != md5($post_data['post_subject']));
1067  
1068      // Parse message
1069      if ($update_message)
1070      {
1071          if (count($message_parser->warn_msg))
1072          {
1073              $error[] = implode('<br />', $message_parser->warn_msg);
1074              $message_parser->warn_msg = array();
1075          }
1076  
1077          if (!$preview || !empty($message_parser->message))
1078          {
1079              $message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
1080          }
1081  
1082          // On a refresh we do not care about message parsing errors
1083          if (count($message_parser->warn_msg) && $refresh && !$preview)
1084          {
1085              $message_parser->warn_msg = array();
1086          }
1087      }
1088      else
1089      {
1090          $message_parser->bbcode_bitfield = $post_data['bbcode_bitfield'];
1091      }
1092  
1093      $ignore_flood = $auth->acl_get('u_ignoreflood') ? true : $auth->acl_get('f_ignoreflood', $forum_id);
1094      if ($mode != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$ignore_flood)
1095      {
1096          // Flood check
1097          $last_post_time = 0;
1098  
1099          if ($user->data['is_registered'])
1100          {
1101              $last_post_time = $user->data['user_lastpost_time'];
1102          }
1103          else
1104          {
1105              $sql = 'SELECT post_time AS last_post_time
1106                  FROM ' . POSTS_TABLE . "
1107                  WHERE poster_ip = '" . $user->ip . "'
1108                      AND post_time > " . ($current_time - $config['flood_interval']);
1109              $result = $db->sql_query_limit($sql, 1);
1110              if ($row = $db->sql_fetchrow($result))
1111              {
1112                  $last_post_time = $row['last_post_time'];
1113              }
1114              $db->sql_freeresult($result);
1115          }
1116  
1117          if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval']))
1118          {
1119              $error[] = $user->lang['FLOOD_ERROR'];
1120          }
1121      }
1122  
1123      // Validate username
1124      if (($post_data['username'] && !$user->data['is_registered']) || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username']))
1125      {
1126          if (!function_exists('validate_username'))
1127          {
1128              include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1129          }
1130  
1131          $user->add_lang('ucp');
1132  
1133          if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false)
1134          {
1135              $error[] = $user->lang[$result . '_USERNAME'];
1136          }
1137  
1138          if (($result = validate_string($post_data['username'], false, $config['min_name_chars'], $config['max_name_chars'])) !== false)
1139          {
1140              $min_max_amount = ($result == 'TOO_SHORT') ? $config['min_name_chars'] : $config['max_name_chars'];
1141              $error[] = $user->lang('FIELD_' . $result, $min_max_amount, $user->lang['USERNAME']);
1142          }
1143      }
1144  
1145      if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply')))
1146      {
1147          $captcha_data = array(
1148              'message'    => $request->variable('message', '', true),
1149              'subject'    => $request->variable('subject', '', true),
1150              'username'    => $request->variable('username', '', true),
1151          );
1152          $vc_response = $captcha->validate($captcha_data);
1153          if ($vc_response)
1154          {
1155              $error[] = $vc_response;
1156          }
1157      }
1158  
1159      // check form
1160      if (($submit || $preview) && !check_form_key('posting'))
1161      {
1162          $error[] = $user->lang['FORM_INVALID'];
1163      }
1164  
1165      if ($submit && $mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED && !isset($_POST['soft_delete']) && $auth->acl_get('m_approve', $forum_id))
1166      {
1167          $is_first_post = ($post_id == $post_data['topic_first_post_id'] || !$post_data['topic_posts_approved']);
1168          $is_last_post = ($post_id == $post_data['topic_last_post_id'] || !$post_data['topic_posts_approved']);
1169          $updated_post_data = $phpbb_content_visibility->set_post_visibility(ITEM_APPROVED, $post_id, $post_data['topic_id'], $post_data['forum_id'], $user->data['user_id'], time(), '', $is_first_post, $is_last_post);
1170  
1171          if (!empty($updated_post_data))
1172          {
1173              // Update the post_data, so we don't need to refetch it.
1174              $post_data = array_merge($post_data, $updated_post_data);
1175          }
1176      }
1177  
1178      // Parse subject
1179      if (!$preview && !$refresh && utf8_clean_string($post_data['post_subject']) === '' && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
1180      {
1181          $error[] = $user->lang['EMPTY_SUBJECT'];
1182      }
1183  
1184      /**
1185       * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR.
1186       * Using their Numeric Character Reference's Hexadecimal notation.
1187       * Check the permissions for posting Emojis first.
1188       */
1189      if ($auth->acl_get('u_emoji'))
1190      {
1191          $post_data['post_subject'] = utf8_encode_ucr($post_data['post_subject']);
1192      }
1193      else
1194      {
1195          /**
1196           * Check for out-of-bounds characters that are currently
1197           * not supported by utf8_bin in MySQL
1198           */
1199          if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $post_data['post_subject'], $matches))
1200          {
1201              $character_list = implode('<br>', $matches[0]);
1202  
1203              $error[] = $user->lang('UNSUPPORTED_CHARACTERS_SUBJECT', $character_list);
1204          }
1205      }
1206  
1207      $post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0;
1208  
1209      if ($post_data['poll_option_text'] &&
1210          ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1211          && $auth->acl_get('f_poll', $forum_id))
1212      {
1213          $poll = array(
1214              'poll_title'        => $post_data['poll_title'],
1215              'poll_length'        => $post_data['poll_length'],
1216              'poll_max_options'    => $post_data['poll_max_options'],
1217              'poll_option_text'    => $post_data['poll_option_text'],
1218              'poll_start'        => $post_data['poll_start'],
1219              'poll_last_vote'    => $post_data['poll_last_vote'],
1220              'poll_vote_change'    => $post_data['poll_vote_change'],
1221              'enable_bbcode'        => $post_data['enable_bbcode'],
1222              'enable_urls'        => $post_data['enable_urls'],
1223              'enable_smilies'    => $post_data['enable_smilies'],
1224              'img_status'        => $img_status
1225          );
1226  
1227          $message_parser->parse_poll($poll);
1228  
1229          $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array();
1230          $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
1231  
1232          /* We reset votes, therefore also allow removing options
1233          if ($post_data['poll_last_vote'] && ($poll['poll_options_size'] < $orig_poll_options_size))
1234          {
1235              $message_parser->warn_msg[] = $user->lang['NO_DELETE_POLL_OPTIONS'];
1236          }*/
1237      }
1238      else if ($mode == 'edit' && $post_id == $post_data['topic_first_post_id'] && $auth->acl_get('f_poll', $forum_id))
1239      {
1240          // The user removed all poll options, this is equal to deleting the poll.
1241          $poll = array(
1242              'poll_title'        => '',
1243              'poll_length'        => 0,
1244              'poll_max_options'    => 0,
1245              'poll_option_text'    => '',
1246              'poll_start'        => 0,
1247              'poll_last_vote'    => 0,
1248              'poll_vote_change'    => 0,
1249              'poll_options'        => array(),
1250          );
1251  
1252          $post_data['poll_options'] = array();
1253          $post_data['poll_title'] = '';
1254          $post_data['poll_start'] = $post_data['poll_length'] = $post_data['poll_max_options'] = $post_data['poll_last_vote'] = $post_data['poll_vote_change'] = 0;
1255      }
1256      else if (!$auth->acl_get('f_poll', $forum_id) && ($mode == 'edit') && ($post_id == $post_data['topic_first_post_id']) && !$bbcode_utils->is_empty($original_poll_data['poll_title']))
1257      {
1258          // We have a poll but the editing user is not permitted to create/edit it.
1259          // So we just keep the original poll-data.
1260          // Decode the poll title and options text fisrt.
1261          $original_poll_data['poll_title'] = $bbcode_utils->unparse($original_poll_data['poll_title']);
1262          $original_poll_data['poll_option_text'] = $bbcode_utils->unparse($original_poll_data['poll_option_text']);
1263          $original_poll_data['poll_options'] = explode("\n", $original_poll_data['poll_option_text']);
1264  
1265          $poll = array_merge($original_poll_data, array(
1266              'enable_bbcode'        => $post_data['enable_bbcode'],
1267              'enable_urls'        => $post_data['enable_urls'],
1268              'enable_smilies'    => $post_data['enable_smilies'],
1269              'img_status'        => $img_status,
1270          ));
1271  
1272          $message_parser->parse_poll($poll);
1273  
1274          $post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array();
1275          $post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
1276      }
1277      else
1278      {
1279          $poll = array();
1280      }
1281  
1282      // Check topic type
1283      if ($post_data['topic_type'] != POST_NORMAL && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
1284      {
1285          switch ($post_data['topic_type'])
1286          {
1287              case POST_GLOBAL:
1288                  $auth_option = 'f_announce_global';
1289              break;
1290  
1291              case POST_ANNOUNCE:
1292                  $auth_option = 'f_announce';
1293              break;
1294  
1295              case POST_STICKY:
1296                  $auth_option = 'f_sticky';
1297              break;
1298  
1299              default:
1300                  $auth_option = '';
1301              break;
1302          }
1303  
1304          if ($auth_option != '' && !$auth->acl_get($auth_option, $forum_id))
1305          {
1306              // There is a special case where a user edits his post whereby the topic type got changed by an admin/mod.
1307              // Another case would be a mod not having sticky permissions for example but edit permissions.
1308              if ($mode == 'edit')
1309              {
1310                  // To prevent non-authed users messing around with the topic type we reset it to the original one.
1311                  $post_data['topic_type'] = $post_data['orig_topic_type'];
1312              }
1313              else
1314              {
1315                  $error[] = $user->lang['CANNOT_POST_' . str_replace('F_', '', strtoupper($auth_option))];
1316              }
1317          }
1318      }
1319  
1320      if (count($message_parser->warn_msg))
1321      {
1322          $error[] = implode('<br />', $message_parser->warn_msg);
1323      }
1324  
1325      // DNSBL check
1326      if ($config['check_dnsbl'] && !$refresh)
1327      {
1328          if (($dnsbl = $user->check_dnsbl('post')) !== false)
1329          {
1330              $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
1331          }
1332      }
1333  
1334      /**
1335      * This event allows you to define errors before the post action is performed
1336      *
1337      * @event core.posting_modify_submission_errors
1338      * @var    array    post_data    Array with post data
1339      * @var    array    poll        Array with poll data from post (must be used instead of the post_data equivalent)
1340      * @var    string    mode        What action to take if the form is submitted
1341      *                post|reply|quote|edit|delete|bump|smilies|popup
1342      * @var    int    post_id        ID of the post
1343      * @var    int    topic_id    ID of the topic
1344      * @var    int    forum_id    ID of the forum
1345      * @var    bool    submit        Whether or not the form has been submitted
1346      * @var    array    error        Any error strings; a non-empty array aborts form submission.
1347      *                NOTE: Should be actual language strings, NOT language keys.
1348      * @since 3.1.0-RC5
1349      * @changed 3.1.5-RC1 Added poll array to the event
1350      * @changed 3.2.0-a1 Removed undefined page_title
1351      */
1352      $vars = array(
1353          'post_data',
1354          'poll',
1355          'mode',
1356          'post_id',
1357          'topic_id',
1358          'forum_id',
1359          'submit',
1360          'error',
1361      );
1362      extract($phpbb_dispatcher->trigger_event('core.posting_modify_submission_errors', compact($vars)));
1363  
1364      // Store message, sync counters
1365      if (!count($error) && $submit)
1366      {
1367          if ($submit)
1368          {
1369              // Lock/Unlock Topic
1370              $change_topic_status = $post_data['topic_status'];
1371              $perm_lock_unlock = ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED)) ? true : false;
1372  
1373              if ($post_data['topic_status'] == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock)
1374              {
1375                  $change_topic_status = ITEM_UNLOCKED;
1376              }
1377              else if ($post_data['topic_status'] == ITEM_UNLOCKED && $topic_lock && $perm_lock_unlock)
1378              {
1379                  $change_topic_status = ITEM_LOCKED;
1380              }
1381  
1382              if ($change_topic_status != $post_data['topic_status'])
1383              {
1384                  $sql = 'UPDATE ' . TOPICS_TABLE . "
1385                      SET topic_status = $change_topic_status
1386                      WHERE topic_id = $topic_id
1387                          AND topic_moved_id = 0";
1388                  $db->sql_query($sql);
1389  
1390                  $user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster']) ? 'USER_' : '';
1391  
1392                  $phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), false, array(
1393                      'forum_id' => $forum_id,
1394                      'topic_id' => $topic_id,
1395                      $post_data['topic_title']
1396                  ));
1397              }
1398  
1399              // Lock/Unlock Post Edit
1400              if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id))
1401              {
1402                  $post_data['post_edit_locked'] = ITEM_UNLOCKED;
1403              }
1404              else if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id))
1405              {
1406                  $post_data['post_edit_locked'] = ITEM_LOCKED;
1407              }
1408  
1409              $data = array(
1410                  'topic_title'            => (empty($post_data['topic_title'])) ? $post_data['post_subject'] : $post_data['topic_title'],
1411                  'topic_first_post_id'    => (isset($post_data['topic_first_post_id'])) ? (int) $post_data['topic_first_post_id'] : 0,
1412                  'topic_last_post_id'    => (isset($post_data['topic_last_post_id'])) ? (int) $post_data['topic_last_post_id'] : 0,
1413                  'topic_time_limit'        => (int) $post_data['topic_time_limit'],
1414                  'topic_attachment'        => (isset($post_data['topic_attachment'])) ? (int) $post_data['topic_attachment'] : 0,
1415                  'post_id'                => (int) $post_id,
1416                  'topic_id'                => (int) $topic_id,
1417                  'forum_id'                => (int) $forum_id,
1418                  'icon_id'                => (int) $post_data['icon_id'],
1419                  'poster_id'                => (int) $post_data['poster_id'],
1420                  'enable_sig'            => (bool) $post_data['enable_sig'],
1421                  'enable_bbcode'            => (bool) $post_data['enable_bbcode'],
1422                  'enable_smilies'        => (bool) $post_data['enable_smilies'],
1423                  'enable_urls'            => (bool) $post_data['enable_urls'],
1424                  'enable_indexing'        => (bool) $post_data['enable_indexing'],
1425                  'message_md5'            => (string) $message_md5,
1426                  'post_checksum'            => (isset($post_data['post_checksum'])) ? (string) $post_data['post_checksum'] : '',
1427                  'post_edit_reason'        => $post_data['post_edit_reason'],
1428                  'post_edit_user'        => ($mode == 'edit') ? $user->data['user_id'] : ((isset($post_data['post_edit_user'])) ? (int) $post_data['post_edit_user'] : 0),
1429                  'forum_parents'            => $post_data['forum_parents'],
1430                  'forum_name'            => $post_data['forum_name'],
1431                  'notify'                => $notify,
1432                  'notify_set'            => $post_data['notify_set'],
1433                  'poster_ip'                => (isset($post_data['poster_ip'])) ? $post_data['poster_ip'] : $user->ip,
1434                  'post_edit_locked'        => (int) $post_data['post_edit_locked'],
1435                  'bbcode_bitfield'        => $message_parser->bbcode_bitfield,
1436                  'bbcode_uid'            => $message_parser->bbcode_uid,
1437                  'message'                => $message_parser->message,
1438                  'attachment_data'        => $message_parser->attachment_data,
1439                  'filename_data'            => $message_parser->filename_data,
1440                  'topic_status'            => $post_data['topic_status'],
1441  
1442                  'topic_visibility'            => (isset($post_data['topic_visibility'])) ? $post_data['topic_visibility'] : false,
1443                  'post_visibility'            => (isset($post_data['post_visibility'])) ? $post_data['post_visibility'] : false,
1444              );
1445  
1446              if ($mode == 'edit')
1447              {
1448                  $data['topic_posts_approved'] = $post_data['topic_posts_approved'];
1449                  $data['topic_posts_unapproved'] = $post_data['topic_posts_unapproved'];
1450                  $data['topic_posts_softdeleted'] = $post_data['topic_posts_softdeleted'];
1451              }
1452  
1453              // Only return the username when it is either a guest posting or we are editing a post and
1454              // the username was supplied; otherwise post_data might hold the data of the post that is
1455              // being quoted (which could result in the username being returned being that of the quoted
1456              // post's poster, not the poster of the current post). See: PHPBB3-11769 for more information.
1457              $post_author_name = ((!$user->data['is_registered'] || $mode == 'edit') && $post_data['username'] !== '') ? $post_data['username'] : '';
1458  
1459              /**
1460              * This event allows you to define errors before the post action is performed
1461              *
1462              * @event core.posting_modify_submit_post_before
1463              * @var    array    post_data    Array with post data
1464              * @var    array    poll        Array with poll data
1465              * @var    array    data        Array with post data going to be stored in the database
1466              * @var    string    mode        What action to take if the form is submitted
1467              *                post|reply|quote|edit|delete
1468              * @var    int    post_id        ID of the post
1469              * @var    int    topic_id    ID of the topic
1470              * @var    int    forum_id    ID of the forum
1471              * @var    string    post_author_name    Author name for guest posts
1472              * @var    bool    update_message        Boolean if the post message was changed
1473              * @var    bool    update_subject        Boolean if the post subject was changed
1474              *                NOTE: Should be actual language strings, NOT language keys.
1475              * @since 3.1.0-RC5
1476              * @changed 3.1.6-RC1 remove submit and error from event  Submit and Error are checked previously prior to running event
1477              * @change 3.2.0-a1 Removed undefined page_title
1478              */
1479              $vars = array(
1480                  'post_data',
1481                  'poll',
1482                  'data',
1483                  'mode',
1484                  'post_id',
1485                  'topic_id',
1486                  'forum_id',
1487                  'post_author_name',
1488                  'update_message',
1489                  'update_subject',
1490              );
1491              extract($phpbb_dispatcher->trigger_event('core.posting_modify_submit_post_before', compact($vars)));
1492  
1493              // The last parameter tells submit_post if search indexer has to be run
1494              $redirect_url = submit_post($mode, $post_data['post_subject'], $post_author_name, $post_data['topic_type'], $poll, $data, $update_message, ($update_message || $update_subject) ? true : false);
1495  
1496              /**
1497              * This event allows you to define errors after the post action is performed
1498              *
1499              * @event core.posting_modify_submit_post_after
1500              * @var    array    post_data    Array with post data
1501              * @var    array    poll        Array with poll data
1502              * @var    array    data        Array with post data going to be stored in the database
1503              * @var    string    mode        What action to take if the form is submitted
1504              *                post|reply|quote|edit|delete
1505              * @var    int    post_id        ID of the post
1506              * @var    int    topic_id    ID of the topic
1507              * @var    int    forum_id    ID of the forum
1508              * @var    string    post_author_name    Author name for guest posts
1509              * @var    bool    update_message        Boolean if the post message was changed
1510              * @var    bool    update_subject        Boolean if the post subject was changed
1511              * @var    string    redirect_url        URL the user is going to be redirected to
1512              *                NOTE: Should be actual language strings, NOT language keys.
1513              * @since 3.1.0-RC5
1514              * @changed 3.1.6-RC1 remove submit and error from event  Submit and Error are checked previously prior to running event
1515              * @change 3.2.0-a1 Removed undefined page_title
1516              */
1517              $vars = array(
1518                  'post_data',
1519                  'poll',
1520                  'data',
1521                  'mode',
1522                  'post_id',
1523                  'topic_id',
1524                  'forum_id',
1525                  'post_author_name',
1526                  'update_message',
1527                  'update_subject',
1528                  'redirect_url',
1529              );
1530              extract($phpbb_dispatcher->trigger_event('core.posting_modify_submit_post_after', compact($vars)));
1531  
1532              if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === true) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
1533              {
1534                  $captcha->reset();
1535              }
1536  
1537              // Handle delete mode...
1538              if ($request->is_set_post('delete') || $request->is_set_post('delete_permanent'))
1539              {
1540                  $delete_reason = $request->variable('delete_reason', '', true);
1541                  phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, !$request->is_set_post('delete_permanent'), $delete_reason);
1542                  return;
1543              }
1544  
1545              // Check the permissions for post approval.
1546              // Moderators must go through post approval like ordinary users.
1547              if ((!$auth->acl_get('f_noapprove', $data['forum_id']) && empty($data['force_approved_state'])) || (isset($data['force_approved_state']) && !$data['force_approved_state']))
1548              {
1549                  meta_refresh(10, $redirect_url);
1550                  $message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD'];
1551                  $message .= (($user->data['user_id'] == ANONYMOUS) ? '' : ' '. $user->lang['POST_APPROVAL_NOTIFY']);
1552                  $message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $data['forum_id']) . '">', '</a>');
1553                  trigger_error($message);
1554              }
1555  
1556              redirect($redirect_url);
1557          }
1558      }
1559  }
1560  
1561  // Preview
1562  if (!count($error) && $preview)
1563  {
1564      $post_data['post_time'] = ($mode == 'edit') ? $post_data['post_time'] : $current_time;
1565  
1566      $preview_message = $message_parser->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies'], false);
1567  
1568      $preview_signature = ($mode == 'edit') ? $post_data['user_sig'] : $user->data['user_sig'];
1569      $preview_signature_uid = ($mode == 'edit') ? $post_data['user_sig_bbcode_uid'] : $user->data['user_sig_bbcode_uid'];
1570      $preview_signature_bitfield = ($mode == 'edit') ? $post_data['user_sig_bbcode_bitfield'] : $user->data['user_sig_bbcode_bitfield'];
1571  
1572      // Signature
1573      if ($post_data['enable_sig'] && $config['allow_sig'] && $preview_signature && $auth->acl_get('f_sigs', $forum_id))
1574      {
1575          $flags = ($config['allow_sig_bbcode']) ? OPTION_FLAG_BBCODE : 0;
1576          $flags |= ($config['allow_sig_links']) ? OPTION_FLAG_LINKS : 0;
1577          $flags |= ($config['allow_sig_smilies']) ? OPTION_FLAG_SMILIES : 0;
1578  
1579          $preview_signature = generate_text_for_display($preview_signature, $preview_signature_uid, $preview_signature_bitfield, $flags, false);
1580      }
1581      else
1582      {
1583          $preview_signature = '';
1584      }
1585  
1586      $preview_subject = censor_text($post_data['post_subject']);
1587  
1588      // Poll Preview
1589      if (!$poll_delete && ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1590      && $auth->acl_get('f_poll', $forum_id))
1591      {
1592          $parse_poll = new parse_message($post_data['poll_title']);
1593          $parse_poll->bbcode_uid = $message_parser->bbcode_uid;
1594          $parse_poll->bbcode_bitfield = $message_parser->bbcode_bitfield;
1595  
1596          $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
1597  
1598          if ($post_data['poll_length'])
1599          {
1600              $poll_end = ($post_data['poll_length'] * 86400) + (($post_data['poll_start']) ? $post_data['poll_start'] : time());
1601          }
1602  
1603          $template->assign_vars(array(
1604              'S_HAS_POLL_OPTIONS'    => (count($post_data['poll_options'])),
1605              'S_IS_MULTI_CHOICE'        => ($post_data['poll_max_options'] > 1) ? true : false,
1606  
1607              'POLL_QUESTION'        => $parse_poll->message,
1608  
1609              'L_POLL_LENGTH'        => ($post_data['poll_length']) ? sprintf($user->lang['POLL_RUN_TILL'], $user->format_date($poll_end)) : '',
1610              'L_MAX_VOTES'        => $user->lang('MAX_OPTIONS_SELECT', (int) $post_data['poll_max_options']),
1611          ));
1612  
1613          $preview_poll_options = array();
1614          foreach ($post_data['poll_options'] as $poll_option)
1615          {
1616              $parse_poll->message = $poll_option;
1617              $parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
1618              $preview_poll_options[] = $parse_poll->message;
1619          }
1620          unset($parse_poll);
1621  
1622          foreach ($preview_poll_options as $key => $option)
1623          {
1624              $template->assign_block_vars('poll_option', array(
1625                  'POLL_OPTION_CAPTION'    => $option,
1626                  'POLL_OPTION_ID'        => $key + 1)
1627              );
1628          }
1629          unset($preview_poll_options);
1630      }
1631  
1632      // Attachment Preview
1633      if (count($message_parser->attachment_data))
1634      {
1635          $template->assign_var('S_HAS_ATTACHMENTS', true);
1636  
1637          $update_count = array();
1638          $attachment_data = $message_parser->attachment_data;
1639  
1640          parse_attachments($forum_id, $preview_message, $attachment_data, $update_count, true);
1641  
1642          foreach ($attachment_data as $i => $attachment)
1643          {
1644              $template->assign_block_vars('attachment', array(
1645                  'DISPLAY_ATTACHMENT'    => $attachment)
1646              );
1647          }
1648          unset($attachment_data);
1649      }
1650  
1651      if (!count($error))
1652      {
1653          $template->assign_vars(array(
1654              'PREVIEW_SUBJECT'        => $preview_subject,
1655              'PREVIEW_MESSAGE'        => $preview_message,
1656              'PREVIEW_SIGNATURE'        => $preview_signature,
1657  
1658              'S_DISPLAY_PREVIEW'        => !empty($preview_message),
1659          ));
1660      }
1661  }
1662  
1663  // Remove quotes that would become nested too deep before decoding the text
1664  $generate_quote = ($mode == 'quote' && !$submit && !$preview && !$refresh);
1665  if ($generate_quote && $config['max_quote_depth'] > 0)
1666  {
1667      $tmp_bbcode_uid = $message_parser->bbcode_uid;
1668      $message_parser->bbcode_uid = $post_data['bbcode_uid'];
1669      $message_parser->remove_nested_quotes($config['max_quote_depth'] - 1);
1670      $message_parser->bbcode_uid = $tmp_bbcode_uid;
1671  }
1672  
1673  // Decode text for message display
1674  $post_data['bbcode_uid'] = ($mode == 'quote' && !$preview && !$refresh && !count($error)) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid;
1675  $message_parser->decode_message($post_data['bbcode_uid']);
1676  
1677  if ($generate_quote)
1678  {
1679      // Remove attachment bbcode tags from the quoted message to avoid mixing with the new post attachments if any
1680      $message_parser->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#uis', '\\2', $message_parser->message);
1681  
1682      $quote_attributes = array(
1683                          'author'  => $post_data['quote_username'],
1684                          'post_id' => $post_data['post_id'],
1685                          'time'    => $post_data['post_time'],
1686                          'user_id' => $post_data['poster_id'],
1687      );
1688  
1689      /**
1690      * This event allows you to modify the quote attributes of the post being quoted
1691      *
1692      * @event core.posting_modify_quote_attributes
1693      * @var    array    quote_attributes    Array with quote attributes
1694      * @var    array    post_data            Array with post data
1695      * @since 3.2.6-RC1
1696      */
1697      $vars = array(
1698          'quote_attributes',
1699          'post_data',
1700      );
1701      extract($phpbb_dispatcher->trigger_event('core.posting_modify_quote_attributes', compact($vars)));
1702  
1703      /** @var \phpbb\language\language $language */
1704      $language = $phpbb_container->get('language');
1705      phpbb_format_quote($language, $message_parser, $bbcode_utils, $bbcode_status, $quote_attributes);
1706  }
1707  
1708  if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh)
1709  {
1710      $post_data['post_subject'] = ((strpos($post_data['post_subject'], 'Re: ') !== 0) ? 'Re: ' : '') . censor_text($post_data['post_subject']);
1711  
1712      $post_subject = $post_data['post_subject'];
1713  
1714      /**
1715      * This event allows you to modify the post subject of the post being quoted
1716      *
1717      * @event core.posting_modify_post_subject
1718      * @var    string        post_subject    String with the post subject already censored.
1719      * @since 3.2.8-RC1
1720      */
1721      $vars = array('post_subject');
1722      extract($phpbb_dispatcher->trigger_event('core.posting_modify_post_subject', compact($vars)));
1723  
1724      $post_data['post_subject'] = $post_subject;
1725  }
1726  
1727  $attachment_data = $message_parser->attachment_data;
1728  $filename_data = $message_parser->filename_data;
1729  $post_data['post_text'] = $message_parser->message;
1730  
1731  if (count($post_data['poll_options']) || (isset($post_data['poll_title']) && !$bbcode_utils->is_empty($post_data['poll_title'])))
1732  {
1733      $message_parser->message = $post_data['poll_title'];
1734      $message_parser->bbcode_uid = $post_data['bbcode_uid'];
1735  
1736      $message_parser->decode_message();
1737      $post_data['poll_title'] = $message_parser->message;
1738  
1739      $message_parser->message = implode("\n", $post_data['poll_options']);
1740      $message_parser->decode_message();
1741      $post_data['poll_options'] = explode("\n", $message_parser->message);
1742  }
1743  
1744  // MAIN POSTING PAGE BEGINS HERE
1745  
1746  // Forum moderators?
1747  $moderators = array();
1748  if ($config['load_moderators'])
1749  {
1750      get_moderators($moderators, $forum_id);
1751  }
1752  
1753  // Generate smiley listing
1754  generate_smilies('inline', $forum_id);
1755  
1756  // Generate inline attachment select box
1757  posting_gen_inline_attachments($attachment_data);
1758  
1759  // Do show topic type selection only in first post.
1760  $topic_type_toggle = false;
1761  
1762  if ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']))
1763  {
1764      $topic_type_toggle = posting_gen_topic_types($forum_id, $post_data['topic_type']);
1765  }
1766  
1767  $s_topic_icons = false;
1768  if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id))
1769  {
1770      $s_topic_icons = posting_gen_topic_icons($mode, $post_data['icon_id']);
1771  }
1772  
1773  $bbcode_checked        = (isset($post_data['enable_bbcode'])) ? !$post_data['enable_bbcode'] : (($config['allow_bbcode']) ? !$user->optionget('bbcode') : 1);
1774  $smilies_checked    = (isset($post_data['enable_smilies'])) ? !$post_data['enable_smilies'] : (($config['allow_smilies']) ? !$user->optionget('smilies') : 1);
1775  $urls_checked        = (isset($post_data['enable_urls'])) ? !$post_data['enable_urls'] : 0;
1776  $sig_checked        = $post_data['enable_sig'];
1777  $lock_topic_checked    = (isset($topic_lock) && $topic_lock) ? $topic_lock : (($post_data['topic_status'] == ITEM_LOCKED) ? 1 : 0);
1778  $lock_post_checked    = (isset($post_lock)) ? $post_lock : $post_data['post_edit_locked'];
1779  
1780  // If the user is replying or posting and not already watching this topic but set to always being notified we need to overwrite this setting
1781  $notify_set            = ($mode != 'edit' && $config['allow_topic_notify'] && $user->data['is_registered'] && !$post_data['notify_set']) ? $user->data['user_notify'] : $post_data['notify_set'];
1782  $notify_checked        = (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);
1783  
1784  // Page title & action URL
1785  $s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode&amp;f=$forum_id");
1786  $s_action .= ($topic_id) ? "&amp;t=$topic_id" : '';
1787  $s_action .= ($post_id) ? "&amp;p=$post_id" : '';
1788  
1789  switch ($mode)
1790  {
1791      case 'post':
1792          $page_title = $user->lang['POST_TOPIC'];
1793      break;
1794  
1795      case 'quote':
1796      case 'reply':
1797          $page_title = $user->lang['POST_REPLY'];
1798      break;
1799  
1800      case 'delete':
1801      case 'edit':
1802          $page_title = $user->lang['EDIT_POST'];
1803      break;
1804  }
1805  
1806  // Build Navigation Links
1807  generate_forum_nav($post_data);
1808  
1809  // Build Forum Rules
1810  generate_forum_rules($post_data);
1811  
1812  // Posting uses is_solved for legacy reasons. Plugins have to use is_solved to force themselves to be displayed.
1813  if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === false) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
1814  {
1815  
1816      $template->assign_vars(array(
1817          'S_CONFIRM_CODE'            => true,
1818          'CAPTCHA_TEMPLATE'            => $captcha->get_template(),
1819      ));
1820  }
1821  
1822  $s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $post_data['topic_last_post_id'] . '" />' : '';
1823  $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . $request->variable('draft_loaded', $draft_id) . '" />' : '';
1824  
1825  if ($mode == 'edit')
1826  {
1827      $s_hidden_fields .= build_hidden_fields(array(
1828          'edit_post_message_checksum'    => $post_data['post_checksum'],
1829          'edit_post_subject_checksum'    => $post_data['post_subject_md5'],
1830      ));
1831  }
1832  
1833  // Add the confirm id/code pair to the hidden fields, else an error is displayed on next submit/preview
1834  if (isset($captcha) && $captcha->is_solved() !== false)
1835  {
1836      $s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields());
1837  }
1838  
1839  $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_attachments'] || !$auth->acl_get('u_attach') || !$auth->acl_get('f_attach', $forum_id)) ? '' : ' enctype="multipart/form-data"';
1840  add_form_key('posting');
1841  
1842  /** @var \phpbb\controller\helper $controller_helper */
1843  $controller_helper = $phpbb_container->get('controller.helper');
1844  
1845  // Build array of variables for main posting page
1846  $page_data = array(
1847      'L_POST_A'                    => $page_title,
1848      'L_ICON'                    => ($mode == 'reply' || $mode == 'quote' || ($mode == 'edit' && $post_id != $post_data['topic_first_post_id'])) ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'],
1849      'L_MESSAGE_BODY_EXPLAIN'    => $user->lang('MESSAGE_BODY_EXPLAIN', (int) $config['max_post_chars']),
1850      'L_DELETE_POST_PERMANENTLY'    => $user->lang('DELETE_POST_PERMANENTLY', 1),
1851  
1852      'FORUM_NAME'            => $post_data['forum_name'],
1853      'FORUM_DESC'            => ($post_data['forum_desc']) ? generate_text_for_display($post_data['forum_desc'], $post_data['forum_desc_uid'], $post_data['forum_desc_bitfield'], $post_data['forum_desc_options']) : '',
1854      'TOPIC_TITLE'            => censor_text($post_data['topic_title']),
1855      'MODERATORS'            => (count($moderators)) ? implode($user->lang['COMMA_SEPARATOR'], $moderators[$forum_id]) : '',
1856      'USERNAME'                => ((!$preview && $mode != 'quote') || $preview) ? $post_data['username'] : '',
1857      'SUBJECT'                => $post_data['post_subject'],
1858      'MESSAGE'                => $post_data['post_text'],
1859      'BBCODE_STATUS'            => $user->lang(($bbcode_status ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '<a href="' . $controller_helper->route('phpbb_help_bbcode_controller') . '">', '</a>'),
1860      'IMG_STATUS'            => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
1861      'FLASH_STATUS'            => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
1862      'SMILIES_STATUS'        => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
1863      'URL_STATUS'            => ($bbcode_status && $url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
1864      'MAX_FONT_SIZE'            => (int) $config['max_post_font_size'],
1865      'MINI_POST_IMG'            => $user->img('icon_post_target', $user->lang['POST']),
1866      'POST_DATE'                => ($post_data['post_time']) ? $user->format_date($post_data['post_time']) : '',
1867      'ERROR'                    => (count($error)) ? implode('<br />', $error) : '',
1868      'TOPIC_TIME_LIMIT'        => (int) $post_data['topic_time_limit'],
1869      'EDIT_REASON'            => $request->variable('edit_reason', '', true),
1870      'SHOW_PANEL'            => $request->variable('show_panel', ''),
1871      'U_VIEW_FORUM'            => append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"),
1872      'U_VIEW_TOPIC'            => ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=$topic_id") : '',
1873      'U_PROGRESS_BAR'        => append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&amp;mode=popup"),
1874      'UA_PROGRESS_BAR'        => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&amp;mode=popup")),
1875  
1876      'S_PRIVMSGS'                => false,
1877      'S_CLOSE_PROGRESS_WINDOW'    => (isset($_POST['add_file'])) ? true : false,
1878      'S_EDIT_POST'                => ($mode == 'edit') ? true : false,
1879      'S_EDIT_REASON'                => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
1880      'S_DISPLAY_USERNAME'        => (!$user->data['is_registered'] || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS)) ? true : false,
1881      'S_SHOW_TOPIC_ICONS'        => $s_topic_icons,
1882      'S_DELETE_ALLOWED'            => ($mode == 'edit' && (($post_id == $post_data['topic_last_post_id'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])) || $auth->acl_get('m_delete', $forum_id))) ? true : false,
1883      'S_BBCODE_ALLOWED'            => ($bbcode_status) ? 1 : 0,
1884      'S_BBCODE_CHECKED'            => ($bbcode_checked) ? ' checked="checked"' : '',
1885      'S_SMILIES_ALLOWED'            => $smilies_status,
1886      'S_SMILIES_CHECKED'            => ($smilies_checked) ? ' checked="checked"' : '',
1887      'S_SIG_ALLOWED'                => ($auth->acl_get('f_sigs', $forum_id) && $config['allow_sig'] && $user->data['is_registered']) ? true : false,
1888      'S_SIGNATURE_CHECKED'        => ($sig_checked) ? ' checked="checked"' : '',
1889      'S_NOTIFY_ALLOWED'            => (!$user->data['is_registered'] || ($mode == 'edit' && $user->data['user_id'] != $post_data['poster_id']) || !$config['allow_topic_notify'] || !$config['email_enable']) ? false : true,
1890      'S_NOTIFY_CHECKED'            => ($notify_checked) ? ' checked="checked"' : '',
1891      'S_LOCK_TOPIC_ALLOWED'        => (($mode == 'edit' || $mode == 'reply' || $mode == 'quote' || $mode == 'post') && ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED))) ? true : false,
1892      'S_LOCK_TOPIC_CHECKED'        => ($lock_topic_checked) ? ' checked="checked"' : '',
1893      'S_LOCK_POST_ALLOWED'        => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
1894      'S_LOCK_POST_CHECKED'        => ($lock_post_checked) ? ' checked="checked"' : '',
1895      'S_SOFTDELETE_CHECKED'        => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? ' checked="checked"' : '',
1896      'S_SOFTDELETE_ALLOWED'        => ($mode == 'edit' && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $lock_post_checked)) ? true : false,
1897      'S_RESTORE_ALLOWED'            => $auth->acl_get('m_approve', $forum_id),
1898      'S_IS_DELETED'                => ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? true : false,
1899      'S_LINKS_ALLOWED'            => $url_status,
1900      'S_MAGIC_URL_CHECKED'        => ($urls_checked) ? ' checked="checked"' : '',
1901      'S_TYPE_TOGGLE'                => $topic_type_toggle,
1902      'S_SAVE_ALLOWED'            => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $mode != 'edit') ? true : false,
1903      'S_HAS_DRAFTS'                => ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $post_data['drafts']) ? true : false,
1904      'S_FORM_ENCTYPE'            => $form_enctype,
1905  
1906      'S_BBCODE_IMG'            => $img_status,
1907      'S_BBCODE_URL'            => $url_status,
1908      'S_BBCODE_FLASH'        => $flash_status,
1909      'S_BBCODE_QUOTE'        => $quote_status,
1910  
1911      'S_POST_ACTION'            => $s_action,
1912      'S_HIDDEN_FIELDS'        => $s_hidden_fields,
1913      'S_ATTACH_DATA'            => json_encode($message_parser->attachment_data),
1914      'S_IN_POSTING'            => true,
1915  );
1916  
1917  // Build custom bbcodes array
1918  display_custom_bbcodes();
1919  
1920  // Poll entry
1921  if (($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
1922      && $auth->acl_get('f_poll', $forum_id))
1923  {
1924      $page_data = array_merge($page_data, array(
1925          'S_SHOW_POLL_BOX'        => true,
1926          'S_POLL_VOTE_CHANGE'    => ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id)),
1927          'S_POLL_DELETE'            => ($mode == 'edit' && count($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))),
1928          'S_POLL_DELETE_CHECKED'    => (!empty($poll_delete)) ? true : false,
1929  
1930          'L_POLL_OPTIONS_EXPLAIN'    => $user->lang('POLL_OPTIONS_' . (($mode == 'edit') ? 'EDIT_' : '') . 'EXPLAIN', (int) $config['max_poll_options']),
1931  
1932          'VOTE_CHANGE_CHECKED'    => (!empty($post_data['poll_vote_change'])) ? ' checked="checked"' : '',
1933          'POLL_TITLE'            => (isset($post_data['poll_title'])) ? $post_data['poll_title'] : '',
1934          'POLL_OPTIONS'            => (!empty($post_data['poll_options'])) ? implode("\n", $post_data['poll_options']) : '',
1935          'POLL_MAX_OPTIONS'        => (isset($post_data['poll_max_options'])) ? (int) $post_data['poll_max_options'] : 1,
1936          'POLL_LENGTH'            => $post_data['poll_length'],
1937          )
1938      );
1939  }
1940  
1941  /**
1942  * This event allows you to modify template variables for the posting screen
1943  *
1944  * @event core.posting_modify_template_vars
1945  * @var    array    post_data    Array with post data
1946  * @var    array    moderators    Array with forum moderators
1947  * @var    string    mode        What action to take if the form is submitted
1948  *                post|reply|quote|edit|delete|bump|smilies|popup
1949  * @var    string    page_title    Title of the mode page
1950  * @var    bool    s_topic_icons    Whether or not to show the topic icons
1951  * @var    string    form_enctype    If attachments are allowed for this form
1952  *                "multipart/form-data" or empty string
1953  * @var    string    s_action    The URL to submit the POST data to
1954  * @var    string    s_hidden_fields    Concatenated hidden input tags of posting form
1955  * @var    int    post_id        ID of the post
1956  * @var    int    topic_id    ID of the topic
1957  * @var    int    forum_id    ID of the forum
1958  * @var    int    draft_id    ID of the draft
1959  * @var    bool    submit        Whether or not the form has been submitted
1960  * @var    bool    preview        Whether or not the post is being previewed
1961  * @var    bool    save        Whether or not a draft is being saved
1962  * @var    bool    load        Whether or not a draft is being loaded
1963  * @var    bool    cancel        Whether or not to cancel the form (returns to
1964  *                viewtopic or viewforum depending on if the user
1965  *                is posting a new topic or editing a post)
1966  * @var    array    error        Any error strings; a non-empty array aborts
1967  *                form submission.
1968  *                NOTE: Should be actual language strings, NOT
1969  *                language keys.
1970  * @var    bool    refresh        Whether or not to retain previously submitted data
1971  * @var    array    page_data    Posting page data that should be passed to the
1972  *                posting page via $template->assign_vars()
1973  * @var    object    message_parser    The message parser object
1974  * @since 3.1.0-a1
1975  * @changed 3.1.0-b3 Added vars post_data, moderators, mode, page_title,
1976  *        s_topic_icons, form_enctype, s_action, s_hidden_fields,
1977  *        post_id, topic_id, forum_id, submit, preview, save, load,
1978  *        delete, cancel, refresh, error, page_data, message_parser
1979  * @changed 3.1.2-RC1 Removed 'delete' var as it does not exist
1980  * @changed 3.1.5-RC1 Added poll variables to the page_data array
1981  * @changed 3.1.6-RC1 Added 'draft_id' var
1982  */
1983  $vars = array(
1984      'post_data',
1985      'moderators',
1986      'mode',
1987      'page_title',
1988      's_topic_icons',
1989      'form_enctype',
1990      's_action',
1991      's_hidden_fields',
1992      'post_id',
1993      'topic_id',
1994      'forum_id',
1995      'draft_id',
1996      'submit',
1997      'preview',
1998      'save',
1999      'load',
2000      'cancel',
2001      'refresh',
2002      'error',
2003      'page_data',
2004      'message_parser',
2005  );
2006  extract($phpbb_dispatcher->trigger_event('core.posting_modify_template_vars', compact($vars)));
2007  
2008  // Start assigning vars for main posting page ...
2009  $template->assign_vars($page_data);
2010  
2011  // Show attachment box for adding attachments if true
2012  $allowed = ($auth->acl_get('f_attach', $forum_id) && $auth->acl_get('u_attach') && $config['allow_attachments'] && $form_enctype);
2013  
2014  if ($allowed)
2015  {
2016      $max_files = ($auth->acl_get('a_') || $auth->acl_get('m_', $forum_id)) ? 0 : (int) $config['max_attachments'];
2017      $plupload->configure($cache, $template, $s_action, $forum_id, $max_files);
2018  }
2019  
2020  // Attachment entry
2021  posting_gen_attachment_entry($attachment_data, $filename_data, $allowed);
2022  
2023  // Output page ...
2024  page_header($page_title);
2025  
2026  $template->set_filenames(array(
2027      'body' => 'posting_body.html')
2028  );
2029  
2030  make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx"));
2031  
2032  // Topic review
2033  if ($mode == 'reply' || $mode == 'quote')
2034  {
2035      if (topic_review($topic_id, $forum_id))
2036      {
2037          $template->assign_var('S_DISPLAY_REVIEW', true);
2038      }
2039  }
2040  
2041  page_footer();


Generated: Tue Apr 7 19:44:41 2020 Cross-referenced by PHPXref 0.7.1