Line 288 | Line 288 |
---|
if (sizeof($icons)) {
|
if (sizeof($icons)) {
|
| $root_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? generate_board_url() . '/' : $phpbb_root_path;
|
foreach ($icons as $id => $data) { if ($data['display']) { $template->assign_block_vars('topic_icon', array( 'ICON_ID' => $id,
|
foreach ($icons as $id => $data) { if ($data['display']) { $template->assign_block_vars('topic_icon', array( 'ICON_ID' => $id,
|
'ICON_IMG' => $phpbb_root_path . $config['icons_path'] . '/' . $data['img'],
| 'ICON_IMG' => $root_path . $config['icons_path'] . '/' . $data['img'],
|
'ICON_WIDTH' => $data['width'], 'ICON_HEIGHT' => $data['height'],
| 'ICON_WIDTH' => $data['width'], 'ICON_HEIGHT' => $data['height'],
|
Line 388 | Line 390 |
---|
include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx); $upload = new fileupload();
|
include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx); $upload = new fileupload();
|
if ($config['check_attachment_content'])
| if ($config['check_attachment_content'] && isset($config['mime_triggers']))
|
{ $upload->set_disallowed_content(explode('|', $config['mime_triggers']));
|
{ $upload->set_disallowed_content(explode('|', $config['mime_triggers']));
|
| } else if (!$config['check_attachment_content']) { $upload->set_disallowed_content(array());
|
}
if (!$local)
| }
if (!$local)
|
Line 420 | Line 426 |
---|
}
$cat_id = (isset($extensions[$file->get('extension')]['display_cat'])) ? $extensions[$file->get('extension')]['display_cat'] : ATTACHMENT_CATEGORY_NONE;
|
}
$cat_id = (isset($extensions[$file->get('extension')]['display_cat'])) ? $extensions[$file->get('extension')]['display_cat'] : ATTACHMENT_CATEGORY_NONE;
|
// Make sure the image category only holds valid images... if ($cat_id == ATTACHMENT_CATEGORY_IMAGE && !$file->is_image()) { $file->remove();
// If this error occurs a user tried to exploit an IE Bug by renaming extensions // Since the image category is displaying content inline we need to catch this. trigger_error($user->lang['ATTACHED_IMAGE_NOT_IMAGE']); }
| |
// Do we have to create a thumbnail? $filedata['thumbnail'] = ($cat_id == ATTACHMENT_CATEGORY_IMAGE && $config['img_create_thumbnail']) ? 1 : 0;
| // Do we have to create a thumbnail? $filedata['thumbnail'] = ($cat_id == ATTACHMENT_CATEGORY_IMAGE && $config['img_create_thumbnail']) ? 1 : 0;
|
Line 469 | Line 465 |
---|
$filedata['post_attach'] = false;
return $filedata;
|
$filedata['post_attach'] = false;
return $filedata;
|
| }
// Make sure the image category only holds valid images... if ($cat_id == ATTACHMENT_CATEGORY_IMAGE && !$file->is_image()) { $file->remove();
// If this error occurs a user tried to exploit an IE Bug by renaming extensions // Since the image category is displaying content inline we need to catch this. trigger_error($user->lang['ATTACHED_IMAGE_NOT_IMAGE']);
|
}
$filedata['filesize'] = $file->get('filesize');
| }
$filedata['filesize'] = $file->get('filesize');
|
Line 496 | Line 502 |
---|
if ($free_space = @disk_free_space($phpbb_root_path . $config['upload_path'])) { if ($free_space <= $file->get('filesize'))
|
if ($free_space = @disk_free_space($phpbb_root_path . $config['upload_path'])) { if ($free_space <= $file->get('filesize'))
|
| { if ($auth->acl_get('a_')) { $filedata['error'][] = $user->lang['ATTACH_DISK_FULL']; } else
|
{ $filedata['error'][] = $user->lang['ATTACH_QUOTA_REACHED'];
|
{ $filedata['error'][] = $user->lang['ATTACH_QUOTA_REACHED'];
|
| }
|
$filedata['post_attach'] = false;
$file->remove();
| $filedata['post_attach'] = false;
$file->remove();
|
Line 1160 | Line 1173 |
---|
/** * User Notification */
|
/** * User Notification */
|
function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id, $topic_id, $post_id)
| function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id, $topic_id, $post_id, $author_name = '')
|
{ global $db, $user, $config, $phpbb_root_path, $phpEx, $auth;
| { global $db, $user, $config, $phpbb_root_path, $phpEx, $auth;
|
Line 1180 | Line 1193 |
---|
$topic_title = ($topic_notification) ? $topic_title : $subject; $topic_title = censor_text($topic_title);
|
$topic_title = ($topic_notification) ? $topic_title : $subject; $topic_title = censor_text($topic_title);
|
// Get banned User ID's $sql = 'SELECT ban_userid FROM ' . BANLIST_TABLE . ' WHERE ban_userid <> 0 AND ban_exclude <> 1'; $result = $db->sql_query($sql);
$sql_ignore_users = ANONYMOUS . ', ' . $user->data['user_id']; while ($row = $db->sql_fetchrow($result))
| // Exclude guests, current user and banned users from notifications if (!function_exists('phpbb_get_banned_user_ids'))
|
{
|
{
|
$sql_ignore_users .= ', ' . (int) $row['ban_userid'];
| include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
|
}
|
}
|
$db->sql_freeresult($result);
| $sql_ignore_users = phpbb_get_banned_user_ids(); $sql_ignore_users[ANONYMOUS] = ANONYMOUS; $sql_ignore_users[$user->data['user_id']] = $user->data['user_id'];
|
$notify_rows = array();
// -- get forum_userids || topic_userids $sql = 'SELECT u.user_id, u.username, u.user_email, u.user_lang, u.user_notify_type, u.user_jabber FROM ' . (($topic_notification) ? TOPICS_WATCH_TABLE : FORUMS_WATCH_TABLE) . ' w, ' . USERS_TABLE . ' u
|
$notify_rows = array();
// -- get forum_userids || topic_userids $sql = 'SELECT u.user_id, u.username, u.user_email, u.user_lang, u.user_notify_type, u.user_jabber FROM ' . (($topic_notification) ? TOPICS_WATCH_TABLE : FORUMS_WATCH_TABLE) . ' w, ' . USERS_TABLE . ' u
|
WHERE w.' . (($topic_notification) ? 'topic_id' : 'forum_id') . ' = ' . (($topic_notification) ? $topic_id : $forum_id) . " AND w.user_id NOT IN ($sql_ignore_users) AND w.notify_status = " . NOTIFY_YES . '
| WHERE w.' . (($topic_notification) ? 'topic_id' : 'forum_id') . ' = ' . (($topic_notification) ? $topic_id : $forum_id) . ' AND ' . $db->sql_in_set('w.user_id', $sql_ignore_users, true) . ' AND w.notify_status = ' . NOTIFY_YES . '
|
AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ') AND u.user_id = w.user_id'; $result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
|
AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ') AND u.user_id = w.user_id'; $result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
|
$notify_rows[$row['user_id']] = array( 'user_id' => $row['user_id'],
| $notify_user_id = (int) $row['user_id']; $notify_rows[$notify_user_id] = array( 'user_id' => $notify_user_id,
|
'username' => $row['username'], 'user_email' => $row['user_email'], 'user_jabber' => $row['user_jabber'],
| 'username' => $row['username'], 'user_email' => $row['user_email'], 'user_jabber' => $row['user_jabber'],
|
Line 1219 | Line 1228 |
---|
'method' => $row['user_notify_type'], 'allowed' => false );
|
'method' => $row['user_notify_type'], 'allowed' => false );
|
| // Add users who have been already notified to ignore list $sql_ignore_users[$notify_user_id] = $notify_user_id;
|
} $db->sql_freeresult($result);
// forum notification is sent to those not already receiving topic notifications if ($topic_notification) {
|
} $db->sql_freeresult($result);
// forum notification is sent to those not already receiving topic notifications if ($topic_notification) {
|
if (sizeof($notify_rows)) { $sql_ignore_users .= ', ' . implode(', ', array_keys($notify_rows)); }
| |
$sql = 'SELECT u.user_id, u.username, u.user_email, u.user_lang, u.user_notify_type, u.user_jabber FROM ' . FORUMS_WATCH_TABLE . ' fw, ' . USERS_TABLE . " u WHERE fw.forum_id = $forum_id
|
$sql = 'SELECT u.user_id, u.username, u.user_email, u.user_lang, u.user_notify_type, u.user_jabber FROM ' . FORUMS_WATCH_TABLE . ' fw, ' . USERS_TABLE . " u WHERE fw.forum_id = $forum_id
|
AND fw.user_id NOT IN ($sql_ignore_users) AND fw.notify_status = " . NOTIFY_YES . '
| AND " . $db->sql_in_set('fw.user_id', $sql_ignore_users, true) . ' AND fw.notify_status = ' . NOTIFY_YES . '
|
AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ') AND u.user_id = fw.user_id'; $result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
|
AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ') AND u.user_id = fw.user_id'; $result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
|
$notify_rows[$row['user_id']] = array( 'user_id' => $row['user_id'],
| $notify_user_id = (int) $row['user_id']; $notify_rows[$notify_user_id] = array( 'user_id' => $notify_user_id,
|
'username' => $row['username'], 'user_email' => $row['user_email'], 'user_jabber' => $row['user_jabber'],
| 'username' => $row['username'], 'user_email' => $row['user_email'], 'user_jabber' => $row['user_jabber'],
|
Line 1272 | Line 1280 |
---|
} } }
|
} } }
|
| |
// Now, we have to do a little step before really sending, we need to distinguish our users a little bit. ;) $msg_users = $delete_ids = $update_notification = array();
| // Now, we have to do a little step before really sending, we need to distinguish our users a little bit. ;) $msg_users = $delete_ids = $update_notification = array();
|
Line 1286 | Line 1293 |
---|
{ $msg_users[] = $row; $update_notification[$row['notify_type']][] = $row['user_id'];
|
{ $msg_users[] = $row; $update_notification[$row['notify_type']][] = $row['user_id'];
|
| /* * We also update the forums watch table for this user when we are * sending out a topic notification to prevent sending out another * notification in case this user is also subscribed to the forum * this topic was posted in. * Since an UPDATE query is used, this has no effect on users only * subscribed to the topic (i.e. no row is created) and should not * be a performance issue. */ if ($row['notify_type'] === 'topic') { $update_notification['forum'][] = $row['user_id']; }
|
} } unset($notify_rows);
| } } unset($notify_rows);
|
Line 1323 | Line 1344 |
---|
'USERNAME' => htmlspecialchars_decode($addr['name']), 'TOPIC_TITLE' => htmlspecialchars_decode($topic_title), 'FORUM_NAME' => htmlspecialchars_decode($forum_name),
|
'USERNAME' => htmlspecialchars_decode($addr['name']), 'TOPIC_TITLE' => htmlspecialchars_decode($topic_title), 'FORUM_NAME' => htmlspecialchars_decode($forum_name),
|
| 'AUTHOR_NAME' => htmlspecialchars_decode($author_name),
|
'U_FORUM' => generate_board_url() . "/viewforum.$phpEx?f=$forum_id", 'U_TOPIC' => generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t=$topic_id",
| 'U_FORUM' => generate_board_url() . "/viewforum.$phpEx?f=$forum_id", 'U_TOPIC' => generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t=$topic_id",
|
Line 1479 | Line 1501 |
---|
break;
case 'delete_first_post':
|
break;
case 'delete_first_post':
|
$sql = 'SELECT p.post_id, p.poster_id, p.post_username, u.username, u.user_colour
| $sql = 'SELECT p.post_id, p.poster_id, p.post_time, p.post_username, u.username, u.user_colour
|
FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u WHERE p.topic_id = $topic_id AND p.poster_id = u.user_id
| FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u WHERE p.topic_id = $topic_id AND p.poster_id = u.user_id
|
Line 1493 | Line 1515 |
---|
$sql_data[FORUMS_TABLE] = ($data['post_approved']) ? 'forum_posts = forum_posts - 1' : ''; }
|
$sql_data[FORUMS_TABLE] = ($data['post_approved']) ? 'forum_posts = forum_posts - 1' : ''; }
|
$sql_data[TOPICS_TABLE] = 'topic_poster = ' . intval($row['poster_id']) . ', topic_first_post_id = ' . intval($row['post_id']) . ", topic_first_poster_colour = '" . $db->sql_escape($row['user_colour']) . "', topic_first_poster_name = '" . (($row['poster_id'] == ANONYMOUS) ? $db->sql_escape($row['post_username']) : $db->sql_escape($row['username'])) . "'";
| $sql_data[TOPICS_TABLE] = 'topic_poster = ' . intval($row['poster_id']) . ', topic_first_post_id = ' . intval($row['post_id']) . ", topic_first_poster_colour = '" . $db->sql_escape($row['user_colour']) . "', topic_first_poster_name = '" . (($row['poster_id'] == ANONYMOUS) ? $db->sql_escape($row['post_username']) : $db->sql_escape($row['username'])) . "', topic_time = " . (int) $row['post_time'];
|
// Decrementing topic_replies here is fine because this case only happens if there is more than one post within the topic - basically removing one "reply" $sql_data[TOPICS_TABLE] .= ', topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : '');
| // Decrementing topic_replies here is fine because this case only happens if there is more than one post within the topic - basically removing one "reply" $sql_data[TOPICS_TABLE] .= ', topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : '');
|
Line 1680 | Line 1702 |
---|
// The variable name should be $post_approved, because it indicates if the post is approved or not $post_approval = 1;
|
// The variable name should be $post_approved, because it indicates if the post is approved or not $post_approval = 1;
|
// Check the permissions for post approval. Moderators are not affected. if (!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id']))
| // Check the permissions for post approval. // Moderators must go through post approval like ordinary users. if (!$auth->acl_get('f_noapprove', $data['forum_id']))
|
{ // Post not approved, but in queue $post_approval = 0;
| { // Post not approved, but in queue $post_approval = 0;
|
Line 1870 | Line 1893 |
---|
case 'edit_topic': case 'edit_first_post':
|
case 'edit_topic': case 'edit_first_post':
|
if (isset($poll['poll_options']) && !empty($poll['poll_options']))
| if (isset($poll['poll_options']))
|
{
|
{
|
$poll_start = ($poll['poll_start']) ? $poll['poll_start'] : $current_time;
| $poll_start = ($poll['poll_start'] || empty($poll['poll_options'])) ? $poll['poll_start'] : $current_time;
|
$poll_length = $poll['poll_length'] * 86400; if ($poll_length < 0) {
| $poll_length = $poll['poll_length'] * 86400; if ($poll_length < 0) {
|
Line 2075 | Line 2098 |
---|
}
// Update Poll Tables
|
}
// Update Poll Tables
|
if (isset($poll['poll_options']) && !empty($poll['poll_options']))
| if (isset($poll['poll_options']))
|
{ $cur_poll_options = array();
|
{ $cur_poll_options = array();
|
if ($poll['poll_start'] && $mode == 'edit')
| if ($mode == 'edit')
|
{ $sql = 'SELECT * FROM ' . POLL_OPTIONS_TABLE . '
| { $sql = 'SELECT * FROM ' . POLL_OPTIONS_TABLE . '
|
Line 2585 | Line 2608 |
---|
// Send Notifications if (($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_approval) {
|
// Send Notifications if (($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_approval) {
|
user_notification($mode, $subject, $data['topic_title'], $data['forum_name'], $data['forum_id'], $data['topic_id'], $data['post_id']);
| // If a username was supplied or the poster is a guest, we will use the supplied username. // Doing it this way we can use "...post by guest-username..." in notifications when // "guest-username" is supplied or ommit the username if it is not. $username = ($username !== '' || !$user->data['is_registered']) ? $username : $user->data['username']; user_notification($mode, $subject, $data['topic_title'], $data['forum_name'], $data['forum_id'], $data['topic_id'], $data['post_id'], $username);
|
}
$params = $add_anchor = '';
| }
$params = $add_anchor = '';
|
Line 2607 | Line 2634 |
---|
$url = (!$params) ? "{$phpbb_root_path}viewforum.$phpEx" : "{$phpbb_root_path}viewtopic.$phpEx"; $url = append_sid($url, 'f=' . $data['forum_id'] . $params) . $add_anchor;
|
$url = (!$params) ? "{$phpbb_root_path}viewforum.$phpEx" : "{$phpbb_root_path}viewtopic.$phpEx"; $url = append_sid($url, 'f=' . $data['forum_id'] . $params) . $add_anchor;
|
| return $url; }
/** * Handle topic bumping * @param int $forum_id The ID of the forum the topic is being bumped belongs to * @param int $topic_id The ID of the topic is being bumping * @param array $post_data Passes some topic parameters: * - 'topic_title' * - 'topic_last_post_id' * - 'topic_last_poster_id' * - 'topic_last_post_subject' * - 'topic_last_poster_name' * - 'topic_last_poster_colour' * @param int $bump_time The time at which topic was bumped, usually it is a current time as obtained via time(). * @return string An URL to the bumped topic, example: ./viewtopic.php?forum_id=1&topic_id=2&p=3#p3 */ function phpbb_bump_topic($forum_id, $topic_id, $post_data, $bump_time = false) { global $config, $db, $user, $phpEx, $phpbb_root_path;
if ($bump_time === false) { $bump_time = time(); }
// Begin bumping $db->sql_transaction('begin');
// Update the topic's last post post_time $sql = 'UPDATE ' . POSTS_TABLE . " SET post_time = $bump_time WHERE post_id = {$post_data['topic_last_post_id']} AND topic_id = $topic_id"; $db->sql_query($sql);
// Sync the topic's last post time, the rest of the topic's last post data isn't changed $sql = 'UPDATE ' . TOPICS_TABLE . " SET topic_last_post_time = $bump_time, topic_bumped = 1, topic_bumper = " . $user->data['user_id'] . " WHERE topic_id = $topic_id"; $db->sql_query($sql);
// Update the forum's last post info $sql = 'UPDATE ' . FORUMS_TABLE . " SET forum_last_post_id = " . $post_data['topic_last_post_id'] . ", forum_last_poster_id = " . $post_data['topic_last_poster_id'] . ", forum_last_post_subject = '" . $db->sql_escape($post_data['topic_last_post_subject']) . "', forum_last_post_time = $bump_time, forum_last_poster_name = '" . $db->sql_escape($post_data['topic_last_poster_name']) . "', forum_last_poster_colour = '" . $db->sql_escape($post_data['topic_last_poster_colour']) . "' WHERE forum_id = $forum_id"; $db->sql_query($sql);
// Update bumper's time of the last posting to prevent flood $sql = 'UPDATE ' . USERS_TABLE . " SET user_lastpost_time = $bump_time WHERE user_id = " . $user->data['user_id']; $db->sql_query($sql);
$db->sql_transaction('commit');
// Mark this topic as posted to markread('post', $forum_id, $topic_id, $bump_time);
// Mark this topic as read markread('topic', $forum_id, $topic_id, $bump_time);
// Update forum tracking info if ($config['load_db_lastread'] && $user->data['is_registered']) { $sql = 'SELECT mark_time FROM ' . FORUMS_TRACK_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . ' AND forum_id = ' . $forum_id; $result = $db->sql_query($sql); $f_mark_time = (int) $db->sql_fetchfield('mark_time'); $db->sql_freeresult($result); } else if ($config['load_anon_lastread'] || $user->data['is_registered']) { $f_mark_time = false; }
if (($config['load_db_lastread'] && $user->data['is_registered']) || $config['load_anon_lastread'] || $user->data['is_registered']) { // Update forum info $sql = 'SELECT forum_last_post_time FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . $forum_id; $result = $db->sql_query($sql); $forum_last_post_time = (int) $db->sql_fetchfield('forum_last_post_time'); $db->sql_freeresult($result);
update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_time, false); }
add_log('mod', $forum_id, $topic_id, 'LOG_BUMP_TOPIC', $post_data['topic_title']);
$url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id&p={$post_data['topic_last_post_id']}") . "#p{$post_data['topic_last_post_id']}";
|
return $url; }
| return $url; }
|