post_newreply.php
18 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
<?php
/**
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: post_newreply.php 33709 2013-08-06 09:06:56Z andyzheng $
*/
if(!defined('IN_DISCUZ')) {
exit('Access Denied');
}
require_once libfile('function/forumlist');
$isfirstpost = 0;
$_G['group']['allowimgcontent'] = 0;
$showthreadsorts = 0;
$quotemessage = '';
if($special == 5) {
$debate = array_merge($thread, daddslashes(C::t('forum_debate')->fetch($_G['tid'])));
$firststand = C::t('forum_debatepost')->get_firststand($_G['tid'], $_G['uid']);
$stand = $firststand ? $firststand : intval($_GET['stand']);
if($debate['endtime'] && $debate['endtime'] < TIMESTAMP) {
showmessage('debate_end');
}
}
if(!$_G['uid'] && !((!$_G['forum']['replyperm'] && $_G['group']['allowreply']) || ($_G['forum']['replyperm'] && forumperm($_G['forum']['replyperm'])))) {
showmessage('replyperm_login_nopermission', NULL, array(), array('login' => 1));
} elseif(empty($_G['forum']['allowreply'])) {
if(!$_G['forum']['replyperm'] && !$_G['group']['allowreply']) {
showmessage('replyperm_none_nopermission', NULL, array(), array('login' => 1));
} elseif($_G['forum']['replyperm'] && !forumperm($_G['forum']['replyperm'])) {
showmessagenoperm('replyperm', $_G['forum']['fid']);
}
} elseif($_G['forum']['allowreply'] == -1) {
showmessage('post_forum_newreply_nopermission', NULL);
}
if(!$_G['uid'] && ($_G['setting']['need_avatar'] || $_G['setting']['need_email'] || $_G['setting']['need_friendnum'])) {
showmessage('replyperm_login_nopermission', NULL, array(), array('login' => 1));
}
if(empty($thread)) {
showmessage('thread_nonexistence');
} elseif($thread['price'] > 0 && $thread['special'] == 0 && !$_G['uid']) {
showmessage('group_nopermission', NULL, array('grouptitle' => $_G['group']['grouptitle']), array('login' => 1));
}
checklowerlimit('reply', 0, 1, $_G['forum']['fid']);
if($_G['setting']['commentnumber'] && !empty($_GET['comment'])) {
if(!submitcheck('commentsubmit', 0, $seccodecheck, $secqaacheck)) {
showmessage('submitcheck_error', NULL);
}
$post = C::t('forum_post')->fetch('tid:'.$_G['tid'], $_GET['pid']);
if(!$post) {
showmessage('post_nonexistence', NULL);
}
if($thread['closed'] && !$_G['forum']['ismoderator'] && !$thread['isgroup']) {
showmessage('post_thread_closed');
} elseif(!$thread['isgroup'] && $post_autoclose = checkautoclose($thread)) {
showmessage($post_autoclose, '', array('autoclose' => $_G['forum']['autoclose']));
} elseif(checkflood()) {
showmessage('post_flood_ctrl', '', array('floodctrl' => $_G['setting']['floodctrl']));
} elseif(checkmaxperhour('pid')) {
showmessage('post_flood_ctrl_posts_per_hour', '', array('posts_per_hour' => $_G['group']['maxpostsperhour']));
}
$commentscore = '';
if(!empty($_GET['commentitem']) && !empty($_G['uid']) && $post['authorid'] != $_G['uid']) {
foreach($_GET['commentitem'] as $itemk => $itemv) {
if($itemv !== '') {
$commentscore .= strip_tags(trim($itemk)).': <i>'.intval($itemv).'</i> ';
}
}
}
$comment = cutstr(($commentscore ? $commentscore.'<br />' : '').censor(trim(dhtmlspecialchars($_GET['message'])), '***'), 200, ' ');
if(!$comment) {
showmessage('post_sm_isnull');
}
$pcid = C::t('forum_postcomment')->insert(array(
'tid' => $post['tid'],
'pid' => $post['pid'],
'author' => $_G['username'],
'authorid' => $_G['uid'],
'dateline' => TIMESTAMP,
'comment' => $comment,
'score' => $commentscore ? 1 : 0,
'useip' => $_G['clientip'],
'port'=> $_G['remoteport']
), true);
C::t('forum_post')->update('tid:'.$_G['tid'], $_GET['pid'], array('comment' => 1));
$comments = $thread['comments'] ? $thread['comments'] + 1 : C::t('forum_postcomment')->count_by_tid($_G['tid']);
C::t('forum_thread')->update($_G['tid'], array('comments' => $comments));
!empty($_G['uid']) && updatepostcredits('+', $_G['uid'], 'reply', $_G['fid']);
if(!empty($_G['uid']) && $_G['uid'] != $post['authorid']) {
notification_add($post['authorid'], 'pcomment', 'comment_add', array(
'tid' => $_G['tid'],
'pid' => $_GET['pid'],
'subject' => $thread['subject'],
'from_id' => $_G['tid'],
'from_idtype' => 'pcomment',
'commentmsg' => cutstr(str_replace(array('[b]', '[/b]', '[/color]'), '', preg_replace("/\[color=([#\w]+?)\]/i", "", $comment)), 200)
));
}
update_threadpartake($post['tid']);
$pcid = C::t('forum_postcomment')->fetch_standpoint_by_pid($_GET['pid']);
$pcid = $pcid['id'];
if(!empty($_G['uid']) && $_GET['commentitem']) {
$totalcomment = array();
foreach(C::t('forum_postcomment')->fetch_all_by_pid_score($_GET['pid'], 1) as $comment) {
$comment['comment'] = addslashes($comment['comment']);
if(strexists($comment['comment'], '<br />')) {
if(preg_match_all("/([^:]+?):\s<i>(\d+)<\/i>/", $comment['comment'], $a)) {
foreach($a[1] as $k => $itemk) {
$totalcomment[trim($itemk)][] = $a[2][$k];
}
}
}
}
$totalv = '';
foreach($totalcomment as $itemk => $itemv) {
$totalv .= strip_tags(trim($itemk)).': <i>'.(floatval(sprintf('%1.1f', array_sum($itemv) / count($itemv)))).'</i> ';
}
if($pcid) {
C::t('forum_postcomment')->update($pcid, array('comment' => $totalv, 'dateline' => TIMESTAMP + 1));
} else {
C::t('forum_postcomment')->insert(array(
'tid' => $post['tid'],
'pid' => $post['pid'],
'author' => '',
'authorid' => '-1',
'dateline' => TIMESTAMP + 1,
'comment' => $totalv
));
}
}
C::t('forum_postcache')->delete($post['pid']);
showmessage('comment_add_succeed', "forum.php?mod=viewthread&tid=$post[tid]&pid=$post[pid]&page=$_GET[page]&extra=$extra#pid$post[pid]", array('tid' => $post['tid'], 'pid' => $post['pid']));
}
if($special == 127) {
$postinfo = C::t('forum_post')->fetch_threadpost_by_tid_invisible($_G['tid']);
$sppos = strrpos($postinfo['message'], chr(0).chr(0).chr(0));
$specialextra = substr($postinfo['message'], $sppos + 3);
}
if(getstatus($thread['status'], 3)) {
$rushinfo = C::t('forum_threadrush')->fetch($_G['tid']);
if($rushinfo['creditlimit'] != -996) {
$checkcreditsvalue = $_G['setting']['creditstransextra'][11] ? getuserprofile('extcredits'.$_G['setting']['creditstransextra'][11]) : $_G['member']['credits'];
if($checkcreditsvalue < $rushinfo['creditlimit']) {
$creditlimit_title = $_G['setting']['creditstransextra'][11] ? $_G['setting']['extcredits'][$_G['setting']['creditstransextra'][11]]['title'] : lang('forum/misc', 'credit_total');
showmessage('post_rushreply_creditlimit', '', array('creditlimit_title' => $creditlimit_title, 'creditlimit' => $rushinfo['creditlimit']));
}
}
}
if(!submitcheck('replysubmit', 0, $seccodecheck, $secqaacheck)) {
$st_p = $_G['uid'].'|'.TIMESTAMP;
dsetcookie('st_p', $st_p.'|'.md5($st_p.$_G['config']['security']['authkey']));
if($thread['special'] == 2 && ((!isset($_GET['addtrade']) || $thread['authorid'] != $_G['uid']) && !$tradenum = C::t('forum_trade')->fetch_counter_thread_goods($_G['tid']))) {
showmessage('trade_newreply_nopermission', NULL);
}
$language = lang('forum/misc');
$noticeauthor = $noticetrimstr = '';
if(isset($_GET['repquote']) && $_GET['repquote'] = intval($_GET['repquote'])) {
$thaquote = C::t('forum_post')->fetch('tid:'.$_G['tid'], $_GET['repquote']);
if(!($thaquote && ($thaquote['invisible'] == 0 || $thaquote['authorid'] == $_G['uid'] && $thaquote['invisible'] == -2))) {
$thaquote = array();
}
if($thaquote['tid'] != $_G['tid']) {
showmessage('reply_quotepost_error', NULL);
}
if(getstatus($thread['status'], 2) && $thaquote['authorid'] != $_G['uid'] && $_G['uid'] != $thread['authorid'] && $thaquote['first'] != 1 && !$_G['forum']['ismoderator']) {
showmessage('reply_quotepost_error', NULL);
}
if(!($thread['price'] && !$thread['special'] && $thaquote['first'])) {
$quotefid = $thaquote['fid'];
$message = $thaquote['message'];
if(strpos($message, '[/password]') !== FALSE) {
$message = '';
}
if($_G['setting']['bannedmessages'] && $thaquote['authorid']) {
$author = getuserbyuid($thaquote['authorid']);
if(!$author['groupid'] || $author['groupid'] == 4 || $author['groupid'] == 5) {
$message = $language['post_banned'];
} elseif($thaquote['status'] & 1) {
$message = $language['post_single_banned'];
}
}
$time = dgmdate($thaquote['dateline']);
$message = messagecutstr($message, 100);
$message = implode("\n", array_slice(explode("\n", $message), 0, 3));
$thaquote['useip'] = substr($thaquote['useip'], 0, strrpos($thaquote['useip'], '.')).'.x';
if($thaquote['author'] && $thaquote['anonymous']) {
$thaquote['author'] = lang('forum/misc', 'anonymoususer');
} elseif(!$thaquote['author']) {
$thaquote['author'] = lang('forum/misc', 'guestuser').' '.$thaquote['useip'];
} else {
$thaquote['author'] = $thaquote['author'];
}
$post_reply_quote = lang('forum/misc', 'post_reply_quote', array('author' => $thaquote['author'], 'time' => $time));
$noticeauthormsg = dhtmlspecialchars($message);
if(!defined('IN_MOBILE')) {
$message = "[quote][size=2][url=forum.php?mod=redirect&goto=findpost&pid=$_GET[repquote]&ptid={$_G['tid']}][color=#999999]{$post_reply_quote}[/color][/url][/size]\n{$message}[/quote]";
} else {
$message = "[quote][color=#999999]{$post_reply_quote}[/color]\n[color=#999999]{$message}[/color][/quote]";
}
$quotemessage = discuzcode($message, 0, 0);
$noticeauthor = dhtmlspecialchars(authcode('q|'.$thaquote['authorid'], 'ENCODE'));
$noticetrimstr = dhtmlspecialchars($message);
$message = '';
}
$reppid = $_GET['repquote'];
} elseif(isset($_GET['reppost']) && $_GET['reppost'] = intval($_GET['reppost'])) {
$thapost = C::t('forum_post')->fetch('tid:'.$_G['tid'], $_GET['reppost']);
if(!($thapost && ($thapost['invisible'] == 0 || $thapost['authorid'] == $_G['uid'] && $thapost['invisible'] == -2))) {
$thapost = array();
}
if($thapost['tid'] != $_G['tid']) {
showmessage('targetpost_donotbelongto_thisthread', NULL);
}
$thapost['useip'] = substr($thapost['useip'], 0, strrpos($thapost['useip'], '.')).'.x';
if($thapost['author'] && $thapost['anonymous']) {
$thapost['author'] = '[color=Olive]'.lang('forum/misc', 'anonymoususer').'[/color]';
} elseif(!$thapost['author']) {
$thapost['author'] = '[color=Olive]'.lang('forum/misc', 'guestuser').'[/color] '.$thapost['useip'];
} else {
$thapost['author'] = '[color=Olive]'.$thapost['author'].'[/color]';
}
$quotemessage = discuzcode($message, 0, 0);
$noticeauthormsg = dhtmlspecialchars(messagecutstr($thapost['message'], 100));
$noticeauthor = dhtmlspecialchars(authcode('r|'.$thapost['authorid'], 'ENCODE'));
$noticetrimstr = dhtmlspecialchars($message);
$message = '';
$reppid = $_GET['reppost'];
}
if(isset($_GET['addtrade']) && $thread['special'] == 2 && $_G['group']['allowposttrade'] && $thread['authorid'] == $_G['uid']) {
$expiration_7days = date('Y-m-d', TIMESTAMP + 86400 * 7);
$expiration_14days = date('Y-m-d', TIMESTAMP + 86400 * 14);
$trade['expiration'] = $expiration_month = date('Y-m-d', mktime(0, 0, 0, date('m')+1, date('d'), date('Y')));
$expiration_3months = date('Y-m-d', mktime(0, 0, 0, date('m')+3, date('d'), date('Y')));
$expiration_halfyear = date('Y-m-d', mktime(0, 0, 0, date('m')+6, date('d'), date('Y')));
$expiration_year = date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y')+1));
}
if($thread['replies'] <= $_G['ppp']) {
$postlist = array();
if($thread['price'] > 0 && $thread['special'] == 0) {
$postlist = C::t('forum_post')->fetch_all_by_tid('tid:'.$_G['tid'], $_G['tid'], true, 'DESC', 0, 0, 0, 0);
} else {
$postlist = C::t('forum_post')->fetch_all_by_tid('tid:'.$_G['tid'], $_G['tid'], true, 'DESC', 0, 0, null, 0);
}
if($_G['setting']['bannedmessages']) {
$uids = array();
foreach($postlist as $post) {
$uids[] = $post['authorid'];
}
$users = C::t('common_member')->fetch_all($uids);
}
foreach($postlist as $k => $post) {
$post['dateline'] = dgmdate($post['dateline'], 'u');
if($_G['setting']['bannedmessages'] && ($post['authorid'] && (!$post['groupid'] || $post['groupid'] == 4 || $post['groupid'] == 5))) {
$post['message'] = $language['post_banned'];
} elseif($post['status'] & 1) {
$post['message'] = $language['post_single_banned'];
} else {
$post['message'] = preg_replace("/\[hide=?\d*\](.*?)\[\/hide\]/is", "[b]$language[post_hidden][/b]", $post['message']);
$post['message'] = discuzcode($post['message'], $post['smileyoff'], $post['bbcodeoff'], $post['htmlon'] & 1, $_G['forum']['allowsmilies'], $_G['forum']['allowbbcode'], $_G['forum']['allowimgcode'], $_G['forum']['allowhtml'], $_G['forum']['jammer']);
}
if($_G['setting']['bannedmessages']) {
$post['groupid'] = $users[$post['authorid']]['groupid'];
}
$postlist[$k] = $post;
}
}
unset($uids, $users);
if($_G['group']['allowpostattach'] || $_G['group']['allowpostimage']) {
$attachlist = getattach(0);
$attachs = $attachlist['attachs'];
$imgattachs = $attachlist['imgattachs'];
unset($attachlist);
}
getgpc('infloat') ? include template('forum/post_infloat') : include template('forum/post');
} else {
$modpost = C::m('forum_post', $_G['tid']);
$bfmethods = $afmethods = array();
$params = array(
'subject' => $subject,
'message' => $message,
'special' => $special,
'extramessage' => $extramessage,
'bbcodeoff' => $_GET['bbcodeoff'],
'smileyoff' => $_GET['smileyoff'],
'htmlon' => $_GET['htmlon'],
'parseurloff' => $_GET['parseurloff'],
'usesig' => $_GET['usesig'],
'isanonymous' => $_GET['isanonymous'],
'noticetrimstr' => $_GET['noticetrimstr'],
'noticeauthor' => $_GET['noticeauthor'],
'from' => $_GET['from'],
'sechash' => $_GET['sechash'],
'geoloc' => diconv($_GET['geoloc'], 'UTF-8'),
);
if(!empty($_GET['trade']) && $thread['special'] == 2 && $_G['group']['allowposttrade']) {
$bfmethods[] = array('class' => 'extend_thread_trade', 'method' => 'before_newreply');
}
$attentionon = empty($_GET['attention_add']) ? 0 : 1;
$attentionoff = empty($attention_remove) ? 0 : 1;
$bfmethods[] = array('class' => 'extend_thread_rushreply', 'method' => 'before_newreply');
if($_G['group']['allowat']) {
$bfmethods[] = array('class' => 'extend_thread_allowat', 'method' => 'before_newreply');
}
$bfmethods[] = array('class' => 'extend_thread_comment', 'method' => 'before_newreply');
$modpost->attach_before_method('newreply', array('class' => 'extend_thread_filter', 'method' => 'before_newreply'));
if($_G['group']['allowat']) {
$afmethods[] = array('class' => 'extend_thread_allowat', 'method' => 'after_newreply');
}
$afmethods[] = array('class' => 'extend_thread_rushreply', 'method' => 'after_newreply');
$afmethods[] = array('class' => 'extend_thread_comment', 'method' => 'after_newreply');
if(helper_access::check_module('follow') && !empty($_GET['adddynamic'])) {
$afmethods[] = array('class' => 'extend_thread_follow', 'method' => 'after_newreply');
}
if($thread['replycredit'] > 0 && $thread['authorid'] != $_G['uid'] && $_G['uid']) {
$afmethods[] = array('class' => 'extend_thread_replycredit', 'method' => 'after_newreply');
}
if($special == 5) {
$afmethods[] = array('class' => 'extend_thread_debate', 'method' => 'after_newreply');
}
$afmethods[] = array('class' => 'extend_thread_image', 'method' => 'after_newreply');
if($special == 2 && $_G['group']['allowposttrade'] && $thread['authorid'] == $_G['uid']) {
$afmethods[] = array('class' => 'extend_thread_trade', 'method' => 'after_newreply');
}
$afmethods[] = array('class' => 'extend_thread_filter', 'method' => 'after_newreply');
if($_G['forum']['allowfeed']) {
if($special == 2 && !empty($_GET['trade'])) {
$modpost->attach_before_method('replyfeed', array('class' => 'extend_thread_trade', 'method' => 'before_replyfeed'));
$modpost->attach_after_method('replyfeed', array('class' => 'extend_thread_trade', 'method' => 'after_replyfeed'));
} elseif($special == 3 && $thread['authorid'] != $_G['uid']) {
$modpost->attach_before_method('replyfeed', array('class' => 'extend_thread_reward', 'method' => 'before_replyfeed'));
} elseif($special == 5 && $thread['authorid'] != $_G['uid']) {
$modpost->attach_before_method('replyfeed', array('class' => 'extend_thread_debate', 'method' => 'before_replyfeed'));
}
}
if(!isset($_GET['addfeed'])) {
$space = array();
space_merge($space, 'field_home');
$_GET['addfeed'] = $space['privacy']['feed']['newreply'];
}
$modpost->attach_before_methods('newreply', $bfmethods);
$modpost->attach_after_methods('newreply', $afmethods);
$return = $modpost->newreply($params);
$pid = $modpost->pid;
if($specialextra) {
@include_once DISCUZ_ROOT.'./source/plugin/'.$_G['setting']['threadplugins'][$specialextra]['module'].'.class.php';
$classname = 'threadplugin_'.$specialextra;
if(class_exists($classname) && method_exists($threadpluginclass = new $classname, 'newreply_submit_end')) {
$threadpluginclass->newreply_submit_end($_G['fid'], $_G['tid']);
}
}
if($modpost->pid && !$modpost->param('modnewreplies')) {
if(!empty($_GET['addfeed'])) {
$modpost->replyfeed();
}
}
if($modpost->param('modnewreplies')) {
$url = "forum.php?mod=viewthread&tid=".$_G['tid'];
} else {
$antitheft = '';
if(!empty($_G['setting']['antitheft']['allow']) && empty($_G['setting']['antitheft']['disable']['thread']) && empty($_G['forum']['noantitheft'])) {
$sign = helper_antitheft::get_sign($_G['tid'], 'tid');
if($sign) {
$antitheft = '&_dsign='.$sign;
}
}
$url = "forum.php?mod=viewthread&tid=".$_G['tid']."&pid=".$modpost->pid."&page=".$modpost->param('page')."$antitheft&extra=".$extra."#pid".$modpost->pid;
}
if(!isset($inspacecpshare)) {
showmessage($return , $url, $modpost->param('showmsgparam'));
}
}
?>