$smiley) { $_DCACHE['smilies_display'][$key]['codeinsert'] = addcslashes($smiley['code'], '\\\''); } include template('post_smilies'); dexit(); } $editorid = 'posteditor'; $editoroptions = str_pad(decbin($editoroptions), 2, 0, STR_PAD_LEFT); $editormode = $editormode == 2 ? $editoroptions{0} : $editormode; $allowswitcheditor = $editoroptions{1}; $previewdisplay = !empty($previewpost) ? '' : 'none'; periodscheck('postbanperiods'); $allowpostattach = !empty($forum['allowpostattach']) || (!$forum['postattachperm'] && $allowpostattach) || ($forum['postattachperm'] && forumperm($forum['postattachperm'])); $attachextensions = $forum['attachextensions'] ? $forum['attachextensions'] : $attachextensions; $allowanonymous = $forum['allowanonymous'] || $allowanonymous ? 1 : 0; $postcredits = $forum['postcredits'] ? $forum['postcredits'] : $creditspolicy['post']; $replycredits = $forum['replycredits'] ? $forum['replycredits'] : $creditspolicy['reply']; $digestcredits = $forum['digestcredits'] ? $forum['digestcredits'] : $creditspolicy['digest']; $postattachcredits = $forum['postattachcredits'] ? $forum['postattachcredits'] : $creditspolicy['postattach']; $maxprice = isset($extcredits[$creditstrans]) ? $maxprice : 0; if(!empty($tid) && !empty($fid)) { $query = $db->query("SELECT * FROM {$tablepre}threads WHERE tid='$tid'".($auditstatuson ? '' : " AND displayorder>='0'")); $thread = $db->fetch_array($query); $fid = $thread['fid']; $navigation = "» $thread[subject]"; $navtitle = $thread['subject'].' - '; if($thread['readperm'] && $thread['readperm'] > $readaccess && !$forum['ismoderator'] && $thread['authorid'] != $discuz_uid) { showmessage('thread_nopermission', NULL, 'NOPERM'); } } $navigation = "» $forum[name] $navigation"; $navtitle = $navtitle.strip_tags($forum['name']).' - '; if($forum['type'] == 'sub') { $query = $db->query("SELECT name, fid FROM {$tablepre}forums WHERE fid='$forum[fup]'"); $fup = $db->fetch_array($query); $navigation = "» $fup[name] $navigation"; $navtitle = $navtitle.strip_tags($fup['name']).' - '; } if(empty($forum['allowview'])) { if(!$forum['viewperm'] && !$readaccess) { showmessage('group_nopermission', NULL, 'NOPERM'); } elseif($forum['viewperm'] && !forumperm($forum['viewperm'])) { showmessage('forum_nopermission', NULL, 'NOPERM'); } } if(empty($bbcodeoff) && !$allowhidecode && preg_match("/\[hide=?\d*\].+?\[\/hide\]/is", preg_replace("/(\[code\](.+?)\[\/code\])/is", ' ', $message))) { showmessage('post_hide_nopermission'); } if(!$adminid && $newbiespan && (!$lastpost || $timestamp - $lastpost < $newbiespan * 3600)) { $query = $db->query("SELECT regdate FROM {$tablepre}members WHERE uid='$discuz_uid'"); if($timestamp - ($db->result($query, 0)) < $newbiespan * 3600) { showmessage('post_newbie_span'); } } $extra = rawurlencode($extra); $blogcheck = empty($isblog) && empty($addtoblog) ? '' : 'checked'; $notifycheck = empty($emailnotify) ? '' : 'checked'; $stickcheck = empty($sticktopic) ? '' : 'checked'; $digestcheck = empty($addtodigest) ? '' : 'checked'; if(periodscheck('postmodperiods', 0)) { $modnewthreads = $modnewreplies = 1; } else { $censormod = censormod($subject."\t".$message); $modnewthreads = (!$allowdirectpost || $allowdirectpost == 1) && ($forum['modnewposts'] || $censormod) ? 1 : 0; $modnewreplies = (!$allowdirectpost || $allowdirectpost == 2) && ($forum['modnewposts'] == 2 || $censormod) ? 1 : 0; } $subject = isset($subject) ? dhtmlspecialchars(censor(trim($subject))) : ''; $message = isset($message) ? censor(trim($message)) : ''; $readperm = isset($readperm) ? intval($readperm) : 0; $price = isset($price) ? intval($price) : 0; $urloffcheck = $usesigcheck = $smileyoffcheck = $codeoffcheck = $htmloncheck = $emailcheck = ''; $enctype = $allowpostattach ? 'enctype="multipart/form-data"' : ''; $maxattachsize_kb = $maxattachsize / 1000; //get secure code checking status (pos. -3) $seccodecheck = substr(sprintf('%05b', $seccodestatus), -3, 1); $allowpostpoll = $allowpost && $allowpostpoll && substr(sprintf('%04b', $forum['allowpostspecial']), -1, 1); $allowposttrade = $allowpost && $allowposttrade && substr(sprintf('%04b', $forum['allowpostspecial']), -2, 1); $allowpostreward = $allowpost && $allowpostreward && substr(sprintf('%04b', $forum['allowpostspecial']), -3, 1) && isset($extcredits[$creditstrans]); $allowpostactivity = $allowpost && $allowpostactivity && substr(sprintf('%04b', $forum['allowpostspecial']), -4, 1); if(!empty($previewpost) || (empty($previewpost) && empty($topicsubmit) && empty($replysubmit) && empty($editsubmit))) { $typeid = preg_replace("/.*typeid%3D(\d+).*/", "\\1", $extra); $smcols = $smcols ? $smcols : 4; $smileyinsert = $smileyinsert && is_array($_DCACHE['smilies_display']) ? 1 : 0; $smilies = $smileyinsert ? smiliestable($_DCACHE['smilies_display'], $smcols, 4, $editorid) : ''; $moresmilies = $smileyinsert && count($_DCACHE['smilies_display']) > $smcols * 4 ? 1 : 0; if($discuz_uid && $sigstatus && !$usesigcheck) { $usesigcheck = 'checked'; } if(!empty($trade)) { if(isset($seller)) { $seller = dhtmlspecialchars(stripslashes($seller)); } else { $query = $db->query("SELECT alipay FROM {$tablepre}memberfields WHERE uid='$discuz_uid'"); $alipay = $db->result($query, 0); $seller = $alipay ? $alipay : $email; } $item_price = isset($item_price) ? (float)$item_price : ''; $item_name = isset($item_name) ? dhtmlspecialchars(stripslashes($item_name)) : ''; $item_quality = isset($item_quality) ? dhtmlspecialchars(stripslashes($item_quality)) : ''; $item_locus = isset($item_locus) ? dhtmlspecialchars(stripslashes($item_locus)) : ''; $postage_mail = isset($postage_mail) ? dhtmlspecialchars(stripslashes($postage_mail)) : ''; $postage_express = isset($postage_express) ? dhtmlspecialchars(stripslashes($postage_express)) : ''; $checktp = array((isset($transport) ? $transport : 'seller') => 'checked'); $postagedisabled = isset($transport) && $transport == 'buyer' ? '' : 'disabled'; } $currtime = gmdate("$dateformat $timeformat", $timestamp + $timeoffset * 3600); if(empty($previewpost)) { $subject = $message = $polloptions = ''; } else { $subject = stripslashes($subject); $message = stripslashes($message); if($editormode == 1 && !(isopera() && isopera() < 9)) { if(!empty($parseurloff)) { $message = parseurl($message); } $message_preview = $message = discuzcode($message, !empty($smileyoff), !empty($bbcodeoff), !empty($htmlon), $forum['allowsmilies'], $forum['allowbbcode'], $forum['allowimgcode'], $forum['allowhtml'], 0, 1); } else { $message_preview = discuzcode($message, !empty($smileyoff), !empty($bbcodeoff), !empty($htmlon), $forum['allowsmilies'], $forum['allowbbcode'], $forum['allowimgcode'], $forum['allowhtml'], 0, 1); $message = dhtmlspecialchars($message); } $urloffcheck = !empty($parseurloff) ? 'checked' : ''; $usesigcheck = !empty($usesig) ? 'checked' : ''; $smileyoffcheck = !empty($smileyoff) ? 'checked' : ''; $codeoffcheck = !empty($bbcodeoff) ? 'checked' : ''; $htmloncheck = !empty($htmlon) ? 'checked' : ''; $emailcheck = !empty($emailnotify) ? 'checked' : ''; $topicsubmit = $replysubmit = $editsubmit = ''; } } else { if(empty($wysiwyg) && empty($parseurloff)) { $message = parseurl($message); } if((!empty($topicsubmit) || !empty($replysubmit)) && $seccodecheck) { if(!isset($seccodeverify)) { $seccode = random(4, 1); $request = array ( 'method' => $_SERVER['REQUEST_METHOD'], 'action' => $PHP_SELF, 'elements' => '' ); $quesand = '?'; foreach($_GET as $key => $value) { $request['action'] .= $quesand.rawurlencode($key).'='.rawurlencode($value); $quesand = '&'; } foreach($_POST as $key => $value) { if(is_array($value)) { foreach($value as $arraykey => $arrayvalue) { $request['elements'] .= ''; } } else { $request['elements'] .= ''; } } include template('post_seccode'); dexit(); } } } if($forum['password'] && $forum['password'] != $_DCOOKIE['fidpw'.$fid]) { header("Location: {$boardurl}forumdisplay.php?fid=$fid&sid=$sid"); exit(); } if($action == 'newthread') { require_once DISCUZ_ROOT.'./include/newthread.inc.php'; } elseif($action == 'reply') { require_once DISCUZ_ROOT.'./include/newreply.inc.php'; } elseif($action == 'edit') { require_once DISCUZ_ROOT.'./include/editpost.inc.php'; } elseif($action == 'import') { require_once DISCUZ_ROOT.'./include/supesite_import.inc.php'; } ?>