id < 1) {
session_start();
$number = $_POST['txtNumber'];
if ($message != NULL)
{
if (md5($number) != $_SESSION['image_random_value'])
{
$mess = _FB_CAPERR;
echo "";
echo "";
return;
die();
//break;
}
}
}
// Finish captcha
//flood protection
$fbConfig['floodprotection'] = (int)$fbConfig['floodprotection'];
if ($fbConfig['floodprotection'] != 0)
{
$database->setQuery("select max(time) from #__fb_messages where ip='{$ip}'");
$lastPostTime = $database->loadResult();
}
if (($fbConfig['floodprotection'] != 0 && ((($lastPostTime + $fbConfig['floodprotection']) < $systime) || $do == "edit" || $is_admin)) || $fbConfig['floodprotection'] == 0)
{
//Let's find out who we're dealing with if a registered user wants to make a post
if ($my->id)
{
$database->setQuery("SELECT name, username, email FROM #__users WHERE id={$my->id}");
unset($user);
$database->loadObject($user);
if ($user->email)
{
$my_name = $fbConfig['username'] ? $user->username : $user->name;
$my_email = $user->email;
$registeredUser = 1;
}
else
{
echo _POST_ERROR . "
";
echo _POST_EXIT;
return;
}
}
}
else
{
echo _POST_TOPIC_FLOOD1;
echo $fbConfig['floodprotection'] . " " . _POST_TOPIC_FLOOD2 . "
";
echo _POST_TOPIC_FLOOD3;
return;
}
//Now find out the forumname to which the user wants to post (for reference only)
unset($objCatInfo);
$database->setQuery("SELECT * FROM #__fb_categories WHERE id={$catid}");
$database->loadObject($objCatInfo);
$catName = $objCatInfo->name;
?>
id, $fbConfig['pubwrite'], $is_moderator)))
{
?>
' . _SUBMIT_CANCEL . " "; echo ' ' . _SUBMIT_CANCEL . ' ';
?>
id, $fbConfig['pubwrite'], $is_moderator)))
{ //reply do quote
$parentid = 0;
$replyto = (int)$replyto;
if ($replyto > 0)
{
$database->setQuery("SELECT #__fb_messages.*,#__fb_messages_text.message FROM #__fb_messages,#__fb_messages_text WHERE id={$replyto} AND mesid={$replyto}");
$database->query();
if ($database->getNumRows() > 0)
{
unset($message);
$database->loadObject($message);
// don't forget stripslashes
//$message->message=smile::smileReplace($message->message,0);
$table = array_flip(get_html_translation_table(HTML_ENTITIES, ENT_QUOTES));
//$quote = strtr($message->message, $table);
$quote = $message->message;
$htmlText = "[b]" . stripslashes($message->name) . " " . _POST_WROTE . ":[/b]\n";
$htmlText .= '[quote]' . $quote . "[/quote]";
//$quote = smile::fbStripHtmlTags($quote);
$resubject = strtr($message->subject, $table);
$resubject = strtolower(substr($resubject, 0, strlen(_POST_RE))) == strtolower(_POST_RE) ? stripslashes($resubject) : _POST_RE . stripslashes($resubject);
//$resubject = htmlspecialchars($resubject);
$resubject = smile::fbStripHtmlTags($resubject);
//$resubject = smile::fbStripHtmlTags($resubject);
$parentid = $message->id;
$authorName = $my_name;
}
}
?>
";
//}
}
else {
echo "Hacking attempt!";
}
}
else if ($do == "editpostnow")
{
$modified_reason = addslashes(mosGetParam($_POST, "modified_reason", null));
$modified_by = $my->id;
$modified_time = FBTools::fbGetInternalTime();
$id = (int) $id;
$database->setQuery("SELECT * FROM #__fb_messages LEFT JOIN #__fb_messages_text ON #__fb_messages.id=#__fb_messages_text.mesid WHERE #__fb_messages.id=$id");
$message1 = $database->loadObjectList();
$mes = $message1[0];
$userid = $mes->userid;
//Check for a moderator or superadmin
if ($is_moderator) {
$allowEdit = 1;
}
if ($fbConfig['useredit'] == 1 && $my->id != "")
{
//Now, if the author==viewer and the viewer is allowed to edit his/her own post the let them edit
if ($my->id == $userid) {
if(((int)$fbConfig['usereditTime'])==0) {
$allowEdit = 1;
}
else {
$modtime = $mes->modified_time;
if(!$modtime) {
$modtime = $mes->time;
}
if(($modtime + ((int)$fbConfig['usereditTime']) + ((int)$fbConfig['usereditTimeGrace'])) >= FBTools::fbGetInternalTime()) {
$allowEdit = 1;
}
}
}
}
if ($allowEdit == 1)
{
if ($attachfile != '') {
include JB_ABSSOURCESPATH . 'fb_file_upload.php';
}
if ($attachimage != '') {
include JB_ABSSOURCESPATH . 'fb_image_upload.php';
}
//$message = trim(htmlspecialchars(addslashes($message)));
$message = trim(addslashes($message));
//parse the message for some preliminary bbcode and stripping of HTML
//$message = smile::bbencode_first_pass($message);
if (count($message1) > 0)
{
$database->setQuery(
"UPDATE #__fb_messages SET name='$fb_authorname', email='" . addslashes($email)
. (($fbConfig['editMarkUp']) ? "' ,modified_by='" . $modified_by
. "' ,modified_time='" . $modified_time . "' ,modified_reason='" . $modified_reason : "") . "', subject='" . addslashes($subject) . "', topic_emoticon='" . ((int)$topic_emoticon) . "' WHERE id={$id}");
$dbr_nameset = $database->query();
$database->setQuery("UPDATE #__fb_messages_text SET message='{$message}' WHERE mesid={$id}");
if ($database->query() && $dbr_nameset)
{
//Update the attachments table if an image has been attached
if ($imageLocation != "")
{
$database->setQuery("INSERT INTO #__fb_attachments (mesid, filelocation) values ('$id','$imageLocation')");
if (!$database->query()) {
echo "\n";
}
}
//Update the attachments table if an file has been attached
if ($fileLocation != "")
{
$database->setQuery("INSERT INTO #__fb_attachments (mesid, filelocation) values ('$id','$fileLocation')");
if (!$database->query()) {
echo "\n";
}
}
echo ''; echo '' . _POST_SUCCESS_VIEW . ' '; echo '' . _POST_SUCCESS_FORUM . ' '; echo ' ' . _POST_SUCCESS_EDIT . ' ';?>
setQuery("SELECT * FROM #__fb_messages WHERE id=$id");
$message = $database->loadObjectList();
foreach ($message as $mes)
{
?>
';
echo _FB_POST_DEL_ERR_CHILD;
break;
case -2:
echo _POST_ERROR_TOPIC . ''; echo '' . _POST_SUCCESS_VIEW . ' '; echo '' . _POST_SUCCESS_FORUM . ' '; echo ' '; echo _FB_POST_DEL_ERR_MSG; break; case -3: echo _POST_ERROR_TOPIC . ' '; $tmpstr = _FB_POST_DEL_ERR_TXT; $tmpstr = str_replace('%id%', $id, $tmpstr); echo $tmpstr; break; case -4: echo _POST_ERROR_TOPIC . ' '; echo _FB_POST_DEL_ERR_USR; break; default: echo ' ' . _POST_SUCCESS_DELETE . ' ';
echo '';
break;
}
} //fi $do==deletepostnow
else if ($do == "move")
{
if (!$is_moderator) {
die ("Hacking Attempt!");
}
$catid = (int)$catid;
$id = (int)$id;
//get list of available forums
//$database->setQuery("SELECT id,name FROM #__fb_categories WHERE parent != '0'");
$database->setQuery("SELECT a.*, b.name AS category" . "\nFROM #__fb_categories AS a" . "\nLEFT JOIN #__fb_categories AS b ON b.id = a.parent" . "\nWHERE a.parent != '0'" . "\nORDER BY parent, ordering");
$catlist = $database->loadObjectList();
// get topic subject:
$database->setQuery("select subject from #__fb_messages where id=$id");
$topicSubject = $database->loadResult();
?>
setQuery("SELECT `subject`, `catid`, `time` AS timestamp FROM #__fb_messages WHERE `id`='$id'");
$oldRecord = $database->loadObjectList();
$newSubject = _MOVED_TOPIC . " " . $oldRecord[0]->subject;
$database->setQuery("SELECT MAX(time) AS timestamp FROM #__fb_messages WHERE `thread`='$id'");
$lastTimestamp = $database->loadResult();
if ($lastTimestamp == "") {
$lastTimestamp = $oldRecord[0]->timestamp;
}
//perform the actual move
//Move topic post first
$database->setQuery("UPDATE #__fb_messages SET `catid`='$catid' WHERE `id`='$id'");
if ($database->query())
{ //succeeded; move the rest of the thread if exists
$database->setQuery("UPDATE #__fb_messages set `catid`='$catid' WHERE `thread`='$id'");
if ($database->query())
{
// insert 'moved topic' notification in old forum if needed
if ($bool_leaveGhost)
{
$database->setQuery("INSERT INTO #__fb_messages (`parent`, `subject`, `time`, `catid`, `moved`) VALUES ('0','$newSubject','" . $lastTimestamp . "','" . $oldRecord[0]->catid . "','1')");
if ($database->query())
{
//determine the new location for link composition
$newId = $database->insertid();
$newURL = "catid=" . $catid . "&id=" . $id;
$database->setQuery("INSERT INTO #__fb_messages_text (`mesid`, `message`) VALUES ('$newId', '$newURL')");
if (!$database->query()) {
$database->stderr(true);
}
//and update the thread id on the 'moved' post for the right ordering when viewing the forum..
$database->setQuery("UPDATE #__fb_messages SET `thread`='$newId' WHERE `id`='$newId'");
if (!$database->query()) {
$database->stderr(true);
}
}
else {
echo ''; if ($do == 'deletepostnow') { // echo '' . _POST_SUCCESS_VIEW . ' '; } echo '' . _POST_SUCCESS_FORUM . ' '; echo ' ' . _POST_GHOST_FAILED . ' '; } } //move succeeded echo '' . _POST_SUCCESS_MOVE . ' ';
?>
">
setQuery("INSERT INTO #__fb_subscriptions (category,userid) VALUES ('$catid','$my->id')");
}
else {
$database->setQuery("INSERT INTO #__fb_subscriptions (thread,userid) VALUES ('$fb_thread','$my->id')");
}
//End Hack by SBS
if ($database->query()) {
echo _POST_SUBSCRIBED_TOPIC . "'; echo '' . _POST_SUCCESS_VIEW . ' '; echo '' . _POST_SUCCESS_FORUM . ' '; echo ' "; } else { echo _POST_NO_SUBSCRIBED_TOPIC . " "; } echo ' ' . _POST_SUCCESS_SUBSCRIBE . ' ';
?>
setQuery("INSERT INTO #__fb_favorites (thread,userid) VALUES ('$fb_thread','$my->id')");
if ($database->query()) {
echo _POST_FAVORITED_TOPIC . "'; echo '' . _POST_SUCCESS_VIEW . ' '; echo '' . _POST_SUCCESS_FORUM . ' '; echo ' "; } else { echo _POST_NO_FAVORITED_TOPIC . " "; } echo ' ' . _POST_SUCCESS_FAVORITE . ' ';
?>
setQuery("update #__fb_messages set ordering=1 where id=$id");
if ($database->query()) {
echo ''; echo '' . _POST_SUCCESS_VIEW . ' '; echo '' . _POST_SUCCESS_FORUM . ' '; echo ' ' . _POST_STICKY_SET . ' ' . _POST_STICKY_NOT_SET . ' ' . _POST_SUCCESS_REQUEST2 . ' ';
?>
setQuery("update #__fb_messages set ordering=0 where id=$id");
if ($database->query()) {
echo ''; echo '' . _POST_SUCCESS_VIEW . ' '; echo '' . _POST_SUCCESS_FORUM . ' '; echo ' ' . _POST_STICKY_UNSET . ' ' . _POST_STICKY_NOT_UNSET . ' ' . _POST_SUCCESS_REQUEST2 . ' ';
?>
setQuery("update #__fb_messages set locked=1 where id=$id");
if ($database->query()) {
echo ''; echo '' . _POST_SUCCESS_VIEW . ' '; echo '' . _POST_SUCCESS_FORUM . ' '; echo ' ' . _POST_LOCK_SET . ' ' . _POST_LOCK_NOT_SET . ' ' . _POST_SUCCESS_REQUEST2 . ' ';
?>
setQuery("update #__fb_messages set locked=0 where id=$id");
if ($database->query()) {
echo ''; echo '' . _POST_SUCCESS_VIEW . ' '; echo '' . _POST_SUCCESS_FORUM . ' '; echo ' ' . _POST_LOCK_UNSET . ' ' . _POST_LOCK_NOT_UNSET . ' ' . _POST_SUCCESS_REQUEST2 . ' ';
?>
'; echo '' . _POST_SUCCESS_VIEW . ' '; echo '' . _POST_SUCCESS_FORUM . ' '; echo ' |
$lockedWhat " . _POST_LOCKED . "
";
echo _POST_NO_NEW . "
";
echo _POST_NO_PUBACCESS1 . "
";
echo _POST_NO_PUBACCESS2 . "
";
if ($fbConfig['cb_profile']) {
echo '' . _POST_NO_PUBACCESS3 . '
name); ?> |
", "", $fb_message_txt); //Long Words Wrap: $fb_message_txt = smile::htmlwrap($fb_message_txt, $fbConfig['wrap']); // Joomla Mambot Support if ($fbConfig['jmambot']) { global $_MAMBOTS; $row = new t(); $row->text = $fb_message_txt; $_MAMBOTS->loadBotGroup('content'); $params = &new mosParameters(''); $results = $_MAMBOTS->trigger('onPrepareContent', array ( &$row, &$params, 0 ), true); $fb_message_txt = $row->text; } // Finish Joomla Mambot Support if ($fbConfig['badwords'] && is_file($mosConfig_absolute_path.'/components/com_badword/class.badword.php')) { $badwords = Badword::filter($fb_message_txt, $my); if ($badwords == "true") { $fb_message_txt = _COM_A_BADWORDS_NOTICE; } } echo $fb_message_txt; ?> |