###############################################################################
# Post.pl #
###############################################################################
# YaBB: Yet another Bulletin Board #
# Open-Source Community Software for Webmasters #
# Version: YaBB 2.1 #
# Released: November 8, 2005 #
# Distributed by: http://www.yabbforum.com #
# =========================================================================== #
# Copyright (c) 2000-2005 YaBB (www.yabbforum.com) - All Rights Reserved. #
# Software by: The YaBB Development Team #
# with assistance from the YaBB community. #
# Sponsored by: Xnull Internet Media, Inc. - http://www.ximinc.com #
# Your source for web hosting, web design, and domains. #
###############################################################################
$postplver = 'YaBB 2.1 $Revision: 1.18 $';
if ($action eq 'detailedversion') { return 1; }
LoadLanguage("Post");
LoadLanguage("Display");
LoadLanguage("FA");
LoadLanguage("AdminCenter_Update");
if (-e "$vardir/acup_dim.txt") { require "$vardir/acup_dim.txt"; }
require "$sourcedir/Notify.pl";
require "$sourcedir/Palette.pl";
sub Post {
if ($iamguest && $enable_guestposting == 0) { &fatal_error($post_txt{'165'}); }
if ($currentboard eq '') { &fatal_error($post_txt{'1'}); }
my ($filetype_info, $filesize_info);
my ($subtitle, $x, $mnum, $msub, $mname, $memail, $mdate, $mreplies, $musername, $micon, $mstate, $msubject, $mattach, $mip, $mmessage, $mns, $quotestart, $notify);
my $quotemsg = $INFO{'quote'};
$threadid = $INFO{'num'};
($mnum, $msub, $mname, $memail, $mdate, $mreplies, $musername, $micon, $mstate) = split(/\|/, $yyThreadLine);
if ($mstate =~ /l/i) { &fatal_error($post_txt{'90'}); }
if ($mstate =~ /a/i && !$iamadmin && !$iamgmod) { &fatal_error($post_txt{'1'}); }
# Determine category
$curcat = ${$uid.$currentboard}{'cat'};
&BoardTotals("load", $currentboard);
# Figure out the name of the category
unless ($mloaded == 1) { require "$boardsdir/forum.master"; }
($cat, $catperms) = split(/\|/, $catinfo{"$curcat"});
&ToChars($cat);
$pollthread = 0;
$postthread = 0;
$INFO{'title'} =~ tr/+/ /;
if ($INFO{'title'} eq 'CreatePoll') { $pollthread = 1; $t_title = "$post_polltxt{'1a'}"; }
elsif ($INFO{'title'} eq 'AddPoll') { $pollthread = 2; $t_title = "$post_polltxt{'2a'}"; }
elsif ($INFO{'title'} eq 'PostReply') { $postthread = 2; $t_title = "$display_txt{'116'}"; }
else { $postthread = 1; $t_title = "$post_txt{'33'}"; }
if ($pollthread == 2 && $useraddpoll == 0) { &fatal_error($post_txt{'1'}); }
if ($postthread == 2 && $username ne "Guest") {
$j = 0;
@tmprepliers = ();
for ($i = 0; $i < @repliers; $i++) {
chomp $repliers[$i];
($reptime, $repuser, $isreplying) = split(/\|/, $repliers[$i]);
$outtime = $date - $reptime;
if ($outtime > 600) { next; }
elsif ($repuser eq $username) { $tmprepliers[$j] = qq~$date|$repuser|1~; $isrep = 1; }
else { $tmprepliers[$j] = qq~$reptime|$repuser|$isreplying~; }
$j++;
}
if (!$isrep) {
$thisreplier = qq~$date|$username|1~;
push(@tmprepliers, $thisreplier);
}
@repliers = @tmprepliers;
&MessageTotals("update", $curnum);
}
$name_field = $realname eq ''
? qq~
$post_txt{'68'}:
~
: qq~~;
$email_field = $realemail eq ''
? qq~
$post_txt{'69'}:
~
: qq~~;
$sub = "";
$settofield = "subject";
if ($threadid ne '') {
fopen(FILE, "$datadir/$threadid.txt") || &fatal_error("201 $post_txt{'106'}: $post_txt{'23'} $threadid.txt", 1);
@messages = ;
fclose(FILE);
if ($quotemsg ne '') {
($msubject, $mname, $memail, $mdate, $musername, $micon, $mattach, $mip, $mmessage, $mns) = split(/\|/, $messages[$quotemsg]);
$message = $mmessage;
$message =~ s~ ~\n~ig;
$message =~ s~ ~\n~g;
$message =~ s/ \ \ \ /\t/ig;
if (!$nestedquotes) {
$message =~ s~\n{0,1}\[quote([^\]]*)\](.*?)\[/quote\]\n{0,1}~\n~isg;
$message =~ s~\n*\[/*quote([^\]]*)\]\n*~~ig;
}
$mname ||= $musername || $post_txt{'470'};
$quotestart = int($quotemsg / $maxmessagedisplay) * $maxmessagedisplay;
$message = qq~[quote author=$mname link=$threadid/$quotestart#$quotemsg date=$mdate\]$message\[/quote\]\n~;
$msubject =~ s/\bre:\s+//ig;
if ($mns eq "NS") { $nscheck = "checked"; }
} else {
($msubject, $mname, $memail, $mdate, $musername, $micon, $mattach, $mip, $mmessage, $mns) = split(/\|/, $messages[0]);
$msubject =~ s/\bre:\s+//ig;
}
$sub = "Re: $msubject";
$settofield = "message";
}
$submittxt = "$post_txt{'105'}";
$destination = "post2";
$icon = "xx";
$is_preview = 0;
$post = "post";
$prevmain = "";
$preview = "preview";
$yytitle = "$t_title";
&Postpage;
if ($pollthread != 2) { &doshowthread; }
&template;
exit;
}
sub Postpage {
my $extra;
my ($filetype_info, $filesize_info, $extensions);
$extensions = join(" ", @ext);
$filetype_info = $checkext == 1 ? qq~$fatxt{'2'} $extensions~ : qq~$fatxt{'2'} $fatxt{'4'}~;
$filesize_info = $limit != 0 ? qq~$fatxt{'3'} $limit KB~ : qq~$fatxt{'3'} $fatxt{'5'}~;
if ($is_preview) { $post_txt{'507'} = $post_txt{'771'}; }
$normalquot = $post_txt{'599'};
$simpelquot = $post_txt{'601'};
$simpelcode = $post_txt{'602'};
$edittext = $post_txt{'603'};
if (!$fontsizemax) { $fontsizemax = 72; }
if (!$fontsizemin) { $fontsizemin = 6; }
$message =~ s~<\/~\<\;/~isg;
&ToChars($message);
&ToChars($sub);
# this defines what the top area of the post box will look like: option 1 ) IM area
# option 2) all other post areas
if ($post eq "imsend") {
if (!$INFO{'to'}) { $INFO{'to'} = $FORM{'to'}; }
if ($INFO{'to'}) { $settofield = "message"; }
else { $settofield = "to"; }
$idinfo = "$INFO{'id'}";
$extra = qq~
$post_txt{'150'}
$post_txt{'748'}
~;
} else {
$extra = qq~
$post_txt{'71'}:
$post_txt{'281'}
$post_txt{'282'}
$post_txt{'283'}
$post_txt{'284'}
$post_txt{'285'}
$post_txt{'286'}
$post_txt{'287'}
$post_txt{'288'}
$post_txt{'289'}
$post_txt{'290'}
$post_txt{'291'}
$post_txt{'292'}
~;
if ($realname eq '' && $threadid ne '') { $settofield = "name"; }
}
# this shows on every post page. regardless of where it is called from
$yymain .= qq~
~;
$notify = "";
$hasnotify = "";
if ($pollthread && $iamguest) { $guest_vote = 1; }
if ($pollthread == 2) {
$settofield = "question";
} else {
# this defines if the notify on reply is shown or not.
if (!$enable_notification || $iamguest) {
$notification = "";
} else {
# check if you are already being notified and if so we check the checkbox.
# if the mail file exists then we have to check it otherwise we continue on
$notifytext = qq~$post_txt{'750'}~;
if (-e "$datadir/$threadid.mail") {
&ManageThreadNotify("load", $threadid);
if (exists $thethread{$username}) {
$notify = qq~ checked="checked"~;
$hasnotify = 1;
}
undef %thethread;
}
if (-e "$boardsdir/$currentboard.mail") {
&ManageBoardNotify("load", $currentboard);
if (exists $theboard{$username}) {
($memlang, $memtype, $memview) = split(/\|/, $theboard{$username});
if ($memtype == 2) {
$notify = qq~ disabled="disabled" checked="checked"~;
$hasnotify = 1;
$notifytext = qq~$post_txt{'132'}~;
}
}
undef %theboard;
}
if ($post ne "imsend") {
$notification = qq~
$post_txt{'131'}:
$notifytext
~;
}
}
}
if (!$sub) { $subtitle = "$post_txt{'33'} "; }
else { $subtitle = "$sub "; }
# this is shown every post page except the IM area.
unless ($post eq "imsend") {
if ($threadid) {
$threadlink = qq~$subtitle ~;
} else {
$threadlink = "$subtitle";
}
&ToChars($boardname);
&ToChars($cat);
$yymain .= qq~
~;
}
#this is the end of the upper area of the post page.
$yymain .= qq~
~;
# if this is an IM from the admin or to groups declare where it goes.
if ($INFO{'adminim'} || $INFO{'action'} eq "imgroups") {
$yymain .= qq~
~;
unless ($pollthread == 2) {
if ($currentboard ne $annboard && $post ne "imsend" && (($iamadmin || $iamgmod || $iammod) && $sessionvalid == 1)) {
$yymain .= qq~
~;
}
if ($action eq "modify" || $action eq "modify2") {
$displayname = qq~$mename~;
} else {
$displayname = ${$uid.$username}{'realname'};
}
require "$templatesdir/$usedisplay/Display.template";
$yymain .= qq~
~;
}
}
sub Preview {
&clear_temp;
my $error = $_[0];
&ToHTML($e);
# allows the following HTML-tags in error messages:
$error =~ s/<br( \/)>/ /ig;
$error =~ s/<(\/?)b>/<$1b>/ig;
$poll_question = $FORM{'question'};
$maxpq ||= 60;
$maxpo ||= 50;
$maxpc ||= 0;
$numpolloptions ||= 8;
$vote_limit ||= 0;
for (my $i = 1; $i <= $numpolloptions; $i++) {
$options[$i] = $FORM{"option$i"};
$options[$i] =~ s/&/&/g;
$options[$i] =~ s/"/"/g;
$options[$i] =~ s/<//g;
&FromChars($options[$i]);
$convertstr = $options[$i];
$convertcut = $maxpo;
&CountChars;
$options[$i] = $convertstr;
$options[$i] =~ s/"/"/g;
$options[$i] =~ s/</g;
$options[$i] =~ s/>/>/g;
&ToChars($options[$i]);
}
$guest_vote = $FORM{'guest_vote'};
$hide_results = $FORM{'hide_results'};
$multi_choice = $FORM{'multi_choice'};
$poll_comment = $FORM{'poll_comment'};
$vote_limit = $FORM{'vote_limit'};
$pollthread = $FORM{'pollthread'} || 0;
$poll_question =~ s/&/&/g;
$poll_question =~ s/"/"/g;
$poll_question =~ s/<//g;
&FromChars($poll_question);
$convertstr = $poll_question;
$convertcut = $maxpq;
&CountChars;
$poll_question = $convertstr;
$poll_question =~ s/"/"/g;
$poll_question =~ s/</g;
$poll_question =~ s/>/>/g;
&ToChars($poll_question);
$name = $FORM{'name'};
$email = $FORM{'email'};
$sub = $FORM{'subject'};
$FORM{'message'} =~ s~\r~~g;
$mess = $FORM{'message'};
$message = $FORM{'message'};
$icon = $FORM{'icon'};
$ns = $FORM{'ns'};
$threadid = $FORM{'threadid'};
$notify = $FORM{'notify'};
$postid = $FORM{'postid'};
if (!$sub && $pollthread != 2) { $error = $post_txt{'77'}; }
$sub =~ s/[\r\n]//g;
my $testsub = $sub;
$testsub =~ s/\ //g;
$testsub =~ s/ //g;
$sub =~ s/&/&/g;
$sub =~ s/"/"/g;
$sub =~ s/<//g;
&FromChars($sub);
$convertstr = $sub;
$convertcut = 50;
&CountChars;
$sub = $convertstr;
$sub =~ s/"/"/g;
$sub =~ s/</g;
$sub =~ s/>/>/g;
my $testmessage = $mess;
$testmessage =~ s/[\r\n\ ]//g;
$testmessage =~ s/\ //g;
$testmessage =~ s~\[table\].*?\[tr\].*?\[td\]~~g;
$testmessage =~ s~\[/td\].*?\[/tr\].*?\[/table\]~~g;
$testmessage =~ s/\[.*?\]//g;
if ($testmessage eq "" && $mess ne "" && $pollthread != 2) { fatal_error("$maintxt{'2'} $testmessage"); }
$message =~ s/\cM//g;
$message =~ s~\[([^\]]{0,30})\n([^\]]{0,30})\]~\[$1$2\]~g;
$message =~ s~\[/([^\]]{0,30})\n([^\]]{0,30})\]~\[/$1$2\]~g;
# $message =~ s~(\w+://[^<>\s\n\"\]\[]+)\n([^<>\s\n\"\]\[]+)~$1$2~g;
&FromChars($message);
&ToHTML($message);
$message =~ s/\t/ \ \ \ /g;
$message =~ s/\n/ /g;
$message =~ s/([\000-\x09\x0b\x0c\x0e-\x1f\x7f])/\x0d/g;
&CheckIcon;
if ($icon eq "xx") { $ic1 = " selected=\"selected\" "; }
elsif ($icon eq "thumbup") { $ic2 = " selected=\"selected\" "; }
elsif ($icon eq "thumbdown") { $ic3 = " selected=\"selected\" "; }
elsif ($icon eq "exclamation") { $ic4 = " selected=\"selected\" "; }
elsif ($icon eq "question") { $ic5 = " selected=\"selected\" "; }
elsif ($icon eq "lamp") { $ic6 = " selected=\"selected\" "; }
elsif ($icon eq "smiley") { $ic7 = " selected=\"selected\" "; }
elsif ($icon eq "angry") { $ic8 = " selected=\"selected\" "; }
elsif ($icon eq "cheesy") { $ic9 = " selected=\"selected\" "; }
elsif ($icon eq "grin") { $ic10 = " selected=\"selected\" "; }
elsif ($icon eq "sad") { $ic11 = " selected=\"selected\" "; }
elsif ($icon eq "wink") { $ic12 = " selected=\"selected\" "; }
$name_field = $realname eq ''
? qq~
$post_txt{'68'}:
~
: qq~~;
$email_field = $realemail eq ''
? qq~
$post_txt{'69'}:
~
: qq~~;
if ($FORM{'notify'} eq "x") { $notify = qq~ checked="checked"~; }
if ($FORM{'ns'} eq 'NS') { $nscheck = qq~ checked="checked"~; }
if ($iamguest) {
$name .= "($post_txt{'772'})";
}
&wrap;
if ($action eq "modify2") {
$displayname = qq~$FORM{'mename'}~;
} else {
$displayname = ${$uid.$username}{'realname'};
}
if ($enable_ubbc) {
if (!$yyYaBBCloaded) { require "$sourcedir/YaBBC.pl"; }
&DoUBBC;
}
&wrap2;
if ($FORM{'previewmodify'} || $FORM{'postmodify'}) {
$submittxt = "$post_txt{'10'}";
$is_preview = 1;
$post = "postmodify";
$preview = "previewmodify";
$destination = 'modify2';
} elsif ($FORM{'previewim'} || $FORM{'imsend'}) {
$submittxt = "$post_txt{'148'}";
$destination = "imsend2";
$is_preview = 1;
$post = "imsend";
$preview = "previewim";
} else {
$notification = !$enable_notification || $iamguest ? '' : <<"~;";
$post_txt{'131'}:
$post_txt{'750'}
~;
$destination = 'post2';
$submittxt = $post_txt{'105'};
$is_preview = 1;
$post = "post";
$preview = "preview";
}
if ($INFO{'action'} eq "imgroups") { $destination = "imgroups"; }
$csubject = $sub;
&LoadCensorList;
$csubject = &Censor($csubject);
$message = &Censor($message);
&ToChars($csubject);
&ToChars($message);
require "$templatesdir/$usedisplay/Display.template";
$prevmain .= qq~
$csubject
~;
$message = $mess;
&FromChars($message);
&ToHTML($message);
if ($error) { $csubject = $error; }
$yytitle = "$post_txt{'507'} - $csubject";
$settofield = "message";
$postthread = 2;
&MessageTotals("load", $threadid);
&Postpage;
&template;
exit;
}
sub Post2 {
if ($iamguest && $enable_guestposting == 0) { &fatal_error($post_txt{'165'}); }
my ($email, $ns, $notify, @memberlist, $i, $realname, $membername, $testname, @reserve, @reservecfg, $matchword, $matchcase, $matchuser, $matchname, $namecheck, $reserved, $reservecheck, @messages, $mnum, $msub, $mname, $memail, $mdate, $musername, $micon, $mstate, $pageindex, $tempname);
&BoardTotals("load", $currentboard);
# If poster is a Guest then evaluate the legality of name and email
if (!${$uid.$username}{'email'}) {
$FORM{'name'} =~ s/\A\s+//;
$FORM{'name'} =~ s/\s+\Z//;
&Preview($post_txt{'75'}) unless ($FORM{'name'} ne '' && $FORM{'name'} ne '_' && $FORM{'name'} ne ' ');
&Preview($post_txt{'568'}) if (length($FORM{'name'}) > 25);
&Preview("$post_txt{'76'}") if ($FORM{'email'} eq '');
&Preview("$post_txt{'240'} $post_txt{'69'} $post_txt{'241'}") if ($FORM{'email'} !~ /[\w\-\.\+]+\@[\w\-\.\+]+\.(\w{2,4}$)/);
&Preview("$post_txt{'500'}") if (($FORM{'email'} =~ /(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)|(\.$)/) || ($FORM{'email'} !~ /^.+@\[?(\w|[-.])+\.[a-zA-Z]{2,4}|[0-9]{1,4}\]?$/));
}
# Get the form values
$name = $FORM{'name'};
$email = $FORM{'email'};
$subject = $FORM{'subject'};
$message = $FORM{'message'};
$icon = $FORM{'icon'};
$ns = $FORM{'ns'};
$ann = $FORM{'ann'};
$threadid = $FORM{'threadid'};
$pollthread = $FORM{'pollthread'} || 0;
if ($threadid =~ /\D/) { &fatal_error($post_txt{'337'}); }
$notify = $FORM{'notify'};
$thestatus = $FORM{'topicstatus'};
$thestatus =~ s/\, //g;
# Permission checks for posting.
if (!$threadid) {
# Check for ability to post new threads
unless (&AccessCheck($currentboard, 1) eq "granted" || $pollthread) { &fatal_error("$post_txt{'803'}"); }
} else {
# Check for ability to reply to threads
unless (&AccessCheck($currentboard, 2) eq "granted") { &fatal_error("$post_txt{'804'}"); }
}
if ($pollthread) {
# Check for ability to post polls
unless (&AccessCheck($currentboard, 3) eq "granted") { &fatal_error("$post_txt{'805'}"); }
}
if ($FORM{'file'}) {
# Check for ability to post attachments
unless (&AccessCheck($currentboard, 4) eq "granted") { &fatal_error("$post_txt{'806'}"); }
}
# End Permission Checks
if ($name && $email) {
&ToHTML($name);
$email =~ s/\|//g;
&ToHTML($email);
$tempname = $name;
$name =~ s/\_/ /g;
}
&Preview($post_txt{'75'}) unless ($username || $name);
&Preview($post_txt{'76'}) unless (${$uid.$username}{'email'} || $email);
if ($pollthread != 2) { # If user is NOT adding a Poll to an existing thread
&Preview unless ($subject && $subject !~ m~\A[\s_.,]+\Z~);
&Preview($post_txt{'78'}) unless ($message);
# Check Message Length Precisely
$mess_len = $message;
$mess_len =~ s/[\r\n]//g;
if (length($mess_len) > $MaxMessLen) { &Preview($post_txt{'536'} . " " . (length($mess_len) - $MaxMessLen) . " " . $post_txt{'537'}); }
if ($FORM{'preview'}) { &Preview; }
&spam_protection;
my $testsub = $subject;
$testsub =~ s/[\r\n\ ]//g;
$testsub =~ s/\ //g;
$testsub =~ s/ //g;
if ($testsub eq "" && $pollthread != 2) { fatal_error("$maintxt{'2'} $testsub"); }
my $testmessage = $message;
$testmessage =~ s/[\r\n\ ]//g;
$testmessage =~ s/\ //g;
$testmessage =~ s~\[table\].*?\[tr\].*?\[td\]~~g;
$testmessage =~ s~\[/td\].*?\[/tr\].*?\[/table\]~~g;
$testmessage =~ s/\[.*?\]//g;
if ($testmessage eq "" && $message ne "" && $pollthread != 2) { fatal_error("$maintxt{'2'} $testmessage"); }
$subject =~ s/&/&/g;
$subject =~ s/"/"/g;
$subject =~ s/<//g;
&FromChars($subject);
$convertstr = $subject;
$convertcut = 50;
&CountChars;
$subject = $convertstr;
$subject =~ s/"/"/g;
$subject =~ s/</g;
$subject =~ s/>/>/g;
$subject =~ s/[\r\n]//g;
$doadsubject = $subject;
$message =~ s/\cM//g;
$message =~ s~\[([^\]]{0,30})\n([^\]]{0,30})\]~\[$1$2\]~g;
$message =~ s~\[/([^\]]{0,30})\n([^\]]{0,30})\]~\[/$1$2\]~g;
$message =~ s~(\w+://[^<>\s\n\"\]\[]+)\n([^<>\s\n\"\]\[]+)~$1\n$2~g;
&FromChars($message);
&ToHTML($message);
$message =~ s~\t~ \ \ \ ~g;
$message =~ s~\n~ ~g;
$message =~ s/([\000-\x09\x0b\x0c\x0e-\x1f\x7f])/\x0d/g;
&CheckIcon;
if (-e ("$datadir/.txt")) { unlink("$datadir/.txt"); }
} # end if
if (!$iamguest) {
# If not guest, get name and email.
$name = ${$uid.$username}{'realname'};
$email = ${$uid.$username}{'email'};
} else {
# If user is Guest, then make sure the chosen name
# is not reserved or used by a member.
fopen(FILE, "$memberdir/memberlist.txt") || &fatal_error("206 $post_txt{'106'}: $post_txt{'23'} $memberlist.txt", 1);
@memberlist = ;
fclose(FILE);
&memparse(@memberlist);
$name .= "(Guest)";
}
my @poll_data;
if ($pollthread) {
$maxpq ||= 60;
$maxpo ||= 50;
$maxpc ||= 0;
$numpolloptions ||= 8;
$numcount = 0;
$FORM{"question"} =~ s/\ / /g;
$testspaces = $FORM{"question"};
$testspaces =~ s/[\r\n\ ]//g;
$testspaces =~ s/\ //g;
$testspaces =~ s~\[table\].*?\[tr\].*?\[td\]~~g;
$testspaces =~ s~\[/td\].*?\[/tr\].*?\[/table\]~~g;
$testspaces =~ s/\[.*?\]//g;
if (length($testspaces) == 0 && length($FORM{"question"}) > 0) { fatal_error("$maintxt{'2'} $testmessage"); }
$FORM{"question"} =~ s/&/&/g;
$FORM{"question"} =~ s/"/"/g;
$FORM{"question"} =~ s/<//g;
&FromChars($FORM{"question"});
$convertstr = $FORM{"question"};
$convertcut = $maxpq;
&CountChars;
$FORM{"question"} = $convertstr;
$FORM{"question"} =~ s/"/"/g;
$FORM{"question"} =~ s/</g;
$FORM{"question"} =~ s/>/>/g;
if ($cliped) { &Preview("$post_polltxt{'40'} $post_polltxt{'34a'} $maxpq $post_polltxt{'34b'} $post_polltxt{'36'}"); }
&ToHTML($FORM{"question"});
$guest_vote = $FORM{'guest_vote'} || 0;
$hide_results = $FORM{'hide_results'} || 0;
$multi_choice = $FORM{'multi_choice'} || 0;
$vote_limit = $FORM{'vote_limit'} || 0;
if ($vote_limit =~ /\D/) { $vote_limit = 0; &Preview("$post_polltxt{'62'}"); }
$poll_comment = $FORM{'poll_comment'} || "";
$poll_comment =~ s/&/&/g;
$poll_comment =~ s/"/"/g;
$poll_comment =~ s/<//g;
&FromChars($poll_comment);
$convertstr = $poll_comment;
$convertcut = $maxpc;
&CountChars;
$poll_comment = $convertstr;
$poll_comment =~ s/"/"/g;
$poll_comment =~ s/</g;
$poll_comment =~ s/>/>/g;
if ($cliped) { &Preview("$post_polltxt{'57'} $post_polltxt{'34a'} $maxpc $post_polltxt{'34b'} $post_polltxt{'36'}"); }
&ToHTML($poll_comment);
$poll_comment =~ s~\n~ ~g;
$poll_comment =~ s~\r~~g;
push @poll_data, qq~$FORM{"question"}|0|$username|$name|$email|$date|$guest_vote|$hide_results|$multi_choice|||$poll_comment|$vote_limit\n~;
for ($i = 1; $i <= $numpolloptions; $i++) {
if ($FORM{"option$i"}) {
$FORM{"option$i"} =~ s/\ / /g;
$testspaces = $FORM{"option$i"};
$testspaces =~ s/[\r\n\ ]//g;
$testspaces =~ s/\ //g;
$testspaces =~ s~\[table\].*?\[tr\].*?\[td\]~~g;
$testspaces =~ s~\[/td\].*?\[/tr\].*?\[/table\]~~g;
$testspaces =~ s/\[.*?\]//g;
if (length($testspaces) == 0 && length($FORM{"option$i"}) > 0) { fatal_error("$maintxt{'2'} $testmessage"); }
$FORM{"option$i"} =~ s/&/&/g;
$FORM{"option$i"} =~ s/"/"/g;
$FORM{"option$i"} =~ s/<//g;
&FromChars($FORM{"option$i"});
$convertstr = $FORM{"option$i"};
$convertcut = $maxpo;
&CountChars;
$FORM{"option$i"} = $convertstr;
$FORM{"option$i"} =~ s/"/"/g;
$FORM{"option$i"} =~ s/</g;
$FORM{"option$i"} =~ s/>/>/g;
if ($cliped) { &Preview("$post_polltxt{'7'} $i $post_polltxt{'34a'} $maxpo $post_polltxt{'34b'} $post_polltxt{'36'}"); }
&ToHTML($FORM{"option$i"});
$numcount++;
push @poll_data, qq~0|$FORM{"option$i"}\n~;
}
}
unless ($FORM{"question"}) { &Preview("$post_polltxt{'37'}"); }
if ($numcount < 2) { &Preview("$post_polltxt{'38'}"); }
}
}
#################
# Multiple FA, Norfolklights.com
##################;
my $query = new CGI;
my @filelist = ();
for ($y=1;$y<=$globalimagecount;++$y) {
$file = $query->param("file$y");
if ($file ne "") {
$OS = $^O; # operating system name
if ($OS =~ /darwin/i) { $isUNIX = 1; }
elsif ($OS =~ /win/i) { $isWIN = 1; }
else { $isUNIX = 1; }
$mylimit = 1024 * $limit;
$mydirlimit = 1024 * $dirlimit;
$fixfile = $file;
$fixfile =~ s/.+\\([^\\]+)$|.+\/([^\/]+)$/$1/;
$fixfile =~ s/[\(\)\$#%+,\/:?"<>'\*\;|@^!]//g; # edit in between [ ] to include characters you dont want
#to allow in filenames (dont put a . there or you wont be able to get any file extensions).
$fixfile =~ s/ /_/g; # replaces spaces in filenames with a "_" character.
$fixfile =~ s/&//g; # replaces ampersands with nothing.
$fixfile =~ s/\+//g; # replaces + with nothing
$fixfile =~ s~[^/\\0-9A-Za-z#%+\,\-\ \.\:@^_]~~g; # Remove all inappropriate characters.
# replace . with _ in the filename except for the extension
$fixname = $fixfile;
$fixname =~ s/(\S+)(\.\S+\Z)/$1/gi;
$fixext = $2;
$fixext =~ s/(pl|cgi|php)/_$1/gi;
$fixname =~ s/\./\_/g;
$fixfile = qq~$fixname$fixext~;
if ($overwrite == 2 && (-e "$uploaddir/$fixfile")) { &fatal_error("$fatxt{'8'}"); }
if (!$overwrite) {
$fixfile = check_existence($uploaddir, $fixfile);
}
if ($checkext == 0) { $match = 1; }
else {
foreach $ext (@ext) {
chomp($ext);
if (grep /$ext$/i, $fixfile) { $match = 1; last; }
}
}
if ($match) {
if ($allowattach == 1 && (($allowguestattach == 0 && $username ne 'Guest') || $allowguestattach ==
1)) {
$upload_okay = 1;
}
} else {
&Preview(" $fatxt{'20'} @ext ($fixfile)")
}
if ($mydirlimit > 0) {
&dirstats;
}
$filesize = $ENV{'CONTENT_LENGTH'} - $postsize;
$filesizekb = int($filesize / 1024);
if ($filesize > $mylimit && $mylimit != 0) {
$filesizediff = $filesizekb - $limit;
if ($filesizediff == 1) { $sizevar = "kilobyte"; }
else { $sizevar = "kilobytes"; }
&Preview(" $fatxt{'21'} $filesizediff $sizevar $fatxt{'21b'}")
} elsif ($filesize > $spaceleft && $mydirlimit != 0) {
$filesizediff = $filesizekb - $kbspaceleft;
if ($filesizediff == 1) { $sizevar = "kilobyte"; }
else { $sizevar = "kilobytes"; }
&Preview(" $fatxt{'22'} $filesizediff $sizevar $fatxt{'22b'}");
}
if ($upload_okay == 1) {
# create a new file on the server using the formatted ( new instance ) filename
$upload_filehandle = $query->upload("file$y");
open UPLOADFILE, ">$uploaddir/$fixfile";
binmode UPLOADFILE;
while ( <$upload_filehandle> )
{
print UPLOADFILE;
}
close UPLOADFILE;
}
# check if file has actually been uploaded, by checking the file has a size
if (-s "$uploaddir/$fixfile") {
$upload_ok = 1;
} else {
# delete every file that has been uploaded
foreach (@filelist) {
unlink("$uploaddir/$_");
}
&fatal_error("$fatxt{'59'} $uploaddir/$fixfile");
}
if ($fixfile =~ /(jpg|gif|png|jpeg)$/i) {
$okatt = 1;
if ($fixfile =~ /(gif)$/i) {
fopen(ATTFILE, "$uploaddir/$fixfile");
read(ATTFILE, $header, 10);
($giftest, undef, undef, undef, undef, undef) = unpack("a3a3C4", $header);
fclose(ATTFILE);
if ($giftest ne "GIF") { $okatt = 0; }
}
fopen(ATTFILE, "$uploaddir/$fixfile");
while ( read(ATTFILE, $buffer, 1024) ) {
if ($buffer =~ /\;
truncate FILE, 0;
seek FILE, 0, 0;
print FILE qq~$newthreadid|$subject|$name|$email|$date|0|$username|$icon|$mstate\n~;
print FILE @buffer;
fclose(FILE);
fopen(FILE, ">$datadir/$newthreadid.txt") || &write_error("$post_txt{'23'} $newthreadid.txt", 1);
print FILE qq~$subject|$name|$email|$date|$username|$icon|0|$user_ip|$message|$ns|||$fixfile\n~;
fclose(FILE);
$mreplies = 0;
if ($file) {
fopen(AMP, ">>$vardir/attachments.txt") || &write_error("209 $txt{'106'}: $txt{'23'} $vardir/attachments.txt");
print AMP qq~$newthreadid|$mreplies|$subject|$name|$currentboard|$filesizekb|$date|$fixfile\n~;
fclose(AMP);
}
if ($pollthread) { # Save Poll data for new thread
fopen(POLL, ">$datadir/$newthreadid.poll");
print POLL @poll_data;
fclose(POLL);
}
## write the ctb file for the new thread
${$newthreadid}{'board'} = $currentboard;
${$newthreadid}{'replies'} = 0;
${$newthreadid}{'views'} = 0;
${$newthreadid}{'lastposter'} = $iamguest ? qq~Guest-$name~ : $username;
${$newthreadid}{'lastpostdate'} = "$newthreadid";
${$newthreadid}{'threadstatus'} = "$mstate";
&MessageTotals("update", $newthreadid);
if (-e "$boardsdir/$currentboard.mail") { &NewNotify($newthreadid, $subject); }
} else {
# This is an old thread. Save it.
# first load the current ctb info on this existing thread.
&MessageTotals("load", $threadid);
# Check if thread has moved. And do necessary access check
if ("${$threadid}{'board'}" ne "$currentboard") {
unless (&AccessCheck(${$threadid}{'board'}, 2) eq "granted") { &fatal_error("$post_txt{'804'}"); }
# Thread has moved, but we can still post
# the current board is now the new board.
$currentboard = ${$threadid}{'board'};
}
if ($pollthread) { # Save new Poll data
fopen(POLL, ">$datadir/$threadid.poll");
print POLL @poll_data;
fclose(POLL);
$yySetLocation = qq~$scripturl?num=$threadid~;
&redirectexit;
} else { # or save new reply data
($mnum, $msub, $mname, $memail, $mdate, $mreplies, $musername, $micon, $mstate) = split(/\|/, $yyThreadLine);
$mreplies = ${$threadid}{'replies'};
if ($mstate =~ /l/i) { &fatal_error($post_txt{'90'}); }
$mstate = "0$thestatus";
if ($currentboard eq $annboard && $mstate !~ /a/i) { $mstate = "0a"; }
$mreplies++;
fopen(BOARDFILE, "+<$boardsdir/$currentboard.txt", 1) || &write_error("211 $post_txt{'106'}: $post_txt{'23'} $currentboard.txt", 1);
seek BOARDFILE, 0, 0;
my @buffer = ;
truncate BOARDFILE, 0;
for ($i = 0; $i < @buffer; $i++) {
if ($buffer[$i] =~ m~\A$mnum\|~o) { $buffer[$i] = ""; last; }
}
seek BOARDFILE, 0, 0;
print BOARDFILE qq~$mnum|$msub|$mname|$memail|$date|$mreplies|$musername|$micon|$mstate\n~;
print BOARDFILE @buffer;
fclose(BOARDFILE);
fopen(THREADFILE, ">>$datadir/$threadid.txt") || &write_error("212 $post_txt{'106'}: $post_txt{'23'} $threadid.txt", 1);
print THREADFILE qq~$subject|$name|$email|$date|$username|$icon|0|$user_ip|$message|$ns|||$fixfile\n~;
fclose(THREADFILE);
if ($fixfile) {
fopen(AMP, ">>$vardir/attachments.txt") || &write_error("209 $txt{'106'}: $txt{'23'} $vardir/attachments.txt");
print AMP qq~$mnum|$mreplies|$subject|$name|$currentboard|$filesizekb|$date|$fixfile\n~;
fclose(AMP);
}
} # end poll else
# update the ctb file for the existing thread with number of replies and lastposter
${$threadid}{'board'} = $currentboard;
${$threadid}{'replies'} = $mreplies;
${$threadid}{'lastposter'} = $iamguest ? qq~Guest-$name~ : $username;
${$threadid}{'lastpostdate'} = "$date";
${$threadid}{'threadstatus'} = "$mstate";
&MessageTotals("update", $threadid);
&ReplyNotify($threadid, $subject);
} # end else
if (!$iamguest) {
# Increment post count and lastpost date for the member.
# Check whether zeropost board
if (!${$uid.$currentboard}{'zero'}) {
${$uid.$username}{'postcount'}++;
&UserAccount($username, "update", "lastpost");
&UserAccount($username, "update", "lastonline");
if (${$uid.$username}{'position'}) {
$grp_after = qq~${$uid.$username}{'position'}~;
} else {
foreach $postamount (sort { $b <=> $a } keys %Post) {
if (${$uid.$username}{'postcount'} > $postamount) {
($title, undef) = split(/\|/, $Post{$postamount}, 2);
$grp_after = $title;
last;
}
}
}
&ManageMemberinfo("update", $username, '', '', $grp_after, ${$uid.$username}{'postcount'});
} else {
&UserAccount($username, "update", "lastpost");
&UserAccount($username, "update", "lastonline");
}
}
# The thread ID, regardless of whether it's a new thread or not.
$thread = $newthreadid || $threadid;
# Let's figure out what page number to show
$start = 0;
$pageindex = int($mreplies / $maxmessagedisplay);
$start = $pageindex * $maxmessagedisplay;
# Mark thread as read for the member.
&dumplog($currentboard, $date);
&doaddition;
if(!$iamguest) { &Recent_Write("incr", $thread, $username); }
if ($notify && !$hasnotify) {
$INFO{'thread'} = $thread;
$INFO{'start'} = $start;
&Notify2;
} else {
&ManageThreadNotify("delete", $thread, $username);
}
if ($currentboard eq $annboard) {
$yySetLocation = qq~$scripturl?virboard=$currentboard;num=$thread/$start#$mreplies~;
} else {
$yySetLocation = qq~$scripturl?num=$thread/$start#$mreplies~;
}
$start = $mreplies;
&redirectexit;
}
sub NewNotify {
$actlang = $language;
my $thisthread = $_[0];
my $thissubject = $_[1];
&ManageMemberinfo("load");
&ManageBoardNotify("load", $currentboard);
while (($curuser, $value) = each(%theboard)) {
($curlang, $notify_type, $hasviewed) = split(/\|/, $value);
if ($curuser ne $username) {
if ($curlang ne $actlang) {
$actlang = $curlang;
if (-e "$langdir/$actlang/Notify.lng") { require "$langdir/$actlang/Notify.lng"; }
else { require "$langdir/$lang/Notify.lng"; }
}
(undef, $curmail, undef, undef) = split(/\|/, $memberinf{$curuser});
&sendmail($curmail, "$notify_txt{'143'}\: $thissubject", "$notify_txt{'143'}, $thissubject, $notify_txt{'142'} $scripturl?num=$thisthread\n\n$notify_txt{'130'}");
}
}
undef %theboard;
undef %memberinf;
}
sub ReplyNotify {
$actlang = $language;
my $thisthread = $_[0];
my $thissubject = $_[1];
my (%mailsent);
$page = int($mreplies / $maxmessagedisplay) * $maxmessagedisplay;
&ManageMemberinfo("load");
if (-e "$boardsdir/$currentboard.mail") {
&ManageBoardNotify("load", $currentboard);
while (($curuser, $value) = each(%theboard)) {
($curlang, $notify_type, $hasviewed) = split(/\|/, $value);
if ($curuser ne $username && $notify_type == 2) {
if ($curlang ne $actlang) {
$actlang = $curlang;
if (-e "$langdir/$actlang/Notify.lng") { require "$langdir/$actlang/Notify.lng"; }
else { require "$langdir/$lang/Notify.lng"; }
}
(undef, $curmail, undef, undef) = split(/\|/, $memberinf{$curuser});
&sendmail($curmail, "$notify_txt{'127'}\: $thissubject", "$notify_txt{'128'}, $thissubject, $notify_txt{'142'} $scripturl?num=$thisthread\/$page\n\n$notify_txt{'130'}");
$mailsent{$curuser} = 1;
}
}
undef %theboard;
}
if (-e "$datadir/$thisthread.mail") {
&ManageThreadNotify("load", $thisthread);
while (($curuser, $value) = each(%thethread)) {
($curlang, $notify_type, $hasviewed) = split(/\|/, $value);
if ($curuser ne $username && !exists $mailsent{$curuser} && $hasviewed) {
if ($curlang ne $actlang) {
$actlang = $curlang;
if (-e "$langdir/$actlang/Notify.lng") { require "$langdir/$actlang/Notify.lng"; }
else { require "$langdir/$lang/Notify.lng"; }
}
(undef, $curmail, undef, undef) = split(/\|/, $memberinf{$curuser});
&sendmail($curmail, "$notify_txt{'127'}\: $thissubject", "$notify_txt{'128'}, $thissubject, $notify_txt{'129'} $scripturl?num=$thisthread\/$page\n\n$notify_txt{'131'}\n\n$notify_txt{'130'}");
$hasviewed = 0;
$thethread{$curuser} = qq~$curlang|$notify_type|$hasviewed~;
}
}
&ManageThreadNotify("save", $thisthread);
}
undef %memberinf;
}
sub doshowthread {
my ($line, $trash, $tempname, $tempdate, $temppost);
&LoadCensorList;
if ("$INFO{'start'}") { $INFO{'start'} = "/$INFO{'start'}"; }
if (@messages) {
if (@messages <= $cutamount) {
$cutamount = @messages;
}
$yymain .= qq~
~;
$showall = qq~$post_cutts{'3'}~;
unless (@messages <= $cutamount) {
$showall .= qq~ $post_cutts{'3a'} $post_cutts{'4'} $post_cutts{'5'} ~;
}
if ($INFO{'showall'} ne '' || $cutamount eq "all") {
$origcutamount = $cutamount;
$cutamount = 'all';
$showall = qq~$post_cutts{'3'} $post_cutts{'3a'} $post_cutts{'4'} $post_cutts{'6'} ~;
}
$yymain .= qq~
$post_txt{'468'} - $post_cutts{'2'} $cutamount $showall
~;
if ($tsreverse == 1) {
@messages = reverse(@messages);
}
if ($INFO{'showall'} ne '' || $cutamount eq "all") {
$cutamount = 1000;
}
for ($amounter; $amounter ne $cutamount; $amounter++) {
($trash, $temprname, $trash, $tempdate, $tempname, $trash, $trash, $trash, $message, $ns) = split(/\|/, $messages[$amounter]);
$messagedate = $tempdate;
$tempdate = &timeformat($tempdate);
$parseflash = 0;
$message = &Censor($message);
if ($tempname ne 'Guest' && -e ("$memberdir/$tempname.vars")) { &LoadUser($tempname); }
if (${$uid.$tempname}{'regtime'}) {
$registrationdate = ${$uid.$tempname}{'regtime'};
} else {
$registrationdate = int(time);
}
if (${$uid.$tempname}{'regdate'} && $messagedate > $registrationdate) {
$displaynamelink = qq~${$uid.$tempname}{'realname'} ~;
} elsif ($tempname !~ m~Guest~ && $messagedate < $registrationdate) {
$displaynamelink = qq~$tempname - $display_txt{'470a'}~;
} else {
$displaynamelink = "$temprname";
}
&wrap;
$displayname = ${$uid.$tempname}{'realname'};
if ($enable_ubbc) {
if (!$yyYaBBCloaded) { require "$sourcedir/YaBBC.pl"; }
&DoUBBC;
}
&ToChars($message);
&wrap2;
unless ($message eq '') {
$yymain .= qq~
$post_txt{'279'}: $displaynamelink
$post_txt{'280'}: $tempdate
$message
~;
}
}
$yymain .= "
\n";
} else {
$yymain .= "";
}
}
sub doaddition {
${$uid.$currentboard}{'messagecount'}++;
unless ($FORM{'threadid'}) {
${$uid.$currentboard}{'threadcount'}++;
++$threadcount;
}
$myname = $iamguest ? qq~Guest-$name~ : $username;
${$uid.$currentboard}{'lastposttime'} = $date;
${$uid.$currentboard}{'lastposter'} = $myname;
${$uid.$currentboard}{'lastpostid'} = $thread;
${$uid.$currentboard}{'lastreply'} = $mreplies;
${$uid.$currentboard}{'lastsubject'} = $doadsubject;
${$uid.$currentboard}{'lasticon'} = $icon;
&BoardTotals("update", $currentboard);
}
1;