From 981b7056bb2212bbe228581e77372a08d2baa33f Mon Sep 17 00:00:00 2001 From: James Atkinson Date: Thu, 2 Aug 2001 08:36:38 +0000 Subject: [PATCH] Beginnings of the forum managament code (no functionality yet). Also a bit of a fix to view topic so it dosan't screw up when HTML is turned off. Still needs work, HTML works in [quote] tags... havn't tracked it down yet. Nate should look at it! git-svn-id: file:///svn/phpbb/trunk@792 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/admin/admin_forums.php | 198 +++++++++++++++++++++++++---- phpBB/includes/bbcode.php | 212 ++++++++++++++++---------------- phpBB/language/lang_english.php | 5 + phpBB/viewtopic.php | 62 +++++----- 4 files changed, 320 insertions(+), 157 deletions(-) diff --git a/phpBB/admin/admin_forums.php b/phpBB/admin/admin_forums.php index e21f26972c..fbee871478 100644 --- a/phpBB/admin/admin_forums.php +++ b/phpBB/admin/admin_forums.php @@ -1,26 +1,26 @@ \n"; -print "Requested action was: $mode
\n"; +include('page_header_admin.'.$phpEx); +$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode']; + +switch($mode) +{ + case 'manage': + + $template->set_filenames(array( + "body" => "admin/admin_forum_manage.tpl") + ); + $template->assign_vars(array("S_MANAGE_ACTION" => append_sid("admin_forums.$phpEx"), + "L_FORUM" => $lang['Forum'], + "L_MODERATOR" => $lang['Moderator'], + "L_ORDER" => $lang['Order'], + "POST_FORUM_URL" => POST_FORUM_URL, + "L_REMOVE" => $lang['Remove'], + "L_EDIT" => $lang['Edit'], + "L_LOCK" => $lang['Lock'], + "L_UPDATE_ORDER" => $lang['Update_order'], + "L_ACTION" => $lang['Action'])); + + $sql = "SELECT c.cat_id, c.cat_title, c.cat_order + FROM " . CATEGORIES_TABLE . " c, " . FORUMS_TABLE . " f + WHERE f.cat_id = c.cat_id + GROUP BY c.cat_id, c.cat_title, c.cat_order + ORDER BY c.cat_order"; + + if(!$q_categories = $db->sql_query($sql)) + { + message_die(GENERAL_ERROR, "Could not query categories list", "", __LINE__, __FILE__, $sql); + } + + if($total_categories = $db->sql_numrows($q_categories)) + { + $category_rows = $db->sql_fetchrowset($q_categories); + + $sql = "SELECT f.forum_id, f.forum_name, f.forum_desc, f.cat_id, f.forum_order + FROM " . FORUMS_TABLE . " f + ORDER BY f.cat_id, f.forum_order"; + + if(!$q_forums = $db->sql_query($sql)) + { + message_die(GENERAL_ERROR, "Could not query forums information", "", __LINE__, __FILE__, $sql); + } + if( !$total_forums = $db->sql_numrows($q_forums) ) + { + message_die(GENERAL_MESSAGE, $lang['No_forums']); + } + $forum_rows = $db->sql_fetchrowset($q_forums); + + // + // Obtain list of moderators of each forum + // + $sql = "SELECT aa.forum_id, g.group_name, g.group_id, g.group_single_user, u.user_id, u.username + FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g, " . USERS_TABLE . " u + WHERE aa.auth_mod = " . TRUE . " + AND ug.group_id = aa.group_id + AND g.group_id = aa.group_id + AND u.user_id = ug.user_id + ORDER BY aa.forum_id, g.group_id, u.user_id"; + + if(!$q_forum_mods = $db->sql_query($sql)) + { + message_die(GENERAL_ERROR, "Could not query forum moderator information", "", __LINE__, __FILE__, $sql); + } + $forum_mods_list = $db->sql_fetchrowset($q_forum_mods); + + for($i = 0; $i < count($forum_mods_list); $i++) + { + if($forum_mods_list[$i]['group_single_user'] || !$forum_mods_list[$i]['group_id']) + { + $forum_mods_single_user[$forum_mods_list[$i]['forum_id']][] = 1; + + $forum_mods_name[$forum_mods_list[$i]['forum_id']][] = $forum_mods_list[$i]['username']; + $forum_mods_id[$forum_mods_list[$i]['forum_id']][] = $forum_mods_list[$i]['user_id']; + } + else + { + $forum_mods_single_user[$forum_mods_list[$i]['forum_id']][] = 0; + + $forum_mods_name[$forum_mods_list[$i]['forum_id']][] = $forum_mods_list[$i]['group_name']; + $forum_mods_id[$forum_mods_list[$i]['forum_id']][] = $forum_mods_list[$i]['group_id']; + } + } + + for($i = 0; $i < $total_categories; $i++) + { + $cat_id = $category_rows[$i]['cat_id']; + $count = 0; + + for($j = 0; $j < $total_forums; $j++) + { + $forum_id = $forum_rows[$j]['forum_id']; + + if($forum_rows[$j]['cat_id'] == $cat_id ) + { + if(!$gen_cat[$cat_id]) + { + $template->assign_block_vars("catrow", array( + "CAT_DESC" => stripslashes($category_rows[$i]['cat_title'])) + ); + $gen_cat[$cat_id] = 1; + } + + $mod_count = 0; + $moderators_links = ""; + for($mods = 0; $mods < count($forum_mods_name[$forum_id]); $mods++) + { + if( !strstr($moderators_links, $forum_mods_name[$forum_id][$mods]) ) + { + if($mods > 0) + { + $moderators_links .= ", "; + } + + if( !($mod_count % 2) && $mod_count != 0 ) + { + $moderators_links .= "
"; + } + + if( $forum_mods_single_user[$forum_id][$mods]) + { + $moderators_links .= "" . $forum_mods_name[$forum_id][$mods] . ""; + } + else + { + $moderators_links .= "" . $forum_mods_name[$forum_id][$mods] . ""; + } + + $mod_count++; + } + } + if($moderators_links == "") + { + $moderators_links = " "; + } + + $template->assign_block_vars("catrow.forumrow", array( + "FORUM_NAME" => stripslashes($forum_rows[$j]['forum_name']), + "FORUM_DESC" => stripslashes($forum_rows[$j]['forum_desc']), + "MODERATORS" => $moderators_links, + "FORUM_ID" => $forum_id, + "FORUM_ORDER" => $forum_rows[$j]['forum_order'], + "U_VIEWFORUM" => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id")) + ); + + $count++; + } + } + } // for ... categories + } + $template->pparse("body"); + break; + +} +include('page_footer_admin.'.$phpEx); ?> \ No newline at end of file diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index b7c1028db4..70599a6c60 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -1,25 +1,25 @@ ', $text); @@ -63,18 +63,18 @@ function bbencode_second_pass($text, $uid) // Ordered lists $text = preg_replace("/\[list=([a1]):$uid\]/si", '
    ', $text); - // [QUOTE] and [/QUOTE] for posting replies with quote, or just for quoting stuff. + // [QUOTE] and [/QUOTE] for posting replies with quote, or just for quoting stuff. $text = str_replace("[quote:$uid]", '
    Quote:
    ', $text); $text = str_replace("[/quote:$uid]", '
    ', $text); - + // [b] and [/b] for bolding text. $text = str_replace("[b:$uid]", '', $text); $text = str_replace("[/b:$uid]", '', $text); - + // [i] and [/i] for italicizing text. $text = str_replace("[i:$uid]", '', $text); $text = str_replace("[/i:$uid]", '', $text); - + // [img]image_url_here[/img] code.. $text = str_replace("[img:$uid]", '', $text); @@ -82,34 +82,34 @@ function bbencode_second_pass($text, $uid) // Patterns and replacements for URL and email tags.. $patterns = array(); $replacements = array(); - + // [url]xxxx://www.phpbb.com[/url] code.. $patterns[0] = "#\[url\]([a-z]+?://){1}(.*?)\[/url\]#si"; $replacements[0] = '\1\2'; - + // [url]www.phpbb.com[/url] code.. (no xxxx:// prefix). $patterns[1] = "#\[url\](.*?)\[/url\]#si"; $replacements[1] = '\1'; - - // [url=xxxx://www.phpbb.com]phpBB[/url] code.. + + // [url=xxxx://www.phpbb.com]phpBB[/url] code.. $patterns[2] = "#\[url=([a-z]+?://){1}(.*?)\](.*?)\[/url\]#si"; $replacements[2] = '\3'; - + // [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix). $patterns[3] = "#\[url=(.*?)\](.*?)\[/url\]#si"; $replacements[3] = '\2'; - + // [email]user@domain.tld[/email] code.. $patterns[4] = "#\[email\](.*?)\[/email\]#si"; $replacements[4] = '\1'; - + $text = preg_replace($patterns, $replacements, $text); // Remove our padding from the string.. $text = substr($text, 1); return $text; - + } // bbencode_second_pass() @@ -119,7 +119,7 @@ function make_bbcode_uid() // Unique ID for this message.. $uid = md5(uniqid(rand())); $uid = substr($uid, 0, BBCODE_UID_LEN); - + return $uid; } @@ -134,54 +134,54 @@ function bbencode_first_pass($text, $uid) // [CODE] and [/CODE] for posting code (HTML, PHP, C etc etc) in your posts. $text = bbencode_first_pass_pda($text, $uid, '[code]', '[/code]', '', true, ''); - // [QUOTE] and [/QUOTE] for posting replies with quote, or just for quoting stuff. + // [QUOTE] and [/QUOTE] for posting replies with quote, or just for quoting stuff. $text = bbencode_first_pass_pda($text, $uid, '[quote]', '[/quote]', '', false, ''); // [list] and [list=x] for (un)ordered lists. $open_tag = array(); $open_tag[0] = "[list]"; - + // unordered.. $text = bbencode_first_pass_pda($text, $uid, $open_tag, "[/list]", "[/list:u]", false, 'replace_listitems'); - + $open_tag[0] = "[list=1]"; $open_tag[1] = "[list=a]"; - + // ordered. $text = bbencode_first_pass_pda($text, $uid, $open_tag, "[/list]", "[/list:o]", false, 'replace_listitems'); - + // [b] and [/b] for bolding text. $text = preg_replace("#\[b\](.*?)\[/b\]#si", "[b:$uid]\\1[/b:$uid]", $text); - + // [i] and [/i] for italicizing text. $text = preg_replace("#\[i\](.*?)\[/i\]#si", "[i:$uid]\\1[/i:$uid]", $text); - + // [img]image_url_here[/img] code.. $text = preg_replace("#\[img\](.*?)\[/img\]#si", "[img:$uid]\\1[/img:$uid]", $text); - + // Remove our padding from the string.. $text = substr($text, 1); // Add the uid tag to the start of the string.. //$text = '[uid=' . $uid . ']' . $text; - + return $text; - + } // bbencode_first_pass() -/** +/** * $text - The text to operate on. * $uid - The UID to add to matching tags. * $open_tag - The opening tag to match. Can be an array of opening tags. * $close_tag - The closing tag to match. * $close_tag_new - The closing tag to replace with. - * $mark_lowest_level - boolean - should we specially mark the tags that occur + * $mark_lowest_level - boolean - should we specially mark the tags that occur * at the lowest level of nesting? (useful for [code], because * we need to match these tags first and transform HTML tags * in their contents.. * $func - This variable should contain a string that is the name of a function. - * That function will be called when a match is found, and passed 2 + * That function will be called when a match is found, and passed 2 * parameters: ($text, $uid). The function should return a string. * This is used when some transformation needs to be applied to the * text INSIDE a pair of matching tags. If this variable is FALSE or the @@ -197,28 +197,28 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_ { $open_tag_count = 0; $open_tag_length = array(); - + if (!$close_tag_new || ($close_tag_new == '')) { - $close_tag_new = $close_tag; + $close_tag_new = $close_tag; } - + $close_tag_length = strlen($close_tag); $close_tag_new_length = strlen($close_tag_new); $uid_length = strlen($uid); - + $use_function_pointer = ($func && ($func != '')); - + $stack = array(); - + if (is_array($open_tag)) { if (0 == count($open_tag)) { // No opening tags to match, so return. - return $text; + return $text; } - + for ($i = 0; $i < count($open_tag); $i++) { ++$open_tag_count; @@ -234,14 +234,14 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_ $open_tag_length[0] = strlen($open_tag[0]); $open_tag_count = 1; } - + // Start at the 2nd char of the string, looking for opening tags. $curr_pos = 1; while ($curr_pos && ($curr_pos < strlen($text))) - { + { $curr_pos = strpos($text, "[", $curr_pos); - + // If not found, $curr_pos will be 0, and the loop will end. if ($curr_pos) { @@ -256,10 +256,10 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_ { $found_start = true; $which_start_tag = $i; - break; + break; } } - + if ($found_start) { // We have an opening tag. @@ -278,7 +278,7 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_ // Check if we've already found a matching starting tag. if (sizeof($stack) > 0) { - // There exists a starting tag. + // There exists a starting tag. $curr_nesting_depth = sizeof($stack); // We need to do 2 replacements now. $match = bbcode_array_pop($stack); @@ -286,22 +286,22 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_ $which_start_tag = $match['tag']; $start_length = $open_tag_length[$which_start_tag]; $start_tag = $open_tag[$which_start_tag]; - + // everything before the opening tag. $before_start_tag = substr($text, 0, $start_index); - + // everything after the opening tag, but before the closing tag. $between_tags = substr($text, $start_index + $start_length, $curr_pos - $start_index - $start_length); - + // Run the given function on the text between the tags.. if ($use_function_pointer) { $between_tags = $func($between_tags, $uid); } - + // everything after the closing tag. $after_end_tag = substr($text, $curr_pos + $close_tag_length); - + // Mark the lowest nesting level if needed. if ($mark_lowest_level && ($curr_nesting_depth == 1)) { @@ -313,10 +313,10 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_ $text = $before_start_tag . substr($start_tag, 0, $start_length - 1) . ":$uid]"; $text .= $between_tags . substr($close_tag_new, 0, $close_tag_new_length - 1) . ":$uid]"; } - + $text .= $after_end_tag; - - // Now.. we've screwed up the indices by changing the length of the string. + + // Now.. we've screwed up the indices by changing the length of the string. // So, if there's anything in the stack, we want to resume searching just after it. // otherwise, we go back to the start. if (sizeof($stack) > 0) @@ -334,20 +334,20 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_ else { // No matching start tag found. Increment pos, keep going. - ++$curr_pos; + ++$curr_pos; } } else { // No starting tag or ending tag.. Increment pos, keep looping., - ++$curr_pos; + ++$curr_pos; } } } } // while return $text; - + } // bbencode_first_pass_pda() @@ -363,10 +363,12 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_ */ function bbencode_second_pass_code($text, $uid) { - + // If HTML is turned on we undo any HTML special chars that were created by the viewtopic code. + $text = undo_htmlspecialchars($text); + $code_start_html = '
    Code:
    ';
 	$code_end_html =  '
    '; - + // First, do all the 1st-level matches. These need an htmlspecialchars() run, // so they have to be handled differently. $match_count = preg_match_all("#\[code:1:$uid\](.*?)\[/code:1:$uid\]#si", $text, $matches); @@ -375,24 +377,24 @@ function bbencode_second_pass_code($text, $uid) { $before_replace = $matches[1][$i]; $after_replace = $matches[1][$i]; - - $after_replace = htmlspecialchars($after_replace); - + + $after_replace = htmlspecialchars($after_replace); + $str_to_match = "[code:1:$uid]" . $before_replace . "[/code:1:$uid]"; - + $replacement = $code_start_html; $replacement .= $after_replace; $replacement .= $code_end_html; - + $text = str_replace($str_to_match, $replacement, $text); } - + // Now, do all the non-first-level matches. These are simple. $text = str_replace("[code:$uid]", $code_start_html, $text); $text = str_replace("[/code:$uid]", $code_end_html, $text); return $text; - + } // bbencode_second_pass_code() @@ -401,7 +403,7 @@ function bbencode_second_pass_code($text, $uid) * - Goes through the given string, and replaces xxxx://yyyy with an HTML tag linking * to that URL * - Goes through the given string, and replaces www.xxxx.yyyy[zzzz] with an HTML tag linking - * to http://www.xxxx.yyyy[/zzzz] + * to http://www.xxxx.yyyy[/zzzz] * - Goes through the given string, and replaces xxxx@yyyy with an HTML mailto: tag linking * to that email address * - Only matches these 2 patterns either after a space, or at the beginning of a line @@ -410,17 +412,17 @@ function bbencode_second_pass_code($text, $uid) * have it require something like xxxx@yyyy.zzzz or such. We'll see. */ -function make_clickable($text) +function make_clickable($text) { - + // pad it with a space so we can match things at the start of the 1st line. $ret = " " . $text; - + // matches an "xxxx://yyyy" URL at the start of a line, or after a space. // xxxx can only be alpha characters. // yyyy is anything up to the first space, newline, or comma. $ret = preg_replace("#([\n ])([a-z]+?)://([^, \n\r]+)#i", "\\1\\2://\\3", $ret); - + // matches a "www.xxxx.yyyy[/zzzz]" kinda lazy URL thing // Must contain at least 2 dots. xxxx contains either alphanum, or "-" // yyyy contains either alphanum, "-", or "." @@ -428,15 +430,15 @@ function make_clickable($text) // This is slightly restrictive - it's not going to match stuff like "forums.foo.com" // This is to keep it from getting annoying and matching stuff that's not meant to be a link. $ret = preg_replace("#([\n ])www\.([a-z0-9\-]+)\.([a-z0-9\-.\~]+)((?:/[^, \n\r]*)?)#i", "\\1www.\\2.\\3\\4", $ret); - + // matches an email@domain type address at the start of a line, or after a space. // Note: before the @ sign, the only valid characters are the alphanums and "-", "_", or ".". // After the @ sign, we accept anything up to the first space, linebreak, or comma. $ret = preg_replace("#([\n ])([a-z0-9\-_.]+?)@([^, \n\r]+)#i", "\\1\\2@\\3", $ret); - + // Remove our padding.. $ret = substr($ret, 1); - + return($ret); } @@ -446,14 +448,14 @@ function make_clickable($text) * - Does not distinguish between "www.xxxx.yyyy" and "http://aaaa.bbbb" type URLs. * */ - + function undo_make_clickable($text) { - + $text = preg_replace("#.*?#i", "\\1", $text); $text = preg_replace("#.*?#i", "\\1", $text); - + return $text; - + } @@ -468,7 +470,7 @@ function undo_htmlspecialchars($input) { $input = preg_replace("/</i", "<", $input); $input = preg_replace("/"/i", "\"", $input); $input = preg_replace("/&/i", "&", $input); - + return $input; } @@ -476,21 +478,21 @@ function undo_htmlspecialchars($input) { /** * This is used to change a [*] tag into a [*:$uid] tag as part - * of the first-pass bbencoding of [list] tags. It fits the - * standard required in order to be passed as a variable + * of the first-pass bbencoding of [list] tags. It fits the + * standard required in order to be passed as a variable * function into bbencode_first_pass_pda(). */ function replace_listitems($text, $uid) { $text = str_replace("[*]", "[*:$uid]", $text); - + return $text; } /** * Escapes the "/" character with "\/". This is useful when you need - * to stick a runtime string into a PREG regexp that is being delimited + * to stick a runtime string into a PREG regexp that is being delimited * with slashes. */ function escape_slashes($input) @@ -502,7 +504,7 @@ function escape_slashes($input) /** * This function does exactly what the PHP4 function array_push() does - * however, to keep phpBB compatable with PHP 3 we had to come up with our own + * however, to keep phpBB compatable with PHP 3 we had to come up with our own * method of doing it. */ function bbcode_array_push(&$stack, $value) { @@ -518,20 +520,20 @@ function bbcode_array_push(&$stack, $value) { function bbcode_array_pop(&$stack) { $arrSize = count($stack); $x = 1; - while(list($key, $val) = each($stack)) + while(list($key, $val) = each($stack)) { - if($x < count($stack)) + if($x < count($stack)) { $tmpArr[] = $val; } - else + else { $return_val = $val; } $x++; } $stack = $tmpArr; - + return($return_val); } diff --git a/phpBB/language/lang_english.php b/phpBB/language/lang_english.php index 5688c3e3fa..986b40186c 100755 --- a/phpBB/language/lang_english.php +++ b/phpBB/language/lang_english.php @@ -762,6 +762,11 @@ $lang['Ban_update_sucessful'] = "The banlist has been updated sucessfully"; // Configuration $lang['Config_updated'] = "Forum Configuration Updated Sucessfully"; +// Forum Management +$lang['Remove'] = "Remove"; +$lang['Action'] = "Action"; +$lang['Update_order'] = "Update Order"; + // // End // ------------------------------------------------- diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 3ca7068f68..a733077ae0 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -36,7 +36,7 @@ function smilies_pass($message) if(empty($smilies)) { - $sql = "SELECT code, smile_url + $sql = "SELECT code, smile_url FROM " . SMILIES_TABLE; if($result = $db->sql_query($sql)) { @@ -95,21 +95,21 @@ if( isset($HTTP_GET_VARS["view"]) && empty($HTTP_GET_VARS[POST_POST_URL]) ) $sql_ordering = "DESC"; } - $sql = "SELECT t.topic_id - FROM " . TOPICS_TABLE . " t, " . TOPICS_TABLE . " t2, " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 - WHERE t2.topic_id = $topic_id - AND p2.post_id = t2.topic_last_post_id - AND t.forum_id = t2.forum_id - AND p.post_id = t.topic_last_post_id - AND p.post_time $sql_condition p2.post_time - AND p.topic_id = t.topic_id - ORDER BY p.post_time $sql_ordering + $sql = "SELECT t.topic_id + FROM " . TOPICS_TABLE . " t, " . TOPICS_TABLE . " t2, " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 + WHERE t2.topic_id = $topic_id + AND p2.post_id = t2.topic_last_post_id + AND t.forum_id = t2.forum_id + AND p.post_id = t.topic_last_post_id + AND p.post_time $sql_condition p2.post_time + AND p.topic_id = t.topic_id + ORDER BY p.post_time $sql_ordering LIMIT 1"; if(!$result = $db->sql_query($sql)) { message_die(GENERAL_ERROR, "Couldn't obtain newer/older topic information", "", __LINE__, __FILE__, $sql); } - + list($topic_id) = $db->sql_fetchrow($result); if(empty($topic_id)) { @@ -205,8 +205,8 @@ if(!empty($HTTP_POST_VARS['postdays']) || !empty($HTTP_GET_VARS['postdays'])) $min_post_time = time() - ($post_days * 86400); $sql = "SELECT COUNT(post_id) AS num_posts - FROM " . POSTS_TABLE . " - WHERE topic_id = $topic_id + FROM " . POSTS_TABLE . " + WHERE topic_id = $topic_id AND post_time >= $min_post_time"; if(!$result = $db->sql_query($sql)) { @@ -268,8 +268,8 @@ $sql = "SELECT u.username, u.user_id, u.user_posts, u.user_from, u.user_website, FROM " . POSTS_TABLE . " p, " . USERS_TABLE . " u, " . POSTS_TEXT_TABLE . " pt WHERE p.topic_id = $topic_id AND p.poster_id = u.user_id - AND p.post_id = pt.post_id - $limit_posts_time + AND p.post_id = pt.post_id + $limit_posts_time ORDER BY p.post_time $post_time_order LIMIT $start, ".$board_config['posts_per_page']; if(!$result = $db->sql_query($sql)) @@ -295,7 +295,7 @@ $ranksrow = $db->sql_fetchrowset($ranksresult); // // Dump out the page header and load viewtopic body template // -setcookie('phpbb2_' . $forum_id . '_' . $topic_id, time(), time()+6000, $cookiepath, $cookiedomain, $cookiesecure); +setcookie('phpbb2_' . $forum_id . '_' . $topic_id, time(), time()+6000, $cookiepath, $cookiedomain, $cookiesecure); $page_title = $lang['View_topic'] ." - $topic_title"; include($phpbb_root_path . 'includes/page_header.'.$phpEx); @@ -306,9 +306,9 @@ $template->set_filenames(array( $jumpbox = make_jumpbox(); $template->assign_vars(array( - "L_GO" => $lang['Go'], - "L_JUMP_TO" => $lang['Jump_to'], - "L_SELECT_FORUM" => $lang['Select_forum'], + "L_GO" => $lang['Go'], + "L_JUMP_TO" => $lang['Jump_to'], + "L_SELECT_FORUM" => $lang['Select_forum'], "JUMPBOX_LIST" => $jumpbox, "SELECT_NAME" => POST_FORUM_URL) ); @@ -320,7 +320,7 @@ $template->assign_vars(array( "TOPIC_ID" => $topic_id, "TOPIC_TITLE" => $topic_title, - "L_DISPLAY_POSTS" => $lang['Display_posts'], + "L_DISPLAY_POSTS" => $lang['Display_posts'], "S_SELECT_POST_DAYS" => $select_post_days, "S_SELECT_POST_ORDER" => $select_post_order, @@ -350,13 +350,13 @@ $template->assign_vars(array( "FORUM_NAME" => $forum_name, "TOPIC_TITLE" => $topic_title, - "L_POSTED" => $lang['Posted'], - "L_POST_SUBJECT" => $lang['Post_subject'], + "L_POSTED" => $lang['Posted'], + "L_POST_SUBJECT" => $lang['Post_subject'], "L_VIEW_NEXT_TOPIC" => $lang['View_next_topic'], "L_VIEW_PREVIOUS_TOPIC" => $lang['View_previous_topic'], - "IMG_POST" => $post_img, - "IMG_REPLY" => $reply_img, + "IMG_POST" => $post_img, + "IMG_REPLY" => $reply_img, "U_VIEW_FORUM" => $view_forum_url, "U_VIEW_OLDER_TOPIC" => $view_prev_topic_url, @@ -422,7 +422,7 @@ for($i = 0; $i < $total_posts; $i++) } } } - else + else { for($j = 0; $j < count($ranksrow); $j++) { @@ -508,9 +508,9 @@ for($i = 0; $i < $total_posts; $i++) { if($user_sig != "") { - $user_sig = strip_tags($user_sig); + $user_sig = htmlspecialchars($user_sig); } - $message = strip_tags($message); + $message = htmlspecialchars($message); } if($board_config['allow_bbcode']) @@ -525,6 +525,8 @@ for($i = 0; $i < $total_posts; $i++) $message = bbencode_second_pass($message, $bbcode_uid); } + + $message = make_clickable($message); $message = str_replace("\n", "
    ", $message); @@ -557,7 +559,7 @@ for($i = 0; $i < $total_posts; $i++) $template->assign_block_vars("postrow", array( "ROW_COLOR" => $row_color, - "ROW_CLASS" => $row_class, + "ROW_CLASS" => $row_class, "POSTER_NAME" => $poster, "POSTER_RANK" => $poster_rank, "RANK_IMAGE" => $rank_image, @@ -569,7 +571,7 @@ for($i = 0; $i < $total_posts; $i++) "POST_SUBJECT" => $post_subject, "MESSAGE" => $message, "PROFILE_IMG" => $profile_img, - "SEARCH_IMG" => $search_img, + "SEARCH_IMG" => $search_img, "PM_IMG" => $pm_img, "EMAIL_IMG" => $email_img, "WWW_IMG" => $www_img, @@ -617,7 +619,7 @@ if( $is_auth['auth_mod'] ) } $template->assign_vars(array( - "PAGINATION" => generate_pagination("viewtopic.$phpEx?".POST_TOPIC_URL."=$topic_id&postdays=$post_days&postorder=$post_order", $total_replies, $board_config['posts_per_page'], $start), + "PAGINATION" => generate_pagination("viewtopic.$phpEx?".POST_TOPIC_URL."=$topic_id&postdays=$post_days&postorder=$post_order", $total_replies, $board_config['posts_per_page'], $start), "ON_PAGE" => ( floor( $start / $board_config['posts_per_page'] ) + 1 ), "TOTAL_PAGES" => ceil( $total_replies / $board_config['posts_per_page'] ),