. */ /** * @package Base */ //require('datc.php'); die(); require('header.php'); /* Is the post box open, which thread are we viewing? */ $postboxopen = false; $viewthread = false; if( $User->type['User'] AND isset($_REQUEST['postboxopen'])) { $postboxopen = (bool) $_REQUEST['postboxopen']; } elseif (isset($_REQUEST['viewthread'])) { $viewthread = (int) $_REQUEST['viewthread']; } elseif (isset($_SESSION['viewthread'])) { $viewthread = $_SESSION['viewthread']; } $new = array('message' => "", 'subject' => "", 'id' => (-1)); if(isset($_REQUEST['newmessage']) AND $User->type['User'] AND ($_REQUEST['newmessage'] != "") ) { // We're being asked to send a message. $new['message'] = $DB->msg_escape($_REQUEST['newmessage']); if(isset($_REQUEST['newsubject'])) { $new['subject'] = $DB->escape($_REQUEST['newsubject']); } $new['sendtothread'] = $viewthread; if ( ! $User->formTicket() ) { $messageproblem = "You may be attempting to send the same message twice. This problem can occur ". "if you open multiple threads at once in multiple windows/tabs, or if you refresh a page after ". "having sent a message."; } else { if(!$new['sendtothread']) { // New thread to the forum if(empty($new['subject'])) { $messageproblem="You haven't given a subject."; } else { $new['id'] = Message::send(0, $User->id, $new['message'], $new['subject'], 'ThreadStart'); $messageproblem="Thread posted sucessfully."; $new['message']=""; $new['subject']=""; $postboxopen=FALSE; $viewthread = $new['id']; } } else { // To a thread list($id) = $DB->sql_row("SELECT id FROM pD_ForumMessages WHERE id=".$new['sendtothread']." AND type='ThreadStart'"); if(isset($id)) { // It's being sent to an existing thread. $new['id'] = Message::send( $new['sendtothread'], $User->id, $new['message'], '', 'ThreadReply'); $messageproblem="Reply posted sucessfully."; $new['message']=""; $new['subject']=""; } else { $messageproblem="The thread you attempted to reply to doesn't exist."; } } } if ( isset($messageproblem) and $new['id'] != -1 ) { $_REQUEST['newmessage'] = ''; $_REQUEST['newsubject'] = ''; } } else { /* * This isn't very secure, it could potentially lead to XSS attacks, but it * is the easiest way to un-escape a failed post without having to use a * UTF-8 library to replace strings */ $_REQUEST['newmessage'] = ''; $_REQUEST['newsubject'] = ''; } $_SESSION['viewthread'] = $viewthread; libHTML::starthtml(); if(isset($messageproblem) and !$new['sendtothread']) { print '

'.$messageproblem.'

'; libHTML::pagebreak(); } print '
'; if($postboxopen) { print '
Post a message
If your post relates to a particular game please include the URL or ID of the game.
If you are posting a feature request please check that it is not already on the todo list.
If your message is very long please post a small message saying what the long message is about, and then post the long message as a reply to the short message.

Subject:  


Close
'; } elseif($User->type['User']) { print '

Post a message

'; } //TODO: The forum queries need to be checked against the forum indexes; which are/aren't used, can they be improved? $tabl = $DB->sql_tabl("SELECT f.id, fromUserID, timeSent, message, subject, f.type, replies, u.username as fromusername, u.points as points, latestReplyID, IF(s.userID IS NULL,0,1) as online FROM pD_ForumMessages f INNER JOIN pD_Users u ON ( f.fromUserID = u.id ) LEFT JOIN pD_Sessions s ON ( u.id = s.userID ) WHERE f.type = 'ThreadStart' OR ( f.type = 'Bulletin' AND ( toID = ".$User->id." OR toID = 0 ) ) order BY latestReplyID DESC ". (isset($_REQUEST['viewall']) ? "" : "LIMIT ".Config::$messagesperpage )); $switch = '2'; $first = true; while( $message = $DB->tabl_hash($tabl) ) { if ( $first ) $first = false; else print '
'; $switch = ( $switch == '1' ? '2' : '1' ); print '
'. ($User->lastMessageIDViewed < $message['latestReplyID'] ? 'New post ' : ''). ''.$message['subject'].'
Sent from: '. ($message['fromUserID'] == $User->id ? 'You' : ''.$message['fromusername']. ($message['online']?' Online':''). ' ('.$message['points'].' )'). ' Sent: '.libTime::text($message['timeSent']).'
'.$message['message'].'
'; if ( $message['type'] == 'Bulletin' ) { print '
Notification message
'; } else { if( $message['id'] == $viewthread ) { $replytabl = $DB->sql_tabl( "SELECT f.id, fromUserID, f.timeSent, f.message, u.points as points, IF(s.userID IS NULL,0,1) as online, u.username as fromusername FROM pD_ForumMessages f, pD_Users u LEFT JOIN pD_Sessions s ON ( u.id = s.userID ) WHERE f.toID=".$message['id']." AND f.type='ThreadReply' AND f.fromUserID = u.id order BY f.timeSent ASC"); $replyfirst = true; $replyswitch = '2'; while($reply = $DB->tabl_hash($replytabl) ) { $replyswitch = ( $replyswitch == '1' ? '2' : '1' ); print '
'. '
'; if ( $new['id'] == $reply['id'] ) { print ''; } print 'Sent from: '. ($reply['fromUserID'] == $User->id ? 'You' : ''.$reply['fromusername']. ($reply['online']?' Online':''). ' ('.$reply['points'].' )'). ' Sent: '.libTime::text($reply['timeSent']).'
'.$reply['message'].'
'; $replyfirst = false; } unset($replytabl, $replyfirst, $replyswitch); print '
'; // Now we show the Reply and Close Thread box. if($User->type['User']) { print '
'. ( $new['id'] != (-1) ? '' : ''). '

'; if ( isset($messageproblem) and $new['sendtothread'] ) { print '

'.$messageproblem.'

'; } print '

'; } else { print '
'; } print 'Close thread'; } else { print '
'; print 'There are currently '.$message['replies'].' replies to this thread.'; print '
Open thread'; } print "
"; } print "
"; } print '
'; libHTML::footer(); ?>