phpBB Styles

by **husker** on Thu Feb 22, 2007 12:54 am

Every time a member posts on my forum, this message comes up:

Error geting users post stat

DEBUG MODE

SQL Error : 1054 Unknown column 'g.group_id' in 'on clause'

SELECT ug.user_id, g.group_id as g_id, u.user_posts, g.group_count, g.group_count_max FROM phpbb_groups g, phpbb_users u LEFT JOIN phpbb_user_group ug ON g.group_id=ug.group_id AND ug.user_id=2 WHERE u.user_id=2 AND g.group_single_user=0 AND g.group_count_enable=1 AND g.group_moderator<>2

Line : 663
File : functions_post.php

The post will still go through, but this is annoying to everyone. Anyone know how to fix this?

by **kvfb97** on Thu Feb 22, 2007 10:54 pm

Greetings,

Post your functions_post.php file. Found in the includes dir.

by **husker** on Mon Feb 26, 2007 10:14 pm

Code: Select all: <?php /*************************************************************************** * functions_post.php * ------------------- * begin : Saturday, Feb 13, 2001 * copyright : (C) 2001 The phpBB Group * email : support@phpbb.com * * $Id: functions_post.php,v 1.9.2.39 2005/09/18 16:17:20 acydburn Exp $ * * ***************************************************************************/ /*************************************************************************** * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * ***************************************************************************/ if (!defined('IN_PHPBB')) { die('Hacking attempt'); } $html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#', '#"#'); $html_entities_replace = array('&', '<', '>', '"'); $unhtml_specialchars_match = array('#>#', '#<#', '#"#', '#&#'); $unhtml_specialchars_replace = array('>', '<', '"', '&'); // // Post IAI's response to database // function iai_submit_post($mode, &$iai_id, &$forum_id, &$topic_id, &$iai_post_id, &$topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, &$bbcode_uid, &$iai_username, &$iai_subject, &$iai_message) { global $board_config, $lang, $db, $phpbb_root_path, $phpEx; //Stores user's IP since IAI has none. Can be changed as wished. global $user_ip; $current_time = time(); $sql = "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig) VALUES ($topic_id, $forum_id, $iai_id, '$iai_username', $current_time, '$user_ip', $bbcode_on, $html_on, $smilies_on, $attach_sig)"; if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) ) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } $iai_post_id = $db->sql_nextid(); $sql = "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, bbcode_uid, post_text) VALUES ($iai_post_id, '$iai_subject', '$bbcode_uid', '$iai_message')"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } add_search_words($iai_post_id, stripslashes($iai_message), stripslashes($iai_subject)); return false; } // // Update Stats for IAI: must be run AFTER update_post_stats() for original post // function iai_update_post_stats(&$forum_id, &$topic_id, &$iai_post_id, &$iai_id) { global $db; //This simply runs the 3 db updating functions (only used for IAI replies). $sql = "UPDATE " . FORUMS_TABLE . " SET forum_posts = forum_posts + 1, forum_last_post_id = $iai_post_id WHERE forum_id = $forum_id"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } $sql = "UPDATE " . TOPICS_TABLE . " SET topic_last_post_id = $iai_post_id, topic_replies = topic_replies + 1 WHERE topic_id = $topic_id"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } // Let the bot spam!!! $sql = "UPDATE " . USERS_TABLE . " SET user_posts = user_posts + 1 WHERE user_id = $iai_id"; if ( !($result = $db->sql_query($sql, END_TRANSACTION)) ) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } // Don't let the users spam the Bot's forum... if($forum_id == "19") { global $userdata; $db->sql_query("UPDATE " . USERS_TABLE . " SET user_posts = user_posts - 1 WHERE user_id = " . $userdata['user_id']); } return; } // // Allows bot to send pms requiring only subject, message and user_id of user it is being sent to. // I've made it an easy to use function so you can adapt it to use in many situations on your site // an example is in the welcome message system which is included with this package. The function // also sends emails (if $send_email set) and does all the inbox checking stuff that normal pms do. // function iai_send_pm($user_to_id, $iai_subject, $iai_message, $send_email) { global $board_config, $lang, $db, $phpbb_root_path, $phpEx; $sql = "SELECT * FROM " . USERS_TABLE . " WHERE user_id = " . $user_to_id . " AND user_id <> " . ANONYMOUS; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Tried obtaining data for a non-existent user', '', __LINE__, __FILE__, $sql); } $usertodata = $db->sql_fetchrow($result); // prepare IAI message (IAI may have used html, smilies etc...) $bbcode_uid = make_bbcode_uid(); $iai_message = str_replace("'", "''", $iai_message); // This is to fix up some of the bad formatting which comes out of the AI if(empty($iai_message)) { $iai_message = "Thank you."; } $iai_message = prepare_message(trim($iai_message), 0, 1, 1, $bbcode_uid); $msg_time = time(); // Do inbox limit stuff $sql = "SELECT COUNT(privmsgs_id) AS inbox_items, MIN(privmsgs_date) AS oldest_post_time FROM " . PRIVMSGS_TABLE . " WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) AND privmsgs_to_userid = " . $usertodata['user_id']; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, $lang['No_such_user']); } $sql_priority = ( SQL_LAYER == 'mysql' ) ? 'LOW_PRIORITY' : ''; if ( $inbox_info = $db->sql_fetchrow($result) ) { if ( $inbox_info['inbox_items'] >= $board_config['max_inbox_privmsgs'] ) { $sql = "DELETE $sql_priority FROM " . PRIVMSGS_TABLE . " WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) AND privmsgs_date = " . $inbox_info['oldest_post_time'] . " AND privmsgs_to_userid = " . $usertodata['user_id']; if ( !$db->sql_query($sql) ) { message_die(GENERAL_ERROR, 'Could not delete your oldest privmsgs', '', __LINE__, __FILE__, $sql); } } } $sql_info = "INSERT INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_attach_sig) VALUES (" . PRIVMSGS_NEW_MAIL . ", '" . str_replace("\'", "''", $iai_subject) . "', " . $board_config['iai_userid'] . ", " . $usertodata['user_id'] . ", $msg_time, '$user_ip', 0, 1, 1, 1)"; if ( !($result = $db->sql_query($sql_info, BEGIN_TRANSACTION)) ) { message_die(GENERAL_ERROR, "Could not insert private message sent info.", "", __LINE__, __FILE__, $sql_info); } $privmsg_sent_id = $db->sql_nextid(); $sql = "INSERT INTO " . PRIVMSGS_TEXT_TABLE . " (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text) VALUES ($privmsg_sent_id, '" . $bbcode_uid . "', '" . str_replace("\'", "''", $iai_message) . "')"; if ( !$db->sql_query($sql, END_TRANSACTION) ) { message_die(GENERAL_ERROR, "Could not insert/update private message sent text.", "", __LINE__, __FILE__, $sql_info); } // Add to the users new pm counter $sql = "UPDATE " . USERS_TABLE . " SET user_new_privmsg = user_new_privmsg + 1, user_last_privmsg = " . time() . " WHERE user_id = " . $usertodata['user_id']; if ( !$status = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, 'Could not update private message new/read status for user', '', __LINE__, __FILE__, $sql); } // now send email if all the usual conditions & $send_email is set if ( $send_email && $usertodata['user_notify_pm'] && !empty($usertodata['user_email']) && $usertodata['user_active'] ) { $email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n"; $script_name = preg_replace('/^\/?(.*?)\/?$/', "\\1", trim($board_config['script_path'])); $script_name = ( $script_name != '' ) ? $script_name . '/privmsg.'.$phpEx : 'privmsg.'.$phpEx; $server_name = trim($board_config['server_name']); $server_protocol = ( $board_config['cookie_secure'] ) ? 'https://' : 'http://'; $server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/'; include($phpbb_root_path . 'includes/emailer.'.$phpEx); $emailer = new emailer($board_config['smtp_delivery']); $emailer->use_template('privmsg_notify', $usertodata['user_lang']); $emailer->extra_headers($email_headers); $emailer->email_address($usertodata['user_email']); $emailer->set_subject(); //$lang['Notification_subject'] $emailer->assign_vars(array( 'USERNAME' => $usertodata['username'], 'SITENAME' => $board_config['sitename'], 'EMAIL_SIG' => str_replace(' ', "\n", "-- \n" . $board_config['board_email_sig']), 'U_INBOX' => $server_protocol . $server_name . $server_port . $script_name . '?folder=inbox') ); $emailer->send(); $emailer->reset(); } return; } // // This function will prepare a posted message for // entry into the database. // function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid = 0) { global $board_config, $html_entities_match, $html_entities_replace; // // Clean up the message // $message = trim($message); if ($html_on) { // If HTML is on, we try to make it safe // This approach is quite agressive and anything that does not look like a valid tag // is going to get converted to HTML entities $message = stripslashes($message); $html_match = '#<[^\w<]*(\w+)((?:"[^"]*"|\'[^\']*\'|[^<>\'"])+)?>#'; $matches = array(); $message_split = preg_split($html_match, $message); preg_match_all($html_match, $message, $matches); $message = ''; foreach ($message_split as $part) { $tag = array(array_shift($matches[0]), array_shift($matches[1]), array_shift($matches[2])); $message .= preg_replace($html_entities_match, $html_entities_replace, $part) . clean_html($tag); } $message = addslashes($message); $message = str_replace('"', '\"', $message); } else { $message = preg_replace($html_entities_match, $html_entities_replace, $message); } if($bbcode_on && $bbcode_uid != '') { $message = bbencode_first_pass($message, $bbcode_uid); } return $message; } function unprepare_message($message) { global $unhtml_specialchars_match, $unhtml_specialchars_replace; return preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, $message); } // // Prepare a message for posting // function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on, &$error_msg, &$username, &$bbcode_uid, &$subject, &$message, &$poll_title, &$poll_options, &$poll_length) { global $board_config, $userdata, $lang, $phpEx, $phpbb_root_path; // Check username if (!empty($username)) { $username = phpbb_clean_username($username); if (!$userdata['session_logged_in'] || ($userdata['session_logged_in'] && $username != $userdata['username'])) { include($phpbb_root_path . 'includes/functions_validate.'.$phpEx); $result = validate_username($username); if ($result['error']) { $error_msg .= (!empty($error_msg)) ? ' ' . $result['error_msg'] : $result['error_msg']; } } else { $username = ''; } } // Check subject if (!empty($subject)) { $subject = htmlspecialchars(trim($subject)); } else if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post'])) { $error_msg .= (!empty($error_msg)) ? ' ' . $lang['Empty_subject'] : $lang['Empty_subject']; } // Check message if (!empty($message)) { $bbcode_uid = ($bbcode_on) ? make_bbcode_uid() : ''; $message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on, $bbcode_uid); } else if ($mode != 'delete' && $mode != 'poll_delete') { $error_msg .= (!empty($error_msg)) ? ' ' . $lang['Empty_message'] : $lang['Empty_message']; } // // Handle poll stuff // if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post'])) { $poll_length = (isset($poll_length)) ? max(0, intval($poll_length)) : 0; if (!empty($poll_title)) { $poll_title = htmlspecialchars(trim($poll_title)); } if(!empty($poll_options)) { $temp_option_text = array(); while(list($option_id, $option_text) = @each($poll_options)) { $option_text = trim($option_text); if (!empty($option_text)) { $temp_option_text[intval($option_id)] = htmlspecialchars($option_text); } } $option_text = $temp_option_text; if (count($poll_options) < 2) { $error_msg .= (!empty($error_msg)) ? ' ' . $lang['To_few_poll_options'] : $lang['To_few_poll_options']; } else if (count($poll_options) > $board_config['max_poll_options']) { $error_msg .= (!empty($error_msg)) ? ' ' . $lang['To_many_poll_options'] : $lang['To_many_poll_options']; } else if ($poll_title == '') { $error_msg .= (!empty($error_msg)) ? ' ' . $lang['Empty_poll_title'] : $lang['Empty_poll_title']; } } } return; } // // Post a new topic/reply/poll or edit existing post/poll // function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, $post_username, $post_subject, $post_message, $poll_title, &$poll_options, &$poll_length, &$post_flagged) { global $board_config, $lang, $db, $phpbb_root_path, $phpEx; global $userdata, $user_ip; include($phpbb_root_path . 'includes/functions_search.'.$phpEx); $current_time = time(); $post_flagged = (empty($post_flagged)) ? 0 : 1; if ($mode == 'newtopic' || $mode == 'reply' || $mode == 'editpost') { // // Flood control // $where_sql = ($userdata['user_id'] == ANONYMOUS) ? "poster_ip = '$user_ip'" : 'poster_id = ' . $userdata['user_id']; $sql = "SELECT MAX(post_time) AS last_post_time FROM " . POSTS_TABLE . " WHERE $where_sql"; if ($result = $db->sql_query($sql)) { if ($row = $db->sql_fetchrow($result)) { if (intval($row['last_post_time']) > 0 && ($current_time - intval($row['last_post_time'])) < intval($board_config['flood_interval'])) { message_die(GENERAL_MESSAGE, $lang['Flood_Error']); } } } } if ($mode == 'editpost') { remove_search_post($post_id); } if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post'])) { $topic_vote = (!empty($poll_title) && count($poll_options) >= 2) ? 1 : 0; $sql = ($mode != "editpost") ? "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote) VALUES ('$post_subject', " . $userdata['user_id'] . ", $current_time, $forum_id, " . TOPIC_UNLOCKED . ", $topic_type, $topic_vote)" : "UPDATE " . TOPICS_TABLE . " SET topic_title = '$post_subject', topic_type = $topic_type " . (($post_data['edit_vote'] || !empty($poll_title)) ? ", topic_vote = " . $topic_vote : "") . " WHERE topic_id = $topic_id"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } if ($mode == 'newtopic') { $topic_id = $db->sql_nextid(); } } $edited_sql = ($mode == 'editpost' && !$post_data['last_post'] && $post_data['poster_post']) ? ", post_edit_time = $current_time, post_edit_count = post_edit_count + 1 " : ""; $sql = ($mode != "editpost") ? "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig, post_flagged) VALUES ($topic_id, $forum_id, " . $userdata['user_id'] . ", '$post_username', $current_time, '$user_ip', $bbcode_on, $html_on, $smilies_on, $attach_sig, $post_flagged)" : "UPDATE " . POSTS_TABLE . " SET post_username = '$post_username', enable_bbcode = $bbcode_on, enable_html = $html_on, enable_smilies = $smilies_on, enable_sig = $attach_sig" . $edited_sql . ", post_flagged = $post_flagged WHERE post_id = $post_id"; if (!$db->sql_query($sql, BEGIN_TRANSACTION)) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } if ($mode != 'editpost') { $post_id = $db->sql_nextid(); } $sql = ($mode != 'editpost') ? "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, bbcode_uid, post_text) VALUES ($post_id, '$post_subject', '$bbcode_uid', '$post_message')" : "UPDATE " . POSTS_TEXT_TABLE . " SET post_text = '$post_message', bbcode_uid = '$bbcode_uid', post_subject = '$post_subject' WHERE post_id = $post_id"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } add_search_words('single', $post_id, stripslashes($post_message), stripslashes($post_subject)); // // Add poll // if (($mode == 'newtopic' || ($mode == 'editpost' && $post_data['edit_poll'])) && !empty($poll_title) && count($poll_options) >= 2) { $sql = (!$post_data['has_poll']) ? "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length) VALUES ($topic_id, '$poll_title', $current_time, " . ($poll_length * 86400) . ")" : "UPDATE " . VOTE_DESC_TABLE . " SET vote_text = '$poll_title', vote_length = " . ($poll_length * 86400) . " WHERE topic_id = $topic_id"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } $delete_option_sql = ''; $old_poll_result = array(); if ($mode == 'editpost' && $post_data['has_poll']) { $sql = "SELECT vote_option_id, vote_result FROM " . VOTE_RESULTS_TABLE . " WHERE vote_id = $poll_id ORDER BY vote_option_id ASC"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not obtain vote data results for this topic', '', __LINE__, __FILE__, $sql); } while ($row = $db->sql_fetchrow($result)) { $old_poll_result[$row['vote_option_id']] = $row['vote_result']; if (!isset($poll_options[$row['vote_option_id']])) { $delete_option_sql .= ($delete_option_sql != '') ? ', ' . $row['vote_option_id'] : $row['vote_option_id']; } } } else { $poll_id = $db->sql_nextid(); } @reset($poll_options); $poll_option_id = 1; while (list($option_id, $option_text) = each($poll_options)) { if (!empty($option_text)) { $option_text = str_replace("\'", "''", htmlspecialchars($option_text)); $poll_result = ($mode == "editpost" && isset($old_poll_result[$option_id])) ? $old_poll_result[$option_id] : 0; $sql = ($mode != "editpost" || !isset($old_poll_result[$option_id])) ? "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result) VALUES ($poll_id, $poll_option_id, '$option_text', $poll_result)" : "UPDATE " . VOTE_RESULTS_TABLE . " SET vote_option_text = '$option_text', vote_result = $poll_result WHERE vote_option_id = $option_id AND vote_id = $poll_id"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } $poll_option_id++; } } if ($delete_option_sql != '') { $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . " WHERE vote_option_id IN ($delete_option_sql) AND vote_id = $poll_id"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error deleting pruned poll options', '', __LINE__, __FILE__, $sql); } } } $meta = '<meta http-equiv="refresh" content="0;url=' . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=" . $post_id) . '#' . $post_id . '">'; $message = $lang['Stored'] . ' ' . sprintf($lang['Click_view_message'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=" . $post_id) . '#' . $post_id . '">', '</a>') . ' ' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">', '</a>'); return false; } // // Update post stats and details // function update_post_stats(&$mode, &$post_data, &$forum_id, &$topic_id, &$post_id, &$user_id) { global $db; $sign = ($mode == 'delete') ? '- 1' : '+ 1'; $forum_update_sql = "forum_posts = forum_posts $sign"; $topic_update_sql = ''; if ($mode == 'delete') { if ($post_data['last_post']) { if ($post_data['first_post']) { $forum_update_sql .= ', forum_topics = forum_topics - 1'; } else { $topic_update_sql .= 'topic_replies = topic_replies - 1'; $sql = "SELECT MAX(post_id) AS last_post_id FROM " . POSTS_TABLE . " WHERE topic_id = $topic_id"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } if ($row = $db->sql_fetchrow($result)) { $topic_update_sql .= ', topic_last_post_id = ' . $row['last_post_id']; } } if ($post_data['last_topic']) { $sql = "SELECT MAX(post_id) AS last_post_id FROM " . POSTS_TABLE . " WHERE forum_id = $forum_id"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } if ($row = $db->sql_fetchrow($result)) { $forum_update_sql .= ($row['last_post_id']) ? ', forum_last_post_id = ' . $row['last_post_id'] : ', forum_last_post_id = 0'; } } } else if ($post_data['first_post']) { $sql = "SELECT MIN(post_id) AS first_post_id FROM " . POSTS_TABLE . " WHERE topic_id = $topic_id"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } if ($row = $db->sql_fetchrow($result)) { $topic_update_sql .= 'topic_replies = topic_replies - 1, topic_first_post_id = ' . $row['first_post_id']; } } else { $topic_update_sql .= 'topic_replies = topic_replies - 1'; } } else if ($mode != 'poll_delete') { $forum_update_sql .= ", forum_last_post_id = $post_id" . (($mode == 'newtopic') ? ", forum_topics = forum_topics $sign" : ""); $topic_update_sql = "topic_last_post_id = $post_id" . (($mode == 'reply') ? ", topic_replies = topic_replies $sign" : ", topic_first_post_id = $post_id"); } else { $topic_update_sql .= 'topic_vote = 0'; } if ($mode != 'poll_delete') { $sql = "UPDATE " . FORUMS_TABLE . " SET $forum_update_sql WHERE forum_id = $forum_id"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } } if ($topic_update_sql != '') { $sql = "UPDATE " . TOPICS_TABLE . " SET $topic_update_sql WHERE topic_id = $topic_id"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } } if ($mode != 'poll_delete') { $sql = "UPDATE " . USERS_TABLE . " SET user_posts = user_posts $sign WHERE user_id = $user_id"; if (!$db->sql_query($sql, END_TRANSACTION)) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } } $sql = "SELECT ug.user_id, g.group_id[highlight] as g_id[/highlight], u.user_posts, g.group_count, g.group_count_max FROM " . GROUPS_TABLE . " g, ".USERS_TABLE." u LEFT JOIN ". USER_GROUP_TABLE." ug ON g.group_id=ug.group_id AND ug.user_id=$user_id WHERE u.user_id=$user_id AND g.group_single_user=0 AND g.group_count_enable=1 AND g.group_moderator<>$user_id"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error geting users post stat', '', __LINE__, __FILE__, $sql); } while ($group_data = $db->sql_fetchrow($result)) { $user_already_added = (empty($group_data['user_id'])) ? FALSE : TRUE; $user_add = ($group_data['group_count'] == $group_data['user_posts'] && $user_id!=ANONYMOUS) ? TRUE : FALSE; $user_remove = ($group_data['group_count'] > $group_data['user_posts'] || $group_data['group_count_max'] < $group_data['user_posts']) ? TRUE : FALSE; if ($user_add && !$user_already_added) { //user join a autogroup $sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending) VALUES (".$group_data['g_id'].", $user_id, '0')"; if ( !($db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error insert users, group count', '', __LINE__, __FILE__, $sql); } } else if ( $user_already_added && $user_remove) { //remove user from auto group $sql = "DELETE FROM " . USER_GROUP_TABLE . " WHERE group_id=".$group_data['g_id']." AND user_id=$user_id"; if ( !($db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Could not remove users, group count', '', __LINE__, __FILE__, $sql); } } } return; } // // Delete a post/poll // function delete_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id) { global $board_config, $lang, $db, $phpbb_root_path, $phpEx; global $userdata, $user_ip; if ($mode != 'poll_delete') { include($phpbb_root_path . 'includes/functions_search.'.$phpEx); $sql = "DELETE FROM " . POSTS_TABLE . " WHERE post_id = $post_id"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } $sql = "DELETE FROM " . POSTS_TEXT_TABLE . " WHERE post_id = $post_id"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } if ($post_data['last_post']) { if ($post_data['first_post']) { $forum_update_sql .= ', forum_topics = forum_topics - 1'; $sql = "DELETE FROM " . TOPICS_TABLE . " WHERE topic_id = $topic_id OR topic_moved_id = $topic_id"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id = $topic_id"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } } } remove_search_post($post_id); } if ($mode == 'poll_delete' || ($mode == 'delete' && $post_data['first_post'] && $post_data['last_post']) && $post_data['has_poll'] && $post_data['edit_poll']) { $sql = "DELETE FROM " . VOTE_DESC_TABLE . " WHERE topic_id = $topic_id"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in deleting poll', '', __LINE__, __FILE__, $sql); } $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . " WHERE vote_id = $poll_id"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in deleting poll', '', __LINE__, __FILE__, $sql); } $sql = "DELETE FROM " . VOTE_USERS_TABLE . " WHERE vote_id = $poll_id"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in deleting poll', '', __LINE__, __FILE__, $sql); } } if ($mode == 'delete' && $post_data['first_post'] && $post_data['last_post']) { $meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . '=' . $forum_id) . '">'; $message = $lang['Deleted']; } else { $meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . '=' . $topic_id) . '">'; $message = (($mode == 'poll_delete') ? $lang['Poll_delete'] : $lang['Deleted']) . ' ' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>'); } $message .= ' ' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">', '</a>'); return; } // // Handle user notification on new post // function user_notification($mode, &$post_data, &$topic_title, &$forum_id, &$topic_id, &$post_id, &$notify_user) { global $board_config, $lang, $db, $phpbb_root_path, $phpEx; global $userdata, $user_ip; $current_time = time(); if ($mode != 'delete') { if ($mode == 'reply') { $sql = "SELECT ban_userid FROM " . BANLIST_TABLE; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not obtain banlist', '', __LINE__, __FILE__, $sql); } $user_id_sql = ''; while ($row = $db->sql_fetchrow($result)) { if (isset($row['ban_userid']) && !empty($row['ban_userid'])) { $user_id_sql .= ', ' . $row['ban_userid']; } } $sql = "SELECT u.user_id, u.user_email, u.user_lang FROM " . TOPICS_WATCH_TABLE . " tw, " . USERS_TABLE . " u WHERE tw.topic_id = $topic_id AND tw.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . ") AND tw.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . " AND u.user_id = tw.user_id"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not obtain list of topic watchers', '', __LINE__, __FILE__, $sql); } $update_watched_sql = ''; $bcc_list_ary = array(); if ($row = $db->sql_fetchrow($result)) { // Sixty second limit @set_time_limit(60); do { if ($row['user_email'] != '') { $bcc_list_ary[$row['user_lang']][] = $row['user_email']; } $update_watched_sql .= ($update_watched_sql != '') ? ', ' . $row['user_id'] : $row['user_id']; } while ($row = $db->sql_fetchrow($result)); // // Let's do some checking to make sure that mass mail functions // are working in win32 versions of php. // if (preg_match('/[c-z]:\\\.*/i', getenv('PATH')) && !$board_config['smtp_delivery']) { $ini_val = (@phpversion() >= '4.0.0') ? 'ini_get' : 'get_cfg_var'; // We are running on windows, force delivery to use our smtp functions // since php's are broken by default $board_config['smtp_delivery'] = 1; $board_config['smtp_host'] = @$ini_val('SMTP'); } if (sizeof($bcc_list_ary)) { include($phpbb_root_path . 'includes/emailer.'.$phpEx); $emailer = new emailer($board_config['smtp_delivery']); $script_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($board_config['script_path'])); $script_name = ($script_name != '') ? $script_name . '/viewtopic.'.$phpEx : 'viewtopic.'.$phpEx; $server_name = trim($board_config['server_name']); $server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://'; $server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) . '/' : '/'; $orig_word = array(); $replacement_word = array(); obtain_word_list($orig_word, $replacement_word); $emailer->from($board_config['board_email']); $emailer->replyto($board_config['board_email']); $topic_title = (count($orig_word)) ? preg_replace($orig_word, $replacement_word, unprepare_message($topic_title)) : unprepare_message($topic_title); @reset($bcc_list_ary); while (list($user_lang, $bcc_list) = each($bcc_list_ary)) { $emailer->use_template('topic_notify', $user_lang); for ($i = 0; $i < count($bcc_list); $i++) { $emailer->bcc($bcc_list[$i]); } // The Topic_reply_notification lang string below will be used // if for some reason the mail template subject cannot be read // ... note it will not necessarily be in the posters own language! $emailer->set_subject($lang['Topic_reply_notification']); // This is a nasty kludge to remove the username var ... till (if?) // translators update their templates $emailer->msg = preg_replace('#[ ]?{USERNAME}#', '', $emailer->msg); $emailer->assign_vars(array( 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace(' ', "\n", "-- \n" . $board_config['board_email_sig']) : '', 'SITENAME' => $board_config['sitename'], 'TOPIC_TITLE' => $topic_title, 'U_TOPIC' => $server_protocol . $server_name . $server_port . $script_name . '?' . POST_POST_URL . "=$post_id#$post_id", 'U_STOP_WATCHING_TOPIC' => $server_protocol . $server_name . $server_port . $script_name . '?' . POST_TOPIC_URL . "=$topic_id&unwatch=topic") ); $emailer->send(); $emailer->reset(); } } } $db->sql_freeresult($result); if ($update_watched_sql != '') { $sql = "UPDATE " . TOPICS_WATCH_TABLE . " SET notify_status = " . TOPIC_WATCH_NOTIFIED . " WHERE topic_id = $topic_id AND user_id IN ($update_watched_sql)"; $db->sql_query($sql); } } $sql = "SELECT topic_id FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id = $topic_id AND user_id = " . $userdata['user_id']; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not obtain topic watch information', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); if (!$notify_user && !empty($row['topic_id'])) { $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id = $topic_id AND user_id = " . $userdata['user_id']; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not delete topic watch information', '', __LINE__, __FILE__, $sql); } } else if ($notify_user && empty($row['topic_id'])) { $sql = "INSERT INTO " . TOPICS_WATCH_TABLE . " (user_id, topic_id, notify_status) VALUES (" . $userdata['user_id'] . ", $topic_id, 0)"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not insert topic watch information', '', __LINE__, __FILE__, $sql); } } } } // // Fill smiley templates (or just the variables) with smileys // Either in a window or inline // function generate_smilies($mode, $page_id) { global $db, $board_config, $template, $lang, $images, $theme, $phpEx, $phpbb_root_path; global $user_ip, $session_length, $starttime; global $userdata; $inline_columns = 4; $inline_rows = 5; $window_columns = 8; if ($mode == 'window') { $userdata = session_pagestart($user_ip, $page_id); init_userprefs($userdata); $gen_simple_header = TRUE; $page_title = $lang['Emoticons']; include($phpbb_root_path . 'includes/page_header.'.$phpEx); $template->set_filenames(array( 'smiliesbody' => 'posting_smilies.tpl') ); } $sql = "SELECT emoticon, code, smile_url FROM " . SMILIES_TABLE . " ORDER BY smilies_id"; if ($result = $db->sql_query($sql)) { $num_smilies = 0; $rowset = array(); while ($row = $db->sql_fetchrow($result)) { if (empty($rowset[$row['smile_url']])) { $rowset[$row['smile_url']]['code'] = str_replace("'", "\\'", str_replace('\\', '\\\\', $row['code'])); $rowset[$row['smile_url']]['emoticon'] = $row['emoticon']; $num_smilies++; } } if ($num_smilies) { $smilies_count = ($mode == 'inline') ? min(19, $num_smilies) : $num_smilies; $smilies_split_row = ($mode == 'inline') ? $inline_columns - 1 : $window_columns - 1; $s_colspan = 0; $row = 0; $col = 0; while (list($smile_url, $data) = @each($rowset)) { if (!$col) { $template->assign_block_vars('smilies_row', array()); } $template->assign_block_vars('smilies_row.smilies_col', array( 'SMILEY_CODE' => $data['code'], 'SMILEY_IMG' => $board_config['smilies_path'] . '/' . $smile_url, 'SMILEY_DESC' => $data['emoticon']) ); $s_colspan = max($s_colspan, $col + 1); if ($col == $smilies_split_row) { if ($mode == 'inline' && $row == $inline_rows - 1) { break; } $col = 0; $row++; } else { $col++; } } if ($mode == 'inline' && $num_smilies > $inline_rows * $inline_columns) { $template->assign_block_vars('switch_smilies_extra', array()); $template->assign_vars(array( 'L_MORE_SMILIES' => $lang['More_emoticons'], 'U_MORE_SMILIES' => append_sid("posting.$phpEx?mode=smilies")) ); } $template->assign_vars(array( 'L_EMOTICONS' => $lang['Emoticons'], 'L_CLOSE_WINDOW' => $lang['Close_window'], 'S_SMILIES_COLSPAN' => $s_colspan) ); } } if ($mode == 'window') { $template->pparse('smiliesbody'); include($phpbb_root_path . 'includes/page_tail.'.$phpEx); } } /** * Called from within prepare_message to clean included HTML tags if HTML is * turned on for that post * @param array $tag Matching text from the message to parse */ function clean_html($tag) { global $board_config; if (empty($tag[0])) { return ''; } $allowed_html_tags = preg_split('/, */', strtolower($board_config['allow_html_tags'])); $disallowed_attributes = '/^(?:style|on)/i'; // Check if this is an end tag preg_match('/<[^\w\/]*\/[\W]*(\w+)/', $tag[0], $matches); if (sizeof($matches)) { if (in_array(strtolower($matches[1]), $allowed_html_tags)) { return '</' . $matches[1] . '>'; } else { return htmlspecialchars('</' . $matches[1] . '>'); } } // Check if this is an allowed tag if (in_array(strtolower($tag[1]), $allowed_html_tags)) { $attributes = ''; if (!empty($tag[2])) { preg_match_all('/[\W]*?(\w+)[\W]*?=[\W]*?(["\'])((?:(?!\2).)*)\2/', $tag[2], $test); for ($i = 0; $i < sizeof($test[0]); $i++) { if (preg_match($disallowed_attributes, $test[1][$i])) { continue; } $attributes .= ' ' . $test[1][$i] . '=' . $test[2][$i] . str_replace(array('[', ']'), array('[', ']'), htmlspecialchars($test[3][$i])) . $test[2][$i]; } } if (in_array(strtolower($tag[1]), $allowed_html_tags)) { return '<' . $tag[1] . $attributes . '>'; } else { return htmlspecialchars('<' . $tag[1] . $attributes . '>'); } } // Finally, this is not an allowed tag so strip all the attibutes and escape it else { return htmlspecialchars('<' . $tag[1] . '>'); } } ?>

by **MrBass** on Tue Feb 27, 2007 12:23 pm

Try removing the highlighted text on line 655 or replacing;

Code: Select all: LEFT JOIN ". USER_GROUP_TABLE." ug ON g.group_id=ug.group_id AND ug.user_id=$user_id

With;

Code: Select all: LEFT JOIN ". USER_GROUP_TABLE." ug ON g_id=ug.group_id AND ug.user_id=$user_id

by **husker** on Tue Feb 27, 2007 10:25 pm

I tried both, and the message still appears

by **UseLess** on Thu Apr 12, 2007 2:21 pm

Greetings,

Just had the same thing happen on a forum and nothing was changed, at least as far as I know, anyway give this a try;
[code start="655"] $sql = "SELECT ug.user_id, g.group_id AS g_id, u.user_posts, g.group_count, g.group_count_max
FROM ((" . GROUPS_TABLE . " g
LEFT JOIN " . USER_GROUP_TABLE . " ug ON g.group_id = ug.group_id AND ug.user_id = $user_id)
LEFT JOIN " . USERS_TABLE . " u ON u.user_id = $user_id)
WHERE g.group_single_user = 0
AND g.group_count_enable = 1
AND g.group_moderator <> $user_id";[/code]

by **husker** on Thu Apr 12, 2007 10:26 pm

Thanks Useless

I replaced it with that, now I get this error:

Parse error: syntax error, unexpected T_DNUMBER in /home/husker/public_html/phpbb/includes/functions_post.php on line 13

This is what it looks like:

Code: Select all: 1. <?php 2. /*************************************************************************** 3. * functions_post.php 4. * ------------------- 5. * begin : Saturday, Feb 13, 2001 6. * copyright : (C) 2001 The phpBB Group 7. * email : support@phpbb.com 8. * 9. * $Id: functions_post.php,v 1.9.2.39 2005/09/18 16:17:20 acydburn Exp $ 10. * 11. * 12. ***************************************************************************/ 13. 14. /*************************************************************************** 15. * 16. * This program is free software; you can redistribute it and/or modify 17. * it under the terms of the GNU General Public License as published by 18. * the Free Software Foundation; either version 2 of the License, or 19. * (at your option) any later version. 20. * 21. ***************************************************************************/ 22. 23. if (!defined('IN_PHPBB')) 24. { 25. die('Hacking attempt'); 26. } 27. 28. $html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#', '#"#'); 29. $html_entities_replace = array('&', '<', '>', '"'); 30. 31. 32. 33. $unhtml_specialchars_match = array('#>#', '#<#', '#"#', '#&#'); 34. $unhtml_specialchars_replace = array('>', '<', '"', '&'); 35. 36. // 37. // Post IAI's response to database 38. // 39. function iai_submit_post($mode, &$iai_id, &$forum_id, &$topic_id, &$iai_post_id, &$topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, &$bbcode_uid, &$iai_username, &$iai_subject, &$iai_message) 40. { 41. global $board_config, $lang, $db, $phpbb_root_path, $phpEx; 42. 43. //Stores user's IP since IAI has none. Can be changed as wished. 44. global $user_ip; 45. 46. $current_time = time(); 47. 48. $sql = "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig) VALUES ($topic_id, $forum_id, $iai_id, '$iai_username', $current_time, '$user_ip', $bbcode_on, $html_on, $smilies_on, $attach_sig)"; 49. if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) ) 50. { 51. message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); 52. } 53. 54. $iai_post_id = $db->sql_nextid(); 55. 56. $sql = "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, bbcode_uid, post_text) VALUES ($iai_post_id, '$iai_subject', '$bbcode_uid', '$iai_message')"; 57. if ( !($result = $db->sql_query($sql)) ) 58. { 59. message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); 60. } 61. 62. add_search_words($iai_post_id, stripslashes($iai_message), stripslashes($iai_subject)); 63. 64. return false; 65. } 66. // 67. // Update Stats for IAI: must be run AFTER update_post_stats() for original post 68. // 69. function iai_update_post_stats(&$forum_id, &$topic_id, &$iai_post_id, &$iai_id) 70. { 71. global $db; 72. 73. //This simply runs the 3 db updating functions (only used for IAI replies). 74. 75. $sql = "UPDATE " . FORUMS_TABLE . " 76. SET forum_posts = forum_posts + 1, forum_last_post_id = $iai_post_id 77. WHERE forum_id = $forum_id"; 78. if ( !($result = $db->sql_query($sql)) ) 79. { 80. message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); 81. } 82. 83. $sql = "UPDATE " . TOPICS_TABLE . " 84. SET topic_last_post_id = $iai_post_id, topic_replies = topic_replies + 1 85. WHERE topic_id = $topic_id"; 86. if ( !($result = $db->sql_query($sql)) ) 87. { 88. message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); 89. } 90. 91. // Let the bot spam!!! 92. 93. $sql = "UPDATE " . USERS_TABLE . " 94. SET user_posts = user_posts + 1 95. WHERE user_id = $iai_id"; 96. if ( !($result = $db->sql_query($sql, END_TRANSACTION)) ) 97. { 98. message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); 99. } 100. 101. // Don't let the users spam the Bot's forum... 102. 103. if($forum_id == "19") { 104. global $userdata; 105. $db->sql_query("UPDATE " . USERS_TABLE . " SET user_posts = user_posts - 1 WHERE user_id = " . $userdata['user_id']); 106. } 107. 108. return; 109. } 110. // 111. // Allows bot to send pms requiring only subject, message and user_id of user it is being sent to. 112. // I've made it an easy to use function so you can adapt it to use in many situations on your site 113. // an example is in the welcome message system which is included with this package. The function 114. // also sends emails (if $send_email set) and does all the inbox checking stuff that normal pms do. 115. // 116. function iai_send_pm($user_to_id, $iai_subject, $iai_message, $send_email) 117. { 118. global $board_config, $lang, $db, $phpbb_root_path, $phpEx; 119. 120. $sql = "SELECT * 121. FROM " . USERS_TABLE . " 122. WHERE user_id = " . $user_to_id . " 123. AND user_id <> " . ANONYMOUS; 124. if ( !($result = $db->sql_query($sql)) ) 125. { 126. message_die(GENERAL_ERROR, 'Tried obtaining data for a non-existent user', '', __LINE__, __FILE__, $sql); 127. } 128. $usertodata = $db->sql_fetchrow($result); 129. 130. // prepare IAI message (IAI may have used html, smilies etc...) 131. $bbcode_uid = make_bbcode_uid(); 132. $iai_message = str_replace("'", "''", $iai_message); 133. 134. // This is to fix up some of the bad formatting which comes out of the AI 135. if(empty($iai_message)) 136. { 137. $iai_message = "Thank you."; 138. } 139. $iai_message = prepare_message(trim($iai_message), 0, 1, 1, $bbcode_uid); 140. 141. $msg_time = time(); 142. 143. // Do inbox limit stuff 144. $sql = "SELECT COUNT(privmsgs_id) AS inbox_items, MIN(privmsgs_date) AS oldest_post_time 145. FROM " . PRIVMSGS_TABLE . " 146. WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " 147. OR privmsgs_type = " . PRIVMSGS_READ_MAIL . " 148. OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) 149. AND privmsgs_to_userid = " . $usertodata['user_id']; 150. if ( !($result = $db->sql_query($sql)) ) 151. { 152. message_die(GENERAL_MESSAGE, $lang['No_such_user']); 153. } 154. 155. $sql_priority = ( SQL_LAYER == 'mysql' ) ? 'LOW_PRIORITY' : ''; 156. 157. if ( $inbox_info = $db->sql_fetchrow($result) ) 158. { 159. if ( $inbox_info['inbox_items'] >= $board_config['max_inbox_privmsgs'] ) 160. { 161. $sql = "DELETE $sql_priority FROM " . PRIVMSGS_TABLE . " 162. WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " 163. OR privmsgs_type = " . PRIVMSGS_READ_MAIL . " 164. OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) 165. AND privmsgs_date = " . $inbox_info['oldest_post_time'] . " 166. AND privmsgs_to_userid = " . $usertodata['user_id']; 167. if ( !$db->sql_query($sql) ) 168. { 169. message_die(GENERAL_ERROR, 'Could not delete your oldest privmsgs', '', __LINE__, __FILE__, $sql); 170. } 171. } 172. } 173. 174. $sql_info = "INSERT INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_attach_sig) 175. VALUES (" . PRIVMSGS_NEW_MAIL . ", '" . str_replace("\'", "''", $iai_subject) . "', " . $board_config['iai_userid'] . ", " . $usertodata['user_id'] . ", $msg_time, '$user_ip', 0, 1, 1, 1)"; 176. 177. if ( !($result = $db->sql_query($sql_info, BEGIN_TRANSACTION)) ) 178. { 179. message_die(GENERAL_ERROR, "Could not insert private message sent info.", "", __LINE__, __FILE__, $sql_info); 180. } 181. 182. $privmsg_sent_id = $db->sql_nextid(); 183. 184. $sql = "INSERT INTO " . PRIVMSGS_TEXT_TABLE . " (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text) 185. VALUES ($privmsg_sent_id, '" . $bbcode_uid . "', '" . str_replace("\'", "''", $iai_message) . "')"; 186. 187. if ( !$db->sql_query($sql, END_TRANSACTION) ) 188. { 189. message_die(GENERAL_ERROR, "Could not insert/update private message sent text.", "", __LINE__, __FILE__, $sql_info); 190. } 191. 192. // Add to the users new pm counter 193. $sql = "UPDATE " . USERS_TABLE . " 194. SET user_new_privmsg = user_new_privmsg + 1, user_last_privmsg = " . time() . " 195. WHERE user_id = " . $usertodata['user_id']; 196. if ( !$status = $db->sql_query($sql) ) 197. { 198. message_die(GENERAL_ERROR, 'Could not update private message new/read status for user', '', __LINE__, __FILE__, $sql); 199. } 200. 201. // now send email if all the usual conditions & $send_email is set 202. if ( $send_email && $usertodata['user_notify_pm'] && !empty($usertodata['user_email']) && $usertodata['user_active'] ) 203. { 204. $email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n"; 205. 206. $script_name = preg_replace('/^\/?(.*?)\/?$/', "\\1", trim($board_config['script_path'])); 207. $script_name = ( $script_name != '' ) ? $script_name . '/privmsg.'.$phpEx : 'privmsg.'.$phpEx; 208. $server_name = trim($board_config['server_name']); 209. $server_protocol = ( $board_config['cookie_secure'] ) ? 'https://' : 'http://'; 210. $server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/'; 211. 212. include($phpbb_root_path . 'includes/emailer.'.$phpEx); 213. $emailer = new emailer($board_config['smtp_delivery']); 214. 215. $emailer->use_template('privmsg_notify', $usertodata['user_lang']); 216. $emailer->extra_headers($email_headers); 217. $emailer->email_address($usertodata['user_email']); 218. $emailer->set_subject(); //$lang['Notification_subject'] 219. 220. $emailer->assign_vars(array( 221. 'USERNAME' => $usertodata['username'], 222. 'SITENAME' => $board_config['sitename'], 223. 'EMAIL_SIG' => str_replace(' ', "\n", "-- \n" . $board_config['board_email_sig']), 224. 225. 'U_INBOX' => $server_protocol . $server_name . $server_port . $script_name . '?folder=inbox') 226. ); 227. 228. $emailer->send(); 229. $emailer->reset(); 230. } 231. 232. return; 233. } 234. 235. // 236. // This function will prepare a posted message for 237. // entry into the database. 238. // 239. function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid = 0) 240. { 241. global $board_config, $html_entities_match, $html_entities_replace; 242. 243. // 244. // Clean up the message 245. // 246. $message = trim($message); 247. 248. if ($html_on) 249. { 250. // If HTML is on, we try to make it safe 251. // This approach is quite agressive and anything that does not look like a valid tag 252. // is going to get converted to HTML entities 253. $message = stripslashes($message); 254. $html_match = '#<[^\w<]*(\w+)((?:"[^"]*"|\'[^\']*\'|[^<>\'"])+)?>#'; 255. $matches = array(); 256. 257. $message_split = preg_split($html_match, $message); 258. preg_match_all($html_match, $message, $matches); 259. 260. $message = ''; 261. 262. foreach ($message_split as $part) 263. { 264. $tag = array(array_shift($matches[0]), array_shift($matches[1]), array_shift($matches[2])); 265. $message .= preg_replace($html_entities_match, $html_entities_replace, $part) . clean_html($tag); 266. } 267. 268. $message = addslashes($message); 269. $message = str_replace('"', '\"', $message); 270. 271. 272. } 273. else 274. { 275. $message = preg_replace($html_entities_match, $html_entities_replace, $message); 276. } 277. 278. if($bbcode_on && $bbcode_uid != '') 279. { 280. $message = bbencode_first_pass($message, $bbcode_uid); 281. } 282. 283. return $message; 284. } 285. 286. function unprepare_message($message) 287. { 288. global $unhtml_specialchars_match, $unhtml_specialchars_replace; 289. 290. return preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, $message); 291. } 292. 293. // 294. // Prepare a message for posting 295. // 296. function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on, &$error_msg, &$username, &$bbcode_uid, &$subject, &$message, &$poll_title, &$poll_options, &$poll_length) 297. { 298. global $board_config, $userdata, $lang, $phpEx, $phpbb_root_path; 299. 300. // Check username 301. if (!empty($username)) 302. { 303. $username = phpbb_clean_username($username); 304. 305. if (!$userdata['session_logged_in'] || ($userdata['session_logged_in'] && $username != $userdata['username'])) 306. { 307. include($phpbb_root_path . 'includes/functions_validate.'.$phpEx); 308. 309. $result = validate_username($username); 310. if ($result['error']) 311. { 312. $error_msg .= (!empty($error_msg)) ? ' ' . $result['error_msg'] : $result['error_msg']; 313. } 314. } 315. else 316. { 317. $username = ''; 318. } 319. } 320. 321. // Check subject 322. if (!empty($subject)) 323. { 324. $subject = htmlspecialchars(trim($subject)); 325. } 326. else if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post'])) 327. { 328. $error_msg .= (!empty($error_msg)) ? ' ' . $lang['Empty_subject'] : $lang['Empty_subject']; 329. } 330. 331. // Check message 332. if (!empty($message)) 333. { 334. $bbcode_uid = ($bbcode_on) ? make_bbcode_uid() : ''; 335. $message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on, $bbcode_uid); 336. } 337. else if ($mode != 'delete' && $mode != 'poll_delete') 338. { 339. $error_msg .= (!empty($error_msg)) ? ' ' . $lang['Empty_message'] : $lang['Empty_message']; 340. } 341. 342. // 343. // Handle poll stuff 344. // 345. if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post'])) 346. { 347. $poll_length = (isset($poll_length)) ? max(0, intval($poll_length)) : 0; 348. 349. if (!empty($poll_title)) 350. { 351. $poll_title = htmlspecialchars(trim($poll_title)); 352. } 353. 354. if(!empty($poll_options)) 355. { 356. $temp_option_text = array(); 357. while(list($option_id, $option_text) = @each($poll_options)) 358. { 359. $option_text = trim($option_text); 360. if (!empty($option_text)) 361. { 362. $temp_option_text[intval($option_id)] = htmlspecialchars($option_text); 363. 364. } 365. } 366. $option_text = $temp_option_text; 367. 368. if (count($poll_options) < 2) 369. { 370. $error_msg .= (!empty($error_msg)) ? ' ' . $lang['To_few_poll_options'] : $lang['To_few_poll_options']; 371. } 372. else if (count($poll_options) > $board_config['max_poll_options']) 373. { 374. $error_msg .= (!empty($error_msg)) ? ' ' . $lang['To_many_poll_options'] : $lang['To_many_poll_options']; 375. } 376. else if ($poll_title == '') 377. { 378. $error_msg .= (!empty($error_msg)) ? ' ' . $lang['Empty_poll_title'] : $lang['Empty_poll_title']; 379. } 380. } 381. } 382. 383. return; 384. } 385. 386. // 387. // Post a new topic/reply/poll or edit existing post/poll 388. // 389. function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, $post_username, $post_subject, $post_message, $poll_title, &$poll_options, &$poll_length, &$post_flagged) 390. { 391. global $board_config, $lang, $db, $phpbb_root_path, $phpEx; 392. global $userdata, $user_ip; 393. 394. include($phpbb_root_path . 'includes/functions_search.'.$phpEx); 395. 396. $current_time = time(); 397. $post_flagged = (empty($post_flagged)) ? 0 : 1; 398. 399. if ($mode == 'newtopic' || $mode == 'reply' || $mode == 'editpost') 400. { 401. // 402. // Flood control 403. // 404. $where_sql = ($userdata['user_id'] == ANONYMOUS) ? "poster_ip = '$user_ip'" : 'poster_id = ' . $userdata['user_id']; 405. $sql = "SELECT MAX(post_time) AS last_post_time 406. FROM " . POSTS_TABLE . " 407. WHERE $where_sql"; 408. if ($result = $db->sql_query($sql)) 409. { 410. if ($row = $db->sql_fetchrow($result)) 411. { 412. if (intval($row['last_post_time']) > 0 && ($current_time - intval($row['last_post_time'])) < intval($board_config['flood_interval'])) 413. { 414. message_die(GENERAL_MESSAGE, $lang['Flood_Error']); 415. } 416. } 417. } 418. } 419. 420. if ($mode == 'editpost') 421. { 422. remove_search_post($post_id); 423. } 424. 425. if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post'])) 426. { 427. $topic_vote = (!empty($poll_title) && count($poll_options) >= 2) ? 1 : 0; 428. 429. $sql = ($mode != "editpost") ? "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote) VALUES ('$post_subject', " . $userdata['user_id'] . ", $current_time, $forum_id, " . TOPIC_UNLOCKED . ", $topic_type, $topic_vote)" : "UPDATE " . TOPICS_TABLE . " SET topic_title = '$post_subject', topic_type = $topic_type " . (($post_data['edit_vote'] || !empty($poll_title)) ? ", topic_vote = " . $topic_vote : "") . " WHERE topic_id = $topic_id"; 430. if (!$db->sql_query($sql)) 431. { 432. message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); 433. } 434. 435. if ($mode == 'newtopic') 436. { 437. $topic_id = $db->sql_nextid(); 438. } 439. } 440. 441. $edited_sql = ($mode == 'editpost' && !$post_data['last_post'] && $post_data['poster_post']) ? ", post_edit_time = $current_time, post_edit_count = post_edit_count + 1 " : ""; 442. $sql = ($mode != "editpost") ? "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig, post_flagged) VALUES ($topic_id, $forum_id, " . $userdata['user_id'] . ", '$post_username', $current_time, '$user_ip', $bbcode_on, $html_on, $smilies_on, $attach_sig, $post_flagged)" : "UPDATE " . POSTS_TABLE . " SET post_username = '$post_username', enable_bbcode = $bbcode_on, enable_html = $html_on, enable_smilies = $smilies_on, enable_sig = $attach_sig" . $edited_sql . ", post_flagged = $post_flagged WHERE post_id = $post_id"; 443. if (!$db->sql_query($sql, BEGIN_TRANSACTION)) 444. { 445. message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); 446. } 447. 448. if ($mode != 'editpost') 449. { 450. $post_id = $db->sql_nextid(); 451. } 452. 453. $sql = ($mode != 'editpost') ? "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, bbcode_uid, post_text) VALUES ($post_id, '$post_subject', '$bbcode_uid', '$post_message')" : "UPDATE " . POSTS_TEXT_TABLE . " SET post_text = '$post_message', bbcode_uid = '$bbcode_uid', post_subject = '$post_subject' WHERE post_id = $post_id"; 454. if (!$db->sql_query($sql)) 455. { 456. message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); 457. } 458. 459. add_search_words('single', $post_id, stripslashes($post_message), stripslashes($post_subject)); 460. 461. // 462. // Add poll 463. // 464. if (($mode == 'newtopic' || ($mode == 'editpost' && $post_data['edit_poll'])) && !empty($poll_title) && count($poll_options) >= 2) 465. { 466. $sql = (!$post_data['has_poll']) ? "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length) VALUES ($topic_id, '$poll_title', $current_time, " . ($poll_length * 86400) . ")" : "UPDATE " . VOTE_DESC_TABLE . " SET vote_text = '$poll_title', vote_length = " . ($poll_length * 86400) . " WHERE topic_id = $topic_id"; 467. if (!$db->sql_query($sql)) 468. { 469. message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); 470. } 471. 472. $delete_option_sql = ''; 473. $old_poll_result = array(); 474. if ($mode == 'editpost' && $post_data['has_poll']) 475. { 476. $sql = "SELECT vote_option_id, vote_result 477. FROM " . VOTE_RESULTS_TABLE . " 478. WHERE vote_id = $poll_id 479. ORDER BY vote_option_id ASC"; 480. if (!($result = $db->sql_query($sql))) 481. { 482. message_die(GENERAL_ERROR, 'Could not obtain vote data results for this topic', '', __LINE__, __FILE__, $sql); 483. } 484. 485. while ($row = $db->sql_fetchrow($result)) 486. { 487. $old_poll_result[$row['vote_option_id']] = $row['vote_result']; 488. 489. if (!isset($poll_options[$row['vote_option_id']])) 490. { 491. $delete_option_sql .= ($delete_option_sql != '') ? ', ' . $row['vote_option_id'] : $row['vote_option_id']; 492. } 493. } 494. } 495. else 496. { 497. $poll_id = $db->sql_nextid(); 498. } 499. 500. @reset($poll_options); 501. 502. $poll_option_id = 1; 503. while (list($option_id, $option_text) = each($poll_options)) 504. { 505. if (!empty($option_text)) 506. { 507. $option_text = str_replace("\'", "''", htmlspecialchars($option_text)); 508. $poll_result = ($mode == "editpost" && isset($old_poll_result[$option_id])) ? $old_poll_result[$option_id] : 0; 509. 510. $sql = ($mode != "editpost" || !isset($old_poll_result[$option_id])) ? "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result) VALUES ($poll_id, $poll_option_id, '$option_text', $poll_result)" : "UPDATE " . VOTE_RESULTS_TABLE . " SET vote_option_text = '$option_text', vote_result = $poll_result WHERE vote_option_id = $option_id AND vote_id = $poll_id"; 511. if (!$db->sql_query($sql)) 512. { 513. message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); 514. } 515. $poll_option_id++; 516. } 517. } 518. 519. if ($delete_option_sql != '') 520. { 521. $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . " 522. WHERE vote_option_id IN ($delete_option_sql) 523. AND vote_id = $poll_id"; 524. if (!$db->sql_query($sql)) 525. { 526. message_die(GENERAL_ERROR, 'Error deleting pruned poll options', '', __LINE__, __FILE__, $sql); 527. } 528. } 529. } 530. 531. $meta = '<meta http-equiv="refresh" content="0;url=' . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=" . $post_id) . '#' . $post_id . '">'; 532. $message = $lang['Stored'] . ' ' . sprintf($lang['Click_view_message'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=" . $post_id) . '#' . $post_id . '">', '</a>') . ' ' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">', '</a>'); 533. 534. return false; 535. } 536. 537. // 538. // Update post stats and details 539. // 540. function update_post_stats(&$mode, &$post_data, &$forum_id, &$topic_id, &$post_id, &$user_id) 541. { 542. global $db; 543. 544. $sign = ($mode == 'delete') ? '- 1' : '+ 1'; 545. $forum_update_sql = "forum_posts = forum_posts $sign"; 546. $topic_update_sql = ''; 547. 548. if ($mode == 'delete') 549. { 550. if ($post_data['last_post']) 551. { 552. if ($post_data['first_post']) 553. { 554. $forum_update_sql .= ', forum_topics = forum_topics - 1'; 555. } 556. else 557. { 558. 559. $topic_update_sql .= 'topic_replies = topic_replies - 1'; 560. 561. $sql = "SELECT MAX(post_id) AS last_post_id 562. FROM " . POSTS_TABLE . " 563. WHERE topic_id = $topic_id"; 564. if (!($result = $db->sql_query($sql))) 565. { 566. message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); 567. } 568. 569. if ($row = $db->sql_fetchrow($result)) 570. { 571. $topic_update_sql .= ', topic_last_post_id = ' . $row['last_post_id']; 572. } 573. } 574. 575. if ($post_data['last_topic']) 576. { 577. $sql = "SELECT MAX(post_id) AS last_post_id 578. FROM " . POSTS_TABLE . " 579. WHERE forum_id = $forum_id"; 580. if (!($result = $db->sql_query($sql))) 581. { 582. message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); 583. } 584. 585. if ($row = $db->sql_fetchrow($result)) 586. { 587. $forum_update_sql .= ($row['last_post_id']) ? ', forum_last_post_id = ' . $row['last_post_id'] : ', forum_last_post_id = 0'; 588. } 589. } 590. } 591. else if ($post_data['first_post']) 592. { 593. $sql = "SELECT MIN(post_id) AS first_post_id 594. FROM " . POSTS_TABLE . " 595. WHERE topic_id = $topic_id"; 596. if (!($result = $db->sql_query($sql))) 597. { 598. message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); 599. } 600. 601. if ($row = $db->sql_fetchrow($result)) 602. { 603. $topic_update_sql .= 'topic_replies = topic_replies - 1, topic_first_post_id = ' . $row['first_post_id']; 604. } 605. } 606. else 607. { 608. $topic_update_sql .= 'topic_replies = topic_replies - 1'; 609. } 610. } 611. else if ($mode != 'poll_delete') 612. { 613. $forum_update_sql .= ", forum_last_post_id = $post_id" . (($mode == 'newtopic') ? ", forum_topics = forum_topics $sign" : ""); 614. $topic_update_sql = "topic_last_post_id = $post_id" . (($mode == 'reply') ? ", topic_replies = topic_replies $sign" : ", topic_first_post_id = $post_id"); 615. } 616. else 617. { 618. $topic_update_sql .= 'topic_vote = 0'; 619. } 620. 621. if ($mode != 'poll_delete') 622. { 623. $sql = "UPDATE " . FORUMS_TABLE . " SET 624. $forum_update_sql 625. WHERE forum_id = $forum_id"; 626. if (!$db->sql_query($sql)) 627. { 628. message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); 629. } 630. } 631. 632. 633. if ($topic_update_sql != '') 634. { 635. $sql = "UPDATE " . TOPICS_TABLE . " SET 636. $topic_update_sql 637. WHERE topic_id = $topic_id"; 638. if (!$db->sql_query($sql)) 639. { 640. message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); 641. } 642. } 643. 644. if ($mode != 'poll_delete') 645. { 646. $sql = "UPDATE " . USERS_TABLE . " 647. SET user_posts = user_posts $sign 648. WHERE user_id = $user_id"; 649. if (!$db->sql_query($sql, END_TRANSACTION)) 650. { 651. message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); 652. } 653. } 654. 655. $sql = "SELECT ug.user_id, g.group_id as g_id, u.user_posts, g.group_count, g.group_count_max FROM " . GROUPS_TABLE . " g, ".USERS_TABLE." u 656. # $sql = "SELECT ug.user_id, g.group_id AS g_id, u.user_posts, g.group_count, g.group_count_max # FROM ((" . GROUPS_TABLE . " g # LEFT JOIN " . USER_GROUP_TABLE . " ug ON g.group_id = ug.group_id AND ug.user_id = $user_id) # LEFT JOIN " . USERS_TABLE . " u ON u.user_id = $user_id) # WHERE g.group_single_user = 0 # AND g.group_count_enable = 1 # AND g.group_moderator <> $user_id"; 657. WHERE u.user_id=$user_id 658. AND g.group_single_user=0 659. AND g.group_count_enable=1 660. AND g.group_moderator<>$user_id"; 661. if ( !($result = $db->sql_query($sql)) ) 662. { 663. message_die(GENERAL_ERROR, 'Error geting users post stat', '', __LINE__, __FILE__, $sql); 664. } 665. while ($group_data = $db->sql_fetchrow($result)) 666. { 667. $user_already_added = (empty($group_data['user_id'])) ? FALSE : TRUE; 668. $user_add = ($group_data['group_count'] == $group_data['user_posts'] && $user_id!=ANONYMOUS) ? TRUE : FALSE; 669. $user_remove = ($group_data['group_count'] > $group_data['user_posts'] || $group_data['group_count_max'] < $group_data['user_posts']) ? TRUE : FALSE; 670. if ($user_add && !$user_already_added) 671. { 672. //user join a autogroup 673. $sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending) 674. VALUES (".$group_data['g_id'].", $user_id, '0')"; 675. if ( !($db->sql_query($sql)) ) 676. { 677. message_die(GENERAL_ERROR, 'Error insert users, group count', '', __LINE__, __FILE__, $sql); 678. } 679. } else 680. if ( $user_already_added && $user_remove) 681. { 682. //remove user from auto group 683. $sql = "DELETE FROM " . USER_GROUP_TABLE . " 684. WHERE group_id=".$group_data['g_id']." 685. AND user_id=$user_id"; 686. if ( !($db->sql_query($sql)) ) 687. { 688. message_die(GENERAL_ERROR, 'Could not remove users, group count', '', __LINE__, __FILE__, $sql); 689. } 690. } 691. } 692. 693. 694. return; 695. } 696. 697. // 698. // Delete a post/poll 699. // 700. function delete_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id) 701. { 702. global $board_config, $lang, $db, $phpbb_root_path, $phpEx; 703. global $userdata, $user_ip; 704. 705. if ($mode != 'poll_delete') 706. { 707. include($phpbb_root_path . 'includes/functions_search.'.$phpEx); 708. 709. $sql = "DELETE FROM " . POSTS_TABLE . " 710. WHERE post_id = $post_id"; 711. if (!$db->sql_query($sql)) 712. { 713. message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); 714. } 715. 716. $sql = "DELETE FROM " . POSTS_TEXT_TABLE . " 717. WHERE post_id = $post_id"; 718. if (!$db->sql_query($sql)) 719. { 720. message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); 721. } 722. 723. if ($post_data['last_post']) 724. { 725. if ($post_data['first_post']) 726. { 727. $forum_update_sql .= ', forum_topics = forum_topics - 1'; 728. $sql = "DELETE FROM " . TOPICS_TABLE . " 729. WHERE topic_id = $topic_id 730. OR topic_moved_id = $topic_id"; 731. if (!$db->sql_query($sql)) 732. { 733. message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); 734. } 735. 736. $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " 737. WHERE topic_id = $topic_id"; 738. if (!$db->sql_query($sql)) 739. { 740. message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); 741. } 742. } 743. } 744. 745. remove_search_post($post_id); 746. } 747. 748. if ($mode == 'poll_delete' || ($mode == 'delete' && $post_data['first_post'] && $post_data['last_post']) && $post_data['has_poll'] && $post_data['edit_poll']) 749. { 750. $sql = "DELETE FROM " . VOTE_DESC_TABLE . " 751. WHERE topic_id = $topic_id"; 752. if (!$db->sql_query($sql)) 753. { 754. message_die(GENERAL_ERROR, 'Error in deleting poll', '', __LINE__, __FILE__, $sql); 755. } 756. 757. $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . " 758. WHERE vote_id = $poll_id"; 759. if (!$db->sql_query($sql)) 760. { 761. message_die(GENERAL_ERROR, 'Error in deleting poll', '', __LINE__, __FILE__, $sql); 762. } 763. 764. $sql = "DELETE FROM " . VOTE_USERS_TABLE . " 765. WHERE vote_id = $poll_id"; 766. if (!$db->sql_query($sql)) 767. { 768. message_die(GENERAL_ERROR, 'Error in deleting poll', '', __LINE__, __FILE__, $sql); 769. } 770. } 771. 772. if ($mode == 'delete' && $post_data['first_post'] && $post_data['last_post']) 773. { 774. $meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . '=' . $forum_id) . '">'; 775. $message = $lang['Deleted']; 776. } 777. else 778. { 779. $meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . '=' . $topic_id) . '">'; 780. $message = (($mode == 'poll_delete') ? $lang['Poll_delete'] : $lang['Deleted']) . ' ' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>'); 781. } 782. 783. $message .= ' ' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">', '</a>'); 784. 785. return; 786. } 787. 788. // 789. // Handle user notification on new post 790. // 791. function user_notification($mode, &$post_data, &$topic_title, &$forum_id, &$topic_id, &$post_id, &$notify_user) 792. { 793. global $board_config, $lang, $db, $phpbb_root_path, $phpEx; 794. global $userdata, $user_ip; 795. 796. $current_time = time(); 797. 798. if ($mode != 'delete') 799. { 800. if ($mode == 'reply') 801. { 802. $sql = "SELECT ban_userid 803. FROM " . BANLIST_TABLE; 804. if (!($result = $db->sql_query($sql))) 805. { 806. message_die(GENERAL_ERROR, 'Could not obtain banlist', '', __LINE__, __FILE__, $sql); 807. } 808. 809. $user_id_sql = ''; 810. while ($row = $db->sql_fetchrow($result)) 811. { 812. if (isset($row['ban_userid']) && !empty($row['ban_userid'])) 813. { 814. $user_id_sql .= ', ' . $row['ban_userid']; 815. } 816. } 817. 818. $sql = "SELECT u.user_id, u.user_email, u.user_lang 819. FROM " . TOPICS_WATCH_TABLE . " tw, " . USERS_TABLE . " u 820. WHERE tw.topic_id = $topic_id 821. AND tw.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . ") 822. AND tw.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . " 823. AND u.user_id = tw.user_id"; 824. if (!($result = $db->sql_query($sql))) 825. { 826. message_die(GENERAL_ERROR, 'Could not obtain list of topic watchers', '', __LINE__, __FILE__, $sql); 827. } 828. 829. $update_watched_sql = ''; 830. $bcc_list_ary = array(); 831. 832. if ($row = $db->sql_fetchrow($result)) 833. { 834. // Sixty second limit 835. @set_time_limit(60); 836. 837. do 838. { 839. if ($row['user_email'] != '') 840. { 841. $bcc_list_ary[$row['user_lang']][] = $row['user_email']; 842. } 843. $update_watched_sql .= ($update_watched_sql != '') ? ', ' . $row['user_id'] : $row['user_id']; 844. } 845. while ($row = $db->sql_fetchrow($result)); 846. 847. // 848. // Let's do some checking to make sure that mass mail functions 849. // are working in win32 versions of php. 850. // 851. if (preg_match('/[c-z]:\\\.*/i', getenv('PATH')) && !$board_config['smtp_delivery']) 852. { 853. $ini_val = (@phpversion() >= '4.0.0') ? 'ini_get' : 'get_cfg_var'; 854. 855. // We are running on windows, force delivery to use our smtp functions 856. // since php's are broken by default 857. $board_config['smtp_delivery'] = 1; 858. $board_config['smtp_host'] = @$ini_val('SMTP'); 859. } 860. 861. if (sizeof($bcc_list_ary)) 862. { 863. include($phpbb_root_path . 'includes/emailer.'.$phpEx); 864. $emailer = new emailer($board_config['smtp_delivery']); 865. 866. $script_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($board_config['script_path'])); 867. $script_name = ($script_name != '') ? $script_name . '/viewtopic.'.$phpEx : 'viewtopic.'.$phpEx; 868. $server_name = trim($board_config['server_name']); 869. $server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://'; 870. $server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) . '/' : '/'; 871. 872. $orig_word = array(); 873. $replacement_word = array(); 874. obtain_word_list($orig_word, $replacement_word); 875. 876. $emailer->from($board_config['board_email']); 877. $emailer->replyto($board_config['board_email']); 878. 879. $topic_title = (count($orig_word)) ? preg_replace($orig_word, $replacement_word, unprepare_message($topic_title)) : unprepare_message($topic_title); 880. 881. @reset($bcc_list_ary); 882. while (list($user_lang, $bcc_list) = each($bcc_list_ary)) 883. { 884. $emailer->use_template('topic_notify', $user_lang); 885. 886. for ($i = 0; $i < count($bcc_list); $i++) 887. { 888. $emailer->bcc($bcc_list[$i]); 889. } 890. 891. // The Topic_reply_notification lang string below will be used 892. // if for some reason the mail template subject cannot be read 893. // ... note it will not necessarily be in the posters own language! 894. $emailer->set_subject($lang['Topic_reply_notification']); 895. 896. // This is a nasty kludge to remove the username var ... till (if?) 897. // translators update their templates 898. $emailer->msg = preg_replace('#[ ]?{USERNAME}#', '', $emailer->msg); 899. 900. $emailer->assign_vars(array( 901. 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace(' ', "\n", "-- \n" . $board_config['board_email_sig']) : '', 902. 'SITENAME' => $board_config['sitename'], 903. 'TOPIC_TITLE' => $topic_title, 904. 905. 'U_TOPIC' => $server_protocol . $server_name . $server_port . $script_name . '?' . POST_POST_URL . "=$post_id#$post_id", 906. 'U_STOP_WATCHING_TOPIC' => $server_protocol . $server_name . $server_port . $script_name . '?' . POST_TOPIC_URL . "=$topic_id&unwatch=topic") 907. ); 908. 909. $emailer->send(); 910. $emailer->reset(); 911. } 912. } 913. } 914. $db->sql_freeresult($result); 915. 916. if ($update_watched_sql != '') 917. { 918. $sql = "UPDATE " . TOPICS_WATCH_TABLE . " 919. SET notify_status = " . TOPIC_WATCH_NOTIFIED . " 920. WHERE topic_id = $topic_id 921. AND user_id IN ($update_watched_sql)"; 922. $db->sql_query($sql); 923. } 924. } 925. 926. $sql = "SELECT topic_id 927. FROM " . TOPICS_WATCH_TABLE . " 928. WHERE topic_id = $topic_id 929. AND user_id = " . $userdata['user_id']; 930. if (!($result = $db->sql_query($sql))) 931. { 932. message_die(GENERAL_ERROR, 'Could not obtain topic watch information', '', __LINE__, __FILE__, $sql); 933. } 934. 935. $row = $db->sql_fetchrow($result); 936. 937. if (!$notify_user && !empty($row['topic_id'])) 938. { 939. $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " 940. WHERE topic_id = $topic_id 941. AND user_id = " . $userdata['user_id']; 942. if (!$db->sql_query($sql)) 943. { 944. message_die(GENERAL_ERROR, 'Could not delete topic watch information', '', __LINE__, __FILE__, $sql); 945. } 946. } 947. else if ($notify_user && empty($row['topic_id'])) 948. { 949. $sql = "INSERT INTO " . TOPICS_WATCH_TABLE . " (user_id, topic_id, notify_status) 950. VALUES (" . $userdata['user_id'] . ", $topic_id, 0)"; 951. if (!$db->sql_query($sql)) 952. { 953. message_die(GENERAL_ERROR, 'Could not insert topic watch information', '', __LINE__, __FILE__, $sql); 954. } 955. } 956. } 957. } 958. 959. // 960. // Fill smiley templates (or just the variables) with smileys 961. // Either in a window or inline 962. // 963. function generate_smilies($mode, $page_id) 964. { 965. global $db, $board_config, $template, $lang, $images, $theme, $phpEx, $phpbb_root_path; 966. global $user_ip, $session_length, $starttime; 967. global $userdata; 968. 969. $inline_columns = 4; 970. $inline_rows = 5; 971. $window_columns = 8; 972. 973. if ($mode == 'window') 974. { 975. $userdata = session_pagestart($user_ip, $page_id); 976. init_userprefs($userdata); 977. 978. $gen_simple_header = TRUE; 979. 980. $page_title = $lang['Emoticons']; 981. include($phpbb_root_path . 'includes/page_header.'.$phpEx); 982. 983. $template->set_filenames(array( 984. 'smiliesbody' => 'posting_smilies.tpl') 985. ); 986. } 987. 988. $sql = "SELECT emoticon, code, smile_url 989. FROM " . SMILIES_TABLE . " 990. ORDER BY smilies_id"; 991. if ($result = $db->sql_query($sql)) 992. { 993. $num_smilies = 0; 994. $rowset = array(); 995. while ($row = $db->sql_fetchrow($result)) 996. { 997. if (empty($rowset[$row['smile_url']])) 998. { 999. $rowset[$row['smile_url']]['code'] = str_replace("'", "\\'", str_replace('\\', '\\\\', $row['code'])); 1000. $rowset[$row['smile_url']]['emoticon'] = $row['emoticon']; 1001. $num_smilies++; 1002. } 1003. } 1004. 1005. if ($num_smilies) 1006. { 1007. $smilies_count = ($mode == 'inline') ? min(19, $num_smilies) : $num_smilies; 1008. $smilies_split_row = ($mode == 'inline') ? $inline_columns - 1 : $window_columns - 1; 1009. 1010. $s_colspan = 0; 1011. $row = 0; 1012. $col = 0; 1013. 1014. while (list($smile_url, $data) = @each($rowset)) 1015. { 1016. if (!$col) 1017. { 1018. $template->assign_block_vars('smilies_row', array()); 1019. } 1020. 1021. $template->assign_block_vars('smilies_row.smilies_col', array( 1022. 'SMILEY_CODE' => $data['code'], 1023. 'SMILEY_IMG' => $board_config['smilies_path'] . '/' . $smile_url, 1024. 'SMILEY_DESC' => $data['emoticon']) 1025. ); 1026. 1027. $s_colspan = max($s_colspan, $col + 1); 1028. 1029. if ($col == $smilies_split_row) 1030. { 1031. if ($mode == 'inline' && $row == $inline_rows - 1) 1032. { 1033. break; 1034. } 1035. $col = 0; 1036. $row++; 1037. } 1038. else 1039. { 1040. $col++; 1041. } 1042. } 1043. 1044. if ($mode == 'inline' && $num_smilies > $inline_rows * $inline_columns) 1045. { 1046. $template->assign_block_vars('switch_smilies_extra', array()); 1047. 1048. $template->assign_vars(array( 1049. 'L_MORE_SMILIES' => $lang['More_emoticons'], 1050. 'U_MORE_SMILIES' => append_sid("posting.$phpEx?mode=smilies")) 1051. ); 1052. } 1053. 1054. $template->assign_vars(array( 1055. 'L_EMOTICONS' => $lang['Emoticons'], 1056. 'L_CLOSE_WINDOW' => $lang['Close_window'], 1057. 'S_SMILIES_COLSPAN' => $s_colspan) 1058. ); 1059. } 1060. } 1061. 1062. if ($mode == 'window') 1063. { 1064. $template->pparse('smiliesbody'); 1065. 1066. include($phpbb_root_path . 'includes/page_tail.'.$phpEx); 1067. } 1068. } 1069. /** 1070. * Called from within prepare_message to clean included HTML tags if HTML is 1071. * turned on for that post 1072. * @param array $tag Matching text from the message to parse 1073. */ 1074. function clean_html($tag) 1075. { 1076. global $board_config; 1077. 1078. if (empty($tag[0])) 1079. { 1080. return ''; 1081. } 1082. 1083. $allowed_html_tags = preg_split('/, */', strtolower($board_config['allow_html_tags'])); 1084. $disallowed_attributes = '/^(?:style|on)/i'; 1085. 1086. // Check if this is an end tag 1087. preg_match('/<[^\w\/]*\/[\W]*(\w+)/', $tag[0], $matches); 1088. if (sizeof($matches)) 1089. { 1090. if (in_array(strtolower($matches[1]), $allowed_html_tags)) 1091. { 1092. return '</' . $matches[1] . '>'; 1093. } 1094. else 1095. { 1096. return htmlspecialchars('</' . $matches[1] . '>'); 1097. } 1098. } 1099. 1100. // Check if this is an allowed tag 1101. if (in_array(strtolower($tag[1]), $allowed_html_tags)) 1102. { 1103. $attributes = ''; 1104. if (!empty($tag[2])) 1105. { 1106. preg_match_all('/[\W]*?(\w+)[\W]*?=[\W]*?(["\'])((?:(?!\2).)*)\2/', $tag[2], $test); 1107. for ($i = 0; $i < sizeof($test[0]); $i++) 1108. { 1109. if (preg_match($disallowed_attributes, $test[1][$i])) 1110. { 1111. continue; 1112. } 1113. $attributes .= ' ' . $test[1][$i] . '=' . $test[2][$i] . str_replace(array('[', ']'), array('[', ']'), htmlspecialchars($test[3][$i])) . $test[2][$i]; 1114. } 1115. } 1116. if (in_array(strtolower($tag[1]), $allowed_html_tags)) 1117. { 1118. return '<' . $tag[1] . $attributes . '>'; 1119. } 1120. else 1121. { 1122. return htmlspecialchars('<' . $tag[1] . $attributes . '>'); 1123. } 1124. } 1125. // Finally, this is not an allowed tag so strip all the attibutes and escape it 1126. else 1127. { 1128. return htmlspecialchars('<' . $tag[1] . '>'); 1129. } 1130. } 1131. 1132. 1133. ?>

by **UseLess** on Fri Apr 13, 2007 2:19 am

Greetings,

Are those extra line numbers generated by the program your viewing the file in or are they in the file? If they are in the file then they should not be and they will cause problems unless they are either removed or you use a backup of the file.

by **husker** on Fri Apr 13, 2007 10:05 pm

I believe they are there. However, I tried removing the spaces and nothing happened. I'm sorry I cannot figure this out.

If there is something I am missing, I can give you the password...

I'm really sorry about this.

by **UseLess** on Sat Apr 14, 2007 10:22 am

Greetings,

The line numbers should be added by the program your using to edit the file, they should not be present in the file. The file, if loaded into notepad or wordpad, should not have any line numbers. However if the file is load into a program like textpad, and line numbers are turned on, then you should see line numbers otherwise you shouldn't.

by **husker** on Sat Apr 14, 2007 10:23 pm

Ok, thanks. They are actually there, but I odnt know why. I will take out the blank lines.

Thanks

by **husker** on Sun Apr 22, 2007 4:58 pm

Fixed it. Thanks for the support

phpBB Styles

Error getting user stats

Error getting user stats

Who is online