Code Coverage for /data/phpBB/includes/functions

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	36.59% covered (danger)	36.59%	555 / 1517	0.00% covered (danger)	0.00%	0 / 16	CRAP		n/a	0 / 0
generate_smilies	0.00% covered (danger)	0.00%	0 / 114	0.00% covered (danger)	0.00%	0 / 1	240
update_post_information	89.77% covered (warning)	89.77%	79 / 88	0.00% covered (danger)	0.00%	0 / 1	18.35
posting_gen_topic_icons	0.00% covered (danger)	0.00%	0 / 19	0.00% covered (danger)	0.00%	0 / 1	56
posting_gen_topic_types	0.00% covered (danger)	0.00%	0 / 30	0.00% covered (danger)	0.00%	0 / 1	56
get_img_size_format	0.00% covered (danger)	0.00%	0 / 11	0.00% covered (danger)	0.00%	0 / 1	12
get_supported_image_types	0.00% covered (danger)	0.00%	0 / 25	0.00% covered (danger)	0.00%	0 / 1	506
create_thumbnail	6.10% covered (danger)	6.10%	5 / 82	0.00% covered (danger)	0.00%	0 / 1	677.15
posting_gen_inline_attachments	0.00% covered (danger)	0.00%	0 / 8	0.00% covered (danger)	0.00%	0 / 1	12
posting_gen_attachment_entry	0.00% covered (danger)	0.00%	0 / 44	0.00% covered (danger)	0.00%	0 / 1	72
load_drafts	0.00% covered (danger)	0.00%	0 / 65	0.00% covered (danger)	0.00%	0 / 1	462
topic_review	0.00% covered (danger)	0.00%	0 / 152	0.00% covered (danger)	0.00%	0 / 1	1056
delete_post	84.52% covered (warning)	84.52%	131 / 155	0.00% covered (danger)	0.00%	0 / 1	49.86
submit_post	59.75% covered (warning)	59.75%	340 / 569	0.00% covered (danger)	0.00%	0 / 1	3835.02
phpbb_bump_topic	0.00% covered (danger)	0.00%	0 / 55	0.00% covered (danger)	0.00%	0 / 1	110
phpbb_upload_popup	0.00% covered (danger)	0.00%	0 / 12	0.00% covered (danger)	0.00%	0 / 1	6
phpbb_handle_post_delete	0.00% covered (danger)	0.00%	0 / 88	0.00% covered (danger)	0.00%	0 / 1	1560

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	/**
15	* @ignore
16	*/
17	if (!defined('IN_PHPBB'))
18	{
19	exit;
20	}
21
22	/**
23	* Fill smiley templates (or just the variables) with smilies, either in a window or inline
24	*/
25	function generate_smilies($mode, $forum_id)
26	{
27	global $db, $user, $config, $template, $phpbb_dispatcher, $request;
28	global $phpEx, $phpbb_root_path, $phpbb_container, $phpbb_path_helper;
29
30	/* @var $pagination \phpbb\pagination */
31	$pagination = $phpbb_container->get('pagination');
32	$base_url = append_sid("{$phpbb_root_path}posting.$phpEx", 'mode=smilies&f=' . $forum_id);
33	$start = $request->variable('start', 0);
34
35	if ($mode == 'window')
36	{
37	if ($forum_id)
38	{
39	$sql = 'SELECT forum_style
40	FROM ' . FORUMS_TABLE . "
41	WHERE forum_id = $forum_id";
42	$result = $db->sql_query_limit($sql, 1);
43	$row = $db->sql_fetchrow($result);
44	$db->sql_freeresult($result);
45
46	$user->setup('posting', (int) $row['forum_style']);
47	}
48	else
49	{
50	$user->setup('posting');
51	}
52
53	page_header($user->lang['SMILIES']);
54
55	$sql_ary = [
56	'SELECT' => 'COUNT(s.smiley_id) AS item_count',
57	'FROM' => [
58	SMILIES_TABLE => 's',
59	],
60	'GROUP_BY' => 's.smiley_url',
61	];
62
63	/**
64	* Modify SQL query that fetches the total number of smilies in window mode
65	*
66	* @event core.generate_smilies_count_sql_before
67	* @var int forum_id Forum where smilies are generated
68	* @var array sql_ary Array with the SQL query
69	* @var string base_url URL for the "More smilies" link and its pagination
70	* @since 3.2.9-RC1
71	* @changed 3.2.10-RC1 Added base_url
72	*/
73	$vars = [
74	'forum_id',
75	'sql_ary',
76	'base_url',
77	];
78	extract($phpbb_dispatcher->trigger_event('core.generate_smilies_count_sql_before', compact($vars)));
79
80	$sql = $db->sql_build_query('SELECT', $sql_ary);
81	$result = $db->sql_query($sql, 3600);
82
83	$smiley_count = 0;
84	while ($row = $db->sql_fetchrow($result))
85	{
86	++$smiley_count;
87	}
88	$db->sql_freeresult($result);
89
90	$template->set_filenames(array(
91	'body' => 'posting_smilies.html')
92	);
93
94	$start = $pagination->validate_start($start, $config['smilies_per_page'], $smiley_count);
95	$pagination->generate_template_pagination($base_url, 'pagination', 'start', $smiley_count, $config['smilies_per_page'], $start);
96	}
97
98	$display_link = false;
99	if ($mode == 'inline')
100	{
101	$sql = 'SELECT smiley_id
102	FROM ' . SMILIES_TABLE . '
103	WHERE display_on_posting = 0';
104	$result = $db->sql_query_limit($sql, 1, 0, 3600);
105
106	if ($row = $db->sql_fetchrow($result))
107	{
108	$display_link = true;
109	}
110	$db->sql_freeresult($result);
111	}
112
113	if ($mode == 'window')
114	{
115	$sql_ary = [
116	'SELECT' => 's.smiley_url, MIN(s.emotion) AS emotion, MIN(s.code) AS code, s.smiley_width, s.smiley_height, MIN(s.smiley_order) AS min_smiley_order',
117	'FROM' => [
118	SMILIES_TABLE => 's',
119	],
120	'GROUP_BY' => 's.smiley_url, s.smiley_width, s.smiley_height',
121	'ORDER_BY' => $db->sql_quote('min_smiley_order'),
122	];
123	}
124	else
125	{
126	$sql_ary = [
127	'SELECT' => 's.*',
128	'FROM' => [
129	SMILIES_TABLE => 's',
130	],
131	'WHERE' => 's.display_on_posting = 1',
132	'ORDER_BY' => 's.smiley_order',
133	];
134	}
135
136	/**
137	* Modify the SQL query that fetches the smilies
138	*
139	* @event core.generate_smilies_modify_sql
140	* @var string mode Smiley mode, either window or inline
141	* @var int forum_id Forum where smilies are generated, or 0 if composing a private message
142	* @var array sql_ary Array with SQL query data
143	* @since 3.2.10-RC1
144	* @since 3.3.1-RC1
145	*/
146	$vars = [
147	'mode',
148	'forum_id',
149	'sql_ary',
150	];
151	extract($phpbb_dispatcher->trigger_event('core.generate_smilies_modify_sql', compact($vars)));
152
153	$sql = $db->sql_build_query('SELECT', $sql_ary);
154
155	if ($mode == 'window')
156	{
157	$result = $db->sql_query_limit($sql, $config['smilies_per_page'], $start, 3600);
158	}
159	else
160	{
161	$result = $db->sql_query($sql, 3600);
162	}
163
164	$smilies = array();
165	while ($row = $db->sql_fetchrow($result))
166	{
167	if (empty($smilies[$row['smiley_url']]))
168	{
169	$smilies[$row['smiley_url']] = $row;
170	}
171	}
172	$db->sql_freeresult($result);
173
174	/**
175	* Modify smilies before they are assigned to the template
176	*
177	* @event core.generate_smilies_modify_rowset
178	* @var string mode Smiley mode, either window or inline
179	* @var int forum_id Forum where smilies are generated, or 0 if composing a private message
180	* @var array smilies Smiley rows fetched from the database
181	* @since 3.2.9-RC1
182	*/
183	$vars = [
184	'mode',
185	'forum_id',
186	'smilies',
187	];
188	extract($phpbb_dispatcher->trigger_event('core.generate_smilies_modify_rowset', compact($vars)));
189
190	if (count($smilies))
191	{
192	$root_path = $phpbb_path_helper->get_web_root_path();
193
194	foreach ($smilies as $row)
195	{
196	/**
197	* Modify smiley root path before populating smiley list
198	*
199	* @event core.generate_smilies_before
200	* @var string root_path root_path for smilies
201	* @since 3.1.11-RC1
202	*/
203	$vars = array('root_path');
204	extract($phpbb_dispatcher->trigger_event('core.generate_smilies_before', compact($vars)));
205	$template->assign_block_vars('smiley', array(
206	'SMILEY_CODE' => $row['code'],
207	'A_SMILEY_CODE' => addslashes($row['code']),
208	'SMILEY_IMG' => $root_path . $config['smilies_path'] . '/' . $row['smiley_url'],
209	'SMILEY_WIDTH' => $row['smiley_width'],
210	'SMILEY_HEIGHT' => $row['smiley_height'],
211	'SMILEY_DESC' => $row['emotion'])
212	);
213	}
214	}
215
216	/**
217	* This event is called after the smilies are populated
218	*
219	* @event core.generate_smilies_after
220	* @var string mode Mode of the smilies: window\|inline
221	* @var int forum_id The forum ID we are currently in
222	* @var bool display_link Shall we display the "more smilies" link?
223	* @var string base_url URL for the "More smilies" link and its pagination
224	* @since 3.1.0-a1
225	* @changed 3.2.10-RC1 Added base_url
226	*/
227	$vars = [
228	'mode',
229	'forum_id',
230	'display_link',
231	'base_url',
232	];
233	extract($phpbb_dispatcher->trigger_event('core.generate_smilies_after', compact($vars)));
234
235	if ($mode == 'inline' && $display_link)
236	{
237	$template->assign_vars(array(
238	'S_SHOW_SMILEY_LINK' => true,
239	'U_MORE_SMILIES' => $base_url,
240	));
241	}
242
243	if ($mode == 'window')
244	{
245	page_footer();
246	}
247	}
248
249	/**
250	* Update last post information
251	* Should be used instead of sync() if only the last post information are out of sync... faster
252	*
253	* @param string $type Can be forum\|topic
254	* @param mixed $ids topic/forum ids
255	* @param bool $return_update_sql true: SQL query shall be returned, false: execute SQL
256	* @return array\|null SQL query, null otherwise
257	*/
258	function update_post_information($type, $ids, $return_update_sql = false)
259	{
260	global $db, $phpbb_dispatcher;
261
262	if (empty($ids))
263	{
264	return;
265	}
266	if (!is_array($ids))
267	{
268	$ids = array($ids);
269	}
270
271	$update_sql = $empty_forums = $not_empty_forums = array();
272
273	if ($type != 'topic')
274	{
275	$topic_join = ', ' . TOPICS_TABLE . ' t';
276	$topic_condition = 'AND t.topic_id = p.topic_id AND t.topic_visibility = ' . ITEM_APPROVED;
277	}
278	else
279	{
280	$topic_join = '';
281	$topic_condition = '';
282	}
283
284	if (count($ids) == 1)
285	{
286	$sql = 'SELECT p.post_id as last_post_id
287	FROM ' . POSTS_TABLE . " p $topic_join
288	WHERE " . $db->sql_in_set('p.' . $type . '_id', $ids) . "
289	$topic_condition
290	AND p.post_visibility = " . ITEM_APPROVED . "
291	ORDER BY p.post_id DESC";
292	$result = $db->sql_query_limit($sql, 1);
293	}
294	else
295	{
296	$sql = 'SELECT p.' . $type . '_id, MAX(p.post_id) as last_post_id
297	FROM ' . POSTS_TABLE . " p $topic_join
298	WHERE " . $db->sql_in_set('p.' . $type . '_id', $ids) . "
299	$topic_condition
300	AND p.post_visibility = " . ITEM_APPROVED . "
301	GROUP BY p.{$type}_id";
302	$result = $db->sql_query($sql);
303	}
304
305	$last_post_ids = array();
306	while ($row = $db->sql_fetchrow($result))
307	{
308	if (count($ids) == 1)
309	{
310	$row[$type . '_id'] = $ids[0];
311	}
312
313	if ($type == 'forum')
314	{
315	$not_empty_forums[] = $row['forum_id'];
316
317	if (empty($row['last_post_id']))
318	{
319	$empty_forums[] = $row['forum_id'];
320	}
321	}
322
323	$last_post_ids[] = $row['last_post_id'];
324	}
325	$db->sql_freeresult($result);
326
327	if ($type == 'forum')
328	{
329	$empty_forums = array_merge($empty_forums, array_diff($ids, $not_empty_forums));
330
331	foreach ($empty_forums as $forum_id)
332	{
333	$update_sql[$forum_id][] = 'forum_last_post_id = 0';
334	$update_sql[$forum_id][] = "forum_last_post_subject = ''";
335	$update_sql[$forum_id][] = 'forum_last_post_time = 0';
336	$update_sql[$forum_id][] = 'forum_last_poster_id = 0';
337	$update_sql[$forum_id][] = "forum_last_poster_name = ''";
338	$update_sql[$forum_id][] = "forum_last_poster_colour = ''";
339	}
340	}
341
342	if (count($last_post_ids))
343	{
344	$sql_ary = array(
345	'SELECT' => 'p.' . $type . '_id, p.post_id, p.post_subject, p.post_time, p.poster_id, p.post_username, u.user_id, u.username, u.user_colour',
346	'FROM' => array(
347	POSTS_TABLE => 'p',
348	USERS_TABLE => 'u',
349	),
350	'WHERE' => $db->sql_in_set('p.post_id', $last_post_ids) . '
351	AND p.poster_id = u.user_id',
352	);
353
354	/**
355	* Event to modify the SQL array to get the post and user data from all last posts
356	*
357	* @event core.update_post_info_modify_posts_sql
358	* @var string type The table being updated (forum or topic)
359	* @var array sql_ary SQL array to get some of the last posts' data
360	* @since 3.3.5-RC1
361	*/
362	$vars = [
363	'type',
364	'sql_ary',
365	];
366	extract($phpbb_dispatcher->trigger_event('core.update_post_info_modify_posts_sql', compact($vars)));
367	$result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary));
368
369	$rowset = array();
370	while ($row = $db->sql_fetchrow($result))
371	{
372	$rowset[] = $row;
373	$update_sql[$row["{$type}_id"]][] = $type . '_last_post_id = ' . (int) $row['post_id'];
374	$update_sql[$row["{$type}_id"]][] = "{$type}_last_post_subject = '" . $db->sql_escape($row['post_subject']) . "'";
375	$update_sql[$row["{$type}_id"]][] = $type . '_last_post_time = ' . (int) $row['post_time'];
376	$update_sql[$row["{$type}_id"]][] = $type . '_last_poster_id = ' . (int) $row['poster_id'];
377	$update_sql[$row["{$type}_id"]][] = "{$type}_last_poster_colour = '" . $db->sql_escape($row['user_colour']) . "'";
378	$update_sql[$row["{$type}_id"]][] = "{$type}_last_poster_name = '" . (($row['poster_id'] == ANONYMOUS) ? $db->sql_escape($row['post_username']) : $db->sql_escape($row['username'])) . "'";
379	}
380	$db->sql_freeresult($result);
381
382	/**
383	* Event to modify the update_sql array to add new update data for forum or topic last posts
384	*
385	* @event core.update_post_info_modify_sql
386	* @var string type The table being updated (forum or topic)
387	* @var array rowset Array with the posts data
388	* @var array update_sql Array with SQL data to update the forums or topics table with
389	* @since 3.3.5-RC1
390	*/
391	$vars = [
392	'type',
393	'rowset',
394	'update_sql',
395	];
396	extract($phpbb_dispatcher->trigger_event('core.update_post_info_modify_sql', compact($vars)));
397	unset($rowset);
398	}
399	unset($empty_forums, $ids, $last_post_ids);
400
401	if ($return_update_sql \|\| !count($update_sql))
402	{
403	return $update_sql;
404	}
405
406	$table = ($type == 'forum') ? FORUMS_TABLE : TOPICS_TABLE;
407
408	foreach ($update_sql as $update_id => $update_sql_ary)
409	{
410	$sql = "UPDATE $table
411	SET " . implode(', ', $update_sql_ary) . "
412	WHERE {$type}_id = $update_id";
413	$db->sql_query($sql);
414	}
415
416	return null;
417	}
418
419	/**
420	* Generate Topic Icons for display
421	*/
422	function posting_gen_topic_icons($mode, $icon_id)
423	{
424	global $phpbb_root_path, $phpbb_path_helper, $config, $template, $cache;
425
426	// Grab icons
427	$icons = $cache->obtain_icons();
428
429	if (!$icon_id)
430	{
431	$template->assign_var('S_NO_ICON_CHECKED', ' checked="checked"');
432	}
433
434	if (count($icons))
435	{
436	$root_path = $phpbb_path_helper->get_web_root_path();
437
438	foreach ($icons as $id => $data)
439	{
440	if ($data['display'])
441	{
442	$template->assign_block_vars('topic_icon', array(
443	'ICON_ID' => $id,
444	'ICON_IMG' => $root_path . $config['icons_path'] . '/' . $data['img'],
445	'ICON_WIDTH' => $data['width'],
446	'ICON_HEIGHT' => $data['height'],
447	'ICON_ALT' => $data['alt'],
448
449	'S_CHECKED' => ($id == $icon_id) ? true : false,
450	'S_ICON_CHECKED' => ($id == $icon_id) ? ' checked="checked"' : '')
451	);
452	}
453	}
454
455	return true;
456	}
457
458	return false;
459	}
460
461	/**
462	* Build topic types able to be selected
463	*/
464	function posting_gen_topic_types($forum_id, $cur_topic_type = POST_NORMAL)
465	{
466	global $auth, $user, $template;
467
468	$toggle = false;
469
470	$topic_types = array(
471	'sticky' => array('const' => POST_STICKY, 'lang' => 'POST_STICKY'),
472	'announce' => array('const' => POST_ANNOUNCE, 'lang' => 'POST_ANNOUNCEMENT'),
473	'announce_global' => array('const' => POST_GLOBAL, 'lang' => 'POST_GLOBAL')
474	);
475
476	$topic_type_array = array();
477
478	foreach ($topic_types as $auth_key => $topic_value)
479	{
480	if ($auth->acl_get('f_' . $auth_key, $forum_id))
481	{
482	$toggle = true;
483
484	$topic_type_array[] = array(
485	'VALUE' => $topic_value['const'],
486	'S_CHECKED' => ($cur_topic_type == $topic_value['const']) ? ' checked="checked"' : '',
487	'L_TOPIC_TYPE' => $user->lang[$topic_value['lang']]
488	);
489	}
490	}
491
492	if ($toggle)
493	{
494	$topic_type_array = array_merge(array(0 => array(
495	'VALUE' => POST_NORMAL,
496	'S_CHECKED' => ($cur_topic_type == POST_NORMAL) ? ' checked="checked"' : '',
497	'L_TOPIC_TYPE' => $user->lang['POST_NORMAL'])),
498
499	$topic_type_array
500	);
501
502	foreach ($topic_type_array as $array)
503	{
504	$template->assign_block_vars('topic_type', $array);
505	}
506
507	$template->assign_vars(array(
508	'S_TOPIC_TYPE_STICKY' => ($auth->acl_get('f_sticky', $forum_id)),
509	'S_TOPIC_TYPE_ANNOUNCE' => ($auth->acl_gets('f_announce', 'f_announce_global', $forum_id)),
510	));
511	}
512
513	return $toggle;
514	}
515
516	//
517	// Attachment related functions
518	//
519	/**
520	* Calculate the needed size for Thumbnail
521	*/
522	function get_img_size_format($width, $height)
523	{
524	global $config;
525
526	// Maximum Width the Image can take
527	$max_width = ($config['img_max_thumb_width']) ? $config['img_max_thumb_width'] : 400;
528
529	if ($width > $height)
530	{
531	return array(
532	round($width * ($max_width / $width)),
533	round($height * ($max_width / $width))
534	);
535	}
536	else
537	{
538	return array(
539	round($width * ($max_width / $height)),
540	round($height * ($max_width / $height))
541	);
542	}
543	}
544
545	/**
546	* Return supported image types
547	*/
548	function get_supported_image_types($type = false)
549	{
550	if (@extension_loaded('gd'))
551	{
552	$format = imagetypes();
553	$new_type = 0;
554
555	if ($type !== false)
556	{
557	// Type is one of the IMAGETYPE constants - it is fetched from getimagesize()
558	switch ($type)
559	{
560	// GIF
561	case IMAGETYPE_GIF:
562	$new_type = ($format & IMG_GIF) ? IMG_GIF : false;
563	break;
564
565	// JPG, JPC, JP2
566	case IMAGETYPE_JPEG:
567	case IMAGETYPE_JPC:
568	case IMAGETYPE_JPEG2000:
569	case IMAGETYPE_JP2:
570	case IMAGETYPE_JPX:
571	case IMAGETYPE_JB2:
572	$new_type = ($format & IMG_JPG) ? IMG_JPG : false;
573	break;
574
575	// PNG
576	case IMAGETYPE_PNG:
577	$new_type = ($format & IMG_PNG) ? IMG_PNG : false;
578	break;
579
580	// WBMP
581	case IMAGETYPE_WBMP:
582	$new_type = ($format & IMG_WBMP) ? IMG_WBMP : false;
583	break;
584
585	// WEBP
586	case IMAGETYPE_WEBP:
587	$new_type = ($format & IMG_WEBP) ? IMG_WEBP : false;
588	break;
589	}
590	}
591	else
592	{
593	$new_type = [];
594	$go_through_types = [IMG_GIF, IMG_JPG, IMG_PNG, IMG_WBMP, IMG_WEBP];
595
596	foreach ($go_through_types as $check_type)
597	{
598	if ($format & $check_type)
599	{
600	$new_type[] = $check_type;
601	}
602	}
603	}
604
605	return [
606	'gd' => ($new_type) ? true : false,
607	'format' => $new_type,
608	'version' => (function_exists('imagecreatetruecolor')) ? 2 : 1
609	];
610	}
611
612	return ['gd' => false];
613	}
614
615	/**
616	* Create Thumbnail
617	*/
618	function create_thumbnail($source, $destination, $mimetype)
619	{
620	global $config, $phpbb_filesystem, $phpbb_dispatcher;
621
622	$min_filesize = (int) $config['img_min_thumb_filesize'];
623	$img_filesize = (file_exists($source)) ? @filesize($source) : false;
624
625	if (!$img_filesize \|\| $img_filesize <= $min_filesize)
626	{
627	return false;
628	}
629
630	$dimension = @getimagesize($source);
631
632	if ($dimension === false)
633	{
634	return false;
635	}
636
637	list($width, $height, $type, ) = $dimension;
638
639	if (empty($width) \|\| empty($height))
640	{
641	return false;
642	}
643
644	list($new_width, $new_height) = get_img_size_format($width, $height);
645
646	// Do not create a thumbnail if the resulting width/height is bigger than the original one
647	if ($new_width >= $width && $new_height >= $height)
648	{
649	return false;
650	}
651
652	$thumbnail_created = false;
653
654	/**
655	* Create thumbnail event to replace GD thumbnail creation with for example ImageMagick
656	*
657	* @event core.thumbnail_create_before
658	* @var string source Image source path
659	* @var string destination Thumbnail destination path
660	* @var string mimetype Image mime type
661	* @var float new_width Calculated thumbnail width
662	* @var float new_height Calculated thumbnail height
663	* @var bool thumbnail_created Set to true to skip default GD thumbnail creation
664	* @since 3.2.4
665	*/
666	$vars = array(
667	'source',
668	'destination',
669	'mimetype',
670	'new_width',
671	'new_height',
672	'thumbnail_created',
673	);
674	extract($phpbb_dispatcher->trigger_event('core.thumbnail_create_before', compact($vars)));
675
676	if (!$thumbnail_created)
677	{
678	$type = get_supported_image_types($type);
679
680	if ($type['gd'])
681	{
682	// If the type is not supported, we are not able to create a thumbnail
683	if ($type['format'] === false)
684	{
685	return false;
686	}
687
688	switch ($type['format'])
689	{
690	case IMG_GIF:
691	$image = @imagecreatefromgif($source);
692	break;
693
694	case IMG_JPG:
695	@ini_set('gd.jpeg_ignore_warning', 1);
696	$image = @imagecreatefromjpeg($source);
697	break;
698
699	case IMG_PNG:
700	$image = @imagecreatefrompng($source);
701	break;
702
703	case IMG_WBMP:
704	$image = @imagecreatefromwbmp($source);
705	break;
706
707	case IMG_WEBP:
708	$image = @imagecreatefromwebp($source);
709	break;
710	}
711
712	if (empty($image))
713	{
714	return false;
715	}
716
717	if ($type['version'] == 1)
718	{
719	$new_image = imagecreate($new_width, $new_height);
720
721	if ($new_image === false)
722	{
723	return false;
724	}
725
726	imagecopyresized($new_image, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
727	}
728	else
729	{
730	$new_image = imagecreatetruecolor($new_width, $new_height);
731
732	if ($new_image === false)
733	{
734	return false;
735	}
736
737	// Preserve alpha transparency (png for example)
738	@imagealphablending($new_image, false);
739	@imagesavealpha($new_image, true);
740
741	imagecopyresampled($new_image, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
742	}
743
744	switch ($type['format'])
745	{
746	case IMG_GIF:
747	imagegif($new_image, $destination);
748	break;
749
750	case IMG_JPG:
751	imagejpeg($new_image, $destination, 90);
752	break;
753
754	case IMG_PNG:
755	imagepng($new_image, $destination);
756	break;
757
758	case IMG_WBMP:
759	imagewbmp($new_image, $destination);
760	break;
761
762	case IMG_WEBP:
763	imagewebp($new_image, $destination);
764	break;
765	}
766
767	imagedestroy($new_image);
768	}
769	else
770	{
771	return false;
772	}
773	}
774
775	if (!file_exists($destination))
776	{
777	return false;
778	}
779
780	try
781	{
782	$phpbb_filesystem->phpbb_chmod($destination, \phpbb\filesystem\filesystem_interface::CHMOD_READ \| \phpbb\filesystem\filesystem_interface::CHMOD_WRITE);
783	}
784	catch (\phpbb\filesystem\exception\filesystem_exception $e)
785	{
786	// Do nothing
787	}
788
789	return true;
790	}
791
792	/**
793	* Assign Inline attachments (build option fields)
794	*/
795	function posting_gen_inline_attachments(&$attachment_data)
796	{
797	global $template;
798
799	if (count($attachment_data))
800	{
801	$s_inline_attachment_options = '';
802
803	foreach ($attachment_data as $i => $attachment)
804	{
805	$s_inline_attachment_options .= '<option value="' . $i . '">' . utf8_basename($attachment['real_filename']) . '</option>';
806	}
807
808	$template->assign_var('S_INLINE_ATTACHMENT_OPTIONS', $s_inline_attachment_options);
809
810	return true;
811	}
812
813	return false;
814	}
815
816	/**
817	* Generate inline attachment entry
818	*
819	* @param array $attachment_data The attachment data
820	* @param string $filename_data The filename data (filecomment)
821	* @param bool $show_attach_box Whether to show the attach box
822	* @param mixed $forum_id The forum id to check or false if private message
823	* @return int
824	*/
825	function posting_gen_attachment_entry($attachment_data, &$filename_data, $show_attach_box = true, $forum_id = false)
826	{
827	global $template, $cache, $config, $user, $phpbb_dispatcher, $phpbb_container;
828
829	$allowed_attachments = array_keys($cache->obtain_attach_extensions($forum_id)['_allowed_']);
830
831	// Some default template variables
832	$default_vars = [
833	'S_SHOW_ATTACH_BOX' => $show_attach_box,
834	'S_HAS_ATTACHMENTS' => count($attachment_data),
835	'FILESIZE' => $config['max_filesize'],
836	'FILE_COMMENT' => (isset($filename_data['filecomment'])) ? $filename_data['filecomment'] : '',
837	'MAX_ATTACHMENT_FILESIZE' => $config['max_filesize'] > 0 ? $user->lang('MAX_ATTACHMENT_FILESIZE', get_formatted_filesize($config['max_filesize'])) : '',
838	'ALLOWED_ATTACHMENTS' => !empty($allowed_attachments) ? '.' . implode(',.', $allowed_attachments) : '',
839	];
840
841	/**
842	* Modify default attachments template vars
843	*
844	* @event core.modify_default_attachments_template_vars
845	* @var array allowed_attachments Array containing allowed attachments data
846	* @var array default_vars Array containing default attachments template vars
847	* @since 3.3.6-RC1
848	*/
849	$vars = ['allowed_attachments', 'default_vars'];
850	extract($phpbb_dispatcher->trigger_event('core.modify_default_attachments_template_vars', compact($vars)));
851
852	$template->assign_vars($default_vars);
853
854	if (count($attachment_data))
855	{
856	// We display the posted attachments within the desired order.
857	($config['display_order']) ? krsort($attachment_data) : ksort($attachment_data);
858
859	$attachrow_template_vars = [];
860
861	foreach ($attachment_data as $count => $attach_row)
862	{
863	$hidden = '';
864	$attach_row['real_filename'] = utf8_basename($attach_row['real_filename']);
865
866	foreach ($attach_row as $key => $value)
867	{
868	$hidden .= '<input type="hidden" name="attachment_data[' . $count . '][' . $key . ']" value="' . $value . '" />';
869	}
870
871	$download_link = $phpbb_container->get('controller.helper')
872	->route(
873	'phpbb_storage_attachment',
874	[
875	'id' => (int) $attach_row['attach_id'],
876	'filename' => $attach_row['real_filename'],
877	]
878	);
879
880	$attachrow_template_vars[(int) $attach_row['attach_id']] = array(
881	'FILENAME' => utf8_basename($attach_row['real_filename']),
882	'A_FILENAME' => addslashes(utf8_basename($attach_row['real_filename'])),
883	'FILE_COMMENT' => $attach_row['attach_comment'],
884	'ATTACH_ID' => $attach_row['attach_id'],
885	'S_IS_ORPHAN' => $attach_row['is_orphan'],
886	'ASSOC_INDEX' => $count,
887	'FILESIZE' => get_formatted_filesize($attach_row['filesize']),
888
889	'U_VIEW_ATTACHMENT' => $download_link,
890	'S_HIDDEN' => $hidden,
891	);
892	}
893
894	/**
895	* Modify inline attachments template vars
896	*
897	* @event core.modify_inline_attachments_template_vars
898	* @var array attachment_data Array containing attachments data
899	* @var array attachrow_template_vars Array containing attachments template vars
900	* @since 3.2.2-RC1
901	*/
902	$vars = array('attachment_data', 'attachrow_template_vars');
903	extract($phpbb_dispatcher->trigger_event('core.modify_inline_attachments_template_vars', compact($vars)));
904
905	$template->assign_block_vars_array('attach_row', $attachrow_template_vars);
906	}
907
908	return count($attachment_data);
909	}
910
911	//
912	// General Post functions
913	//
914
915	/**
916	* Load Drafts
917	*/
918	function load_drafts($topic_id = 0, $forum_id = 0, $id = 0, $pm_action = '', $msg_id = 0)
919	{
920	global $user, $db, $template, $auth;
921	global $phpbb_root_path, $phpbb_dispatcher, $phpEx;
922
923	$topic_ids = $draft_rows = array();
924
925	// Load those drafts not connected to forums/topics
926	// If forum_id == 0 AND topic_id == 0 then this is a PM draft
927	if (!$topic_id && !$forum_id)
928	{
929	$sql_and = ' AND d.forum_id = 0 AND d.topic_id = 0';
930	}
931	else
932	{
933	$sql_and = '';
934	$sql_and .= ($forum_id) ? ' AND d.forum_id = ' . (int) $forum_id : '';
935	$sql_and .= ($topic_id) ? ' AND d.topic_id = ' . (int) $topic_id : '';
936	}
937
938	$sql = 'SELECT d.*, f.forum_id, f.forum_name
939	FROM ' . DRAFTS_TABLE . ' d
940	LEFT JOIN ' . FORUMS_TABLE . ' f ON (f.forum_id = d.forum_id)
941	WHERE d.user_id = ' . $user->data['user_id'] . "
942	$sql_and
943	ORDER BY d.save_time DESC";
944	$result = $db->sql_query($sql);
945
946	while ($row = $db->sql_fetchrow($result))
947	{
948	if ($row['topic_id'])
949	{
950	$topic_ids[] = (int) $row['topic_id'];
951	}
952	$draft_rows[] = $row;
953	}
954	$db->sql_freeresult($result);
955
956	if (!count($draft_rows))
957	{
958	return;
959	}
960
961	$topic_rows = array();
962	if (count($topic_ids))
963	{
964	$sql = 'SELECT topic_id, forum_id, topic_title, topic_poster
965	FROM ' . TOPICS_TABLE . '
966	WHERE ' . $db->sql_in_set('topic_id', array_unique($topic_ids));
967	$result = $db->sql_query($sql);
968
969	while ($row = $db->sql_fetchrow($result))
970	{
971	$topic_rows[$row['topic_id']] = $row;
972	}
973	$db->sql_freeresult($result);
974	}
975
976	/**
977	* Drafts found and their topics
978	* Edit $draft_rows in order to add or remove drafts loaded
979	*
980	* @event core.load_drafts_draft_list_result
981	* @var array draft_rows The drafts query result. Includes its forum id and everything about the draft
982	* @var array topic_ids The list of topics got from the topics table
983	* @var array topic_rows The topics that draft_rows references
984	* @since 3.1.0-RC3
985	*/
986	$vars = array('draft_rows', 'topic_ids', 'topic_rows');
987	extract($phpbb_dispatcher->trigger_event('core.load_drafts_draft_list_result', compact($vars)));
988
989	unset($topic_ids);
990
991	$template->assign_var('S_SHOW_DRAFTS', true);
992
993	foreach ($draft_rows as $draft)
994	{
995	$link_topic = $link_forum = $link_pm = false;
996	$view_url = $title = '';
997
998	if (isset($topic_rows[$draft['topic_id']])
999	&& (
1000	($topic_rows[$draft['topic_id']]['forum_id'] && $auth->acl_get('f_read', $topic_rows[$draft['topic_id']]['forum_id']))
1001	\|\|
1002	(!$topic_rows[$draft['topic_id']]['forum_id'] && $auth->acl_getf_global('f_read'))
1003	))
1004	{
1005	$topic_forum_id = ($topic_rows[$draft['topic_id']]['forum_id']) ? $topic_rows[$draft['topic_id']]['forum_id'] : $forum_id;
1006
1007	$link_topic = true;
1008	$view_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $draft['topic_id']);
1009	$title = $topic_rows[$draft['topic_id']]['topic_title'];
1010
1011	$insert_url = append_sid("{$phpbb_root_path}posting.$phpEx", 't=' . $draft['topic_id'] . '&mode=reply&d=' . $draft['draft_id']);
1012	}
1013	else if ($draft['forum_id'] && $auth->acl_get('f_read', $draft['forum_id']))
1014	{
1015	$link_forum = true;
1016	$view_url = append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $draft['forum_id']);
1017	$title = $draft['forum_name'];
1018
1019	$insert_url = append_sid("{$phpbb_root_path}posting.$phpEx", 'f=' . $draft['forum_id'] . '&mode=post&d=' . $draft['draft_id']);
1020	}
1021	else
1022	{
1023	// Either display as PM draft if forum_id and topic_id are empty or if access to the forums has been denied afterwards...
1024	$link_pm = true;
1025	$insert_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=compose&d={$draft['draft_id']}" . (($pm_action) ? "&action=$pm_action" : '') . (($msg_id) ? "&p=$msg_id" : ''));
1026	}
1027
1028	$template->assign_block_vars('draftrow', array(
1029	'DRAFT_ID' => $draft['draft_id'],
1030	'DATE' => $user->format_date($draft['save_time']),
1031	'DRAFT_SUBJECT' => $draft['draft_subject'],
1032
1033	'TITLE' => $title,
1034	'U_VIEW' => $view_url,
1035	'U_INSERT' => $insert_url,
1036
1037	'S_LINK_PM' => $link_pm,
1038	'S_LINK_TOPIC' => $link_topic,
1039	'S_LINK_FORUM' => $link_forum)
1040	);
1041	}
1042	}
1043
1044	/**
1045	* Topic Review
1046	*/
1047	function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id = 0, $show_quote_button = true)
1048	{
1049	global $user, $auth, $db, $template;
1050	global $config, $phpbb_root_path, $phpEx, $phpbb_container, $phpbb_dispatcher;
1051
1052	/* @var $phpbb_content_visibility \phpbb\content_visibility */
1053	$phpbb_content_visibility = $phpbb_container->get('content.visibility');
1054	$sql_sort = ($mode == 'post_review') ? 'ASC' : 'DESC';
1055
1056	// Go ahead and pull all data for this topic
1057	$sql = 'SELECT p.post_id
1058	FROM ' . POSTS_TABLE . ' p' . "
1059	WHERE p.topic_id = $topic_id
1060	AND " . $phpbb_content_visibility->get_visibility_sql('post', $forum_id, 'p.') . '
1061	' . (($mode == 'post_review') ? " AND p.post_id > $cur_post_id" : '') . '
1062	' . (($mode == 'post_review_edit') ? " AND p.post_id = $cur_post_id" : '') . '
1063	ORDER BY p.post_time ' . $sql_sort . ', p.post_id ' . $sql_sort;
1064	$result = $db->sql_query_limit($sql, $config['posts_per_page']);
1065
1066	$post_list = array();
1067
1068	while ($row = $db->sql_fetchrow($result))
1069	{
1070	$post_list[] = $row['post_id'];
1071	}
1072
1073	$db->sql_freeresult($result);
1074
1075	if (!count($post_list))
1076	{
1077	return false;
1078	}
1079
1080	// Handle 'post_review_edit' like 'post_review' from now on
1081	if ($mode == 'post_review_edit')
1082	{
1083	$mode = 'post_review';
1084	}
1085
1086	$sql_ary = array(
1087	'SELECT' => 'u.username, u.user_id, u.user_colour, p.*, z.friend, z.foe, uu.username as post_delete_username, uu.user_colour as post_delete_user_colour',
1088
1089	'FROM' => array(
1090	USERS_TABLE => 'u',
1091	POSTS_TABLE => 'p',
1092	),
1093
1094	'LEFT_JOIN' => array(
1095	array(
1096	'FROM' => array(ZEBRA_TABLE => 'z'),
1097	'ON' => 'z.user_id = ' . $user->data['user_id'] . ' AND z.zebra_id = p.poster_id',
1098	),
1099	array(
1100	'FROM' => array(USERS_TABLE => 'uu'),
1101	'ON' => 'uu.user_id = p.post_delete_user',
1102	),
1103	),
1104
1105	'WHERE' => $db->sql_in_set('p.post_id', $post_list) . '
1106	AND u.user_id = p.poster_id',
1107	);
1108
1109	/**
1110	* Event to modify the SQL query for topic reviews
1111	*
1112	* @event core.topic_review_modify_sql_ary
1113	* @var int topic_id The topic ID that is being reviewed
1114	* @var int forum_id The topic's forum ID
1115	* @var string mode The topic review mode
1116	* @var int cur_post_id Post offset ID
1117	* @var bool show_quote_button Flag indicating if the quote button should be displayed
1118	* @var array post_list Array with the post IDs
1119	* @var array sql_ary Array with the SQL query
1120	* @since 3.2.8-RC1
1121	*/
1122	$vars = array(
1123	'topic_id',
1124	'forum_id',
1125	'mode',
1126	'cur_post_id',
1127	'show_quote_button',
1128	'post_list',
1129	'sql_ary',
1130	);
1131	extract($phpbb_dispatcher->trigger_event('core.topic_review_modify_sql_ary', compact($vars)));
1132
1133	$sql = $db->sql_build_query('SELECT', $sql_ary);
1134	$result = $db->sql_query($sql);
1135
1136	$rowset = array();
1137	$has_attachments = false;
1138	while ($row = $db->sql_fetchrow($result))
1139	{
1140	$rowset[$row['post_id']] = $row;
1141
1142	if ($row['post_attachment'])
1143	{
1144	$has_attachments = true;
1145	}
1146	}
1147	$db->sql_freeresult($result);
1148
1149	// Grab extensions
1150	$attachments = array();
1151	if ($has_attachments && $auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id))
1152	{
1153	// Get attachments...
1154	$sql = 'SELECT *
1155	FROM ' . ATTACHMENTS_TABLE . '
1156	WHERE ' . $db->sql_in_set('post_msg_id', $post_list) . '
1157	AND in_message = 0
1158	ORDER BY filetime DESC, post_msg_id ASC';
1159	$result = $db->sql_query($sql);
1160
1161	while ($row = $db->sql_fetchrow($result))
1162	{
1163	$attachments[$row['post_msg_id']][] = $row;
1164	}
1165	$db->sql_freeresult($result);
1166	}
1167
1168	/**
1169	* Event to modify the posts list for topic reviews
1170	*
1171	* @event core.topic_review_modify_post_list
1172	* @var array attachments Array with the post attachments data
1173	* @var int cur_post_id Post offset ID
1174	* @var int forum_id The topic's forum ID
1175	* @var string mode The topic review mode
1176	* @var array post_list Array with the post IDs
1177	* @var array rowset Array with the posts data
1178	* @var bool show_quote_button Flag indicating if the quote button should be displayed
1179	* @var int topic_id The topic ID that is being reviewed
1180	* @since 3.1.9-RC1
1181	*/
1182	$vars = array(
1183	'attachments',
1184	'cur_post_id',
1185	'forum_id',
1186	'mode',
1187	'post_list',
1188	'rowset',
1189	'show_quote_button',
1190	'topic_id',
1191	);
1192	extract($phpbb_dispatcher->trigger_event('core.topic_review_modify_post_list', compact($vars)));
1193
1194	for ($i = 0, $end = count($post_list); $i < $end; ++$i)
1195	{
1196	// A non-existing rowset only happens if there was no user present for the entered poster_id
1197	// This could be a broken posts table.
1198	if (!isset($rowset[$post_list[$i]]))
1199	{
1200	continue;
1201	}
1202
1203	$row = $rowset[$post_list[$i]];
1204
1205	$poster_id = $row['user_id'];
1206	$post_subject = $row['post_subject'];
1207
1208	$decoded_message = false;
1209
1210	if ($show_quote_button && $auth->acl_get('f_reply', $forum_id))
1211	{
1212	$decoded_message = censor_text($row['post_text']);
1213	decode_message($decoded_message, $row['bbcode_uid']);
1214
1215	$decoded_message = bbcode_nl2br($decoded_message);
1216	}
1217
1218	$parse_flags = ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0);
1219	$parse_flags \|= ($row['enable_smilies'] ? OPTION_FLAG_SMILIES : 0);
1220	$message = generate_text_for_display($row['post_text'], $row['bbcode_uid'], $row['bbcode_bitfield'], $parse_flags, true);
1221
1222	if (!empty($attachments[$row['post_id']]))
1223	{
1224	$update_count = array();
1225	parse_attachments($forum_id, $message, $attachments[$row['post_id']], $update_count);
1226	}
1227
1228	$post_subject = censor_text($post_subject);
1229
1230	$post_anchor = ($mode == 'post_review') ? 'ppr' . $row['post_id'] : 'pr' . $row['post_id'];
1231	$u_show_post = append_sid($phpbb_root_path . 'viewtopic.' . $phpEx, "t=$topic_id&p={$row['post_id']}&view=show#p{$row['post_id']}");
1232
1233	$l_deleted_message = '';
1234	if ($row['post_visibility'] == ITEM_DELETED)
1235	{
1236	$display_postername = get_username_string('full', $poster_id, $row['username'], $row['user_colour'], $row['post_username']);
1237
1238	// User having deleted the post also being the post author?
1239	if (!$row['post_delete_user'] \|\| $row['post_delete_user'] == $poster_id)
1240	{
1241	$display_username = $display_postername;
1242	}
1243	else
1244	{
1245	$display_username = get_username_string('full', $row['post_delete_user'], $row['post_delete_username'], $row['post_delete_user_colour']);
1246	}
1247
1248	if ($row['post_delete_reason'])
1249	{
1250	$l_deleted_message = $user->lang('POST_DELETED_BY_REASON', $display_postername, $display_username, $user->format_date($row['post_delete_time'], false, true), $row['post_delete_reason']);
1251	}
1252	else
1253	{
1254	$l_deleted_message = $user->lang('POST_DELETED_BY', $display_postername, $display_username, $user->format_date($row['post_delete_time'], false, true));
1255	}
1256	}
1257
1258	$post_row = array(
1259	'POST_AUTHOR_FULL' => get_username_string('full', $poster_id, $row['username'], $row['user_colour'], $row['post_username']),
1260	'POST_AUTHOR_COLOUR' => get_username_string('colour', $poster_id, $row['username'], $row['user_colour'], $row['post_username']),
1261	'POST_AUTHOR' => get_username_string('username', $poster_id, $row['username'], $row['user_colour'], $row['post_username']),
1262	'U_POST_AUTHOR' => get_username_string('profile', $poster_id, $row['username'], $row['user_colour'], $row['post_username']),
1263
1264	'S_HAS_ATTACHMENTS' => !empty($attachments[$row['post_id']]),
1265	'S_FRIEND' => (bool) $row['friend'],
1266	'S_IGNORE_POST' => (bool) $row['foe'],
1267	'L_IGNORE_POST' => $row['foe'] ? $user->lang('POST_BY_FOE', get_username_string('full', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), "<a href=\"{$u_show_post}\" onclick=\"phpbb.toggleDisplay('{$post_anchor}', 1); return false;\">", '</a>') : '',
1268	'S_POST_DELETED' => $row['post_visibility'] == ITEM_DELETED,
1269	'L_DELETE_POST' => $l_deleted_message,
1270
1271	'POST_SUBJECT' => $post_subject,
1272	'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['POST']),
1273	'POST_DATE' => $user->format_date($row['post_time']),
1274	'MESSAGE' => $message,
1275	'DECODED_MESSAGE' => $decoded_message,
1276	'POST_ID' => $row['post_id'],
1277	'POST_TIME' => $row['post_time'],
1278	'USER_ID' => $row['user_id'],
1279	'U_MINI_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $row['post_id']) . '#p' . $row['post_id'],
1280	'U_MCP_DETAILS' => ($auth->acl_get('m_info', $forum_id)) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&mode=post_details&p=' . $row['post_id']) : '',
1281	'POSTER_QUOTE' => ($show_quote_button && $auth->acl_get('f_reply', $forum_id)) ? addslashes(get_username_string('username', $poster_id, $row['username'], $row['user_colour'], $row['post_username'])) : '',
1282	);
1283
1284	$current_row_number = $i;
1285
1286	/**
1287	* Event to modify the template data block for topic reviews
1288	*
1289	* @event core.topic_review_modify_row
1290	* @var string mode The review mode
1291	* @var int topic_id The topic that is being reviewed
1292	* @var int forum_id The topic's forum
1293	* @var int cur_post_id Post offset id
1294	* @var int current_row_number Number of the current row being iterated
1295	* @var array post_row Template block array of the current post
1296	* @var array row Array with original post and user data
1297	* @since 3.1.4-RC1
1298	*/
1299	$vars = array(
1300	'mode',
1301	'topic_id',
1302	'forum_id',
1303	'cur_post_id',
1304	'current_row_number',
1305	'post_row',
1306	'row',
1307	);
1308	extract($phpbb_dispatcher->trigger_event('core.topic_review_modify_row', compact($vars)));
1309
1310	$template->assign_block_vars($mode . '_row', $post_row);
1311
1312	// Display not already displayed Attachments for this post, we already parsed them. ;)
1313	if (!empty($attachments[$row['post_id']]))
1314	{
1315	foreach ($attachments[$row['post_id']] as $attachment)
1316	{
1317	$template->assign_block_vars($mode . '_row.attachment', array(
1318	'DISPLAY_ATTACHMENT' => $attachment)
1319	);
1320	}
1321	}
1322
1323	unset($rowset[$post_list[$i]]);
1324	}
1325
1326	if ($mode == 'topic_review')
1327	{
1328	$template->assign_var('QUOTE_IMG', $user->img('icon_post_quote', $user->lang['REPLY_WITH_QUOTE']));
1329	}
1330
1331	return true;
1332	}
1333
1334	//
1335	// Post handling functions
1336	//
1337
1338	/**
1339	* Delete Post
1340	*/
1341	function delete_post($forum_id, $topic_id, $post_id, &$data, $is_soft = false, $softdelete_reason = '')
1342	{
1343	global $db, $user, $phpbb_container, $phpbb_dispatcher;
1344	global $config, $phpEx, $phpbb_root_path;
1345
1346	// Specify our post mode
1347	$post_mode = 'delete';
1348	if (($data['topic_first_post_id'] === $data['topic_last_post_id']) && ($data['topic_posts_approved'] + $data['topic_posts_unapproved'] + $data['topic_posts_softdeleted'] == 1))
1349	{
1350	$post_mode = 'delete_topic';
1351	}
1352	else if ($data['topic_first_post_id'] == $post_id)
1353	{
1354	$post_mode = 'delete_first_post';
1355	}
1356	else if ($data['topic_last_post_id'] <= $post_id)
1357	{
1358	$post_mode = 'delete_last_post';
1359	}
1360	$sql_data = array();
1361	$next_post_id = false;
1362
1363	include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
1364
1365	$db->sql_transaction('begin');
1366
1367	// we must make sure to update forums that contain the shadow'd topic
1368	if ($post_mode == 'delete_topic')
1369	{
1370	$shadow_forum_ids = array();
1371
1372	$sql = 'SELECT forum_id
1373	FROM ' . TOPICS_TABLE . '
1374	WHERE ' . $db->sql_in_set('topic_moved_id', $topic_id);
1375	$result = $db->sql_query($sql);
1376	while ($row = $db->sql_fetchrow($result))
1377	{
1378	if (!isset($shadow_forum_ids[(int) $row['forum_id']]))
1379	{
1380	$shadow_forum_ids[(int) $row['forum_id']] = 1;
1381	}
1382	else
1383	{
1384	$shadow_forum_ids[(int) $row['forum_id']]++;
1385	}
1386	}
1387	$db->sql_freeresult($result);
1388	}
1389
1390	/* @var $phpbb_content_visibility \phpbb\content_visibility */
1391	$phpbb_content_visibility = $phpbb_container->get('content.visibility');
1392
1393	// (Soft) delete the post
1394	if ($is_soft && ($post_mode != 'delete_topic'))
1395	{
1396	$phpbb_content_visibility->set_post_visibility(ITEM_DELETED, $post_id, $topic_id, $forum_id, $user->data['user_id'], time(), $softdelete_reason, ($data['topic_first_post_id'] == $post_id), ($data['topic_last_post_id'] == $post_id));
1397	}
1398	else if (!$is_soft)
1399	{
1400	if (!delete_posts('post_id', array($post_id), false, false, false))
1401	{
1402	// Try to delete topic, we may had an previous error causing inconsistency
1403	if ($post_mode == 'delete_topic')
1404	{
1405	delete_topics('topic_id', array($topic_id), false);
1406	}
1407	trigger_error('ALREADY_DELETED');
1408	}
1409	}
1410
1411	$db->sql_transaction('commit');
1412
1413	// Collect the necessary information for updating the tables
1414	$sql_data[FORUMS_TABLE] = $sql_data[TOPICS_TABLE] = '';
1415	switch ($post_mode)
1416	{
1417	case 'delete_topic':
1418
1419	foreach ($shadow_forum_ids as $updated_forum => $topic_count)
1420	{
1421	// counting is fun! we only have to do count($forum_ids) number of queries,
1422	// even if the topic is moved back to where its shadow lives (we count how many times it is in a forum)
1423	$sql = 'UPDATE ' . FORUMS_TABLE . '
1424	SET forum_topics_approved = forum_topics_approved - ' . $topic_count . '
1425	WHERE forum_id = ' . $updated_forum;
1426	$db->sql_query($sql);
1427	update_post_information('forum', $updated_forum);
1428	}
1429
1430	if ($is_soft)
1431	{
1432	$phpbb_content_visibility->set_topic_visibility(ITEM_DELETED, $topic_id, $forum_id, $user->data['user_id'], time(), $softdelete_reason);
1433	}
1434	else
1435	{
1436	delete_topics('topic_id', array($topic_id), false);
1437
1438	$phpbb_content_visibility->remove_topic_from_statistic($data, $sql_data);
1439	$config->increment('num_posts', -1, false);
1440
1441	$update_sql = update_post_information('forum', $forum_id, true);
1442	if (count($update_sql))
1443	{
1444	$sql_data[FORUMS_TABLE] .= ($sql_data[FORUMS_TABLE]) ? ', ' : '';
1445	$sql_data[FORUMS_TABLE] .= implode(', ', $update_sql[$forum_id]);
1446	}
1447	}
1448
1449	break;
1450
1451	case 'delete_first_post':
1452	$sql = 'SELECT p.post_id, p.poster_id, p.post_time, p.post_username, u.username, u.user_colour
1453	FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u
1454	WHERE p.topic_id = $topic_id
1455	AND p.poster_id = u.user_id
1456	AND p.post_visibility = " . ITEM_APPROVED . '
1457	ORDER BY p.post_time ASC, p.post_id ASC';
1458	$result = $db->sql_query_limit($sql, 1);
1459	$row = $db->sql_fetchrow($result);
1460	$db->sql_freeresult($result);
1461
1462	if (!$row)
1463	{
1464	// No approved post, so the first is a not-approved post (unapproved or soft deleted)
1465	$sql = 'SELECT p.post_id, p.poster_id, p.post_time, p.post_username, u.username, u.user_colour
1466	FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u
1467	WHERE p.topic_id = $topic_id
1468	AND p.poster_id = u.user_id
1469	ORDER BY p.post_time ASC, p.post_id ASC";
1470	$result = $db->sql_query_limit($sql, 1);
1471	$row = $db->sql_fetchrow($result);
1472	$db->sql_freeresult($result);
1473	}
1474
1475	$next_post_id = (int) $row['post_id'];
1476
1477	$sql_data[TOPICS_TABLE] = $db->sql_build_array('UPDATE', array(
1478	'topic_poster' => (int) $row['poster_id'],
1479	'topic_first_post_id' => (int) $row['post_id'],
1480	'topic_first_poster_colour' => $row['user_colour'],
1481	'topic_first_poster_name' => ($row['poster_id'] == ANONYMOUS) ? $row['post_username'] : $row['username'],
1482	'topic_time' => (int) $row['post_time'],
1483	));
1484	break;
1485
1486	case 'delete_last_post':
1487	if (!$is_soft)
1488	{
1489	// Update last post information when hard deleting. Soft delete already did that by itself.
1490	$update_sql = update_post_information('forum', $forum_id, true);
1491	if (count($update_sql))
1492	{
1493	$sql_data[FORUMS_TABLE] = (($sql_data[FORUMS_TABLE]) ? $sql_data[FORUMS_TABLE] . ', ' : '') . implode(', ', $update_sql[$forum_id]);
1494	}
1495
1496	$sql_data[TOPICS_TABLE] = (($sql_data[TOPICS_TABLE]) ? $sql_data[TOPICS_TABLE] . ', ' : '') . 'topic_bumped = 0, topic_bumper = 0';
1497
1498	$update_sql = update_post_information('topic', $topic_id, true);
1499	if (!empty($update_sql))
1500	{
1501	$sql_data[TOPICS_TABLE] .= ', ' . implode(', ', $update_sql[$topic_id]);
1502	$next_post_id = (int) str_replace('topic_last_post_id = ', '', $update_sql[$topic_id][0]);
1503	}
1504	}
1505
1506	if (!$next_post_id)
1507	{
1508	$sql = 'SELECT MAX(post_id) as last_post_id
1509	FROM ' . POSTS_TABLE . "
1510	WHERE topic_id = $topic_id
1511	AND " . $phpbb_content_visibility->get_visibility_sql('post', $forum_id);
1512	$result = $db->sql_query($sql);
1513	$next_post_id = (int) $db->sql_fetchfield('last_post_id');
1514	$db->sql_freeresult($result);
1515	}
1516	break;
1517
1518	case 'delete':
1519	$sql = 'SELECT post_id
1520	FROM ' . POSTS_TABLE . "
1521	WHERE topic_id = $topic_id
1522	AND " . $phpbb_content_visibility->get_visibility_sql('post', $forum_id) . '
1523	AND post_time > ' . $data['post_time'] . '
1524	ORDER BY post_time ASC, post_id ASC';
1525	$result = $db->sql_query_limit($sql, 1);
1526	$next_post_id = (int) $db->sql_fetchfield('post_id');
1527	$db->sql_freeresult($result);
1528	break;
1529	}
1530
1531	if (($post_mode == 'delete') \|\| ($post_mode == 'delete_last_post') \|\| ($post_mode == 'delete_first_post'))
1532	{
1533	if (!$is_soft)
1534	{
1535	$phpbb_content_visibility->remove_post_from_statistic($data, $sql_data);
1536	}
1537
1538	$sql = 'SELECT 1 AS has_attachments
1539	FROM ' . ATTACHMENTS_TABLE . '
1540	WHERE topic_id = ' . $topic_id;
1541	$result = $db->sql_query_limit($sql, 1);
1542	$has_attachments = (int) $db->sql_fetchfield('has_attachments');
1543	$db->sql_freeresult($result);
1544
1545	if (!$has_attachments)
1546	{
1547	$sql_data[TOPICS_TABLE] = (($sql_data[TOPICS_TABLE]) ? $sql_data[TOPICS_TABLE] . ', ' : '') . 'topic_attachment = 0';
1548	}
1549	}
1550
1551	$db->sql_transaction('begin');
1552
1553	$where_sql = array(
1554	FORUMS_TABLE => "forum_id = $forum_id",
1555	TOPICS_TABLE => "topic_id = $topic_id",
1556	USERS_TABLE => 'user_id = ' . $data['poster_id'],
1557	);
1558
1559	foreach ($sql_data as $table => $update_sql)
1560	{
1561	if ($update_sql)
1562	{
1563	$db->sql_query("UPDATE $table SET $update_sql WHERE " . $where_sql[$table]);
1564	}
1565	}
1566
1567	// Adjust posted info for this user by looking for a post by him/her within this topic...
1568	if ($post_mode != 'delete_topic' && $config['load_db_track'] && $data['poster_id'] != ANONYMOUS)
1569	{
1570	$sql = 'SELECT poster_id
1571	FROM ' . POSTS_TABLE . '
1572	WHERE topic_id = ' . $topic_id . '
1573	AND poster_id = ' . $data['poster_id'];
1574	$result = $db->sql_query_limit($sql, 1);
1575	$poster_id = (int) $db->sql_fetchfield('poster_id');
1576	$db->sql_freeresult($result);
1577
1578	// The user is not having any more posts within this topic
1579	if (!$poster_id)
1580	{
1581	$sql = 'DELETE FROM ' . TOPICS_POSTED_TABLE . '
1582	WHERE topic_id = ' . $topic_id . '
1583	AND user_id = ' . $data['poster_id'];
1584	$db->sql_query($sql);
1585	}
1586	}
1587
1588	$db->sql_transaction('commit');
1589
1590	if ($data['post_reported'] && ($post_mode != 'delete_topic'))
1591	{
1592	sync('topic_reported', 'topic_id', array($topic_id));
1593	}
1594
1595	/**
1596	* This event is used for performing actions directly after a post or topic
1597	* has been deleted.
1598	*
1599	* @event core.delete_post_after
1600	* @var int forum_id Post forum ID
1601	* @var int topic_id Post topic ID
1602	* @var int post_id Post ID
1603	* @var array data Post data
1604	* @var bool is_soft Soft delete flag
1605	* @var string softdelete_reason Soft delete reason
1606	* @var string post_mode delete_topic, delete_first_post, delete_last_post or delete
1607	* @var mixed next_post_id Next post ID in the topic (post ID or false)
1608	*
1609	* @since 3.1.11-RC1
1610	*/
1611	$vars = array(
1612	'forum_id',
1613	'topic_id',
1614	'post_id',
1615	'data',
1616	'is_soft',
1617	'softdelete_reason',
1618	'post_mode',
1619	'next_post_id',
1620	);
1621	extract($phpbb_dispatcher->trigger_event('core.delete_post_after', compact($vars)));
1622
1623	return $next_post_id;
1624	}
1625
1626	/**
1627	* Submit Post
1628	* @todo Split up and create lightweight, simple API for this.
1629	*/
1630	function submit_post($mode, $subject, $username, $topic_type, &$poll_ary, &$data_ary, $update_message = true, $update_search_index = true)
1631	{
1632	global $db, $auth, $user, $config, $phpEx, $phpbb_root_path, $phpbb_container, $phpbb_dispatcher, $phpbb_log, $request;
1633
1634	$attachment_storage = $phpbb_container->get('storage.attachment');
1635
1636	$poll = $poll_ary;
1637	$data = $data_ary;
1638	/**
1639	* Modify the data for post submitting
1640	*
1641	* @event core.modify_submit_post_data
1642	* @var string mode Variable containing posting mode value
1643	* @var string subject Variable containing post subject value
1644	* @var string username Variable containing post author name
1645	* @var int topic_type Variable containing topic type value
1646	* @var array poll Array with the poll data for the post
1647	* @var array data Array with the data for the post
1648	* @var bool update_message Flag indicating if the post will be updated
1649	* @var bool update_search_index Flag indicating if the search index will be updated
1650	* @since 3.1.0-a4
1651	*/
1652	$vars = array(
1653	'mode',
1654	'subject',
1655	'username',
1656	'topic_type',
1657	'poll',
1658	'data',
1659	'update_message',
1660	'update_search_index',
1661	);
1662	extract($phpbb_dispatcher->trigger_event('core.modify_submit_post_data', compact($vars)));
1663	$poll_ary = $poll;
1664	$data_ary = $data;
1665	unset($poll);
1666	unset($data);
1667
1668	// We do not handle erasing posts here
1669	if ($mode == 'delete')
1670	{
1671	return false;
1672	}
1673
1674	if (!empty($data_ary['post_time']))
1675	{
1676	$current_time = $data_ary['post_time'];
1677	}
1678	else
1679	{
1680	$current_time = time();
1681	}
1682
1683	if ($mode == 'post')
1684	{
1685	$post_mode = 'post';
1686	$update_message = true;
1687	}
1688	else if ($mode != 'edit')
1689	{
1690	$post_mode = 'reply';
1691	$update_message = true;
1692	}
1693	else if ($mode == 'edit')
1694	{
1695	$post_mode = ($data_ary['topic_posts_approved'] + $data_ary['topic_posts_unapproved'] + $data_ary['topic_posts_softdeleted'] == 1) ? 'edit_topic' : (($data_ary['topic_first_post_id'] == $data_ary['post_id']) ? 'edit_first_post' : (($data_ary['topic_last_post_id'] == $data_ary['post_id']) ? 'edit_last_post' : 'edit'));
1696	}
1697
1698	// First of all make sure the subject and topic title are having the correct length.
1699	// To achieve this without cutting off between special chars we convert to an array and then count the elements.
1700	$subject = truncate_string($subject, 120);
1701	$data_ary['topic_title'] = truncate_string($data_ary['topic_title'], 120);
1702
1703	// Collect some basic information about which tables and which rows to update/insert
1704	$sql_data = array();
1705	$poster_id = ($mode == 'edit') ? (int) $data_ary['poster_id'] : (int) $user->data['user_id'];
1706
1707	// Retrieve some additional information if not present
1708	if ($mode == 'edit' && (!isset($data_ary['post_visibility']) \|\| !isset($data_ary['topic_visibility']) \|\| $data_ary['post_visibility'] === false \|\| $data_ary['topic_visibility'] === false))
1709	{
1710	$sql = 'SELECT p.post_visibility, t.topic_type, t.topic_posts_approved, t.topic_posts_unapproved, t.topic_posts_softdeleted, t.topic_visibility
1711	FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p
1712	WHERE t.topic_id = p.topic_id
1713	AND p.post_id = ' . $data_ary['post_id'];
1714	$result = $db->sql_query($sql);
1715	$topic_row = $db->sql_fetchrow($result);
1716	$db->sql_freeresult($result);
1717
1718	$data_ary['topic_visibility'] = $topic_row['topic_visibility'];
1719	$data_ary['post_visibility'] = $topic_row['post_visibility'];
1720	}
1721
1722	// This variable indicates if the user is able to post or put into the queue
1723	$post_visibility = ITEM_APPROVED;
1724
1725	// Check the permissions for post approval.
1726	// Moderators must go through post approval like ordinary users.
1727	if (!$auth->acl_get('f_noapprove', $data_ary['forum_id']))
1728	{
1729	// Post not approved, but in queue
1730	$post_visibility = ITEM_UNAPPROVED;
1731	switch ($post_mode)
1732	{
1733	case 'edit_first_post':
1734	case 'edit':
1735	case 'edit_last_post':
1736	case 'edit_topic':
1737	$post_visibility = ITEM_REAPPROVE;
1738	break;
1739	}
1740	}
1741	else if (isset($data_ary['post_visibility']) && $data_ary['post_visibility'] !== false)
1742	{
1743	$post_visibility = $data_ary['post_visibility'];
1744	}
1745
1746	// MODs/Extensions are able to force any visibility on posts
1747	if (isset($data_ary['force_approved_state']))
1748	{
1749	$post_visibility = (in_array((int) $data_ary['force_approved_state'], array(ITEM_APPROVED, ITEM_UNAPPROVED, ITEM_DELETED, ITEM_REAPPROVE))) ? (int) $data_ary['force_approved_state'] : $post_visibility;
1750	}
1751	if (isset($data_ary['force_visibility']))
1752	{
1753	$post_visibility = (in_array((int) $data_ary['force_visibility'], array(ITEM_APPROVED, ITEM_UNAPPROVED, ITEM_DELETED, ITEM_REAPPROVE))) ? (int) $data_ary['force_visibility'] : $post_visibility;
1754	}
1755
1756	// Start the transaction here
1757	$db->sql_transaction('begin');
1758
1759	// Collect Information
1760	switch ($post_mode)
1761	{
1762	case 'post':
1763	case 'reply':
1764	$sql_data[POSTS_TABLE]['sql'] = array(
1765	'forum_id' => $data_ary['forum_id'],
1766	'poster_id' => (int) $user->data['user_id'],
1767	'icon_id' => $data_ary['icon_id'],
1768	'poster_ip' => $user->ip,
1769	'post_time' => $current_time,
1770	'post_visibility' => $post_visibility,
1771	'enable_bbcode' => $data_ary['enable_bbcode'],
1772	'enable_smilies' => $data_ary['enable_smilies'],
1773	'enable_magic_url' => $data_ary['enable_urls'],
1774	'enable_sig' => $data_ary['enable_sig'],
1775	'post_username' => (!$user->data['is_registered']) ? $username : '',
1776	'post_subject' => $subject,
1777	'post_text' => $data_ary['message'],
1778	'post_checksum' => $data_ary['message_md5'],
1779	'post_attachment' => (!empty($data_ary['attachment_data'])) ? 1 : 0,
1780	'bbcode_bitfield' => $data_ary['bbcode_bitfield'],
1781	'bbcode_uid' => $data_ary['bbcode_uid'],
1782	'post_postcount' => ($auth->acl_get('f_postcount', $data_ary['forum_id'])) ? 1 : 0,
1783	'post_edit_locked' => $data_ary['post_edit_locked']
1784	);
1785	break;
1786
1787	case 'edit_first_post':
1788	case 'edit':
1789
1790	case 'edit_last_post':
1791	case 'edit_topic':
1792
1793	// If edit reason is given always display edit info
1794
1795	// If editing last post then display no edit info
1796	// If m_edit permission then display no edit info
1797	// If normal edit display edit info
1798
1799	// Display edit info if edit reason given or user is editing his post, which is not the last within the topic.
1800	if ($data_ary['post_edit_reason'] \|\| (!$auth->acl_get('m_edit', $data_ary['forum_id']) && ($post_mode == 'edit' \|\| $post_mode == 'edit_first_post')))
1801	{
1802	$data_ary['post_edit_reason'] = truncate_string($data_ary['post_edit_reason'], 255, 255, false);
1803
1804	$sql_data[POSTS_TABLE]['sql'] = array(
1805	'post_edit_time' => $current_time,
1806	'post_edit_reason' => $data_ary['post_edit_reason'],
1807	'post_edit_user' => (int) $data_ary['post_edit_user'],
1808	);
1809
1810	$sql_data[POSTS_TABLE]['stat'][] = 'post_edit_count = post_edit_count + 1';
1811	}
1812	else if (!$data_ary['post_edit_reason'] && $mode == 'edit' && $auth->acl_get('m_edit', $data_ary['forum_id']))
1813	{
1814	$sql_data[POSTS_TABLE]['sql'] = array(
1815	'post_edit_reason' => '',
1816	);
1817	}
1818
1819	// If the person editing this post is different to the one having posted then we will add a log entry stating the edit
1820	// Could be simplified by only adding to the log if the edit is not tracked - but this may confuse admins/mods
1821	if ($user->data['user_id'] != $poster_id)
1822	{
1823	$log_subject = ($subject) ? $subject : $data_ary['topic_title'];
1824	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_POST_EDITED', false, array(
1825	'forum_id' => $data_ary['forum_id'],
1826	'topic_id' => $data_ary['topic_id'],
1827	'post_id' => $data_ary['post_id'],
1828	$log_subject,
1829	(!empty($username)) ? $username : $user->lang['GUEST'],
1830	$data_ary['post_edit_reason']
1831	));
1832	}
1833
1834	if (!isset($sql_data[POSTS_TABLE]['sql']))
1835	{
1836	$sql_data[POSTS_TABLE]['sql'] = array();
1837	}
1838
1839	$sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array(
1840	'forum_id' => $data_ary['forum_id'],
1841	'poster_id' => $data_ary['poster_id'],
1842	'icon_id' => $data_ary['icon_id'],
1843	// We will change the visibility later
1844	//'post_visibility' => $post_visibility,
1845	'enable_bbcode' => $data_ary['enable_bbcode'],
1846	'enable_smilies' => $data_ary['enable_smilies'],
1847	'enable_magic_url' => $data_ary['enable_urls'],
1848	'enable_sig' => $data_ary['enable_sig'],
1849	'post_username' => ($username && $data_ary['poster_id'] == ANONYMOUS) ? $username : '',
1850	'post_subject' => $subject,
1851	'post_checksum' => $data_ary['message_md5'],
1852	'post_attachment' => (!empty($data_ary['attachment_data'])) ? 1 : 0,
1853	'bbcode_bitfield' => $data_ary['bbcode_bitfield'],
1854	'bbcode_uid' => $data_ary['bbcode_uid'],
1855	'post_edit_locked' => $data_ary['post_edit_locked'])
1856	);
1857
1858	if ($update_message)
1859	{
1860	$sql_data[POSTS_TABLE]['sql']['post_text'] = $data_ary['message'];
1861	}
1862
1863	break;
1864	}
1865
1866	// And the topic ladies and gentlemen
1867	switch ($post_mode)
1868	{
1869	case 'post':
1870	$sql_data[TOPICS_TABLE]['sql'] = array(
1871	'topic_poster' => (int) $user->data['user_id'],
1872	'topic_time' => $current_time,
1873	'topic_last_view_time' => $current_time,
1874	'forum_id' => $data_ary['forum_id'],
1875	'icon_id' => $data_ary['icon_id'],
1876	'topic_posts_approved' => ($post_visibility == ITEM_APPROVED) ? 1 : 0,
1877	'topic_posts_softdeleted' => ($post_visibility == ITEM_DELETED) ? 1 : 0,
1878	'topic_posts_unapproved' => ($post_visibility == ITEM_UNAPPROVED) ? 1 : 0,
1879	'topic_visibility' => $post_visibility,
1880	'topic_delete_user' => ($post_visibility != ITEM_APPROVED) ? (int) $user->data['user_id'] : 0,
1881	'topic_title' => $subject,
1882	'topic_first_poster_name' => (!$user->data['is_registered'] && $username) ? $username : (($user->data['user_id'] != ANONYMOUS) ? $user->data['username'] : ''),
1883	'topic_first_poster_colour' => $user->data['user_colour'],
1884	'topic_type' => $topic_type,
1885	'topic_time_limit' => $topic_type != POST_NORMAL ? ($data_ary['topic_time_limit'] * 86400) : 0,
1886	'topic_attachment' => (!empty($data_ary['attachment_data'])) ? 1 : 0,
1887	'topic_status' => (isset($data_ary['topic_status'])) ? $data_ary['topic_status'] : ITEM_UNLOCKED,
1888	);
1889
1890	if (isset($poll_ary['poll_options']) && !empty($poll_ary['poll_options']))
1891	{
1892	$poll_start = ($poll_ary['poll_start']) ? $poll_ary['poll_start'] : $current_time;
1893	$poll_length = $poll_ary['poll_length'] * 86400;
1894	if ($poll_length < 0)
1895	{
1896	$poll_start = $poll_start + $poll_length;
1897	if ($poll_start < 0)
1898	{
1899	$poll_start = 0;
1900	}
1901	$poll_length = 1;
1902	}
1903
1904	$sql_data[TOPICS_TABLE]['sql'] = array_merge($sql_data[TOPICS_TABLE]['sql'], array(
1905	'poll_title' => $poll_ary['poll_title'],
1906	'poll_start' => $poll_start,
1907	'poll_max_options' => $poll_ary['poll_max_options'],
1908	'poll_length' => $poll_length,
1909	'poll_vote_change' => $poll_ary['poll_vote_change'])
1910	);
1911	}
1912
1913	$sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = $current_time" . (($auth->acl_get('f_postcount', $data_ary['forum_id']) && $post_visibility == ITEM_APPROVED) ? ', user_posts = user_posts + 1' : '');
1914
1915	if ($post_visibility == ITEM_APPROVED)
1916	{
1917	$sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_approved = forum_topics_approved + 1';
1918	$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_approved = forum_posts_approved + 1';
1919	}
1920	else if ($post_visibility == ITEM_UNAPPROVED)
1921	{
1922	$sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_unapproved = forum_topics_unapproved + 1';
1923	$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_unapproved = forum_posts_unapproved + 1';
1924	}
1925	else if ($post_visibility == ITEM_DELETED)
1926	{
1927	$sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_softdeleted = forum_topics_softdeleted + 1';
1928	$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_softdeleted = forum_posts_softdeleted + 1';
1929	}
1930	break;
1931
1932	case 'reply':
1933	$sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_view_time = ' . $current_time . ',
1934	topic_bumped = 0,
1935	topic_bumper = 0' .
1936	(($post_visibility == ITEM_APPROVED) ? ', topic_posts_approved = topic_posts_approved + 1' : '') .
1937	(($post_visibility == ITEM_UNAPPROVED) ? ', topic_posts_unapproved = topic_posts_unapproved + 1' : '') .
1938	(($post_visibility == ITEM_DELETED) ? ', topic_posts_softdeleted = topic_posts_softdeleted + 1' : '') .
1939	((!empty($data_ary['attachment_data']) \|\| (isset($data_ary['topic_attachment']) && $data_ary['topic_attachment'])) ? ', topic_attachment = 1' : '');
1940
1941	$sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = $current_time" . (($auth->acl_get('f_postcount', $data_ary['forum_id']) && $post_visibility == ITEM_APPROVED) ? ', user_posts = user_posts + 1' : '');
1942
1943	if ($post_visibility == ITEM_APPROVED)
1944	{
1945	$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_approved = forum_posts_approved + 1';
1946	}
1947	else if ($post_visibility == ITEM_UNAPPROVED)
1948	{
1949	$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_unapproved = forum_posts_unapproved + 1';
1950	}
1951	else if ($post_visibility == ITEM_DELETED)
1952	{
1953	$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_softdeleted = forum_posts_softdeleted + 1';
1954	}
1955	break;
1956
1957	case 'edit_topic':
1958	case 'edit_first_post':
1959	if (isset($poll_ary['poll_options']))
1960	{
1961	$poll_start = ($poll_ary['poll_start'] \|\| empty($poll_ary['poll_options'])) ? $poll_ary['poll_start'] : $current_time;
1962	$poll_length = $poll_ary['poll_length'] * 86400;
1963	if ($poll_length < 0)
1964	{
1965	$poll_start = $poll_start + $poll_length;
1966	if ($poll_start < 0)
1967	{
1968	$poll_start = 0;
1969	}
1970	$poll_length = 1;
1971	}
1972	}
1973
1974	$sql_data[TOPICS_TABLE]['sql'] = array(
1975	'forum_id' => $data_ary['forum_id'],
1976	'icon_id' => $data_ary['icon_id'],
1977	'topic_title' => $subject,
1978	'topic_first_poster_name' => $username,
1979	'topic_type' => $topic_type,
1980	'topic_time_limit' => $topic_type != POST_NORMAL ? ($data_ary['topic_time_limit'] * 86400) : 0,
1981	'poll_title' => (isset($poll_ary['poll_options'])) ? $poll_ary['poll_title'] : '',
1982	'poll_start' => (isset($poll_ary['poll_options'])) ? $poll_start : 0,
1983	'poll_max_options' => (isset($poll_ary['poll_options'])) ? $poll_ary['poll_max_options'] : 1,
1984	'poll_length' => (isset($poll_ary['poll_options'])) ? $poll_length : 0,
1985	'poll_vote_change' => (isset($poll_ary['poll_vote_change'])) ? $poll_ary['poll_vote_change'] : 0,
1986	'topic_last_view_time' => $current_time,
1987
1988	'topic_attachment' => (!empty($data_ary['attachment_data'])) ? 1 : (isset($data_ary['topic_attachment']) ? $data_ary['topic_attachment'] : 0),
1989	);
1990
1991	break;
1992	}
1993
1994	$poll = $poll_ary;
1995	$data = $data_ary;
1996	/**
1997	* Modify sql query data for post submitting
1998	*
1999	* @event core.submit_post_modify_sql_data
2000	* @var array data Array with the data for the post
2001	* @var array poll Array with the poll data for the post
2002	* @var string post_mode Variable containing posting mode value
2003	* @var bool sql_data Array with the data for the posting SQL query
2004	* @var string subject Variable containing post subject value
2005	* @var int topic_type Variable containing topic type value
2006	* @var string username Variable containing post author name
2007	* @since 3.1.3-RC1
2008	*/
2009	$vars = array(
2010	'data',
2011	'poll',
2012	'post_mode',
2013	'sql_data',
2014	'subject',
2015	'topic_type',
2016	'username',
2017	);
2018	extract($phpbb_dispatcher->trigger_event('core.submit_post_modify_sql_data', compact($vars)));
2019	$poll_ary = $poll;
2020	$data_ary = $data;
2021	unset($poll);
2022	unset($data);
2023
2024	// Submit new topic
2025	if ($post_mode == 'post')
2026	{
2027	$sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' .
2028	$db->sql_build_array('INSERT', $sql_data[TOPICS_TABLE]['sql']);
2029	$db->sql_query($sql);
2030
2031	$data_ary['topic_id'] = $db->sql_nextid();
2032
2033	$sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array(
2034	'topic_id' => $data_ary['topic_id'])
2035	);
2036	unset($sql_data[TOPICS_TABLE]['sql']);
2037	}
2038
2039	// Submit new post
2040	if ($post_mode == 'post' \|\| $post_mode == 'reply')
2041	{
2042	if ($post_mode == 'reply')
2043	{
2044	$sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array(
2045	'topic_id' => $data_ary['topic_id'],
2046	));
2047	}
2048
2049	$sql = 'INSERT INTO ' . POSTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_data[POSTS_TABLE]['sql']);
2050	$db->sql_query($sql);
2051	$data_ary['post_id'] = $db->sql_nextid();
2052
2053	if ($post_mode == 'post' \|\| $post_visibility == ITEM_APPROVED)
2054	{
2055	$sql_data[TOPICS_TABLE]['sql'] = array(
2056	'topic_last_post_id' => $data_ary['post_id'],
2057	'topic_last_post_time' => $current_time,
2058	'topic_last_poster_id' => $sql_data[POSTS_TABLE]['sql']['poster_id'],
2059	'topic_last_poster_name' => ($user->data['user_id'] == ANONYMOUS) ? $sql_data[POSTS_TABLE]['sql']['post_username'] : $user->data['username'],
2060	'topic_last_poster_colour' => $user->data['user_colour'],
2061	'topic_last_post_subject' => (string) $subject,
2062	);
2063	}
2064
2065	if ($post_mode == 'post')
2066	{
2067	$sql_data[TOPICS_TABLE]['sql']['topic_first_post_id'] = $data_ary['post_id'];
2068	}
2069
2070	// Update total post count and forum information
2071	if ($post_visibility == ITEM_APPROVED)
2072	{
2073	if ($post_mode == 'post')
2074	{
2075	$config->increment('num_topics', 1, false);
2076	}
2077	$config->increment('num_posts', 1, false);
2078
2079	$sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = ' . $data_ary['post_id'];
2080	$sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($subject) . "'";
2081	$sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = ' . $current_time;
2082	$sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = ' . (int) $user->data['user_id'];
2083	$sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape((!$user->data['is_registered'] && $username) ? $username : (($user->data['user_id'] != ANONYMOUS) ? $user->data['username'] : '')) . "'";
2084	$sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = '" . $db->sql_escape($user->data['user_colour']) . "'";
2085	}
2086
2087	unset($sql_data[POSTS_TABLE]['sql']);
2088	}
2089
2090	// Update the topics table
2091	if (isset($sql_data[TOPICS_TABLE]['sql']))
2092	{
2093	$sql = 'UPDATE ' . TOPICS_TABLE . '
2094	SET ' . $db->sql_build_array('UPDATE', $sql_data[TOPICS_TABLE]['sql']) . '
2095	WHERE topic_id = ' . $data_ary['topic_id'];
2096	$db->sql_query($sql);
2097
2098	unset($sql_data[TOPICS_TABLE]['sql']);
2099	}
2100
2101	// Update the posts table
2102	if (isset($sql_data[POSTS_TABLE]['sql']))
2103	{
2104	$sql = 'UPDATE ' . POSTS_TABLE . '
2105	SET ' . $db->sql_build_array('UPDATE', $sql_data[POSTS_TABLE]['sql']) . '
2106	WHERE post_id = ' . $data_ary['post_id'];
2107	$db->sql_query($sql);
2108
2109	unset($sql_data[POSTS_TABLE]['sql']);
2110	}
2111
2112	// Update Poll Tables
2113	if (isset($poll_ary['poll_options']))
2114	{
2115	$cur_poll_options = array();
2116
2117	if ($mode == 'edit')
2118	{
2119	$sql = 'SELECT *
2120	FROM ' . POLL_OPTIONS_TABLE . '
2121	WHERE topic_id = ' . $data_ary['topic_id'] . '
2122	ORDER BY poll_option_id';
2123	$result = $db->sql_query($sql);
2124
2125	$cur_poll_options = array();
2126	while ($row = $db->sql_fetchrow($result))
2127	{
2128	$cur_poll_options[] = $row;
2129	}
2130	$db->sql_freeresult($result);
2131	}
2132
2133	$sql_insert_ary = array();
2134
2135	for ($i = 0, $size = count($poll_ary['poll_options']); $i < $size; $i++)
2136	{
2137	if (strlen(trim($poll_ary['poll_options'][$i])))
2138	{
2139	if (empty($cur_poll_options[$i]))
2140	{
2141	// If we add options we need to put them to the end to be able to preserve votes...
2142	$sql_insert_ary[] = array(
2143	'poll_option_id' => (int) count($cur_poll_options) + 1 + count($sql_insert_ary),
2144	'topic_id' => (int) $data_ary['topic_id'],
2145	'poll_option_text' => (string) $poll_ary['poll_options'][$i]
2146	);
2147	}
2148	else if ($poll_ary['poll_options'][$i] != $cur_poll_options[$i])
2149	{
2150	$sql = 'UPDATE ' . POLL_OPTIONS_TABLE . "
2151	SET poll_option_text = '" . $db->sql_escape($poll_ary['poll_options'][$i]) . "'
2152	WHERE poll_option_id = " . $cur_poll_options[$i]['poll_option_id'] . '
2153	AND topic_id = ' . $data_ary['topic_id'];
2154	$db->sql_query($sql);
2155	}
2156	}
2157	}
2158
2159	$db->sql_multi_insert(POLL_OPTIONS_TABLE, $sql_insert_ary);
2160
2161	if (count($poll_ary['poll_options']) < count($cur_poll_options))
2162	{
2163	$sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . '
2164	WHERE poll_option_id > ' . count($poll_ary['poll_options']) . '
2165	AND topic_id = ' . $data_ary['topic_id'];
2166	$db->sql_query($sql);
2167	}
2168
2169	// If edited, we would need to reset votes (since options can be re-ordered above, you can't be sure if the change is for changing the text or adding an option
2170	if ($mode == 'edit' && count($poll_ary['poll_options']) != count($cur_poll_options))
2171	{
2172	$db->sql_query('DELETE FROM ' . POLL_VOTES_TABLE . ' WHERE topic_id = ' . $data_ary['topic_id']);
2173	$db->sql_query('UPDATE ' . POLL_OPTIONS_TABLE . ' SET poll_option_total = 0 WHERE topic_id = ' . $data_ary['topic_id']);
2174	}
2175	}
2176
2177	// Submit Attachments
2178	if (!empty($data_ary['attachment_data']) && $data_ary['post_id'] && in_array($mode, array('post', 'reply', 'quote', 'edit')))
2179	{
2180	$space_taken = $files_added = 0;
2181	$orphan_rows = array();
2182
2183	foreach ($data_ary['attachment_data'] as $attach_row)
2184	{
2185	$orphan_rows[(int) $attach_row['attach_id']] = array();
2186	}
2187
2188	if (count($orphan_rows))
2189	{
2190	$sql = 'SELECT attach_id, filesize, physical_filename
2191	FROM ' . ATTACHMENTS_TABLE . '
2192	WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan_rows)) . '
2193	AND is_orphan = 1
2194	AND poster_id = ' . $user->data['user_id'];
2195	$result = $db->sql_query($sql);
2196
2197	$orphan_rows = array();
2198	while ($row = $db->sql_fetchrow($result))
2199	{
2200	$orphan_rows[$row['attach_id']] = $row;
2201	}
2202	$db->sql_freeresult($result);
2203	}
2204
2205	foreach ($data_ary['attachment_data'] as $attach_row)
2206	{
2207	if ($attach_row['is_orphan'] && !isset($orphan_rows[$attach_row['attach_id']]))
2208	{
2209	continue;
2210	}
2211
2212	if (preg_match('/[\x{10000}-\x{10FFFF}]/u', $attach_row['attach_comment']))
2213	{
2214	trigger_error('ATTACH_COMMENT_NO_EMOJIS');
2215	}
2216
2217	if (!$attach_row['is_orphan'])
2218	{
2219	// update entry in db if attachment already stored in db and filespace
2220	$sql = 'UPDATE ' . ATTACHMENTS_TABLE . "
2221	SET attach_comment = '" . $db->sql_escape($attach_row['attach_comment']) . "'
2222	WHERE attach_id = " . (int) $attach_row['attach_id'] . '
2223	AND is_orphan = 0';
2224	$db->sql_query($sql);
2225	}
2226	else
2227	{
2228	// insert attachment into db
2229	if (!$attachment_storage->exists(utf8_basename($orphan_rows[$attach_row['attach_id']]['physical_filename'])))
2230	{
2231	continue;
2232	}
2233
2234	$space_taken += $orphan_rows[$attach_row['attach_id']]['filesize'];
2235	$files_added++;
2236
2237	$attach_sql = array(
2238	'post_msg_id' => $data_ary['post_id'],
2239	'topic_id' => $data_ary['topic_id'],
2240	'is_orphan' => 0,
2241	'poster_id' => $poster_id,
2242	'attach_comment' => $attach_row['attach_comment'],
2243	);
2244
2245	$sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $attach_sql) . '
2246	WHERE attach_id = ' . $attach_row['attach_id'] . '
2247	AND is_orphan = 1
2248	AND poster_id = ' . $user->data['user_id'];
2249	$db->sql_query($sql);
2250	}
2251	}
2252
2253	if ($space_taken && $files_added)
2254	{
2255	$config->increment('upload_dir_size', $space_taken, false);
2256	$config->increment('num_files', $files_added, false);
2257	}
2258	}
2259
2260	$first_post_has_topic_info = ($post_mode == 'edit_first_post' &&
2261	(($post_visibility == ITEM_DELETED && $data_ary['topic_posts_softdeleted'] == 1) \|\|
2262	($post_visibility == ITEM_UNAPPROVED && $data_ary['topic_posts_unapproved'] == 1) \|\|
2263	($post_visibility == ITEM_REAPPROVE && $data_ary['topic_posts_unapproved'] == 1) \|\|
2264	($post_visibility == ITEM_APPROVED && $data_ary['topic_posts_approved'] == 1)));
2265	// Fix the post's and topic's visibility and first/last post information, when the post is edited
2266	if (($post_mode != 'post' && $post_mode != 'reply') && $data_ary['post_visibility'] != $post_visibility)
2267	{
2268	// If the post was not approved, it could also be the starter,
2269	// so we sync the starter after approving/restoring, to ensure that the stats are correct
2270	// Same applies for the last post
2271	$is_starter = ($post_mode == 'edit_first_post' \|\| $post_mode == 'edit_topic' \|\| $data_ary['post_visibility'] != ITEM_APPROVED);
2272	$is_latest = ($post_mode == 'edit_last_post' \|\| $post_mode == 'edit_topic' \|\| $data_ary['post_visibility'] != ITEM_APPROVED);
2273
2274	/* @var $phpbb_content_visibility \phpbb\content_visibility */
2275	$phpbb_content_visibility = $phpbb_container->get('content.visibility');
2276	$phpbb_content_visibility->set_post_visibility($post_visibility, $data_ary['post_id'], $data_ary['topic_id'], $data_ary['forum_id'], $user->data['user_id'], time(), '', $is_starter, $is_latest);
2277	}
2278	else if ($post_mode == 'edit_last_post' \|\| $post_mode == 'edit_topic' \|\| $first_post_has_topic_info)
2279	{
2280	if ($post_visibility == ITEM_APPROVED \|\| $data_ary['topic_visibility'] == $post_visibility)
2281	{
2282	// only the subject can be changed from edit
2283	$sql_data[TOPICS_TABLE]['stat'][] = "topic_last_post_subject = '" . $db->sql_escape($subject) . "'";
2284
2285	// Maybe not only the subject, but also changing anonymous usernames. ;)
2286	if ((int) $data_ary['poster_id'] == ANONYMOUS)
2287	{
2288	$sql_data[TOPICS_TABLE]['stat'][] = "topic_last_poster_name = '" . $db->sql_escape($username) . "'";
2289	}
2290
2291	if ($post_visibility == ITEM_APPROVED)
2292	{
2293	// this does not _necessarily_ mean that we must update the info again,
2294	// it just means that we might have to
2295	$sql = 'SELECT forum_last_post_id, forum_last_post_subject
2296	FROM ' . FORUMS_TABLE . '
2297	WHERE forum_id = ' . (int) $data_ary['forum_id'];
2298	$result = $db->sql_query($sql);
2299	$row = $db->sql_fetchrow($result);
2300	$db->sql_freeresult($result);
2301
2302	// this post is the latest post in the forum, better update
2303	if ($row['forum_last_post_id'] == $data_ary['post_id'] && ($row['forum_last_post_subject'] !== $subject \|\| (int) $data_ary['poster_id'] == ANONYMOUS))
2304	{
2305	// the post's subject changed
2306	if ($row['forum_last_post_subject'] !== $subject)
2307	{
2308	$sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($subject) . "'";
2309	}
2310
2311	// Update the user name if poster is anonymous... just in case a moderator changed it
2312	if ((int) $data_ary['poster_id'] == ANONYMOUS)
2313	{
2314	$sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape($username) . "'";
2315	}
2316	}
2317	}
2318	}
2319	}
2320
2321	// Update forum stats
2322	$where_sql = array(
2323	POSTS_TABLE => 'post_id = ' . $data_ary['post_id'],
2324	TOPICS_TABLE => 'topic_id = ' . $data_ary['topic_id'],
2325	FORUMS_TABLE => 'forum_id = ' . $data_ary['forum_id'],
2326	USERS_TABLE => 'user_id = ' . $poster_id
2327	);
2328
2329	foreach ($sql_data as $table => $update_ary)
2330	{
2331	if (isset($update_ary['stat']) && implode('', $update_ary['stat']))
2332	{
2333	$sql = "UPDATE $table SET " . implode(', ', $update_ary['stat']) . ' WHERE ' . $where_sql[$table];
2334	$db->sql_query($sql);
2335	}
2336	}
2337
2338	// Delete topic shadows (if any exist). We do not need a shadow topic for an global announcement
2339	if ($topic_type == POST_GLOBAL)
2340	{
2341	$sql = 'DELETE FROM ' . TOPICS_TABLE . '
2342	WHERE topic_moved_id = ' . $data_ary['topic_id'];
2343	$db->sql_query($sql);
2344	}
2345
2346	// Committing the transaction before updating search index
2347	$db->sql_transaction('commit');
2348
2349	// Delete draft if post was loaded...
2350	$draft_id = $request->variable('draft_loaded', 0);
2351	if ($draft_id)
2352	{
2353	$sql = 'DELETE FROM ' . DRAFTS_TABLE . "
2354	WHERE draft_id = $draft_id
2355	AND user_id = {$user->data['user_id']}";
2356	$db->sql_query($sql);
2357	}
2358
2359	// Index message contents
2360	if ($update_search_index && $data_ary['enable_indexing'])
2361	{
2362	try
2363	{
2364	$search_backend_factory = $phpbb_container->get('search.backend_factory');
2365	$search = $search_backend_factory->get_active();
2366	}
2367	catch (\phpbb\search\exception\no_search_backend_found_exception $e)
2368	{
2369	trigger_error('NO_SUCH_SEARCH_MODULE');
2370	}
2371
2372	$search->index($mode, (int) $data_ary['post_id'], $data_ary['message'], $subject, $poster_id, (int) $data_ary['forum_id']);
2373	}
2374
2375	// Topic Notification, do not change if moderator is changing other users posts...
2376	if ((int) $user->data['user_id'] == $poster_id)
2377	{
2378	if (!$data_ary['notify_set'] && $data_ary['notify'])
2379	{
2380	$sql = 'INSERT INTO ' . TOPICS_WATCH_TABLE . ' (user_id, topic_id)
2381	VALUES (' . $user->data['user_id'] . ', ' . $data_ary['topic_id'] . ')';
2382	$db->sql_query($sql);
2383	}
2384	else if (($config['email_enable'] \|\| $config['jab_enable']) && $data_ary['notify_set'] && !$data_ary['notify'])
2385	{
2386	$sql = 'DELETE FROM ' . TOPICS_WATCH_TABLE . '
2387	WHERE user_id = ' . $user->data['user_id'] . '
2388	AND topic_id = ' . $data_ary['topic_id'];
2389	$db->sql_query($sql);
2390	}
2391	}
2392
2393	if ($mode == 'post' \|\| $mode == 'reply' \|\| $mode == 'quote')
2394	{
2395	// Mark this topic as posted to
2396	markread('post', $data_ary['forum_id'], $data_ary['topic_id']);
2397	}
2398
2399	// Mark this topic as read
2400	// We do not use post_time here, this is intended (post_time can have a date in the past if editing a message)
2401	markread('topic', $data_ary['forum_id'], $data_ary['topic_id'], time());
2402
2403	//
2404	if ($config['load_db_lastread'] && $user->data['is_registered'])
2405	{
2406	$sql = 'SELECT mark_time
2407	FROM ' . FORUMS_TRACK_TABLE . '
2408	WHERE user_id = ' . $user->data['user_id'] . '
2409	AND forum_id = ' . $data_ary['forum_id'];
2410	$result = $db->sql_query($sql);
2411	$f_mark_time = (int) $db->sql_fetchfield('mark_time');
2412	$db->sql_freeresult($result);
2413	}
2414	else if ($config['load_anon_lastread'] \|\| $user->data['is_registered'])
2415	{
2416	$f_mark_time = false;
2417	}
2418
2419	if (($config['load_db_lastread'] && $user->data['is_registered']) \|\| $config['load_anon_lastread'] \|\| $user->data['is_registered'])
2420	{
2421	// Update forum info
2422	$sql = 'SELECT forum_last_post_time
2423	FROM ' . FORUMS_TABLE . '
2424	WHERE forum_id = ' . $data_ary['forum_id'];
2425	$result = $db->sql_query($sql);
2426	$forum_last_post_time = (int) $db->sql_fetchfield('forum_last_post_time');
2427	$db->sql_freeresult($result);
2428
2429	update_forum_tracking_info($data_ary['forum_id'], $forum_last_post_time, $f_mark_time, false);
2430	}
2431
2432	// If a username was supplied or the poster is a guest, we will use the supplied username.
2433	// Doing it this way we can use "...post by guest-username..." in notifications when
2434	// "guest-username" is supplied or ommit the username if it is not.
2435	$username = ($username !== '' \|\| !$user->data['is_registered']) ? $username : $user->data['username'];
2436
2437	// Send Notifications
2438	$notification_data = array_merge($data_ary, array(
2439	'topic_title' => (isset($data_ary['topic_title'])) ? $data_ary['topic_title'] : $subject,
2440	'post_username' => $username,
2441	'poster_id' => $poster_id,
2442	'post_text' => $data_ary['message'],
2443	'post_time' => $current_time,
2444	'post_subject' => $subject,
2445	));
2446
2447	/**
2448	* This event allows you to modify the notification data upon submission
2449	*
2450	* @event core.modify_submit_notification_data
2451	* @var array notification_data The notification data to be inserted in to the database
2452	* @var array data_ary The data array with a lot of the post submission data
2453	* @var string mode The posting mode
2454	* @var int poster_id The poster id
2455	* @since 3.2.4-RC1
2456	*/
2457	$vars = array('notification_data', 'data_ary', 'mode', 'poster_id');
2458	extract($phpbb_dispatcher->trigger_event('core.modify_submit_notification_data', compact($vars)));
2459
2460	/* @var $phpbb_notifications \phpbb\notification\manager */
2461	$phpbb_notifications = $phpbb_container->get('notification_manager');
2462
2463	if ($post_visibility == ITEM_APPROVED)
2464	{
2465	switch ($mode)
2466	{
2467	case 'post':
2468	$phpbb_notifications->add_notifications(array(
2469	'notification.type.mention',
2470	'notification.type.quote',
2471	'notification.type.topic',
2472	), $notification_data);
2473	break;
2474
2475	case 'reply':
2476	case 'quote':
2477	$phpbb_notifications->add_notifications(array(
2478	'notification.type.mention',
2479	'notification.type.quote',
2480	'notification.type.bookmark',
2481	'notification.type.post',
2482	'notification.type.forum',
2483	), $notification_data);
2484	break;
2485
2486	case 'edit_topic':
2487	case 'edit_first_post':
2488	case 'edit':
2489	case 'edit_last_post':
2490	if ($user->data['user_id'] == $poster_id)
2491	{
2492	$phpbb_notifications->update_notifications(array(
2493	'notification.type.mention',
2494	'notification.type.quote',
2495	), $notification_data);
2496	}
2497
2498	$phpbb_notifications->update_notifications(array(
2499	'notification.type.bookmark',
2500	'notification.type.topic',
2501	'notification.type.post',
2502	'notification.type.forum',
2503	), $notification_data);
2504	break;
2505	}
2506	}
2507	else if ($post_visibility == ITEM_UNAPPROVED)
2508	{
2509	switch ($mode)
2510	{
2511	case 'post':
2512	$phpbb_notifications->add_notifications('notification.type.topic_in_queue', $notification_data);
2513	break;
2514
2515	case 'reply':
2516	case 'quote':
2517	$phpbb_notifications->add_notifications('notification.type.post_in_queue', $notification_data);
2518	break;
2519
2520	case 'edit_topic':
2521	case 'edit_first_post':
2522	case 'edit':
2523	case 'edit_last_post':
2524	// Nothing to do here
2525	break;
2526	}
2527	}
2528	else if ($post_visibility == ITEM_REAPPROVE)
2529	{
2530	switch ($mode)
2531	{
2532	case 'edit_topic':
2533	case 'edit_first_post':
2534	$phpbb_notifications->add_notifications('notification.type.topic_in_queue', $notification_data);
2535
2536	// Delete the approve_post notification so we can notify the user again,
2537	// when his post got reapproved
2538	$phpbb_notifications->delete_notifications('notification.type.approve_post', $notification_data['post_id']);
2539	break;
2540
2541	case 'edit':
2542	case 'edit_last_post':
2543	$phpbb_notifications->add_notifications('notification.type.post_in_queue', $notification_data);
2544
2545	// Delete the approve_post notification so we can notify the user again,
2546	// when his post got reapproved
2547	$phpbb_notifications->delete_notifications('notification.type.approve_post', $notification_data['post_id']);
2548	break;
2549
2550	case 'post':
2551	case 'reply':
2552	case 'quote':
2553	// Nothing to do here
2554	break;
2555	}
2556	}
2557	else if ($post_visibility == ITEM_DELETED)
2558	{
2559	switch ($mode)
2560	{
2561	case 'post':
2562	case 'reply':
2563	case 'quote':
2564	case 'edit_topic':
2565	case 'edit_first_post':
2566	case 'edit':
2567	case 'edit_last_post':
2568	// Nothing to do here
2569	break;
2570	}
2571	}
2572
2573	$params = [];
2574	$add_anchor = '';
2575	$url = "{$phpbb_root_path}viewtopic.$phpEx";
2576
2577	if ($post_visibility == ITEM_APPROVED \|\|
2578	($auth->acl_get('m_softdelete', $data_ary['forum_id']) && $post_visibility == ITEM_DELETED) \|\|
2579	($auth->acl_get('m_approve', $data_ary['forum_id']) && in_array($post_visibility, array(ITEM_UNAPPROVED, ITEM_REAPPROVE))))
2580	{
2581	if ($mode != 'post')
2582	{
2583	$params['p'] = $data_ary['post_id'];
2584	$add_anchor = '#p' . $data_ary['post_id'];
2585	}
2586	else
2587	{
2588	$params['t'] = $data_ary['topic_id'];
2589	}
2590	}
2591	else if ($mode != 'post' && $post_mode != 'edit_first_post' && $post_mode != 'edit_topic')
2592	{
2593	$params['t'] = $data_ary['topic_id'];
2594	}
2595	else
2596	{
2597	$url = "{$phpbb_root_path}viewforum.$phpEx";
2598	$params['f'] = $data_ary['forum_id'];
2599	}
2600
2601	$url = append_sid($url, $params) . $add_anchor;
2602
2603	$poll = $poll_ary;
2604	$data = $data_ary;
2605	/**
2606	* This event is used for performing actions directly after a post or topic
2607	* has been submitted. When a new topic is posted, the topic ID is
2608	* available in the $data array.
2609	*
2610	* The only action that can be done by altering data made available to this
2611	* event is to modify the return URL ($url).
2612	*
2613	* @event core.submit_post_end
2614	* @var string mode Variable containing posting mode value
2615	* @var string subject Variable containing post subject value
2616	* @var string username Variable containing post author name
2617	* @var int topic_type Variable containing topic type value
2618	* @var array poll Array with the poll data for the post
2619	* @var array data Array with the data for the post
2620	* @var int post_visibility Variable containing up to date post visibility
2621	* @var bool update_message Flag indicating if the post will be updated
2622	* @var bool update_search_index Flag indicating if the search index will be updated
2623	* @var string url The "Return to topic" URL
2624	*
2625	* @since 3.1.0-a3
2626	* @changed 3.1.0-RC3 Added vars mode, subject, username, topic_type,
2627	* poll, update_message, update_search_index
2628	*/
2629	$vars = array(
2630	'mode',
2631	'subject',
2632	'username',
2633	'topic_type',
2634	'poll',
2635	'data',
2636	'post_visibility',
2637	'update_message',
2638	'update_search_index',
2639	'url',
2640	);
2641	extract($phpbb_dispatcher->trigger_event('core.submit_post_end', compact($vars)));
2642	$data_ary = $data;
2643	$poll_ary = $poll;
2644	unset($data);
2645	unset($poll);
2646
2647	return $url;
2648	}
2649
2650	/**
2651	* Handle topic bumping
2652	* @param int $forum_id The ID of the forum the topic is being bumped belongs to
2653	* @param int $topic_id The ID of the topic is being bumping
2654	* @param array $post_data Passes some topic parameters:
2655	* - 'topic_title'
2656	* - 'topic_last_post_id'
2657	* - 'topic_last_poster_id'
2658	* - 'topic_last_post_subject'
2659	* - 'topic_last_poster_name'
2660	* - 'topic_last_poster_colour'
2661	* @param int $bump_time The time at which topic was bumped, usually it is a current time as obtained via time().
2662	* @return string An URL to the bumped topic, example: ./viewtopic.php?p=3#p3
2663	*/
2664	function phpbb_bump_topic($forum_id, $topic_id, $post_data, $bump_time = false)
2665	{
2666	global $config, $db, $user, $phpEx, $phpbb_root_path, $phpbb_log;
2667
2668	if ($bump_time === false)
2669	{
2670	$bump_time = time();
2671	}
2672
2673	// Begin bumping
2674	$db->sql_transaction('begin');
2675
2676	// Update the topic's last post post_time
2677	$sql = 'UPDATE ' . POSTS_TABLE . "
2678	SET post_time = $bump_time
2679	WHERE post_id = {$post_data['topic_last_post_id']}
2680	AND topic_id = $topic_id";
2681	$db->sql_query($sql);
2682
2683	// Sync the topic's last post time, the rest of the topic's last post data isn't changed
2684	$sql = 'UPDATE ' . TOPICS_TABLE . "
2685	SET topic_last_post_time = $bump_time,
2686	topic_bumped = 1,
2687	topic_bumper = " . $user->data['user_id'] . "
2688	WHERE topic_id = $topic_id";
2689	$db->sql_query($sql);
2690
2691	// Update the forum's last post info
2692	$sql = 'UPDATE ' . FORUMS_TABLE . "
2693	SET forum_last_post_id = " . $post_data['topic_last_post_id'] . ",
2694	forum_last_poster_id = " . $post_data['topic_last_poster_id'] . ",
2695	forum_last_post_subject = '" . $db->sql_escape($post_data['topic_last_post_subject']) . "',
2696	forum_last_post_time = $bump_time,
2697	forum_last_poster_name = '" . $db->sql_escape($post_data['topic_last_poster_name']) . "',
2698	forum_last_poster_colour = '" . $db->sql_escape($post_data['topic_last_poster_colour']) . "'
2699	WHERE forum_id = $forum_id";
2700	$db->sql_query($sql);
2701
2702	// Update bumper's time of the last posting to prevent flood
2703	$sql = 'UPDATE ' . USERS_TABLE . "
2704	SET user_lastpost_time = $bump_time
2705	WHERE user_id = " . $user->data['user_id'];
2706	$db->sql_query($sql);
2707
2708	$db->sql_transaction('commit');
2709
2710	// Mark this topic as posted to
2711	markread('post', $forum_id, $topic_id, $bump_time);
2712
2713	// Mark this topic as read
2714	markread('topic', $forum_id, $topic_id, $bump_time);
2715
2716	// Update forum tracking info
2717	if ($config['load_db_lastread'] && $user->data['is_registered'])
2718	{
2719	$sql = 'SELECT mark_time
2720	FROM ' . FORUMS_TRACK_TABLE . '
2721	WHERE user_id = ' . $user->data['user_id'] . '
2722	AND forum_id = ' . $forum_id;
2723	$result = $db->sql_query($sql);
2724	$f_mark_time = (int) $db->sql_fetchfield('mark_time');
2725	$db->sql_freeresult($result);
2726	}
2727	else if ($config['load_anon_lastread'] \|\| $user->data['is_registered'])
2728	{
2729	$f_mark_time = false;
2730	}
2731
2732	if (($config['load_db_lastread'] && $user->data['is_registered']) \|\| $config['load_anon_lastread'] \|\| $user->data['is_registered'])
2733	{
2734	// Update forum info
2735	$sql = 'SELECT forum_last_post_time
2736	FROM ' . FORUMS_TABLE . '
2737	WHERE forum_id = ' . $forum_id;
2738	$result = $db->sql_query($sql);
2739	$forum_last_post_time = (int) $db->sql_fetchfield('forum_last_post_time');
2740	$db->sql_freeresult($result);
2741
2742	update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_time, false);
2743	}
2744
2745	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_BUMP_TOPIC', false, array(
2746	'forum_id' => $forum_id,
2747	'topic_id' => $topic_id,
2748	$post_data['topic_title']
2749	));
2750
2751	$url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "p={$post_data['topic_last_post_id']}") . "#p{$post_data['topic_last_post_id']}";
2752
2753	return $url;
2754	}
2755
2756	/**
2757	* Show upload popup (progress bar)
2758	*/
2759	function phpbb_upload_popup($forum_style = 0)
2760	{
2761	global $template, $user;
2762
2763	($forum_style) ? $user->setup('posting', $forum_style) : $user->setup('posting');
2764
2765	page_header($user->lang['PROGRESS_BAR']);
2766
2767	$template->set_filenames(array(
2768	'popup' => 'posting_progress_bar.html')
2769	);
2770
2771	$template->assign_vars(array(
2772	'PROGRESS_BAR' => $user->img('upload_bar', $user->lang['UPLOAD_IN_PROGRESS']))
2773	);
2774
2775	$template->display('popup');
2776
2777	garbage_collection();
2778	exit_handler();
2779	}
2780
2781	/**
2782	* Do the various checks required for removing posts as well as removing it
2783	*
2784	* @param int $forum_id The id of the forum
2785	* @param int $topic_id The id of the topic
2786	* @param int $post_id The id of the post
2787	* @param array $post_data Array with the post data
2788	* @param bool $is_soft The flag indicating whether it is the soft delete mode
2789	* @param string $delete_reason Description for the post deletion reason
2790	*
2791	* @return void
2792	*/
2793	function phpbb_handle_post_delete($forum_id, $topic_id, $post_id, &$post_data, $is_soft = false, $delete_reason = '')
2794	{
2795	global $user, $auth, $config, $request;
2796	global $phpbb_root_path, $phpEx, $phpbb_log, $phpbb_dispatcher;
2797
2798	$force_delete_allowed = $force_softdelete_allowed = false;
2799	$perm_check = ($is_soft) ? 'softdelete' : 'delete';
2800
2801	/**
2802	* This event allows to modify the conditions for the post deletion
2803	*
2804	* @event core.handle_post_delete_conditions
2805	* @var int forum_id The id of the forum
2806	* @var int topic_id The id of the topic
2807	* @var int post_id The id of the post
2808	* @var array post_data Array with the post data
2809	* @var bool is_soft The flag indicating whether it is the soft delete mode
2810	* @var string delete_reason Description for the post deletion reason
2811	* @var bool force_delete_allowed Allow the user to delete the post (all permissions and conditions are ignored)
2812	* @var bool force_softdelete_allowed Allow the user to softdelete the post (all permissions and conditions are ignored)
2813	* @var string perm_check The deletion mode softdelete\|delete
2814	* @since 3.1.11-RC1
2815	*/
2816	$vars = array(
2817	'forum_id',
2818	'topic_id',
2819	'post_id',
2820	'post_data',
2821	'is_soft',
2822	'delete_reason',
2823	'force_delete_allowed',
2824	'force_softdelete_allowed',
2825	'perm_check',
2826	);
2827	extract($phpbb_dispatcher->trigger_event('core.handle_post_delete_conditions', compact($vars)));
2828
2829	// If moderator removing post or user itself removing post, present a confirmation screen
2830	if ($force_delete_allowed \|\| ($is_soft && $force_softdelete_allowed) \|\| $auth->acl_get("m_$perm_check", $forum_id) \|\| ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get("f_$perm_check", $forum_id) && $post_id == $post_data['topic_last_post_id'] && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) \|\| !$config['delete_time'])))
2831	{
2832	$s_hidden_fields = array(
2833	'p' => $post_id,
2834	'f' => $forum_id,
2835	'mode' => ($is_soft) ? 'soft_delete' : 'delete',
2836	);
2837
2838	if (confirm_box(true))
2839	{
2840	$data = array(
2841	'topic_first_post_id' => $post_data['topic_first_post_id'],
2842	'topic_last_post_id' => $post_data['topic_last_post_id'],
2843	'topic_posts_approved' => $post_data['topic_posts_approved'],
2844	'topic_posts_unapproved' => $post_data['topic_posts_unapproved'],
2845	'topic_posts_softdeleted' => $post_data['topic_posts_softdeleted'],
2846	'topic_visibility' => $post_data['topic_visibility'],
2847	'topic_type' => $post_data['topic_type'],
2848	'post_visibility' => $post_data['post_visibility'],
2849	'post_reported' => $post_data['post_reported'],
2850	'post_time' => $post_data['post_time'],
2851	'poster_id' => $post_data['poster_id'],
2852	'post_postcount' => $post_data['post_postcount'],
2853	);
2854
2855	$next_post_id = delete_post($forum_id, $topic_id, $post_id, $data, $is_soft, $delete_reason);
2856	$post_username = ($post_data['poster_id'] == ANONYMOUS && !empty($post_data['post_username'])) ? $post_data['post_username'] : $post_data['username'];
2857
2858	if ($next_post_id === false)
2859	{
2860	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, (($is_soft) ? 'LOG_SOFTDELETE_TOPIC' : 'LOG_DELETE_TOPIC'), false, array(
2861	'forum_id' => $forum_id,
2862	'topic_id' => $topic_id,
2863	$post_data['topic_title'],
2864	$post_username,
2865	$delete_reason
2866	));
2867
2868	$meta_info = append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id");
2869	$message = $user->lang['POST_DELETED'];
2870	}
2871	else
2872	{
2873	$phpbb_log->add('mod', $user->data['user_id'], $user->ip, (($is_soft) ? 'LOG_SOFTDELETE_POST' : 'LOG_DELETE_POST'), false, array(
2874	'forum_id' => $forum_id,
2875	'topic_id' => $topic_id,
2876	'post_id' => $post_id,
2877	$post_data['post_subject'],
2878	$post_username,
2879	$delete_reason
2880	));
2881
2882	if ($next_post_id > 0)
2883	{
2884	$meta_info = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "p=$next_post_id") . "#p$next_post_id";
2885	}
2886	else
2887	{
2888	$meta_info = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t=$topic_id");
2889	}
2890	$message = $user->lang['POST_DELETED'];
2891
2892	if (!$request->is_ajax())
2893	{
2894	$message .= '<br /><br />' . $user->lang('RETURN_TOPIC', '<a href="' . $meta_info . '">', '</a>');
2895	}
2896	}
2897
2898	meta_refresh(3, $meta_info);
2899	if (!$request->is_ajax())
2900	{
2901	$message .= '<br /><br />' . $user->lang('RETURN_FORUM', '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
2902	}
2903	trigger_error($message);
2904	}
2905	else
2906	{
2907	global $template;
2908
2909	$can_delete = $force_delete_allowed \|\| ($auth->acl_get('m_delete', $forum_id) \|\| ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get('f_delete', $forum_id)));
2910	$can_softdelete = $force_softdelete_allowed \|\| ($auth->acl_get('m_softdelete', $forum_id) \|\| ($post_data['poster_id'] == $user->data['user_id'] && $user->data['is_registered'] && $auth->acl_get('f_softdelete', $forum_id)));
2911
2912	$template->assign_vars(array(
2913	'S_SOFTDELETED' => $post_data['post_visibility'] == ITEM_DELETED,
2914	'S_CHECKED_PERMANENT' => $request->is_set_post('delete_permanent') ? ' checked="checked"' : '',
2915	'S_ALLOWED_DELETE' => $can_delete,
2916	'S_ALLOWED_SOFTDELETE' => $can_softdelete,
2917	));
2918
2919	$l_confirm = 'DELETE_POST';
2920	if ($post_data['post_visibility'] == ITEM_DELETED)
2921	{
2922	$l_confirm .= '_PERMANENTLY';
2923	$s_hidden_fields['delete_permanent'] = '1';
2924	}
2925	else if (!$can_softdelete)
2926	{
2927	$s_hidden_fields['delete_permanent'] = '1';
2928	}
2929
2930	confirm_box(false, [$l_confirm, 1], build_hidden_fields($s_hidden_fields), 'confirm_delete_body.html');
2931	}
2932	}
2933
2934	// If we are here the user is not able to delete - present the correct error message
2935	if ($post_data['poster_id'] != $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id))
2936	{
2937	trigger_error('DELETE_OWN_POSTS');
2938	}
2939
2940	if ($post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && $post_id != $post_data['topic_last_post_id'])
2941	{
2942	trigger_error('CANNOT_DELETE_REPLIED');
2943	}
2944
2945	trigger_error('USER_CANNOT_DELETE');
2946	}