<?php

/*
	[Discuz!] (C)2001-2007 Comsenz Inc.
	This is NOT a freeware, use is subject to license terms

	$RCSfile: newreply.inc.php,v $
	$Revision: 1.55.2.6 $
	$Date: 2007/03/21 15:52:38 $
*/

if(!defined('IN_DISCUZ')) {
	exit('Access Denied');
}

$discuz_action = 12;

if($iscircle && ($sgid = $thread['sgid'])) {
	supe_dbconnect();
        $query = $supe['db']->query("SELECT g.ispublic, g.allowshare, g.password, g.groupname, gf.headerimage, gf.css FROM {$supe[tablepre]}groups g, {$supe[tablepre]}groupfields gf WHERE g.gid='$sgid' AND g.flag=1 AND g.gid=gf.gid");
        $circle = $supe['db']->fetch_array($query);
        $incircle = $discuz_uid ? $supe['db']->result($supe['db']->query("SELECT COUNT(*) FROM {$supe[tablepre]}groupuid WHERE uid='$discuz_uid' AND gid='$sgid' AND flag=1"), 0) : 0;
        if(!$incircle && !($circle['allowshare'] && ($circle['ispublic'] == 1 || ($circle['ispublic'] == 2 && $circle['password'] == $_DCOOKIE['gidpw'.$gid])))) {
        	showmessage('circle_nopermission');
        }
}

if(!$discuz_uid && !((!$forum['replyperm'] && $allowreply) || ($forum['replyperm'] && forumperm($forum['replyperm'])))) {
	showmessage('group_nopermission', NULL, 'NOPERM');
} elseif(empty($forum['allowreply'])) {
	if(!$forum['replyperm'] && !$allowreply) {
		showmessage('group_nopermission', NULL, 'NOPERM');
	//S:autistic
	} elseif($thread['authorid'] != $discuz_uid && $thread['fid'] == 90) {
		showmessage('post_forum_newreply_autistic', NULL, 'HALTED');
	//E:autistic
	} elseif($forum['replyperm'] && !forumperm($forum['replyperm'])) {
		showmessage('post_forum_newreply_nopermission', NULL, 'HALTED');
	}
}

if(empty($thread)) {
	showmessage('thread_nonexistence');
} elseif($thread['price'] > 0) {
	if($thread['special'] == 0) {
		if(!$discuz_uid) {
			showmessage('group_nopermission', NULL, 'NOPERM');
		} elseif(!$forum['ismoderator'] && $thread['authorid'] != $discuz_uid) {
			$query = $db->query("SELECT tid FROM {$tablepre}paymentlog WHERE tid='$tid' AND uid='$discuz_uid'");
			if(!$db->num_rows($query)) {
				showmessage('undefined_action', NULL, 'HALTED');
			}
		}
	}
}

checklowerlimit($replycredits);

if(!supe_submitcheck() && !submitcheck('replysubmit', 0, $seccodecheck, $secqaacheck)) {

	if(isset($repquote)) {

		include_once language('misc');

		$query = $db->query("SELECT tid, fid, author, authorid, message, useip, dateline, anonymous FROM {$tablepre}posts WHERE pid='$repquote' AND invisible='0'");
		$thaquote = $db->fetch_array($query);
		if($thaquote['tid'] != $tid) {
			showmessage('undefined_action', NULL, 'HALTED');
		}

		$quotefid = $thaquote['fid'];
		$message = $thaquote['message'];

		if($bannedmessages && $thaquote['authorid']) {
			$query = $db->query("SELECT groupid FROM {$tablepre}members WHERE uid='$thaquote[authorid]'");
			$author = $db->fetch_array($query);
			if(!$author['groupid'] || $author['groupid'] == 4 || $author['groupid'] == 5) {
				$message = $language['post_banned'];
			}
		}

		$time = gmdate("$dateformat $timeformat", $thaquote['dateline'] + ($timeoffset * 3600));
		$bbcodes = 'b|i|u|color|size|font|align|list|indent|url|email|code|free|table|tr|td|img|swf|attach|payto|float'.($_DCACHE['bbcodes_display'] ? '|'.implode('|', array_keys($_DCACHE['bbcodes_display'])) : '');
		$message = cutstr(strip_tags(preg_replace(array(
				"/\[hide=?\d*\](.+?)\[\/hide\]/is",
				"/\[quote](.*)\[\/quote]/siU",
				$language['post_edit_regexp'],
				"/\[($bbcodes)=?.*\]/iU",
				"/\[\/($bbcodes)\]/i",
			), array(
				"[b]$language[post_hidden][/b]",
				'',
				'',
				'',
				''
			), $message)), 200);

		$thaquote['useip'] = substr($thaquote['useip'], 0, strrpos($thaquote['useip'], '.')).'.x';
		if($thaquote['author'] && $thaquote['anonymous']) {
		    $thaquote['author'] = '[i]Anonymous[/i]';
		} elseif(!$thaquote['author']) {
		    $thaquote['author'] = '[i]Guest[/i] from '.$thaquote['useip'];
		} else {
		    $thaquote['author'] = '[i]'.$thaquote['author'].'[/i]';
		}

		eval("\$language['post_reply_quote'] = \"$language[post_reply_quote]\";");
		$message = "[quote]$language[post_reply_quote] [url={$boardurl}redirect.php?goto=findpost&pid=$repquote&ptid=$tid][img]{$boardurl}images/common/back.gif[/img][/url]\n$message [/quote]\n";

		if($editormode == 1 && !(isopera() && isopera() < 9)) {
			$message = discuzcode($message, $post['smileyoff'], $post['bbcodeoff'], $post['htmlon'], $forum['allowsmilies'], $forum['allowbbcode'], $forum['allowimgcode'], $forum['allowhtml'], 0, 1);
		}
	}

	if($thread['replies'] <= $ppp) {
		$postlist = array();
		$query = $db->query("SELECT p.* ".($bannedmessages ? ', m.groupid ' : '').
			"FROM {$tablepre}posts p ".($bannedmessages ? "LEFT JOIN {$tablepre}members m ON p.authorid=m.uid " : '').
			"WHERE p.tid='$tid' AND p.invisible='0' ORDER BY p.dateline DESC");
		while($post = $db->fetch_array($query)) {

			$post['thisbg'] = $thisbg = isset($thisbg) && $thisbg == 'altbg1' ? 'altbg2' : 'altbg1';
			$post['dateline'] = gmdate("$dateformat $timeformat", $post['dateline'] + $timeoffset * 3600);

			if($bannedmessages && ($post['authorid'] && (!$post['groupid'] || $post['groupid'] == 4 || $post['groupid'] == 5))) {
				include_once language('misc');
				$post['message'] = $language['post_banned'];
			} else {
				$post['message'] = preg_replace("/\[hide=?\d*\](.+?)\[\/hide\]/is", "[b]$language[post_hidden][/b]", $post['message']);
				$post['message'] = discuzcode($post['message'], $post['smileyoff'], $post['bbcodeoff'], $post['htmlon'], $forum['allowsmilies'], $forum['allowbbcode'], $forum['allowimgcode'], $forum['allowhtml'], $forum['jammer']);
			}

			$postlist[] = $post;
		}
	}

	include template($iscircle && $sgid ? 'supesite_post_newreply' : 'post_newreply');

} else {

	require_once DISCUZ_ROOT.'./include/forum.func.php';

	if($subject == '' && $message == '') {
		showmessage('post_sm_isnull');
	}

	if($thread['closed'] && !$forum['ismoderator']) {
		showmessage('post_thread_closed');
	}

	if($post_autoclose = checkautoclose()) {
		showmessage($post_autoclose);
	}

	if($post_invalid = checkpost()) {
		showmessage($post_invalid);
	}

	if(checkflood()) {
		showmessage('post_flood_ctrl');
	}

	if($allowpostattach && is_array($_FILES['attach'])) {
		foreach($_FILES['attach']['name'] as $attachname) {
			if($attachname != '') {
				checklowerlimit($postattachcredits);
				break;
			}
		}
	}

	$attachment = ($allowpostattach && $attachments = attach_upload()) ? 1 : 0;

	$subscribed = $thread['subscribed'] && $timestamp - $thread['lastpost'] < 7776000;
	$newsubscribed = !empty($emailnotify) && $discuz_uid;

	eval($hooks['add_reply_in_newreply']);//Add_reply

	if($subscribed && !$modnewreplies) {
		$db->query("UPDATE {$tablepre}subscriptions SET lastpost='$timestamp' WHERE tid='$tid' AND uid<>'$discuz_uid'", 'UNBUFFERED');
	}
	if($newsubscribed) {
		$db->query("REPLACE INTO {$tablepre}subscriptions (uid, tid, lastpost, lastnotify)
			VALUES ('$discuz_uid', '$tid', '".($modnewreplies ? $thread['lastpost'] : $timestamp)."', '$timestamp')", 'UNBUFFERED');
	}

	$author = !$isanonymous ? $discuz_user : '';
	$bbcodeoff = checkbbcodes($message, !empty($bbcodeoff));
	$smileyoff = checksmilies($message, !empty($smileyoff));
	$parseurloff = !empty($parseurloff);
	$htmlon = $allowhtml && !empty($htmlon) ? 1 : 0;
	$isanonymous = $isanonymous && $allowanonymous ? 1 : 0;

	$pinvisible = $modnewreplies ? -2 : 0;
	$db->query("INSERT INTO {$tablepre}posts (fid, tid, first, author, authorid, subject, dateline, message, useip, invisible, anonymous, usesig, htmlon, bbcodeoff, smileyoff, parseurloff, attachment)
			VALUES ('$fid', '$tid', '0', '$discuz_user', '$discuz_uid', '$subject', '$timestamp', '$message', '$onlineip', '$pinvisible', '$isanonymous', '$usesig', '$htmlon', '$bbcodeoff', '$smileyoff', '$parseurloff', '$attachment')");
	$pid = $db->insert_id();

	if($thread['special'] == 3 && $thread['authorid'] != $discuz_uid && $thread['price'] > 0) {
		$query = $db->query("SELECT * FROM {$tablepre}rewardlog WHERE tid='$tid' AND answererid='$discuz_uid'");
		if(!$rewardlog = $db->fetch_array($query)) {
			$db->query("INSERT INTO {$tablepre}rewardlog (tid, answererid, dateline) VALUES ('$tid', '$discuz_uid', '$timestamp')");
		}
	}
	$db->query("REPLACE INTO {$tablepre}myposts (uid, tid, pid, position, dateline) VALUES ('$discuz_uid', '$tid', '$pid', '".($thread['replies'] + 1)."', '$timestamp')", 'UNBUFFERED');

	if($attachment) {
		$searcharray = $pregarray = $replacearray = array();
		foreach($attachments as $key => $attach) {
			$db->query("INSERT INTO {$tablepre}attachments (tid, pid, dateline, readperm, price, filename, description, filetype, filesize, attachment, downloads, isimage, uid, thumb, remote)
				VALUES ('$tid', '$pid', '$timestamp', '$attach[perm]', '$attach[price]', '$attach[name]', '$attach[description]', '$attach[type]', '$attach[size]', '$attach[attachment]', '0', '$attach[isimage]', '$attach[uid]', '$attach[thumb]', '$attach[remote]')");
			$searcharray[] = '[local]'.$localid[$key].'[/local]';
			$pregarray[] = '/\[localimg=(\d{1,3}),(\d{1,3})\]'.$localid[$key].'\[\/localimg\]/is';
			$replacearray[] = '[attach]'.$db->insert_id().'[/attach]';
		}
		$message = str_replace($searcharray, $replacearray, preg_replace($pregarray, $replacearray, $message));
		$db->query("UPDATE {$tablepre}posts SET message='$message' WHERE pid='$pid'");
		updatecredits($discuz_uid, $postattachcredits, count($attachments));
	}

	$forum['threadcaches'] && deletethreadcaches($tid);

	if($modnewreplies) {
		$db->query("UPDATE {$tablepre}forums SET todayposts=todayposts+1 WHERE fid='$fid'", 'UNBUFFERED');

		if($newsubscribed) {
			$db->query("UPDATE {$tablepre}threads SET subscribed='1' WHERE tid='$tid'", 'UNBUFFERED');
		}
		if(!$allowuseblog || empty($isblog)) {
			showmessage('post_reply_mod_succeed', "forumdisplay.php?fid=$fid");
		} else {
			showmessage('post_reply_mod_blog_succeed', "blog.php?tid=$tid&starttime=$starttime&endtime=$endtime&page=$page");
		}
	} else {
		$db->query("UPDATE {$tablepre}threads SET lastposter='$author', lastpost='$timestamp', replies=replies+1 ".($attachment ? ', attachment=\'1\'' : '').", subscribed='".($subscribed || $newsubscribed ? 1 : 0)."' WHERE tid='$tid'", 'UNBUFFERED');

		updatepostcredits('+', $discuz_uid, $replycredits);
		require_once DISCUZ_ROOT.'./include/cache.func.php';
		updatecache('newthread');

		$lastpost = "$thread[tid]\t".addslashes($thread['subject'])."\t$timestamp\t$author";
		$db->query("UPDATE {$tablepre}forums SET lastpost='$lastpost', posts=posts+1, todayposts=todayposts+1 WHERE fid='$fid'", 'UNBUFFERED');
		if($forum['type'] == 'sub') {
			$db->query("UPDATE {$tablepre}forums SET lastpost='$lastpost' WHERE fid='$forum[fup]'", 'UNBUFFERED');
		}
		
		if ($dashboard) {
			showmessage('post_reply_succeed', $bbsdir."/topic-dashboard-$tid.html#pid$pid");
		} elseif ($mobile) {
			wapshowmessage('post_reply_succeed', $bbsdir."/t/$tid/$p_page/".(@ceil(($thread['replies'] + 2) / M_PER_PAGE)));
		} else {
			if(!$allowuseblog || empty($isblog) ) {
				//showmessage('post_reply_succeed', "viewthread.php?tid=$tid&pid=$pid&page=".(@ceil(($thread['replies'] + 2) / $ppp))."&extra=$extra#pid$pid");
				showmessage('post_reply_succeed', "thread-$tid-".(@ceil(($thread['replies'] + 2) / $ppp))."-1.html#pid$pid");
			} else {
				showmessage('post_reply_blog_succeed', "blog.php?tid=$tid&starttime=$starttime&endtime=$endtime&page=".(@ceil(($thread['replies'] + 1) / $ppp))."#bottom");
			}
		}
	}

}

?>