[6] | 1 | <?php |
---|
| 2 | |
---|
| 3 | /** |
---|
| 4 | * Copyright (C) 2008-2011 FluxBB |
---|
| 5 | * based on code by Rickard Andersson copyright (C) 2002-2008 PunBB |
---|
| 6 | * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher |
---|
| 7 | */ |
---|
| 8 | |
---|
| 9 | if (isset($_GET['action'])) |
---|
| 10 | define('PUN_QUIET_VISIT', 1); |
---|
| 11 | |
---|
| 12 | define('PUN_ROOT', dirname(__FILE__).'/'); |
---|
| 13 | require PUN_ROOT.'include/common.php'; |
---|
| 14 | |
---|
| 15 | |
---|
| 16 | // Load the misc.php language file |
---|
| 17 | require PUN_ROOT.'lang/'.$pun_user['language'].'/misc.php'; |
---|
| 18 | |
---|
| 19 | $action = isset($_GET['action']) ? $_GET['action'] : null; |
---|
| 20 | |
---|
| 21 | |
---|
| 22 | if ($action == 'rules') |
---|
| 23 | { |
---|
| 24 | if ($pun_config['o_rules'] == '0' || ($pun_user['is_guest'] && $pun_user['g_read_board'] == '0' && $pun_config['o_regs_allow'] == '0')) |
---|
| 25 | message($lang_common['Bad request']); |
---|
| 26 | |
---|
| 27 | // Load the register.php language file |
---|
| 28 | require PUN_ROOT.'lang/'.$pun_user['language'].'/register.php'; |
---|
| 29 | |
---|
| 30 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_register['Forum rules']); |
---|
| 31 | define('PUN_ACTIVE_PAGE', 'rules'); |
---|
| 32 | require PUN_ROOT.'header.php'; |
---|
| 33 | |
---|
| 34 | ?> |
---|
| 35 | <div id="rules" class="block"> |
---|
| 36 | <div class="hd"><h2><span><?php echo $lang_register['Forum rules'] ?></span></h2></div> |
---|
| 37 | <div class="box"> |
---|
| 38 | <div id="rules-block" class="inbox"> |
---|
| 39 | <div class="usercontent"><?php echo $pun_config['o_rules_message'] ?></div> |
---|
| 40 | </div> |
---|
| 41 | </div> |
---|
| 42 | </div> |
---|
| 43 | <?php |
---|
| 44 | |
---|
| 45 | require PUN_ROOT.'footer.php'; |
---|
| 46 | } |
---|
| 47 | |
---|
| 48 | |
---|
| 49 | else if ($action == 'markread') |
---|
| 50 | { |
---|
| 51 | if ($pun_user['is_guest']) |
---|
| 52 | message($lang_common['No permission']); |
---|
| 53 | |
---|
| 54 | $db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user last visit data', __FILE__, __LINE__, $db->error()); |
---|
| 55 | |
---|
| 56 | // Reset tracked topics |
---|
| 57 | set_tracked_topics(null); |
---|
| 58 | |
---|
| 59 | redirect('index.php', $lang_misc['Mark read redirect']); |
---|
| 60 | } |
---|
| 61 | |
---|
| 62 | |
---|
| 63 | // Mark the topics/posts in a forum as read? |
---|
| 64 | else if ($action == 'markforumread') |
---|
| 65 | { |
---|
| 66 | if ($pun_user['is_guest']) |
---|
| 67 | message($lang_common['No permission']); |
---|
| 68 | |
---|
| 69 | $fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0; |
---|
| 70 | if ($fid < 1) |
---|
| 71 | message($lang_common['Bad request']); |
---|
| 72 | |
---|
| 73 | $tracked_topics = get_tracked_topics(); |
---|
| 74 | $tracked_topics['forums'][$fid] = time(); |
---|
| 75 | set_tracked_topics($tracked_topics); |
---|
| 76 | |
---|
| 77 | redirect('viewforum.php?id='.$fid, $lang_misc['Mark forum read redirect']); |
---|
| 78 | } |
---|
| 79 | |
---|
| 80 | |
---|
| 81 | else if (isset($_GET['email'])) |
---|
| 82 | { |
---|
| 83 | if ($pun_user['is_guest'] || $pun_user['g_send_email'] == '0') |
---|
| 84 | message($lang_common['No permission']); |
---|
| 85 | |
---|
| 86 | $recipient_id = intval($_GET['email']); |
---|
| 87 | if ($recipient_id < 2) |
---|
| 88 | message($lang_common['Bad request']); |
---|
| 89 | |
---|
| 90 | $result = $db->query('SELECT username, email, email_setting FROM '.$db->prefix.'users WHERE id='.$recipient_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
---|
| 91 | if (!$db->num_rows($result)) |
---|
| 92 | message($lang_common['Bad request']); |
---|
| 93 | |
---|
| 94 | list($recipient, $recipient_email, $email_setting) = $db->fetch_row($result); |
---|
| 95 | |
---|
| 96 | if ($email_setting == 2 && !$pun_user['is_admmod']) |
---|
| 97 | message($lang_misc['Form email disabled']); |
---|
| 98 | |
---|
| 99 | |
---|
| 100 | if (isset($_POST['form_sent'])) |
---|
| 101 | { |
---|
| 102 | // Clean up message and subject from POST |
---|
| 103 | $subject = pun_trim($_POST['req_subject']); |
---|
| 104 | $message = pun_trim($_POST['req_message']); |
---|
| 105 | |
---|
| 106 | if ($subject == '') |
---|
| 107 | message($lang_misc['No email subject']); |
---|
| 108 | else if ($message == '') |
---|
| 109 | message($lang_misc['No email message']); |
---|
| 110 | else if (pun_strlen($message) > PUN_MAX_POSTSIZE) |
---|
| 111 | message($lang_misc['Too long email message']); |
---|
| 112 | |
---|
| 113 | if ($pun_user['last_email_sent'] != '' && (time() - $pun_user['last_email_sent']) < $pun_user['g_email_flood'] && (time() - $pun_user['last_email_sent']) >= 0) |
---|
| 114 | message(sprintf($lang_misc['Email flood'], $pun_user['g_email_flood'])); |
---|
| 115 | |
---|
| 116 | // Load the "form email" template |
---|
| 117 | $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/form_email.tpl')); |
---|
| 118 | |
---|
| 119 | // The first row contains the subject |
---|
| 120 | $first_crlf = strpos($mail_tpl, "\n"); |
---|
| 121 | $mail_subject = pun_trim(substr($mail_tpl, 8, $first_crlf-8)); |
---|
| 122 | $mail_message = pun_trim(substr($mail_tpl, $first_crlf)); |
---|
| 123 | |
---|
| 124 | $mail_subject = str_replace('<mail_subject>', $subject, $mail_subject); |
---|
| 125 | $mail_message = str_replace('<sender>', $pun_user['username'], $mail_message); |
---|
| 126 | $mail_message = str_replace('<board_title>', $pun_config['o_board_title'], $mail_message); |
---|
| 127 | $mail_message = str_replace('<mail_message>', $message, $mail_message); |
---|
| 128 | $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message); |
---|
| 129 | |
---|
| 130 | require_once PUN_ROOT.'include/email.php'; |
---|
| 131 | |
---|
| 132 | pun_mail($recipient_email, $mail_subject, $mail_message, $pun_user['email'], $pun_user['username']); |
---|
| 133 | |
---|
| 134 | $db->query('UPDATE '.$db->prefix.'users SET last_email_sent='.time().' WHERE id='.$pun_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error()); |
---|
| 135 | |
---|
| 136 | redirect(htmlspecialchars($_POST['redirect_url']), $lang_misc['Email sent redirect']); |
---|
| 137 | } |
---|
| 138 | |
---|
| 139 | |
---|
| 140 | // Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the users profile after the email is sent) |
---|
| 141 | if (!empty($_SERVER['HTTP_REFERER'])) |
---|
| 142 | { |
---|
| 143 | $referrer = parse_url($_SERVER['HTTP_REFERER']); |
---|
| 144 | // Remove www subdomain if it exists |
---|
| 145 | if (strpos($referrer['host'], 'www.') === 0) |
---|
| 146 | $referrer['host'] = substr($referrer['host'], 4); |
---|
| 147 | |
---|
| 148 | $valid = parse_url(get_base_url()); |
---|
| 149 | // Remove www subdomain if it exists |
---|
| 150 | if (strpos($valid['host'], 'www.') === 0) |
---|
| 151 | $valid['host'] = substr($valid['host'], 4); |
---|
| 152 | |
---|
| 153 | if ($referrer['host'] == $valid['host'] && preg_match('%^'.preg_quote($valid['path'], '%').'/(.*?)\.php%i', $referrer['path'])) |
---|
| 154 | $redirect_url = $_SERVER['HTTP_REFERER']; |
---|
| 155 | } |
---|
| 156 | |
---|
| 157 | if (!isset($redirect_url)) |
---|
| 158 | $redirect_url = 'profile.php?id='.$recipient_id; |
---|
| 159 | |
---|
| 160 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_misc['Send email to'].' '.pun_htmlspecialchars($recipient)); |
---|
| 161 | $required_fields = array('req_subject' => $lang_misc['Email subject'], 'req_message' => $lang_misc['Email message']); |
---|
| 162 | $focus_element = array('email', 'req_subject'); |
---|
| 163 | define('PUN_ACTIVE_PAGE', 'index'); |
---|
| 164 | require PUN_ROOT.'header.php'; |
---|
| 165 | |
---|
| 166 | ?> |
---|
| 167 | <div id="emailform" class="blockform"> |
---|
| 168 | <h2><span><?php echo $lang_misc['Send email to'] ?> <?php echo pun_htmlspecialchars($recipient) ?></span></h2> |
---|
| 169 | <div class="box"> |
---|
| 170 | <form id="email" method="post" action="misc.php?email=<?php echo $recipient_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}"> |
---|
| 171 | <div class="inform"> |
---|
| 172 | <fieldset> |
---|
| 173 | <legend><?php echo $lang_misc['Write email'] ?></legend> |
---|
| 174 | <div class="infldset txtarea"> |
---|
| 175 | <input type="hidden" name="form_sent" value="1" /> |
---|
| 176 | <input type="hidden" name="redirect_url" value="<?php echo pun_htmlspecialchars($redirect_url) ?>" /> |
---|
| 177 | <label class="required"><strong><?php echo $lang_misc['Email subject'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /> |
---|
| 178 | <input class="longinput" type="text" name="req_subject" size="75" maxlength="70" tabindex="1" /><br /></label> |
---|
| 179 | <label class="required"><strong><?php echo $lang_misc['Email message'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /> |
---|
| 180 | <textarea name="req_message" rows="10" cols="75" tabindex="2"></textarea><br /></label> |
---|
| 181 | <p><?php echo $lang_misc['Email disclosure note'] ?></p> |
---|
| 182 | </div> |
---|
| 183 | </fieldset> |
---|
| 184 | </div> |
---|
| 185 | <p class="buttons"><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" tabindex="3" accesskey="s" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p> |
---|
| 186 | </form> |
---|
| 187 | </div> |
---|
| 188 | </div> |
---|
| 189 | <?php |
---|
| 190 | |
---|
| 191 | require PUN_ROOT.'footer.php'; |
---|
| 192 | } |
---|
| 193 | |
---|
| 194 | |
---|
| 195 | else if (isset($_GET['report'])) |
---|
| 196 | { |
---|
| 197 | if ($pun_user['is_guest']) |
---|
| 198 | message($lang_common['No permission']); |
---|
| 199 | |
---|
| 200 | $post_id = intval($_GET['report']); |
---|
| 201 | if ($post_id < 1) |
---|
| 202 | message($lang_common['Bad request']); |
---|
| 203 | |
---|
| 204 | if (isset($_POST['form_sent'])) |
---|
| 205 | { |
---|
| 206 | // Clean up reason from POST |
---|
| 207 | $reason = pun_linebreaks(pun_trim($_POST['req_reason'])); |
---|
| 208 | if ($reason == '') |
---|
| 209 | message($lang_misc['No reason']); |
---|
| 210 | else if (strlen($reason) > 65535) // TEXT field can only hold 65535 bytes |
---|
| 211 | message($lang_misc['Reason too long']); |
---|
| 212 | |
---|
| 213 | if ($pun_user['last_report_sent'] != '' && (time() - $pun_user['last_report_sent']) < $pun_user['g_report_flood'] && (time() - $pun_user['last_report_sent']) >= 0) |
---|
| 214 | message(sprintf($lang_misc['Report flood'], $pun_user['g_report_flood'])); |
---|
| 215 | |
---|
| 216 | // Get the topic ID |
---|
| 217 | $result = $db->query('SELECT topic_id FROM '.$db->prefix.'posts WHERE id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error()); |
---|
| 218 | if (!$db->num_rows($result)) |
---|
| 219 | message($lang_common['Bad request']); |
---|
| 220 | |
---|
| 221 | $topic_id = $db->result($result); |
---|
| 222 | |
---|
| 223 | // Get the subject and forum ID |
---|
| 224 | $result = $db->query('SELECT subject, forum_id FROM '.$db->prefix.'topics WHERE id='.$topic_id) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error()); |
---|
| 225 | if (!$db->num_rows($result)) |
---|
| 226 | message($lang_common['Bad request']); |
---|
| 227 | |
---|
| 228 | list($subject, $forum_id) = $db->fetch_row($result); |
---|
| 229 | |
---|
| 230 | // Should we use the internal report handling? |
---|
| 231 | if ($pun_config['o_report_method'] == '0' || $pun_config['o_report_method'] == '2') |
---|
| 232 | $db->query('INSERT INTO '.$db->prefix.'reports (post_id, topic_id, forum_id, reported_by, created, message) VALUES('.$post_id.', '.$topic_id.', '.$forum_id.', '.$pun_user['id'].', '.time().', \''.$db->escape($reason).'\')' ) or error('Unable to create report', __FILE__, __LINE__, $db->error()); |
---|
| 233 | |
---|
| 234 | // Should we email the report? |
---|
| 235 | if ($pun_config['o_report_method'] == '1' || $pun_config['o_report_method'] == '2') |
---|
| 236 | { |
---|
| 237 | // We send it to the complete mailing-list in one swoop |
---|
| 238 | if ($pun_config['o_mailing_list'] != '') |
---|
| 239 | { |
---|
| 240 | // Load the "new report" template |
---|
| 241 | $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/new_report.tpl')); |
---|
| 242 | |
---|
| 243 | // The first row contains the subject |
---|
| 244 | $first_crlf = strpos($mail_tpl, "\n"); |
---|
| 245 | $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8)); |
---|
| 246 | $mail_message = trim(substr($mail_tpl, $first_crlf)); |
---|
| 247 | |
---|
| 248 | $mail_subject = str_replace('<forum_id>', $forum_id, $mail_subject); |
---|
| 249 | $mail_subject = str_replace('<topic_subject>', $subject, $mail_subject); |
---|
| 250 | $mail_message = str_replace('<username>', $pun_user['username'], $mail_message); |
---|
| 251 | $mail_message = str_replace('<post_url>', get_base_url().'/viewtopic.php?pid='.$post_id.'#p'.$post_id, $mail_message); |
---|
| 252 | $mail_message = str_replace('<reason>', $reason, $mail_message); |
---|
| 253 | $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message); |
---|
| 254 | |
---|
| 255 | require PUN_ROOT.'include/email.php'; |
---|
| 256 | |
---|
| 257 | pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message); |
---|
| 258 | } |
---|
| 259 | } |
---|
| 260 | |
---|
| 261 | $db->query('UPDATE '.$db->prefix.'users SET last_report_sent='.time().' WHERE id='.$pun_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error()); |
---|
| 262 | |
---|
| 263 | redirect('viewtopic.php?pid='.$post_id.'#p'.$post_id, $lang_misc['Report redirect']); |
---|
| 264 | } |
---|
| 265 | |
---|
| 266 | // Fetch some info about the post, the topic and the forum |
---|
| 267 | $result = $db->query('SELECT f.id AS fid, f.forum_name, t.id AS tid, t.subject FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error()); |
---|
| 268 | if (!$db->num_rows($result)) |
---|
| 269 | message($lang_common['Bad request']); |
---|
| 270 | |
---|
| 271 | $cur_post = $db->fetch_assoc($result); |
---|
| 272 | |
---|
| 273 | if ($pun_config['o_censoring'] == '1') |
---|
| 274 | $cur_post['subject'] = censor_words($cur_post['subject']); |
---|
| 275 | |
---|
| 276 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_misc['Report post']); |
---|
| 277 | $required_fields = array('req_reason' => $lang_misc['Reason']); |
---|
| 278 | $focus_element = array('report', 'req_reason'); |
---|
| 279 | define('PUN_ACTIVE_PAGE', 'index'); |
---|
| 280 | require PUN_ROOT.'header.php'; |
---|
| 281 | |
---|
| 282 | ?> |
---|
| 283 | <div class="linkst"> |
---|
| 284 | <div class="inbox"> |
---|
| 285 | <ul class="crumbs"> |
---|
| 286 | <li><a href="index.php"><?php echo $lang_common['Index'] ?></a></li> |
---|
| 287 | <li><span>» </span><a href="viewforum.php?id=<?php echo $cur_post['fid'] ?>"><?php echo pun_htmlspecialchars($cur_post['forum_name']) ?></a></li> |
---|
| 288 | <li><span>» </span><a href="viewtopic.php?pid=<?php echo $post_id ?>#p<?php echo $post_id ?>"><?php echo pun_htmlspecialchars($cur_post['subject']) ?></a></li> |
---|
| 289 | <li><span>» </span><strong><?php echo $lang_misc['Report post'] ?></strong></li> |
---|
| 290 | </ul> |
---|
| 291 | </div> |
---|
| 292 | </div> |
---|
| 293 | |
---|
| 294 | <div id="reportform" class="blockform"> |
---|
| 295 | <h2><span><?php echo $lang_misc['Report post'] ?></span></h2> |
---|
| 296 | <div class="box"> |
---|
| 297 | <form id="report" method="post" action="misc.php?report=<?php echo $post_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}"> |
---|
| 298 | <div class="inform"> |
---|
| 299 | <fieldset> |
---|
| 300 | <legend><?php echo $lang_misc['Reason desc'] ?></legend> |
---|
| 301 | <div class="infldset txtarea"> |
---|
| 302 | <input type="hidden" name="form_sent" value="1" /> |
---|
| 303 | <label class="required"><strong><?php echo $lang_misc['Reason'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><textarea name="req_reason" rows="5" cols="60"></textarea><br /></label> |
---|
| 304 | </div> |
---|
| 305 | </fieldset> |
---|
| 306 | </div> |
---|
| 307 | <p class="buttons"><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" accesskey="s" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p> |
---|
| 308 | </form> |
---|
| 309 | </div> |
---|
| 310 | </div> |
---|
| 311 | <?php |
---|
| 312 | |
---|
| 313 | require PUN_ROOT.'footer.php'; |
---|
| 314 | } |
---|
| 315 | |
---|
| 316 | |
---|
| 317 | else if ($action == 'subscribe') |
---|
| 318 | { |
---|
| 319 | if ($pun_user['is_guest']) |
---|
| 320 | message($lang_common['No permission']); |
---|
| 321 | |
---|
| 322 | $topic_id = isset($_GET['tid']) ? intval($_GET['tid']) : 0; |
---|
| 323 | $forum_id = isset($_GET['fid']) ? intval($_GET['fid']) : 0; |
---|
| 324 | if ($topic_id < 1 && $forum_id < 1) |
---|
| 325 | message($lang_common['Bad request']); |
---|
| 326 | |
---|
| 327 | if ($topic_id) |
---|
| 328 | { |
---|
| 329 | if ($pun_config['o_topic_subscriptions'] != '1') |
---|
| 330 | message($lang_common['No permission']); |
---|
| 331 | |
---|
| 332 | // Make sure the user can view the topic |
---|
| 333 | $result = $db->query('SELECT 1 FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$topic_id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error()); |
---|
| 334 | if (!$db->num_rows($result)) |
---|
| 335 | message($lang_common['Bad request']); |
---|
| 336 | |
---|
| 337 | $result = $db->query('SELECT 1 FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error()); |
---|
| 338 | if ($db->num_rows($result)) |
---|
| 339 | message($lang_misc['Already subscribed topic']); |
---|
| 340 | |
---|
| 341 | $db->query('INSERT INTO '.$db->prefix.'topic_subscriptions (user_id, topic_id) VALUES('.$pun_user['id'].' ,'.$topic_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error()); |
---|
| 342 | |
---|
| 343 | redirect('viewtopic.php?id='.$topic_id, $lang_misc['Subscribe redirect']); |
---|
| 344 | } |
---|
| 345 | |
---|
| 346 | if ($forum_id) |
---|
| 347 | { |
---|
| 348 | if ($pun_config['o_forum_subscriptions'] != '1') |
---|
| 349 | message($lang_common['No permission']); |
---|
| 350 | |
---|
| 351 | // Make sure the user can view the forum |
---|
| 352 | $result = $db->query('SELECT 1 FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$forum_id) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error()); |
---|
| 353 | if (!$db->num_rows($result)) |
---|
| 354 | message($lang_common['Bad request']); |
---|
| 355 | |
---|
| 356 | $result = $db->query('SELECT 1 FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$pun_user['id'].' AND forum_id='.$forum_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error()); |
---|
| 357 | if ($db->num_rows($result)) |
---|
| 358 | message($lang_misc['Already subscribed forum']); |
---|
| 359 | |
---|
| 360 | $db->query('INSERT INTO '.$db->prefix.'forum_subscriptions (user_id, forum_id) VALUES('.$pun_user['id'].' ,'.$forum_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error()); |
---|
| 361 | |
---|
| 362 | redirect('viewforum.php?id='.$forum_id, $lang_misc['Subscribe redirect']); |
---|
| 363 | } |
---|
| 364 | } |
---|
| 365 | |
---|
| 366 | |
---|
| 367 | else if ($action == 'unsubscribe') |
---|
| 368 | { |
---|
| 369 | if ($pun_user['is_guest']) |
---|
| 370 | message($lang_common['No permission']); |
---|
| 371 | |
---|
| 372 | $topic_id = isset($_GET['tid']) ? intval($_GET['tid']) : 0; |
---|
| 373 | $forum_id = isset($_GET['fid']) ? intval($_GET['fid']) : 0; |
---|
| 374 | if ($topic_id < 1 && $forum_id < 1) |
---|
| 375 | message($lang_common['Bad request']); |
---|
| 376 | |
---|
| 377 | if ($topic_id) |
---|
| 378 | { |
---|
| 379 | if ($pun_config['o_topic_subscriptions'] != '1') |
---|
| 380 | message($lang_common['No permission']); |
---|
| 381 | |
---|
| 382 | $result = $db->query('SELECT 1 FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error()); |
---|
| 383 | if (!$db->num_rows($result)) |
---|
| 384 | message($lang_misc['Not subscribed topic']); |
---|
| 385 | |
---|
| 386 | $db->query('DELETE FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to remove subscription', __FILE__, __LINE__, $db->error()); |
---|
| 387 | |
---|
| 388 | redirect('viewtopic.php?id='.$topic_id, $lang_misc['Unsubscribe redirect']); |
---|
| 389 | } |
---|
| 390 | |
---|
| 391 | if ($forum_id) |
---|
| 392 | { |
---|
| 393 | if ($pun_config['o_forum_subscriptions'] != '1') |
---|
| 394 | message($lang_common['No permission']); |
---|
| 395 | |
---|
| 396 | $result = $db->query('SELECT 1 FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$pun_user['id'].' AND forum_id='.$forum_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error()); |
---|
| 397 | if (!$db->num_rows($result)) |
---|
| 398 | message($lang_misc['Not subscribed forum']); |
---|
| 399 | |
---|
| 400 | $db->query('DELETE FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$pun_user['id'].' AND forum_id='.$forum_id) or error('Unable to remove subscription', __FILE__, __LINE__, $db->error()); |
---|
| 401 | |
---|
| 402 | redirect('viewforum.php?id='.$forum_id, $lang_misc['Unsubscribe redirect']); |
---|
| 403 | } |
---|
| 404 | } |
---|
| 405 | |
---|
| 406 | |
---|
| 407 | else |
---|
| 408 | message($lang_common['Bad request']); |
---|