mirror of
synced 2025-02-01 11:01:37 +00:00
594 lines
21 KiB
594 lines
21 KiB
//TODO: Normalize thread_*_info don't need to waste all that ram on things that are already in other caches
/**********|| Page to show individual threads || ********************************\
Things to expect in $_GET:
ThreadID: ID of the forum curently being browsed
page: The page the user's on.
page = 1 is the same as no page
//---------- Things to sort out before it can start printing/generating content
$Text = new TEXT(true);
// Check for lame SQL injection attempts
if(!isset($_GET['threadid']) || !is_number($_GET['threadid'])) {
if(isset($_GET['topicid']) && is_number($_GET['topicid'])) {
$ThreadID = $_GET['topicid'];
elseif(isset($_GET['postid']) && is_number($_GET['postid'])) {
$DB->query("SELECT TopicID FROM forums_posts WHERE ID = $_GET[postid]");
list($ThreadID) = $DB->next_record();
if($ThreadID) {
header("Location: forums.php?action=viewthread&threadid=$ThreadID&postid=$_GET[postid]#post$_GET[postid]");
} else {
} else {
} else {
$ThreadID = $_GET['threadid'];
if (isset($LoggedUser['PostsPerPage'])) {
$PerPage = $LoggedUser['PostsPerPage'];
} else {
//---------- Get some data to start processing
// Thread information, constant across all pages
$ThreadInfo = get_thread_info($ThreadID, true, true);
$ForumID = $ThreadInfo['ForumID'];
// Make sure they're allowed to look at the page
if(!check_forumperm($ForumID)) {
//Escape strings for later display
$ThreadTitle = display_str($ThreadInfo['Title']);
$ForumName = display_str($Forums[$ForumID]['Name']);
//Post links utilize the catalogue & key params to prevent issues with custom posts per page
if($ThreadInfo['Posts'] > $PerPage) {
if(isset($_GET['post']) && is_number($_GET['post'])) {
$PostNum = $_GET['post'];
} elseif(isset($_GET['postid']) && is_number($_GET['postid']) && $_GET['postid'] != $ThreadInfo['StickyPostID']) {
$SQL = "SELECT COUNT(ID) FROM forums_posts WHERE TopicID = $ThreadID AND ID <= $_GET[postid]";
if ($ThreadInfo['StickyPostID'] < $_GET['postid']) {
$SQL .= " AND ID != $ThreadInfo[StickyPostID]";
list($PostNum) = $DB->next_record();
} else {
$PostNum = 1;
} else {
$PostNum = 1;
list($Page,$Limit) = Format::page_limit($PerPage, min($ThreadInfo['Posts'],$PostNum));
if(($Page-1)*$PerPage > $ThreadInfo['Posts']) {
$Page = ceil($ThreadInfo['Posts']/$PerPage);
list($CatalogueID,$CatalogueLimit) = Format::catalogue_limit($Page,$PerPage,THREAD_CATALOGUE);
// Cache catalogue from which the page is selected, allows block caches and future ability to specify posts per page
if(!$Catalogue = $Cache->get_value('thread_'.$ThreadID.'_catalogue_'.$CatalogueID)) {
FROM forums_posts as p
LEFT JOIN users_main AS ed ON ed.ID = p.EditedUserID
WHERE p.TopicID = '$ThreadID' AND p.ID != '".$ThreadInfo['StickyPostID']."'
LIMIT $CatalogueLimit");
$Catalogue = $DB->to_array(false,MYSQLI_ASSOC);
if (!$ThreadInfo['IsLocked'] || $ThreadInfo['IsSticky']) {
$Cache->cache_value('thread_'.$ThreadID.'_catalogue_'.$CatalogueID, $Catalogue, 0);
$Thread = Format::catalogue_select($Catalogue,$Page,$PerPage,THREAD_CATALOGUE);
if($_GET['updatelastread'] != '0') {
$LastPost = end($Thread);
$LastPost = $LastPost['ID'];
if($ThreadInfo['Posts'] <= $PerPage*$Page && $ThreadInfo['StickyPostID'] > $LastPost) {
$LastPost = $ThreadInfo['StickyPostID'];
//Handle last read
if (!$ThreadInfo['IsLocked'] || $ThreadInfo['IsSticky']) {
$DB->query("SELECT PostID From forums_last_read_topics WHERE UserID='$LoggedUser[ID]' AND TopicID='$ThreadID'");
list($LastRead) = $DB->next_record();
if($LastRead < $LastPost) {
$DB->query("INSERT INTO forums_last_read_topics
(UserID, TopicID, PostID) VALUES
('$LoggedUser[ID]', '".$ThreadID ."', '".db_string($LastPost)."')
//Handle subscriptions
if(($UserSubscriptions = $Cache->get_value('subscriptions_user_'.$LoggedUser['ID'])) === FALSE) {
$DB->query("SELECT TopicID FROM users_subscriptions WHERE UserID = '$LoggedUser[ID]'");
$UserSubscriptions = $DB->collect(0);
if(empty($UserSubscriptions)) {
$UserSubscriptions = array();
if(in_array($ThreadID, $UserSubscriptions)) {
$DB->query("UPDATE users_notify_quoted SET UnRead = '0' WHERE UserID = '$LoggedUser[ID]' AND TopicID = '$ThreadID'");
$Cache->delete_value('forums_quotes_' . $LoggedUser['ID']);
$QuoteNotificationsCount = $Cache->get_value('forums_quotes_' . $LoggedUser['ID']);
if ($QuoteNotificationsCount > 0) {
$Cache->cache_value('forums_quotes_' . $LoggedUser['ID'], $QuoteNotificationsCount - 1, 0);
} else {
$Cache->delete_value('forums_quotes_' . $LoggedUser['ID']);
// Start printing
View::show_header($ThreadInfo['Title'] . ' < '.$Forums[$ForumID]['Name'].' < '. 'Forums','comments,subscriptions,bbcode,jquery');
<div class="thin">
<a href="forums.php">Forums</a> >
<a href="forums.php?action=viewforum&forumid=<?=$ThreadInfo['ForumID']?>"><?=$ForumName?></a> >
<div class="linkbox">
<div class="center">
<a href="reports.php?action=report&type=thread&id=<?=$ThreadID?>" class="brackets">Report Thread</a>
<a href="#" onclick="Subscribe(<?=$ThreadID?>);return false;" id="subscribelink<?=$ThreadID?>" class="brackets"><?=(in_array($ThreadID, $UserSubscriptions) ? 'Unsubscribe' : 'Subscribe')?></a>
<a href="#" class="brackets" onclick="$('#searchthread').toggle(); this.innerHTML = (this.innerHTML == 'Search this Thread'?'Hide Search':'Search this Thread'); return false;">Search this Thread</a>
<div id="searchthread" class="hidden center">
<div style="display: inline-block;">
<h3>Search this thread:</h3>
<form class="search_form" name="forum_thread" action="forums.php" method="get">
<table cellpadding="6" cellspacing="1" border="0" class="layout border">
<td><strong>Search for:</strong></td>
<td><input type="text" id="searchbox" name="search" size="70" /></td>
<td><input type="text" id="username" name="user" size="70" /></td>
<td colspan="2" style="text-align: center">
<input type="hidden" name="action" value="search" />
<input type="hidden" name="threadid" value="<?=$ThreadID?>" />
<input type="submit" name="submit" value="Search" />
<br />
echo $Pages;
if ($ThreadInfo['NoPoll'] == 0) {
if (!list($Question,$Answers,$Votes,$Featured,$Closed) = $Cache->get_value('polls_'.$ThreadID)) {
$DB->query("SELECT Question, Answers, Featured, Closed FROM forums_polls WHERE TopicID='".$ThreadID."'");
list($Question, $Answers, $Featured, $Closed) = $DB->next_record(MYSQLI_NUM, array(1));
$Answers = unserialize($Answers);
$DB->query("SELECT Vote, COUNT(UserID) FROM forums_polls_votes WHERE TopicID='$ThreadID' GROUP BY Vote");
$VoteArray = $DB->to_array(false, MYSQLI_NUM);
$Votes = array();
foreach ($VoteArray as $VoteSet) {
list($Key,$Value) = $VoteSet;
$Votes[$Key] = $Value;
foreach(array_keys($Answers) as $i) {
if (!isset($Votes[$i])) {
$Votes[$i] = 0;
$Cache->cache_value('polls_'.$ThreadID, array($Question,$Answers,$Votes,$Featured,$Closed), 0);
if (!empty($Votes)) {
$TotalVotes = array_sum($Votes);
$MaxVotes = max($Votes);
} else {
$TotalVotes = 0;
$MaxVotes = 0;
$RevealVoters = in_array($ForumID, $ForumsRevealVoters);
//Polls lose the you voted arrow thingy
$DB->query("SELECT Vote FROM forums_polls_votes WHERE UserID='".$LoggedUser['ID']."' AND TopicID='$ThreadID'");
list($UserResponse) = $DB->next_record();
if (!empty($UserResponse) && $UserResponse != 0) {
$Answers[$UserResponse] = '» '.$Answers[$UserResponse];
} else {
if(!empty($UserResponse) && $RevealVoters) {
$Answers[$UserResponse] = '» '.$Answers[$UserResponse];
<div class="box thin clear">
<div class="head colhead_dark"><strong>Poll<? if ($Closed) { echo ' [Closed]'; } ?><? if ($Featured && $Featured !== '0000-00-00 00:00:00') { echo ' [Featured]'; } ?></strong> <a href="#" onclick="$('#threadpoll').toggle();log_hit();return false;">(View)</a></div>
<div class="pad<? if (/*$LastRead !== null || */$ThreadInfo['IsLocked']) { echo ' hidden'; } ?>" id="threadpoll">
<? if ($UserResponse !== null || $Closed || $ThreadInfo['IsLocked'] || !check_forumperm($ForumID)) { ?>
<ul class="poll nobullet">
if(!$RevealVoters) {
foreach($Answers as $i => $Answer) {
if (!empty($Votes[$i]) && $TotalVotes > 0) {
$Ratio = $Votes[$i]/$MaxVotes;
$Percent = $Votes[$i]/$TotalVotes;
} else {
<li><?=display_str($Answer)?> (<?=number_format($Percent*100,2)?>%)</li>
<li class="graph">
<span class="left_poll"></span>
<span class="center_poll" style="width:<?=round($Ratio*750)?>px;"></span>
<span class="right_poll"></span>
<? }
if ($Votes[0] > 0) {
<li>(Blank) (<?=number_format((float)($Votes[0]/$TotalVotes*100),2)?>%)</li>
<li class="graph">
<span class="left_poll"></span>
<span class="center_poll" style="width:<?=round(($Votes[0]/$MaxVotes)*750)?>px;"></span>
<span class="right_poll"></span>
<? } ?>
<br />
<strong>Votes:</strong> <?=number_format($TotalVotes)?><br /><br />
} else {
//Staff forum, output voters, not percentages
$Staff = get_staff();
$StaffNames = array();
foreach($Staff as $Staffer) {
$StaffNames[] = $Staffer['Username'];
$DB->query("SELECT fpv.Vote AS Vote,
FROM users_main AS um
LEFT JOIN forums_polls_votes AS fpv ON um.ID = fpv.UserID
WHERE TopicID = ".$ThreadID."
GROUP BY fpv.Vote");
$StaffVotesTmp = $DB->to_array();
$StaffCount = count($StaffNames);
$StaffVotes = array();
foreach($StaffVotesTmp as $StaffVote) {
list($Vote, $Names) = $StaffVote;
$StaffVotes[$Vote] = $Names;
$Names = explode(", ", $Names);
$StaffNames = array_diff($StaffNames, $Names);
?> <ul style="list-style: none;" id="poll_options">
foreach($Answers as $i => $Answer) {
<a href="forums.php?action=change_vote&threadid=<?=$ThreadID?>&auth=<?=$LoggedUser['AuthKey']?>&vote=<?=(int) $i?>"><?=display_str($Answer == '' ? "Blank" : $Answer)?></a>
- <?=$StaffVotes[$i]?> (<?=number_format(((float) $Votes[$i]/$TotalVotes)*100, 2)?>%)
[<a href="forums.php?action=delete_poll_option&threadid=<?=$ThreadID?>&auth=<?=$LoggedUser['AuthKey']?>&vote=<?=(int) $i?>">X</a>]
<? } ?>
<li><a href="forums.php?action=change_vote&threadid=<?=$ThreadID?>&auth=<?=$LoggedUser['AuthKey']?>&vote=0">Blank</a> - <?=$StaffVotes[0]?> (<?=number_format(((float) $Votes[0]/$TotalVotes)*100, 2)?>%)</li>
if($ForumID == STAFF_FORUM) {
<br />
<strong>Votes:</strong> <?=number_format($TotalVotes)?> / <?=$StaffCount ?>
<br />
<strong>Missing Votes:</strong> <?=implode(", ", $StaffNames)?>
<br /><br />
[<a href="#" onclick="AddPollOption(<?=$ThreadID?>); return false;">+</a>]
} else {
//User has not voted
<div id="poll_container">
<form class="vote_form" name="poll" id="poll" action="">
<input type="hidden" name="action" value="poll" />
<input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
<input type="hidden" name="large" value="1" />
<input type="hidden" name="topicid" value="<?=$ThreadID?>" />
<ul style="list-style: none;" id="poll_options">
<? foreach($Answers as $i => $Answer) { //for ($i = 1, $il = count($Answers); $i <= $il; $i++) { ?>
<input type="radio" name="vote" id="answer_<?=$i?>" value="<?=$i?>" />
<label for="answer_<?=$i?>"><?=display_str($Answer)?></label>
<? } ?>
<br />
<input type="radio" name="vote" id="answer_0" value="0" /> <label for="answer_0">Blank - Show the results!</label><br />
<? if($ForumID == STAFF_FORUM) { ?>
[<a href="#" onclick="AddPollOption(<?=$ThreadID?>); return false;">+</a>]
<br />
<br />
<? } ?>
<input type="button" style="float: left;" onclick="ajax.post('index.php','poll',function(response){$('#poll_container').raw().innerHTML = response});" value="Vote" />
<? } ?>
<? if(check_perms('forums_polls_moderate') && !$RevealVoters) {
if (!$Featured || $Featured == '0000-00-00 00:00:00') {
<form class="manage_form" name="poll" action="forums.php" method="post">
<input type="hidden" name="action" value="poll_mod" />
<input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
<input type="hidden" name="topicid" value="<?=$ThreadID?>" />
<input type="hidden" name="feature" value="1" />
<input type="submit" style="float: left;" onclick="return confirm('Are you sure you want to feature this poll?');" value="Feature" />
<? } ?>
<form class="manage_form" name="poll" action="forums.php" method="post">
<input type="hidden" name="action" value="poll_mod" />
<input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
<input type="hidden" name="topicid" value="<?=$ThreadID?>" />
<input type="hidden" name="close" value="1" />
<input type="submit" style="float: left;" value="<?=(!$Closed ? 'Close' : 'Open')?>" />
<? } ?>
} //End Polls
//Sqeeze in stickypost
if($ThreadInfo['StickyPostID']) {
if($ThreadInfo['StickyPostID'] != $Thread[0]['ID']) {
array_unshift($Thread, $ThreadInfo['StickyPost']);
if($ThreadInfo['StickyPostID'] != $Thread[count($Thread)-1]['ID']) {
$Thread[] = $ThreadInfo['StickyPost'];
foreach ($Thread as $Key => $Post) {
list($PostID, $AuthorID, $AddedTime, $Body, $EditedUserID, $EditedTime, $EditedUsername) = array_values($Post);
list($AuthorID, $Username, $PermissionID, $Paranoia, $Artist, $Donor, $Warned, $Avatar, $Enabled, $UserTitle) = array_values(Users::user_info($AuthorID));
<table class="forum_post box vertical_margin<?
if (((!$ThreadInfo['IsLocked'] || $ThreadInfo['IsSticky']) && $PostID>$LastRead && strtotime($AddedTime)>$LoggedUser['CatchupTime']) || (isset($RequestKey) && $Key==$RequestKey)) {
echo ' forum_unread';
if (!Users::has_avatars_enabled()) {
echo ' noavatar';
if ($ThreadInfo['OP'] == $AuthorID) {
echo ' important_user';
if ($PostID == $ThreadInfo['StickyPostID']) {
echo ' sticky_post';
} ?>" id="post<?=$PostID?>">
<? if (Users::has_avatars_enabled()) { ?>
<col class="col_avatar" />
<? } ?>
<col class="col_post_body" />
<tr class="colhead_dark">
<td colspan="<?=Users::has_avatars_enabled() ? 2 : 1?>">
<div style="float:left;"><a class="post_id" href="forums.php?action=viewthread&threadid=<?=$ThreadID?>&postid=<?=$PostID?>#post<?=$PostID?>">#<?=$PostID?></a>
<?=Users::format_username($AuthorID, true, true, true, true, true)?>
<? if (!$ThreadInfo['IsLocked'] || check_perms('site_moderate_forums')) { ?>
- [<a href="#quickpost" onclick="Quote('<?=$PostID?>','<?=$Username?>', true);">Quote</a>]
<? }
if ((!$ThreadInfo['IsLocked'] && check_forumperm($ForumID, 'Write') && $AuthorID == $LoggedUser['ID']) || check_perms('site_moderate_forums')) { ?>
- [<a href="#post<?=$PostID?>" onclick="Edit_Form('<?=$PostID?>','<?=$Key?>');">Edit</a>]
<? }
if(check_perms('site_admin_forums') && $ThreadInfo['Posts'] > 1) { ?>
- [<a href="#post<?=$PostID?>" onclick="Delete('<?=$PostID?>');">Delete</a>]
<? }
if($PostID == $ThreadInfo['StickyPostID']) { ?>
<strong><span class="sticky_post_label">[Sticky]</span></strong>
<? if(check_perms('site_moderate_forums')) { ?>
- [<a href="forums.php?action=sticky_post&threadid=<?=$ThreadID?>&postid=<?=$PostID?>&remove=true&auth=<?=$LoggedUser['AuthKey']?>" >X</a>]
<? }
} else {
if(check_perms('site_moderate_forums')) { ?>
- [<a href="forums.php?action=sticky_post&threadid=<?=$ThreadID?>&postid=<?=$PostID?>&auth=<?=$LoggedUser['AuthKey']?>" >⇕</a>]
<? }
<div id="bar<?=$PostID?>" style="float:right;">
[<a href="reports.php?action=report&type=post&id=<?=$PostID?>">Report</a>]
<? if (check_perms('users_warn') && $AuthorID != $LoggedUser['ID']) {
$AuthorInfo = Users::user_info($AuthorID);
if($LoggedUser['Class'] >= $AuthorInfo['Class']) {
<form class="manage_form hidden" name="user" id="warn<?=$PostID?>" action="" method="post">
<input type="hidden" name="action" value="warn" />
<input type="hidden" name="postid" value="<?=$PostID?>" />
<input type="hidden" name="userid" value="<?=$AuthorID?>" />
<input type="hidden" name="key" value="<?=$Key?>" />
- [<a href="#" onclick="$('#warn<?=$PostID?>').raw().submit(); return false;">Warn</a>]
<? }
<a href="#">↑</a>
<? if (Users::has_avatars_enabled()) { ?>
<td class="avatar" valign="top">
<?=Users::show_avatar($Avatar, $Username, $HeavyInfo['DisableAvatars'])?>
<? } ?>
<td class="body" valign="top"<? if(!Users::has_avatars_enabled()) { echo ' colspan="2"'; } ?>>
<div id="content<?=$PostID?>">
<?=$Text->full_format($Body) ?>
<? if ($EditedUserID) { ?>
<br />
<br />
<? if(check_perms('site_admin_forums')) { ?>
<a href="#content<?=$PostID?>" onclick="LoadEdit('forums', <?=$PostID?>, 1); return false;">«</a>
<? } ?>
Last edited by
<?=Users::format_username($EditedUserID, false, false, false) ?> <?=time_diff($EditedTime,2,true,true)?>
<? } ?>
<? } ?>
<div class="breadcrumbs">
<a href="forums.php">Forums</a> >
<a href="forums.php?action=viewforum&forumid=<?=$ThreadInfo['ForumID']?>"><?=$ForumName?></a> >
<div class="linkbox">
if (!$ThreadInfo['IsLocked'] || check_perms('site_moderate_forums')) {
if(check_forumperm($ForumID, 'Write') && !$LoggedUser['DisablePosting']) {
View::parse('generic/reply/quickreply.php', array(
'InputTitle' => 'Post reply',
'InputName' => 'thread',
'InputID' => $ThreadID,
'ForumID' => $ForumID,
'TextareaCols' => 90
if(check_perms('site_moderate_forums')) {
<br />
<h3>Edit thread</h3>
<form class="edit_form" name="forum_thread" action="forums.php" method="post">
<input type="hidden" name="action" value="mod_thread" />
<input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
<input type="hidden" name="threadid" value="<?=$ThreadID?>" />
<input type="hidden" name="page" value="<?=$Page?>" />
<input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
<table cellpadding="6" cellspacing="1" border="0" width="100%" class="layout border">
<td class="label">Sticky</td>
<input type="checkbox" name="sticky"<? if($ThreadInfo['IsSticky']) { echo ' checked="checked"'; } ?> tabindex="2" />
<td class="label">Locked</td>
<input type="checkbox" name="locked"<? if($ThreadInfo['IsLocked']) { echo ' checked="checked"'; } ?> tabindex="2" />
<td class="label">Title</td>
<input type="text" name="title" style="width: 75%;" value="<?=display_str($ThreadInfo['Title'])?>" tabindex="2" />
<td class="label">Move thread</td>
<select name="forumid" tabindex="2">
$OpenGroup = false;
$LastCategoryID = -1;
foreach ($Forums as $Forum) {
if ($Forum['MinClassRead'] > $LoggedUser['Class']) {
if ($Forum['CategoryID'] != $LastCategoryID) {
$LastCategoryID = $Forum['CategoryID'];
if($OpenGroup) { ?>
<? } ?>
<optgroup label="<?=$ForumCats[$Forum['CategoryID']]?>">
<? $OpenGroup = true;
<option value="<?=$Forum['ID']?>"<? if($ThreadInfo['ForumID'] == $Forum['ID']) { echo ' selected="selected"';} ?>><?=display_str($Forum['Name'])?></option>
<? } ?>
<? if(check_perms('site_admin_forums')) { ?>
<td class="label">Delete thread</td>
<input type="checkbox" name="delete" tabindex="2" />
<? } ?>
<td colspan="2" class="center">
<input type="submit" value="Edit thread" tabindex="2" />
} // If user is moderator
<? View::show_footer();