Location: PHPKode > scripts > MobileBB > mobilebb_2.9.7/mobilebb/vtopic.php
<?
// ORDER BY topic_sticky DESC, topic_create_dt DESC LIMIT $startfrom,$topicsperpage
if(!isset($_GET['id'])) $_GET["id"]='0';
$id=substr($_GET["id"],0,7);

echo get_topic_path($id);

$topic_locked = true;
$error = false;
$submit_parm = '';
if (isset($_POST['reply_message'])) $reply_message=$_POST['reply_message']; else $reply_message='';
if (isset($_POST['reply_submit']) && $user_level>=3 && is_numeric($_POST['reply_parent_id']) && $_POST['seccodeverify']=='')
	{
	if (strlen($reply_message)>$spam_maxpostlength || strlen($reply_message)<10) { $error='Message is too short.'; goto register;}
	if (preg_match("/\<|\>/si",$reply_message) && $user_level<9) { $error='HTML is not allowed.'; goto register;}
	if (preg_match_all("/http/si",$reply_message)>3 && $user_level<9) { $error='HTML HTTP is not allowed.'; goto register;}
	if (preg_match('#\b[0-9A-Za-z_]{'.$spam_maxwordlength.',}\b#s',$reply_message)!=0) { $error='Some words are too long ( maxwordlength ).'; goto register;}
	if (is_topiclocked($id) == TRUE && $user_level<9 ) { $error='Topic is locked.'; goto register;}
	$spam_words_flat = implode('|', $spam_words);
	if (preg_match('/'. $spam_words_flat .'/', $reply_message)) { $error='Blacklisted word.'; goto register;} 
	if ($spam_sec_num == true ) {
		if (chr(substr($_POST['spam_sec_num2'],0,2)) + date("h") != substr($_POST['spam_sec_num3'],0,2 + date("h")) ) { $error='Wrong calculation.'; goto register; }	// if POST spam_sec condition
		}	// if spam_sec num
	if ($error== false )	// if for PHP<5.3
		{
		mysql_query("INSERT INTO board_comments
			(post_parent_id,post_author_id,post_author_ip,post_create_dt,post_text)
			values ('".$id."','".$user_id."','".$user_ip."','".time()."','".$reply_message."')
		") or die(mysql_error()); 
		mysql_query("UPDATE board_topics SET `topic_lastpost_dt`='".time()."',`topic_numreplies` = `topic_numreplies` + 1 where `topic_id`='".$id."' limit 1") or die(mysql_error()); 
		mysql_query("UPDATE board_users SET `user_numposts`=`user_numposts` + 1,`user_lastaction_dt`='".time()."'  where `user_email`='".$user_email."' limit 1") or die(mysql_error()); 
		if ($subscribe == true )
			{
			$result= mysql_query("SELECT DISTINCT(`post_author_id`),board_users.user_email from board_comments left join board_users on `board_comments`.`post_author_id`=`board_users`.`user_id` where `post_parent_id`='".$id."'") or die(mysql_error());
			while($row = mysql_fetch_assoc($result))
				{			
				sendmail($row['user_email'],$board_title.' - '.$lang['reply'],$forum_home."?action=vtopic&email=".$id,'');
				}	// while row assoc
			}	// subscribe
		$submit_parm = 'disabled';
		}	// if error==false
	}	// if submit
// Post new topic end
register:



if ($id!=0)
	{
	$result = mysql_query("SELECT * from board_topics WHERE topic_id='$id' limit 1") or die(mysql_error()); 
		while($row = mysql_fetch_assoc($result))
		{
		if ($row['topic_locked']==0) $topic_locked = false;		
		mysql_query("UPDATE board_topics SET `topic_numviews` = `topic_numviews` + 1 where `topic_id`='".$id."' limit 1") or die(mysql_error()); 
		echo "<div class='comment'><h1>".$row['topic_title']."</h1></div>";
//			<div class='disabled'>".date("Y-m-d H:i",$row['topic_create_dt'])." by ".get_username($row['topic_poster_id'])."</div></div>";
		}	// while row 

	$row_number=0;
	$result = mysql_query("SELECT * from board_comments WHERE post_parent_id='$id' order by post_create_dt asc limit 99") or die(mysql_error()); 
		while($row = mysql_fetch_assoc($result))
		{
		$row_color = !$row_color;
		echo "<div class='".$row_colors[$row_color]."'>";
//		print_r ($row);
		echo ''.nl2br($row['post_text']).'';
		echo "<br><strong class=disabled>".$lang['author'].' '.get_username($row['post_author_id'])." @ ".date("Y-m-d H:i",$row['post_create_dt']).'</strong>';
		if ($user_level==9) echo "<a href='?action=admin&action2=edit_post&id=".$row['post_id']."'>EDIT</a> ";
		echo "<br></div>";

		if ( $ads_intopic == true && mysql_num_rows($result)>1 && $row_number == 0)
			{
			$row_color = !$row_color;
			echo "<div class='".$row_colors[$row_color]."'>";
			include './include/ads_intopic.php';
			echo "</div>";
			}	// ads includer		
		
		$row_number ++;
		}	// while row
	}

echo '<br><br>';
// Reply box section
if ($id!=0)
	{
	echo "<div class=newreply>";
	if  ($user_level<3 || $topic_locked == true)
		{
		echo "<div class='error'>Your account doesn't have privileges to comment.</div><br>";
		} else
		{
		echo "<div class='group'>".$lang['reply']."</div></br>";
		if ($error) echo "<div class='error'>$error</div><br>";
		echo "<form method=post>
		Message:<br>
		<textarea name=reply_message rows=6 ".$submit_parm.">".$reply_message."</textarea><br><br>";
		if ($subscribe == true) echo $lang['subscribe'].'<input type=checkbox checked disabled><br>';
		if ($spam_sec_num == true )
			{
			$spam_sec_num1= date ("h");
			$spam_sec_num2= rand (1,9);
			echo $spam_sec_num2." + ".$spam_sec_num1." = ? <input type=tel size=4 name='spam_sec_num3' ".$submit_parm."><input type=hidden name='spam_sec_num2' value='".ord($spam_sec_num2)."'><br><br>";
			}	// if spam_sec_num
		echo"
		<input type=submit name='reply_submit' value='submit' ".$submit_parm.">
		<input type=hidden name='reply_parent_id' value='".$id."'>";
		echo "<input id=\"seccodeverify\" type=\"text\" maxlength=\"4\" size=\"8\" name=\"seccodeverify\">";	// anti bot field generator spam , keep this value clear and hidden in css
		echo "</form>";


		}	// if user level<5
	echo "</div>";
	}	// id!=0

Return current item: MobileBB