query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user last visit data', __FILE__, __LINE__, $db->error()); redirect('index.php', $lang_misc['Mark read redirect']); } else if (isset($_GET['email'])) { if ($pun_user['is_guest']) message($lang_common['No permission']); $recipient_id = intval($_GET['email']); if ($recipient_id < 2) message($lang_common['Bad request']); $result = $db->query('SELECT username, email, email_setting FROM '.$db->prefix.'users WHERE id='.$recipient_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); if (!$db->num_rows($result)) message($lang_common['Bad request']); list($recipient, $recipient_email, $email_setting) = $db->fetch_row($result); if ($email_setting == 2 && $pun_user['g_id'] > PUN_MOD) message($lang_misc['Form e-mail disabled']); if (isset($_POST['form_sent'])) { // Clean up message and subject from POST $subject = pun_trim($_POST['req_subject']); $message = pun_trim($_POST['req_message']); if ($subject == '') message($lang_misc['No e-mail subject']); else if ($message == '') message($lang_misc['No e-mail message']); else if (strlen($message) > 65535) message($lang_misc['Too long e-mail message']); // Load the "form e-mail" template $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/form_email.tpl')); // The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8)); $mail_message = trim(substr($mail_tpl, $first_crlf)); $mail_subject = str_replace('', $subject, $mail_subject); $mail_message = str_replace('', $pun_user['username'], $mail_message); $mail_message = str_replace('', $pun_config['o_board_title'], $mail_message); $mail_message = str_replace('', $message, $mail_message); $mail_message = str_replace('', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message); require_once PUN_ROOT.'include/email.php'; pun_mail($recipient_email, $mail_subject, $mail_message, '"'.str_replace('"', '', $pun_user['username']).'" <'.$pun_user['email'].'>'); redirect(htmlspecialchars($_POST['redirect_url']), $lang_misc['E-mail sent redirect']); } // Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the users profile after the e-mail is sent) $redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($pun_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php'; $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Send e-mail to'].' '.pun_htmlspecialchars($recipient); $required_fields = array('req_subject' => $lang_misc['E-mail subject'], 'req_message' => $lang_misc['E-mail message']); $focus_element = array('email', 'req_subject'); require PUN_ROOT.'header.php'; ?>

query('SELECT topic_id FROM '.$db->prefix.'posts WHERE id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error()); if (!$db->num_rows($result)) message($lang_common['Bad request']); $topic_id = $db->result($result); // Get the subject and forum ID $result = $db->query('SELECT subject, forum_id FROM '.$db->prefix.'topics WHERE id='.$topic_id) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error()); if (!$db->num_rows($result)) message($lang_common['Bad request']); list($subject, $forum_id) = $db->fetch_row($result); // Should we use the internal report handling? if ($pun_config['o_report_method'] == 0 || $pun_config['o_report_method'] == 2) $db->query('INSERT INTO '.$db->prefix.'reports (post_id, topic_id, forum_id, reported_by, created, message) VALUES('.$post_id.', '.$topic_id.', '.$forum_id.', '.$pun_user['id'].', '.time().', \''.$db->escape($reason).'\')' ) or error('Unable to create report', __FILE__, __LINE__, $db->error()); // Should we e-mail the report? if ($pun_config['o_report_method'] == 1 || $pun_config['o_report_method'] == 2) { // We send it to the complete mailing-list in one swoop if ($pun_config['o_mailing_list'] != '') { $mail_subject = 'Report('.$forum_id.') - \''.$subject.'\''; $mail_message = 'User \''.$pun_user['username'].'\' has reported the following message:'."\n".$pun_config['o_base_url'].'/viewtopic.php?pid='.$post_id.'#p'.$post_id."\n\n".'Reason:'."\n".$reason; require PUN_ROOT.'include/email.php'; pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message); } } redirect('viewtopic.php?pid='.$post_id.'#p'.$post_id, $lang_misc['Report redirect']); } $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Report post']; $required_fields = array('req_reason' => $lang_misc['Reason']); $focus_element = array('report', 'req_reason'); require PUN_ROOT.'header.php'; ?>

query('SELECT 1 FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$topic_id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error()); if (!$db->num_rows($result)) message($lang_common['Bad request']); $result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error()); if ($db->num_rows($result)) message($lang_misc['Already subscribed']); $db->query('INSERT INTO '.$db->prefix.'subscriptions (user_id, topic_id) VALUES('.$pun_user['id'].' ,'.$topic_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error()); redirect('viewtopic.php?id='.$topic_id, $lang_misc['Subscribe redirect']); } else if (isset($_GET['unsubscribe'])) { if ($pun_user['is_guest'] || $pun_config['o_subscriptions'] != '1') message($lang_common['No permission']); $topic_id = intval($_GET['unsubscribe']); if ($topic_id < 1) message($lang_common['Bad request']); $result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error()); if (!$db->num_rows($result)) message($lang_misc['Not subscribed']); $db->query('DELETE FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to remove subscription', __FILE__, __LINE__, $db->error()); redirect('viewtopic.php?id='.$topic_id, $lang_misc['Unsubscribe redirect']); } else message($lang_common['Bad request']);