[aidenligne_francais_universite.git] / fluxbb / misc.php

<?php
/***********************************************************************

  Copyright (C) 2002-2005  Rickard Andersson (rickard@punbb.org)

  This file is part of PunBB.

  PunBB is free software; you can redistribute it and/or modify it
  under the terms of the GNU General Public License as published
  by the Free Software Foundation; either version 2 of the License,
  or (at your option) any later version.

  PunBB is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston,
  MA  02111-1307  USA

************************************************************************/


if (isset($_GET['action']))
	define('PUN_QUIET_VISIT', 1);

define('PUN_ROOT', './');
require PUN_ROOT.'include/common.php';


// Load the misc.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/misc.php';

$action = isset($_GET['action']) ? $_GET['action'] : null;


if ($action == 'rules')
{
	// Load the register.php language file
	require PUN_ROOT.'lang/'.$pun_user['language'].'/register.php';

	$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_register['Forum rules'];
	require PUN_ROOT.'header.php';

?>
<div class="block">
	<h2><span><?php echo $lang_register['Forum rules'] ?></span></h2>
	<div class="box">
		<div class="inbox">
			<p><?php echo $pun_config['o_rules_message'] ?></p>
		</div>
	</div>
</div>
<?php

	require PUN_ROOT.'footer.php';
}


else if ($action == 'markread')
{
	if ($pun_user['is_guest'])
		message($lang_common['No permission']);

	$db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user last visit data', __FILE__, __LINE__, $db->error());

	redirect('index.php', $lang_misc['Mark read redirect']);
}


else if (isset($_GET['email']))
{
	if ($pun_user['is_guest'])
		message($lang_common['No permission']);

	$recipient_id = intval($_GET['email']);
	if ($recipient_id < 2)
		message($lang_common['Bad request']);

	$result = $db->query('SELECT username, email, email_setting FROM '.$db->prefix.'users WHERE id='.$recipient_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
	if (!$db->num_rows($result))
		message($lang_common['Bad request']);

	list($recipient, $recipient_email, $email_setting) = $db->fetch_row($result);

	if ($email_setting == 2 && $pun_user['g_id'] > PUN_MOD)
		message($lang_misc['Form e-mail disabled']);


	if (isset($_POST['form_sent']))
	{
		// Clean up message and subject from POST
		$subject = pun_trim($_POST['req_subject']);
		$message = pun_trim($_POST['req_message']);

		if ($subject == '')
			message($lang_misc['No e-mail subject']);
		else if ($message == '')
			message($lang_misc['No e-mail message']);
		else if (strlen($message) > 65535)
			message($lang_misc['Too long e-mail message']);

		// Load the "form e-mail" template
		$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/form_email.tpl'));

		// The first row contains the subject
		$first_crlf = strpos($mail_tpl, "\n");
		$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
		$mail_message = trim(substr($mail_tpl, $first_crlf));

		$mail_subject = str_replace('<mail_subject>', $subject, $mail_subject);
		$mail_message = str_replace('<sender>', $pun_user['username'], $mail_message);
		$mail_message = str_replace('<board_title>', $pun_config['o_board_title'], $mail_message);
		$mail_message = str_replace('<mail_message>', $message, $mail_message);
		$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message);

		require_once PUN_ROOT.'include/email.php';

		pun_mail($recipient_email, $mail_subject, $mail_message, '"'.str_replace('"', '', $pun_user['username']).'" <'.$pun_user['email'].'>');

		redirect(htmlspecialchars($_POST['redirect_url']), $lang_misc['E-mail sent redirect']);
	}


	// Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the users profile after the e-mail is sent)
	$redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($pun_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php';

	$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Send e-mail to'].' '.pun_htmlspecialchars($recipient);
	$required_fields = array('req_subject' => $lang_misc['E-mail subject'], 'req_message' => $lang_misc['E-mail message']);
	$focus_element = array('email', 'req_subject');
	require PUN_ROOT.'header.php';

?>
<div class="blockform">
	<h2><span><?php echo $lang_misc['Send e-mail to'] ?> <?php echo pun_htmlspecialchars($recipient) ?></span></h2>
	<div class="box">
		<form id="email" method="post" action="misc.php?email=<?php echo $recipient_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">
			<div class="inform">
				<fieldset>
					<legend><?php echo $lang_misc['Write e-mail'] ?></legend>
					<div class="infldset txtarea">
						<input type="hidden" name="form_sent" value="1" />
						<input type="hidden" name="redirect_url" value="<?php echo $redirect_url ?>" />
						<label><strong><?php echo $lang_misc['E-mail subject'] ?></strong><br />
						<input class="longinput" type="text" name="req_subject" size="75" maxlength="70" tabindex="1" /><br /></label>
						<label><strong><?php echo $lang_misc['E-mail message'] ?></strong><br />
						<textarea name="req_message" rows="10" cols="75" tabindex="2"></textarea><br /></label>
						<p><?php echo $lang_misc['E-mail disclosure note'] ?></p>
					</div>
				</fieldset>
			</div>
			<p><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" tabindex="3" accesskey="s" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
		</form>
	</div>
</div>
<?php

	require PUN_ROOT.'footer.php';
}


else if (isset($_GET['report']))
{
	if ($pun_user['is_guest'])
		message($lang_common['No permission']);

	$post_id = intval($_GET['report']);
	if ($post_id < 1)
		message($lang_common['Bad request']);

	if (isset($_POST['form_sent']))
	{
		// Clean up reason from POST
		$reason = pun_linebreaks(pun_trim($_POST['req_reason']));
		if ($reason == '')
			message($lang_misc['No reason']);

		// Get the topic ID
		$result = $db->query('SELECT topic_id FROM '.$db->prefix.'posts WHERE id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
		if (!$db->num_rows($result))
			message($lang_common['Bad request']);

		$topic_id = $db->result($result);

		// Get the subject and forum ID
		$result = $db->query('SELECT subject, forum_id FROM '.$db->prefix.'topics WHERE id='.$topic_id) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
		if (!$db->num_rows($result))
			message($lang_common['Bad request']);

		list($subject, $forum_id) = $db->fetch_row($result);

		// Should we use the internal report handling?
		if ($pun_config['o_report_method'] == 0 || $pun_config['o_report_method'] == 2)
			$db->query('INSERT INTO '.$db->prefix.'reports (post_id, topic_id, forum_id, reported_by, created, message) VALUES('.$post_id.', '.$topic_id.', '.$forum_id.', '.$pun_user['id'].', '.time().', \''.$db->escape($reason).'\')' ) or error('Unable to create report', __FILE__, __LINE__, $db->error());

		// Should we e-mail the report?
		if ($pun_config['o_report_method'] == 1 || $pun_config['o_report_method'] == 2)
		{
			// We send it to the complete mailing-list in one swoop
			if ($pun_config['o_mailing_list'] != '')
			{
				$mail_subject = 'Signalement ('.$forum_id.') - \''.$subject.'\'';
				$mail_message = 'L\'utilisateur \''.$pun_user['username'].'\' a signalé le message suivant :'."\n".$pun_config['o_base_url'].'/viewtopic.php?pid='.$post_id.'#p'.$post_id."\n\n".'Motif :'."\n".$reason;

				require PUN_ROOT.'include/email.php';

				pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
			}
		}

		redirect('viewtopic.php?pid='.$post_id.'#p'.$post_id, $lang_misc['Report redirect']);
	}


	$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Report post'];
	$required_fields = array('req_reason' => $lang_misc['Reason']);
	$focus_element = array('report', 'req_reason');
	require PUN_ROOT.'header.php';

?>
<div class="blockform">
	<h2><span><?php echo $lang_misc['Report post'] ?></span></h2>
	<div class="box">
		<form id="report" method="post" action="misc.php?report=<?php echo $post_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">
			<div class="inform">
				<fieldset>
					<legend><?php echo $lang_misc['Reason desc'] ?></legend>
					<div class="infldset txtarea">
						<input type="hidden" name="form_sent" value="1" />
						<label><strong><?php echo $lang_misc['Reason'] ?></strong><br /><textarea name="req_reason" rows="5" cols="60"></textarea><br /></label>
					</div>
				</fieldset>
			</div>
			<p><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" accesskey="s" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
		</form>
	</div>
</div>
<?php

	require PUN_ROOT.'footer.php';
}


else if (isset($_GET['subscribe']))
{
	if ($pun_user['is_guest'] || $pun_config['o_subscriptions'] != '1')
		message($lang_common['No permission']);

	$topic_id = intval($_GET['subscribe']);
	if ($topic_id < 1)
		message($lang_common['Bad request']);

	// Make sure the user can view the topic
	$result = $db->query('SELECT 1 FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$topic_id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
	if (!$db->num_rows($result))
		message($lang_common['Bad request']);

	$result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
	if ($db->num_rows($result))
		message($lang_misc['Already subscribed']);

	$db->query('INSERT INTO '.$db->prefix.'subscriptions (user_id, topic_id) VALUES('.$pun_user['id'].' ,'.$topic_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error());

	redirect('viewtopic.php?id='.$topic_id, $lang_misc['Subscribe redirect']);
}


else if (isset($_GET['unsubscribe']))
{
	if ($pun_user['is_guest'] || $pun_config['o_subscriptions'] != '1')
		message($lang_common['No permission']);

	$topic_id = intval($_GET['unsubscribe']);
	if ($topic_id < 1)
		message($lang_common['Bad request']);

	$result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
	if (!$db->num_rows($result))
		message($lang_misc['Not subscribed']);

	$db->query('DELETE FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to remove subscription', __FILE__, __LINE__, $db->error());

	redirect('viewtopic.php?id='.$topic_id, $lang_misc['Unsubscribe redirect']);
}


else
	message($lang_common['Bad request']);
Commit	Line	Data
c495c100 P	1	<?php
	2	/***********************************************************************
	3
	4	Copyright (C) 2002-2005 Rickard Andersson (rickard@punbb.org)
	5
	6	This file is part of PunBB.
	7
	8	PunBB is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU General Public License as published
	10	by the Free Software Foundation; either version 2 of the License,
	11	or (at your option) any later version.
	12
	13	PunBB is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	16	GNU General Public License for more details.
	17
	18	You should have received a copy of the GNU General Public License
	19	along with this program; if not, write to the Free Software
	20	Foundation, Inc., 59 Temple Place, Suite 330, Boston,
	21	MA 02111-1307 USA
	22
	23	************************************************************************/
	24
	25
	26	if (isset($_GET['action']))
	27	define('PUN_QUIET_VISIT', 1);
	28
	29	define('PUN_ROOT', './');
	30	require PUN_ROOT.'include/common.php';
	31
	32
	33	// Load the misc.php language file
	34	require PUN_ROOT.'lang/'.$pun_user['language'].'/misc.php';
	35
	36	$action = isset($_GET['action']) ? $_GET['action'] : null;
	37
	38
	39	if ($action == 'rules')
	40	{
	41	// Load the register.php language file
	42	require PUN_ROOT.'lang/'.$pun_user['language'].'/register.php';
	43
	44	$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_register['Forum rules'];
	45	require PUN_ROOT.'header.php';
	46
	47	?>
	48	<div class="block">
	49	<h2><span><?php echo $lang_register['Forum rules'] ?></span></h2>
	50	<div class="box">
	51	<div class="inbox">
	52	<p><?php echo $pun_config['o_rules_message'] ?></p>
	53	</div>
	54	</div>
	55	</div>
	56	<?php
	57
	58	require PUN_ROOT.'footer.php';
	59	}
	60
	61
	62	else if ($action == 'markread')
	63	{
	64	if ($pun_user['is_guest'])
65	message($lang_common['No permission']);
66
67	$db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user last visit data', __FILE__, __LINE__, $db->error());
68
69	redirect('index.php', $lang_misc['Mark read redirect']);
70	}
71
72
73	else if (isset($_GET['email']))
74	{
75	if ($pun_user['is_guest'])
76	message($lang_common['No permission']);
77
78	$recipient_id = intval($_GET['email']);
79	if ($recipient_id < 2)
80	message($lang_common['Bad request']);
81
82	$result = $db->query('SELECT username, email, email_setting FROM '.$db->prefix.'users WHERE id='.$recipient_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
83	if (!$db->num_rows($result))
84	message($lang_common['Bad request']);
85
86	list($recipient, $recipient_email, $email_setting) = $db->fetch_row($result);
87
88	if ($email_setting == 2 && $pun_user['g_id'] > PUN_MOD)
89	message($lang_misc['Form e-mail disabled']);
90
91
92	if (isset($_POST['form_sent']))
93	{
94	// Clean up message and subject from POST
95	$subject = pun_trim($_POST['req_subject']);
96	$message = pun_trim($_POST['req_message']);
97
98	if ($subject == '')
99	message($lang_misc['No e-mail subject']);
100	else if ($message == '')
101	message($lang_misc['No e-mail message']);
102	else if (strlen($message) > 65535)
103	message($lang_misc['Too long e-mail message']);
104
105	// Load the "form e-mail" template
106	$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/form_email.tpl'));
107
108	// The first row contains the subject
109	$first_crlf = strpos($mail_tpl, "\n");
110	$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
111	$mail_message = trim(substr($mail_tpl, $first_crlf));
112
113	$mail_subject = str_replace('<mail_subject>', $subject, $mail_subject);
114	$mail_message = str_replace('<sender>', $pun_user['username'], $mail_message);
115	$mail_message = str_replace('<board_title>', $pun_config['o_board_title'], $mail_message);
116	$mail_message = str_replace('<mail_message>', $message, $mail_message);
117	$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message);
118
119	require_once PUN_ROOT.'include/email.php';
120
121	pun_mail($recipient_email, $mail_subject, $mail_message, '"'.str_replace('"', '', $pun_user['username']).'" <'.$pun_user['email'].'>');
122
123	redirect(htmlspecialchars($_POST['redirect_url']), $lang_misc['E-mail sent redirect']);
124	}
125
126
127	// Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the users profile after the e-mail is sent)
128	$redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($pun_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php';
129
130	$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Send e-mail to'].' '.pun_htmlspecialchars($recipient);
131	$required_fields = array('req_subject' => $lang_misc['E-mail subject'], 'req_message' => $lang_misc['E-mail message']);
132	$focus_element = array('email', 'req_subject');
133	require PUN_ROOT.'header.php';
134
135	?>
136	<div class="blockform">
137	<h2><span><?php echo $lang_misc['Send e-mail to'] ?> <?php echo pun_htmlspecialchars($recipient) ?></span></h2>
138	<div class="box">
139	<form id="email" method="post" action="misc.php?email=<?php echo $recipient_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">
140	<div class="inform">
141	<fieldset>
142	<legend><?php echo $lang_misc['Write e-mail'] ?></legend>
143	<div class="infldset txtarea">
144	<input type="hidden" name="form_sent" value="1" />
145	<input type="hidden" name="redirect_url" value="<?php echo $redirect_url ?>" />
146	<label><strong><?php echo $lang_misc['E-mail subject'] ?></strong><br />
147	<input class="longinput" type="text" name="req_subject" size="75" maxlength="70" tabindex="1" /><br /></label>
148	<label><strong><?php echo $lang_misc['E-mail message'] ?></strong><br />
149	<textarea name="req_message" rows="10" cols="75" tabindex="2"></textarea><br /></label>
150	<p><?php echo $lang_misc['E-mail disclosure note'] ?></p>
151	</div>
152	</fieldset>
153	</div>
154	<p><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" tabindex="3" accesskey="s" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
155	</form>
156	</div>
157	</div>
158	<?php
159
160	require PUN_ROOT.'footer.php';
161	}
162
163
164	else if (isset($_GET['report']))
165	{
166	if ($pun_user['is_guest'])
167	message($lang_common['No permission']);
168
169	$post_id = intval($_GET['report']);
170	if ($post_id < 1)
171	message($lang_common['Bad request']);
172
173	if (isset($_POST['form_sent']))
174	{
175	// Clean up reason from POST
176	$reason = pun_linebreaks(pun_trim($_POST['req_reason']));
177	if ($reason == '')
178	message($lang_misc['No reason']);
179
180	// Get the topic ID
181	$result = $db->query('SELECT topic_id FROM '.$db->prefix.'posts WHERE id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
182	if (!$db->num_rows($result))
183	message($lang_common['Bad request']);
184
185	$topic_id = $db->result($result);
186
187	// Get the subject and forum ID
188	$result = $db->query('SELECT subject, forum_id FROM '.$db->prefix.'topics WHERE id='.$topic_id) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
189	if (!$db->num_rows($result))
190	message($lang_common['Bad request']);
191
192	list($subject, $forum_id) = $db->fetch_row($result);
193
194	// Should we use the internal report handling?
195	if ($pun_config['o_report_method'] == 0 \|\| $pun_config['o_report_method'] == 2)
196	$db->query('INSERT INTO '.$db->prefix.'reports (post_id, topic_id, forum_id, reported_by, created, message) VALUES('.$post_id.', '.$topic_id.', '.$forum_id.', '.$pun_user['id'].', '.time().', \''.$db->escape($reason).'\')' ) or error('Unable to create report', __FILE__, __LINE__, $db->error());
197
198	// Should we e-mail the report?
199	if ($pun_config['o_report_method'] == 1 \|\| $pun_config['o_report_method'] == 2)
200	{
201	// We send it to the complete mailing-list in one swoop
202	if ($pun_config['o_mailing_list'] != '')
203	{
204	$mail_subject = 'Signalement ('.$forum_id.') - \''.$subject.'\'';
205	$mail_message = 'L\'utilisateur \''.$pun_user['username'].'\' a signalé le message suivant :'."\n".$pun_config['o_base_url'].'/viewtopic.php?pid='.$post_id.'#p'.$post_id."\n\n".'Motif :'."\n".$reason;
206
207	require PUN_ROOT.'include/email.php';
208
209	pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
210	}
211	}
212
213	redirect('viewtopic.php?pid='.$post_id.'#p'.$post_id, $lang_misc['Report redirect']);
214	}
215
216
217	$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Report post'];
218	$required_fields = array('req_reason' => $lang_misc['Reason']);
219	$focus_element = array('report', 'req_reason');
220	require PUN_ROOT.'header.php';
221
222	?>
223	<div class="blockform">
224	<h2><span><?php echo $lang_misc['Report post'] ?></span></h2>
225	<div class="box">
226	<form id="report" method="post" action="misc.php?report=<?php echo $post_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">
227	<div class="inform">
228	<fieldset>
229	<legend><?php echo $lang_misc['Reason desc'] ?></legend>
230	<div class="infldset txtarea">
231	<input type="hidden" name="form_sent" value="1" />
232	<label><strong><?php echo $lang_misc['Reason'] ?></strong><br /><textarea name="req_reason" rows="5" cols="60"></textarea><br /></label>
233	</div>
234	</fieldset>
235	</div>
236	<p><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" accesskey="s" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
237	</form>
238	</div>
239	</div>
240	<?php
241
242	require PUN_ROOT.'footer.php';
243	}
244
245
246	else if (isset($_GET['subscribe']))
247	{
248	if ($pun_user['is_guest'] \|\| $pun_config['o_subscriptions'] != '1')
249	message($lang_common['No permission']);
250
251	$topic_id = intval($_GET['subscribe']);
252	if ($topic_id < 1)
253	message($lang_common['Bad request']);
254
255	// Make sure the user can view the topic
256	$result = $db->query('SELECT 1 FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$topic_id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
257	if (!$db->num_rows($result))
258	message($lang_common['Bad request']);
259
260	$result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
261	if ($db->num_rows($result))
262	message($lang_misc['Already subscribed']);
263
264	$db->query('INSERT INTO '.$db->prefix.'subscriptions (user_id, topic_id) VALUES('.$pun_user['id'].' ,'.$topic_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error());
265
266	redirect('viewtopic.php?id='.$topic_id, $lang_misc['Subscribe redirect']);
267	}
268
269
270	else if (isset($_GET['unsubscribe']))
271	{
272	if ($pun_user['is_guest'] \|\| $pun_config['o_subscriptions'] != '1')
273	message($lang_common['No permission']);
274
275	$topic_id = intval($_GET['unsubscribe']);
276	if ($topic_id < 1)
277	message($lang_common['Bad request']);
278
279	$result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
280	if (!$db->num_rows($result))
281	message($lang_misc['Not subscribed']);
282
283	$db->query('DELETE FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to remove subscription', __FILE__, __LINE__, $db->error());
284
285	redirect('viewtopic.php?id='.$topic_id, $lang_misc['Unsubscribe redirect']);
286	}
287
288
289	else
290	message($lang_common['Bad request']);