#!/usr/bin/perl
$discus_conf = '/usr/local/www/www.acheron.org/discus_admin_116439176/discus.conf';
#Discus board post script (board-post.cgi)
#-------------------------------------------------------------------------------
# This script is copyright (c) 1998 by DiscusWare, LLC, all rights reserved.
# Its use is subject to the license agreement that can be found at the following
# URL:  http://www.chem.hope.edu/discus/license
#-------------------------------------------------------------------------------
#######################################################
# Reply by e-mail: some people have been given a script
# to intercept incoming mail messages and process them
# as Discus messages.  To permit this, the following
# variable must be set to 1.
# 1=On                  0=Off [Default]
$reply_by_email = 0;
#######################################################
# SCRIPT BEGINS HERE...
$double_post_threshold = 120;
if (open (FILE, "$discus_conf")) {
	@file = <FILE>;
	close (FILE);
	$evals = "";
	foreach $line (@file) {
		if ($line =~ /^(\w+)=(.*)/) {
			$varname = $1;
			$value = $2;
			$value =~ s/'/\\'/g; $value =~ s/\r//g;
			$evals .= "\$$varname='$value'; ";
		}
	}
	eval($evals);
	require "$admin_dir/source/src-board-subs-common";
} else {
	print "Content-type: text/html\n\n";
	print "<HTML><HEAD><TITLE>Script Execution Error</TITLE></HEAD>\n";
	print "<BODY BGCOLOR=#ffffff TEXT=#000000>\n";
	print "<H1>Script Execution Error</H1>\n";
	print "Discus scripts could not execute because the discus.conf file\n";
	print "could not be opened.";
	print "<P>Reason: <FONT COLOR=#ff0000><B>$!</B></FONT>" if $!;
	print "<P>This generally indicates a setup error of some kind.\n";
	print "Consult the <A HREF=\"http://www.chem.hope.edu/discus/rc\">Discus ";
	print "Resource Center</A> for troubleshooting information.</BODY></HTML>\n";
	exit(0);
}
require "$admin_dir/source/src-board-subs-admin";
&parse_form;
&read_cookie;
$FORM{'name'} = $FORM{'username'} if $FORM{'username'} ne "";
$FORM{'number'} = $FORM{'passwd'} if $FORM{'passwd'} ne "";
$adminappend = "?username=$FORM{'name'}";
$adminappend .= "&HTTP_REFERER=$FORM{'HTTP_REFERER'}&action=page_editor#Messages";
if ($GLOBAL_OPTIONS{'posting'} == 0 && $GLOBAL_OPTIONS{'options_used'} == 1) {
	&error_message($L{BPAUTHERROR}, $L{AUTHERROR_CLOSED}, 0, 1);
}
if ($ENV{'HTTP_REFERER'} =~ /(.*)\.$cgi_extension/i || $FORM{'HTTP_REFERER'}) {
	$_ = $FORM{'HTTP_REFERER'};
	s/#(.*)//g;
} else {
	$_ = $ENV{'HTTP_REFERER'};
	$FORM{'HTTP_REFERER'} = $_;
	s/#(.*)//g;
}
&extract ($_) if $_ ne "";
$FORM{'name'} =~ s/[\(\)]//g;
$username_input = $FORM{'name'};
$password_input = $FORM{'number'};
($auth, $passwordline, $poster_type) = &ex('verify_postread_privileges', $topic_number, $username_input, $password_input, $password_input, "posting", 1);
if ($pro) {
	&ex('get_preferences', "*", "*", $passwordline);
}
undef @file; undef $line;
open (FILE, "$admin_dir/postoptions.txt"); @file = <FILE>; close (FILE);
($line) = grep(/^$topic_number:/, @file); chop $line if $line =~ /\n$/;
($tn, $anonymous_forbidden, $stamp_forbidden, $email_forbidden) = split(/:/, $line);
if ($passwordline ne "") {
	$passwordline =~ s/\s+$//;
	($file, $user, $pass, $email, $full, $foo1, $foo2, $foo3, $group) = split(/:/, $passwordline);
	$full = "\u$user" if ($full eq "fullname" || $full eq "" || $stamp_forbidden || ($GLOBAL_OPTIONS{'fullnames'} == 0 && $GLOBAL_OPTIONS{'options_used'} == 1));
	$full .= " (\u$user)" if $GLOBAL_OPTIONS{'user_paren'} eq "";
	$full .= " (\u$user)" if $GLOBAL_OPTIONS{'user_paren'} == 1;
	if ($group !~ /\S/) {
		$group_hold = "MODERATOR";
	} else {
		$group_hold = $group;
	}
	if ($pro) {
		if (($GLOBAL_OPTIONS{'anonymous'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0) && $FORM{'Anon'} && !$anonymous_forbidden) {
			$postby = $L{BPANONYMOUS};
		} else {
			$warn_anon = 1 if $FORM{'Anon'};
			$filename = "$user-$group_hold.txt";
			$filename = &getfn($filename);
			if (-e "$admin_dir/profiles/$filename" && !$email_forbidden && ($GLOBAL_OPTIONS{'email_on_post'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0)) {
				$postby = "<A HREF=\"$script_url/board-profile.$cgi_extension?action=display_profile&profile=$user-$group_hold\">$full</A>";
			} else {
				$postby = "<A HREF=mailto:$email>$full</A>" if ($PREF{'noemail'} == 0 && $email ne "" && $email ne "email" && !$email_forbidden && ($GLOBAL_OPTIONS{'email_on_post'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0));
				$postby = $full if ($PREF{'noemail'} == 1 || $email eq "" || $email eq "email" || $email_forbidden || !($GLOBAL_OPTIONS{'email_on_post'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0));
			}
		}
	} else {
		if (($GLOBAL_OPTIONS{'anonymous'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0) && $FORM{'Anon'} && !$anonymous_forbidden) {
			$postby = $L{BPANONYMOUS};
		} else {
			$warn_anon = 1 if $FORM{'Anon'};
			$postby = "<A HREF=mailto:$email>$full</A>" if ($email ne "" && $email ne "email" && !$email_forbidden && ($GLOBAL_OPTIONS{'email_on_post'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0));
			$postby = $full if ($email eq "" || $email eq "email" || $email_forbidden || !($GLOBAL_OPTIONS{'email_on_post'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0));
		}
	}
	$username = $user;
} else {
	$postby = $username_input;
	if (($GLOBAL_OPTIONS{'anonymous'} == 1 || $GLOBAL_OPTIONS{'options_used'} == 0) && $FORM{'Anon'} && !$anonymous_forbidden) {
		$postby = $L{BPANONYMOUS};
		$username_input = $L{BPANONYMOUS} if $username_input eq "";
	} else {
		$warn_anon = 1 if $FORM{'Anon'};
		if ($FORM{'email'} ne "") {
			$FORM{'email'} = &remove_html($FORM{'email'});
			$postby = "<A HREF='mailto:$FORM{'email'}'>$username_input</A>";
		}
	}
	$username = "PUBLIC"; $group_hold = "PUBLIC";
}
if ($GLOBAL_OPTIONS{'ip_on_post'}) {
	$rh = $ENV{'REMOTE_HOST'};
	$rh =~ s/[<>]//g;
	$ra = $ENV{'REMOTE_ADDR'};
	$ra =~ s/[<>]//g;
	$postby .= " ($rh - $ra)" ;
}
$FORM{'message'} =~ s/\s+$//;
$FORM{'message'} =~ s/^\s+//;
$FORM{'message'} =~ s/\n{3,}/\n\n\n/g;
if ($FORM{"message"} =~ m|^\{\\rtf| && $pro && $GLOBAL_OPTIONS{'RTF'}) {
	($FORM{"message"}) = &ex('rtf_to_webtags', $FORM{"message"});
	($lint, $newmessage) = &ex('webtags', $FORM{"message"}, 0, 1);
}
$remove_swearing = 1 if ($GLOBAL_OPTIONS{'profanity'});
if ($FORM{"message"} !~ /\\(\S+)\{/ && $FORM{"message"} =~ m|<(\s*)([^>]*)(\s*)>| && $GLOBAL_OPTIONS{'html'}) {
	($message_html) = &ex('html_to_webtags', $FORM{"message"});
	$NEW_SOURCE = $message_html;
	$message_html =~ s/<([^>]*)>//g;
	($message_html) = &ex('remove_swearing', $message_html) if ($remove_swearing);
	($lint, $newmessage) = &ex('webtags', $message_html, 0, 1);
} else {
	$NEW_SOURCE = "";
	if ($FORM{"message"} !~ /\\(\S+)\{/ && $GLOBAL_OPTIONS{'active_links'}) {
		$FORM{"message"} = join("", " ", $FORM{"message"}, " ");
		$m = ""; $after = $FORM{"message"};
		while ($after =~ m|(http://)([\w\-\.\+/~\%\?\&\=\:\,]+)|i) {
			$url = join("", $1, $2); $b4 = $`; $after = $';
			if ($url =~ m|([\.\:\;\,])$|) {
				$url = $`; $after = "$1$after";
			}
			$url_link = $url;
			$url_link =~ s/,(.)/\%2C$1/g;
			$m .= join("", $b4, "\\topurl\{$url_link,$url}");
		}
		$FORM{"message"} = $m . $after;
		$m = ""; $after = $FORM{"message"};
		while ($after =~ m|([\w\-\+\.]+)\@([\w\-\+\.]+)|i) {
			$url = join("", $1, "\@", $2); $b4 = $`; $after = $';
			if ($url =~ m|([\.\:\;\,])$|) {
				$url = $`; $after = "$1$after";
			}
			$url_link = $url;
			$url_link =~ s/,(.)/\%2C$1/g;
			$m .= join("", $b4, "\\mail\{$url_link,$url}");
		}
		$FORM{"message"} = $m . $after;
	}
	$message_temp = $FORM{"message"};
	($message_temp) = &ex('remove_swearing', $FORM{"message"}) if ($remove_swearing);
	($lint, $newmessage) = &ex('webtags', $message_temp, 0, 1);
	$error_observed = 1;
}
if ($FORM{'subject'} ne "") {
	$newsubject = "";
	($newsubject) = &ex('remove_swearing', $FORM{"subject"}, 3) if ($remove_swearing);
	$newsubject = $FORM{'subject'} if $newsubject eq "";
	($lint_subj, $newsubject) = &ex('webtags', $FORM{"subject"}, 3, 1);
	$newsubj = 1;
	$newsubject = "\u$newsubject" if $GLOBAL_OPTIONS{'capitalize'};
}
($postby) = &ex('remove_swearing', $postby, 0, 1) if ($remove_swearing);
if ($auth == 0) {
	$newmessage = "<H3>$L{BPAUTHERROR}</H3>$L{BPAUTHERRORINVALID}";
} elsif ($auth == 2) {
	$newmessage = "<H3>$L{BPAUTHERROR}</H3>$L{AUTHERROR_BANNED}";
} elsif ($auth == 3) {
	$newmessage = "<H3>$L{BPAUTHERROR}</H3>$L{AUTHERROR_CLOSED}";
} elsif ($postby eq "") {
	$newmessage = "<H3>$L{BPAUTHERROR}</H3>$L{BPAUTHERRORNONAME}";
} elsif ($username_input !~ /\S/) {
	$newmessage = "<H3>$L{BPAUTHERROR}</H3>$L{BPAUTHERRORNONAME}";
} elsif ($FORM{"message"} !~ /\S/) {
	$newmessage = "<H3>$L{BPADDMSGERROR}</H3>$L{BPADDMSGERRORDESC}";
} elsif ($FORM{"new_conversation"} == 1 && $FORM{"subject"} !~ /\S/) {
	$newmessage = "<H3>$L{BPCREATEERROR}</H3>$L{BPCREATEERRORDESC}";
} elsif ($poster_type == 8 && (length($FORM{'message'})/1000) > $GLOBAL_OPTIONS{'public_msgsize'} && $GLOBAL_OPTIONS{'options_used'} && $GLOBAL_OPTIONS{'public_msgsize'}) {
	$newmessage = "<H3>$L{BPADDMSGERROR}</H3>";
	$toolong = $L{BP_MESSAGE_EXCEEDED_MAXLENGTH};
	$mxs = $GLOBAL_OPTIONS{'public_msgsize'}; $toolong =~ s/\%maxsize/$mxs/g;
	$ys = length($FORM{'message'})/1000; $toolong =~ s/\%yoursize/$ys/g;
	$newmessage .= $toolong;
} elsif ($poster_type != 8 && (length($FORM{'message'})/1000) > $GLOBAL_OPTIONS{'registered_msgsize'} && $GLOBAL_OPTIONS{'options_used'} && $GLOBAL_OPTIONS{'registered_msgsize'}) {
	$newmessage = "<H3>$L{BPADDMSGERROR}</H3>";
	$toolong = $L{BP_MESSAGE_EXCEEDED_MAXLENGTH};
	$mxs = $GLOBAL_OPTIONS{'registered_msgsize'}; $toolong =~ s/\%maxsize/$mxs/g;
	$ys = length($FORM{'message'})/1000; $toolong =~ s/\%yoursize/$ys/g;
	$newmessage .= $toolong;
} else {
	$error_observed = 0;
}
$error_observed = 1 if $lint eq "!Error";
$error_observed = 1 if $lint_subj eq "!Error";
$newmessage = $newsubject if $lint_subj eq "!Error";
$message_hold = $FORM{'message'}; $message_hold =~ s/&/&amp;/g;
$message_hold =~ s/>/&gt;/g; $message_hold =~ s/</&lt;/g; $message_hold =~ s/"/&quot;/g;
$subject_hold = $FORM{'subject'}; $subject_hold =~ s/&/&amp;/g;
$subject_hold =~ s/>/&gt;/g; $subject_hold =~ s/</&lt;/g; $subject_hold =~ s/"/&quot;/g;
$p1 = $L{PREVIEW}; $p2 = $L{PREVIEW2};
$p1 = "x" x 100 if $L{PREVIEW} eq "";
$p2 = "x" x 100 if $L{PREVIEW2} eq "";
$p1 =~ s/^\s+//; $p1 =~ s/\s+$//;
$p2 =~ s/^\s+//; $p2 =~ s/\s+$//;
if ($pro) {
	$FORM{'submit'} = "" if ($PREF{'skip_preview'} == 1);
}	
if ($FORM{'submit'} =~ /$p1/i || $FORM{'submit'} =~ /$p2/i || $error_observed == 1) {
	&header;
	($bgcolor, $text, $link, $vlink, $alink, $face, $size, $image) = &ex('extract_colorsonly', 1);
	$str = "$L{BPNORMALTITLE}";
	&ex('printuntil', 1, 1, $topic_number, "$L{BPNORMALTITLE}");
	print "<FONT SIZE=+1><CENTER><B>$L{BPNORMALTITLE}</B></CENTER></FONT>\n" if $newsubj == 0;
	print "<FONT SIZE=+1><CENTER><B>$L{BPCREATETITLE}</B></CENTER></FONT>\n" if $newsubj == 1;
	print "<HR>\n";
	&ex('printuntil', 3, 3, $topic_number, $title, 0, 1);
	$file = "$message_dir/$topic_number/$me_number.$ext" if -e "$message_dir/$topic_number/$me_number.$ext";
	if (!-e "$message_dir/$topic_number/$me_number.$ext") {
		$file = "$secdir/$topic_number/$me_number.$ext";
		$secure = 1;
	} 
	open (FILE, $file);
	@file = <FILE>;
	close (FILE);
	if ($FORM{'isitok'} ne "okiedokie") {
		($navbar) = &ex('prepare_navbar', @file);
		$navbar =~ m|^(.*)</A>: |;
		$pre = join("", $1, "</A>: ");
		$url = "$message_url/$topic_number/$me_number.$ext" if !$secure;
		$url = "$script_url/board-auth.$cgi_extension?file=/$topic_number/$me_number.$ext" if $secure;
		$newsubj = 1 if $FORM{'new_conversation'} == 1;
		$javastr = &JavaScript_prepare($me_name);
		$pre .= "<A HREF=\"$url\" onMouseOver=\"return setStatus('$L{RETURNTO}$javastr')\"><FONT COLOR=$vlink>$me_name</FONT></A>: ";
	} else {
		&extract("$FORM{'HTTP_REFERER'}");
		local (@array) = ("$topic_number:$topic_name");
		foreach $key (sort by_number keys(%level_number)) {
			push (@array, "$level_number{$key}:$level_name{$key}");
		}
		$pre = "<A HREF=\"$cgiurlm?username=$FORM{'name'}&action=mgr_1";
		$pre .= "&HTTP_REFERER=$page_referer\" onMouseOver=\"return setStatus('";
		$pre .= "Return to topic selection screen')\"><FONT COLOR=$link>Page Manager</FONT></A>:&nbsp;\n";
		foreach $line (@array) {
			($number,$name) = split(/:/, $line, 2);
			$pre .= "<A HREF=\"$cgiurlm?username=$FORM{'name'}&action=page_editor";
			$pre .= "&HTTP_REFERER=//$topic_number/$number.$ext\" onMouseOver=\"return ";
			$str = &JavaScript_prepare($name);
			$pre .= "setStatus('Return to editing $str')\"><FONT COLOR=$link>$name</FONT></A>: ";
		}
	}
	$pre .= "$L{BPCREATEDISPLAY}" if $newsubj == 1;
	$pre .= "$L{BPNORMALDISPLAY}" if $newsubj == 0;
	&ex('printuntil', 5, 9, $topic_number, $title, 0, 1);
	print "<strong>$pre</strong>\n";
	print "<HR>\n";
	if (!($error_observed)) {
		print "<FONT SIZE=-1>$L{BPMESSAGEPOST}</FONT>" if $newsubj == 0;
		print "<FONT SIZE=-1>$L{BPCREATEPOST}</FONT>" if $newsubj == 1;
		print "<P>";
		if ($warn_anon == 1) {
			print "$L{BPWARNANONYMOUS}<P>\n";
		}
		if ($lint ne "") {
			print "<FONT SIZE=+1><B>$L{BPPOSSIBLEFORMATTINGERRORS}</B></FONT><P>";
			print "<FONT SIZE=-1>$L{BPPOSSIBLEFORMATTINGERRORSDESC}";
			print "<P>\n";
			print "<OL>$lint</OL><P></FONT>\n";
		}
		if ($pro && $PREF{'spellcheck'} == 1 && $dictionary ne "") {
			($newmessage, $scmessage) = &ex('spellcheck', $newmessage);
			if ($scmessage ne "") {
				print $scmessage;
			}
		}		
		&ex('printuntil', 11, 11, $topic_number, $title, 0, 1);
		print "<TABLE BORDER=1 WIDTH=97% HEIGHT=40%><TR><TD VALIGN=TOP><BASEFONT SIZE=$size><FONT FACE=\"$face\" SIZE=\"$size\" COLOR=$text>\n";
		if ($newsubj == 1) {
			print "<B>$L{BPSUBJECTTAG}</B> $newsubject<HR SIZE=0>\n";
		}
		$pb = $L{POSTBY};
		$postby = join("", "<BLINK>", $postby, "</BLINK>") if $warn_anon == 1;
		($datetime) = &ex('get_date_time', "long");
		$pb =~ s/\%name/$postby/g;
		$pb =~ s/\%date/$datetime/g;
		print "$pb<P>\n";
	}
	print "$newmessage";
	if (!$error_observed) {
		print "</FONT></TD></TR>\n";
		print "</TABLE>\n";
		print "<FORM Method=Post Action=\"$script_url/board-post.$cgi_extension\">\n";
		print "<INPUT Type=hidden name=\"HTTP_REFERER\" value=\"$FORM{'HTTP_REFERER'}\">\n";
		print "<INPUT TYPE=HIDDEN NAME=\"new_conversation\" value=\"1\">\n" if $FORM{'new_conversation'} == 1;
		print "<INPUT Type=hidden name=\"isitok\" value=\"okiedokie\">\n" if $FORM{'isitok'} eq "okiedokie";
		print "<HR>\n";
		print "<CENTER>\n";
		print "<INPUT Type=\"submit\" Name=submit VALUE=\"$L{BPPOSTTHISMESSAGE}\">\n" if !$error_observed;
		print "<INPUT TYPE=\"button\" VALUE=\"$L{BPCANCELPOST}\" onClick=\"window.location=";
		if ($FORM{'isitok'} ne 'okiedokie') {
			$url = "$message_url/$topic_number/$me_number.$ext" if !$secure;
			$url = "$script_url/board-auth.$cgi_extension?file=/$topic_number/$me_number.$ext" if $secure;
			print "'$url'\">&nbsp;";
		} else {
			print "'$cgiurlm$adminappend'\">&nbsp;";
		}
		print "</CENTER>\n";
	} else {
		print "<BR><BR>\n";
		print "<FORM Method=Post Action=\"$script_url/board-post.$cgi_extension\">\n";
		print "<INPUT Type=hidden name=\"HTTP_REFERER\" value=\"$FORM{'HTTP_REFERER'}\">\n";
		print "<INPUT TYPE=HIDDEN NAME=\"new_conversation\" value=\"1\">\n" if $FORM{'new_conversation'} == 1;
		print "<INPUT Type=hidden name=\"isitok\" value=\"okiedokie\">\n" if $FORM{'isitok'} eq "okiedokie";
	}
	print "<HR>\n";
	&ex('printuntil', 13, 13, $topic_number, $title, 0, 1);
	open (POST, "$admin_dir/posting.txt"); @post = <POST>; close (POST);
	($line) = grep(/^$topic_number:/, @post);
	($t, $ip) = split(/:/, $line);
	if ($ip eq "") {
		$privpub = "private";
	} else {
		$privpub = "public";
	}
	open (POST, "$admin_dir/postoptions.txt"); @post = <POST>; close (POST);
	($line) = grep(/^$topic_number:/, @post);
	($t, $af) = split(/:/, $line);
	$af = 1 if ($GLOBAL_OPTIONS{'anonymous'} == 0 && $GLOBAL_OPTIONS{'options_used'} == 1);
	if (open(FILExx, "$message_dir/$topic_number/addmessage.conf")) {
		@file = <FILExx>;
	} elsif (open(FILExx, "$secdir/$topic_number/addmessage.conf")) {
		@file = <FILExx>;
	} else {		
		open (FILExx, "$admin_dir/addmessage-$privpub.conf");
		@file = <FILExx>;
	}
	close (FILExx);
	foreach $line (@file) {
		$line =~ s/<!-FONT-!>/<FONT FACE="$face" SIZE="$size">/g;
		$line = "" if $line =~ m|FORM>|;
		$line = "" if ($af && $line =~ m|^<!-Anon-!>|);
	}
	$am = $L{ADDMESSAGE};
	if ($newsubj == 1) {
		$flag = 0;
		foreach $line (@file) {
			if ($line =~ m|$am|i && $flag == 0) {
				print join("", $`, "$L{BPREVISESUBJECT}", $');
				$flag = 1;
			}
		}
		print "<H3>$L{BPREVISESUBJECT}</H3>\n" if $flag == 0;
		print "$L{BPFSUBJECT}<BR><BR>\n";
		print "<TABLE><TR><TD><INPUT TYPE=TEXT NAME=\"subject\" VALUE=\"$subject_hold\" SIZE=53></TD></TR></TABLE><P>\n";
		print "<HR>\n";
	}
	$flag = 0;
	$message_hold =~ s/^\s+//;
	$message_hold =~ s/\s+$//;
	foreach $line (@file) {
		if ($line =~ /<!-Conversation - LEAVE THIS HERE!-!>/) {
			$flag = 1;
		} elsif ($line =~ /<!-\/Identification/) {
			$flag = 0;
		} elsif ($line =~ /<!-Skip next line-!>/) {
			$flag = 2+$flag;
		} elsif ($flag >= 2) {
			$flag -= 2;
		} elsif ($line =~ /<!-Submit button included-!>/) {
			$submit_included = 1;
		} elsif ($flag == 1) {
			if ($line =~ /NAME="name" VALUE=""/i) {
				$line = join("", $`, "NAME=\"name\" VALUE=\"$username_input\"", $');
			} elsif ($line =~ /NAME="number" VALUE=""/i) {
				$line = join("", $`, "NAME=\"number\" VALUE=\"$FORM{'number'}\"", $');
				$line = "" if $FORM{'isitok'} eq "okiedokie";
			} elsif ($line =~ /NAME="Anon"/i) {
				$line = join("", $`, "NAME=\"Anon\" CHECKED", $') if $FORM{'Anon'} eq "on";
			} elsif ($line =~ /NAME="username" VALUE=""/i) {
				$line = join("", $`, "NAME=\"username\" VALUE=\"$username_input\"", $');
			} elsif ($line =~ /NAME="passwd" VALUE=""/i) {
				$line = join("", $`, "NAME=\"passwd\" VALUE=\"$FORM{'number'}\"", $');
				$line = "" if $FORM{'isitok'} eq "okiedokie";
			} elsif ($line =~ /NAME="email" VALUE=""/i) {
				$line = join("", $`, "NAME=\"email\" VALUE=\"$FORM{'email'}\"", $');
			} elsif ($line =~ /$am/i) {
				$line = join("", $`, "$L{BPREVISEMESSAGE}", $');
			}
			if ($line =~ m|</TEXTAREA>|i) {
				$line = join("", $`, $message_hold, $&, $');
			}
			print $line;
		}
	}
	print "<HR>\n";
	if ($submit_included == 0) {
		print "<CENTER>\n";
		print "<INPUT TYPE=\"submit\" Name=submit VALUE=\"$L{BPPREVIEWPOST}\">\n";
		print "</CENTER><HR></FORM>\n";
	}
	&ex('printuntil', 15, 17, $topic_number, $title, 0, 1);
	exit(0);
}
undef $!;
&error_message ("Error", "This page ($me_number) does not allow for public posting of messages!") if $param !~ /Add/ && $newsubj == 0 && $FORM{'isitok'} ne "okiedokie";
&error_message ("Error", "This page does not allow for public creation of conversations!") if $param !~ /Create/ && $newsubj == 1;
&error_message ("Error", "Your username/password combination was invalid, or you are not allowed to post to this topic.") if $passwordline eq "invalid";
if ($GLOBAL_OPTIONS{'double_post'}) {
	open (LOG, "$admin_dir/log.txt");
	@LOG = <LOG>;
	close (LOG);
	$now = time;
	$mh = $newmessage; $mh = &JavaScript_prepare($mh); 
	$mh =~ s/^\s+//; $mh =~ s/\s+$//;
	$mh = &escape($mh);
	foreach $line (reverse(@LOG)) {
		($index,$by,$time,$where,$addr,$host,$mt,$who2) = split(/;/, $line);
		last if ($now - $double_post_threshold) > $time;
		$mt =~ s/\s+$//;
		($by2) = ($by =~ m|^(.*):|);
		if ($by2 eq $username && substr($mh, 0, length($mt)) eq $mt) {
			if ($where eq "$topic_number/$me_number" || $newsubj == 1) {
				if ($FORM{'isitok'} ne 'okiedokie') {
					$url = "$message_url/$where.$ext";
					($ts) = &ex('extract_lastmodified', "$topic_number:$me_number");
					$url .= "?$ts" if !$noqm;
				} else {
					$url = "$cgiurlm$adminappend";
				}
				($head, $color, $lm, $ann, $ann_src, $sublist, $about, $about_src, $message, $message_src) = &get_page(split(/\//, $where));
				$flag = 0; $source = ""; @msgsrc = split(/\n/, $message_src);
				foreach $line2 (@msgsrc) {
					if ($line2 =~ m|<!-Source: $index-!>|) {
						$flag = 1;
					} elsif ($line2 =~ m|<!-/Source: (\d+)-!>|) {
						$flag = 0;
					} elsif ($flag == 1) {
						$source .= $line2;
					}
				}
				if ($NEW_SOURCE ne "") {
					$message_hold = $NEW_SOURCE;
				}
				$message_hold =~ s/\s+$//; $message_hold =~ s/^\s+//;
				$source = &unescape($source);
				$source =~ s/\s+$//; $source =~ s/^\s+//;
				if ($source eq $message_hold) {
					&error_message("$L{BPALREADYPOSTED}", "$L{BPALREADYPOSTEDDESC}<P><B><A HREF=\"$url\">$L{BPCLICKCONTINUE}</A></B><P>", 0, 1);
				}
			}
		}
	}
}
$message_hold = $message_html if $message_html;
if ($pro) {
	($queue) = &ex('check_queue_status', $topic_number, $poster_type);
}
if ($newsubj == 1 && !$queue) {
	($num) = &ex('get_number', 1); 	$newnum = $num;
	$pagetitle = $newsubject;
	($dt) = &ex('get_date_time', "long"); 	$dt =~ s/\W//g;
	$me_number_hold = $me_number;
	&ex('new_file', $topic_number, $num, $me_number, $owner, $pagetitle);
	&ex('change_layout', $topic_number, $num, "MessagesAdd");
	$url = "$message_url/$topic_number/$num.$ext";
	$url .= "?$dt" if !$noqm;
	$newpage = $newsubject;
	$str = &JavaScript_prepare($newpage);
	$strg = "onMouseOver=\"return setStatus('$str')\"";
	($ts) = &ex('get_date_time', "short");
	$linex = "<!-Top: $num-!><LI><A HREF=\"$url\" $strg>$newpage</A> <FONT SIZE=\"-1\">";
	$linex .= "$ts</FONT></LI><P>\n";
	&lock("$message_dir/$topic_number/$me_number.$ext");
	($head, $color, $lm, $ann, $ann_src, $sublist, $about, $about_src, $message, $message_src) = &get_page($topic_number, $me_number);
	@rs = split(/,/, $GLOBAL_OPTIONS{'reverse_subs'});
	if (!grep(/^$topic_number$/, @rs)) {
		$sublist = join("",$sublist,$linex);
	} else {
		$sublist = join("",$linex,$sublist);
	}
	@sublist = split(/\n/, $sublist);
	@as = split(/,/, $GLOBAL_OPTIONS{'alphabet_subs'});
	if (grep(/^$topic_number$/, @as)) {
		@sublist = sort alphabetical_sort @sublist;
		@sublist = reverse @sublist if grep(/^$topic_number$/, @rs);
	}
	@sublist = grep(/\S/, @sublist);
	$sublist = join("\n", @sublist);	
	&set_page($topic_number, $me_number, $head, $color, $lm, $ann, $ann_src, $sublist, $about, $about_src, $message, $message_src);
	&unlock("$message_dir/$topic_number/$me_number.$ext");
	&extract("//$topic_number/$num.$ext");
} elsif ($newsubj == 1 && $queue) {
	$subject_line = $newsubject;
}
if (!$queue) {
	($postindex, $source_out) = &ex('post_message',$topic_number,$me_number,$message_hold,$newmessage,$postby,$username,$group_hold);
	($dt) = &ex('get_date_time', "short");
	($ts) = &ex('get_date_time',"long"); $ts =~ s/\W//g;
	&ex('update_time', $topic_number, $newnum_number, $me_number, $ts, $dt, 0);
	&ex('email_notification', $topic_number, $me_number, $postby, $newmessage, $username, $group_hold) if ($GLOBAL_OPTIONS{'email'} && !$pro);
	&ex('email_notification_pro', $topic_number, $me_number, $postby, $newmessage, $username, $group_hold, 0) if ($GLOBAL_OPTIONS{'email'} && $pro);
} else {
	($queue_id, $source_out) = &ex('send_message_to_queue', $topic_number, $me_number, $message_hold, $newmessage, $postby, $username, $group_hold, $subject_line);
	&ex('email_notification_pro', $topic_number, $me_number, $postby, $newmessage, $username, $group_hold, 1) if ($GLOBAL_OPTIONS{'email'} && $pro);
}
$url = "$message_url/$topic_number/$me_number.$ext" if !$secure;
$url = "$script_url/board-auth.$cgi_extension?file=/$topic_number/$me_number.$ext&lm=$ts" if $secure;
$url .= "?$ts" if (!$noqm && !$secure);
if ($source_out =~ m|\\image_notuploaded\{| || $source_out =~ m|\\attachment_notuploaded\{|) {
	$string = $source_out;
	&header;
	($bgcolor, $text, $link, $vlink, $alink, $face, $size, $image) = &ex('extract_colorsonly', 1);
	&ex('printuntil', 1, 1, $topic_number, "$L{BPIMGUPLOADTITLE3_00}");
	print "<FONT SIZE=+1><CENTER><B>$L{BPIMGUPLOADTITLE3_00}</B></CENTER></FONT>\n<HR>\n";
	for ($i = 3; $i <= 9; $i += 2) {
		&ex('printuntil', $i, $i, $topic_number, "$L{BPIMGUPLOADTITLE3_00}");
	}
	print "$L{BPIMGUPLOADINSTR3_00}<P>\n";
	print "<FORM ACTION=\"$script_url/board-image.$cgi_extension\" METHOD=POST ENCTYPE=\"multipart/form-data\">\n";
	print "<HR>\n";
	for ($i = 11; $i <= 13; $i += 2) {
		&ex('printuntil', $i, $i, $topic_number);
	}
	$message = $string;
	while ($source_out =~ m|\\image_notuploaded\{(\d+),([^\}]*)\}|g) {
		$ctr = $1; $descr = $2;
		print "$L{BPPROVIDEFILE} <B>$descr</B>:<P>\n";
		print "<TABLE><TR><TD><INPUT TYPE=FILE NAME=\"Image$ctr\" SIZE=40></TD></TR></TABLE>\n";
		print "<HR>\n";
	}
	while ($source_out =~ m|\\attachment_notuploaded\{(\d+),([^\}]*)\}|g) {
		$ctr = $1; $descr = $2;
		print "$L{BPPROVIDEFILE} <B>$descr</B>:<P>\n";
		print "<TABLE><TR><TD><INPUT TYPE=FILE NAME=\"Attachment$ctr\" SIZE=40></TD></TR></TABLE>\n";
		print "<HR>\n";
	}
	print "<INPUT TYPE=SUBMIT VALUE=\"$L{BPIMGUPLOADBUTTON}\">\n";
	print "<INPUT TYPE=HIDDEN NAME=name VALUE=\"$username_input\">\n";
	print "<INPUT TYPE=HIDDEN NAME=number VALUE=\"$FORM{'number'}\">\n";
	print "<INPUT TYPE=HIDDEN NAME=HTTP_REFERER VALUE=\"//$topic_number/$me_number.$ext\">\n";
	print "<INPUT TYPE=HIDDEN NAME=postindex VALUE=\"$postindex\">\n";
	print "<INPUT Type=hidden name=\"isitok\" value=\"okiedokie\">\n" if $FORM{'isitok'} eq "okiedokie";
	print "<INPUT TYPE=HIDDEN NAME=queue VALUE=\"$queue_id\">\n";
	print "<HR>\n";
	print "</FORM>\n";
	if ($FORM{'isitok'} ne "okiedokie") {
		print "$L{BPIMGUPLOADCANCEL13_00} <A HREF=\"$url\">\n";
	} else {
		print "$L{BPIMGUPLOADCANCEL13_00} <A HREF=\"$cgiurlm$adminappend\">\n";
	}
	print "$L{BPIMGUPLOADCANCEL2}</A>. ";
	print "$L{BPIMGUPLOADCANCEL33_00}\n";
	print "<BR></FONT>\n";
	for ($i = 15; $i <= 17; $i += 2) {
		&ex('printuntil', $i, $i, $topic_number);
	}
	exit(0);
} else {
	&ex('queue_submitted', $topic_number, $me_number, $adminappend, $FORM{'isitok'}) if $queue;
	&seturl("$url") if $FORM{'isitok'} ne "okiedokie";
	&seturl("$cgiurlm$adminappend") if $FORM{'isitok'} eq "okiedokie";
}
sub verify_owner {
	local ($owner, $username) = @_;
	local (@group_data, $group, $usernames, @username, $groupname);
	open (GROUP, "$admin_dir/groups.txt") || &error_message("File Error", "Cannot open group file (groups.txt)!");
	@group_data = <GROUP>;
	close (GROUP);
	foreach $group (@group_data) {
		chop ($group) if $group =~ /\n$/;
		($groupname, $usernames) = split(/:/, $group);
		if ($groupname eq $owner) {
			@username = split(/,/, $usernames);
			if (grep (/^$username$/, @username)) {
				return 1;
			} else {
				return 0;
			}
		}
	}
	return 0;
}
sub alphabetical_sort {
	$a =~ m|<A[^>]+>(.*)</A>|i; $subnamea = $1;
	$b =~ m|<A[^>]+>(.*)</A>|i; $subnameb = $1;
	$subnamea =~ tr/A-Z/a-z/;
	$subnameb =~ tr/A-Z/a-z/;
	return 1 if $subnamea gt $subnameb;
	return -1 if $subnamea lt $subnameb;
	return 0;
}