#include "../../../include/http/pages/forumcreatepostpage.h"\r
#include "../../../include/stringfunctions.h"\r
#include "../../../include/message.h"\r
+#include "../../../include/unicode/unicodeformatter.h"\r
\r
#ifdef XMEM\r
#include <xmem.h>\r
replytomessageidstr=(*queryvars.find("replytomessageid")).second;\r
}\r
\r
- if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="send")\r
+ if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="send" && ValidateFormPassword(queryvars))\r
{\r
if(queryvars.find("localidentityid")!=queryvars.end() && (*queryvars.find("localidentityid")).second!="")\r
{\r
{\r
body=(*queryvars.find("body")).second;\r
body=StringFunctions::Replace(body,"\r\n","\n");\r
+ UnicodeFormatter::LineWrap(body,80,">",body);\r
}\r
else\r
{\r
\r
if(error=="")\r
{\r
- Message mess;\r
+ Message mess(m_db);\r
\r
long localidentityid=-1;\r
long boardid=-1;\r
{\r
if(replytomessageidstr!="")\r
{\r
- SQLite3DB::Statement replyst=m_db->Prepare("SELECT Subject, Body FROM tblMessage WHERE MessageID=?;");\r
+ std::string fromname="";\r
+ SQLite3DB::Statement replyst=m_db->Prepare("SELECT Subject, Body, FromName FROM tblMessage WHERE MessageID=?;");\r
replyst.Bind(0,replytomessageidstr);\r
replyst.Step();\r
if(replyst.RowReturned())\r
{\r
replyst.ResultText(0,subject);\r
replyst.ResultText(1,body);\r
+ replyst.ResultText(2,fromname);\r
\r
if(subject.size()<3 || (subject.substr(0,3)!="re:" && subject.substr(0,3)!="Re:"))\r
{\r
}\r
body+="\n";\r
}\r
+ body=fromname+" wrote:\n"+body;\r
+\r
}\r
}\r
}\r
content+="<input type=\"hidden\" name=\"threadid\" value=\""+threadidstr+"\">";\r
content+="<input type=\"hidden\" name=\"replytomessageid\" value=\""+replytomessageidstr+"\">";\r
content+="<input type=\"hidden\" name=\"formaction\" value=\"send\">";\r
+ content+=CreateFormPassword();\r
content+="<table class=\"createpost\">";\r
content+="<tr><td class=\"identity\">From</td><td>"+LocalIdentityDropDown("localidentityid",localidentityidstr)+"</td></tr>";\r
content+="<tr><td class=\"subject\">Subject</td><td><input type=\"text\" name=\"subject\" maxlength=\"60\" size=\"60\" value=\""+SanitizeOutput(subject)+"\"></td></tr>";\r