Compare revisions

Andrej Ramašeuski · Andrej Ramašeuski · Andrej Ramašeuski · Andrej Ramašeuski · Andrej Ramašeuski · Andrej Ramašeuski
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -2,7 +2,7 @@ image: docker:20.10.9

 variables:
  DOCKER_TLS_CERTDIR: "/certs"
-  BUILD_VERSION: p1
+  BUILD_VERSION: p11

 services:
  - docker:20.10.9-dind
@@ -17,6 +17,6 @@ build:
  stage: build
  script:
    - docker pull $CI_REGISTRY_IMAGE:latest || true
-    - docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:$IMAGE_VER --tag $CI_REGISTRY_IMAGE:latest .
-    - docker push $CI_REGISTRY_IMAGE:$IMAGE_VER
+    - docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:$VERSION --tag $CI_REGISTRY_IMAGE:latest .
+    - docker push $CI_REGISTRY_IMAGE:$VERSION
    - docker push $CI_REGISTRY_IMAGE:latest
--- a/Dockerfile
+++ b/Dockerfile
 FROM bitnami/phpbb:3.3.8
 MAINTAINER Andrej Ramašeuski <andrej.ramaseuski@pirati.cz>

+USER 0
+RUN install_packages cron
+COPY crontab /etc/cron.d/
+COPY phpbb-htaccess.conf /opt/bitnami/apache/conf/vhosts/htaccess
+USER 1001
+
 COPY phpbb /opt/bitnami/phpbb
+CMD [ "/opt/bitnami/scripts/apache/run.sh" ]
--- a/crontab
+++ b/crontab
+*/5 * * * * daemon /opt/bitnami/php/bin/php /opt/bitnami/phpbb/bin/phpbbcli.php -v cron:run
--- a/phpbb-htaccess.conf
+++ b/phpbb-htaccess.conf
+<Directory "/opt/bitnami/phpbb/files">
+  # With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+  # module mod_authz_host to a new module called mod_access_compat (which may be
+  # disabled) and a new "Require" syntax has been introduced to mod_authz_core.
+  # We could just conditionally provide both versions, but unfortunately Apache
+  # does not explicitly tell us its version if the module mod_version is not
+  # available. In this case, we check for the availability of module
+  # mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+  <IfModule mod_version.c>
+  	<IfVersion < 2.4>
+  		Order Allow,Deny
+  		Deny from All
+  	</IfVersion>
+  	<IfVersion >= 2.4>
+  		Require all denied
+  	</IfVersion>
+  </IfModule>
+  <IfModule !mod_version.c>
+  	<IfModule !mod_authz_core.c>
+  		Order Allow,Deny
+  		Deny from All
+  	</IfModule>
+  	<IfModule mod_authz_core.c>
+  		Require all denied
+  	</IfModule>
+  </IfModule>
+</Directory>
+<Directory "/opt/bitnami/phpbb/cache">
+  # With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+  # module mod_authz_host to a new module called mod_access_compat (which may be
+  # disabled) and a new "Require" syntax has been introduced to mod_authz_core.
+  # We could just conditionally provide both versions, but unfortunately Apache
+  # does not explicitly tell us its version if the module mod_version is not
+  # available. In this case, we check for the availability of module
+  # mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+  <IfModule mod_version.c>
+  	<IfVersion < 2.4>
+  		Order Allow,Deny
+  		Deny from All
+  	</IfVersion>
+  	<IfVersion >= 2.4>
+  		Require all denied
+  	</IfVersion>
+  </IfModule>
+  <IfModule !mod_version.c>
+  	<IfModule !mod_authz_core.c>
+  		Order Allow,Deny
+  		Deny from All
+  	</IfModule>
+  	<IfModule mod_authz_core.c>
+  		Require all denied
+  	</IfModule>
+  </IfModule>
+</Directory>
+<Directory "/opt/bitnami/phpbb">
+  <IfModule mod_rewrite.c>
+  RewriteEngine on
+  
+  #
+  # Uncomment the statement below if URL rewriting doesn't
+  # work properly. If you installed phpBB in a subdirectory
+  # of your site, properly set the argument for the statement.
+  # e.g.: if your domain is test.com and you installed phpBB
+  # in http://www.test.com/phpBB/index.php you have to set
+  # the statement RewriteBase /phpBB/
+  #
+  #RewriteBase /
+  
+  #
+  # Uncomment the statement below if you want to make use of
+  # HTTP authentication and it does not already work.
+  # This could be required if you are for example using PHP via Apache CGI.
+  #
+  #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
+  
+ 
+  # DO NOT GO FURTHER IF THE REQUESTED FILE / DIR DOES EXISTS
+  RewriteCond %{REQUEST_FILENAME} -f
+  RewriteCond %{REQUEST_FILENAME} -d
+  RewriteRule . - [L]
+ 
+  # FORUM ALL MODES
+  RewriteRule ^(forum|[a-z0-9_-]*-f)([0-9]+)/?(page([0-9]+)\.html)?$ /viewforum.php?f=$2&start=$4 [QSA,L,NC,R=302]
+  # TOPIC WITH VIRTUAL FOLDER ALL MODES
+  RewriteRule ^(forum|[a-z0-9_-]*-f)([0-9]+)/(topic|[a-z0-9_-]*-t)([0-9]+)(-([0-9]+))?\.html$ /viewtopic.php?f=$2&t=$4&start=$6 [QSA,L,NC,R=302]
+  # GLOBAL ANNOUNCES WITH VIRTUAL FOLDER ALL MODES
+  RewriteRule ^announces/(topic|[a-z0-9_-]*-t)([0-9]+)(-([0-9]+))?\.html$ /viewtopic.php?t=$2&start=$4 [QSA,L,NC,R=302]
+  # PHPBB FILES ALL MODES
+  RewriteRule ^resources/[a-z0-9_-]+/(thumb/)?([0-9]+)$ /download/file.php?id=$2&t=$1 [QSA,L,NC,R=302]
+  # POST
+  RewriteRule ^post([0-9]+)\.html$ /viewtopic.php?p=$1 [QSA,L,NC,R=302]
+
+  #
+  # The following 3 lines will rewrite URLs passed through the front controller
+  # to not require app.php in the actual URL. In other words, a controller is
+  # by default accessed at /app.php/my/controller, but can also be accessed at
+  # /my/controller
+  #
+  RewriteCond %{REQUEST_FILENAME} !-f
+  RewriteCond %{REQUEST_FILENAME} !-d
+  RewriteRule ^(.*)$ app.php [QSA,L]
+  
+  #
+  # If symbolic links are not already being followed,
+  # uncomment the line below.
+  # http://anothersysadmin.wordpress.com/2008/06/10/mod_rewrite-forbidden-403-with-apache-228/
+  #
+  #Options +FollowSymLinks
+  </IfModule>
+  
+  # Apache content negotation tries to interpret non-existent paths as files if
+  # MultiViews is enabled. This will however cause issues with paths containg
+  # dots, e.g. for the cron tasks
+  <IfModule mod_negotiation.c>
+  	Options -MultiViews
+  </IfModule>
+  
+  # With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+  # module mod_authz_host to a new module called mod_access_compat (which may be
+  # disabled) and a new "Require" syntax has been introduced to mod_authz_host.
+  # We could just conditionally provide both versions, but unfortunately Apache
+  # does not explicitly tell us its version if the module mod_version is not
+  # available. In this case, we check for the availability of module
+  # mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+  <IfModule mod_version.c>
+  	<IfVersion < 2.4>
+  		<Files "config.php">
+  			Order Allow,Deny
+  			Deny from All
+  		</Files>
+  		<Files "common.php">
+  			Order Allow,Deny
+  			Deny from All
+  		</Files>
+  	</IfVersion>
+  	<IfVersion >= 2.4>
+  		<Files "config.php">
+  			Require all denied
+  		</Files>
+  		<Files "common.php">
+  			Require all denied
+  		</Files>
+  	</IfVersion>
+  </IfModule>
+  <IfModule !mod_version.c>
+  	<IfModule !mod_authz_core.c>
+  		<Files "config.php">
+  			Order Allow,Deny
+  			Deny from All
+  		</Files>
+  		<Files "common.php">
+  			Order Allow,Deny
+  			Deny from All
+  		</Files>
+  	</IfModule>
+  	<IfModule mod_authz_core.c>
+  		<Files "config.php">
+  			Require all denied
+  		</Files>
+  		<Files "common.php">
+  			Require all denied
+  		</Files>
+  	</IfModule>
+  </IfModule>
+</Directory>
+<Directory "/opt/bitnami/phpbb/store">
+  # With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+  # module mod_authz_host to a new module called mod_access_compat (which may be
+  # disabled) and a new "Require" syntax has been introduced to mod_authz_core.
+  # We could just conditionally provide both versions, but unfortunately Apache
+  # does not explicitly tell us its version if the module mod_version is not
+  # available. In this case, we check for the availability of module
+  # mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+  <IfModule mod_version.c>
+  	<IfVersion < 2.4>
+  		Order Allow,Deny
+  		Deny from All
+  	</IfVersion>
+  	<IfVersion >= 2.4>
+  		Require all denied
+  	</IfVersion>
+  </IfModule>
+  <IfModule !mod_version.c>
+  	<IfModule !mod_authz_core.c>
+  		Order Allow,Deny
+  		Deny from All
+  	</IfModule>
+  	<IfModule mod_authz_core.c>
+  		Require all denied
+  	</IfModule>
+  </IfModule>
+</Directory>
+<Directory "/opt/bitnami/phpbb/includes">
+  # With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+  # module mod_authz_host to a new module called mod_access_compat (which may be
+  # disabled) and a new "Require" syntax has been introduced to mod_authz_core.
+  # We could just conditionally provide both versions, but unfortunately Apache
+  # does not explicitly tell us its version if the module mod_version is not
+  # available. In this case, we check for the availability of module
+  # mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+  <IfModule mod_version.c>
+  	<IfVersion < 2.4>
+  		Order Allow,Deny
+  		Deny from All
+  	</IfVersion>
+  	<IfVersion >= 2.4>
+  		Require all denied
+  	</IfVersion>
+  </IfModule>
+  <IfModule !mod_version.c>
+  	<IfModule !mod_authz_core.c>
+  		Order Allow,Deny
+  		Deny from All
+  	</IfModule>
+  	<IfModule mod_authz_core.c>
+  		Require all denied
+  	</IfModule>
+  </IfModule>
+</Directory>
+<Directory "/opt/bitnami/phpbb/config">
+  # With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+  # module mod_authz_host to a new module called mod_access_compat (which may be
+  # disabled) and a new "Require" syntax has been introduced to mod_authz_core.
+  # We could just conditionally provide both versions, but unfortunately Apache
+  # does not explicitly tell us its version if the module mod_version is not
+  # available. In this case, we check for the availability of module
+  # mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+  <IfModule mod_version.c>
+  	<IfVersion < 2.4>
+  		Order Allow,Deny
+  		Deny from All
+  	</IfVersion>
+  	<IfVersion >= 2.4>
+  		Require all denied
+  	</IfVersion>
+  </IfModule>
+  <IfModule !mod_version.c>
+  	<IfModule !mod_authz_core.c>
+  		Order Allow,Deny
+  		Deny from All
+  	</IfModule>
+  	<IfModule mod_authz_core.c>
+  		Require all denied
+  	</IfModule>
+  </IfModule>
+</Directory>
+<Directory "/opt/bitnami/phpbb/images/avatars/upload">
+  # With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+  # module mod_authz_host to a new module called mod_access_compat (which may be
+  # disabled) and a new "Require" syntax has been introduced to mod_authz_core.
+  # We could just conditionally provide both versions, but unfortunately Apache
+  # does not explicitly tell us its version if the module mod_version is not
+  # available. In this case, we check for the availability of module
+  # mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+  <IfModule mod_version.c>
+  	<IfVersion < 2.4>
+  		Order Allow,Deny
+  		Deny from All
+  	</IfVersion>
+  	<IfVersion >= 2.4>
+  		Require all denied
+  	</IfVersion>
+  </IfModule>
+  <IfModule !mod_version.c>
+  	<IfModule !mod_authz_core.c>
+  		Order Allow,Deny
+  		Deny from All
+  	</IfModule>
+  	<IfModule mod_authz_core.c>
+  		Require all denied
+  	</IfModule>
+  </IfModule>
+</Directory>
+<Directory "/opt/bitnami/phpbb/phpbb/db/migration/data">
+  # With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+  # module mod_authz_host to a new module called mod_access_compat (which may be
+  # disabled) and a new "Require" syntax has been introduced to mod_authz_core.
+  # We could just conditionally provide both versions, but unfortunately Apache
+  # does not explicitly tell us its version if the module mod_version is not
+  # available. In this case, we check for the availability of module
+  # mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+  <IfModule mod_version.c>
+  	<IfVersion < 2.4>
+  		Order Allow,Deny
+  		Deny from All
+  	</IfVersion>
+  	<IfVersion >= 2.4>
+  		Require all denied
+  	</IfVersion>
+  </IfModule>
+  <IfModule !mod_version.c>
+  	<IfModule !mod_authz_core.c>
+  		Order Allow,Deny
+  		Deny from All
+  	</IfModule>
+  	<IfModule mod_authz_core.c>
+  		Require all denied
+  	</IfModule>
+  </IfModule>
+</Directory>
--- a/phpbb/adm/index.php
+++ b/phpbb/adm/index.php
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+/**
+*/
+define('IN_PHPBB', true);
+define('ADMIN_START', true);
+define('NEED_SID', true);
+
+// Include files
+$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../';
+$phpEx = substr(strrchr(__FILE__, '.'), 1);
+require($phpbb_root_path . 'common.' . $phpEx);
+require($phpbb_root_path . 'includes/functions_acp.' . $phpEx);
+require($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
+require($phpbb_root_path . 'includes/functions_module.' . $phpEx);
+
+// Start session management
+$user->session_begin();
+$auth->acl($user->data);
+$user->setup('acp/common');
+// End session management
+
+// Have they authenticated (again) as an admin for this session?
+if (!isset($user->data['session_admin']) || !$user->data['session_admin'])
+{
+//	login_box('', $user->lang['LOGIN_ADMIN_CONFIRM'], $user->lang['LOGIN_ADMIN_SUCCESS'], true, false);
+}
+
+// Is user any type of admin? No, then stop here, each script needs to
+// check specific permissions but this is a catchall
+if (!$auth->acl_get('a_'))
+{
+	send_status_line(403, 'Forbidden');
+	trigger_error('NO_ADMIN');
+}
+
+// We define the admin variables now, because the user is now able to use the admin related features...
+define('IN_ADMIN', true);
+
+// Some oft used variables
+$file_uploads	= (@ini_get('file_uploads') == '1' || strtolower(@ini_get('file_uploads')) === 'on') ? true : false;
+$module_id		= $request->variable('i', '');
+$mode			= $request->variable('mode', '');
+
+// Set custom style for admin area
+$template->set_custom_style(array(
+	array(
+		'name' 		=> 'adm',
+		'ext_path' 	=> 'adm/style/',
+	),
+), $phpbb_admin_path . 'style');
+
+$template->assign_var('T_ASSETS_PATH', $phpbb_root_path . 'assets');
+$template->assign_var('T_TEMPLATE_PATH', $phpbb_admin_path . 'style');
+
+// Instantiate new module
+$module = new p_master();
+
+// Instantiate module system and generate list of available modules
+$module->list_modules('acp');
+
+// Select the active module
+$module->set_active($module_id, $mode);
+
+// Assign data to the template engine for the list of modules
+// We do this before loading the active module for correct menu display in trigger_error
+$module->assign_tpl_vars(append_sid("{$phpbb_admin_path}index.$phpEx"));
+
+// Load and execute the relevant module
+$module->load_active();
+
+// Generate the page
+adm_page_header($module->get_page_title());
+
+$template->set_filenames(array(
+	'body' => $module->get_tpl_name(),
+));
+
+adm_page_footer();
--- a/phpbb/ext/pirati/pirid/composer.json
+++ b/phpbb/ext/pirati/pirid/composer.json
--- a/phpbb/ext/pirati/pirid/config/services.yml
+++ b/phpbb/ext/pirati/pirid/config/services.yml
--- a/phpbb/ext/pirati/pirid/language/cs/acp/common.php
+++ b/phpbb/ext/pirati/pirid/language/cs/acp/common.php
--- a/phpbb/ext/pirati/pirid/language/cs/common.php
+++ b/phpbb/ext/pirati/pirid/language/cs/common.php
--- a/phpbb/ext/pirati/pirid/language/en/acp/common.php
+++ b/phpbb/ext/pirati/pirid/language/en/acp/common.php
--- a/phpbb/ext/pirati/pirid/language/en/common.php
+++ b/phpbb/ext/pirati/pirid/language/en/common.php
--- a/phpbb/ext/pirati/pirid/pirati.php
+++ b/phpbb/ext/pirati/pirid/pirati.php
--- a/phpbb/includes/functions_posting.php
+++ b/phpbb/includes/functions_posting.php
@@ -256,7 +256,7 @@ function generate_smilies($mode, $forum_id)
 */
 function update_post_information($type, $ids, $return_update_sql = false)
 {
-	global $db;
+	global $db, $phpbb_dispatcher;

 	if (empty($ids))
 	{
@@ -340,14 +340,35 @@ function update_post_information($type, $ids, $return_update_sql = false)

 	if (count($last_post_ids))
 	{
-		$sql = 'SELECT p.' . $type . '_id, p.post_id, p.post_subject, p.post_time, p.poster_id, p.post_username, u.user_id, u.username, u.user_colour
-			FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . ' u
-			WHERE p.poster_id = u.user_id
-				AND ' . $db->sql_in_set('p.post_id', $last_post_ids);
-		$result = $db->sql_query($sql);
+		$sql_ary = array(
+			'SELECT'	=> 'p.' . $type . '_id, p.post_id, p.post_subject, p.post_time, p.poster_id, p.post_username, u.user_id, u.username, u.user_colour',
+			'FROM'		=> array(
+				POSTS_TABLE	=> 'p',
+				USERS_TABLE => 'u',
+			),
+			'WHERE'		=> $db->sql_in_set('p.post_id', $last_post_ids) . '
+				AND p.poster_id = u.user_id',
+		);
+
+		/**
+		* Event to modify the SQL array to get the post and user data from all last posts
+		*
+		* @event core.update_post_info_modify_posts_sql
+		* @var	string	type				The table being updated (forum or topic)
+		* @var	array	sql_ary				SQL array to get some of the last posts' data
+		* @since 3.3.5-RC1
+		*/
+		$vars = [
+			'type',
+			'sql_ary',
+		];
+		extract($phpbb_dispatcher->trigger_event('core.update_post_info_modify_posts_sql', compact($vars)));
+		$result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary));

+		$rowset = array();
 		while ($row = $db->sql_fetchrow($result))
 		{
+			$rowset[] = $row;
 			$update_sql[$row["{$type}_id"]][] = $type . '_last_post_id = ' . (int) $row['post_id'];
 			$update_sql[$row["{$type}_id"]][] = "{$type}_last_post_subject = '" . $db->sql_escape($row['post_subject']) . "'";
 			$update_sql[$row["{$type}_id"]][] = $type . '_last_post_time = ' . (int) $row['post_time'];
@@ -356,6 +377,23 @@ function update_post_information($type, $ids, $return_update_sql = false)
 			$update_sql[$row["{$type}_id"]][] = "{$type}_last_poster_name = '" . (($row['poster_id'] == ANONYMOUS) ? $db->sql_escape($row['post_username']) : $db->sql_escape($row['username'])) . "'";
 		}
 		$db->sql_freeresult($result);
+
+		/**
+		* Event to modify the update_sql array to add new update data for forum or topic last posts
+		*
+		* @event core.update_post_info_modify_sql
+		* @var	string	type				The table being updated (forum or topic)
+		* @var	array	rowset				Array with the posts data
+		* @var	array	update_sql			Array with SQL data to update the forums or topics table with
+		* @since 3.3.5-RC1
+		*/
+		$vars = [
+			'type',
+			'rowset',
+			'update_sql',
+		];
+		extract($phpbb_dispatcher->trigger_event('core.update_post_info_modify_sql', compact($vars)));
+		unset($rowset);
 	}
 	unset($empty_forums, $ids, $last_post_ids);

@@ -776,19 +814,41 @@ function posting_gen_inline_attachments(&$attachment_data)

 /**
 * Generate inline attachment entry
+ *
+ * @param array		$attachment_data	The attachment data
+ * @param string	$filename_data		The filename data (filecomment)
+ * @param bool		$show_attach_box	Whether to show the attach box
+ * @param mixed		$forum_id			The forum id to check or false if private message
+ * @return int
 */
-function posting_gen_attachment_entry($attachment_data, &$filename_data, $show_attach_box = true)
+function posting_gen_attachment_entry($attachment_data, &$filename_data, $show_attach_box = true, $forum_id = false)
 {
-	global $template, $config, $phpbb_root_path, $phpEx, $user, $phpbb_dispatcher;
+	global $template, $cache, $config, $phpbb_root_path, $phpEx, $user, $phpbb_dispatcher;
+
+	$allowed_attachments = array_keys($cache->obtain_attach_extensions($forum_id)['_allowed_']);

 	// Some default template variables
-	$template->assign_vars(array(
+	$default_vars = [
 		'S_SHOW_ATTACH_BOX'				=> $show_attach_box,
 		'S_HAS_ATTACHMENTS'				=> count($attachment_data),
 		'FILESIZE'						=> $config['max_filesize'],
 		'FILE_COMMENT'					=> (isset($filename_data['filecomment'])) ? $filename_data['filecomment'] : '',
 		'MAX_ATTACHMENT_FILESIZE'		=> $config['max_filesize'] > 0 ? $user->lang('MAX_ATTACHMENT_FILESIZE', get_formatted_filesize($config['max_filesize'])) : '',
-	));
+		'ALLOWED_ATTACHMENTS'			=> !empty($allowed_attachments) ? implode(',', $allowed_attachments) : '',
+	];
+
+	/**
+	 * Modify default attachments template vars
+	 *
+	 * @event core.modify_default_attachments_template_vars
+	 * @var	array	allowed_attachments		Array containing allowed attachments data
+	 * @var	array	default_vars			Array containing default attachments template vars
+	 * @since 3.3.6-RC1
+	 */
+	$vars = ['allowed_attachments', 'default_vars'];
+	extract($phpbb_dispatcher->trigger_event('core.modify_default_attachments_template_vars', compact($vars)));
+
+	$template->assign_vars($default_vars);

 	if (count($attachment_data))
 	{
@@ -937,10 +997,10 @@ function load_drafts($topic_id = 0, $forum_id = 0, $id = 0, $pm_action = '', $ms
 			$topic_forum_id = ($topic_rows[$draft['topic_id']]['forum_id']) ? $topic_rows[$draft['topic_id']]['forum_id'] : $forum_id;

 			$link_topic = true;
-			$view_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $topic_forum_id . '&amp;t=' . $draft['topic_id']);
+			$view_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $draft['topic_id']);
 			$title = $topic_rows[$draft['topic_id']]['topic_title'];

-			$insert_url = append_sid("{$phpbb_root_path}posting.$phpEx", 'f=' . $topic_forum_id . '&amp;t=' . $draft['topic_id'] . '&amp;mode=reply&amp;d=' . $draft['draft_id']);
+			$insert_url = append_sid("{$phpbb_root_path}posting.$phpEx", 't=' . $draft['topic_id'] . '&amp;mode=reply&amp;d=' . $draft['draft_id']);
 		}
 		else if ($draft['forum_id'] && $auth->acl_get('f_read', $draft['forum_id']))
 		{
@@ -1160,7 +1220,7 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id
 		$post_subject = censor_text($post_subject);

 		$post_anchor = ($mode == 'post_review') ? 'ppr' . $row['post_id'] : 'pr' . $row['post_id'];
-		$u_show_post = append_sid($phpbb_root_path . 'viewtopic.' . $phpEx, "f=$forum_id&amp;t=$topic_id&amp;p={$row['post_id']}&amp;view=show#p{$row['post_id']}");
+		$u_show_post = append_sid($phpbb_root_path . 'viewtopic.' . $phpEx, "t=$topic_id&amp;p={$row['post_id']}&amp;view=show#p{$row['post_id']}");

 		$l_deleted_message = '';
 		if ($row['post_visibility'] == ITEM_DELETED)
@@ -1193,11 +1253,11 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id
 			'POST_AUTHOR'			=> get_username_string('username', $poster_id, $row['username'], $row['user_colour'], $row['post_username']),
 			'U_POST_AUTHOR'			=> get_username_string('profile', $poster_id, $row['username'], $row['user_colour'], $row['post_username']),

-			'S_HAS_ATTACHMENTS'	=> (!empty($attachments[$row['post_id']])) ? true : false,
-			'S_FRIEND'			=> ($row['friend']) ? true : false,
-			'S_IGNORE_POST'		=> ($row['foe']) ? true : false,
-			'L_IGNORE_POST'		=> ($row['foe']) ? sprintf($user->lang['POST_BY_FOE'], get_username_string('full', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), "<a href=\"{$u_show_post}\" onclick=\"phpbb.toggleDisplay('{$post_anchor}', 1); return false;\">", '</a>') : '',
-			'S_POST_DELETED'	=> ($row['post_visibility'] == ITEM_DELETED) ? true : false,
+			'S_HAS_ATTACHMENTS'	=> !empty($attachments[$row['post_id']]),
+			'S_FRIEND'			=> (bool) $row['friend'],
+			'S_IGNORE_POST'		=> (bool) $row['foe'],
+			'L_IGNORE_POST'		=> $row['foe'] ? $user->lang('POST_BY_FOE', get_username_string('full', $poster_id, $row['username'], $row['user_colour'], $row['post_username']), "<a href=\"{$u_show_post}\" onclick=\"phpbb.toggleDisplay('{$post_anchor}', 1); return false;\">", '</a>') : '',
+			'S_POST_DELETED'	=> $row['post_visibility'] == ITEM_DELETED,
 			'L_DELETE_POST'		=> $l_deleted_message,

 			'POST_SUBJECT'		=> $post_subject,
@@ -1209,7 +1269,7 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id
 			'POST_TIME'			=> $row['post_time'],
 			'USER_ID'			=> $row['user_id'],
 			'U_MINI_POST'		=> append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $row['post_id']) . '#p' . $row['post_id'],
-			'U_MCP_DETAILS'		=> ($auth->acl_get('m_info', $forum_id)) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&amp;mode=post_details&amp;f=' . $forum_id . '&amp;p=' . $row['post_id'], true, $user->session_id) : '',
+			'U_MCP_DETAILS'		=> ($auth->acl_get('m_info', $forum_id)) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&amp;mode=post_details&amp;p=' . $row['post_id'], true, $user->session_id) : '',
 			'POSTER_QUOTE'		=> ($show_quote_button && $auth->acl_get('f_reply', $forum_id)) ? addslashes(get_username_string('username', $poster_id, $row['username'], $row['user_colour'], $row['post_username'])) : '',
 		);

@@ -1836,13 +1896,8 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll_ary, &$data
 					'poll_start'		=> $poll_start,
 					'poll_max_options'	=> $poll_ary['poll_max_options'],
 					'poll_length'		=> $poll_length,
-					'poll_vote_change'	=> $poll_ary['poll_vote_change']
-
-					/* BEGIN SHOW_RESULTS */
-
-					,'poll_show_results'	=> $poll_ary['poll_show_results']
-
-					/* END SHOW_RESULTS */
+					'poll_vote_change'	=> $poll_ary['poll_vote_change'],
+					'poll_show_results'	=> $poll_ary['poll_show_results']
                    )
 				);
 			}
@@ -1920,13 +1975,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll_ary, &$data
 				'poll_max_options'			=> (isset($poll_ary['poll_options'])) ? $poll_ary['poll_max_options'] : 1,
 				'poll_length'				=> (isset($poll_ary['poll_options'])) ? $poll_length : 0,
 				'poll_vote_change'			=> (isset($poll_ary['poll_vote_change'])) ? $poll_ary['poll_vote_change'] : 0,
-
-				/* BEGIN SHOW_RESULTS */
-
 				'poll_show_results'			=> (isset($poll_ary['poll_show_results'])) ? $poll_ary['poll_show_results'] : 1,
-
-				/* END SHOW_RESULTS */
-
 				'topic_last_view_time'		=> $current_time,

 				'topic_attachment'			=> (!empty($data_ary['attachment_data'])) ? 1 : (isset($data_ary['topic_attachment']) ? $data_ary['topic_attachment'] : 0),
@@ -2517,27 +2566,35 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll_ary, &$data
 		}
 	}

-	$params = $add_anchor = '';
+	$params = [];
+	$add_anchor = '';
+	$url = "{$phpbb_root_path}viewtopic.$phpEx";

 	if ($post_visibility == ITEM_APPROVED ||
 		($auth->acl_get('m_softdelete', $data_ary['forum_id']) && $post_visibility == ITEM_DELETED) ||
 		($auth->acl_get('m_approve', $data_ary['forum_id']) && in_array($post_visibility, array(ITEM_UNAPPROVED, ITEM_REAPPROVE))))
 	{
-		$params .= '&amp;t=' . $data_ary['topic_id'];
-
 		if ($mode != 'post')
 		{
-			$params .= '&amp;p=' . $data_ary['post_id'];
+			$params['p'] = $data_ary['post_id'];
 			$add_anchor = '#p' . $data_ary['post_id'];
 		}
+		else
+		{
+			$params['t'] = $data_ary['topic_id'];
+		}
 	}
 	else if ($mode != 'post' && $post_mode != 'edit_first_post' && $post_mode != 'edit_topic')
 	{
-		$params .= '&amp;t=' . $data_ary['topic_id'];
+		$params['t'] = $data_ary['topic_id'];
+	}
+	else
+	{
+		$url = "{$phpbb_root_path}viewforum.$phpEx";
+		$params['f'] = $data_ary['forum_id'];
 	}

-	$url = (!$params) ? "{$phpbb_root_path}viewforum.$phpEx" : "{$phpbb_root_path}viewtopic.$phpEx";
-	$url = append_sid($url, 'f=' . $data_ary['forum_id'] . $params) . $add_anchor;
+	$url = append_sid($url, $params) . $add_anchor;

 	$poll = $poll_ary;
 	$data = $data_ary;
@@ -2598,7 +2655,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll_ary, &$data
 *				- 'topic_last_poster_name'
 *				- 'topic_last_poster_colour'
 * @param int $bump_time The time at which topic was bumped, usually it is a current time as obtained via time().
-* @return string An URL to the bumped topic, example: ./viewtopic.php?forum_id=1&amptopic_id=2&ampp=3#p3
+* @return string An URL to the bumped topic, example: ./viewtopic.php?p=3#p3
 */
 function phpbb_bump_topic($forum_id, $topic_id, $post_data, $bump_time = false)
 {
@@ -2687,7 +2744,7 @@ function phpbb_bump_topic($forum_id, $topic_id, $post_data, $bump_time = false)
 		$post_data['topic_title']
 	));

-	$url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=$topic_id&amp;p={$post_data['topic_last_post_id']}") . "#p{$post_data['topic_last_post_id']}";
+	$url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "p={$post_data['topic_last_post_id']}") . "#p{$post_data['topic_last_post_id']}";

 	return $url;
 }
@@ -2818,7 +2875,7 @@ function phpbb_handle_post_delete($forum_id, $topic_id, $post_id, &$post_data, $
 					$delete_reason
 				));

-				$meta_info = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&amp;t=$topic_id&amp;p=$next_post_id") . "#p$next_post_id";
+				$meta_info = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "p=$next_post_id") . "#p$next_post_id";
 				$message = $user->lang['POST_DELETED'];

 				if (!$request->is_ajax())

--- a/phpbb/posting.php
+++ b/phpbb/posting.php
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+/**
+* @ignore
+*/
+define('IN_PHPBB', true);
+$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
+$phpEx = substr(strrchr(__FILE__, '.'), 1);
+include($phpbb_root_path . 'common.' . $phpEx);
+include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
+include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
+include($phpbb_root_path . 'includes/message_parser.' . $phpEx);
+
+
+// Start session management
+$user->session_begin();
+$auth->acl($user->data);
+
+
+// Grab only parameters needed here
+$draft_id	= $request->variable('d', 0);
+
+$preview	= (isset($_POST['preview'])) ? true : false;
+$save		= (isset($_POST['save'])) ? true : false;
+$load		= (isset($_POST['load'])) ? true : false;
+$confirm	= $request->is_set_post('confirm');
+$cancel		= (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false;
+
+$refresh	= (isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $preview);
+$submit = $request->is_set_post('post') && !$refresh && !$preview;
+$mode		= $request->variable('mode', '');
+
+// Only assign required URL parameters
+$forum_id = 0;
+$topic_id = 0;
+$post_id = 0;
+
+switch ($mode)
+{
+	case 'popup':
+	case 'smilies':
+		$forum_id = $request->variable('f', 0);
+	break;
+
+	case 'post':
+		$forum_id = $request->variable('f', 0);
+		if (!$forum_id)
+		{
+			trigger_error('NO_FORUM');
+		}
+	break;
+
+	case 'bump':
+	case 'reply':
+		$topic_id = $request->variable('t', 0);
+		if ($topic_id)
+		{
+			$sql = 'SELECT forum_id
+				FROM ' . TOPICS_TABLE . "
+				WHERE topic_id = $topic_id";
+			$result = $db->sql_query($sql);
+			$forum_id = (int) $db->sql_fetchfield('forum_id');
+			$db->sql_freeresult($result);
+		}
+
+		if (!$topic_id || !$forum_id)
+		{
+			trigger_error('NO_TOPIC');
+		}
+	break;
+
+	case 'edit':
+	case 'delete':
+	case 'quote':
+	case 'soft_delete':
+		$post_id = $request->variable('p', 0);
+		if ($post_id)
+		{
+			$topic_forum = [];
+
+			$sql = 'SELECT t.topic_id, t.forum_id
+				FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p
+				WHERE p.post_id = ' . $post_id . '
+				AND t.topic_id = p.topic_id';
+			$result = $db->sql_query($sql);
+			$topic_forum = $db->sql_fetchrow($result);
+			$db->sql_freeresult($result);
+		}
+
+		if (!$post_id || !$topic_forum)
+		{
+			$user->setup('posting');
+			trigger_error('NO_POST');
+		}
+
+		$topic_id = (int) $topic_forum['topic_id'];
+		$forum_id = (int) $topic_forum['forum_id'];
+	break;
+}
+
+// If the user is not allowed to delete the post, we try to soft delete it, so we overwrite the mode here.
+if ($mode == 'delete' && (($confirm && !$request->is_set_post('delete_permanent')) || !$auth->acl_gets('f_delete', 'm_delete', $forum_id)))
+{
+	$mode = 'soft_delete';
+}
+
+$error = $post_data = array();
+$current_time = time();
+
+/**
+* This event allows you to alter the above parameters, such as submit and mode
+*
+* Note: $refresh must be true to retain previously submitted form data.
+*
+* Note: The template class will not work properly until $user->setup() is
+* called, and it has not been called yet. Extensions requiring template
+* assignments should use an event that comes later in this file.
+*
+* @event core.modify_posting_parameters
+* @var	int		post_id		ID of the post
+* @var	int		topic_id	ID of the topic
+* @var	int		forum_id	ID of the forum
+* @var	int		draft_id	ID of the draft
+* @var	bool	submit		Whether or not the form has been submitted
+* @var	bool	preview		Whether or not the post is being previewed
+* @var	bool	save		Whether or not a draft is being saved
+* @var	bool	load		Whether or not a draft is being loaded
+* @var	bool	cancel		Whether or not to cancel the form (returns to
+*							viewtopic or viewforum depending on if the user
+*							is posting a new topic or editing a post)
+* @var	bool	refresh		Whether or not to retain previously submitted data
+* @var	string	mode		What action to take if the form has been submitted
+*							post|reply|quote|edit|delete|bump|smilies|popup
+* @var	array	error		Any error strings; a non-empty array aborts
+*							form submission.
+*							NOTE: Should be actual language strings, NOT
+*							language keys.
+* @since 3.1.0-a1
+* @changed 3.1.2-RC1			Removed 'delete' var as it does not exist
+* @changed 3.2.4-RC1		Remove unused 'lastclick' var
+*/
+$vars = array(
+	'post_id',
+	'topic_id',
+	'forum_id',
+	'draft_id',
+	'submit',
+	'preview',
+	'save',
+	'load',
+	'cancel',
+	'refresh',
+	'mode',
+	'error',
+);
+extract($phpbb_dispatcher->trigger_event('core.modify_posting_parameters', compact($vars)));
+
+// Was cancel pressed? If so then redirect to the appropriate page
+if ($cancel)
+{
+	$redirect = ($post_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'p=' . $post_id) . '#p' . $post_id : (($topic_id) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $topic_id) : (($forum_id) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}index.$phpEx")));
+	redirect($redirect);
+}
+
+/* @var $phpbb_content_visibility \phpbb\content_visibility */
+$phpbb_content_visibility = $phpbb_container->get('content.visibility');
+
+// We need to know some basic information in all cases before we do anything.
+switch ($mode)
+{
+	case 'post':
+		$sql = 'SELECT *
+			FROM ' . FORUMS_TABLE . "
+			WHERE forum_id = $forum_id";
+	break;
+
+	case 'bump':
+	case 'reply':
+		$sql = 'SELECT f.*, t.*
+			FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
+			WHERE t.topic_id = $topic_id
+				AND f.forum_id = t.forum_id
+				AND " . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id, 't.');
+	break;
+
+	case 'quote':
+	case 'edit':
+	case 'delete':
+	case 'soft_delete':
+		$sql = 'SELECT f.*, t.*, p.*, u.username, u.username_clean, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield
+			FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u
+			WHERE p.post_id = $post_id
+				AND t.topic_id = p.topic_id
+				AND u.user_id = p.poster_id
+				AND f.forum_id = t.forum_id
+				AND " . $phpbb_content_visibility->get_visibility_sql('post', $forum_id, 'p.');
+	break;
+
+	case 'smilies':
+		$sql = '';
+		generate_smilies('window', $forum_id);
+	break;
+
+	case 'popup':
+		if ($forum_id)
+		{
+			$sql = 'SELECT forum_style
+				FROM ' . FORUMS_TABLE . '
+				WHERE forum_id = ' . $forum_id;
+		}
+		else
+		{
+			phpbb_upload_popup();
+			return;
+		}
+	break;
+
+	default:
+		$sql = '';
+	break;
+}
+
+if (!$sql)
+{
+	$user->setup('posting');
+	trigger_error('NO_POST_MODE');
+}
+
+$result = $db->sql_query($sql);
+$post_data = $db->sql_fetchrow($result);
+$db->sql_freeresult($result);
+
+if (!$post_data)
+{
+	if (!($mode == 'post' || $mode == 'bump' || $mode == 'reply'))
+	{
+		$user->setup('posting');
+	}
+	trigger_error(($mode == 'post' || $mode == 'bump' || $mode == 'reply') ? 'NO_TOPIC' : 'NO_POST');
+}
+
+/**
+* This event allows you to bypass reply/quote test of an unapproved post.
+*
+* @event core.posting_modify_row_data
+* @var	array	post_data	All post data from database
+* @var	string	mode		What action to take if the form has been submitted
+*							post|reply|quote|edit|delete|bump|smilies|popup
+* @var	int		topic_id	ID of the topic
+* @var	int		forum_id	ID of the forum
+* @since 3.2.8-RC1
+*/
+$vars = array(
+	'post_data',
+	'mode',
+	'topic_id',
+	'forum_id',
+);
+extract($phpbb_dispatcher->trigger_event('core.posting_modify_row_data', compact($vars)));
+
+// Not able to reply to unapproved posts/topics
+// TODO: add more descriptive language key
+if ($auth->acl_get('m_approve', $forum_id) && ((($mode == 'reply' || $mode == 'bump') && $post_data['topic_visibility'] != ITEM_APPROVED) || ($mode == 'quote' && $post_data['post_visibility'] != ITEM_APPROVED)))
+{
+	trigger_error(($mode == 'reply' || $mode == 'bump') ? 'TOPIC_UNAPPROVED' : 'POST_UNAPPROVED');
+}
+
+if ($mode == 'popup')
+{
+	phpbb_upload_popup($post_data['forum_style']);
+	return;
+}
+
+$user->setup(array('posting', 'mcp', 'viewtopic'), $post_data['forum_style']);
+
+// Need to login to passworded forum first?
+if ($post_data['forum_password'])
+{
+	login_forum_box(array(
+		'forum_id'			=> $forum_id,
+		'forum_name'		=> $post_data['forum_name'],
+		'forum_password'	=> $post_data['forum_password'])
+	);
+}
+
+// Check permissions
+if ($user->data['is_bot'])
+{
+	redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
+}
+
+// Is the user able to read within this forum?
+if (!$auth->acl_get('f_read', $forum_id))
+{
+	if ($user->data['user_id'] != ANONYMOUS)
+	{
+		trigger_error('USER_CANNOT_READ');
+	}
+	$message = $user->lang['LOGIN_EXPLAIN_POST'];
+
+	if ($request->is_ajax())
+	{
+		$json = new phpbb\json_response();
+		$json->send(array(
+			'title'		=> $user->lang['INFORMATION'],
+			'message'	=> $message,
+		));
+	}
+
+	login_box('', $message);
+}
+
+// Permission to do the action asked?
+$is_authed = false;
+
+switch ($mode)
+{
+	case 'post':
+		if ($auth->acl_get('f_post', $forum_id))
+		{
+			$is_authed = true;
+		}
+	break;
+
+	case 'bump':
+		if ($auth->acl_get('f_bump', $forum_id))
+		{
+			$is_authed = true;
+		}
+	break;
+
+	case 'quote':
+
+		$post_data['post_edit_locked'] = 0;
+
+	// no break;
+
+	case 'reply':
+		if ($auth->acl_get('f_reply', $forum_id))
+		{
+			$is_authed = true;
+		}
+	break;
+
+	case 'edit':
+		if ($user->data['is_registered'] && $auth->acl_gets('f_edit', 'm_edit', $forum_id))
+		{
+			$is_authed = true;
+		}
+	break;
+
+	case 'delete':
+		if ($user->data['is_registered'] && ($auth->acl_get('m_delete', $forum_id) || ($post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id))))
+		{
+			$is_authed = true;
+		}
+
+	// no break;
+
+	case 'soft_delete':
+		if (!$is_authed && $user->data['is_registered'] && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $post_data['post_edit_locked']))
+		{
+			// Fall back to soft_delete if we have no permissions to delete posts but to soft delete them
+			$is_authed = true;
+			$mode = 'soft_delete';
+		}
+	break;
+}
+/**
+* This event allows you to do extra auth checks and verify if the user
+* has the required permissions
+*
+* Extensions should only change the error and is_authed variables.
+*
+* @event core.modify_posting_auth
+* @var	int		post_id		ID of the post
+* @var	int		topic_id	ID of the topic
+* @var	int		forum_id	ID of the forum
+* @var	int		draft_id	ID of the draft
+* @var	bool	submit		Whether or not the form has been submitted
+* @var	bool	preview		Whether or not the post is being previewed
+* @var	bool	save		Whether or not a draft is being saved
+* @var	bool	load		Whether or not a draft is being loaded
+* @var	bool	refresh		Whether or not to retain previously submitted data
+* @var	string	mode		What action to take if the form has been submitted
+*							post|reply|quote|edit|delete|bump|smilies|popup
+* @var	array	error		Any error strings; a non-empty array aborts
+*							form submission.
+*							NOTE: Should be actual language strings, NOT
+*							language keys.
+* @var	bool	is_authed	Does the user have the required permissions?
+* @var	array	post_data	All post data from database
+* @since 3.1.3-RC1
+* @changed 3.1.10-RC1 Added post_data
+* @changed 3.2.4-RC1 		Remove unused 'lastclick' var
+*/
+$vars = array(
+	'post_id',
+	'topic_id',
+	'forum_id',
+	'draft_id',
+	'submit',
+	'preview',
+	'save',
+	'load',
+	'refresh',
+	'mode',
+	'error',
+	'is_authed',
+	'post_data',
+);
+extract($phpbb_dispatcher->trigger_event('core.modify_posting_auth', compact($vars)));
+
+if (!$is_authed || !empty($error))
+{
+	$check_auth = ($mode == 'quote') ? 'reply' : (($mode == 'soft_delete') ? 'delete' : $mode);
+
+	if ($user->data['is_registered'])
+	{
+		trigger_error(empty($error) ? 'USER_CANNOT_' . strtoupper($check_auth) : implode('<br/>', $error));
+	}
+	$message = $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)];
+
+	if ($request->is_ajax())
+	{
+		$json = new phpbb\json_response();
+		$json->send(array(
+			'title'		=> $user->lang['INFORMATION'],
+			'message'	=> $message,
+		));
+	}
+
+	login_box('', $message);
+}
+
+if ($config['enable_post_confirm'] && !$user->data['is_registered'])
+{
+	$captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']);
+	$captcha->init(CONFIRM_POST);
+}
+
+// Is the user able to post within this forum?
+if ($post_data['forum_type'] != FORUM_POST && in_array($mode, array('post', 'bump', 'quote', 'reply')))
+{
+	trigger_error('USER_CANNOT_FORUM_POST');
+}
+
+// Forum/Topic locked?
+if (($post_data['forum_status'] == ITEM_LOCKED || (isset($post_data['topic_status']) && $post_data['topic_status'] == ITEM_LOCKED)) && !$auth->acl_get($mode == 'reply' ? 'm_lock' : 'm_edit', $forum_id))
+{
+	trigger_error(($post_data['forum_status'] == ITEM_LOCKED) ? 'FORUM_LOCKED' : 'TOPIC_LOCKED');
+}
+
+// Can we edit this post ... if we're a moderator with rights then always yes
+// else it depends on editing times, lock status and if we're the correct user
+if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id))
+{
+	$force_edit_allowed = false;
+
+	$s_cannot_edit = $user->data['user_id'] != $post_data['poster_id'];
+	$s_cannot_edit_time = $config['edit_time'] && $post_data['post_time'] <= time() - ($config['edit_time'] * 60);
+	$s_cannot_edit_locked = $post_data['post_edit_locked'];
+
+	/**
+	* This event allows you to modify the conditions for the "cannot edit post" checks
+	*
+	* @event core.posting_modify_cannot_edit_conditions
+	* @var	array	post_data	Array with post data
+	* @var	bool	force_edit_allowed		Allow the user to edit the post (all permissions and conditions are ignored)
+	* @var	bool	s_cannot_edit			User can not edit the post because it's not his
+	* @var	bool	s_cannot_edit_locked	User can not edit the post because it's locked
+	* @var	bool	s_cannot_edit_time		User can not edit the post because edit_time has passed
+	* @since 3.1.0-b4
+	*/
+	$vars = array(
+		'post_data',
+		'force_edit_allowed',
+		's_cannot_edit',
+		's_cannot_edit_locked',
+		's_cannot_edit_time',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.posting_modify_cannot_edit_conditions', compact($vars)));
+
+	if (!$force_edit_allowed)
+	{
+		if ($s_cannot_edit)
+		{
+			trigger_error('USER_CANNOT_EDIT');
+		}
+		else if ($s_cannot_edit_time)
+		{
+			trigger_error('CANNOT_EDIT_TIME');
+		}
+		else if ($s_cannot_edit_locked)
+		{
+			trigger_error('CANNOT_EDIT_POST_LOCKED');
+		}
+	}
+}
+
+// Handle delete mode...
+if ($mode == 'delete' || $mode == 'soft_delete')
+{
+	if ($mode == 'soft_delete' && $post_data['post_visibility'] == ITEM_DELETED)
+	{
+		$user->setup('posting');
+		trigger_error('NO_POST');
+	}
+
+	$delete_reason = $request->variable('delete_reason', '', true);
+	phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, ($mode == 'soft_delete' && !$request->is_set_post('delete_permanent')), $delete_reason);
+	return;
+}
+
+// Handle bump mode...
+if ($mode == 'bump')
+{
+	if ($bump_time = bump_topic_allowed($forum_id, $post_data['topic_bumped'], $post_data['topic_last_post_time'], $post_data['topic_poster'], $post_data['topic_last_poster_id'])
+		&& check_link_hash($request->variable('hash', ''), "topic_{$post_data['topic_id']}"))
+	{
+		$meta_url = phpbb_bump_topic($forum_id, $topic_id, $post_data, $current_time);
+		meta_refresh(3, $meta_url);
+		$message = $user->lang['TOPIC_BUMPED'];
+
+		if (!$request->is_ajax())
+		{
+			$message .= '<br /><br />' . $user->lang('VIEW_MESSAGE', '<a href="' . $meta_url . '">', '</a>');
+			$message .= '<br /><br />' . $user->lang('RETURN_FORUM', '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
+		}
+
+		trigger_error($message);
+	}
+
+	trigger_error('BUMP_ERROR');
+}
+
+// Subject length limiting to 60 characters if first post...
+if ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_data['post_id']))
+{
+	$template->assign_var('S_NEW_MESSAGE', true);
+}
+
+// Determine some vars
+if (isset($post_data['poster_id']) && $post_data['poster_id'] == ANONYMOUS)
+{
+	$post_data['quote_username'] = (!empty($post_data['post_username'])) ? $post_data['post_username'] : $user->lang['GUEST'];
+}
+else
+{
+	$post_data['quote_username'] = isset($post_data['username']) ? $post_data['username'] : '';
+}
+
+$post_data['post_edit_locked']	= (isset($post_data['post_edit_locked'])) ? (int) $post_data['post_edit_locked'] : 0;
+$post_data['post_subject_md5']	= (isset($post_data['post_subject']) && $mode == 'edit') ? md5($post_data['post_subject']) : '';
+$post_data['post_subject']		= (in_array($mode, array('quote', 'edit'))) ? $post_data['post_subject'] : ((isset($post_data['topic_title'])) ? $post_data['topic_title'] : '');
+$post_data['topic_time_limit']	= (isset($post_data['topic_time_limit'])) ? (($post_data['topic_time_limit']) ? (int) $post_data['topic_time_limit'] / 86400 : (int) $post_data['topic_time_limit']) : 0;
+$post_data['poll_length']		= (!empty($post_data['poll_length'])) ? (int) $post_data['poll_length'] / 86400 : 0;
+$post_data['poll_start']		= (!empty($post_data['poll_start'])) ? (int) $post_data['poll_start'] : 0;
+$post_data['icon_id']			= (!isset($post_data['icon_id']) || in_array($mode, array('quote', 'reply'))) ? 0 : (int) $post_data['icon_id'];
+$post_data['poll_options']		= array();
+
+// Get Poll Data
+if ($post_data['poll_start'])
+{
+	$sql = 'SELECT poll_option_text
+		FROM ' . POLL_OPTIONS_TABLE . "
+		WHERE topic_id = $topic_id
+		ORDER BY poll_option_id";
+	$result = $db->sql_query($sql);
+
+	while ($row = $db->sql_fetchrow($result))
+	{
+		$post_data['poll_options'][] = trim($row['poll_option_text']);
+	}
+	$db->sql_freeresult($result);
+}
+
+/**
+* This event allows you to modify the post data before parsing
+*
+* @event core.posting_modify_post_data
+* @var	int		forum_id	ID of the forum
+* @var	string	mode		What action to take if the form has been submitted
+*							post|reply|quote|edit|delete|bump|smilies|popup
+* @var	array	post_data	Array with post data
+* @var	int		post_id		ID of the post
+* @var	int		topic_id	ID of the topic
+* @since 3.2.2-RC1
+*/
+$vars = array(
+	'forum_id',
+	'mode',
+	'post_data',
+	'post_id',
+	'topic_id',
+);
+extract($phpbb_dispatcher->trigger_event('core.posting_modify_post_data', compact($vars)));
+
+if ($mode == 'edit')
+{
+	$original_poll_data = array(
+		'poll_title'		=> $post_data['poll_title'],
+		'poll_length'		=> $post_data['poll_length'],
+		'poll_max_options'	=> $post_data['poll_max_options'],
+		'poll_option_text'	=> implode("\n", $post_data['poll_options']),
+		'poll_start'		=> $post_data['poll_start'],
+		'poll_last_vote'	=> $post_data['poll_last_vote'],
+		'poll_vote_change'	=> $post_data['poll_vote_change'],
+		'poll_show_results'	=> $post_data['poll_show_results'],
+	);
+}
+
+$orig_poll_options_size = count($post_data['poll_options']);
+
+$message_parser = new parse_message();
+/* @var $plupload \phpbb\plupload\plupload */
+$plupload = $phpbb_container->get('plupload');
+
+/* @var $mimetype_guesser \phpbb\mimetype\guesser */
+$mimetype_guesser = $phpbb_container->get('mimetype.guesser');
+$message_parser->set_plupload($plupload);
+
+if (isset($post_data['post_text']))
+{
+	$message_parser->message = &$post_data['post_text'];
+	unset($post_data['post_text']);
+}
+
+// Set some default variables
+$uninit = array('post_attachment' => 0, 'poster_id' => $user->data['user_id'], 'enable_magic_url' => 0, 'topic_status' => 0, 'topic_type' => POST_NORMAL, 'post_subject' => '', 'topic_title' => '', 'post_time' => 0, 'post_edit_reason' => '', 'notify_set' => 0);
+
+/**
+* This event allows you to modify the default variables for post_data, and unset them in post_data if needed
+*
+* @event core.posting_modify_default_variables
+* @var	array	post_data	Array with post data
+* @var	array	uninit		Array with default vars to put into post_data, if they aren't there
+* @since 3.2.5-RC1
+*/
+$vars = array(
+	'post_data',
+	'uninit',
+);
+extract($phpbb_dispatcher->trigger_event('core.posting_modify_default_variables', compact($vars)));
+
+foreach ($uninit as $var_name => $default_value)
+{
+	if (!isset($post_data[$var_name]))
+	{
+		$post_data[$var_name] = $default_value;
+	}
+}
+unset($uninit);
+
+// Always check if the submitted attachment data is valid and belongs to the user.
+// Further down (especially in submit_post()) we do not check this again.
+$message_parser->get_submitted_attachment_data($post_data['poster_id']);
+
+if ($post_data['post_attachment'] && !$submit && !$refresh && !$preview && $mode == 'edit')
+{
+	// Do not change to SELECT *
+	$sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename, filesize
+		FROM ' . ATTACHMENTS_TABLE . "
+		WHERE post_msg_id = $post_id
+			AND in_message = 0
+			AND is_orphan = 0
+		ORDER BY attach_id DESC";
+	$result = $db->sql_query($sql);
+	$message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));
+	$db->sql_freeresult($result);
+}
+
+if ($post_data['poster_id'] == ANONYMOUS)
+{
+	$post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['post_username']) : '';
+}
+else
+{
+	$post_data['username'] = ($mode == 'quote' || $mode == 'edit') ? trim($post_data['username']) : '';
+}
+
+$post_data['enable_urls'] = $post_data['enable_magic_url'];
+
+if ($mode != 'edit')
+{
+	$post_data['enable_sig']		= ($config['allow_sig'] && $user->optionget('attachsig')) ? true: false;
+	$post_data['enable_smilies']	= ($config['allow_smilies'] && $user->optionget('smilies')) ? true : false;
+	$post_data['enable_bbcode']		= ($config['allow_bbcode'] && $user->optionget('bbcode')) ? true : false;
+	$post_data['enable_urls']		= true;
+}
+
+if ($mode == 'post')
+{
+	$post_data['topic_status']		= ($request->is_set_post('lock_topic') && $auth->acl_gets('m_lock', 'f_user_lock', $forum_id)) ? ITEM_LOCKED : ITEM_UNLOCKED;
+}
+
+$post_data['enable_magic_url'] = $post_data['drafts'] = false;
+
+// User own some drafts?
+if ($user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
+{
+	$sql = 'SELECT draft_id
+		FROM ' . DRAFTS_TABLE . '
+		WHERE user_id = ' . $user->data['user_id'] .
+			(($forum_id) ? ' AND forum_id = ' . (int) $forum_id : '') .
+			(($topic_id) ? ' AND topic_id = ' . (int) $topic_id : '') .
+			(($draft_id) ? " AND draft_id <> $draft_id" : '');
+	$result = $db->sql_query_limit($sql, 1);
+
+	if ($db->sql_fetchrow($result))
+	{
+		$post_data['drafts'] = true;
+	}
+	$db->sql_freeresult($result);
+}
+
+$check_value = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
+
+// Check if user is watching this topic
+if ($mode != 'post' && $config['allow_topic_notify'] && $user->data['is_registered'])
+{
+	$sql = 'SELECT topic_id
+		FROM ' . TOPICS_WATCH_TABLE . '
+		WHERE topic_id = ' . $topic_id . '
+			AND user_id = ' . $user->data['user_id'];
+	$result = $db->sql_query($sql);
+	$post_data['notify_set'] = (int) $db->sql_fetchfield('topic_id');
+	$db->sql_freeresult($result);
+}
+
+// Do we want to edit our post ?
+if ($mode == 'edit' && $post_data['bbcode_uid'])
+{
+	$message_parser->bbcode_uid = $post_data['bbcode_uid'];
+}
+
+// HTML, BBCode, Smilies, Images and Flash status
+$bbcode_status	= ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false;
+$smilies_status	= ($config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false;
+$img_status		= ($bbcode_status && $auth->acl_get('f_img', $forum_id)) ? true : false;
+$url_status		= ($config['allow_post_links']) ? true : false;
+$flash_status	= ($bbcode_status && $auth->acl_get('f_flash', $forum_id) && $config['allow_post_flash']) ? true : false;
+$quote_status	= true;
+
+/**
+ * Event to override message BBCode status indications
+ *
+ * @event core.posting_modify_bbcode_status
+ *
+ * @var bool	bbcode_status	BBCode status
+ * @var bool	smilies_status	Smilies status
+ * @var bool	img_status		Image BBCode status
+ * @var bool	url_status		URL BBCode status
+ * @var bool	flash_status	Flash BBCode status
+ * @var bool	quote_status	Quote BBCode status
+ * @since 3.3.3-RC1
+ */
+$vars = [
+	'bbcode_status',
+	'smilies_status',
+	'img_status',
+	'url_status',
+	'flash_status',
+	'quote_status',
+];
+extract($phpbb_dispatcher->trigger_event('core.posting_modify_bbcode_status', compact($vars)));
+
+// Save Draft
+if ($save && $user->data['is_registered'] && $auth->acl_get('u_savedrafts') && ($mode == 'reply' || $mode == 'post' || $mode == 'quote'))
+{
+	$subject = $request->variable('subject', '', true);
+	$subject = (!$subject && $mode != 'post') ? $post_data['topic_title'] : $subject;
+	$message = $request->variable('message', '', true);
+
+	/**
+	 * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR.
+	 * Using their Numeric Character Reference's Hexadecimal notation.
+	 */
+	$subject = utf8_encode_ucr($subject);
+
+	if ($subject && $message)
+	{
+		if (confirm_box(true))
+		{
+			$message_parser->message = $message;
+			$message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
+
+			$sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
+				'user_id'		=> (int) $user->data['user_id'],
+				'topic_id'		=> (int) $topic_id,
+				'forum_id'		=> (int) $forum_id,
+				'save_time'		=> (int) $current_time,
+				'draft_subject'	=> (string) $subject,
+				'draft_message'	=> (string) $message_parser->message)
+			);
+			$db->sql_query($sql);
+
+			/** @var \phpbb\attachment\manager $attachment_manager */
+			$attachment_manager = $phpbb_container->get('attachment.manager');
+			$attachment_manager->delete('attach', array_column($message_parser->attachment_data, 'attach_id'));
+
+			$meta_info = ($mode == 'post') ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) : append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t=$topic_id");
+
+			meta_refresh(3, $meta_info);
+
+			$message = $user->lang['DRAFT_SAVED'] . '<br /><br />';
+			$message .= ($mode != 'post') ? sprintf($user->lang['RETURN_TOPIC'], '<a href="' . $meta_info . '">', '</a>') . '<br /><br />' : '';
+			$message .= sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id) . '">', '</a>');
+
+			trigger_error($message);
+		}
+		else
+		{
+			$s_hidden_fields = build_hidden_fields(array(
+				'mode'		=> $mode,
+				'save'		=> true,
+				'f'			=> $forum_id,
+				't'			=> $topic_id,
+				'subject'	=> $subject,
+				'message'	=> $message,
+				'attachment_data' => $message_parser->attachment_data,
+				)
+			);
+
+			$hidden_fields = array(
+				'icon_id'			=> 0,
+
+				'disable_bbcode'	=> false,
+				'disable_smilies'	=> false,
+				'disable_magic_url'	=> false,
+				'attach_sig'		=> true,
+				'lock_topic'		=> false,
+
+				'topic_type'		=> POST_NORMAL,
+				'topic_time_limit'	=> 0,
+
+				'poll_title'		=> '',
+				'poll_option_text'	=> '',
+				'poll_max_options'	=> 1,
+				'poll_length'		=> 0,
+				'poll_vote_change'	=> false,
+				'poll_show_results'	=> true,
+			);
+
+			foreach ($hidden_fields as $name => $default)
+			{
+				if (!isset($_POST[$name]))
+				{
+					// Don't include it, if its not available
+					unset($hidden_fields[$name]);
+					continue;
+				}
+
+				if (is_bool($default))
+				{
+					// Use the string representation
+					$hidden_fields[$name] = $request->variable($name, '');
+				}
+				else
+				{
+					$hidden_fields[$name] = $request->variable($name, $default);
+				}
+			}
+
+			$s_hidden_fields .= build_hidden_fields($hidden_fields);
+
+			confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields);
+		}
+	}
+	else
+	{
+		if (utf8_clean_string($subject) === '')
+		{
+			$error[] = $user->lang['EMPTY_SUBJECT'];
+		}
+
+		if (utf8_clean_string($message) === '')
+		{
+			$error[] = $user->lang['TOO_FEW_CHARS'];
+		}
+	}
+	unset($subject, $message);
+}
+
+// Load requested Draft
+if ($draft_id && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $user->data['is_registered'] && $auth->acl_get('u_savedrafts'))
+{
+	$sql = 'SELECT draft_subject, draft_message
+		FROM ' . DRAFTS_TABLE . "
+		WHERE draft_id = $draft_id
+			AND user_id = " . $user->data['user_id'];
+	$result = $db->sql_query_limit($sql, 1);
+	$row = $db->sql_fetchrow($result);
+	$db->sql_freeresult($result);
+
+	if ($row)
+	{
+		$post_data['post_subject'] = $row['draft_subject'];
+		$message_parser->message = $row['draft_message'];
+
+		$template->assign_var('S_DRAFT_LOADED', true);
+	}
+	else
+	{
+		$draft_id = 0;
+	}
+}
+
+// Load draft overview
+if ($load && ($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_data['drafts'])
+{
+	load_drafts($topic_id, $forum_id);
+}
+
+/** @var \phpbb\textformatter\utils_interface $bbcode_utils */
+$bbcode_utils = $phpbb_container->get('text_formatter.utils');
+
+if ($submit || $preview || $refresh)
+{
+	$post_data['topic_cur_post_id']	= $request->variable('topic_cur_post_id', 0);
+	$post_data['post_subject']		= $request->variable('subject', '', true);
+	$message_parser->message		= $request->variable('message', '', true);
+
+	$post_data['username']			= $request->variable('username', $post_data['username'], true);
+	$post_data['post_edit_reason']	= ($request->variable('edit_reason', false, false, \phpbb\request\request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? $request->variable('edit_reason', '', true) : '';
+
+	$post_data['orig_topic_type']	= $post_data['topic_type'];
+	$post_data['topic_type']		= $request->variable('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL));
+	$post_data['topic_time_limit']	= $request->variable('topic_time_limit', (($mode != 'post') ? (int) $post_data['topic_time_limit'] : 0));
+
+	if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id))
+	{
+		$post_data['icon_id'] = $request->variable('icon', (int) $post_data['icon_id']);
+	}
+
+	$post_data['enable_bbcode']		= (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true;
+	$post_data['enable_smilies']	= (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true;
+	$post_data['enable_urls']		= (isset($_POST['disable_magic_url'])) ? 0 : 1;
+	$post_data['enable_sig']		= (!$config['allow_sig'] || !$auth->acl_get('f_sigs', $forum_id) || !$auth->acl_get('u_sig')) ? false : ((isset($_POST['attach_sig']) && $user->data['is_registered']) ? true : false);
+
+	if ($config['allow_topic_notify'] && $user->data['is_registered'])
+	{
+		$notify = (isset($_POST['notify'])) ? true : false;
+	}
+	else
+	{
+		$notify = false;
+	}
+
+	$topic_lock			= (isset($_POST['lock_topic'])) ? true : false;
+	$post_lock			= (isset($_POST['lock_post'])) ? true : false;
+	$poll_delete		= (isset($_POST['poll_delete'])) ? true : false;
+
+	if ($submit)
+	{
+		$status_switch = (($post_data['enable_bbcode']+1) << 8) + (($post_data['enable_smilies']+1) << 4) + (($post_data['enable_urls']+1) << 2) + (($post_data['enable_sig']+1) << 1);
+		$status_switch = ($status_switch != $check_value);
+	}
+	else
+	{
+		$status_switch = 1;
+	}
+
+	// Delete Poll
+	if ($poll_delete && $mode == 'edit' && count($post_data['poll_options']) &&
+		((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id)))
+	{
+		if ($submit && check_form_key('posting'))
+		{
+			$sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . "
+				WHERE topic_id = $topic_id";
+			$db->sql_query($sql);
+
+			$sql = 'DELETE FROM ' . POLL_VOTES_TABLE . "
+				WHERE topic_id = $topic_id";
+			$db->sql_query($sql);
+
+			$topic_sql = array(
+				'poll_title'		=> '',
+				'poll_start' 		=> 0,
+				'poll_length'		=> 0,
+				'poll_last_vote'	=> 0,
+				'poll_max_options'	=> 0,
+				'poll_vote_change'	=> 0,
+				'poll_show_results'	=> 0
+			);
+
+			$sql = 'UPDATE ' . TOPICS_TABLE . '
+				SET ' . $db->sql_build_array('UPDATE', $topic_sql) . "
+				WHERE topic_id = $topic_id";
+			$db->sql_query($sql);
+		}
+
+		$post_data['poll_title'] = $post_data['poll_option_text'] = '';
+		$post_data['poll_vote_change']  = $post_data['poll_show_results'] = $post_data['poll_max_options'] = $post_data['poll_length'] = 0;
+	}
+	else
+	{
+		$post_data['poll_title']		= $request->variable('poll_title', '', true);
+		$post_data['poll_length']		= $request->variable('poll_length', 0);
+		$post_data['poll_option_text']	= $request->variable('poll_option_text', '', true);
+		$post_data['poll_max_options']	= $request->variable('poll_max_options', 1);
+		$post_data['poll_vote_change']	= ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id) && isset($_POST['poll_vote_change'])) ? 1 : 0;
+        $post_data['poll_show_results'] = isset($_POST['poll_show_results']) ? 1 : 0;
+	}
+
+	// If replying/quoting and last post id has changed
+	// give user option to continue submit or return to post
+	// notify and show user the post made between his request and the final submit
+	if (($mode == 'reply' || $mode == 'quote') && $post_data['topic_cur_post_id'] && $post_data['topic_cur_post_id'] != $post_data['topic_last_post_id'])
+	{
+		// Only do so if it is allowed forum-wide
+		if ($post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
+		{
+			if (topic_review($topic_id, $forum_id, 'post_review', $post_data['topic_cur_post_id']))
+			{
+				$template->assign_var('S_POST_REVIEW', true);
+			}
+
+			$submit = false;
+			$refresh = true;
+		}
+	}
+
+	// Parse Attachments - before checksum is calculated
+	if ($message_parser->check_attachment_form_token($language, $request, 'posting'))
+	{
+		$message_parser->parse_attachments('fileupload', $mode, $forum_id, $submit, $preview, $refresh);
+	}
+
+	/**
+	* This event allows you to modify message text before parsing
+	*
+	* @event core.posting_modify_message_text
+	* @var	array	post_data	Array with post data
+	* @var	string	mode		What action to take if the form is submitted
+	*				post|reply|quote|edit|delete|bump|smilies|popup
+	* @var	int	post_id		ID of the post
+	* @var	int	topic_id	ID of the topic
+	* @var	int	forum_id	ID of the forum
+	* @var	bool	submit		Whether or not the form has been submitted
+	* @var	bool	preview		Whether or not the post is being previewed
+	* @var	bool	save		Whether or not a draft is being saved
+	* @var	bool	load		Whether or not a draft is being loaded
+	* @var	bool	cancel		Whether or not to cancel the form (returns to
+	*				viewtopic or viewforum depending on if the user
+	*				is posting a new topic or editing a post)
+	* @var	bool	refresh		Whether or not to retain previously submitted data
+	* @var	object	message_parser	The message parser object
+	* @var	array	error		Array of errors
+	* @since 3.1.2-RC1
+	* @changed 3.1.11-RC1 Added error
+	*/
+	$vars = array(
+		'post_data',
+		'mode',
+		'post_id',
+		'topic_id',
+		'forum_id',
+		'submit',
+		'preview',
+		'save',
+		'load',
+		'cancel',
+		'refresh',
+		'message_parser',
+		'error',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.posting_modify_message_text', compact($vars)));
+
+	// Grab md5 'checksum' of new message
+	$message_md5 = md5($message_parser->message);
+
+	// If editing and checksum has changed we know the post was edited while we're editing
+	// Notify and show user the changed post
+	if ($mode == 'edit' && $post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
+	{
+		$edit_post_message_checksum = $request->variable('edit_post_message_checksum', '');
+		$edit_post_subject_checksum = $request->variable('edit_post_subject_checksum', '');
+
+		// $post_data['post_checksum'] is the checksum of the post submitted in the meantime
+		// $message_md5 is the checksum of the post we're about to submit
+		// $edit_post_message_checksum is the checksum of the post we're editing
+		// ...
+
+		// We make sure nobody else made exactly the same change
+		// we're about to submit by also checking $message_md5 != $post_data['post_checksum']
+		if ($edit_post_message_checksum !== '' &&
+			$edit_post_message_checksum != $post_data['post_checksum'] &&
+			$message_md5 != $post_data['post_checksum']
+			||
+			$edit_post_subject_checksum !== '' &&
+			$edit_post_subject_checksum != $post_data['post_subject_md5'] &&
+			md5($post_data['post_subject']) != $post_data['post_subject_md5'])
+		{
+			if (topic_review($topic_id, $forum_id, 'post_review_edit', $post_id))
+			{
+				$template->assign_vars(array(
+					'S_POST_REVIEW'			=> true,
+
+					'L_POST_REVIEW'			=> $user->lang['POST_REVIEW_EDIT'],
+					'L_POST_REVIEW_EXPLAIN'	=> $user->lang['POST_REVIEW_EDIT_EXPLAIN'],
+				));
+			}
+
+			$submit = false;
+			$refresh = true;
+		}
+	}
+
+	// Check checksum ... don't re-parse message if the same
+	$update_message = ($mode != 'edit' || $message_md5 != $post_data['post_checksum'] || $status_switch || strlen($post_data['bbcode_uid']) < BBCODE_UID_LEN) ? true : false;
+
+	// Also check if subject got updated...
+	$update_subject = $mode != 'edit' || ($post_data['post_subject_md5'] && $post_data['post_subject_md5'] != md5($post_data['post_subject']));
+
+	// Parse message
+	if ($update_message)
+	{
+		if (count($message_parser->warn_msg))
+		{
+			$error[] = implode('<br />', $message_parser->warn_msg);
+			$message_parser->warn_msg = array();
+		}
+
+		if (!$preview || !empty($message_parser->message))
+		{
+			$message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
+		}
+
+		// On a refresh we do not care about message parsing errors
+		if (count($message_parser->warn_msg) && $refresh && !$preview)
+		{
+			$message_parser->warn_msg = array();
+		}
+	}
+	else
+	{
+		$message_parser->bbcode_bitfield = $post_data['bbcode_bitfield'];
+	}
+
+	$ignore_flood = $auth->acl_get('u_ignoreflood') ? true : $auth->acl_get('f_ignoreflood', $forum_id);
+	if ($mode != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$ignore_flood)
+	{
+		// Flood check
+		$last_post_time = 0;
+
+		if ($user->data['is_registered'])
+		{
+			$last_post_time = $user->data['user_lastpost_time'];
+		}
+		else
+		{
+			$sql = 'SELECT post_time AS last_post_time
+				FROM ' . POSTS_TABLE . "
+				WHERE poster_ip = '" . $user->ip . "'
+					AND post_time > " . ($current_time - $config['flood_interval']);
+			$result = $db->sql_query_limit($sql, 1);
+			if ($row = $db->sql_fetchrow($result))
+			{
+				$last_post_time = $row['last_post_time'];
+			}
+			$db->sql_freeresult($result);
+		}
+
+		if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval']))
+		{
+			$error[] = $user->lang['FLOOD_ERROR'];
+		}
+	}
+
+	// Validate username
+	if (($post_data['username'] && !$user->data['is_registered']) || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS && $post_data['username'] && $post_data['post_username'] && $post_data['post_username'] != $post_data['username']))
+	{
+		if (!function_exists('validate_username'))
+		{
+			include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
+		}
+
+		$user->add_lang('ucp');
+
+		if (($result = validate_username($post_data['username'], (!empty($post_data['post_username'])) ? $post_data['post_username'] : '')) !== false)
+		{
+			$error[] = $user->lang[$result . '_USERNAME'];
+		}
+
+		if (($result = validate_string($post_data['username'], false, $config['min_name_chars'], $config['max_name_chars'])) !== false)
+		{
+			$min_max_amount = ($result == 'TOO_SHORT') ? $config['min_name_chars'] : $config['max_name_chars'];
+			$error[] = $user->lang('FIELD_' . $result, $min_max_amount, $user->lang['USERNAME']);
+		}
+	}
+
+	if ($config['enable_post_confirm'] && !$user->data['is_registered'] && in_array($mode, array('quote', 'post', 'reply')))
+	{
+		$captcha_data = array(
+			'message'	=> $request->variable('message', '', true),
+			'subject'	=> $request->variable('subject', '', true),
+			'username'	=> $request->variable('username', '', true),
+		);
+		$vc_response = $captcha->validate($captcha_data);
+		if ($vc_response)
+		{
+			$error[] = $vc_response;
+		}
+	}
+
+	// check form
+	if (($submit || $preview) && !check_form_key('posting'))
+	{
+		$error[] = $user->lang['FORM_INVALID'];
+	}
+
+	if ($submit && $mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED && !$request->is_set_post('delete') && $auth->acl_get('m_approve', $forum_id))
+	{
+		$is_first_post = ($post_id <= $post_data['topic_first_post_id'] || !$post_data['topic_posts_approved']);
+		$is_last_post = ($post_id >= $post_data['topic_last_post_id'] || !$post_data['topic_posts_approved']);
+		$updated_post_data = $phpbb_content_visibility->set_post_visibility(ITEM_APPROVED, $post_id, $post_data['topic_id'], $post_data['forum_id'], $user->data['user_id'], time(), '', $is_first_post, $is_last_post);
+
+		if (!empty($updated_post_data))
+		{
+			// Update the post_data, so we don't need to refetch it.
+			$post_data = array_merge($post_data, $updated_post_data);
+		}
+	}
+
+	// Parse subject
+	if (!$preview && !$refresh && utf8_clean_string($post_data['post_subject']) === '' && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
+	{
+		$error[] = $user->lang['EMPTY_SUBJECT'];
+	}
+
+	/**
+	 * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR.
+	 * Using their Numeric Character Reference's Hexadecimal notation.
+	 * Check the permissions for posting Emojis first.
+	 */
+	if ($auth->acl_get('u_emoji'))
+	{
+		$post_data['post_subject'] = utf8_encode_ucr($post_data['post_subject']);
+	}
+	else
+	{
+		/**
+		 * Check for out-of-bounds characters that are currently
+		 * not supported by utf8_bin in MySQL
+		 */
+		if (preg_match_all('/[\x{10000}-\x{10FFFF}]/u', $post_data['post_subject'], $matches))
+		{
+			$character_list = implode('<br>', $matches[0]);
+
+			$error[] = $user->lang('UNSUPPORTED_CHARACTERS_SUBJECT', $character_list);
+		}
+	}
+
+	$post_data['poll_last_vote'] = (isset($post_data['poll_last_vote'])) ? $post_data['poll_last_vote'] : 0;
+
+	if ($post_data['poll_option_text'] &&
+		($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
+		&& $auth->acl_get('f_poll', $forum_id))
+	{
+		$poll = array(
+			'poll_title'		=> $post_data['poll_title'],
+			'poll_length'		=> $post_data['poll_length'],
+			'poll_max_options'	=> $post_data['poll_max_options'],
+			'poll_option_text'	=> $post_data['poll_option_text'],
+			'poll_start'		=> $post_data['poll_start'],
+			'poll_last_vote'	=> $post_data['poll_last_vote'],
+			'poll_vote_change'	=> $post_data['poll_vote_change'],
+			'poll_show_results'	=> $post_data['poll_show_results'],
+			'enable_bbcode'		=> $post_data['enable_bbcode'],
+			'enable_urls'		=> $post_data['enable_urls'],
+			'enable_smilies'	=> $post_data['enable_smilies'],
+			'img_status'		=> $img_status
+		);
+
+		$message_parser->parse_poll($poll);
+
+		$post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array();
+		$post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
+
+		/* We reset votes, therefore also allow removing options
+		if ($post_data['poll_last_vote'] && ($poll['poll_options_size'] < $orig_poll_options_size))
+		{
+			$message_parser->warn_msg[] = $user->lang['NO_DELETE_POLL_OPTIONS'];
+		}*/
+	}
+	else if ($mode == 'edit' && $post_id == $post_data['topic_first_post_id'] && $auth->acl_get('f_poll', $forum_id))
+	{
+		// The user removed all poll options, this is equal to deleting the poll.
+		$poll = array(
+			'poll_title'		=> '',
+			'poll_length'		=> 0,
+			'poll_max_options'	=> 0,
+			'poll_option_text'	=> '',
+			'poll_start'		=> 0,
+			'poll_last_vote'	=> 0,
+			'poll_vote_change'	=> 0,
+			'poll_show_results'	=> 0,
+			'poll_options'		=> array(),
+		);
+
+		$post_data['poll_options'] = array();
+		$post_data['poll_title'] = '';
+		$post_data['poll_start'] = $post_data['poll_length'] = $post_data['poll_max_options'] = $post_data['poll_last_vote'] = $post_data['poll_vote_change'] = $post_data['poll_show_results'] = 0;
+	}
+	else if (!$auth->acl_get('f_poll', $forum_id) && ($mode == 'edit') && ($post_id == $post_data['topic_first_post_id']) && !$bbcode_utils->is_empty($original_poll_data['poll_title']))
+	{
+		// We have a poll but the editing user is not permitted to create/edit it.
+		// So we just keep the original poll-data.
+		// Decode the poll title and options text fisrt.
+		$original_poll_data['poll_title'] = $bbcode_utils->unparse($original_poll_data['poll_title']);
+		$original_poll_data['poll_option_text'] = $bbcode_utils->unparse($original_poll_data['poll_option_text']);
+		$original_poll_data['poll_options'] = explode("\n", $original_poll_data['poll_option_text']);
+
+		$poll = array_merge($original_poll_data, array(
+			'enable_bbcode'		=> $post_data['enable_bbcode'],
+			'enable_urls'		=> $post_data['enable_urls'],
+			'enable_smilies'	=> $post_data['enable_smilies'],
+			'img_status'		=> $img_status,
+		));
+
+		$message_parser->parse_poll($poll);
+
+		$post_data['poll_options'] = (isset($poll['poll_options'])) ? $poll['poll_options'] : array();
+		$post_data['poll_title'] = (isset($poll['poll_title'])) ? $poll['poll_title'] : '';
+	}
+	else
+	{
+		$poll = array();
+	}
+
+	// Check topic type
+	if ($post_data['topic_type'] != POST_NORMAL && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
+	{
+		switch ($post_data['topic_type'])
+		{
+			case POST_GLOBAL:
+				$auth_option = 'f_announce_global';
+			break;
+
+			case POST_ANNOUNCE:
+				$auth_option = 'f_announce';
+			break;
+
+			case POST_STICKY:
+				$auth_option = 'f_sticky';
+			break;
+
+			default:
+				$auth_option = '';
+			break;
+		}
+
+		if ($auth_option != '' && !$auth->acl_get($auth_option, $forum_id))
+		{
+			// There is a special case where a user edits his post whereby the topic type got changed by an admin/mod.
+			// Another case would be a mod not having sticky permissions for example but edit permissions.
+			if ($mode == 'edit')
+			{
+				// To prevent non-authed users messing around with the topic type we reset it to the original one.
+				$post_data['topic_type'] = $post_data['orig_topic_type'];
+			}
+			else
+			{
+				$error[] = $user->lang['CANNOT_POST_' . str_replace('F_', '', strtoupper($auth_option))];
+			}
+		}
+	}
+
+	if (count($message_parser->warn_msg))
+	{
+		$error[] = implode('<br />', $message_parser->warn_msg);
+	}
+
+	// DNSBL check
+	if ($config['check_dnsbl'] && !$refresh)
+	{
+		if (($dnsbl = $user->check_dnsbl('post')) !== false)
+		{
+			$error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
+		}
+	}
+
+	/**
+	* This event allows you to define errors before the post action is performed
+	*
+	* @event core.posting_modify_submission_errors
+	* @var	array	post_data	Array with post data
+	* @var	array	poll		Array with poll data from post (must be used instead of the post_data equivalent)
+	* @var	string	mode		What action to take if the form is submitted
+	*				post|reply|quote|edit|delete|bump|smilies|popup
+	* @var	int	post_id		ID of the post
+	* @var	int	topic_id	ID of the topic
+	* @var	int	forum_id	ID of the forum
+	* @var	bool	submit		Whether or not the form has been submitted
+	* @var	array	error		Any error strings; a non-empty array aborts form submission.
+	*				NOTE: Should be actual language strings, NOT language keys.
+	* @since 3.1.0-RC5
+	* @changed 3.1.5-RC1 Added poll array to the event
+	* @changed 3.2.0-a1 Removed undefined page_title
+	*/
+	$vars = array(
+		'post_data',
+		'poll',
+		'mode',
+		'post_id',
+		'topic_id',
+		'forum_id',
+		'submit',
+		'error',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.posting_modify_submission_errors', compact($vars)));
+
+	// Store message, sync counters
+	if (!count($error) && $submit)
+	{
+		if ($submit)
+		{
+			// Lock/Unlock Topic
+			$change_topic_status = $post_data['topic_status'];
+			$perm_lock_unlock = ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED)) ? true : false;
+
+			if ($post_data['topic_status'] == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock)
+			{
+				$change_topic_status = ITEM_UNLOCKED;
+			}
+			else if ($post_data['topic_status'] == ITEM_UNLOCKED && $topic_lock && $perm_lock_unlock)
+			{
+				$change_topic_status = ITEM_LOCKED;
+			}
+
+			if ($change_topic_status != $post_data['topic_status'])
+			{
+				$sql = 'UPDATE ' . TOPICS_TABLE . "
+					SET topic_status = $change_topic_status
+					WHERE topic_id = $topic_id
+						AND topic_moved_id = 0";
+				$db->sql_query($sql);
+
+				$user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && $user->data['user_id'] == $post_data['topic_poster']) ? 'USER_' : '';
+
+				$phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), false, array(
+					'forum_id' => $forum_id,
+					'topic_id' => $topic_id,
+					$post_data['topic_title']
+				));
+			}
+
+			// Lock/Unlock Post Edit
+			if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_LOCKED && !$post_lock && $auth->acl_get('m_edit', $forum_id))
+			{
+				$post_data['post_edit_locked'] = ITEM_UNLOCKED;
+			}
+			else if ($mode == 'edit' && $post_data['post_edit_locked'] == ITEM_UNLOCKED && $post_lock && $auth->acl_get('m_edit', $forum_id))
+			{
+				$post_data['post_edit_locked'] = ITEM_LOCKED;
+			}
+
+			$data = array(
+				'topic_title'			=> (empty($post_data['topic_title'])) ? $post_data['post_subject'] : $post_data['topic_title'],
+				'topic_first_post_id'	=> (isset($post_data['topic_first_post_id'])) ? (int) $post_data['topic_first_post_id'] : 0,
+				'topic_last_post_id'	=> (isset($post_data['topic_last_post_id'])) ? (int) $post_data['topic_last_post_id'] : 0,
+				'topic_time_limit'		=> (int) $post_data['topic_time_limit'],
+				'topic_attachment'		=> (isset($post_data['topic_attachment'])) ? (int) $post_data['topic_attachment'] : 0,
+				'post_id'				=> (int) $post_id,
+				'topic_id'				=> (int) $topic_id,
+				'forum_id'				=> (int) $forum_id,
+				'icon_id'				=> (int) $post_data['icon_id'],
+				'poster_id'				=> (int) $post_data['poster_id'],
+				'enable_sig'			=> (bool) $post_data['enable_sig'],
+				'enable_bbcode'			=> (bool) $post_data['enable_bbcode'],
+				'enable_smilies'		=> (bool) $post_data['enable_smilies'],
+				'enable_urls'			=> (bool) $post_data['enable_urls'],
+				'enable_indexing'		=> (bool) $post_data['enable_indexing'],
+				'message_md5'			=> (string) $message_md5,
+				'post_checksum'			=> (isset($post_data['post_checksum'])) ? (string) $post_data['post_checksum'] : '',
+				'post_edit_reason'		=> $post_data['post_edit_reason'],
+				'post_edit_user'		=> ($mode == 'edit') ? $user->data['user_id'] : ((isset($post_data['post_edit_user'])) ? (int) $post_data['post_edit_user'] : 0),
+				'forum_parents'			=> $post_data['forum_parents'],
+				'forum_name'			=> $post_data['forum_name'],
+				'notify'				=> $notify,
+				'notify_set'			=> $post_data['notify_set'],
+				'poster_ip'				=> (isset($post_data['poster_ip'])) ? $post_data['poster_ip'] : $user->ip,
+				'post_edit_locked'		=> (int) $post_data['post_edit_locked'],
+				'bbcode_bitfield'		=> $message_parser->bbcode_bitfield,
+				'bbcode_uid'			=> $message_parser->bbcode_uid,
+				'message'				=> $message_parser->message,
+				'attachment_data'		=> $message_parser->attachment_data,
+				'filename_data'			=> $message_parser->filename_data,
+				'topic_status'			=> $post_data['topic_status'],
+
+				'topic_visibility'			=> (isset($post_data['topic_visibility'])) ? $post_data['topic_visibility'] : false,
+				'post_visibility'			=> (isset($post_data['post_visibility'])) ? $post_data['post_visibility'] : false,
+			);
+
+			if ($mode == 'edit')
+			{
+				$data['topic_posts_approved'] = $post_data['topic_posts_approved'];
+				$data['topic_posts_unapproved'] = $post_data['topic_posts_unapproved'];
+				$data['topic_posts_softdeleted'] = $post_data['topic_posts_softdeleted'];
+			}
+
+			// Only return the username when it is either a guest posting or we are editing a post and
+			// the username was supplied; otherwise post_data might hold the data of the post that is
+			// being quoted (which could result in the username being returned being that of the quoted
+			// post's poster, not the poster of the current post). See: PHPBB3-11769 for more information.
+			$post_author_name = ((!$user->data['is_registered'] || $mode == 'edit') && $post_data['username'] !== '') ? $post_data['username'] : '';
+
+			/**
+			* This event allows you to define errors before the post action is performed
+			*
+			* @event core.posting_modify_submit_post_before
+			* @var	array	post_data	Array with post data
+			* @var	array	poll		Array with poll data
+			* @var	array	data		Array with post data going to be stored in the database
+			* @var	string	mode		What action to take if the form is submitted
+			*				post|reply|quote|edit|delete
+			* @var	int	post_id		ID of the post
+			* @var	int	topic_id	ID of the topic
+			* @var	int	forum_id	ID of the forum
+			* @var	string	post_author_name	Author name for guest posts
+			* @var	bool	update_message		Boolean if the post message was changed
+			* @var	bool	update_subject		Boolean if the post subject was changed
+			*				NOTE: Should be actual language strings, NOT language keys.
+			* @since 3.1.0-RC5
+			* @changed 3.1.6-RC1 remove submit and error from event  Submit and Error are checked previously prior to running event
+			* @change 3.2.0-a1 Removed undefined page_title
+			*/
+			$vars = array(
+				'post_data',
+				'poll',
+				'data',
+				'mode',
+				'post_id',
+				'topic_id',
+				'forum_id',
+				'post_author_name',
+				'update_message',
+				'update_subject',
+			);
+			extract($phpbb_dispatcher->trigger_event('core.posting_modify_submit_post_before', compact($vars)));
+
+			// The last parameter tells submit_post if search indexer has to be run
+			$redirect_url = submit_post($mode, $post_data['post_subject'], $post_author_name, $post_data['topic_type'], $poll, $data, $update_message, ($update_message || $update_subject) ? true : false);
+
+			/**
+			* This event allows you to define errors after the post action is performed
+			*
+			* @event core.posting_modify_submit_post_after
+			* @var	array	post_data	Array with post data
+			* @var	array	poll		Array with poll data
+			* @var	array	data		Array with post data going to be stored in the database
+			* @var	string	mode		What action to take if the form is submitted
+			*				post|reply|quote|edit|delete
+			* @var	int	post_id		ID of the post
+			* @var	int	topic_id	ID of the topic
+			* @var	int	forum_id	ID of the forum
+			* @var	string	post_author_name	Author name for guest posts
+			* @var	bool	update_message		Boolean if the post message was changed
+			* @var	bool	update_subject		Boolean if the post subject was changed
+			* @var	string	redirect_url		URL the user is going to be redirected to
+			*				NOTE: Should be actual language strings, NOT language keys.
+			* @since 3.1.0-RC5
+			* @changed 3.1.6-RC1 remove submit and error from event  Submit and Error are checked previously prior to running event
+			* @change 3.2.0-a1 Removed undefined page_title
+			*/
+			$vars = array(
+				'post_data',
+				'poll',
+				'data',
+				'mode',
+				'post_id',
+				'topic_id',
+				'forum_id',
+				'post_author_name',
+				'update_message',
+				'update_subject',
+				'redirect_url',
+			);
+			extract($phpbb_dispatcher->trigger_event('core.posting_modify_submit_post_after', compact($vars)));
+
+			if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === true) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
+			{
+				$captcha->reset();
+			}
+
+			// Handle delete mode...
+			if ($request->is_set_post('delete_permanent') || ($request->is_set_post('delete') && $post_data['post_visibility'] != ITEM_DELETED))
+			{
+				$delete_reason = $request->variable('delete_reason', '', true);
+				phpbb_handle_post_delete($forum_id, $topic_id, $post_id, $post_data, !$request->is_set_post('delete_permanent'), $delete_reason);
+				return;
+			}
+
+			// Check the permissions for post approval.
+			// Moderators must go through post approval like ordinary users.
+			if ((!$auth->acl_get('f_noapprove', $data['forum_id']) && empty($data['force_approved_state'])) || (isset($data['force_approved_state']) && !$data['force_approved_state']))
+			{
+				meta_refresh(10, $redirect_url);
+				$message = ($mode == 'edit') ? $user->lang['POST_EDITED_MOD'] : $user->lang['POST_STORED_MOD'];
+				$message .= (($user->data['user_id'] == ANONYMOUS) ? '' : ' '. $user->lang['POST_APPROVAL_NOTIFY']);
+				$message .= '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $data['forum_id']) . '">', '</a>');
+				trigger_error($message);
+			}
+
+			redirect($redirect_url);
+		}
+	}
+}
+
+// Preview
+if (!count($error) && $preview)
+{
+	$post_data['post_time'] = ($mode == 'edit') ? $post_data['post_time'] : $current_time;
+
+	$preview_message = $message_parser->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies'], false);
+
+	$preview_signature = ($mode == 'edit') ? $post_data['user_sig'] : $user->data['user_sig'];
+	$preview_signature_uid = ($mode == 'edit') ? $post_data['user_sig_bbcode_uid'] : $user->data['user_sig_bbcode_uid'];
+	$preview_signature_bitfield = ($mode == 'edit') ? $post_data['user_sig_bbcode_bitfield'] : $user->data['user_sig_bbcode_bitfield'];
+
+	// Signature
+	if ($post_data['enable_sig'] && $config['allow_sig'] && $preview_signature && $auth->acl_get('f_sigs', $forum_id))
+	{
+		$flags = ($config['allow_sig_bbcode']) ? OPTION_FLAG_BBCODE : 0;
+		$flags |= ($config['allow_sig_links']) ? OPTION_FLAG_LINKS : 0;
+		$flags |= ($config['allow_sig_smilies']) ? OPTION_FLAG_SMILIES : 0;
+
+		$preview_signature = generate_text_for_display($preview_signature, $preview_signature_uid, $preview_signature_bitfield, $flags, false);
+	}
+	else
+	{
+		$preview_signature = '';
+	}
+
+	$preview_subject = censor_text($post_data['post_subject']);
+
+	// Poll Preview
+	if (!$poll_delete && ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
+	&& $auth->acl_get('f_poll', $forum_id))
+	{
+		$parse_poll = new parse_message($post_data['poll_title']);
+		$parse_poll->bbcode_uid = $message_parser->bbcode_uid;
+		$parse_poll->bbcode_bitfield = $message_parser->bbcode_bitfield;
+
+		$parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
+
+		if ($post_data['poll_length'])
+		{
+			$poll_end = ($post_data['poll_length'] * 86400) + (($post_data['poll_start']) ? $post_data['poll_start'] : time());
+		}
+
+		$template->assign_vars(array(
+			'S_HAS_POLL_OPTIONS'	=> (count($post_data['poll_options'])),
+			'S_IS_MULTI_CHOICE'		=> ($post_data['poll_max_options'] > 1) ? true : false,
+
+			'POLL_QUESTION'		=> $parse_poll->message,
+
+			'L_POLL_LENGTH'		=> ($post_data['poll_length']) ? sprintf($user->lang['POLL_RUN_TILL'], $user->format_date($poll_end)) : '',
+			'L_MAX_VOTES'		=> $user->lang('MAX_OPTIONS_SELECT', (int) $post_data['poll_max_options']),
+		));
+
+		$preview_poll_options = array();
+		foreach ($post_data['poll_options'] as $poll_option)
+		{
+			$parse_poll->message = $poll_option;
+			$parse_poll->format_display($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies']);
+			$preview_poll_options[] = $parse_poll->message;
+		}
+		unset($parse_poll);
+
+		foreach ($preview_poll_options as $key => $option)
+		{
+			$template->assign_block_vars('poll_option', array(
+				'POLL_OPTION_CAPTION'	=> $option,
+				'POLL_OPTION_ID'		=> $key + 1)
+			);
+		}
+		unset($preview_poll_options);
+	}
+
+	// Attachment Preview
+	if (count($message_parser->attachment_data))
+	{
+		$template->assign_var('S_HAS_ATTACHMENTS', true);
+
+		$update_count = array();
+		$attachment_data = $message_parser->attachment_data;
+
+		parse_attachments($forum_id, $preview_message, $attachment_data, $update_count, true);
+
+		foreach ($attachment_data as $i => $attachment)
+		{
+			$template->assign_block_vars('attachment', array(
+				'DISPLAY_ATTACHMENT'	=> $attachment)
+			);
+		}
+		unset($attachment_data);
+	}
+
+	if (!count($error))
+	{
+		$template->assign_vars(array(
+			'PREVIEW_SUBJECT'		=> $preview_subject,
+			'PREVIEW_MESSAGE'		=> $preview_message,
+			'PREVIEW_SIGNATURE'		=> $preview_signature,
+
+			'S_DISPLAY_PREVIEW'		=> !empty($preview_message),
+		));
+	}
+}
+
+// Remove quotes that would become nested too deep before decoding the text
+$generate_quote = ($mode == 'quote' && !$submit && !$preview && !$refresh);
+if ($generate_quote && $config['max_quote_depth'] > 0)
+{
+	$tmp_bbcode_uid = $message_parser->bbcode_uid;
+	$message_parser->bbcode_uid = $post_data['bbcode_uid'];
+	$message_parser->remove_nested_quotes($config['max_quote_depth'] - 1);
+	$message_parser->bbcode_uid = $tmp_bbcode_uid;
+}
+
+// Decode text for message display
+$post_data['bbcode_uid'] = ($mode == 'quote' && !$preview && !$refresh && !count($error)) ? $post_data['bbcode_uid'] : $message_parser->bbcode_uid;
+$message_parser->decode_message($post_data['bbcode_uid']);
+
+if ($generate_quote)
+{
+	// Remove attachment bbcode tags from the quoted message to avoid mixing with the new post attachments if any
+	$message_parser->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#uis', '\\2', $message_parser->message);
+
+	$quote_attributes = array(
+						'author'  => $post_data['quote_username'],
+						'post_id' => $post_data['post_id'],
+						'time'    => $post_data['post_time'],
+						'user_id' => $post_data['poster_id'],
+	);
+
+	/**
+	* This event allows you to modify the quote attributes of the post being quoted
+	*
+	* @event core.posting_modify_quote_attributes
+	* @var	array	quote_attributes	Array with quote attributes
+	* @var	array	post_data			Array with post data
+	* @since 3.2.6-RC1
+	*/
+	$vars = array(
+		'quote_attributes',
+		'post_data',
+	);
+	extract($phpbb_dispatcher->trigger_event('core.posting_modify_quote_attributes', compact($vars)));
+
+	/** @var \phpbb\language\language $language */
+	$language = $phpbb_container->get('language');
+	phpbb_format_quote($language, $message_parser, $bbcode_utils, $bbcode_status, $quote_attributes);
+}
+
+if (($mode == 'reply' || $mode == 'quote') && !$submit && !$preview && !$refresh)
+{
+	$post_data['post_subject'] = ((strpos($post_data['post_subject'], 'Re: ') !== 0) ? 'Re: ' : '') . censor_text($post_data['post_subject']);
+
+	$post_subject = $post_data['post_subject'];
+
+	/**
+	* This event allows you to modify the post subject of the post being quoted
+	*
+	* @event core.posting_modify_post_subject
+	* @var	string		post_subject	String with the post subject already censored.
+	* @since 3.2.8-RC1
+	*/
+	$vars = array('post_subject');
+	extract($phpbb_dispatcher->trigger_event('core.posting_modify_post_subject', compact($vars)));
+
+	$post_data['post_subject'] = $post_subject;
+}
+
+$attachment_data = $message_parser->attachment_data;
+$filename_data = $message_parser->filename_data;
+$post_data['post_text'] = $message_parser->message;
+
+if (count($post_data['poll_options']) || (isset($post_data['poll_title']) && !$bbcode_utils->is_empty($post_data['poll_title'])))
+{
+	$message_parser->message = $post_data['poll_title'];
+	$message_parser->bbcode_uid = $post_data['bbcode_uid'];
+
+	$message_parser->decode_message();
+	$post_data['poll_title'] = $message_parser->message;
+
+	$message_parser->message = implode("\n", $post_data['poll_options']);
+	$message_parser->decode_message();
+	$post_data['poll_options'] = explode("\n", $message_parser->message);
+}
+
+// MAIN POSTING PAGE BEGINS HERE
+
+// Forum moderators?
+$moderators = array();
+if ($config['load_moderators'])
+{
+	get_moderators($moderators, $forum_id);
+}
+
+// Generate smiley listing
+generate_smilies('inline', $forum_id);
+
+// Generate inline attachment select box
+posting_gen_inline_attachments($attachment_data);
+
+// Do show topic type selection only in first post.
+$topic_type_toggle = false;
+
+if ($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']))
+{
+	$topic_type_toggle = posting_gen_topic_types($forum_id, $post_data['topic_type']);
+}
+
+$s_topic_icons = false;
+if ($post_data['enable_icons'] && $auth->acl_get('f_icons', $forum_id))
+{
+	$s_topic_icons = posting_gen_topic_icons($mode, $post_data['icon_id']);
+}
+
+$bbcode_checked		= (isset($post_data['enable_bbcode'])) ? !$post_data['enable_bbcode'] : (($config['allow_bbcode']) ? !$user->optionget('bbcode') : 1);
+$smilies_checked	= (isset($post_data['enable_smilies'])) ? !$post_data['enable_smilies'] : (($config['allow_smilies']) ? !$user->optionget('smilies') : 1);
+$urls_checked		= (isset($post_data['enable_urls'])) ? !$post_data['enable_urls'] : 0;
+$sig_checked		= $post_data['enable_sig'];
+$lock_topic_checked	= (isset($topic_lock) && $topic_lock) ? $topic_lock : (($post_data['topic_status'] == ITEM_LOCKED) ? 1 : 0);
+$lock_post_checked	= (isset($post_lock)) ? $post_lock : $post_data['post_edit_locked'];
+
+// If the user is replying or posting and not already watching this topic but set to always being notified we need to overwrite this setting
+$notify_set			= ($mode != 'edit' && $config['allow_topic_notify'] && $user->data['is_registered'] && !$post_data['notify_set']) ? $user->data['user_notify'] : $post_data['notify_set'];
+$notify_checked		= (isset($notify)) ? $notify : (($mode == 'post') ? $user->data['user_notify'] : $notify_set);
+
+// Page title & action URL
+$s_action = append_sid("{$phpbb_root_path}posting.$phpEx", "mode=$mode");
+
+switch ($mode)
+{
+	case 'post':
+		$s_action .= $forum_id ? "&amp;f=$forum_id" : '';
+		$page_title = $user->lang['POST_TOPIC'];
+	break;
+
+	case 'reply':
+		$s_action .= $topic_id ? "&amp;t=$topic_id" : '';
+		$page_title = $user->lang['POST_REPLY'];
+	break;
+
+	case 'quote':
+		$s_action .= $post_id ? "&amp;p=$post_id" : '';
+		$page_title = $user->lang['POST_REPLY'];
+	break;
+
+	case 'delete':
+	case 'edit':
+		$s_action .= $post_id ? "&amp;p=$post_id" : '';
+		$page_title = $user->lang['EDIT_POST'];
+	break;
+}
+
+// Build Navigation Links
+generate_forum_nav($post_data);
+
+// Build Forum Rules
+generate_forum_rules($post_data);
+
+// Posting uses is_solved for legacy reasons. Plugins have to use is_solved to force themselves to be displayed.
+if ($config['enable_post_confirm'] && !$user->data['is_registered'] && (isset($captcha) && $captcha->is_solved() === false) && ($mode == 'post' || $mode == 'reply' || $mode == 'quote'))
+{
+
+	$template->assign_vars(array(
+		'S_CONFIRM_CODE'			=> true,
+		'CAPTCHA_TEMPLATE'			=> $captcha->get_template(),
+	));
+}
+
+$s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $post_data['topic_last_post_id'] . '" />' : '';
+$s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . $request->variable('draft_loaded', $draft_id) . '" />' : '';
+
+if ($mode == 'edit')
+{
+	$s_hidden_fields .= build_hidden_fields(array(
+		'edit_post_message_checksum'	=> $post_data['post_checksum'],
+		'edit_post_subject_checksum'	=> $post_data['post_subject_md5'],
+	));
+}
+
+// Add the confirm id/code pair to the hidden fields, else an error is displayed on next submit/preview
+if (isset($captcha) && $captcha->is_solved() !== false)
+{
+	$s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields());
+}
+
+$form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_attachments'] || !$auth->acl_get('u_attach') || !$auth->acl_get('f_attach', $forum_id)) ? '' : ' enctype="multipart/form-data"';
+add_form_key('posting');
+
+/** @var \phpbb\controller\helper $controller_helper */
+$controller_helper = $phpbb_container->get('controller.helper');
+
+// Build array of variables for main posting page
+$page_data = array(
+	'L_POST_A'					=> $page_title,
+	'L_ICON'					=> ($mode == 'reply' || $mode == 'quote' || ($mode == 'edit' && $post_id != $post_data['topic_first_post_id'])) ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'],
+	'L_MESSAGE_BODY_EXPLAIN'	=> $user->lang('MESSAGE_BODY_EXPLAIN', (int) $config['max_post_chars']),
+	'L_DELETE_POST_PERMANENTLY'	=> $user->lang('DELETE_POST_PERMANENTLY', 1),
+
+	'FORUM_NAME'			=> $post_data['forum_name'],
+	'FORUM_DESC'			=> ($post_data['forum_desc']) ? generate_text_for_display($post_data['forum_desc'], $post_data['forum_desc_uid'], $post_data['forum_desc_bitfield'], $post_data['forum_desc_options']) : '',
+	'TOPIC_TITLE'			=> censor_text($post_data['topic_title']),
+	'MODERATORS'			=> (count($moderators)) ? implode($user->lang['COMMA_SEPARATOR'], $moderators[$forum_id]) : '',
+	'USERNAME'				=> ((!$preview && $mode != 'quote') || $preview) ? $post_data['username'] : '',
+	'SUBJECT'				=> $post_data['post_subject'],
+	'MESSAGE'				=> $post_data['post_text'],
+	'BBCODE_STATUS'			=> $user->lang(($bbcode_status ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '<a href="' . $controller_helper->route('phpbb_help_bbcode_controller') . '">', '</a>'),
+	'IMG_STATUS'			=> ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
+	'FLASH_STATUS'			=> ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
+	'SMILIES_STATUS'		=> ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
+	'URL_STATUS'			=> ($bbcode_status && $url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
+	'MAX_FONT_SIZE'			=> (int) $config['max_post_font_size'],
+	'MINI_POST_IMG'			=> $user->img('icon_post_target', $user->lang['POST']),
+	'POST_DATE'				=> ($post_data['post_time']) ? $user->format_date($post_data['post_time']) : '',
+	'ERROR'					=> (count($error)) ? implode('<br />', $error) : '',
+	'TOPIC_TIME_LIMIT'		=> (int) $post_data['topic_time_limit'],
+	'EDIT_REASON'			=> $request->variable('edit_reason', '', true),
+	'SHOW_PANEL'			=> $request->variable('show_panel', ''),
+	'U_VIEW_FORUM'			=> append_sid("{$phpbb_root_path}viewforum.$phpEx", "f=$forum_id"),
+	'U_VIEW_TOPIC'			=> ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t=$topic_id") : '',
+	'U_PROGRESS_BAR'		=> append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&amp;mode=popup"),
+	'UA_PROGRESS_BAR'		=> addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&amp;mode=popup")),
+
+	'S_PRIVMSGS'				=> false,
+	'S_CLOSE_PROGRESS_WINDOW'	=> (isset($_POST['add_file'])) ? true : false,
+	'S_EDIT_POST'				=> ($mode == 'edit') ? true : false,
+	'S_EDIT_REASON'				=> ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
+	'S_DISPLAY_USERNAME'		=> (!$user->data['is_registered'] || ($mode == 'edit' && $post_data['poster_id'] == ANONYMOUS)) ? true : false,
+	'S_SHOW_TOPIC_ICONS'		=> $s_topic_icons,
+	'S_DELETE_ALLOWED'			=> ($mode == 'edit' && (($post_id == $post_data['topic_last_post_id'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id) && !$post_data['post_edit_locked'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])) || $auth->acl_get('m_delete', $forum_id))) ? true : false,
+	'S_BBCODE_ALLOWED'			=> ($bbcode_status) ? 1 : 0,
+	'S_BBCODE_CHECKED'			=> ($bbcode_checked) ? ' checked="checked"' : '',
+	'S_SMILIES_ALLOWED'			=> $smilies_status,
+	'S_SMILIES_CHECKED'			=> ($smilies_checked) ? ' checked="checked"' : '',
+	'S_SIG_ALLOWED'				=> ($auth->acl_get('f_sigs', $forum_id) && $config['allow_sig'] && $user->data['is_registered']) ? true : false,
+	'S_SIGNATURE_CHECKED'		=> ($sig_checked) ? ' checked="checked"' : '',
+	'S_NOTIFY_ALLOWED'			=> (!$user->data['is_registered'] || ($mode == 'edit' && $user->data['user_id'] != $post_data['poster_id']) || !$config['allow_topic_notify'] || !$config['email_enable']) ? false : true,
+	'S_NOTIFY_CHECKED'			=> ($notify_checked) ? ' checked="checked"' : '',
+	'S_LOCK_TOPIC_ALLOWED'		=> (($mode == 'edit' || $mode == 'reply' || $mode == 'quote' || $mode == 'post') && ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['is_registered'] && !empty($post_data['topic_poster']) && $user->data['user_id'] == $post_data['topic_poster'] && $post_data['topic_status'] == ITEM_UNLOCKED))) ? true : false,
+	'S_LOCK_TOPIC_CHECKED'		=> ($lock_topic_checked) ? ' checked="checked"' : '',
+	'S_LOCK_POST_ALLOWED'		=> ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
+	'S_LOCK_POST_CHECKED'		=> ($lock_post_checked) ? ' checked="checked"' : '',
+	'S_SOFTDELETE_CHECKED'		=> ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? ' checked="checked"' : '',
+	'S_SOFTDELETE_ALLOWED'		=> ($mode == 'edit' && $phpbb_content_visibility->can_soft_delete($forum_id, $post_data['poster_id'], $lock_post_checked) && $post_id == $post_data['topic_last_post_id'] && ($post_data['post_time'] > time() - ($config['delete_time'] * 60) || !$config['delete_time'])) ? true : false,
+	'S_RESTORE_ALLOWED'			=> $auth->acl_get('m_approve', $forum_id),
+	'S_IS_DELETED'				=> ($mode == 'edit' && $post_data['post_visibility'] == ITEM_DELETED) ? true : false,
+	'S_LINKS_ALLOWED'			=> $url_status,
+	'S_MAGIC_URL_CHECKED'		=> ($urls_checked) ? ' checked="checked"' : '',
+	'S_TYPE_TOGGLE'				=> $topic_type_toggle,
+	'S_SAVE_ALLOWED'			=> ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $mode != 'edit') ? true : false,
+	'S_HAS_DRAFTS'				=> ($auth->acl_get('u_savedrafts') && $user->data['is_registered'] && $post_data['drafts']) ? true : false,
+	'S_FORM_ENCTYPE'			=> $form_enctype,
+
+	'S_BBCODE_IMG'			=> $img_status,
+	'S_BBCODE_URL'			=> $url_status,
+	'S_BBCODE_FLASH'		=> $flash_status,
+	'S_BBCODE_QUOTE'		=> $quote_status,
+
+	'S_POST_ACTION'			=> $s_action,
+	'S_HIDDEN_FIELDS'		=> $s_hidden_fields,
+	'S_ATTACH_DATA'			=> json_encode($message_parser->attachment_data),
+	'S_IN_POSTING'			=> true,
+);
+
+// Build custom bbcodes array
+display_custom_bbcodes();
+
+// Poll entry
+if (($mode == 'post' || ($mode == 'edit' && $post_id == $post_data['topic_first_post_id']/* && (!$post_data['poll_last_vote'] || $auth->acl_get('m_edit', $forum_id))*/))
+	&& $auth->acl_get('f_poll', $forum_id))
+{
+	$page_data = array_merge($page_data, array(
+		'S_SHOW_POLL_BOX'		=> true,
+		'S_POLL_VOTE_CHANGE'	=> ($auth->acl_get('f_votechg', $forum_id) && $auth->acl_get('f_vote', $forum_id)),
+		'S_POLL_DELETE'			=> ($mode == 'edit' && count($post_data['poll_options']) && ((!$post_data['poll_last_vote'] && $post_data['poster_id'] == $user->data['user_id'] && $auth->acl_get('f_delete', $forum_id)) || $auth->acl_get('m_delete', $forum_id))),
+		'S_POLL_DELETE_CHECKED'	=> (!empty($poll_delete)) ? true : false,
+
+		'L_POLL_OPTIONS_EXPLAIN'	=> $user->lang('POLL_OPTIONS_' . (($mode == 'edit') ? 'EDIT_' : '') . 'EXPLAIN', (int) $config['max_poll_options']),
+
+		'VOTE_CHANGE_CHECKED'	=> (!empty($post_data['poll_vote_change'])) ? ' checked="checked"' : '',
+		'SHOW_RESULTS_CHECKED'	=> (!empty($post_data['poll_show_results'])) ? ' checked="checked"' : '',
+		'POLL_TITLE'			=> (isset($post_data['poll_title'])) ? $post_data['poll_title'] : '',
+		'POLL_OPTIONS'			=> (!empty($post_data['poll_options'])) ? implode("\n", $post_data['poll_options']) : '',
+		'POLL_MAX_OPTIONS'		=> (isset($post_data['poll_max_options'])) ? (int) $post_data['poll_max_options'] : 1,
+		'POLL_LENGTH'			=> $post_data['poll_length'],
+		)
+	);
+}
+
+/**
+* This event allows you to modify template variables for the posting screen
+*
+* @event core.posting_modify_template_vars
+* @var	array	post_data	Array with post data
+* @var	array	moderators	Array with forum moderators
+* @var	string	mode		What action to take if the form is submitted
+*				post|reply|quote|edit|delete|bump|smilies|popup
+* @var	string	page_title	Title of the mode page
+* @var	bool	s_topic_icons	Whether or not to show the topic icons
+* @var	string	form_enctype	If attachments are allowed for this form
+*				"multipart/form-data" or empty string
+* @var	string	s_action	The URL to submit the POST data to
+* @var	string	s_hidden_fields	Concatenated hidden input tags of posting form
+* @var	int	post_id		ID of the post
+* @var	int	topic_id	ID of the topic
+* @var	int	forum_id	ID of the forum
+* @var	int	draft_id	ID of the draft
+* @var	bool	submit		Whether or not the form has been submitted
+* @var	bool	preview		Whether or not the post is being previewed
+* @var	bool	save		Whether or not a draft is being saved
+* @var	bool	load		Whether or not a draft is being loaded
+* @var	bool	cancel		Whether or not to cancel the form (returns to
+*				viewtopic or viewforum depending on if the user
+*				is posting a new topic or editing a post)
+* @var	array	error		Any error strings; a non-empty array aborts
+*				form submission.
+*				NOTE: Should be actual language strings, NOT
+*				language keys.
+* @var	bool	refresh		Whether or not to retain previously submitted data
+* @var	array	page_data	Posting page data that should be passed to the
+*				posting page via $template->assign_vars()
+* @var	object	message_parser	The message parser object
+* @since 3.1.0-a1
+* @changed 3.1.0-b3 Added vars post_data, moderators, mode, page_title,
+*		s_topic_icons, form_enctype, s_action, s_hidden_fields,
+*		post_id, topic_id, forum_id, submit, preview, save, load,
+*		delete, cancel, refresh, error, page_data, message_parser
+* @changed 3.1.2-RC1 Removed 'delete' var as it does not exist
+* @changed 3.1.5-RC1 Added poll variables to the page_data array
+* @changed 3.1.6-RC1 Added 'draft_id' var
+*/
+$vars = array(
+	'post_data',
+	'moderators',
+	'mode',
+	'page_title',
+	's_topic_icons',
+	'form_enctype',
+	's_action',
+	's_hidden_fields',
+	'post_id',
+	'topic_id',
+	'forum_id',
+	'draft_id',
+	'submit',
+	'preview',
+	'save',
+	'load',
+	'cancel',
+	'refresh',
+	'error',
+	'page_data',
+	'message_parser',
+);
+extract($phpbb_dispatcher->trigger_event('core.posting_modify_template_vars', compact($vars)));
+
+// Start assigning vars for main posting page ...
+$template->assign_vars($page_data);
+
+// Show attachment box for adding attachments if true
+$allowed = ($auth->acl_get('f_attach', $forum_id) && $auth->acl_get('u_attach') && $config['allow_attachments'] && $form_enctype);
+
+if ($allowed)
+{
+	$max_files = ($auth->acl_get('a_') || $auth->acl_get('m_', $forum_id)) ? 0 : (int) $config['max_attachments'];
+	$plupload->configure($cache, $template, $s_action, $forum_id, $max_files);
+}
+
+// Attachment entry
+posting_gen_attachment_entry($attachment_data, $filename_data, $allowed, $forum_id);
+
+// Output page ...
+page_header($page_title);
+
+$template->set_filenames(array(
+	'body' => 'posting_body.html')
+);
+
+make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx"));
+
+// Topic review
+if ($mode == 'reply' || $mode == 'quote')
+{
+	if (topic_review($topic_id, $forum_id))
+	{
+		$template->assign_var('S_DISPLAY_REVIEW', true);
+	}
+}
+
+page_footer();
--- a/phpbb/styles/prosilver-ppcz/template/navbar_header.html
+++ b/phpbb/styles/prosilver-ppcz/template/navbar_header.html
@@ -234,7 +234,7 @@

 		{% EVENT overall_header_breadcrumbs_after %}

-		<li class="rightside responsive-hide"><a href="https://www.pirati.cz/rules/start" title="Předpisy Pirátů">Předpisy</a></li>
+		<li class="rightside responsive-hide"><a href="https://wiki.pirati.cz/rules/start" title="Předpisy Pirátů">Předpisy</a></li>
 		<li class="rightside responsive-hide">&bull;</li>
 		<li class="rightside responsive-hide"><a href="https://redmine.pirati.cz/issues?query_id=29" title="Volné úkoly pro dobrovolníky">Volné úkoly</a></li>
 		<li class="rightside responsive-hide">&bull;</li>

--- a/phpbb/styles/prosilver/template/ajax.js
+++ b/phpbb/styles/prosilver/template/ajax.js
@@ -348,6 +348,17 @@ $('.display_post').click(function(e) {
 	$('#post_hidden' + postId).hide();
 });

+/**
+ * Display hidden post on post review page
+ */
+$('.display_post_review').on('click', function(e) {
+	e.preventDefault();
+
+	let $displayPostLink = $(this);
+	$displayPostLink.closest('.post-ignore').removeClass('post-ignore');
+	$displayPostLink.hide();
+});
+
 /**
 * Toggle the member search panel in memberlist.php.
 *

--- a/phpbb/styles/prosilver/template/bbcode.html
+++ b/phpbb/styles/prosilver/template/bbcode.html
-<!-- BEGIN ulist_open --><ul style="list-style-type: {LIST_TYPE}"><!-- END ulist_open -->
-<!-- BEGIN ulist_open_default --><ul><!-- END ulist_open_default -->
-<!-- BEGIN ulist_close --></ul><!-- END ulist_close -->
-
-<!-- BEGIN olist_open --><ol style="list-style-type: {LIST_TYPE}"><!-- END olist_open -->
-<!-- BEGIN olist_close --></ol><!-- END olist_close -->
-
-<!-- BEGIN listitem --><li><!-- END listitem -->
-<!-- BEGIN listitem_close --></li><!-- END listitem_close -->
-
-<!-- BEGIN quote_username_open --><blockquote><div><cite>{USERNAME} {L_WROTE}{L_COLON}</cite><!-- END quote_username_open -->
-<!-- BEGIN quote_open --><blockquote class="uncited"><div><!-- END quote_open -->
-<!-- BEGIN quote_close --></div></blockquote><!-- END quote_close -->
-<!-- BEGIN quote_extended -->
-<blockquote>
-	<xsl:if test="@post_url">
-		<xsl:attribute name="cite"><xsl:value-of select="@post_url"/></xsl:attribute>
-	</xsl:if>
-	<xsl:if test="not(@author)">
-		<xsl:attribute name="class">uncited</xsl:attribute>
-	</xsl:if>
-	<div>
-		<xsl:if test="@author">
-			<cite>
-				<xsl:choose>
-					<xsl:when test="@url">
-						<a href="{@url}" class="postlink"><xsl:value-of select="@author"/></a>
-					</xsl:when>
-					<xsl:when test="@profile_url">
-						<a href="{@profile_url}"><xsl:value-of select="@author"/></a>
-					</xsl:when>
-					<xsl:otherwise>
-						<xsl:value-of select="@author"/>
-					</xsl:otherwise>
-				</xsl:choose>
-				<xsl:text> </xsl:text>
-				<xsl:value-of select="$L_WROTE"/>
-				<xsl:value-of select="$L_COLON"/>
-				<xsl:if test="@post_url">
-					<xsl:text> </xsl:text>
-					<a href="{@post_url}" data-post-id="{@post_id}" onclick="if(document.getElementById(hash.substr(1)))href=hash">&#8593;</a>
-				</xsl:if>
-				<xsl:if test="@msg_url">
-					<xsl:text> </xsl:text>
-					<a href="{@msg_url}" data-msg-id="{@msg_id}">&#8593;</a>
-				</xsl:if>
-				<xsl:if test="@date">
-					<span class="responsive-hide"><xsl:value-of select="@date"/></span>
-				</xsl:if>
-			</cite>
-		</xsl:if>
-		<xsl:apply-templates/>
-	</div>
-</blockquote>
-<!-- END quote_extended -->
-
-<!-- BEGIN code_open --><div class="codebox"><p>{L_CODE}{L_COLON} <a href="#" onclick="selectCode(this); return false;">{L_SELECT_ALL_CODE}</a></p><pre><code><!-- END code_open -->
-<!-- BEGIN code_close --></code></pre></div><!-- END code_close -->
-
-<!-- BEGIN inline_attachment_open --><div class="inline-attachment"><!-- END inline_attachment_open -->
-<!-- BEGIN inline_attachment_close --></div><!-- END inline_attachment_close -->
-
-<!-- BEGIN b_open --><strong class="text-strong"><!-- END b_open -->
-<!-- BEGIN b_close --></strong><!-- END b_close -->
-
-<!-- BEGIN u_open --><span style="text-decoration: underline"><!-- END u_open -->
-<!-- BEGIN u_close --></span><!-- END u_close -->
-
-<!-- BEGIN i_open --><em class="text-italics"><!-- END i_open -->
-<!-- BEGIN i_close --></em><!-- END i_close -->
-
-<!-- BEGIN color --><span style="color: {COLOR}">{TEXT}</span><!-- END color -->
-
-<!-- BEGIN size --><span style="font-size: {SIZE}%; line-height: 116%;">{TEXT}</span><!-- END size -->
-
-<!-- BEGIN img --><a href="{URL}" class="postlink">{L_IMAGE}</a><!-- END img -->
-
-<!-- BEGIN url --><a href="{URL}" class="postlink">{DESCRIPTION}</a><!-- END url -->
-
-<!-- BEGIN email -->
-<a>
-	<xsl:attribute name="href">
-		<xsl:text>mailto:</xsl:text>
-		<xsl:value-of select="@email"/>
-		<xsl:if test="@subject or @body">
-			<xsl:text>?</xsl:text>
-			<xsl:if test="@subject">subject=<xsl:value-of select="@subject"/></xsl:if>
-			<xsl:if test="@body"><xsl:if test="@subject">&amp;</xsl:if>body=<xsl:value-of select="@body"/></xsl:if>
-		</xsl:if>
-	</xsl:attribute>
-	<xsl:apply-templates/>
-</a>
-<!-- END email -->
-
-<!-- BEGIN flash --><object classid="clsid:D27CDB6E-AE6D-11CF-96B8-444553540000" codebase="http://active.macromedia.com/flash2/cabs/swflash.cab#version=5,0,0,0" width="{WIDTH}" height="{HEIGHT}"><param name="movie" value="{URL}" /><param name="play" value="false" /><param name="loop" value="false" /><param name="quality" value="high" /><param name="allowScriptAccess" value="never" /><param name="allowNetworking" value="internal" /><embed src="{URL}" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" width="{WIDTH}" height="{HEIGHT}" play="false" loop="false" quality="high" allowscriptaccess="never" allownetworking="internal"></embed></object><!-- END flash -->
--- a/phpbb/styles/prosilver/template/login_body.html
+++ b/phpbb/styles/prosilver/template/login_body.html
@@ -6,44 +6,6 @@

 	<div class="content">
 		<h2 class="login-title"><!-- IF LOGIN_EXPLAIN -->{LOGIN_EXPLAIN}<!-- ELSE -->{L_LOGIN}<!-- ENDIF --></h2>
-
-		<fieldset <!-- IF not S_CONFIRM_CODE -->class="fields1"<!-- ELSE -->class="fields2"<!-- ENDIF -->>
-		<!-- IF LOGIN_ERROR --><div class="error">{LOGIN_ERROR}</div><!-- ENDIF -->
-		<dl>
-			<dt><label for="{USERNAME_CREDENTIAL}">{L_USERNAME}{L_COLON}</label></dt>
-			<dd><input type="text" tabindex="1" name="{USERNAME_CREDENTIAL}" id="{USERNAME_CREDENTIAL}" size="25" value="{USERNAME}" class="inputbox autowidth" /></dd>
-		</dl>
-		<dl>
-			<dt><label for="{PASSWORD_CREDENTIAL}">{L_PASSWORD}{L_COLON}</label></dt>
-			<dd><input type="password" tabindex="2" id="{PASSWORD_CREDENTIAL}" name="{PASSWORD_CREDENTIAL}" size="25" class="inputbox autowidth" autocomplete="off" /></dd>
-			<!-- IF S_DISPLAY_FULL_LOGIN and (U_SEND_PASSWORD or U_RESEND_ACTIVATION) -->
-				<!-- IF U_RESEND_ACTIVATION --><dd><a href="{U_RESEND_ACTIVATION}">{L_RESEND_ACTIVATION}</a></dd><!-- ENDIF -->
-			<!-- ENDIF -->
-		</dl>
-		<!-- IF CAPTCHA_TEMPLATE and S_CONFIRM_CODE -->
-			<!-- DEFINE $CAPTCHA_TAB_INDEX = 3 -->
-			<!-- INCLUDE {CAPTCHA_TEMPLATE} -->
-		<!-- ENDIF -->
-		<!-- IF S_DISPLAY_FULL_LOGIN -->
-		<dl>
-			<!-- IF S_AUTOLOGIN_ENABLED --><dd><label for="autologin"><input type="checkbox" name="autologin" id="autologin" tabindex="4" /> {L_LOG_ME_IN}</label></dd><!-- ENDIF -->
-			<dd><label for="viewonline"><input type="checkbox" name="viewonline" id="viewonline" tabindex="5" /> {L_HIDE_ME}</label></dd>
-		</dl>
-		<!-- ENDIF -->
-
-		{S_LOGIN_REDIRECT}
-		{S_FORM_TOKEN_LOGIN}
-		<dl>
-			<dt>&nbsp;</dt>
-			<dd>{S_HIDDEN_FIELDS}<input type="submit" name="login" tabindex="6" value="{L_LOGIN}" class="button1" /></dd>
-		</dl>
-		</fieldset>
-		<!-- IF not U_SEND_PASSWORD -->
-			<p>V rámci technologického upgradu pirátské infrastruktury lze reset zapomenutého hesla provést pouze na adrese <a href="https://auth.pirati.cz">https://auth.pirati.cz</a>. Využijte možnost "Zapomenuté heslo?", zadejte vaše uživatelské jméno z fóra nebo e-mail z fóra. Následně obdržíte e-mail s instrukcemi pro změnu hesla.</p>
-			<p>Hesla se mezi "Pirátskou identitou" a Fórem synchronizují jednou za 10 minut.</p>
-			<p>Pro změnu registračního e-mailu využijte editaci profilu na <a href="https://auth.pirati.cz/auth/realms/pirati/account/">https://auth.pirati.cz/auth/realms/pirati/account/</a>, pro změnu či vytvoření kontaktní adresy můžete využít editaci profilu na <a href="https://nalodeni.pirati.cz">https://nalodeni.pirati.cz</a>, kam se lze přihlásit pomocí "Pirátské identity".</p>
-			<p>Pozn.: jako registrační e-mailovou adresu na Pirátské identitě není možné používat adresu ve tvaru @pirati.cz.</p>
-		<!-- ENDIF -->
 	</div>

 	<!-- IF not S_ADMIN_AUTH and PROVIDER_TEMPLATE_FILE -->

--- a/phpbb/styles/prosilver/template/ucp_pm_viewmessage_print.html
+++ b/phpbb/styles/prosilver/template/ucp_pm_viewmessage_print.html
-<!DOCTYPE html>
-<html dir="{S_CONTENT_DIRECTION}" lang="{S_USER_LANG}">
-<head>
-<meta charset="utf-8" />
-<meta http-equiv="X-UA-Compatible" content="IE=edge">
-<meta name="robots" content="noindex" />
-{META}
-<title>{SITENAME} &bull; {PAGE_TITLE}</title>
-
-<link href="{T_THEME_PATH}/print.css" rel="stylesheet">
-<!-- IF S_CONTENT_DIRECTION eq 'rtl' -->
-	<link href="{T_THEME_PATH}/bidi.css?assets_version={T_ASSETS_VERSION}" rel="stylesheet">
-<!-- ENDIF -->
-<!-- EVENT ucp_pm_viewmessage_print_head_append -->
-</head>
-<body id="phpbb">
-<div id="wrap" class="wrap">
-	<a id="top" class="top-anchor" accesskey="t"></a>
-
-	<div id="page-header">
-		<h1>{SITENAME}</h1>
-		<p>{SITE_DESCRIPTION}</p>
-
-		<h2>{L_PRIVATE_MESSAGING}</h2>
-	</div>
-
-	<div id="page-body" class="page-body">
-		<div class="page-number">{PAGE_NUMBER}</div>
-			<div class="post">
-				<h3>{SUBJECT}</h3>
-				<div class="date">{L_SENT_AT} <strong>{SENT_DATE}</strong></div>
-				<div class="author">{L_PM_FROM} <strong>{MESSAGE_AUTHOR}</strong></div>
-				<!-- IF S_TO_RECIPIENT -->
-					<div class="author">{L_TO} <strong><!-- BEGIN to_recipient -->{to_recipient.NAME}&nbsp;<!-- END to_recipient --></strong></div>
-				<!-- ENDIF -->
-				<!-- IF S_BCC_RECIPIENT -->
-					<div class="author">{L_BCC} <strong><!-- BEGIN bcc_recipient -->{bcc_recipient.NAME}&nbsp;<!-- END bcc_recipient --></strong></div>
-				<!-- ENDIF -->
-				<hr />
-				<div class="content">{MESSAGE}</div>
-			</div>
-			<hr />
-	</div>
-
-	<div id="page-footer" class="page-footer">
-		<div class="page-number">{S_TIMEZONE}<br />{PAGE_NUMBER}</div>
-		<div class="copyright">
-			<p>{{ CREDIT_LINE }}
-			</p>
-			{% if TRANSLATION_INFO %}
-			<p>{{ TRANSLATION_INFO }}
-			</p>
-			{% endif %}
-		</div>
-	</div>
-</div>
-
-</body>
-</html>
--- a/phpbb/styles/prosilver/template/viewtopic_print.html
+++ b/phpbb/styles/prosilver/template/viewtopic_print.html
-<!DOCTYPE html>
-<html dir="{S_CONTENT_DIRECTION}" lang="{S_USER_LANG}">
-<head>
-<meta charset="utf-8" />
-<meta http-equiv="X-UA-Compatible" content="IE=edge">
-<meta name="robots" content="noindex" />
-{META}
-<title>{SITENAME} &bull; {PAGE_TITLE}</title>
-
-<link href="{T_THEME_PATH}/print.css" rel="stylesheet">
-<!-- IF S_CONTENT_DIRECTION eq 'rtl' -->
-	<link href="{T_THEME_PATH}/bidi.css?assets_version={T_ASSETS_VERSION}" rel="stylesheet">
-<!-- ENDIF -->
-<!-- EVENT viewtopic_print_head_append -->
-</head>
-<body id="phpbb" class="{S_CONTENT_DIRECTION}">
-<div id="wrap" class="wrap">
-	<a id="top" class="top-anchor" accesskey="t"></a>
-
-	<div id="page-header">
-		<h1>{SITENAME}</h1>
-		<p>{SITE_DESCRIPTION}<br /><a href="{U_FORUM}">{U_FORUM}</a></p>
-
-		<h2>{TOPIC_TITLE}</h2>
-		<p><a href="{U_TOPIC}">{U_TOPIC}</a></p>
-	</div>
-
-	<div id="page-body" class="page-body">
-		<div class="page-number">{PAGE_NUMBER}</div>
-		<!-- BEGIN postrow -->
-			<div class="post">
-				<h3>{postrow.POST_SUBJECT}</h3>
-				<div class="date">{L_POSTED}{L_COLON} <strong>{postrow.POST_DATE}</strong></div>
-				<div class="author">{L_POST_BY_AUTHOR} <strong>{postrow.POST_AUTHOR}</strong></div>
-				<div class="content">{postrow.MESSAGE}</div>
-			</div>
-			<hr />
-		<!-- END postrow -->
-	</div>
-
-	<div id="page-footer" class="page-footer">
-		<div class="page-number">{S_TIMEZONE}<br />{PAGE_NUMBER}</div>
-			<div class="copyright">
-				<p>{{ CREDIT_LINE }}
-				</p>
-				{% if TRANSLATION_INFO %}
-				<p>{{ TRANSLATION_INFO }}
-				</p>
-				{% endif %}
-			</div>
-	</div>
-</div>
-
-</body>
-</html>
No results found