############################################################## 
## MOD Title:          AJAX features
## MOD Author:         alcaeus < mods@alcaeus.org > (N/A) http://www.alcaeus.org
## MOD Description:    This MOD introduces a lot of features based on the AJAX 
##                     technology. For more details, see features.txt
## MOD Version:        1.0.1
##
## Installation Level: Advanced
## Installation Time:  30 Minutes (1mn by EasyMOD of Nuttzy)
## Files To Edit:      22
##      admin/page_header_admin.php
##      includes/javascript/ajax_core.js
##      includes/javascript/ajax_forumfunctions.js
##      includes/javascript/ajax_postfunctions.js
##      includes/javascript/ajax_regfunctions.js
##      includes/javascript/ajax_searchfunctions.js
##      includes/javascript/ajax_topicfunctions.js
##      includes/functions.php
##      includes/page_header.php
##      language/lang_english/lang_main.php
##      templates/subSilver/admin/page_header.tpl
##      templates/subSilver/modcp_body.tpl
##      templates/subSilver/overall_header.tpl
##      templates/subSilver/search_results_posts.tpl
##      templates/subSilver/search_results_topics.tpl
##      templates/subSilver/simple_header.tpl
##      templates/subSilver/viewforum_body.tpl
##      templates/subSilver/viewtopic_body.tpl
##      templates/subSilver/viewtopic_poll_result.tpl
##      ajax.php
##      search.php
##      viewtopic.php
##
## Included Files:     0
## License: http://opensource.org/licenses/gpl-license.php GNU General Public License v2 
############################################################## 
## For security purposes, please check: http://www.phpbb.com/mods/ 
## for the latest version of this MOD. Although MODs are checked 
## before being allowed in the MODs Database there is no guarantee 
## that there are no security problems within the MOD. No support 
## will be given for MODs not found within the MODs Database which 
## can be found at http://www.phpbb.com/mods/ 
############################################################## 
## Author Notes: 
## 
## THIS FILE IS FOR UPDATING 1.0.1 INSTALLATIONS ONLY. FOR A CLEAN INSTALLATION,
## USE install.txt. IF YOU HAVE AN OLDER VERSION THAN 1.0.0 INSTALLED, YOU HAVE 
## TO REINSTALL THE MOD COMPLETELY.
## IF YOU HAVE NOT MODIFIED THE INCLUDED FILES, YOU CAN ALSO USE 
## update_100_to_101_phpBB_only.txt
## 
## 1. MOD Compatibility
## -----------
## This MOD has been successfully tested on phpBB 2.0.20. This MOD will not 
## work on versions before 2.0.20, as some crucial functions are missing. 
## Furthermore, you should always keep your installation of phpBB up to date. 
## To get the newest version of phpBB, go to http://www.phpbb.com/downloads.php
## If you don't have phpBB 2.0.20, upgrade now BEFORE updating or installing 
## this MOD; you won't find some of the instructions
## 
## 2. MOD Installation
## -----------
## There are two ways to install MODs into your phpBB:
## 
## 2.1. Installation with EasyMOD (EM)
## -----------
## Note that EM does not manage translations. Therefore, this file only 
## contains instructions for english language files. For other language strings
## see the translations-folder or contact me, if your language is missing.
## Translations are always appreciated
## 
## 2.2. Manual Installation
## -----------
## EM might fail on very heavily modded boards. Therefore it's possible that 
## you have to do the install manually. Also, if you don't like using EM for 
## whatever reason, you'll have to perform the update instructions yourself. 
## If you're unfamiliar with the process of installing a MOD, please use this 
## document: http://www.phpbb.com/kb/article.php?article_id=150
## 
## 3. MOD Support
## -----------
## Ok, general rule of thumb: ask for support on the site where you got the 
## MOD. This is either on my site (*.alcaeus.org), on phpbb.com, phpbb.de or 
## phpbb2.de (Note that a MOD may not have been released on all of the listed 
## sites, but those are the ones I trust). If you have downloaded the MOD from 
## any other location, please contact me via eMail and I'll take care of it.
## You should not install MODs downloaded from other sources than the ones 
## mentioned above.
## Also, if you are using a system other than phpBB (i.e. Orion, phpBB Plus, 
## etc.) you will NOT, I repeat, NOT get support, so please do not ask. I only 
## accept bug reports that are reproducable in the current version of phpBB, 
## but not bugs that only appear in premodded versions; ask where you got the 
## premod. Topics asking for support/and bug reports which don't affect phpBB 
## will be locked on sight. You've been warned!
## 
## 4. Contact
## -----------
## First: do not contact me via PM or eMail asking for support. Be ready to be 
## ignored in that case. If you need support, see chapter 2. There is only one 
## reason for you to contact me via eMail or PM: you want to build a MOD based 
## on the code of one of my MODs and redistribute it. In that case, I request 
## you ask for my permission for re-usage and re-release of my code.
##
## 5. Official last version link
## -----------
## You can see the MOD in action and download the newest version at the 
## ajax_features demo area, which can be found at 
## http://demoarea.alcaeus.org/ajax_features
##
############################################################## 
## MOD History: 
##
##   2006-04-19 - Version 1.0.1
##      - [fix] Fixed bug in AJAX vote - could still vote in expired polls
##      - [fix] Fixed bug with + in QuickEdit and QuickPreview, reported and 
##        fix provided by John Doe, oxpus and cback
##      - [fix] Fixed bug with UTF-8 characters in QuickEdit and QuickPreview
##        Thanks to markus_petrux for hinting a fix
##      - [fix] Fixed bug with post texts being truncated to 4096 Bytes when 
##        sent back to some Browsers (John Doe)
##      - [change] Changed search results to show results as posts by default
##        (beedy)
##      - [change] Used phpBB defined constants for parameter names in 
##        Javascript (phpBB MOD Team)
##      - [change] Used phpBB defined variable for php file extension (phpBB 
##        MOD team)
##      - [change] Bypass errors caused by phpBB 2.0.20's search flood 
##        protection. The MOD now requires version 2.0.20!
##      - [change] Limit length for topic title in AJAX edit fields (John Doe)
##      - [change] Scroll to top when using the quick preview feature 
##        (kroetenmist)
##      - [new] Provided link to go from poll results to poll ballot, if the 
##        user has not voted (works in AJAX and classic modes)
##
##   2006-02-04 - Version 1.0.0
##      - Initial stable release
##
############################################################## 
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD 
############################################################## 
# 
#-----[ OPEN ]------------------------------------------------ 
# 
admin/page_header_admin.php


# 
#-----[ FIND ]------------------------------------------------ 
# 
	'PHPBB_ROOT_PATH' => $phpbb_root_path,


# 
#-----[ AFTER, ADD ]------------------------------------------ 
#
	'PHPEX' => $phpEx,


# 
#-----[ OPEN ]------------------------------------------------ 
# 
includes/javascript/ajax_core.js


# 
#-----[ FIND ]------------------------------------------------ 
# 
var AJAX_DEBUG_HTML_ERRORS = 1;


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
var AJAX_DEBUG_HTML_ERRORS = 0;


# 
#-----[ FIND ]------------------------------------------------ 
# 
	var request_url = phpbb_root_path + ((submitmethod == 'GET') ? url + '?' + params : url);
	var request_params = (submitmethod == 'GET') ? null : params;
	


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# This means that you can delete those lines


# 
#-----[ FIND ]------------------------------------------------ 
# 
	request.open(submitmethod, request_url, true);
	if (submitmethod == 'POST')
	{
		request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
	}
	if ((request_params == null) && is_activex)
	{
		request.send();
	}
	else
	{
		request.send(request_params);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	if (submitmethod == 'POST')
	{
		request.open(submitmethod, url, true);
		request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded; charset=iso-8859-1');
		request.send(params);
	}
	else
	{
		request.open(submitmethod, url + '?' + params, true);
		request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded; charset=iso-8859-1');
		if (is_activex)
		{
			// This seems to be an issue in the ActiveX-Object: no parameter needed
			request.send();
		}
		else
		{
			// The native versions take null as a parameter
			request.send(null);
		}


# 
#-----[ FIND ]------------------------------------------------ 
# 
		obj.firstChild.nodeValue = newtext;
	}
	else
	{
		obj.innerHTML = newtext;
	}
}


# 
#-----[ AFTER, ADD ]------------------------------------------ 
#
// Separate escaping function to fix bug with + signs in QuickEdit and QuickPreview
function ajax_escape(text)
{
	return escape(text).replace(/(\+)/g, "%2b");
}

// This function is a workaround for long posts being truncated in PITA browsers
function parseResult(response)
{
	var res = response.match(/\<response\>((.|\s)+?)\<\/response\>/gm);
	var fields = new Array();
	if (res != null)
	{
		contents = RegExp.$1;
		res = contents.match(/\<.+?\>((.|\s)+?)\<\/.+?\>/gm);
		if (res == null)
		{
			return fields;
		}
		
		for (var i = 0; i < res.length; i++)
		{
			var field = new Array();
			res[i].match(/^\<(.+?)\>/g);
			field.push(RegExp.$1);
			res[i].match(/\<.+?\>((.|\s)+)\<\/.+?\>/gm);
			field.push(unhtmlspecialchars(RegExp.$1));
			
			fields.push(field)
		}
	}
	
	return fields;
}

function unhtmlspecialchars(text)
{
	text = text.replace(/&quot;/g, '"');
	text = text.replace(/&lt;/g, '<');
	text = text.replace(/&gt;/g, '>');
	text = text.replace(/&amp;/g, '&');
	
	return text;
}

function utf8_decode(text)
{
	while (res = text.match(/&#(\d{1,4});/))
	{
		num = res[0];
		pos = text.indexOf(num);
		if (pos == -1)
		{
			return text;
		}
		
		text = text.substring(0, pos) + unescape('%u' + parseInt(num.substring(2, num.length-1)).toString(16)) + text.substring(pos+num.length, text.length);
	}
	
	return text;
}


# 
#-----[ OPEN ]------------------------------------------------ 
# 
includes/javascript/ajax_forumfunctions.js


# 
#-----[ FIND ]------------------------------------------------ 
# 
	var url = 'ajax.php';


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	var url = 'ajax.' + phpEx;


# 
#-----[ FIND ]------------------------------------------------ 
# 
	params += '&f=' + forum_id;


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	params += '&' + POST_FORUM_URL + '=' + forum_id;


# 
#-----[ OPEN ]------------------------------------------------ 
# 
includes/javascript/ajax_postfunctions.js


# 
#-----[ FIND ]------------------------------------------------ 
# 
		var url	= 'search.php';
		var params = 'show_results=topics&is_ajax=1&search_fields=all&search_keywords=' + escape(keywords);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		var url	= 'search.' + phpEx;
		var params = 'show_results=topics&is_ajax=1&search_fields=all&search_keywords=' + ajax_escape(keywords);


# 
#-----[ FIND ]------------------------------------------------ 
# 
		reslink.setAttribute('href', 'viewtopic.php?t='+search_id+'&highlight='+keywords, 'false');


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		reslink.setAttribute('href', 'viewtopic.' + phpEx + '?'+ POST_TOPIC_URL + '='+search_id+'&highlight='+keywords, 'false');


# 
#-----[ FIND ]------------------------------------------------ 
# 
		reslink.setAttribute('href', 'search.php?search_id='+search_id, 'false');


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		reslink.setAttribute('href', 'search.' + phpEx + '?search_id='+search_id, 'false');


# 
#-----[ FIND ]------------------------------------------------ 
# 
		var url = 'ajax.php';
		var params = 'mode=checkusername_post&username=' + escape(username);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		var url = 'ajax.' + phpEx;
		var params = 'mode=checkusername_post&username=' + ajax_escape(username);


# 
#-----[ FIND ]------------------------------------------------ 
# 
	var url = 'ajax.php';
	var params = 'mode=checkusername_pm&username=' + escape(username);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	var url = 'ajax.' + phpEx;
	var params = 'mode=checkusername_pm&username=' + ajax_escape(username);


# 
#-----[ FIND ]------------------------------------------------ 
# 
	error_handler = 'AJAXFinishPreview';
	var url = 'ajax.php';
	var params = (mode == 0) ? 'mode=post_preview' : 'mode=pm_preview';
	params += '&p=' + post_id;


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	var url = 'ajax.' + phpEx;
	var params = (mode == 0) ? 'mode=post_preview' : 'mode=pm_preview';
	params += '&'+ POST_POST_URL + '=' + post_id;


# 
#-----[ FIND ]------------------------------------------------ 
# 
		params += '&username=' + escape(document.forms['post'].username.value);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		params += '&username=' + ajax_escape(document.forms['post'].username.value);


# 
#-----[ FIND ]------------------------------------------------ 
# 
		params += '&subject=' + escape(document.forms['post'].subject.value);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		params += '&subject=' + ajax_escape(document.forms['post'].subject.value);


# 
#-----[ FIND ]------------------------------------------------ 
# 
		params += '&message=' + escape(document.forms['post'].message.value);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		params += '&message=' + ajax_escape(document.forms['post'].message.value);


# 
#-----[ FIND ]------------------------------------------------ 
# 
	return !loadXMLDoc(url, params, 'POST', 'error_req_change');


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	return !loadXMLDoc(url, params, 'POST', 'post_preview_change');
}

function post_preview_change()
{
	//Check if the request is completed, if not, just skip over
	if (request.readyState == 4)
	{
		var result = AJAX_OP_COMPLETED;
		var error_msg = '';
		//If the request wasn't successful, we just hide any information we have.
		if (request.status == 200)
		{
			if (AJAX_DEBUG_RESULTS)
			{
				alert(request.responseText);
			}
			var result_data = parseResult(request.responseText);
			for (var i = 0; i < result_data.length; i++)
			{
				var str = (result_data[i][0] + ' = result_data[i][1];');
				eval(str);
			}
			
			if (result != AJAX_PREVIEW)
			{
				if (AJAX_DEBUG_REQUEST_ERRORS)
				{
					alert('result_code: '+result+'; error: '+error_msg);
				}
			}
		}
		
		AJAXFinishPreview(result, error_msg);
		delete request;
	}


# 
#-----[ FIND ]------------------------------------------------ 
# 
		preview.innerHTML = code;
		preview.style.display = '';


# 
#-----[ AFTER, ADD ]------------------------------------------ 
#
		window.scrollTo(0, 0);


# 
#-----[ OPEN ]------------------------------------------------ 
# 
includes/javascript/ajax_regfunctions.js


# 
#-----[ FIND ]------------------------------------------------ 
# 
		var url	= 'ajax.php';
		var params = 'mode=checkemail&email=' + escape(email);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		var url	= 'ajax.' + phpEx;
		var params = 'mode=checkemail&email=' + ajax_escape(email);


# 
#-----[ OPEN ]------------------------------------------------ 
# 
includes/javascript/ajax_searchfunctions.js


# 
#-----[ FIND ]------------------------------------------------ 
# 
		var url = 'ajax.php';
		var params = 'mode=search_user&search=' + is_search + '&username=' + escape(username);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		var url = 'ajax.' + phpEx;
		var params = 'mode=search_user&search=' + is_search + '&username=' + ajax_escape(username);


# 
#-----[ OPEN ]------------------------------------------------ 
# 
includes/javascript/ajax_topicfunctions.js


# 
#-----[ FIND ]------------------------------------------------ 
# 
		var url = 'ajax.php';


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		var url = 'ajax.' + phpEx;


# 
#-----[ FIND ]------------------------------------------------ 
# 
		params += '&p=' + post_id + '&subject=' + escape(topictitle.value);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		params += '&'+ POST_POST_URL + '=' + post_id + '&subject=' + ajax_escape(topictitle.value);


# 
#-----[ FIND ]------------------------------------------------ 
# 
		var url = 'ajax.php';


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		var url = 'ajax.' + phpEx;


# 
#-----[ FIND ]------------------------------------------------ 
# 
			params += '&highlight='+escape(highlight);
		}
		params += '&p=' + post_id + '&return_chars=' + return_chars + '&message=' + escape(posttext.value);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
			params += '&highlight=' + ajax_escape(highlight);
		}
		params += '&'+ POST_POST_URL + '=' + post_id + '&return_chars=' + return_chars + '&message=' + ajax_escape(posttext.value);


# 
#-----[ FIND ]------------------------------------------------ 
# 
		var result_code = AJAX_OP_COMPLETED;
		var message = '';
		var raw_message = '';
		var editmessage = '';
		var post_id = '';
		var error_msg = '';
		//If the request wasn't successful, we just hide any information we have.
		if (request.status == 200)
		{
			var response = request.responseXML.documentElement;
			if (AJAX_DEBUG_RESULTS)
			{
				alert(request.responseText);
			}
			//Don't react if no valid response was received
			if (response != null)
			{
				result_code = getFirstTagValue('result', response);
				post_id = getFirstTagValue('postid', response);
				
				if (result_code == AJAX_POST_TEXT_EDITED)
				{
					message = getFirstTagValue('message', response);
					raw_message = getFirstTagValue('rawmessage', response);
					editmessage = getFirstTagValue('editmessage', response);
				}
				else
				{
					error_msg = getFirstTagValue('error_msg', response);
					if (AJAX_DEBUG_REQUEST_ERRORS)
					{
						alert('result_code: '+result_code+'; error: '+error_msg);
					}
				}
			}
		}
		
		AJAXFinishPostEdit(result_code, post_id, message, raw_message, editmessage);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		var result = AJAX_OP_COMPLETED;
		var message = '';
		var rawmessage = '';
		var editmessage = '';
		var postid = '';
		var error_msg = '';
		//If the request wasn't successful, we just hide any information we have.
		if (request.status == 200)
		{
			if (AJAX_DEBUG_RESULTS)
			{
				alert(request.responseText);
			}
			var result_data = parseResult(request.responseText);
			for (var i = 0; i < result_data.length; i++)
			{
				var str = (result_data[i][0] + ' = result_data[i][1];');
				eval(str);
			}
			
			if ((result != AJAX_POST_TEXT_EDITED) && (error_msg != ''))
			{
				if (AJAX_DEBUG_REQUEST_ERRORS)
				{
					alert('result_code: '+result+'; error: '+error_msg);
				}
			}
		}
		
		AJAXFinishPostEdit(result, postid, message, rawmessage, editmessage);


# 
#-----[ FIND ]------------------------------------------------ 
# 
	if (!ajax_core_defined)
	{
		return;
	}


# 
#-----[ AFTER, ADD ]------------------------------------------ 
#
	
	raw_message = utf8_decode(raw_message);


# 
#-----[ FIND ]------------------------------------------------ 
# 
	var url = 'ajax.php';


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	var url = 'ajax.' + phpEx;


# 
#-----[ FIND ]------------------------------------------------ 
# 
	params += '&t=' + topic_id + '&vote_option_id=' + sel_poll_option;


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	params += '&'+ POST_TOPIC_URL + '=' + topic_id + '&vote_option_id=' + sel_poll_option;


# 
#-----[ FIND ]------------------------------------------------ 
# 
	url = 'ajax.php';


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	url = 'ajax.' + phpEx;


# 
#-----[ FIND ]------------------------------------------------ 
# 
	params += '&t=' + topic_id;


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	params += '&'+ POST_TOPIC_URL + '=' + topic_id;
	return !loadXMLDoc(url, params, 'GET', 'error_req_change');
}

function AJAXViewPollBallot(topic_id)
{
	if (!ajax_core_defined || (topic_id == 0))
	{
		// Have to return true, that way the link will be used. This will keep the link working just in case something goes wrong
		return true;
	}
	
	error_handler = 'AJAXShowPollResult';
	url = 'ajax.' + phpEx;
	params = 'mode=view_ballot';
	if (S_SID != '')
	{
		params += '&sid=' + S_SID;
	}
	params += '&'+ POST_TOPIC_URL + '=' + topic_id;


# 
#-----[ FIND ]------------------------------------------------ 
# 
	var url = 'ajax.php';


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	var url = 'ajax.' + phpEx;


# 
#-----[ FIND ]------------------------------------------------ 
# 
	params += '&t=' + topic_id + '&watch_status=' + watch_status + '&start=' + start;


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	params += '&'+ POST_TOPIC_URL + '=' + topic_id + '&watch_status=' + watch_status + '&start=' + start;


# 
#-----[ FIND ]------------------------------------------------ 
# 
	var url = 'ajax.php';


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	var url = 'ajax.' + phpEx;


# 
#-----[ FIND ]------------------------------------------------ 
# 
	params += '&t=' + topic_id + '&lock_status=' + lock_status;


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	params += '&'+ POST_TOPIC_URL + '=' + topic_id + '&lock_status=' + lock_status;


# 
#-----[ FIND ]------------------------------------------------ 
# 
	var url = 'ajax.php';


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	var url = 'ajax.' + phpEx;


# 
#-----[ FIND ]------------------------------------------------ 
# 
	params += '&t=' + topic_id;


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	params += '&'+ POST_TOPIC_URL + '=' + topic_id;


# 
#-----[ OPEN ]------------------------------------------------ 
# 
includes/functions.php


# 
#-----[ FIND ]------------------------------------------------ 
# 
			$template->assign_block_vars('tag', array(
				'TAGNAME' => $key,
				'VALUE' => utf8_encode(htmlspecialchars($value)))


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
			$value = utf8_encode(htmlspecialchars($value));
			// Get special characters in posts back ;)
			$value = preg_replace('#&amp;\#(\d{1,4});#i', '&#\1;', $value);
			
			$template->assign_block_vars('tag', array(
				'TAGNAME' => $key,
				'VALUE' => $value)


# 
#-----[ FIND ]------------------------------------------------ 
# 
	$text = preg_replace("/&quot;/i", "\"", $text);
	$text = preg_replace("/&amp;/i", "&", $text);

	return $text;
}


# 
#-----[ AFTER, ADD ]------------------------------------------ 
#

/**
* RFC1738 compliant replacement to PHP's rawurldecode - which actually works with unicode (using utf-8 encoding)
* @author Ronen Botzer
* @param $source [STRING]
* @return unicode safe rawurldecoded string [STRING]
* @access public
*/
function utf8_rawurldecode($source)
{
	// Strip slashes
	$source = stripslashes($source);
	
	$decodedStr = '';
	$pos = 0;
	$len = strlen ($source);
	
	while ($pos < $len)
	{
		$charAt = substr($source, $pos, 1);
		if ($charAt == '%')
		{
			$pos++;
			$charAt = substr($source, $pos, 1);
			if ($charAt == 'u')
			{
				// we got a unicode character
				$pos++;
				$unicodeHexVal = substr($source, $pos, 4);
				$unicode = hexdec($unicodeHexVal);
				$entity = "&#". $unicode .';';
				$decodedStr .= utf8_encode($entity);
				$pos += 4;
			}
			else
			{
				// we have an escaped ascii character
				$hexVal = substr ($source, $pos, 2);
				$decodedStr .= chr (hexdec ($hexVal));
				$pos += 2;
			}
		}
		else
		{
			$decodedStr .= $charAt;
			$pos++;
		}
	}

	// Add slashes before sending it back to the browser; 
	// this keeps people from trying to inject SQL with some malformed string like %2527
	return addslashes($decodedStr);
}

// Used to escape AJAX data correctly.
// functions_post.php must be included before calling this function
function ajax_htmlspecialchars($text)
{
	global $html_entities_match, $html_entities_replace;
	
	return preg_replace($html_entities_match, $html_entities_replace, $text);
}


# 
#-----[ OPEN ]------------------------------------------------ 
# 
includes/page_header.php


# 
#-----[ FIND ]------------------------------------------------ 
# 
	'PHPBB_ROOT_PATH' => $phpbb_root_path,


# 
#-----[ AFTER, ADD ]------------------------------------------ 
#
	'PHPEX' => $phpEx,
	'POST_FORUM_URL' => POST_FORUM_URL,
	'POST_TOPIC_URL' => POST_TOPIC_URL,
	'POST_POST_URL' => POST_POST_URL,


# 
#-----[ OPEN ]------------------------------------------------ 
# 
language/lang_english/lang_main.php


# 
#-----[ FIND ]------------------------------------------------ 
# 
$lang['View_results'] = 'View Results';


# 
#-----[ AFTER, ADD ]------------------------------------------ 
#
$lang['View_ballot'] = 'View Ballot';


# 
#-----[ OPEN ]------------------------------------------------ 
# 
templates/subSilver/admin/page_header.tpl


# 
#-----[ FIND ]------------------------------------------------ 
# 
var S_SID = '{S_SID}';
var ajax_core_defined = 0;
var phpbb_root_path = '{PHPBB_ROOT_PATH}';


# 
#-----[ BEFORE, ADD ]----------------------------------------- 
#
var phpEx = '{PHPEX}';


# 
#-----[ OPEN ]------------------------------------------------ 
# 
templates/subSilver/modcp_body.tpl


# 
#-----[ FIND ]------------------------------------------------ 
# 
<span id="title_{topicrow.TOPIC_FIRST_POST_ID}" style="display:none;"><input type="text" class="post" name="topictitle_{topicrow.TOPIC_FIRST_POST_ID}" id="topictitle_{topicrow.TOPIC_FIRST_POST_ID}" value="{topicrow.TOPIC_TITLE}" size="40" /><input type="hidden" id="orig_topictitle_{topicrow.TOPIC_FIRST_POST_ID}" value="{topicrow.TOPIC_TITLE}" />&nbsp;<input type="button" onclick="AJAXEndTitleEdit({topicrow.TOPIC_FIRST_POST_ID})" value="{L_SAVE_CHANGES}" class="mainoption" />&nbsp;<input type="button" onclick="AJAXCancelTitleEdit({topicrow.TOPIC_FIRST_POST_ID})" value="{L_CANCEL}" class="liteoption" /></span>


# 
#-----[ IN-LINE FIND ]---------------------------------------- 
# 
size="40" 


# 
#-----[ IN-LINE AFTER, ADD ]---------------------------------- 
# 
maxlength="60" 


# 
#-----[ OPEN ]------------------------------------------------ 
# 
templates/subSilver/overall_header.tpl


# 
#-----[ FIND ]------------------------------------------------ 
# 
var S_SID = '{S_SID}';
var ajax_core_defined = 0;
var phpbb_root_path = '{PHPBB_ROOT_PATH}';


# 
#-----[ AFTER, ADD ]------------------------------------------ 
#
var phpEx = '{PHPEX}';
var POST_FORUM_URL = '{POST_FORUM_URL}';
var POST_TOPIC_URL = '{POST_TOPIC_URL}';
var POST_POST_URL = '{POST_POST_URL}';


# 
#-----[ OPEN ]------------------------------------------------ 
# 
templates/subSilver/search_results_posts.tpl


# 
#-----[ FIND ]------------------------------------------------ 
# 
	  	<span id="title_{searchresults.U_POST_ID}" style="display:none;"><input type="text" class="post" name="topictitle_{searchresults.U_POST_ID}" id="topictitle_{searchresults.U_POST_ID}" value="{searchresults.POST_RAW_SUBJECT}" size="40" onkeyup="AJAXTitleEditKeyUp(event, {searchresults.U_POST_ID})" /><input type="hidden" id="orig_topictitle_{searchresults.U_POST_ID}" value="{searchresults.POST_RAW_SUBJECT}" />&nbsp;<input type="button" onclick="AJAXEndTitleEdit({searchresults.U_POST_ID})" value="{L_SAVE_CHANGES}" class="mainoption" />&nbsp;<input type="button" onclick="AJAXCancelTitleEdit({searchresults.U_POST_ID})" value="{L_CANCEL}" class="liteoption" /></span>


# 
#-----[ IN-LINE FIND ]---------------------------------------- 
# 
size="40" 


# 
#-----[ IN-LINE AFTER, ADD ]---------------------------------- 
# 
maxlength="60" 


# 
#-----[ OPEN ]------------------------------------------------ 
# 
templates/subSilver/search_results_topics.tpl


# 
#-----[ FIND ]------------------------------------------------ 
# 
	  	<span id="title_{searchresults.TOPIC_FIRST_POST_ID}" style="display:none;"><input type="text" class="post" name="topictitle_{searchresults.TOPIC_FIRST_POST_ID}" id="topictitle_{searchresults.TOPIC_FIRST_POST_ID}" value="{searchresults.TOPIC_TITLE}" size="40" onkeyup="AJAXTitleEditKeyUp(event, {searchresults.TOPIC_FIRST_POST_ID})" /><input type="hidden" id="orig_topictitle_{searchresults.TOPIC_FIRST_POST_ID}" value="{searchresults.TOPIC_TITLE}" />&nbsp;<input type="button" onclick="AJAXEndTitleEdit({searchresults.TOPIC_FIRST_POST_ID})" value="{L_SAVE_CHANGES}" class="mainoption" />&nbsp;<input type="button" onclick="AJAXCancelTitleEdit({searchresults.TOPIC_FIRST_POST_ID})" value="{L_CANCEL}" class="liteoption" /></span>


# 
#-----[ IN-LINE FIND ]---------------------------------------- 
# 
size="40" 


# 
#-----[ IN-LINE AFTER, ADD ]---------------------------------- 
# 
maxlength="60" 


# 
#-----[ OPEN ]------------------------------------------------ 
# 
templates/subSilver/simple_header.tpl


# 
#-----[ FIND ]------------------------------------------------ 
# 
var S_SID = '{S_SID}';
var ajax_core_defined = 0;
var phpbb_root_path = '{PHPBB_ROOT_PATH}';


# 
#-----[ BEFORE, ADD ]----------------------------------------- 
#
var phpEx = '{PHPEX}';
var POST_FORUM_URL = '{POST_FORUM_URL}';
var POST_TOPIC_URL = '{POST_TOPIC_URL}';
var POST_POST_URL = '{POST_POST_URL}';


# 
#-----[ OPEN ]------------------------------------------------ 
# 
templates/subSilver/viewforum_body.tpl


# 
#-----[ FIND ]------------------------------------------------ 
# 
	  	<span id="title_{topicrow.TOPIC_FIRST_POST_ID}" style="display:none;"><input type="text" class="post" name="topictitle_{topicrow.TOPIC_FIRST_POST_ID}" id="topictitle_{topicrow.TOPIC_FIRST_POST_ID}" value="{topicrow.TOPIC_TITLE}" size="40" onkeyup="AJAXTitleEditKeyUp(event, {topicrow.TOPIC_FIRST_POST_ID})" /><input type="hidden" id="orig_topictitle_{topicrow.TOPIC_FIRST_POST_ID}" value="{topicrow.TOPIC_TITLE}" />&nbsp;<input type="button" onclick="AJAXEndTitleEdit({topicrow.TOPIC_FIRST_POST_ID})" value="{L_SAVE_CHANGES}" class="mainoption" />&nbsp;<input type="button" onclick="AJAXCancelTitleEdit({topicrow.TOPIC_FIRST_POST_ID})" value="{L_CANCEL}" class="liteoption" /></span>


# 
#-----[ IN-LINE FIND ]---------------------------------------- 
# 
size="40" 


# 
#-----[ IN-LINE AFTER, ADD ]---------------------------------- 
# 
maxlength="60" 


# 
#-----[ OPEN ]------------------------------------------------ 
# 
templates/subSilver/viewtopic_body.tpl


# 
#-----[ FIND ]------------------------------------------------ 
# 
				  	<span id="title_{postrow.U_POST_ID}" style="display:none;"><input type="text" class="post" name="topictitle_{postrow.U_POST_ID}" id="topictitle_{postrow.U_POST_ID}" value="{postrow.POST_RAW_SUBJECT}" size="40" onkeyup="AJAXTitleEditKeyUp(event, {postrow.U_POST_ID})" /><input type="hidden" id="orig_topictitle_{postrow.U_POST_ID}" value="{postrow.POST_RAW_SUBJECT}" />&nbsp;<input type="button" onclick="AJAXEndTitleEdit({postrow.U_POST_ID})" value="{L_SAVE_CHANGES}" class="mainoption" />&nbsp;<input type="button" onclick="AJAXCancelTitleEdit({postrow.U_POST_ID})" value="{L_CANCEL}" class="liteoption" /></span>


# 
#-----[ IN-LINE FIND ]---------------------------------------- 
# 
size="40" 


# 
#-----[ IN-LINE AFTER, ADD ]---------------------------------- 
# 
maxlength="60" 


# 
#-----[ OPEN ]------------------------------------------------ 
# 
templates/subSilver/viewtopic_poll_result.tpl


# 
#-----[ FIND ]------------------------------------------------ 
# 
	  <tr> 
		<td colspan="4" align="center"><span class="gen"><b>{L_TOTAL_VOTES} : {TOTAL_VOTES}</b></span></td>
	  </tr>


# 
#-----[ AFTER, ADD ]------------------------------------------ 
#
	  <!-- BEGIN switch_view_ballot -->
		<tr>
			<td align="center"><span class="gensmall"><b><a href="{U_VIEW_BALLOT}" onClick="return AJAXViewPollBallot({TOPIC_ID});" class="gensmall">{L_VIEW_BALLOT}</a></b></span></td>
		</tr>
	  <!-- END switch_view_ballot -->


# 
#-----[ OPEN ]------------------------------------------------ 
# 
ajax.php


# 
#-----[ FIND ]------------------------------------------------ 
# 
include($phpbb_root_path .'extension.inc');
include($phpbb_root_path .'common.'. $phpEx);


# 
#-----[ AFTER, ADD ]------------------------------------------ 
#
include($phpbb_root_path .'includes/functions_post.'. $phpEx);


# 
#-----[ FIND ]------------------------------------------------ 
# 
	$subject = (isset($HTTP_POST_VARS['subject'])) ? htmlspecialchars(trim($HTTP_POST_VARS['subject'])) : '';


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	$subject = (isset($HTTP_POST_VARS['subject'])) ? ajax_htmlspecialchars(trim(utf8_rawurldecode($HTTP_POST_VARS['subject']))) : '';


# 
#-----[ FIND ]------------------------------------------------ 
# 
else if ($mode == 'edit_post_text')
{
	include($phpbb_root_path .'includes/functions_post.'. $phpEx);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
else if ($mode == 'edit_post_text')
{


# 
#-----[ FIND ]------------------------------------------------ 
# 
	$message = (isset($HTTP_POST_VARS['message'])) ? $HTTP_POST_VARS['message'] : '';


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	$message = (isset($HTTP_POST_VARS['message'])) ? utf8_rawurldecode($HTTP_POST_VARS['message']) : '';


# 
#-----[ FIND ]------------------------------------------------ 
# 
		$words = explode(' ', trim(htmlspecialchars($highlight_string)));


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		$words = explode(' ', trim(ajax_htmlspecialchars(utf8_rawurldecode($highlight_string))));


# 
#-----[ FIND ]------------------------------------------------ 
# 
else if (($mode == 'vote_poll') || ($mode == 'view_poll'))


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
else if (($mode == 'vote_poll') || ($mode == 'view_poll') || ($mode == 'view_ballot'))


# 
#-----[ FIND ]------------------------------------------------ 
# 
	// Voting
	if ($mode == 'vote_poll')
	{
		// Get vote_option_id and vote_id
		if (isset($HTTP_POST_VARS['vote_option_id']) || isset($HTTP_GET_VARS['vote_option_id']))


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	// Get vote_option_id and vote_id
	if ($mode == 'vote_poll')
	{
		if (isset($HTTP_POST_VARS['vote_option_id']) || isset($HTTP_GET_VARS['vote_option_id']))


# 
#-----[ FIND ]------------------------------------------------ 
# 
			$sql = 'SELECT vd.vote_id, t.forum_id, t.topic_id, t.topic_status 


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
			$sql = 'SELECT vd.*, t.forum_id, t.topic_id, t.topic_status 


# 
#-----[ FIND ]------------------------------------------------ 
# 

			if ($vote_info)
			{
				// Check if the user is allowed to vote
				$is_auth = auth(AUTH_ALL, $vote_info['forum_id'], $userdata);
				if ($is_auth['auth_vote'] && (($vote_info['topic_status'] != TOPIC_LOCKED) || ($is_auth['auth_mod'])))
				{
					$vote_id = intval($vote_info['vote_id']);
				
					// Check if the user already voted
					$sql = 'SELECT * FROM '. VOTE_USERS_TABLE ." 
					        WHERE vote_id = $vote_id 
					        AND vote_user_id = ". $userdata['user_id'];
					if (!($result = $db->sql_query($sql)))
					{
						$result_ar = array(
							'result' => AJAX_ERROR,
							'error_msg' => 'Could not obtain user vote data for this topic'
						);
						AJAX_message_die($result_ar);
					}
					$row = $db->sql_fetchrow($result);
					$db->sql_freeresult($result);

					if (!$row)
					{
						$sql = 'UPDATE '. VOTE_RESULTS_TABLE ." 
						        SET vote_result = vote_result + 1 
						        WHERE vote_id = $vote_id 
						        AND vote_option_id = $vote_option_id";
						if (!$db->sql_query($sql, BEGIN_TRANSACTION))
						{
							$result_ar = array(
								'result' => AJAX_ERROR,
								'error_msg' => 'Could not update poll result'
							);
							AJAX_message_die($result_ar);
						}
					
						$sql = 'INSERT INTO '. VOTE_USERS_TABLE ." (vote_id, vote_user_id, vote_user_ip) 
						        VALUES ($vote_id, ". $userdata['user_id'] .", '$user_ip')";
						if (!$db->sql_query($sql, END_TRANSACTION))
						{
							$result_ar = array(
								'result' => AJAX_ERROR,
								'error_msg' => 'Could not update poll result'
							);
							AJAX_message_die($result_ar);
						}
					}
				}


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		}
	}
	else
	{
		// Get vote_id from vote_option_id
		$sql = 'SELECT vd.*, t.forum_id, t.topic_id, t.topic_status 
		        FROM '. VOTE_DESC_TABLE .' vd, '. TOPICS_TABLE ." t 
		        WHERE t.topic_id = vd.topic_id 
		        AND t.topic_id = $topic_id 
		        GROUP BY vd.vote_id";
		if (!($result = $db->sql_query($sql)))
		{
			$error = $db->sql_error();
			$result_ar = array(
				'result' => AJAX_ERROR,
				'error_msg' => 'Could not query vote information'
			);
			AJAX_message_die($result_ar);
		}
		$vote_info = $db->sql_fetchrow($result);
		$db->sql_freeresult($result);
	}
	
	if ($vote_info)
	{
		// Check if the user is allowed to vote
		$is_auth = auth(AUTH_ALL, $vote_info['forum_id'], $userdata);
		$poll_expired = ($vote_info['vote_length']) ? (($vote_info['vote_start'] + $vote_info['vote_length'] < time()) ? True : False) : False;
		$can_vote = $is_auth['auth_vote'] && (($vote_info['topic_status'] != TOPIC_LOCKED) || ($is_auth['auth_mod'])) && !$poll_expired;
		if ($can_vote)
		{
			$vote_id = intval($vote_info['vote_id']);
		
			// Check if the user already voted
			$sql = 'SELECT * FROM '. VOTE_USERS_TABLE ." 
			        WHERE vote_id = $vote_id 
			        AND vote_user_id = ". $userdata['user_id'];
			if (!($result = $db->sql_query($sql)))
			{
				$result_ar = array(
					'result' => AJAX_ERROR,
					'error_msg' => 'Could not obtain user vote data for this topic'
				);
				AJAX_message_die($result_ar);
			}
			$row = $db->sql_fetchrow($result);
			$db->sql_freeresult($result);
			
			$can_vote = $can_vote && !$row;

			if (!$row && ($mode == 'vote_poll'))
			{
				$sql = 'UPDATE '. VOTE_RESULTS_TABLE ." 
				        SET vote_result = vote_result + 1 
				        WHERE vote_id = $vote_id 
				        AND vote_option_id = $vote_option_id";
				if (!$db->sql_query($sql, BEGIN_TRANSACTION))
				{
					$result_ar = array(
						'result' => AJAX_ERROR,
						'error_msg' => 'Could not update poll result (1):'. $mode
					);
					AJAX_message_die($result_ar);
				}
			
				$sql = 'INSERT INTO '. VOTE_USERS_TABLE ." (vote_id, vote_user_id, vote_user_ip) 
				        VALUES ($vote_id, ". $userdata['user_id'] .", '$user_ip')";
				if (!$db->sql_query($sql, END_TRANSACTION))
				{
					$result_ar = array(
						'result' => AJAX_ERROR,
						'error_msg' => 'Could not update poll result (2):'. $mode
					);
					AJAX_message_die($result_ar);
				}
				$can_vote = False;
			}
			else if (!$can_vote && ($mode == 'view_ballot'))
			{
				$mode = 'view_poll';


# 
#-----[ FIND ]------------------------------------------------ 
# 
	$template->set_filenames(array(
		'pollbox' => 'viewtopic_poll_result.tpl')
	);

	$vote_results_sum = 0;

	for ($i = 0; $i < $vote_options; $i++)
	{
		$vote_results_sum += $vote_info[$i]['vote_result'];
	}

	$vote_graphic = 0;
	$vote_graphic_max = count($images['voting_graphic']);

	$orig_word = array();
	$replacement_word = array();
	obtain_word_list($orig_word, $replacement_word);
	
	for ($i = 0; $i < $vote_options; $i++)
	{
		$vote_percent = ($vote_results_sum > 0) ? $vote_info[$i]['vote_result'] / $vote_results_sum : 0;
		$vote_graphic_length = round($vote_percent * $board_config['vote_graphic_length']);

		$vote_graphic_img = $images['voting_graphic'][$vote_graphic];
		$vote_graphic = ($vote_graphic < $vote_graphic_max - 1) ? $vote_graphic + 1 : 0;

		if (count($orig_word))
		{
			$vote_info[$i]['vote_option_text'] = preg_replace($orig_word, $replacement_word, $vote_info[$i]['vote_option_text']);
		}

		$template->assign_block_vars('poll_option', array(
			'POLL_OPTION_CAPTION' => $vote_info[$i]['vote_option_text'],
			'POLL_OPTION_RESULT' => $vote_info[$i]['vote_result'],
			'POLL_OPTION_PERCENT' => sprintf("%.1d%%", ($vote_percent * 100)),

			'POLL_OPTION_IMG' => $vote_graphic_img,
			'POLL_OPTION_IMG_WIDTH' => $vote_graphic_length)
		);
	}

	if (count($orig_word))
	{
		$vote_title = preg_replace($orig_word, $replacement_word, $vote_title);
	}
	
	$template->assign_vars(array(
		'POLL_QUESTION' => $vote_title,
		'L_TOTAL_VOTES' => $lang['Total_votes'],
		'TOTAL_VOTES' => $vote_results_sum)


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	if (count($orig_word))
	{
		$vote_title = preg_replace($orig_word, $replacement_word, $vote_title);
	}
	
	if ($mode == 'view_ballot')
	{
		$template->set_filenames(array(
			'pollbox' => 'viewtopic_poll_ballot.tpl')
		);
		
		for ($i = 0; $i < $vote_options; $i++)
		{
			if (count($orig_word))
			{
				$vote_info[$i]['vote_option_text'] = preg_replace($orig_word, $replacement_word, $vote_info[$i]['vote_option_text']);
			}
			
			$template->assign_block_vars('poll_option', array(
				'POLL_OPTION_ID' => $vote_info[$i]['vote_option_id'],
				'POLL_OPTION_CAPTION' => $vote_info[$i]['vote_option_text'])
			);
		}
		
		$template->assign_vars(array(
			'L_SUBMIT_VOTE' => $lang['Submit_vote'],
			'L_VIEW_RESULTS' => $lang['View_results'],
			
			'U_VIEW_RESULTS' => append_sid("viewtopic.$phpEx?". POST_TOPIC_URL ."=$topic_id&amp;postdays=$post_days&amp;postorder=$post_order&amp;vote=viewresult"),
			'S_HIDDEN_FIELDS' => '<input type="hidden" name="topic_id" value="' . $topic_id . '" /><input type="hidden" name="mode" value="vote" />')
		);
	}
	else
	{
		$template->set_filenames(array(
			'pollbox' => 'viewtopic_poll_result.tpl')
		);
	
		$vote_results_sum = 0;
	
		for ($i = 0; $i < $vote_options; $i++)
		{
			$vote_results_sum += $vote_info[$i]['vote_result'];
		}
	
		$vote_graphic = 0;
		$vote_graphic_max = count($images['voting_graphic']);
	
		$orig_word = array();
		$replacement_word = array();
		obtain_word_list($orig_word, $replacement_word);
		
		for ($i = 0; $i < $vote_options; $i++)
		{
			$vote_percent = ($vote_results_sum > 0) ? $vote_info[$i]['vote_result'] / $vote_results_sum : 0;
			$vote_graphic_length = round($vote_percent * $board_config['vote_graphic_length']);
	
			$vote_graphic_img = $images['voting_graphic'][$vote_graphic];
			$vote_graphic = ($vote_graphic < $vote_graphic_max - 1) ? $vote_graphic + 1 : 0;
	
			if (count($orig_word))
			{
				$vote_info[$i]['vote_option_text'] = preg_replace($orig_word, $replacement_word, $vote_info[$i]['vote_option_text']);
			}
	
			$template->assign_block_vars('poll_option', array(
				'POLL_OPTION_CAPTION' => $vote_info[$i]['vote_option_text'],
				'POLL_OPTION_RESULT' => $vote_info[$i]['vote_result'],
				'POLL_OPTION_PERCENT' => sprintf("%.1d%%", ($vote_percent * 100)),
	
				'POLL_OPTION_IMG' => $vote_graphic_img,
				'POLL_OPTION_IMG_WIDTH' => $vote_graphic_length)
			);
		}
	
		$template->assign_vars(array(
			'L_TOTAL_VOTES' => $lang['Total_votes'],
			'L_VIEW_BALLOT' => $lang['View_ballot'],
			'U_VIEW_BALLOT' => append_sid("viewtopic.$phpEx?". POST_TOPIC_URL ."=$topic_id&amp;postdays=$post_days&amp;postorder=$post_order"),
			'S_POLL_ACTION' => append_sid("posting.$phpEx?mode=vote&amp;". POST_TOPIC_URL ."=$topic_id"),
			'TOTAL_VOTES' => $vote_results_sum)
		);
		
		if ($can_vote)
		{
			$template->assign_block_vars('switch_view_ballot', array());
		}
	}
	
	$template->assign_vars(array(
		'POLL_QUESTION' => $vote_title,
		'TOPIC_ID' => $topic_id)


# 
#-----[ FIND ]------------------------------------------------ 
# 
		$username = (isset($HTTP_POST_VARS['username'])) ? $HTTP_POST_VARS['username'] : $HTTP_GET_VARS['username'];


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		$username = (isset($HTTP_POST_VARS['username'])) ? utf8_rawurldecode($HTTP_POST_VARS['username']) : utf8_rawurldecode($HTTP_GET_VARS['username']);


# 
#-----[ FIND ]------------------------------------------------ 
# 
		$username = (isset($HTTP_POST_VARS['username'])) ? $HTTP_POST_VARS['username'] : $HTTP_GET_VARS['username'];


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		$username = (isset($HTTP_POST_VARS['username'])) ? utf8_rawurldecode($HTTP_POST_VARS['username']) : utf8_rawurldecode($HTTP_GET_VARS['username']);


# 
#-----[ FIND ]------------------------------------------------ 
# 
		$email = (isset($HTTP_POST_VARS['email'])) ? stripslashes($HTTP_POST_VARS['email']) : stripslashes($HTTP_GET_VARS['email']);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
		$email = (isset($HTTP_POST_VARS['email'])) ? stripslashes(utf8_rawurldecode($HTTP_POST_VARS['email'])) : stripslashes(utf8_rawurldecode($HTTP_GET_VARS['email']));


# 
#-----[ FIND ]------------------------------------------------ 
# 
else if ($mode == 'post_preview')
{
	include($phpbb_root_path .'includes/functions_post.'. $phpEx);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
else if ($mode == 'post_preview')
{


# 
#-----[ FIND ]------------------------------------------------ 
# 
	$username = (isset($HTTP_POST_VARS['username'])) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['username']))) : $username;
	$subject = (isset($HTTP_POST_VARS['subject'])) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['subject']))) : '';
	$message = (isset($HTTP_POST_VARS['message'])) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['message']))) : '';


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	$username = (isset($HTTP_POST_VARS['username'])) ? ajax_htmlspecialchars(trim(stripslashes(utf8_rawurldecode($HTTP_POST_VARS['username'])))) : $username;
	$subject = (isset($HTTP_POST_VARS['subject'])) ? ajax_htmlspecialchars(trim(stripslashes(utf8_rawurldecode($HTTP_POST_VARS['subject'])))) : '';
	$message = (isset($HTTP_POST_VARS['message'])) ? ajax_htmlspecialchars(trim(stripslashes(utf8_rawurldecode($HTTP_POST_VARS['message'])))) : '';


# 
#-----[ FIND ]------------------------------------------------ 
# 
else if ($mode == 'pm_preview')
{
	include($phpbb_root_path .'includes/functions_post.'. $phpEx);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
else if ($mode == 'pm_preview')
{


# 
#-----[ FIND ]------------------------------------------------ 
# 
	$to_username = (isset($HTTP_POST_VARS['username']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['username']))) : '';
	$subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))) : '';
	$message = ( isset($HTTP_POST_VARS['message']) ) ? trim($HTTP_POST_VARS['message']) : '';


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	$to_username = (isset($HTTP_POST_VARS['username']) ) ? trim(ajax_htmlspecialchars(stripslashes(utf8_rawurldecode($HTTP_POST_VARS['username'])))) : '';
	$subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(ajax_htmlspecialchars(stripslashes(utf8_rawurldecode($HTTP_POST_VARS['subject'])))) : '';
	$message = ( isset($HTTP_POST_VARS['message']) ) ? trim(utf8_rawurldecode($HTTP_POST_VARS['message'])) : '';


# 
#-----[ OPEN ]------------------------------------------------ 
# 
search.php


# 
#-----[ FIND ]------------------------------------------------ 
# 
	$show_results = 'topics';
}
$show_results = ($show_results == 'posts') ? 'posts' : 'topics';


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
	$show_results = 'posts';
}
$show_results = ($show_results == 'topics') ? 'topics' : 'posts';


# 
#-----[ FIND ]------------------------------------------------ 
# 
					message_die(GENERAL_MESSAGE, $lang['Search_Flood_Error']);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
					if ($is_ajax)
					{
						$result_ar = array(
							'search_id' => 0,
							'results' => 0,
							'keywords' => ''
						);
						AJAX_message_die($result_ar);
					}
					else
					{
						message_die(GENERAL_MESSAGE, $lang['Search_Flood_Error']);
					}


# 
#-----[ OPEN ]------------------------------------------------ 
# 
viewtopic.php


# 
#-----[ FIND ]------------------------------------------------ 
# 
				'TOTAL_VOTES' => $vote_results_sum)
			);


# 
#-----[ REPLACE WITH ]---------------------------------------- 
# 
				'TOTAL_VOTES' => $vote_results_sum,
				
				'L_VIEW_BALLOT' => $lang['View_ballot'],
				'U_VIEW_BALLOT' => append_sid("viewtopic.$phpEx?". POST_TOPIC_URL ."=$topic_id&amp;postdays=$post_days&amp;postorder=$post_order"))
			);
			
			if (!$user_voted && !$poll_expired && $is_auth['auth_vote'] && ($forum_topic_data['topic_status'] != TOPIC_LOCKED))
			{
				$template->assign_block_vars('switch_view_ballot', array());
			}


# 
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------ 
# 
# EoM