$sql->total_query++; $count2 = $sql->count_rows(); if ($CONFIG_security_mode) { $query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.security_code WHERE sc_id = \"" . mysql_res($POST_security_id) . "\" AND sc_code = \"" . mysql_res($POST_security_code) . "\""; $sql->result = $sql->execute_query($query, 'register.php'); $sql->total_query++; $count3 = $sql->result(); } if ($count1) { redir_back("{$lang['Reg_idused_']}<BR><BR>{$lang['Reg_idused2']}"); } else { if ($count2) { redir_back("{$lang['Reg_emailused']}<BR><BR>{$lang['Reg_emailused2']}"); } else { if ($CONFIG_security_mode && !$count3) { redir_back("{$lang['Reg_security_code_fail']}"); } else { if ($CONFIG_register_mode == '2') { $query = "SELECT memory_value1 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"activate_id\" ORDER by memory_value1 DESC LIMIT 1"; $sql->result = $sql->execute_query($query, 'register.php'); $sql->total_query++; $row_activeid = $sql->fetch_row(); $active_id = $row_activeid['memory_value1'] + 1; $active_key = md5(uniqid(microtime())); $active_url = "http://" . $_SERVER[HTTP_HOST] . "" . $_SERVER[PHP_SELF] . "?act=activate&a=" . $active_id . "&act_key=" . $active_key . ""; $mail_subject = "Registration Confirmation ( SGCP user registration confirmation )"; $mail_messages = sprintf("\n{$lang['EMA_mes_1']}\n\n\n{$lang['EMA_mes_2']}\n\n\n{$lang['EMA_mes_3']}\n\n{$lang['EMA_mes_4']}\n\n{$lang['EMA_mes_5']}\n\n{$lang['EMA_mes_3']}\n\n\n{$lang['EMA_mes_6']}\n\n\n{$active_url}\n\n\n{$lang['EMA_mes_7']}\n%s.\n", $CONFIG_server_name, $POST_userid, $POST_userpass, $CONFIG_server_name); if (SendMail($POST_email, $mail_subject, $mail_messages)) { $active_mes = $lang["EMA_send_success"]; $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.memory (memory_object,memory_value1,memory_value3) VALUES (\"activate_id\",\"" . mysql_res($active_id) . "\",\"" . mysql_res($active_key) . "\")", 'register.php'); $activeid = '2';
redir("index.php?act=forum", "{$lang['No_privilege']}", 3); } } if ($GET_code == 02 && check_category($POST_f) && length($POST_t_mes, 3)) { if (check_forum_perm($POST_f, $CP['g_id'], 'reply_perm')) { $query = "SELECT topic_name FROM {$CONFIG_sql_cpdbname}.board_topic WHERE topic_id =\"" . mysql_res($POST_t) . "\""; $sql->result = $sql->execute_query($query, 'insert_topic.php'); $row = $sql->fetch_row(); $topic_name = $row["topic_name"]; $count1 = $sql->count_rows(); $query = "SELECT reply_user_id FROM {$CONFIG_sql_cpdbname}.board_reply WHERE reply_id =\"" . mysql_res($POST_p) . "\""; $sql->result = $sql->execute_query($query, 'insert_topic.php'); $row_check = $sql->fetch_row(); $checkuserid = $row_check["reply_user_id"]; if (!length($POST_t_mes, 3, $CONFIG_max_post_length)) { redir_back("Your messages are more than {$CONFIG_max_post_length} characters"); } else { if ($count1 && ($checkuserid == $CP[login_id] || checkprivilege_action($CP[login_id], g_edit_posts)) && !empty($CP[login_id])) { $query = "SELECT reply_id FROM {$CONFIG_sql_cpdbname}.board_reply WHERE topic_id = \"" . mysql_res($POST_t) . "\" ORDER by reply_id LIMIT 1"; $sql->result = $sql->execute_query($query, 'action_post.php'); $sql->total_query++; $row_result2 = $sql->fetch_row(); $reply_id_start = $row_result2[0]; if ($POST_t_title && $reply_id_start == $POST_p && $POST_edit_topic) { $POST_t_title = checkstring($POST_t_title, 1); $POST_t_desc = checkstring($POST_t_desc, 1); $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.board_topic SET topic_name=\"" . $POST_t_title . "\",topic_description=\"" . $POST_t_desc . "\" WHERE topic_id=\"" . mysql_res($POST_t) . "\" ", 'insert_topic.php'); } $reply_edit_name = $POST_add_edit ? $CP['login_name'] : ""; $POST_t_mes = checkstring($POST_t_mes, 1); $POST_t_emo = (int) $POST_t_emo;