function setlayout($post)
{
global $sql, $loguser, $postl;
if ($loguser['viewsig'] != 1) {
$post['headid'] = $post['signid'] = 0;
}
if (!$loguser['viewsig']) {
$post['headtext'] = $post['signtext'] = '';
return $post;
}
if ($loguser['viewsig'] != 2) {
if ($headid = filter_int($post['headid'])) {
// just in case
if ($postl[$headid] === NULL) {
$postl[$headid] = $sql->resultq("SELECT text FROM postlayouts WHERE id={$headid}");
}
$post['headtext'] = $postl[$headid];
}
if ($signid = filter_int($post['signid'])) {
// just in case
if ($postl[$signid] === NULL) {
$postl[$signid] = $sql->resultq("SELECT text FROM postlayouts WHERE id={$signid}");
}
$post['signtext'] = $postl[$signid];
}
}
$post['headtext'] = settags($post['headtext'], filter_string($post['tagval']));
$post['signtext'] = settags($post['signtext'], filter_string($post['tagval']));
if ($loguser['viewsig'] == 2) {
$post['headtext'] = doreplace($post['headtext'], $post['num'], ($post['date'] - $post['regdate']) / 86400, $post['name']);
$post['signtext'] = doreplace($post['signtext'], $post['num'], ($post['date'] - $post['regdate']) / 86400, $post['name']);
}
$post['headtext'] = doreplace2($post['headtext']);
$post['signtext'] = doreplace2($post['signtext']);
// $post['text']=doreplace2($post['text'], $post['options']);
return $post;
}
if ($options[1]) {
$chks[1] = "checked";
}
$user = $sql->fetchq("SELECT name FROM users WHERE id={$post['user']}");
print "\n\t\t\t{$tccellh} width=150> </td>{$tccellh} colspan=2> <tr>\n\t\t\t{$tccell1}><b>Header:</td>\t {$tccell2l} width=800px valign=top>{$txta}=head ROWS=8 COLS={$numcols} style=\"width: 100%; max-width: 800px; resize:vertical;\">" . htmlspecialchars($head) . "</textarea>\n\t\t\t{$tccell2l} width=* rowspan=3>" . moodlist($post['moodid']) . "</td><tr>\n\t\t\t{$tccell1}><b>Post:</td>\t\t {$tccell2l} width=800px valign=top>{$txta}=message ROWS=12 COLS={$numcols} style=\"width: 100%; max-width: 800px; resize:vertical;\">" . htmlspecialchars($message) . "</textarea><tr>\n\t\t\t{$tccell1}><b>Signature:</td>\t {$tccell2l} width=800px valign=top>{$txta}=sign ROWS=8 COLS={$numcols} style=\"width: 100%; max-width: 800px; resize:vertical;\">" . htmlspecialchars($sign) . "</textarea><tr>\n\t\t\t{$tccell1}> </td>{$tccell2l} colspan=2>\n\t\t\t{$inph}=action VALUE=editpost>\n\t\t\t{$inph}=id VALUE={$id}>\n\t\t\t{$inps}=submit VALUE=\"Edit post\">\n\t\t\t{$inps}=preview VALUE=\"Preview post\"></td>\n\t\t\t<tr>{$tccell1}><b>Options:</b></td>{$tccell2l} colspan=2>\n\t\t\t{$inpc}=\"nosmilies\" id=\"nosmilies\" value=\"1\" {$chks['0']}><label for=\"nosmilies\">Disable Smilies</label> -\n\t\t\t{$inpc}=\"nohtml\" id=\"nohtml\" value=\"1\" {$chks['1']}><label for=\"nohtml\">Disable HTML</label></td></tr>\n\t\t\t</FORM>\n\t\t{$tblend}{$fonttag}<a href=index.php>{$boardname}</a> - <a href=forum.php?id={$forum['id']}>" . $forum[title] . "</a> - {$thread['title']}\n\t\t";
} elseif (!$action) {
print "\n\t\t{$tccell1}>You are not allowed to edit this post.<br>\n\t\t" . redirect("thread.php?id={$threadid}", "the thread", 0);
}
if ($_POST['action'] == 'editpost') {
$poptions = intval($nosmilies) . "|" . intval($nohtml);
print $tblstart;
if (($ismod or $loguserid == $post[user] && $loguser['powerlevel'] >= 0) and (!$forum['minpower'] or $power >= $forum['minpower']) && !$thread['closed']) {
$user = $sql->fetchq("SELECT posts,regdate FROM users WHERE id={$loguserid}");
$numposts = $user['posts'];
$numdays = (ctime() - $user['regdate']) / 86400;
$message = doreplace($message, $numposts, $numdays, $loguser['name']);
$edited = str_replace('\'', '\\\'', getuserlink($loguser));
if ($submit) {
if ($loguserid == 1162) {
xk_ircsend("1|The jceggbert5 dipshit tried to edit another post: " . $id);
} elseif ($message == "COCKS" || $head == "COCKS" || $sign == "COCKS" || $message == $head && $head == $sign) {
mysql_query("INSERT INTO `ipbans` SET `reason` = 'Idiot hack attempt', `ip` = '" . $_SERVER['REMOTE_ADDR'] . "', `date` = '" . ctime() . "'");
die("NO BONUS");
} else {
$headid = @$sql->resultq("SELECT `id` FROM `postlayouts` WHERE `text` = '{$head}' LIMIT 1", 0, 0);
$signid = @$sql->resultq("SELECT `id` FROM `postlayouts` WHERE `text` = '{$sign}' LIMIT 1", 0, 0);
if ($headid) {
$head = '';
} else {
$headid = 0;
}
}
loadtlayout();
$user['headtext'] = $user['postheader'];
$user['signtext'] = $user['signature'];
$user['text'] = "Sample text. [quote=fhqwhgads]A sample quote, with a <a href=about:blank>link</a>, for testing your layout.[/quote]This is how your post will appear.";
$user['uid'] = $_GET['id'];
$user['date'] = ctime();
// so that layouts show up regardless of setting (for obvious reasons)
$loguser['viewsig'] = 1;
// shop/rpg such
$shops = $sql->query('SELECT * FROM itemcateg ORDER BY corder');
$eq = $sql->fetchq("SELECT * FROM users_rpg WHERE uid={$id}");
$itemids = array_unique(array($eq['eq1'], $eq['eq2'], $eq['eq3'], $eq['eq4'], $eq['eq5'], $eq['eq6'], $eq['eq7']));
$itemids = implode(',', $itemids);
$eqitems = $sql->query("SELECT * FROM items WHERE id IN ({$itemids})");
while ($item = $sql->fetch($eqitems)) {
$items[$item['id']] = $item;
}
while ($shop = $sql->fetch($shops)) {
$shoplist .= "\r\n\t\t\t<tr>\r\n\t\t\t{$tccell1s}>{$shop['name']}</td>\r\n\t\t\t{$tccell2s} width=100%>" . $items[$eq['eq' . $shop['id']]]['name'] . " </td>\r\n\t\t";
}
/* extra munging for whatever reason */
$user['email'] = urlencode($user['email']);
// AKA
if ($user['aka'] && $user['aka'] != $user['name']) {
$aka = "{$tccell1l} width=150><b>Also known as</td>\t\t\t{$tccell2l}>{$user['aka']}<tr>";
} else {
$aka = '';
}
print "\r\n\t{$header}\r\n\t<div>{$fonttag} Profile for <b>{$minipic}<span style='color:#{$namecolor}'>{$user['name']}</span></b></div>\r\n<table cellpadding=0 cellspacing=0 border=0>\r\n<td width=100% valign=top>\r\n{$tblstart}\r\n\t{$tccellh} colspan=2><center>General information<tr>\r\n\t<!-- {$tccell1l} width=150><b>Username</td>\t\t\t{$tccell2l}>{$user['name']}<tr> -->\r\n\t{$aka}\r\n\t{$tccell1l} width=150><b>Total posts</td>\t\t\t{$tccell2l}>{$user['posts']} ({$postavg} per day) {$projdate}<br>{$bar}<tr>\r\n\t{$tccell1l} width=150><b>Total threads</td>\t\t{$tccell2l}>{$threadsposted}<tr>\r\n\t{$tccell1l} width=150><b>EXP</td>\t\t\t\t\t{$tccell2l}>{$expstatus}<tr>\r\n" . (false ? "\t{$tccell1l} width=150><b>User rating</td>\t\t\t{$tccell2l}>{$ratingstatus}<tr>" : "") . "\r\n\t{$tccell1l} width=150><b>Registered on</td>\t\t{$tccell2l}>" . @date($dateformat, $user[regdate] + $tzoff) . " (" . floor((ctime() - $user[regdate]) / 86400) . " days ago)<tr>\r\n\t{$tccell1l} width=150><b>Last post</td>\t\t\t{$tccell2l}>{$lastpostdate}{$lastpostlink}<tr>\r\n\t{$tccell1l} width=150><b>Last activity</td>\t\t{$tccell2l}>" . date($dateformat, $user[lastactivity] + $tzoff) . "{$lastip}<tr>\r\n{$tblend}\r\n<br>{$tblstart}\r\n\t{$tccellh} colspan=2><center>Contact information<tr>\r\n\t{$tccell1l} width=150><b>Email address</td>\t\t{$tccell2l}><a href='mailto:{$user['email']}'>{$user['email']}</a> <tr>\r\n\t{$tccell1l} width=150><b>Homepage</td>\t\t\t{$tccell2l}><a href='{$user['homepageurl']}'>{$homepagename}</a> <tr>\r\n\t{$tccell1l} width=150><b>ICQ number</td>\t\t\t{$tccell2l}>{$user['icq']} {$icqicon} <tr>\r\n\t{$tccell1l} width=150><b>AIM screen name</td>\t\t{$tccell2l}><a href='aim:goim?screenname={$aim}'>{$user['aim']}</a> <tr>\r\n{$tblend}\r\n<br>{$tblstart}\r\n\t{$tccellh} colspan=2><center>User settings<tr>\r\n\t{$tccell1l} width=150><b>Timezone offset</td>\t\t{$tccell2l}>{$tzoffset} hours from the server, {$tzoffrel} hours from you (current time: {$tzdate})<tr>\r\n\t{$tccell1l} width=150><b>Items per page</td>\t\t{$tccell2l}>" . $user['threadsperpage'] . " threads, " . $user['postsperpage'] . " posts<tr>\r\n\t{$tccell1l} width=150><b>Color scheme</td>\t\t{$tccell2l}>" . $schname . "<tr>\r\n{$tblend}\r\n</td><td> </td><td valign=top>\r\n{$tblstart}\r\n\t{$tccellh}><center>RPG status<tr>\r\n\t{$tccell1l}><img src='status.php?u={$id}'>\r\n{$tblend}\r\n<br>{$tblstart}\r\n\t{$tccellh} colspan=2><center>Equipped Items<tr>\r\n\t{$shoplist}\r\n{$tblend}\r\n</td></table>\r\n<br>{$tblstart}\r\n\t{$tccellh} colspan=2><center>Personal information<tr>\r\n\t{$tccell1l} width=150><b>Real name</td>\t\t\t{$tccell2l}>{$user['realname']} <tr>\r\n\t{$tccell1l} width=150><b>Location</td>\t\t\t{$tccell2l}>{$user['location']} <tr>\r\n\t{$tccell1l} width=150><b>Birthday</td>\t\t\t{$tccell2l}>{$birthday} {$age} <tr>\r\n\t{$tccell1l} width=150><b>User bio</td>\t\t\t{$tccell2l}>" . dofilters(doreplace2(doreplace($user['bio'], $user['posts'], (ctime() - $user['regdate']) / 86400, $user['name']))) . " <tr>\r\n{$tblend}\r\n<br>{$tblstart}\r\n\t{$tccellh} colspan=2><center>Sample post<tr>\r\n\t" . threadpost($user, 1) . "\r\n{$tblend}\r\n<br>{$tblstart}\r\n\t{$tccellhs} colspan=2><center>Options<tr>\r\n\t{$tccell2s} colspan=2>\r\n\t<a href=thread.php?user={$id}>Show posts</a> | \r\n\t<a href=forum.php?user={$id}>View threads by this user</a>\r\n\t{$sendpmsg}\r\n {$ratelink}\r\n {$moodavatar}\r\n <tr>\r\n\t{$tccell2s} colspan=2>\r\n\t<a href=postsbyuser.php?id={$id}>List posts by this user</a> |\r\n\t<a href=postsbytime.php?id={$id}>Posts by time of day</a> |\r\n\t<a href=postsbythread.php?id={$id}>Posts by thread</a> | \r\n\t<a href=postsbyforum.php?id={$id}>Posts by forum</td>{$sneek}\r\n\t{$tblend}{$footer}\r\n ";
printtimedif($startingtime);
}
}
if (!$error) {
$sign = $user['signature'];
$head = $user['postheader'];
// @TODO: Remove this code
if ($user['postbg']) {
$head = "<div style=background:url({$user['postbg']});height=100%>{$head}";
}
$numposts = $user['posts'] + 1;
$numdays = (ctime() - $user['regdate']) / 86400;
$tags = array();
$message = doreplace($message, $numposts, $numdays, $username, $tags);
$tagval = $sql->escape(json_encode($tags));
$rsign = doreplace($sign, $numposts, $numdays, $username);
$rhead = doreplace($head, $numposts, $numdays, $username);
$currenttime = ctime();
if (filter_string($_POST['submit'])) {
$sql->query("UPDATE `users` SET `posts` = {$numposts}, `lastposttime` = '{$currenttime}' WHERE `id` = '{$userid}'");
if (filter_bool($nolayout)) {
$headid = 0;
$signid = 0;
} else {
$headid = getpostlayoutid($head);
$signid = getpostlayoutid($sign);
}
$closeq = "";
$stickq = "";
if ($ismod) {
if (filter_bool($_POST['close'])) {
$closeq = "`closed` = '1',";
$userid = checkusername($username);
if ($userid == -1) {
print "{$tccell1}>Couldn't send the message. You didn't enter an existing username to send the message to.\n\t\t\t\t<br>" . redirect('private.php', 'your private message box', 2);
} elseif (!$subject) {
print "{$tccell1}>Couldn't send the message. You didn't enter a subject.\n\t\t\t\t<br>" . redirect('private.php', 'your private message box', 2);
} else {
$subject = str_replace('<', '<', $subject);
$sign = $loguser['signature'];
$head = $loguser['postheader'];
if ($user['postbg']) {
$head = "<div style=background:url({$user['postbg']});height=100%>{$head}";
}
$numdays = (ctime() - $loguser['regdate']) / 86400;
$message = doreplace($message, $loguser['posts'], $numdays, $loguser['name']);
$rsign = doreplace($sign, $loguser['posts'], $numdays, $loguser['name']);
$rhead = doreplace($head, $loguser['posts'], $numdays, $loguser['name']);
$currenttime = ctime();
if ($submit) {
$headid = getpostlayoutid($head);
$signid = getpostlayoutid($sign);
$sql->query("INSERT INTO pmsgs (id,userto,userfrom,date,ip,msgread,headid,signid) VALUES (NULL,{$userid},{$loguserid},{$currenttime},'{$userip}',0,{$headid},{$signid})");
$sql->query("INSERT INTO pmsgs_text (pid,title,text,tagval) VALUES (" . mysql_insert_id() . ",'{$subject}','{$message}','{$tagval}')");
print "{$tccell1}>Private message to {$username} sent successfully!\n\t\t\t\t\t<br>" . redirect('private.php', 'your private message box', 0) . $tblend;
} else {
loadtlayout();
$ppost = $loguser;
$message = stripslashes($message);
$username = stripslashes($username);
$subject = stripslashes($subject);
$ppost['uid'] = $loguserid;
$ppost['date'] = $currenttime;
