function SendSite($yname, $ymail, $fname, $fmail, $random_num = "0", $gfx_check)
{
global $sitename, $slogan, $nukeurl, $module_name, $gfx_chk, $sitekey;
if (empty($fname) or empty($fmail) or empty($yname) or empty($ymail)) {
include "header.php";
title("{$sitename} - " . _RECOMMEND . "");
OpenTable();
echo "<center>" . _SENDSITEERROR . "<br><br>" . _GOBACK . "";
CloseTable();
include "footer.php";
die;
}
$fname = removecrlf(filter($fname, "nohtml"));
$fmail = validate_mail(removecrlf(filter($fmail, "nohtml")));
$yname = removecrlf(filter($yname, "nohtml"));
$ymail = validate_mail(removecrlf(filter($ymail, "nohtml")));
$datekey = date("F j");
$rcode = hexdec(md5($_SERVER['HTTP_USER_AGENT'] . $sitekey . $random_num . $datekey));
$code = substr($rcode, 2, 3);
if (extension_loaded("gd") and $code != $gfx_check and $gfx_chk != 0) {
$mess = 1;
Header("Location: modules.php?name={$module_name}&op=RecommendSite&mess={$mess}");
} else {
$subject = "" . _INTSITE . " {$sitename}";
$message = "" . _HELLO . " {$fname}:\n\n" . _YOURFRIEND . " {$yname} " . _OURSITE . " {$sitename} " . _INTSENT . "\n\n\n" . _FSITENAME . " {$sitename}\n{$slogan}\n" . _FSITEURL . " {$nukeurl}\n";
mail($fmail, $subject, $message, "From: \"{$yname}\" <{$ymail}>\nX-Mailer: PHP/" . phpversion());
update_points(3);
Header("Location: modules.php?name={$module_name}&op=SiteSent&fname={$fname}");
}
}
function SendSite($yname, $ymail, $fname, $fmail)
{
global $sitename, $slogan, $nukeurl, $module_name;
$fname = stripslashes(FixQuotes(check_html(removecrlf($fname))));
$fmail = stripslashes(FixQuotes(check_html(removecrlf($fmail))));
$yname = stripslashes(FixQuotes(check_html(removecrlf($yname))));
$ymail = stripslashes(FixQuotes(check_html(removecrlf($ymail))));
$subject = "" . _INTSITE . " {$sitename}";
$message = "" . _HELLO . " {$fname}:\n\n" . _YOURFRIEND . " {$yname} " . _OURSITE . " {$sitename} " . _INTSENT . "\n\n\n" . _FSITENAME . " {$sitename}\n{$slogan}\n" . _FSITEURL . " {$nukeurl}\n";
mail($fmail, $subject, $message, "From: \"{$yname}\" <{$ymail}>\nX-Mailer: PHP/" . phpversion());
update_points(3);
Header("Location: modules.php?name={$module_name}&op=SiteSent&fname={$fname}");
}
function SendStory($sid, $yname, $ymail, $fname, $fmail)
{
global $sitename, $nukeurl, $prefix, $db, $module_name;
$fname = removecrlf(filter($fname, "nohtml"));
$fmail = removecrlf(filter($fmail, "nohtml"));
$yname = removecrlf(filter($yname, "nohtml"));
$ymail = removecrlf(filter($ymail, "nohtml"));
$sid = intval($sid);
$row = $db->sql_fetchrow($db->sql_query("SELECT title, time, topic FROM " . $prefix . "_stories WHERE sid='{$sid}'"));
$title = filter($row['title'], "nohtml");
$time = $row['time'];
$topic = intval($row['topic']);
$row2 = $db->sql_fetchrow($db->sql_query("SELECT topictext FROM " . $prefix . "_topics WHERE topicid='{$topic}'"));
$topictext = filter($row2['topictext'], "nohtml");
$subject = "" . _INTERESTING . " {$sitename}";
$message = "" . _HELLO . " {$fname}:\n\n" . _YOURFRIEND . " {$yname} " . _CONSIDERED . "\n\n\n{$title}\n(" . _FDATE . " {$time})\n" . _FTOPIC . " {$topictext}\n\n" . _URL . ": {$nukeurl}/modules.php?name={$module_name}&file=article&sid={$sid}\n\n" . _YOUCANREAD . " {$sitename}\n{$nukeurl}";
mail($fmail, $subject, $message, "From: \"{$yname}\" <{$ymail}>\nX-Mailer: PHP/" . phpversion());
update_points(6);
$title = urlencode($title);
$fname = urlencode($fname);
Header("Location: modules.php?name={$module_name}&file=friend&op=StorySent&title={$title}&fname={$fname}");
}
/* the Free Software Foundation; either version 2 of the License. */
/************************************************************************/
if (!eregi("modules.php", $_SERVER['PHP_SELF'])) {
die("You can't access this file directly...");
}
require_once "mainfile.php";
$module_name = basename(dirname(__FILE__));
get_lang($module_name);
$pagetitle = "- " . _USERSJOURNAL . "";
include "header.php";
include "modules/{$module_name}/functions.php";
cookiedecode($user);
$username = $cookie[1];
$htime = date(h);
$mtime = date(i);
$ntime = date(a);
$mtime = "{$htime}:{$mtime} {$ntime}";
$mdate = date(m);
$ddate = date(d);
$ydate = date(Y);
$ndate = "{$mdate}-{$ddate}-{$ydate}";
startjournal($sitename, $user);
$sql = "INSERT INTO " . $prefix . "_journal_comments VALUES ('','{$rid}','{$username}','{$comment}','{$ndate}','{$mtime}')";
$db->sql_query($sql);
update_points(2);
echo "<br>";
openTable();
echo "<div align=center>" . _COMMENTPOSTED . "<br><br>";
echo "<a href=\"modules.php?name={$module_name}&file=display&jid={$rid}\">" . _RETURNJOURNAL2 . "</a><br><br><div class=title>" . _THANKS . "</div></div>";
closeTable();
journalfoot();
$username = $cookie[1];
$user = filter($user, "nohtml");
$username = filter($username, "nohtml");
$sitename = filter($sitename, "nohtml");
$title = filter($title, "nohtml");
$title = addslashes($title);
if (isset($mood)) {
$mood = filter($mood, "nohtml");
} else {
$mood = "";
}
$jbodytext = kses(ADVT_stripslashes($jbodytext), $allowed);
$jbodytext = addslashes($jbodytext);
$sql = "INSERT INTO " . $prefix . "_journal (jid,aid,title,bodytext,mood,pdate,ptime,status,mtime,mdate) VALUES (NULL,'{$username}','{$title}','{$jbodytext}','{$mood}','{$pdate}','{$ptime}','{$status}','{$mtime}','{$ndate}')";
$db->sql_query($sql);
update_points(1);
$sql = "SELECT * FROM " . $prefix . "_journal_stats WHERE joid = '{$username}'";
$result = $db->sql_query($sql);
$row_count = $db->sql_numrows($result);
if ($row_count == 0) {
$query = "INSERT INTO " . $prefix . "_journal_stats (id,joid,nop,ldp,ltp,micro) VALUES ('','{$username}','1',now(),'{$mtime}',now())";
$db->sql_query($query);
} else {
$row = $db->sql_fetchrow($result);
$nnop = $row['nop'];
$nnnop = $nnop + 1;
$micro = date("U");
$nnnop = filter($nnnop, "nohtml");
$ndate = filter($ndate, "nohtml");
$mtime = filter($mtime, "nohtml");
$micro = filter($micro, "nohtml");
function broadcast($the_message, $who)
{
global $prefix, $db, $broadcast_msg, $module_name, $cookie, $user, $userinfo, $user_prefix;
cookiedecode($user);
getusrinfo($user);
$row = $db->sql_fetchrow($db->sql_query("SELECT karma FROM " . $user_prefix . "_users WHERE user_id = '" . intval($cookie[0]) . "'"));
if ($row['karma'] == 2 or $row['karma'] == 3) {
Header("Location: modules.php?name=" . $module_name);
die;
}
if (is_user($user) and strtolower($who) == strtolower($cookie[1]) and strtolower($userinfo['username']) == strtolower($cookie[1]) and $userinfo['user_password'] == $cookie[2]) {
$who = $cookie[1];
$the_message = filter($the_message, "nohtml", 1);
if ($broadcast_msg == 1) {
include "header.php";
title("" . _BROADCAST . "");
OpenTable();
$numrows = $db->sql_numrows($db->sql_query("SELECT * FROM " . $prefix . "_public_messages WHERE who='{$who}'"));
if (!empty($the_message) and $numrows == 0) {
$the_time = time();
$who = filter($who, "nohtml", 1);
$db->sql_query("INSERT INTO " . $prefix . "_public_messages VALUES (NULL, '{$the_message}', '{$the_time}', '{$who}')");
update_points(20);
echo "<center>" . _BROADCASTSENT . "<br><br>[ <a href=\"modules.php?name={$module_name}\">" . _RETURNPAGE . "</a> ]</center>";
} else {
echo "<center>" . _BROADCASTNOTSENT . "<br><br>[ <a href=\"modules.php?name={$module_name}\">" . _RETURNPAGE . "</a> ]</center>";
}
CloseTable();
include "footer.php";
} else {
echo "I don't like you...";
}
}
}
function CreateTopic($xanonpost, $subject, $comment, $pid, $sid, $host_name, $mode, $order, $thold)
{
global $module_name, $user, $userinfo, $EditedMessage, $cookie, $AllowableHTML, $ultramode, $user_prefix, $prefix, $anonpost, $articlecomm, $db, $sitename;
cookiedecode($user);
getusrinfo($user);
$sid = intval($sid);
$pid = intval($pid);
$author = filter($author, "nohtml", 1);
$subject = filter($subject, "nohtml", 1);
$comment = format_url($comment);
$comment = filter($comment, "", 1);
if (empty($subject) or empty($comment)) {
include "header.php";
title("{$sitename} - " . _COMMENTSSYSTEM . "");
OpenTable();
echo "<center>" . _COMMENTPOSTERROR . "<br><br>" . _GOBACK . "</center>";
CloseTable();
include "footer.php";
fdie();
}
//$comment = filter($comment);
if (is_user($user) and !$xanonpost) {
$name = $userinfo['username'];
$email = $userinfo['femail'];
$url = $userinfo['user_website'];
$score = 1;
} else {
$name = "";
$email = "";
$url = "";
$score = 0;
}
if (!isset($ip)) {
$ip = $_SERVER['REMOTE_ADDR'];
}
$fake = $db->sql_numrows($db->sql_query("SELECT * FROM " . $prefix . "_stories WHERE sid='{$sid}'"));
$comment = trim($comment);
$comment = filter($comment, "", 1);
if ($fake == 1 and $articlecomm == 1) {
if ($anonpost == 0 and is_user($user) or $anonpost == 1) {
if (is_user($user)) {
$krow = $db->sql_fetchrow($db->sql_query("SELECT karma FROM " . $user_prefix . "_users WHERE username='******'"));
$koptions = "";
$koptions .= "&mode=" . $mode;
$koptions .= "&order=" . $order;
$koptions .= "&thold=" . $thold;
if ($krow['karma'] == 2) {
$db->sql_query("INSERT INTO " . $prefix . "_comments_moderated VALUES (NULL, '{$pid}', '{$sid}', now(), '{$name}', '{$email}', '{$url}', '{$ip}', '{$subject}', '{$comment}', '{$score}', '0', '0')");
include "header.php";
title(_MODERATEDTITLE);
OpenTable();
echo "<center>" . _COMMENTMODERATED . "";
echo "<br><br><a href=\"modules.php?name={$module_name}&file=article&sid={$sid}{$koptions}\">" . _MODERATEDRETURN . "</a>";
CloseTable();
include "footer.php";
fdie();
} elseif ($krow['karma'] == 3) {
Header("Location: modules.php?name={$module_name}&file=article&sid={$sid}{$koptions}");
fdie();
}
}
$db->sql_query("INSERT INTO " . $prefix . "_comments VALUES (NULL, '{$pid}', '{$sid}', now(), '{$name}', '{$email}', '{$url}', '{$ip}', '{$subject}', '{$comment}', '{$score}', '0', '0')");
$db->sql_query("UPDATE " . $prefix . "_stories SET comments=comments+1 WHERE sid='{$sid}'");
update_points(5);
if ($ultramode) {
ultramode();
}
} else {
die("Nice try..");
}
} else {
include "header.php";
echo "According to my records, the topic you are trying " . "to reply to does not exist. If you're just trying to be " . "annoying, well then too bad.";
include "footer.php";
fdie();
}
$options = "";
$options .= "&mode=" . $mode;
$options .= "&order=" . $order;
$options .= "&thold=" . $thold;
Header("Location: modules.php?name={$module_name}&file=article&sid={$sid}{$options}");
}
function addrating($ratinglid, $ratinguser, $rating, $ratinghost_name, $ratingcomments)
{
global $prefix, $db, $cookie, $user, $module_name;
$passtest = "yes";
include "header.php";
include "modules/{$module_name}/d_config.php";
$ratinglid = intval($ratinglid);
completevoteheader();
if (is_user($user)) {
$user2 = base64_decode($user);
$user2 = addslashes($user2);
$cookie = explode(":", $user2);
cookiedecode($user);
$ratinguser = $cookie[1];
} else {
if ($ratinguser == "outside") {
$ratinguser = "******";
} else {
$ratinguser = "******";
}
}
$results3 = $db->sql_query("SELECT title FROM " . $prefix . "_downloads_downloads WHERE lid='{$ratinglid}'");
while (list($title) = $results3->fetch_row()) {
$ttitle = filter($title, "nohtml");
}
$title = filter($title, "nohtml");
/* Make sure only 1 anonymous from an IP in a single day. */
$ip = $_SERVER['REMOTE_HOST'];
if (empty($ip)) {
$ip = $_SERVER['REMOTE_ADDR'];
}
/* Check if Rating is Null */
if ($rating == "--") {
$error = "nullerror";
completevote($error);
$passtest = "no";
}
/* Check if Download POSTER is voting (UNLESS Anonymous users allowed to post) */
if ($ratinguser != $anonymous && $ratinguser != "outside") {
$result = $db->sql_query("SELECT submitter FROM " . $prefix . "_downloads_downloads WHERE lid='{$ratinglid}'");
while (list($ratinguserDB) = $result->fetch_row()) {
if ($ratinguserDB == $ratinguser) {
$error = "postervote";
completevote($error);
$passtest = "no";
}
}
}
/* Check if REG user is trying to vote twice. */
if ($ratinguser != $anonymous && $ratinguser != "outside") {
$result = $db->sql_query("SELECT ratinguser FROM " . $prefix . "_downloads_votedata WHERE ratinglid='{$ratinglid}'");
while (list($ratinguserDB) = $result->fetch_row()) {
if ($ratinguserDB == $ratinguser) {
$error = "regflood";
completevote($error);
$passtest = "no";
}
}
}
/* Check if ANONYMOUS user is trying to vote more than once per day. */
if ($ratinguser == $anonymous) {
$yesterdaytimestamp = time() - 86400 * $anonwaitdays;
$ytsDB = Date("Y-m-d H:i:s", $yesterdaytimestamp);
$result = $db->sql_query("SELECT * FROM " . $prefix . "_downloads_votedata WHERE ratinglid='{$ratinglid}' AND ratinguser='******' AND ratinghostname = '{$ip}' AND TO_DAYS(NOW()) - TO_DAYS(ratingtimestamp) < '{$anonwaitdays}'");
$anonvotecount = $db->sql_numrows($result);
if ($anonvotecount >= 1) {
$error = "anonflood";
completevote($error);
$passtest = "no";
}
}
/* Check if OUTSIDE user is trying to vote more than once per day. */
if ($ratinguser == "outside") {
$yesterdaytimestamp = time() - 86400 * $outsidewaitdays;
$ytsDB = Date("Y-m-d H:i:s", $yesterdaytimestamp);
$result = $db->sql_query("SELECT * FROM " . $prefix . "_downloads_votedata WHERE ratinglid='{$ratinglid}' AND ratinguser='******' AND ratinghostname = '{$ip}' AND TO_DAYS(NOW()) - TO_DAYS(ratingtimestamp) < '{$outsidewaitdays}'");
$outsidevotecount = $db->sql_numrows($result);
if ($outsidevotecount >= 1) {
$error = "outsideflood";
completevote($error);
$passtest = "no";
}
}
/* Passed Tests */
if ($passtest == "yes") {
$ratingcomments = filter($ratingcomments);
if (!empty($ratingcomments)) {
update_points(19);
}
update_points(18);
/* All is well. Add to Line Item Rate to DB. */
$ratinglid = intval($ratinglid);
$rating = intval($rating);
$ratingcomments = filter($ratingcomments, "", 1);
if ($rating > 10 || $rating < 1) {
header("Location: modules.php?name={$module_name}&d_op=ratedownload&lid={$ratinglid}");
die;
}
$db->sql_query("INSERT into " . $prefix . "_downloads_votedata values (NULL,'{$ratinglid}', '{$ratinguser}', '{$rating}', '{$ip}', '{$ratingcomments}', now())");
/* All is well. Calculate Score & Add to Summary (for quick retrieval & sorting) to DB. */
/* NOTE: If weight is modified, ALL downloads need to be refreshed with new weight. */
/* Running a SQL statement with your modded calc for ALL downloads will accomplish this. */
$voteresult = $db->sql_query("SELECT rating, ratinguser, ratingcomments FROM " . $prefix . "_downloads_votedata WHERE ratinglid = '{$ratinglid}'");
$totalvotesDB = $db->sql_numrows($voteresult);
include "modules/{$module_name}/voteinclude.php";
$finalrating = intval($finalrating);
$totalvotesDB = intval($totalvotesDB);
$truecomments = intval($truecomments);
$ratinglid = intval($ratinglid);
$db->sql_query("UPDATE " . $prefix . "_downloads_downloads SET downloadratingsummary='{$finalrating}',totalvotes='{$totalvotesDB}',totalcomments='{$truecomments}' WHERE lid = '{$ratinglid}'");
$error = "none";
completevote($error);
}
completevotefooter($ratinglid, $ratinguser);
include "footer.php";
}
function rate_article($sid, $score)
{
global $prefix, $db, $ratecookie, $sitename, $r_options;
$score = intval($score);
$sid = intval($sid);
if ($score) {
if ($score > 5) {
$score = 5;
}
if ($score < 1) {
$score = 1;
}
if ($score != 1 and $score != 2 and $score != 3 and $score != 4 and $score != 5) {
Header("Location: index.php");
die;
}
if (isset($ratecookie)) {
$rcookie = base64_decode($ratecookie);
$rcookie = addslashes($rcookie);
$r_cookie = explode(":", $rcookie);
}
for ($i = 0; $i < sizeof($r_cookie); $i++) {
if ($r_cookie[$i] == $sid) {
$a = 1;
}
}
if ($a == 1) {
Header("Location: modules.php?name=News&op=rate_complete&sid={$sid}&rated=1");
} else {
$result = $db->sql_query("update " . $prefix . "_stories set score=score+{$score}, ratings=ratings+1 where sid='{$sid}'");
$info = base64_encode("{$rcookie}{$sid}:");
setcookie("ratecookie", "{$info}", time() + 3600);
update_points(7);
Header("Location: modules.php?name=News&op=rate_complete&sid={$sid}{$r_options}");
}
} else {
include "header.php";
title("{$sitename}: " . _ARTICLERATING . "");
OpenTable();
echo "<center>" . _DIDNTRATE . "<br><br>" . "" . _GOBACK . "</center>";
CloseTable();
include "footer.php";
}
}
function broadcast($the_message, $who)
{
global $prefix, $db, $broadcast_msg, $module_name, $cookie, $user, $userinfo;
cookiedecode($user);
getusrinfo($user);
if (is_user($user) and strtolower($who) == strtolower($cookie[1]) and strtolower($userinfo['username']) == strtolower($cookie[1]) and $userinfo['user_password'] == $cookie[2]) {
$who = $cookie[1];
$the_message = htmlentities($the_message);
if ($broadcast_msg == 1) {
include "header.php";
title("" . _BROADCAST . "");
OpenTable();
$numrows = $db->sql_numrows($db->sql_query("SELECT * FROM " . $prefix . "_public_messages WHERE who='{$who}'"));
$the_message = FixQuotes(filter_text($the_message, "nohtml"));
if ($the_message != "" and $numrows == 0) {
$the_time = time();
$who = htmlspecialchars(stripslashes($who));
$db->sql_query("INSERT INTO " . $prefix . "_public_messages VALUES (NULL, '{$the_message}', '{$the_time}', '{$who}')");
update_points(20);
echo "<center>" . _BROADCASTSENT . "<br><br>[ <a href=\"modules.php?name={$module_name}\">" . _RETURNPAGE . "</a> ]</center>";
} else {
echo "<center>" . _BROADCASTNOTSENT . "<br><br>[ <a href=\"modules.php?name={$module_name}\">" . _RETURNPAGE . "</a> ]</center>";
}
CloseTable();
include "footer.php";
} else {
echo "I don't like you...";
}
}
}
function pollCollector($pollID, $voteID, $forwarder)
{
global $HTTP_COOKIE_VARS, $prefix, $db;
/* Fix for lamers that like to cheat on polls */
if (empty($ip)) {
$ip = $_SERVER["REMOTE_ADDR"];
}
$pollID = intval($pollID);
$voteID = intval($voteID);
$past = time() - 1800;
$db->sql_query("DELETE FROM " . $prefix . "_poll_check WHERE time < '{$past}'");
$row = $db->sql_fetchrow($db->sql_query("SELECT ip FROM " . $prefix . "_poll_check WHERE (ip='{$ip}') AND (pollID='{$pollID}')"));
$ips = $row['ip'];
$ctime = time();
if ($ip == $ips) {
$voteValid = 0;
} else {
$db->sql_query("INSERT INTO " . $prefix . "_poll_check (ip, time, pollID) VALUES ('{$ip}', '{$ctime}', '{$pollID}')");
$voteValid = "1";
}
/* Fix end */
/* update database if the vote is valid */
if ($voteValid > 0) {
$db->sql_query("UPDATE " . $prefix . "_poll_data SET optionCount=optionCount+1 WHERE pollID='{$pollID}' AND voteID='{$voteID}'");
if ($voteID != "") {
$db->sql_query("UPDATE " . $prefix . "_poll_desc SET voters=voters+1 WHERE pollID='{$pollID}'");
update_points(8);
}
Header("Location: {$forwarder}");
} else {
Header("Location: {$forwarder}");
}
/* a lot of browsers can't handle it if there's an empty page */
echo "<html><head></head><body></body></html>";
}
} elseif (ereg("SunOS", $_SERVER["HTTP_USER_AGENT"])) {
$os = "SunOS";
} elseif (ereg("IRIX", $_SERVER["HTTP_USER_AGENT"])) {
$os = "IRIX";
} elseif (ereg("BeOS", $_SERVER["HTTP_USER_AGENT"])) {
$os = "BeOS";
} elseif (ereg("OS/2", $_SERVER["HTTP_USER_AGENT"])) {
$os = "OS/2";
} elseif (ereg("AIX", $_SERVER["HTTP_USER_AGENT"])) {
$os = "AIX";
} else {
$os = "Other";
}
/* Save on the databases the obtained values */
$db->sql_query("UPDATE " . $prefix . "_counter SET count=count+1 WHERE (type='total' AND var='hits') OR (var='{$browser}' AND type='browser') OR (var='{$os}' AND type='os')");
update_points(13);
/* Start Detailed Statistics */
$dot = date("d-m-Y-H");
$now = explode("-", $dot);
$nowHour = $now[3];
$nowYear = $now[2];
$nowMonth = $now[1];
$nowDate = $now[0];
$sql = "SELECT year FROM " . $prefix . "_stats_year WHERE year='{$nowYear}'";
$resultyear = $db->sql_query($sql);
$jml = $db->sql_numrows($resultyear);
if ($jml <= 0) {
$sql = "INSERT INTO " . $prefix . "_stats_year VALUES ('{$nowYear}','0')";
$db->sql_query($sql);
for ($i = 1; $i <= 12; $i++) {
$db->sql_query("INSERT INTO " . $prefix . "_stats_month VALUES ('{$nowYear}','{$i}','0')");
function savecomment($xanonpost, $uname, $id, $score, $comments)
{
global $anonymous, $user, $cookie, $prefix, $db, $module_name, $user_prefix, $anonpost;
if (!is_user($user) && $anonpost == 0) {
include "header.php";
title("{$module_name}");
OpenTable();
echo "<center><b>" . _RESTRICTEDAREA . "</b><br><br>" . _MODULEUSERS . "";
CloseTable();
include "footer.php";
die;
}
if ($xanonpost) {
$uname = $anonymous;
}
$comments = filter($comments, "", 1);
$uname = filter($uname, "nohtml");
$id = intval($id);
$score = intval($score);
if (is_user($user)) {
$krow = $db->sql_fetchrow($db->sql_query("SELECT karma FROM " . $user_prefix . "_users WHERE username='******'"));
if ($krow['karma'] == 2) {
$db->sql_query("insert into " . $prefix . "_reviews_comments_moderated values (NULL, '{$id}', '{$uname}', now(), '{$comments}', '{$score}')");
include "header.php";
title("" . _MODERATEDTITLE . "");
OpenTable();
echo "<center>" . _COMMENTMODERATED . "";
echo "<br><br><a href=\"modules.php?name={$module_name}&rop=showcontent&id={$id}\">" . _MODERATEDTITLE . "</a>";
CloseTable();
include "footer.php";
die;
} elseif ($krow['karma'] == 3) {
Header("Location: modules.php?name={$module_name}&rop=showcontent&id={$id}");
die;
}
}
$db->sql_query("insert into " . $prefix . "_reviews_comments values (NULL, '{$id}', '{$uname}', now(), '{$comments}', '{$score}')");
update_points(12);
Header("Location: modules.php?name={$module_name}&rop=showcontent&id={$id}");
}
function CreateTopic($xanonpost, $subject, $comment, $pid, $sid, $host_name, $mode, $order, $thold, $posttype)
{
global $module_name, $user, $userinfo, $EditedMessage, $cookie, $AllowableHTML, $ultramode, $prefix, $anonpost, $articlecomm, $db;
cookiedecode($user);
$author = FixQuotes($author);
$subject = FixQuotes(filter_text($subject, "nohtml"));
$comment = format_url($comment);
if ($posttype == "exttrans") {
$comment = FixQuotes(nl2br(htmlspecialchars(check_words($comment))));
} elseif ($posttype == "plaintext") {
$comment = FixQuotes(nl2br(filter_text($comment)));
} else {
$comment = FixQuotes(filter_text($comment));
}
if (is_user($user)) {
getusrinfo($user);
}
if (is_user($user) && !$xanonpost) {
getusrinfo($user);
$name = $userinfo[username];
$email = $userinfo[femail];
$url = $userinfo[user_website];
$score = 1;
} else {
$name = "";
$email = "";
$url = "";
$score = 0;
}
$ip = $_SERVER["REMOTE_HOST"];
if (empty($ip)) {
$ip = $_SERVER["REMOTE_ADDR"];
}
$fake = $db->sql_numrows($db->sql_query("SELECT * FROM " . $prefix . "_stories WHERE sid='{$sid}'"));
$comment = trim($comment);
$comment = stripslashes($comment);
if ($fake == 1 and $articlecomm == 1) {
if ($anonpost == 0 and is_user($user) or $anonpost == 1) {
$db->sql_query("INSERT INTO " . $prefix . "_comments VALUES (NULL, '{$pid}', '{$sid}', now(), '{$name}', '{$email}', '{$url}', '{$ip}', '{$subject}', '{$comment}', '{$score}', '0')");
$db->sql_query("UPDATE " . $prefix . "_stories SET comments=comments+1 WHERE sid='{$sid}'");
update_points(5);
if ($ultramode) {
ultramode();
}
} else {
echo "Nice try...";
die;
}
} else {
include "header.php";
echo "According to my records, the topic you are trying " . "to reply to does not exist. If you're just trying to be " . "annoying, well then too bad.";
include "footer.php";
die;
}
if (isset($cookie[4])) {
$options .= "&mode={$cookie['4']}";
} else {
$options .= "&mode=thread";
}
if (isset($cookie[5])) {
$options .= "&order={$cookie['5']}";
} else {
$options .= "&order=0";
}
if (isset($cookie[6])) {
$options .= "&thold={$cookie['6']}";
} else {
$options .= "&thold=0";
}
Header("Location: modules.php?name={$module_name}&file=article&sid={$sid}{$options}");
}
function viewbanner()
{
global $prefix, $db, $admin, $sitename, $adminmail, $nukeurl;
if (paid()) {
return;
}
$numrows = $db->sql_numrows($db->sql_query("SELECT * FROM " . $prefix . "_banner WHERE type='0' AND active='1'"));
/* Get a random banner if exist any. */
/* More efficient random stuff, thanks to Cristian Arroyo from http://www.planetalinux.com.ar */
if ($numrows > 1) {
$numrows = $numrows - 1;
mt_srand((double) microtime() * 1000000);
$bannum = mt_rand(0, $numrows);
} else {
$bannum = 0;
}
$sql = "SELECT bid, impmade, imageurl, clickurl, alttext FROM " . $prefix . "_banner WHERE type='0' AND active='1' LIMIT {$bannum},1";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$bid = $row[bid];
$imageurl = $row[imageurl];
$clickurl = $row[clickurl];
$alttext = $row[alttext];
if (!is_admin($admin)) {
$db->sql_query("UPDATE " . $prefix . "_banner SET impmade=impmade+1 WHERE bid='{$bid}'");
}
update_points(21);
if ($numrows > 0) {
$sql2 = "SELECT cid, imptotal, impmade, clicks, date FROM " . $prefix . "_banner WHERE bid='{$bid}'";
$result2 = $db->sql_query($sql2);
$row2 = $db->sql_fetchrow($result2);
$cid = $row2[cid];
$imptotal = $row2[imptotal];
$imptotal = intval($imptotal);
$impmade = $row2[impmade];
$impmade = intval($impmade);
$clicks = $row2[clicks];
$clicks = intval($clicks);
$date = $row2[date];
/* Check if this impression is the last one and print the banner */
if ($imptotal <= $impmade and $imptotal != 0) {
$db->sql_query("UPDATE " . $prefix . "_banner SET active='0' WHERE bid='{$bid}'");
$sql3 = "SELECT name, contact, email FROM " . $prefix . "_bannerclient WHERE cid='{$cid}'";
$result3 = $db->sql_query($sql3);
$row3 = $db->sql_fetchrow($result3);
$c_name = $row3[name];
$c_contact = $row3[contact];
$c_email = $row3[email];
if ($c_email != "") {
$from = "{$sitename} <{$adminmail}>";
$to = "{$c_contact} <{$c_email}>";
$message = "" . _HELLO . " {$c_contact}:\n\n";
$message .= "" . _THISISAUTOMATED . "\n\n";
$message .= "" . _THERESULTS . "\n\n";
$message .= "" . _TOTALIMPRESSIONS . " {$imptotal}\n";
$message .= "" . _CLICKSRECEIVED . " {$clicks}\n";
$message .= "" . _IMAGEURL . " {$imageurl}\n";
$message .= "" . _CLICKURL . " {$clickurl}\n";
$message .= "" . _ALTERNATETEXT . " {$alttext}\n\n";
$message .= "" . _HOPEYOULIKED . "\n\n";
$message .= "" . _THANKSUPPORT . "\n\n";
$message .= "- {$sitename} " . _TEAM . "\n";
$message .= "{$nukeurl}";
$subject = "{$sitename}: " . _BANNERSFINNISHED . "";
mail($to, $subject, $message, "From: {$from}\nX-Mailer: PHP/" . phpversion());
}
}
echo "<center><a href=\"banners.php?op=click&bid={$bid}\" target=\"_blank\"><img src=\"{$imageurl}\" border=\"0\" alt='{$alttext}' title='{$alttext}'></a></center>";
}
}
function rate_article($sid, $score, $random_num = "0", $gfx_check)
{
global $prefix, $db, $ratecookie, $sitename, $r_options, $sitekey, $gfx_chk, $module_name;
if (isset($random_num)) {
$datekey = date("F j");
$rcode = hexdec(md5($_SERVER['HTTP_USER_AGENT'] . $sitekey . $random_num . $datekey));
$code = substr($rcode, 2, 3);
if (extension_loaded("gd") and $code != $gfx_check and $gfx_chk != 0) {
mt_srand((double) microtime() * 1000000);
$maxran = 1000000;
$random_num = mt_rand(0, $maxran);
include "header.php";
title("{$sitename}: " . _ARTICLERATING . "");
OpenTable();
$row = $db->sql_fetchrow($db->sql_query("SELECT title FROM " . $prefix . "_stories WHERE sid='{$sid}'"));
$row['title'] = filter($row['title'], "nohtml");
echo "<center><a href=\"modules.php?name={$module_name}&file=article&sid={$sid}{$r_options}\"><b>" . $row['title'] . "</b></a><br>" . _ARTICLERATING . ": <img src=\"images/articles/stars-{$score}.gif\" border=\"0\" alt=\"{$score}/5\" title=\"{$score}/5\"> ({$score}/5)<br><br>";
echo "" . _TOFINISHRATINGERROR . "<br><br>";
echo "<form action=\"modules.php?name={$module_name}\" method=\"post\">";
echo "" . _SECURITYCODE . ":<br><img src='?gfx=gfx_little&random_num={$random_num}' border='1' alt='" . _SECURITYCODE . "' title='" . _SECURITYCODE . "'><br><br>\n";
echo "" . _TYPESECCODE . ":<br><input type=\"text\" NAME=\"gfx_check\" SIZE=\"3\" MAXLENGTH=\"3\"><br>\n";
echo "<input type=\"hidden\" name=\"random_num\" value=\"{$random_num}\"><br>\n";
echo "<input type=\"hidden\" name=\"score\" value=\"{$score}\"><br>\n";
echo "<input type=\"hidden\" name=\"sid\" value=\"{$sid}\">\n";
echo "<input type=\"hidden\" name=\"op\" value=\"rate_article\">";
echo "<input type=\"submit\" value=\"" . _CASTMYVOTE . "\"></font></center></form>";
CloseTable();
include "footer.php";
fdie();
} else {
$score = intval($score);
$sid = intval($sid);
if ($score) {
if ($score > 5) {
$score = 5;
}
if ($score < 1) {
$score = 1;
}
if ($score != 1 and $score != 2 and $score != 3 and $score != 4 and $score != 5) {
Header("Location: index.php");
fdie();
}
$ip = $_SERVER['REMOTE_ADDR'];
$num = $db->sql_numrows($db->sql_query("SELECT * FROM " . $prefix . "_stories WHERE sid='{$sid}' AND rating_ip='{$ip}'"));
if ($num != 0) {
Header("Location: modules.php?name=News&op=rate_complete&sid={$sid}&rated=1");
fdie();
}
if (isset($ratecookie)) {
$rcookie = base64_decode($ratecookie);
$rcookie = addslashes($rcookie);
$r_cookie = explode(":", $rcookie);
}
for ($i = 0; $i < sizeof($r_cookie); $i++) {
if ($r_cookie[$i] == $sid) {
$a = 1;
}
}
if ($a == 1) {
Header("Location: modules.php?name=News&op=rate_complete&sid={$sid}&rated=1");
fdie();
} else {
$ip = $_SERVER['REMOTE_ADDR'];
$result = $db->sql_query("update " . $prefix . "_stories set score=score+{$score}, ratings=ratings+1, rating_ip='{$ip}' where sid='{$sid}'");
$info = base64_encode("{$rcookie}{$sid}:");
setcookie("ratecookie", "{$info}", time() + 86400);
update_points(7);
Header("Location: modules.php?name=News&op=rate_complete&sid={$sid}&score={$score}");
}
} else {
include "header.php";
title("{$sitename}: " . _ARTICLERATING . "");
OpenTable();
echo "<center>" . _DIDNTRATE . "<br><br>" . "" . _GOBACK . "</center>";
CloseTable();
include "footer.php";
}
}
} else {
mt_srand((double) microtime() * 1000000);
$maxran = 1000000;
$random_num = mt_rand(0, $maxran);
if (extension_loaded("gd") and $gfx_chk != 0) {
include "header.php";
title("{$sitename}: " . _ARTICLERATING . "");
OpenTable();
$row = $db->sql_fetchrow($db->sql_query("SELECT title FROM " . $prefix . "_stories WHERE sid='{$sid}'"));
echo "<center><a href=\"modules.php?name={$module_name}&file=article&sid={$sid}{$r_options}\"><b>" . $row['title'] . "</b></a><br>" . _ARTICLERATING . ": <img src=\"images/articles/stars-{$score}.gif\" border=\"0\" alt=\"{$score}/5\" title=\"{$score}/5\"> ({$score}/5)<br><br>";
echo "" . _TOFINISHRATING . "<br><br>";
echo "<form action=\"modules.php?name={$module_name}\" method=\"post\">";
echo "" . _SECURITYCODE . ":<br><img src='?gfx=gfx_little&random_num={$random_num}' border='1' alt='" . _SECURITYCODE . "' title='" . _SECURITYCODE . "'><br><br>\n";
echo "" . _TYPESECCODE . ":<br><input type=\"text\" NAME=\"gfx_check\" SIZE=\"3\" MAXLENGTH=\"3\"><br>\n";
echo "<input type=\"hidden\" name=\"random_num\" value=\"{$random_num}\"><br>\n";
echo "<input type=\"hidden\" name=\"score\" value=\"{$score}\"><br>\n";
echo "<input type=\"hidden\" name=\"sid\" value=\"{$sid}\">\n";
echo "<input type=\"hidden\" name=\"op\" value=\"rate_article\">";
echo "<input type=\"submit\" value=\"" . _CASTMYVOTE . "\"></font></center></form>";
CloseTable();
include "footer.php";
} else {
$random_num = "{$random_num}";
$gfx_check = "{$code}";
Header("Location: modules.php?name={$module_name}&op=rate_article&sid={$sid}&score={$score}&random_num={$random_num}");
}
}
}
/* http://phpnuke.org */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/************************************************************************/
require_once "mainfile.php";
global $prefix, $db, $admin_file;
if (isset($op) and $op == "ad_click" and isset($bid)) {
$bid = intval($bid);
$sql = "SELECT clickurl FROM " . $prefix . "_banner WHERE bid='{$bid}'";
$result = $db->sql_query($sql);
list($clickurl) = $result->fetch_row();
$clickurl = filter($clickurl, "nohtml");
$db->sql_query("UPDATE " . $prefix . "_banner SET clicks=clicks+1 WHERE bid='{$bid}'");
update_points(21);
Header("Location: " . htmlentities($clickurl));
die;
}
$modpath = '';
define('MODULE_FILE', true);
$_SERVER['PHP_SELF'] = "modules.php";
$row = $db->sql_fetchrow($db->sql_query("SELECT main_module from " . $prefix . "_main"));
$name = $row['main_module'];
define('HOME_FILE', true);
if (isset($url) and is_admin($admin)) {
$url = urldecode($url);
echo "<meta http-equiv=\"refresh\" content=\"0; url={$url}\">";
die;
}
if ($httpref == 1) {
function CreateTopic($xanonpost, $subject, $comment, $pid, $pollID, $host_name, $mode, $order, $thold, $posttype)
{
global $user, $userinfo, $EditedMessage, $cookie, $prefix, $pollcomm, $anonpost, $db, $module_name;
$author = FixQuotes($author);
$subject = FixQuotes(filter_text($subject, "nohtml"));
$comment = format_url($comment);
if ($posttype == "exttrans") {
$comment = FixQuotes(nl2br(htmlspecialchars(check_words($comment))));
} elseif ($posttype == "plaintext") {
$comment = FixQuotes(nl2br(filter_text($comment)));
} else {
$comment = FixQuotes(filter_text($comment));
}
if (is_user($user)) {
getusrinfo($user);
}
if (is_user($user) && !$xanonpost) {
getusrinfo($user);
$name = $userinfo[username];
$email = $userinfo[femail];
$url = $userinfo[user_website];
$score = 1;
} else {
$name = "";
$email = "";
$url = "";
$score = 0;
}
$ip = $_SERVER["REMOTE_HOST"];
if (empty($ip)) {
$ip = $_SERVER["REMOTE_ADDR"];
}
$pollID = intval($pollID);
$result = $db->sql_query("select count(*) from " . $prefix . "_poll_desc where pollID='{$pollID}'");
$fake = $db->sql_numrows($result);
if ($fake == 1) {
if ($anonpost == 0 and is_user($user) or $anonpost == 1) {
$db->sql_query("insert into " . $prefix . "_pollcomments values (NULL, '{$pid}', '{$pollID}', now(), '{$name}', '{$email}', '{$url}', '{$ip}', '{$subject}', '{$comment}', '{$score}', '0')");
update_points(9);
} else {
echo "Nice try...";
die;
}
} else {
include "header.php";
echo "According to my records, the topic you are trying " . "to reply to does not exist. If you're just trying to be " . "annoying, well then too bad.";
include "footer.php";
die;
}
if ($pollcomm == 1) {
if (isset($cookie[4])) {
$options .= "&mode={$cookie['4']}";
} else {
$options .= "&mode=thread";
}
if (isset($cookie[5])) {
$options .= "&order={$cookie['5']}";
} else {
$options .= "&order=0";
}
if (isset($cookie[6])) {
$options .= "&thold={$cookie['6']}";
} else {
$options .= "&thold=0";
}
} else {
$options = "";
}
Header("Location: modules.php?name={$module_name}&op=results&pollID={$pollID}{$options}");
}
function addrating($ratinglid, $ratinguser, $rating, $ratinghost_name, $ratingcomments)
{
global $prefix, $db, $cookie, $user, $module_name;
$passtest = "yes";
include "header.php";
include "modules/{$module_name}/l_config.php";
$ratinglid = intval($ratinglid);
completevoteheader();
if (is_user($user)) {
$user2 = base64_decode($user);
$user2 = addslashes($user2);
$cookie = explode(":", $user2);
cookiedecode($user);
$ratinguser = $cookie[1];
} else {
if ($ratinguser == "outside") {
$ratinguser = "******";
} else {
$ratinguser = "******";
}
}
$result = $db->sql_query("SELECT title FROM " . $prefix . "_links_links WHERE lid='{$ratinglid}'");
while ($row = $db->sql_fetchrow($result)) {
$title = stripslashes(check_html($row['title'], "nohtml"));
$ttitle = $title;
/* Make sure only 1 anonymous from an IP in a single day. */
$ip = $_SERVER["REMOTE_HOST"];
if (empty($ip)) {
$ip = $_SERVER["REMOTE_ADDR"];
}
/* Check if Rating is Null */
if ($rating == "--") {
$error = "nullerror";
completevote($error);
$passtest = "no";
}
/* Check if Link POSTER is voting (UNLESS Anonymous users allowed to post) */
if ($ratinguser != $anonymous && $ratinguser != "outside") {
$result2 = $db->sql_query("SELECT submitter from " . $prefix . "_links_links where lid='{$ratinglid}'");
while ($row2 = $db->sql_fetchrow($result2)) {
$ratinguserDB = $row2['submitter'];
if ($ratinguserDB == $ratinguser) {
$error = "postervote";
completevote($error);
$passtest = "no";
}
}
}
/* Check if REG user is trying to vote twice. */
if ($ratinguser != $anonymous && $ratinguser != "outside") {
$result3 = $db->sql_query("SELECT ratinguser from " . $prefix . "_links_votedata where ratinglid='{$ratinglid}'");
while ($row3 = $db->sql_fetchrow($result3)) {
$ratinguserDB = $row3['ratinguser'];
if ($ratinguserDB == $ratinguser) {
$error = "regflood";
completevote($error);
$passtest = "no";
}
}
}
/* Check if ANONYMOUS user is trying to vote more than once per day. */
if ($ratinguser == $anonymous) {
$yesterdaytimestamp = time() - 86400 * $anonwaitdays;
$ytsDB = Date("Y-m-d H:i:s", $yesterdaytimestamp);
$result4 = $db->sql_query("SELECT * FROM " . $prefix . "_links_votedata WHERE ratinglid='{$ratinglid}' AND ratinguser='******' AND ratinghostname = '{$ip}' AND TO_DAYS(NOW()) - TO_DAYS(ratingtimestamp) < '{$anonwaitdays}'");
$anonvotecount = $db->sql_numrows($result4);
if ($anonvotecount >= 1) {
$error = "anonflood";
completevote($error);
$passtest = "no";
}
}
/* Check if OUTSIDE user is trying to vote more than once per day. */
if ($ratinguser == "outside") {
$yesterdaytimestamp = time() - 86400 * $outsidewaitdays;
$ytsDB = Date("Y-m-d H:i:s", $yesterdaytimestamp);
$result5 = $db->sql_query("SELECT * FROM " . $prefix . "_links_votedata WHERE ratinglid='{$ratinglid}' AND ratinguser='******' AND ratinghostname = '{$ip}' AND TO_DAYS(NOW()) - TO_DAYS(ratingtimestamp) < '{$outsidewaitdays}'");
$outsidevotecount = $db->sql_numrows($result5);
if ($outsidevotecount >= 1) {
$error = "outsideflood";
completevote($error);
$passtest = "no";
}
}
/* Passed Tests */
if ($passtest == "yes") {
$comment = stripslashes($comment);
if ($comment != "") {
update_points(16);
}
update_points(15);
/* All is well. Add to Line Item Rate to DB. */
$ratinglid = intval($ratinglid);
$rating = intval($rating);
$db->sql_query("INSERT into " . $prefix . "_links_votedata values (NULL,'{$ratinglid}', '{$ratinguser}', '{$rating}', '{$ip}', '{$ratingcomments}', now())");
/* All is well. Calculate Score & Add to Summary (for quick retrieval & sorting) to DB. */
/* NOTE: If weight is modified, ALL links need to be refreshed with new weight. */
/* Running a SQL statement with your modded calc for ALL links will accomplish this. */
$voteresult = $db->sql_query("SELECT rating, ratinguser, ratingcomments FROM " . $prefix . "_links_votedata WHERE ratinglid = '{$ratinglid}'");
$totalvotesDB = $db->sql_numrows($voteresult);
include "modules/{$module_name}/voteinclude.php";
$lid = intval($lid);
$db->sql_query("UPDATE " . $prefix . "_links_links SET linkratingsummary='{$finalrating}',totalvotes='{$totalvotesDB}',totalcomments='{$truecomments}' WHERE lid = '{$ratinglid}'");
$error = "none";
completevote($error);
}
}
completevotefooter($ratinglid, $ttitle, $ratinguser);
include "footer.php";
}
function CreateTopic($xanonpost, $subject, $comment, $pid, $pollID, $host_name, $mode, $order, $thold)
{
global $userinfo, $user, $userinfo, $EditedMessage, $cookie, $prefix, $pollcomm, $anonpost, $db, $module_name, $user_prefix;
if (!isset($mode) or empty($mode)) {
if (isset($userinfo['umode'])) {
$mode = $userinfo['umode'];
} else {
$mode = "thread";
}
}
if (!isset($order) or empty($order)) {
if (isset($userinfo['uorder'])) {
$order = $userinfo['uorder'];
} else {
$order = 0;
}
}
if (!isset($thold) or empty($thold)) {
if (isset($userinfo['thold'])) {
$thold = $userinfo['thold'];
} else {
$thold = 0;
}
}
$pollID = intval($pollID);
$pid = intval($pid);
$author = filter($author, "nohtml", 1);
$subject = filter($subject, "nohtml", 1);
$comment = format_url($comment);
$comment = filter($comment, "", 1);
if (is_user($user) && !$xanonpost) {
$name = $userinfo['username'];
$email = $userinfo['femail'];
$url = $userinfo['user_website'];
$score = 1;
} else {
$name = "";
$email = "";
$url = "";
$score = 0;
}
if (!isset($ip)) {
$ip = $_SERVER['REMOTE_ADDR'];
}
$pollID = intval($pollID);
$result = $db->sql_query("select count(*) from " . $prefix . "_poll_desc where pollID='{$pollID}'");
$fake = $db->sql_numrows($result);
if ($fake == 1) {
if ($anonpost == 0 and is_user($user) or $anonpost == 1) {
if (is_user($user)) {
$krow = $db->sql_fetchrow($db->sql_query("SELECT karma FROM " . $user_prefix . "_users WHERE username='******'"));
$koptions = "&mode=" . $mode . "&order=" . $order . "&thold=" . $thold;
if ($krow['karma'] == 2) {
$db->sql_query("INSERT INTO " . $prefix . "_pollcomments_moderated VALUES (NULL, '{$pid}', '{$pollID}', now(), '{$name}', '{$email}', '{$url}', '{$ip}', '{$subject}', '{$comment}', '{$score}', '0', '0')");
include_once "header.php";
title("" . _MODERATEDTITLE . "");
OpenTable();
echo "<center>" . _COMMENTMODERATED . "";
echo "<br><br><a href=\"modules.php?name={$module_name}&op=results&pollID={$pollID}{$koptions}\">" . _MODERATEDTITLE . "</a>";
CloseTable();
include_once "footer.php";
die;
} elseif ($krow['karma'] == 3) {
Header("Location: modules.php?name={$module_name}&op=results&pollID={$pollID}{$koptions}");
die;
}
}
$db->sql_query("insert into " . $prefix . "_pollcomments values (NULL, '{$pid}', '{$pollID}', now(), '{$name}', '{$email}', '{$url}', '{$ip}', '{$subject}', '{$comment}', '{$score}', '0', '0')");
$db->sql_query("UPDATE " . $prefix . "_poll_desc SET comments=comments+1 WHERE pollID='{$pollID}'");
update_points(9);
} else {
die("Nice try...");
}
} else {
include_once "header.php";
echo "According to my records, the topic you are trying " . "to reply to does not exist. If you're just trying to be " . "annoying, well then too bad.";
include_once "footer.php";
die;
}
if ($pollcomm == 1) {
$options = "&mode=" . $mode . "&order=" . $order . "&thold=" . $thold;
Header("Location: modules.php?name={$module_name}&op=results&pollID={$pollID}{$options}");
}
}
function user_notification($mode, &$post_data, &$topic_title, &$forum_id, &$topic_id, &$post_id, &$notify_user)
{
global $board_config, $lang, $db, $phpbb_root_path, $phpEx;
global $userdata, $user_ip;
$current_time = time();
if ($mode == 'delete') {
$delete_sql = !$post_data['first_post'] && !$post_data['last_post'] ? " AND user_id = " . $userdata['user_id'] : '';
$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id = '{$topic_id}'" . $delete_sql;
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not change topic notify data', '', __LINE__, __FILE__, $sql);
}
} else {
if ($mode == 'reply') {
update_points(11);
$sql = "SELECT ban_userid\r\n FROM " . BANLIST_TABLE;
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not obtain banlist', '', __LINE__, __FILE__, $sql);
}
$user_id_sql = '';
while ($row = $db->sql_fetchrow($result)) {
if (isset($row['ban_userid']) && !empty($row['ban_userid'])) {
$user_id_sql .= ', ' . $row['ban_userid'];
}
}
$sql = "SELECT u.user_id, u.user_email, u.user_lang\r\n FROM " . TOPICS_WATCH_TABLE . " tw, " . USERS_TABLE . " u\r\n WHERE tw.topic_id = '{$topic_id}'\r\n AND tw.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . ")\r\n AND tw.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . "\r\n AND u.user_id = tw.user_id";
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not obtain list of topic watchers', '', __LINE__, __FILE__, $sql);
}
$update_watched_sql = '';
$bcc_list_ary = array();
if ($row = $db->sql_fetchrow($result)) {
// Sixty second limit
@set_time_limit(60);
do {
if ($row['user_email'] != '') {
$bcc_list_ary[$row['user_lang']][] = $row['user_email'];
}
$update_watched_sql .= $update_watched_sql != '' ? ', ' . $row['user_id'] : $row['user_id'];
} while ($row = $db->sql_fetchrow($result));
//
// Let's do some checking to make sure that mass mail functions
// are working in win32 versions of php.
//
if (preg_match('/[c-z]:\\\\.*/i', getenv('PATH')) && !$board_config['smtp_delivery']) {
$ini_val = @phpversion() >= '4.0.0' ? 'ini_get' : 'get_cfg_var';
// We are running on windows, force delivery to use our smtp functions
// since php's are broken by default
$board_config['smtp_delivery'] = 1;
$board_config['smtp_host'] = @$ini_val('SMTP');
}
if (sizeof($bcc_list_ary)) {
include "includes/emailer.php";
$emailer = new emailer($board_config['smtp_delivery']);
$script_name = preg_replace('/^\\/?(.*?)\\/?$/', '\\1', trim($board_config['script_path']));
$script_name = 'modules.php?name=Forums&file=viewtopic';
$server_name = trim($board_config['server_name']);
$server_protocol = $board_config['cookie_secure'] ? 'https://' : 'http://';
$server_port = $board_config['server_port'] != 80 ? ':' . trim($board_config['server_port']) . '/' : '/';
$orig_word = array();
$replacement_word = array();
obtain_word_list($orig_word, $replacement_word);
$emailer->from($board_config['board_email']);
$emailer->replyto($board_config['board_email']);
$topic_title = count($orig_word) ? preg_replace($orig_word, $replacement_word, unprepare_message($topic_title)) : unprepare_message($topic_title);
@reset($bcc_list_ary);
while (list($user_lang, $bcc_list) = each($bcc_list_ary)) {
$emailer->use_template('topic_notify', $user_lang);
for ($i = 0; $i < count($bcc_list); $i++) {
$emailer->bcc($bcc_list[$i]);
}
// The Topic_reply_notification lang string below will be used
// if for some reason the mail template subject cannot be read
// ... note it will not necessarily be in the posters own language!
$emailer->set_subject($lang['Topic_reply_notification']);
// This is a nasty kludge to remove the username var ... till (if?)
// translators update their templates
$emailer->msg = preg_replace('#[ ]?{USERNAME}#', '', $emailer->msg);
$emailer->assign_vars(array('EMAIL_SIG' => !empty($board_config['board_email_sig']) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 'SITENAME' => $board_config['sitename'], 'TOPIC_TITLE' => $topic_title, 'U_TOPIC' => $server_protocol . $server_name . $server_port . $script_name . '&' . POST_POST_URL . "={$post_id}#{$post_id}", 'U_STOP_WATCHING_TOPIC' => $server_protocol . $server_name . $server_port . $script_name . '&' . POST_TOPIC_URL . "={$topic_id}&unwatch=topic"));
$emailer->send();
$emailer->reset();
}
}
}
$db->sql_freeresult($result);
if ($update_watched_sql != '') {
$sql = "UPDATE " . TOPICS_WATCH_TABLE . "\r\n SET notify_status = " . TOPIC_WATCH_NOTIFIED . "\r\n WHERE topic_id = '{$topic_id}'\r\n AND user_id IN ({$update_watched_sql})";
$db->sql_query($sql);
}
}
$sql = "SELECT topic_id\r\n FROM " . TOPICS_WATCH_TABLE . "\r\n WHERE topic_id = '{$topic_id}'\r\n AND user_id = " . $userdata['user_id'];
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not obtain topic watch information', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
if (!$notify_user && !empty($row['topic_id'])) {
$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "\r\n WHERE topic_id = '{$topic_id}'\r\n AND user_id = " . $userdata['user_id'];
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not delete topic watch information', '', __LINE__, __FILE__, $sql);
}
} else {
if ($notify_user && empty($row['topic_id'])) {
$sql = "INSERT INTO " . TOPICS_WATCH_TABLE . " (user_id, topic_id, notify_status)\r\n VALUES (" . $userdata['user_id'] . ", '{$topic_id}', '0')";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not insert topic watch information', '', __LINE__, __FILE__, $sql);
}
}
}
}
}
function savecomment($xanonpost, $uname, $id, $score, $comments)
{
global $anonymous, $user, $cookie, $prefix, $db, $module_name;
if ($xanonpost) {
$uname = $anonymous;
}
$comments = stripslashes(FixQuotes(check_html($comments)));
$id = intval($id);
$score = intval($score);
$db->sql_query("insert into " . $prefix . "_reviews_comments values (NULL, '{$id}', '{$uname}', now(), '{$comments}', '{$score}')");
update_points(12);
Header("Location: modules.php?name={$module_name}&rop=showcontent&id={$id}");
}