function actionLink($action, $id = "", $args = "", $urlname = "")
{
global $boardroot, $mainPage;
if ($boardroot == "") {
$boardroot = "./";
}
$bucket = "linkMangler";
include 'lib/pluginloader.php';
$res = "";
if ($action != $mainPage) {
$res .= "&page={$action}";
}
if ($id != "") {
$res .= "&id=" . urlencode($id);
}
if ($args) {
$res .= "&{$args}";
}
if (strpos($res, "&")) {
debug_print_backtrace();
Kill("Found & in link");
}
if ($res == "") {
return $boardroot;
} else {
return $boardroot . "?" . substr($res, 1);
}
}
function AssertForbidden($to, $specifically = 0)
{
global $loguser, $forbidden;
if (!isset($forbidden)) {
$forbidden = explode(" ", $loguser['forbiddens']);
}
$caught = 0;
if (in_array($to, $forbidden)) {
$caught = 1;
} else {
$specific = $to . "[" . $specifically . "]";
if (in_array($specific, $forbidden)) {
$caught = 2;
}
}
if ($caught) {
$not = __("You are not allowed to {0}.");
$messages = array("addRanks" => __("add new ranks"), "blockLayouts" => __("block layouts"), "deleteComments" => __("delete usercomments"), "editCats" => __("edit the forum categories"), "editForum" => __("edit the forum list"), "editIPBans" => __("edit the IP ban list"), "editMods" => __("edit Local Moderator assignments"), "editMoods" => __("edit your mood avatars"), "editPoRA" => __("edit the PoRA box"), "editPost" => __("edit posts"), "editProfile" => __("edit your profile"), "editSettings" => __("edit the board settings"), "editSmilies" => __("edit the smiley list"), "editThread" => __("edit threads"), "editUser" => __("edit users"), "haveCookie" => __("have a cookie"), "listPosts" => __("see all posts by a given user"), "makeComments" => __("post usercomments"), "makeReply" => __("reply to threads"), "makeThread" => __("start new threads"), "optimize" => __("optimize the tables"), "purgeRevs" => __("purge old revisions"), "recalculate" => __("recalculate the board counters"), "search" => __("use the search function"), "sendPM" => __("send private messages"), "snoopPM" => __("view other users' private messages"), "useUploader" => __("upload files"), "viewAdminRoom" => __("see the admin room"), "viewAvatars" => __("see the avatar library"), "viewCalendar" => __("see the calendar"), "viewForum" => __("view fora"), "viewLKB" => __("see the Last Known Browser table"), "viewMembers" => __("see the memberlist"), "viewOnline" => __("see who's online"), "viewPM" => __("view private messages"), "viewProfile" => __("view user profiles"), "viewRanks" => __("see the rank lists"), "viewRecords" => __("see the top scores and DB usage"), "viewThread" => __("read threads"), "viewUploader" => __("see the uploader"), "vote" => __("vote"));
$messages2 = array("viewForum" => __("see this forum"), "viewThread" => __("read this thread"), "makeReply" => __("reply in this thread"), "editUser" => __("edit this user"));
$bucket = "forbiddens";
include "./lib/pluginloader.php";
if ($caught == 2 && array_key_exists($to, $messages2)) {
Kill(format($not, $messages2[$to]), __("Permission denied."));
}
Kill(format($not, $messages[$to]), __("Permission denied."));
}
}
function actionLink($action, $id = "", $args = "", $urlname = "")
{
global $boardroot, $mainPage, $urlNameCache;
if ($urlname == "_") {
$urlname = "";
} else {
if (isset($urlNameCache[$action . "_" . $id]) && $urlname == "") {
$urlname = $urlNameCache[$action . "_" . $id];
}
}
$bucket = "linkMangler";
include 'lib/pluginloader.php';
$res = $boardroot;
if ($action != $mainPage) {
$res .= "{$action}/";
}
if ($id != "") {
$res .= $id;
if ($urlname) {
$res .= "-" . urlNamify($urlname);
}
$res .= "/";
}
if ($args) {
$res .= "?{$args}";
}
if (strpos($res, "&")) {
debug_print_backtrace();
Kill("Found & in link");
}
return $res;
//Possible URL Rewriting :D
// return "$boardroot/$action/$id?$args";
}
MakeCrumbs(array("Main" => "./", "Private messages" => "private.php", $pmtitle => ""), $links);
$pm['num'] = "preview";
$pm['posts'] = $user['posts'];
$pm['id'] = "???";
$pm['uid'] = $user['id'];
$copies = explode(",", "title,name,displayname,picture,sex,powerlevel,avatar,postheader,signature,signsep,regdate,lastactivity,lastposttime");
foreach ($copies as $toCopy) {
$pm[$toCopy] = $user[$toCopy];
}
if ($draftEditor) {
write("\n\t<script type=\"text/javascript\">\n\t\t\twindow.addEventListener(\"load\", hookUpControls, false);\n\t</script>\n");
$qUser = "******" . $pm['userto'];
$rUser = Query($qUser);
if (!NumRows($rUser)) {
if ($_POST['action'] == __("Send")) {
Kill(__("Unknown user."));
}
}
$user = Fetch($rUser);
if ($_POST['action'] == __("Preview")) {
$pm['text'] = $_POST['text'];
$pmtitle = $_POST['title'];
}
if ($_POST['action'] == __("Discard Draft")) {
Query("delete from pmsgs where id = " . $pmid);
Query("delete from pmsgs_text where pid = " . $pmid);
Redirect(__("PM draft discarded."), "private.php", __("your PM box"));
exit;
}
if (substr($pm['text'], 0, 17) == "<!-- ###MULTIREP:") {
$to = substr($pm['text'], 17, strpos($pm['text'], "### -->") - 18);
function getCategory($cat)
{
if (!is_numeric($cat)) {
Kill('Invalid category');
}
if ($cat >= 0) {
$rCategory = Query("select * from {uploader_categories} where id={0}", $cat);
if (NumRows($rCategory) == 0) {
Kill("Invalid category");
}
$rcat = Fetch($rCategory);
} else {
if ($cat == -1) {
$rcat = array("id" => -1, "name" => "Private files");
} else {
if ($cat == -2) {
$rcat = array("id" => -2, "name" => "All private files");
} else {
Kill('Invalid category');
}
}
}
return $rcat;
}
<?php
if (!$loguser['root']) {
Kill(__("You're not an administrator. There is nothing for you here."));
}
MakeCrumbs(array(actionLink("admin") => __("Admin"), actionLink("optimize") => __("Optimize tables")));
$rStats = Query("show table status");
while ($stat = Fetch($rStats)) {
$tables[$stat['Name']] = $stat;
}
$tablelist = "";
$total = 0;
foreach ($tables as $table) {
$cellClass = ($cellClass + 1) % 2;
$overhead = $table['Data_free'];
$total += $overhead;
$status = __("OK");
if ($overhead > 0) {
Query("OPTIMIZE TABLE `{" . $table['Name'] . "}`");
$status = "<strong>" . __("Optimized") . "</strong>";
}
$tablelist .= format("\n\t<tr class=\"cell{0}\">\n\t\t<td class=\"cell2\">{1}</td>\n\t\t<td>\n\t\t\t{2}\n\t\t</td>\n\t\t<td>\n\t\t\t{3}\n\t\t</td>\n\t\t<td>\n\t\t\t{4}\n\t\t</td>\n\t</tr>\n", $cellClass, $table['Name'], $table['Rows'], $overhead, $status);
}
write("\n<table class=\"outline margin\">\n\t<tr class=\"header0\">\n\t\t<th colspan=\"7\">\n\t\t\t" . __("Table Status") . "\n\t\t</th>\n\t</tr>\n\t<tr class=\"header1\">\n\t\t<th>\n\t\t\t" . __("Name") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Rows") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Overhead") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Final Status") . "\n\t\t</th>\n\t</tr>\n\t{0}\n\t<tr class=\"header0\">\n\t\t<th colspan=\"7\" style=\"font-size: 130%;\">\n\t\t\t" . __("Excess trimmed: {1} bytes") . "\n\t\t</th>\n\t</tr>\n</table>\n\n", $tablelist, $total);
$filename = $_FILES['file']['name'];
$tmpfile = $_FILES['file']['tmp_name'];
if (!file_exists($tmpfile)) {
Kill("File upload failed.");
}
$ext = substr($filename, strlen($filename) - 3);
$allowed_ext = array('zip', 'rar');
if (!in_array($ext, $allowed_ext)) {
Kill("Invalid filetype.");
}
$file = fopen($tmpfile, 'rb');
$tag = fread($file, 4);
fclose($file);
$allowed_tag = array("PK", "Rar!");
if (!in_array($tag, $allowed_tag)) {
Kill("Invalid filetype.");
}
copy($tmpfile, 'downloads/' . $filename);
$thedl = array('file' => 'downloads/' . $filename, 'name' => $_POST['name'], 'desc' => $_POST['desc']);
$downloads = array_merge(array($thedl), $downloads);
file_put_contents('downloads/listing.dat', serialize($downloads));
Alert("Upload successful.", "Notice");
}
$c = 0;
$hl = ' highlightedPost';
foreach ($downloads as $dl) {
echo "\n\t<table class=\"outline margin width100{$hl}\">\n\t\t<tr class=\"cell{$c}\">\n\t\t\t<td>\n\t\t\t\t<span style=\"font-size: 120%; text-decoration: underline;\"><a href=\"{$dl['file']}\">" . htmlspecialchars($dl['name']) . "</a></span><br>\n\t\t\t\tFile size: " . ceil(filesize($dl['file']) / 1024) . " KB<br>\n\t\t\t\tMD5: " . md5_file($dl['file']) . "\n\t\t\t\t" . ($dl['desc'] ? '<br><br>' . nl2br(htmlspecialchars($dl['desc'])) : '') . "\n\t\t\t</td>\n\t\t</tr>\n\t</table>\n";
$c = !$c ? 1 : 0;
$hl = '';
}
if ($loguser['powerlevel'] > 2) {
}
$bb .= ']';
if ($bbcode['text'] != BB_NULL) {
$bb .= "{$examples[$bbcode['text']]}[/{$bbcode['name']}]";
}
return $bb;
}
$cell = 1;
if (isset($_GET['delete'])) {
unset($bbcodes[(int) $_GET['id']]);
Alert(__('BBCode was removed correctly'));
file_put_contents(BB_FILE, serialize($bbcodes));
}
if (isset($_POST['name'])) {
if (in_array($_POST['name'], $hardcodedbb)) {
Kill(__('This BBCode is hardcoded into board. Sorry...'));
}
$prepare = array('name' => $_POST['name'], 'value' => $_POST['value'], 'text' => $_POST['text'], 'category' => $_POST['category'], 'description' => $_POST['description'], 'html' => $_POST['html']);
if ($_GET['id']) {
$bbcodes[$_GET['id'] - 1] = $prepare;
} else {
$bbcodes[] = $prepare;
}
file_put_contents(BB_FILE, serialize($bbcodes));
}
?>
<script>
$(document).ready(function(){
function makeDisabled(){
$('#description').attr('disabled', !$('#category').val())
}
function WriteCategoryEditContents($cid)
{
global $loguser, $forumBoards;
$boardlist = '';
if ($cid != -1) {
$rCategory = Query("SELECT * FROM {categories} WHERE id={0}", $cid);
if (!NumRows($rCategory)) {
Kill("Category not found.");
}
$cat = Fetch($rCategory);
$candelete = FetchResult("SELECT COUNT(*) FROM {forums} WHERE catid={0}", $cid) == 0;
$name = htmlspecialchars($cat['name']);
$corder = $cat['corder'];
if (count($forumBoards) > 1) {
foreach ($forumBoards as $bid => $bname) {
$boardlist .= '<label><input type="radio" name="board" value="' . htmlspecialchars($bid) . '"' . ($cat['board'] == $bid ? ' checked="checked"' : '') . '> ' . htmlspecialchars($bname) . '</label>';
}
}
$boxtitle = __("Editing category ") . $name;
$fields = array('name' => '<input type="text" name="name" value="' . $name . '" size=64>', 'order' => '<input type="text" name="corder" value="' . $corder . '" size=3>', 'board' => $boardlist, 'btnSave' => '<button onclick="changeCategoryInfo(' . $cid . '); return false;">Save</button>', 'btnDelete' => '<button ' . ($candelete ? 'onclick="deleteCategory(); return false;"' : 'disabled="disabled"') . '>Delete</button>');
$delMessage = $candelete ? '' : __('Before deleting a category, remove all forums from it.');
} else {
if (count($forumBoards) > 1) {
foreach ($forumBoards as $bid => $bname) {
$boardlist .= '<label><input type="radio" name="board" value="' . htmlspecialchars($bid) . '"' . ($bid == '' ? ' checked="checked"' : '') . '> ' . htmlspecialchars($bname) . '</label>';
}
}
$boxtitle = __("New category");
$fields = array('name' => '<input type="text" name="name" value="" size=64>', 'order' => '<input type="text" name="corder" value="0" size=3>', 'board' => $boardlist, 'btnSave' => '<button onclick="addCategory(); return false;">Save</button>', 'btnDelete' => '');
$delMessage = '';
}
echo "\n\t<form method=\"post\" id=\"forumform\" action=\"" . htmlentities(actionLink("editfora")) . "\">\n\t<input type=\"hidden\" name=\"key\" value=\"" . $loguser["token"] . "\">\n\t<input type=\"hidden\" name=\"id\" value=\"{$cid}\">";
RenderTemplate('form_editcategory', array('formtitle' => $boxtitle, 'fields' => $fields, 'delMessage' => $delMessage));
echo "\n\t</form>";
}
$mod .= ", closed = 1";
} else {
if ($_POST['unlock']) {
$mod .= ", closed = 0";
}
}
if ($_POST['stick']) {
$mod .= ", sticky = 1";
} else {
if ($_POST['unstick']) {
$mod .= ", sticky = 0";
}
}
}
if ($thread['lastposter'] == $postingAs && $thread['lastpostdate'] >= time() - 86400 && $postingAsUser['powerlevel'] < 3) {
Kill(__("You can't double post until it's been at least one day."));
}
$qUsers = "update users set posts=" . ($postingAsUser['posts'] + 1) . ", lastposttime=" . time() . " where id=" . $postingAs . " limit 1";
$rUsers = Query($qUsers);
//$pid = FetchResult("SELECT id+1 FROM posts WHERE (SELECT COUNT(*) FROM posts p2 WHERE p2.id=posts.id+1)=0 ORDER BY id ASC LIMIT 1");
//if($pid < 1) $pid = 1;
$qPosts = "insert into posts (thread, user, date, ip, num, options, mood) values (" . $tid . "," . $postingAs . "," . time() . ",'" . $_SERVER['REMOTE_ADDR'] . "'," . ($postingAsUser['posts'] + 1) . ", " . $options . ", " . (int) $_POST['mood'] . ")";
$rPosts = Query($qPosts);
$pid = mysql_insert_id();
$qPostsText = "insert into posts_text (pid,text) values (" . $pid . ",'" . $post . "')";
$rPostsText = Query($qPostsText);
$qFora = "update forums set numposts=" . ($forum['numposts'] + 1) . ", lastpostdate=" . time() . ", lastpostuser="******", lastpostid=" . $pid . " where id=" . $fid . " limit 1";
$rFora = Query($qFora);
$qThreads = "update threads set lastposter=" . $postingAs . ", lastpostdate=" . time() . ", replies=" . ($thread['replies'] + 1) . ", lastpostid=" . $pid . $mod . " where id=" . $tid . " limit 1";
$rThreads = Query($qThreads);
Report("New reply by [b]" . $postingAsUser['name'] . "[/] in [b]" . $thread['title'] . "[/] (" . $forum['title'] . ") -> [g]#HERE#?pid=" . $pid, $isHidden);
$newVal = $pm['deleted'] | $val;
if ($newVal == 3) {
Query("delete from {pmsgs} where id = {0}", $pid);
Query("delete from {pmsgs_text} where pid = {0}", $pid);
} else {
Query("update {pmsgs} set deleted = {0} where id = {1}", $newVal, $pid);
}
$deleted++;
}
}
Alert(format(__("{0} deleted."), Plural($deleted, __("private message"))));
}
}
if (isset($_GET['del'])) {
if ($_GET['token'] !== $loguser['token']) {
Kill('No.');
}
$pid = (int) $_GET['del'];
$rPM = Query("select * from {pmsgs} where id = {0} and (userto = {1} or userfrom = {1})", $pid, $loguserid);
if (NumRows($rPM)) {
$pm = Fetch($rPM);
$val = $pm['userto'] == $loguserid ? 2 : 1;
$newVal = $pm['deleted'] | $val;
if ($newVal == 3) {
Query("delete from {pmsgs} where id = {0}", $pid);
Query("delete from {pmsgs_text} where pid = {0}", $pid);
} else {
Query("update {pmsgs} set deleted = {0} where id = {1}", $newVal, $pid);
}
Alert(__("Private message deleted."));
}
} else {
if (isset($_GET['tid']) && isset($_GET['time'])) {
$rPost = Query("select id,date,thread from {posts} where thread={0} AND date>{1} ORDER BY date LIMIT 1", $_GET['tid'], $_GET['time']);
} else {
Kill('blarg');
}
}
if (NumRows($rPost)) {
$post = Fetch($rPost);
} else {
Kill(__("Unknown post ID."));
}
$pid = $post['id'];
$tid = $post['thread'];
$rThread = Query("select id,title,forum from {threads} where id={0}", $tid);
if (NumRows($rThread)) {
$thread = Fetch($rThread);
} else {
Kill(__("Unknown thread ID."));
}
$tags = ParseThreadTags($thread['title']);
$ppp = $loguser['postsperpage'];
if (!$ppp) {
$ppp = 20;
}
$from = floor(FetchResult("SELECT COUNT(*) FROM {posts} WHERE thread={1} AND date<={2} AND id!={0}", $pid, $tid, $post['date']) / $ppp) * $ppp;
$url = actionLink("thread", $thread['id'], $from ? "from={$from}" : "", HasPermission('forum.viewforum', $thread['forum'], true) ? $tags[0] : '') . "#post" . $pid;
header("HTTP/1.1 301 Moved Permanently");
header("Status: 301 Moved Permanently");
header("Location: " . $url);
die;
if ($_GET['action'] == "markasread") {
Query("\tREPLACE INTO \n\t\t\t\t{threadsread} (id,thread,date) \n\t\t\tSELECT \n\t\t\t\t{0}, t.id, {1} \n\t\t\tFROM \n\t\t\t\t{threads} t\n\t\t\t\tINNER JOIN {favorites} fav ON fav.user={0} AND fav.thread=t.id", $loguserid, time());
die(header("Location: " . actionLink("board")));
} else {
if ($_GET['action'] == 'add' || $_GET['action'] == 'remove') {
if ($_GET['token'] !== $loguser['token']) {
Kill(__('No.'));
}
$tid = (int) $_GET['id'];
$thread = Query("SELECT t.forum FROM {threads} t WHERE t.id={0}", $tid);
if (!NumRows($thread)) {
Kill(__("Invalid thread ID."));
}
$thread = Fetch($thread);
if (!HasPermission('forum.viewforum', $thread['forum'])) {
Kill(__("Nice try, hacker kid, but no."));
}
if ($_GET['action'] == 'add') {
Query("INSERT IGNORE INTO {favorites} (user,thread) VALUES ({0},{1})", $loguserid, $tid);
} else {
Query("DELETE FROM {favorites} WHERE user={0} AND thread={1}", $loguserid, $tid);
}
die(header('Location: ' . $_SERVER['HTTP_REFERER']));
}
}
$title = 'Favorites';
$links = array(actionLinkTag(__("Mark threads read"), 'favorites', 0, 'action=markasread'));
MakeCrumbs(array(actionLink('favorites') => 'Favorites'), $links);
$viewableforums = ForumsWithPermission('forum.viewforum');
$total = FetchResult("SELECT COUNT(*) FROM {threads} t INNER JOIN {favorites} fav ON fav.user={0} AND fav.thread=t.id WHERE t.forum IN ({1c})", $loguserid, $viewableforums);
$tpp = $loguser['threadsperpage'];
<?php
$title = "Plugin Manager";
CheckPermission('admin.editsettings');
MakeCrumbs(array(actionLink("admin") => __("Admin"), actionLink("pluginmanager") => __("Plugin Manager")));
if ($_REQUEST['action'] == "enable") {
if ($_REQUEST['key'] != $loguser['token']) {
Kill("No.");
}
Query("insert into {enabledplugins} values ({0})", $_REQUEST['id']);
Upgrade();
die(header("location: " . actionLink("pluginmanager")));
}
if ($_REQUEST['action'] == "disable") {
if ($_REQUEST['key'] != $loguser['token']) {
Kill("No.");
}
Query("delete from {enabledplugins} where plugin={0}", $_REQUEST['id']);
die(header("location: " . actionLink("pluginmanager")));
}
$cell = 0;
$pluginsDir = @opendir("plugins");
$enabledplugins = array();
$disabledplugins = array();
$pluginDatas = array();
if ($pluginsDir !== FALSE) {
while (($plugin = readdir($pluginsDir)) !== FALSE) {
if ($plugin == "." || $plugin == "..") {
continue;
}
if (is_dir("./plugins/" . $plugin)) {
$cat = getCategory($_POST["cat"]);
if ($cat['minpower']) {
CheckPermission('uploader.uploadrestricted');
}
$targetdir = $rootdir;
$quot = $quota;
$privateFlag = 0;
if ($_POST['cat'] == -1) {
$quot = $pQuota;
$targetdir = $rootdir . "/" . $loguserid;
$privateFlag = 1;
}
$totalsize = foldersize($targetdir);
$c = FetchResult("SELECT COUNT(*) FROM {uploader} WHERE filename={0} AND deldate=0", $_FILES['newfile']['name']);
if ($c > 0) {
Kill("The file '{$_FILES['newfile']['name']}' already exists. Please delete the old copy before uploading a new one.");
}
if ($_FILES['newfile']['size'] == 0) {
if ($_FILES['newfile']['tmp_name'] == "") {
Alert(__("No file given."));
} else {
Alert(__("File is empty."));
}
} else {
if ($_FILES['newfile']['size'] > Settings::pluginGet('uploaderMaxFileSize') * 1024 * 1024) {
Alert(format(__("File is too large. Maximum size is {0}."), BytesToSize(Settings::pluginGet('uploaderMaxFileSize') * 1024 * 1024)));
} else {
$randomid = Shake();
$pname = $randomid . '_' . Shake();
$fname = $_FILES['newfile']['name'];
$temp = $_FILES['newfile']['tmp_name'];
} else {
$user = Fetch($user);
}
//print_r($user);
if ($user['lostkeytimer'] > time() - 60 * 60) {
//wait an hour between attempts
Kill(__("To prevent abuse, this function can only be used once an hour."), __("Slow down!"));
}
$resetKey = md5($user['id'] . $user['name'] . $user['password'] . $user['email']);
$from = $mailResetFrom;
$to = $user['email'];
$subject = format(__("Password reset for {0}"), $user['name']);
$message = format(__("A password reset was requested for your user account on {0}."), $boardname) . "\n" . __("If you did not submit this request, this message can be ignored.") . "\n\n" . __("To reset your password, visit the following URL:") . "\n\n" . $_SERVER['HTTP_REFERER'] . "?id=" . $user['id'] . "&key=" . $resetKey . "\n\n" . __("This link can be used once.");
$headers = "From: " . $from . "\r\n" . "Reply-To: " . $from . "\r\n" . "X-Mailer: PHP/" . phpversion();
mail($to, $subject, wordwrap($message, 70), $headers);
//print "NORMALLY I WOULD SEND MAIL NAO:<pre>".$headers."\n\n".wordwrap($message,70)."</pre>";
Query("update users set lostkey = '" . justEscape($resetKey) . "', lostkeytimer = " . time() . " where id = " . $user['id']);
Kill(__("Check your email in a moment and follow the link found therein."), __("Reset email sent"));
} else {
write("\n\t<form action=\"lostpass.php\" method=\"post\">\n\t\t<table class=\"outline margin width50\">\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t" . __("Lost password") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"cell2\">\n\t\t\t\t\t<label for=\"un\">" . __("User name") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td class=\"cell0\">\n\t\t\t\t\t<input type=\"text\" id=\"un\" name=\"name\" style=\"width: 98%;\" maxlength=\"25\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"cell2\">\n\t\t\t\t\t<label for=\"em\">" . __("Email address") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td class=\"cell1\">\n\t\t\t\t\t<input type=\"email\" id=\"em\" name=\"mail\" style=\"width: 98%;\" maxlength=\"60\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell2\">\n\t\t\t\t<td></td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Send reset email") . "\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"cell1 smallFonts\" colspan=\"2\">\n\t\t\t\t\t" . __("If you did not specify an email address in your profile, you are <em>not</em> out of luck. The old method of contacting an administrator from outside the board is still an option.") . "\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t</form>\n");
}
}
function randomString($len, $chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")
{
$s = "";
for ($i = 0; $i < $len; $i++) {
$p = rand(0, strlen($chars) - 1);
$s .= $chars[$p];
}
return $s;
}
<?php
//Layoutmaker.php AJAX backend
$ajaxPage = true;
$loguser['blocklayouts'] = 0;
//force layouts to show up
$base = $_POST['base'];
if (!isset($base) || strpos($base, ".") !== FALSE) {
Kill("Invalid base layout.");
}
$basefile = "plugins/layoutmaker/bases/" . $base . ".php";
if (is_file($basefile)) {
include $basefile;
} else {
Kill("Invalid base layout.");
}
print "<style type=\"text/css\">" . ApplyParameters($cssTemplate) . "</style>";
$previewPost['num'] = "_";
$previewPost['id'] = "_";
foreach ($loguser as $key => $value) {
$previewPost["u_" . $key] = $value;
}
$previewPost['u_postheader'] = trim(ApplyParameters($markupTemplateA));
$previewPost['text'] = Settings::get("profilePreviewText");
$previewPost['u_signature'] = trim(ApplyParameters($markupTemplateB));
$is_unoriginal = true;
foreach ($parameters as $key => $param) {
if (isset($param['default']) && $_POST[$key] != $param['default']) {
$is_unoriginal = false;
}
}
if ($post['deleted']) {
Kill(__('This post is deleted.'));
}
$thread = Fetch(Query("SELECT * FROM {threads} WHERE id={0}", $post['thread']));
if (!$thread) {
Kill(__('Unknown thread.'));
}
$fid = $thread['forum'];
if (!HasPermission('forum.viewforum', $fid)) {
Kill(__('You may not access this forum.'));
}
$tags = ParseThreadTags($thread['title']);
$isHidden = !HasPermission('forum.viewforum', $fid, true);
if ($_POST['report']) {
if ($_POST['key'] !== $loguser['token']) {
Kill(__('No.'));
}
// TODO make this use actual notifications or anything better
Query("INSERT INTO {pmsgs_text} (title,text) VALUES ({0},{1})", "Post report (post #{$pid})", '');
$pmid = InsertId();
Query("INSERT INTO {pmsgs} (id,userto,userfrom,date,ip,msgread,deleted,drafting)\n\t\tVALUES ({0},{1},{2},{3},{4},0,0,0)", $pmid, -1, $loguserid, time(), $_SERVER['REMOTE_ADDR']);
$report = "<strong>Post report</strong>\n\n<strong>Post:</strong> " . actionLinkTag($tags[0], 'post', $pid) . " (post #{$pid})\n\n<strong>Message:</strong>\n{$_POST['message']}\n\n" . actionLinkTag('Mark issue as resolved', 'showprivate', $pmid, 'markread=1');
Query("UPDATE {pmsgs_text} SET text={0} WHERE pid={1}", $report, $pmid);
SendNotification('pm', $pmid, -1);
die(header('Location: ' . actionLink('post', $pid)));
}
MakeCrumbs(forumCrumbs($forum) + array(actionLink("thread", $tid, '', $isHidden ? '' : $tags[0]) => $tags[0], '' => __("Report post")));
$user = Fetch(Query("SELECT * FROM {users} WHERE id={0}", $post['user']));
foreach ($user as $key => $value) {
$post['u_' . $key] = $value;
}
if ($thread['user'] == $loguserid) {
$links->add(new PipeMenuLinkEntry(__("Edit"), "editthread", $tid, "", "pencil"));
}
}
}
makeLinks($links);
$crumbs = new PipeMenu();
makeForumCrumbs($crumbs, $forum);
$crumbs->add(new PipeMenuLinkEntry($title, "thread", $tid));
makeBreadcrumbs($crumbs);
$OnlineUsersFid = $fid;
write("\n\t<script type=\"text/javascript\">\n\t\t\twindow.addEventListener(\"load\", hookUpControls, false);\n\t</script>\n");
if ($thread['poll']) {
$poll = Fetch(Query("SELECT p.*,\n\t\t\t\t\t\t\t(SELECT COUNT(DISTINCT user) FROM {pollvotes} pv WHERE pv.poll = p.id) as users,\n\t\t\t\t\t\t\t(SELECT COUNT(*) FROM {pollvotes} pv WHERE pv.poll = p.id) as votes\n\t\t\t\t\t\t FROM {poll} p\n\t\t\t\t\t\t WHERE p.id={0}", $thread['poll']));
if (!$poll) {
Kill(__("Poll not found"));
}
$totalVotes = $poll["users"];
$rOptions = Query("SELECT pc.*,\n\t\t\t\t\t\t\t(SELECT COUNT(*) FROM {pollvotes} pv WHERE pv.poll = {0} AND pv.choiceid = pc.id) as votes,\n\t\t\t\t\t\t\t(SELECT COUNT(*) FROM {pollvotes} pv WHERE pv.poll = {0} AND pv.choiceid = pc.id AND pv.user = {1}) as myvote\n\t\t\t\t\t FROM {poll_choices} pc\n\t\t\t\t\t WHERE poll={0}", $thread['poll'], $loguserid);
$pops = 0;
$noColors = 0;
$defaultColors = array("#0000B6", "#00B600", "#00B6B6", "#B60000", "#B600B6", "#B66700", "#B6B6B6", "#676767", "#6767FF", "#67FF67", "#67FFFF", "#FF6767", "#FF67FF", "#FFFF67", "#FFFFFF");
while ($option = Fetch($rOptions)) {
if ($option['color'] == "") {
$option['color'] = $defaultColors[($option["id"] + 9) % 15];
}
$chosen = $option["myvote"] ? "✔" : "";
$cellClass = ($cellClass + 1) % 2;
if ($loguserid && !$thread['closed'] && IsAllowed("vote")) {
$label = $chosen . " " . actionLinkTag(htmlspecialchars($option['choice']), "thread", $thread['id'], "vote=" . $option["id"] . "&token=" . $loguser["token"] . "&" . $fromstring);
} else {
$kuriseed = intval($kuridata[0]);
$check = intval($kuridata[1]);
$kurichallenge = $kuridata[2];
$kurichallenge = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, md5(KURIKEY . $check, true), base64_decode($kurichallenge), MCRYPT_MODE_ECB, $iv);
if (!$kurichallenge) {
Kill('Hack attempt detected');
}
$kurichallenge = explode('|', $kurichallenge);
if (count($kurichallenge) != 3) {
Kill('Hack attempt detected');
}
if ($kurichallenge[0] != $kuridata[0]) {
Kill('Hack attempt detected');
}
if ($kurichallenge[1] != $kuridata[1]) {
Kill('Hack attempt detected');
}
$ngoombas = intval($kurichallenge[2]);
if ($check < time() - 300) {
$err = __('The token has expired. Reload the page and try again.');
} else {
if ($ngoombas != (int) $_POST['kurichallenge']) {
$err = __('You failed the challenge. Look harder.');
} else {
if (IsProxy()) {
$adminemail = Settings::get('ownerEmail');
if ($adminemail) {
$halp = '<br><br>If you aren\'t using a proxy, contact the board owner at: ' . $adminemail;
} else {
$halp = '';
}
copy($tmpfile, $file);
} elseif ($type <= 3) {
$r = imagesx($img1) / imagesy($img1);
if ($r > 1) {
$img2 = imagecreatetruecolor($dimx, floor($dimy / $r));
imagecopyresampled($img2, $img1, 0, 0, 0, 0, $dimx, $dimy / $r, imagesx($img1), imagesy($img1));
} else {
$img2 = imagecreatetruecolor(floor($dimx * $r), $dimy);
imagecopyresampled($img2, $img1, 0, 0, 0, 0, $dimx * $r, $dimy, imagesx($img1), imagesy($img1));
}
imagepng($img2, $file);
} else {
$error .= "<li>Invalid format.</li>";
}
}
$usepic = $file;
} else {
Kill(__("Could not update your avatar for the following reason(s):") . "<ul>" . $error . "</ul>");
}
}
}
}
}
}
$moodRows = "";
$rMoods = Query("select mid, name from {moodavatars} where uid={0} order by mid asc", $loguserid);
while ($mood = Fetch($rMoods)) {
$cellClass = ($cellClass + 1) % 2;
$moodRows .= format("\n\t\t<tr class=\"cell{0}\">\n\t\t\t<td style=\"width: 100px;\">\n\t\t\t\t<img src=\"img/avatars/{1}_{2}\" alt=\"\">\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t<form method=\"post\" action=\"" . actionLink("editavatars") . "\">\n\t\t\t\t\t<input type=\"hidden\" name=\"mid\" value=\"{2}\" />\n\t\t\t\t\t<input type=\"text\" id=\"name{2}\" name=\"name\" style=\"width: 60%;\" value=\"{3}\" />\n\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Rename") . "\" />\n\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Delete") . "\" />\n\t\t\t\t</form>\n\t\t\t</td>\n\t\t</tr>\n", $cellClass, $loguserid, $mood['mid'], htmlspecialchars($mood['name']));
}
write("\n\t<table class=\"margin outline width50\">\n\t\t<tr class=\"header1\">\n\t\t\t<th colspan=\"2\">\n\t\t\t\t" . __("Mood avatars") . "\n\t\t\t</th>\n\t\t</tr>\n\t\t{0}\n\t\t<tr class=\"header1\">\n\t\t\t<th colspan=\"2\">\n\t\t\t\t" . __("Add new") . "\n\t\t\t</th>\n\t\t</tr>\n\t\t<tr class=\"cell2\">\n\t\t\t<td>\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t<form method=\"post\" action=\"" . actionLink("editavatars") . "\" enctype=\"multipart/form-data\">\n\t\t\t\t\t<label for=\"newName\">" . __("Name:") . "</label>\n\t\t\t\t\t<input type=\"text\" id=\"newName\" name=\"name\" style=\"width: 60%;\" /><br />\n\n\t\t\t\t\t<label for=\"pic\">" . __("Image:") . "</label>\n\t\t\t\t\t<input type=\"file\" id=\"pic\" name=\"picture\" style=\"width: 75%;\" />\n\n\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Add") . "\" />\n\t\t\t\t</form>\n\t\t\t</td>\n\t</table>\n", $moodRows);
<?php
CheckPermission('admin.ipsearch');
$ip = $_GET["id"];
if (!filter_var($ip, FILTER_VALIDATE_IP)) {
Kill("Invalid IP");
}
$links = array();
$links[] = "<a href=\"http://dnsquery.org/ipwhois/{$ip}\" target=\"_blank\">Whois Query</a>";
$links[] = "<a onclick=\"if(confirm('Are you sure you want to IP-ban {$ip}?')) {document.getElementById('banform').submit();} return false;\" href=\"#\">IP Ban</a>";
MakeCrumbs(array(actionLink("admin") => __("Admin"), actionLink("ipbans") => __("IP ban manager"), '' => $ip), $links);
$rUsers = Query("select * from {users} where lastip={0}", $ip);
echo "<h3>Users with this IP</h3>";
$userList = "";
$ipBanComment = "";
$i = 1;
if (NumRows($rUsers)) {
while ($user = Fetch($rUsers)) {
$ipBanComment .= $user["name"] . " ";
$cellClass = ($cellClass + 1) % 2;
if ($user['lasturl']) {
$lastUrl = "<a href=\"" . $user['lasturl'] . "\">" . $user['lasturl'] . "</a>";
} else {
$lastUrl = __("None");
}
$userList .= format("\n\t\t<tr class=\"cell{0}\">\n\t\t\t<td>\n\t\t\t\t{1}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{2}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{3}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{4}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{5}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{6}\n\t\t\t</td>\n\t\t</tr>\n\t", $cellClass, $i, UserLink($user), cdate("d-m-y G:i:s", $user['lastactivity']), $user['lastposttime'] ? cdate("d-m-y G:i:s", $user['lastposttime']) : __("Never"), $lastUrl, formatIP($user['lastip']));
$i++;
}
} else {
$userList = "<tr class=\"cell0\"><td colspan=\"6\">" . __("No users") . "</td></tr>";
}
}
$fid = (int) $_GET['id'];
if (!HasPermission('forum.viewforum', $fid)) {
Kill(__('You may not access this forum.'));
}
if (!HasPermission('forum.postthreads', $fid)) {
Kill($loguser['banned'] ? __('You may not post because you are banned.') : __('You may not post threads in this forum.'));
}
$rFora = Query("select * from {forums} where id={0}", $fid);
if (NumRows($rFora)) {
$forum = Fetch($rFora);
} else {
Kill(__("Unknown forum ID."));
}
if ($forum['locked']) {
Kill(__("This forum is locked."));
}
if (!isset($_POST['poll']) || isset($_GET['poll'])) {
$_POST['poll'] = $_GET['poll'];
}
$isHidden = !HasPermission('forum.viewforum', $fid, true);
$urlname = $isHidden ? '' : $forum['title'];
$OnlineUsersFid = $fid;
MakeCrumbs(forumCrumbs($forum) + array('' => __("New thread")));
$attachs = array();
if (isset($_POST['saveuploads'])) {
$attachs = HandlePostAttachments(0, false);
} else {
if (isset($_POST['actionpreview'])) {
$attachs = HandlePostAttachments(0, false);
if ($_POST['poll']) {
$from = 0;
}
if (!$ppp) {
$ppp = 25;
}
$rPosts = Query("\n\tSELECT\n\t\tp.*,\n\t\tpt.text, pt.revision, pt.user AS revuser, pt.date AS revdate,\n\t\tu.(_userfields), u.(rankset,title,picture,posts,postheader,signature,signsep,lastposttime,lastactivity,regdate,globalblock),\n\t\tru.(_userfields),\n\t\tdu.(_userfields),\n\t\tt.id thread, t.title threadname,\n\t\tf.id fid\n\tFROM\n\t\t{posts} p\n\t\tLEFT JOIN {posts_text} pt ON pt.pid = p.id AND pt.revision = p.currentrevision\n\t\tLEFT JOIN {users} u ON u.id = p.user\n\t\tLEFT JOIN {users} ru ON ru.id=pt.user\n\t\tLEFT JOIN {users} du ON du.id=p.deletedby\n\t\tLEFT JOIN {threads} t ON t.id=p.thread\n\t\tLEFT JOIN {forums} f ON f.id=t.forum\n\tWHERE u.id={1} AND " . forumAccessControlSql() . "\n\tORDER BY date ASC LIMIT {2u}, {3u}", $loguserid, $id, $from, $ppp);
$numonpage = NumRows($rPosts);
$uname = $user["name"];
if ($user["displayname"]) {
$uname = $user["displayname"];
}
$crumbs = new PipeMenu();
$crumbs->add(new PipeMenuLinkEntry(__("Member list"), "memberlist"));
$crumbs->add(new PipeMenuHtmlEntry(userLink($user)));
$crumbs->add(new PipeMenuTextEntry(__("Posts")));
makeBreadcrumbs($crumbs);
if ($total == 0) {
Kill(__("This user hasn't made any posts yet."));
}
$pagelinks = PageLinks(actionLink("listposts", $id, "from="), $ppp, $from, $total);
if ($pagelinks) {
write("<div class=\"smallFonts pages\">" . __("Pages:") . " {0}</div>", $pagelinks);
}
if (NumRows($rPosts)) {
while ($post = Fetch($rPosts)) {
MakePost($post, POST_NORMAL, array('threadlink' => 1, 'tid' => $post['thread'], 'fid' => $post['fid'], 'noreplylinks' => 1));
}
}
if ($pagelinks) {
write("<div class=\"smallFonts pages\">" . __("Pages:") . " {0}</div>", $pagelinks);
}
if (!HasPermission('forum.viewforum', $fid)) {
Kill(__('You may not access this forum.'));
}
if (!HasPermission('forum.postreplies', $fid)) {
Kill($loguser['banned'] ? __('You may not post because you are banned.') : __('You may not post in this forum.'));
}
$rFora = Query("select * from {forums} where id={0}", $fid);
if (NumRows($rFora)) {
$forum = Fetch($rFora);
} else {
Kill("Unknown forum ID.");
}
$fid = $forum['id'];
$isHidden = !HasPermission('forum.viewforum', $fid, true);
if ($thread['closed'] && !HasPermission('mod.closethreads', $fid)) {
Kill(__("This thread is locked."));
}
$OnlineUsersFid = $fid;
LoadPostToolbar();
$tags = ParseThreadTags($thread['title']);
$urlname = $isHidden ? '' : $tags[0];
MakeCrumbs(forumCrumbs($forum) + array(actionLink("thread", $tid, '', $urlname) => $tags[0], '' => __("New reply")));
if (!$thread['sticky'] && Settings::get("oldThreadThreshold") > 0 && $thread['lastpostdate'] < time() - 2592000 * Settings::get("oldThreadThreshold")) {
Alert(__("You are about to bump an old thread. This is usually a very bad idea. Please think about what you are about to do before you press the Post button."));
}
$attachs = array();
if (isset($_POST['saveuploads'])) {
$attachs = HandlePostAttachments(0, false);
} else {
if (isset($_POST['actionpreview'])) {
$attachs = HandlePostAttachments(0, false);
$previewPost['options'] = 0;
if ($_POST['nopl']) {
$previewPost['options'] |= 1;
}
if ($_POST['nosm']) {
$previewPost['options'] |= 2;
}
$previewPost['mood'] = (int) $_POST['mood'];
foreach ($user as $key => $value) {
$previewPost["u_" . $key] = $value;
}
MakePost($previewPost, POST_SAMPLE, array('forcepostnum' => 1, 'metatext' => __("Preview")));
} else {
if (isset($_POST['actionpost'])) {
if ($_POST['key'] != $loguser['token']) {
Kill(__("No."));
}
$rejected = false;
if (!$_POST['text']) {
Alert(__("Enter a message and try again."), __("Your post is empty."));
$rejected = true;
}
if (!$rejected) {
$bucket = "checkPost";
include "./lib/pluginloader.php";
}
if (!$rejected) {
$options = 0;
if ($_POST['nopl']) {
$options |= 1;
}
<?php
if ($loguser['powerlevel'] < 2) {
Kill(__("You're not admin. There is nothing for you here."));
}
$crumbs = new PipeMenu();
$crumbs->add(new PipeMenuLinkEntry(__("Admin"), "admin"));
$crumbs->add(new PipeMenuLinkEntry(__("Update board"), "gitpull"));
makeBreadcrumbs($crumbs);
$output = array();
exec("git pull 2>&1", $output);
echo '<div style="width: 50%; margin-left: auto; margin-right: auto; background: black; border: 1px solid #0f0; color: #0f0; font-family: \'Consolas\', \'Lucida Console\', \'Courier New\', monospace;">';
if (empty($output)) {
echo '<em>(no output)</em>';
} else {
foreach ($output as $line) {
echo htmlspecialchars($line) . '<br>';
}
}
echo '</div>';
{
$trimmed = trim(preg_replace("/&.*;/", "", $subject));
return strlen($trimmed) != 0;
}
if (isset($_POST['id'])) {
$_GET['id'] = $_POST['id'];
}
if (!isset($_GET['id'])) {
Kill(__("User ID unspecified."));
}
$id = (int) $_GET['id'];
$rUser = Query("select * from {users} where id={0}", $id);
if (NumRows($rUser)) {
$user = Fetch($rUser);
} else {
Kill(__("Unknown user ID."));
}
if ($id == $loguserid) {
Query("update {users} set newcomments = 0 where id={0}", $loguserid);
$loguser['newcomments'] = false;
}
$crumbs = new PipeMenu();
$crumbs->add(new PipeMenuLinkEntry(__("Member list"), "memberlist"));
$crumbs->add(new PipeMenuHtmlEntry(userLink($user)));
$crumbs->add(new PipeMenuTextEntry(__("Comments")));
makeBreadcrumbs($crumbs);
$canDeleteComments = ($id == $loguserid || $loguser['powerlevel'] > 2) && IsAllowed("deleteComments") && $loguser['powerlevel'] >= 0;
$canComment = $loguser['powerlevel'] >= 0;
if ($loguserid && ($_GET['token'] == $loguser['token'] || $_POST['token'] == $loguser['token'])) {
if ($canDeleteComments && $_GET['action'] == "delete") {
AssertForbidden("deleteComments");
}
if ($shakeIt) {
print "Generating security salt…<br />";
$cset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPRQSTUVWXYZ0123456789";
$salt = "";
$chct = strlen($cset) - 1;
while (strlen($salt) < 16) {
$salt .= $cset[mt_rand(0, $chct)];
}
$sltf = @fopen("lib/salt.php", "w+") or Kill(format("Could not open \"lib/{0}.php\" for writing. This has been checked for earlier, so if you see this error now, something very strange is going on.", "salt"), "Mysterious filesystem permission error");
fwrite($sltf, "<?php \$salt = \"" . $salt . "\" ?>\n");
fclose($sltf);
}
print "Writing board configuration file…<br />";
include "lib/settings.php";
$hax = @fopen("lib/settings.php", "w") or Kill(format("Could not open \"lib/{0}.php\" for writing. This has been checked for earlier, so if you see this error now, something very strange is going on.", "settings"), "Mysterious filesystem permission error");
fputs($hax, "<?php\n");
fputs($hax, "//Generated and parsed by the Board Settings admin panel.\n");
fputs($hax, "\n");
fputs($hax, "//Settings\n");
fputs($hax, "\$boardname = " . var_export($boardname, true) . ";\n");
fputs($hax, "\$logoalt = " . var_export($logoalt, true) . ";\n");
fputs($hax, "\$logotitle = " . var_export($logotitle, true) . ";\n");
fputs($hax, "\$dateformat = " . var_export($dateformat, true) . ";\n");
fputs($hax, "\$autoLockMonths = " . var_export((int) $autoLockMonths, true) . ";\n");
fputs($hax, "\$warnMonths = " . var_export((int) $warnMonths, true) . ";\n");
fputs($hax, "\$customTitleThreshold = " . var_export((int) $customTitleThreshold, true) . ";\n");
fputs($hax, "\$viewcountInterval = " . var_export((int) $viewcountInterval, true) . ";\n");
fputs($hax, "\$overallTidy = " . var_export((int) $tidy, true) . ";\n");
fputs($hax, "\$noAjax = " . var_export((int) $noAjax, true) . ";\n");
fputs($hax, "\$noGuestLayouts = " . var_export((int) $noGuestLayouts, true) . ";\n");
if ($forum['minpower'] > $pl) {
Kill(__("You are not allowed to browse this forum."));
}
} else {
Kill(__("Unknown forum ID."));
}
$title = $forum['title'];
$qCat = "select * from categories where id=" . $forum['catid'];
$rCat = Query($qCat);
if (NumRows($rCat)) {
$cat = Fetch($rCat);
if ($cat['minpower'] > $pl) {
Kill(__("You are not allowed to see this category."));
}
} else {
Kill(__("Unknown category ID."));
}
//Autolock system
if ($autoLockMonths > 0) {
$locktime = time() - 2592000 * $autoLockMonths;
Query("UPDATE threads SET closed=1 WHERE forum=" . $fid . " AND closed=0 AND lastpostdate<" . $locktime);
}
//</autolock>
$isIgnored = FetchResult("select count(*) from ignoredforums where uid=" . $loguserid . " and fid=" . $fid, 0, 0) == 1;
if (isset($_GET['ignore'])) {
if (!$isIgnored) {
Query("insert into ignoredforums values (" . $loguserid . ", " . $fid . ")");
Alert(__("Forum ignored. You will no longer see any \"New\" markers for this forum."));
}
} else {
if (isset($_GET['unignore'])) {
