Example #1
0
$urltitle = $page['id'];
//urlencode($page['id']);
$nicetitle = htmlspecialchars(url2title($page['id']));
$title = 'Wiki » ' . $nicetitle;
if ($page['istalk']) {
    $links .= actionLinkTagItem('Page', 'wiki', substr($urltitle, 5)) . '<li>Discuss</li>';
} else {
    $links .= '<li>Page</li>' . actionLinkTagItem('Discuss', 'wiki', 'Talk:' . $urltitle);
}
if ($page['canedit']) {
    $links .= actionLinkTagItem('Edit', 'wikiedit', $urltitle);
}
if ($page['ismain']) {
    MakeCrumbs(array(actionLink('wiki') => 'Wiki'), $links);
} else {
    MakeCrumbs(array(actionLink('wiki') => 'Wiki', actionLink('wiki', $urltitle) => $nicetitle), $links);
}
echo '
		<table class="outline margin">
			<tr class="cell1">
				<td style="padding:0px 1em 1em;">';
if ($page['flags'] & WIKI_PFLAG_DELETED) {
    echo '<h1>' . $nicetitle . '</h1>This page has been deleted.';
} else {
    if ($page['new']) {
        echo '<h1>' . $nicetitle . '</h1>This page does not exist.';
        if ($page['canedit']) {
            echo '<br><br>' . actionLinkTag('Create it now', 'wikiedit', $urltitle);
        }
    } else {
        $revInfo = '';
$rFora = Query("select * from {forums} where id={0}", $fid);
if (NumRows($rFora)) {
    $forum = Fetch($rFora);
} else {
    Kill(__("Unknown forum ID."));
}
if ($forum['locked']) {
    Kill(__("This forum is locked."));
}
if (!isset($_POST['poll']) || isset($_GET['poll'])) {
    $_POST['poll'] = $_GET['poll'];
}
$isHidden = !HasPermission('forum.viewforum', $fid, true);
$urlname = $isHidden ? '' : $forum['title'];
$OnlineUsersFid = $fid;
MakeCrumbs(forumCrumbs($forum) + array('' => __("New thread")));
$attachs = array();
if (isset($_POST['saveuploads'])) {
    $attachs = HandlePostAttachments(0, false);
} else {
    if (isset($_POST['actionpreview'])) {
        $attachs = HandlePostAttachments(0, false);
        if ($_POST['poll']) {
            $options = array();
            $pdata = array();
            $pdata['question'] = htmlspecialchars($_POST['pollQuestion']);
            $pdata['options'] = array();
            $noColors = 0;
            $defaultColors = array("#0000B6", "#00B600", "#00B6B6", "#B60000", "#B600B6", "#B66700", "#B6B6B6", "#676767", "#6767FF", "#67FF67", "#67FFFF", "#FF6767", "#FF67FF", "#FFFF67", "#FFFFFF");
            $totalVotes = 0;
            foreach ($_POST['pollOption'] as $i => $opt) {
Example #3
0
$rFora = Query("select * from {forums} where id={0}", $fid);
if (NumRows($rFora)) {
    $forum = Fetch($rFora);
} else {
    Kill("Unknown forum ID.");
}
$fid = $forum['id'];
$isHidden = !HasPermission('forum.viewforum', $fid, true);
if ($thread['closed'] && !HasPermission('mod.closethreads', $fid)) {
    Kill(__("This thread is locked."));
}
$OnlineUsersFid = $fid;
LoadPostToolbar();
$tags = ParseThreadTags($thread['title']);
$urlname = $isHidden ? '' : $tags[0];
MakeCrumbs(forumCrumbs($forum) + array(actionLink("thread", $tid, '', $urlname) => $tags[0], '' => __("New reply")));
if (!$thread['sticky'] && Settings::get("oldThreadThreshold") > 0 && $thread['lastpostdate'] < time() - 2592000 * Settings::get("oldThreadThreshold")) {
    Alert(__("You are about to bump an old thread. This is usually a very bad idea. Please think about what you are about to do before you press the Post button."));
}
$attachs = array();
if (isset($_POST['saveuploads'])) {
    $attachs = HandlePostAttachments(0, false);
} else {
    if (isset($_POST['actionpreview'])) {
        $attachs = HandlePostAttachments(0, false);
        $previewPost['text'] = $_POST["text"];
        $previewPost['num'] = $loguser['posts'] + 1;
        $previewPost['posts'] = $loguser['posts'] + 1;
        $previewPost['id'] = 0;
        $previewPost['options'] = 0;
        if ($_POST['nopl']) {
Example #4
0
            }
        }
        $search = Query("\n\t\t\tSELECT pt.pid pid\n\t\t\tFROM {posts_text} pt\n\t\t\t\tLEFT JOIN {posts} p ON pt.pid = p.id\n\t\t\tWHERE pt.revision = p.currentrevision AND MATCH(pt.text) AGAINST({0} IN BOOLEAN MODE)\n\t\t\tORDER BY p.date DESC", $bool);
        $presults = array();
        if (NumRows($search)) {
            while ($result = Fetch($search)) {
                $presults[] = $result['pid'];
            }
        }
        Query("\n\t\t\tINSERT INTO {searchcache} (queryhash,query,date,threadresults,postresults) \n\t\t\tVALUES ({0},{1},{2},{3},{4})\n\t\t\tON DUPLICATE KEY UPDATE date={2}, threadresults={3}, postresults={4}", $sqhash, $searchQuery, time(), implode(',', $tresults), implode(',', $presults));
    }
    if (isset($_POST['q'])) {
        die(header('Location: ' . actionLink('search', '', 'q=' . urlencode($searchQuery) . '&inposts=' . $_POST['inposts'])));
    }
}
MakeCrumbs(array(actionLink("search") => __("Search")));
echo "\n\t<form action=\"" . htmlentities(actionLink("search")) . "\" method=\"post\">";
$fields = array('terms' => "<input type=\"text\" maxlength=\"1024\" name=\"q\" style=\"width:100%;border-sizing:border-box;-moz-border-sizing:border-box;\" value=\"" . htmlspecialchars($_REQUEST['q']) . "\">", 'searchin' => '
		<label><input type="radio" name="inposts" value="0"' . ($_REQUEST['inposts'] == 0 ? ' checked="checked"' : '') . '>' . __('Thread titles') . '</label> 
		<label><input type="radio" name="inposts" value="1"' . ($_REQUEST['inposts'] == 1 ? ' checked="checked"' : '') . '>' . __('Posts') . '</label>', 'btnSubmit' => "<input type=\"submit\" value=\"" . __("Search") . "\">");
RenderTemplate('form_search', array('fields' => $fields));
echo "\n\t</form>";
if (isset($_GET['q'])) {
    $viewableforums = ForumsWithPermission('forum.viewforum');
    $searchQuery = $_GET['q'];
    $searchQuery = strtolower(preg_replace('@\\s+@', ' ', $searchQuery));
    $bool = htmlspecialchars($searchQuery);
    $t = explode(" ", $bool);
    $terms = array();
    foreach ($t as $term) {
        if ($term[0] == "-") {
Example #5
0
<?php

if (!defined('BLARG')) {
    die;
}
$title = 'Post quality stats';
MakeCrumbs(array(actionLink('postquality') => 'Post quality stats'));
$stuff = Query("\tSELECT\n\t\t\t\t\t\tu.(_userfields),\n\t\t\t\t\t\tu.posts totalposts,\n\t\t\t\t\t\t(SELECT COUNT(*) FROM {posts} p WHERE p.user=u.id AND p.deleted!=0 AND p.deletedby!=u.id) deletedposts\n\t\t\t\t\tFROM\n\t\t\t\t\t\t{users} u\n\t\t\t\t\tWHERE " . ($_GET['showbanned'] ? '' : 'u.primarygroup!={0} AND ') . "u.posts>0\n\t\t\t\t\tHAVING (deletedposts / totalposts)>0.015\n\t\t\t\t\tORDER BY (deletedposts / totalposts) DESC", Settings::get('bannedGroup'));
echo '
	<table class="outline margin">
		<tr class="cell0">
			<td colspan="5" class="center">
				<br>
				This page shows, for each user, how many of their posts were deleted by the staff.<br>
				(users with less than 2% of deleted posts aren\'t shown)<br>
				<br>
				If you are in the green part, you are fine, but try to be a little careful.<br>
				If you are in the orange part, you should really improve the quality of your posts.<br>
				If you are in the red part, you are walking on thin ice, and should think twice before posting again.<br>
				<br>
			</td>
		</tr>
		<tr class="header1">
			<th>User</th>
			<th>Posts</th>
			<th>Deleted</th>
			<th>Ratio</th>
			<th style="width:120px;">&nbsp;</th>
		</tr>';
$c = 1;
while ($user = Fetch($stuff)) {
Example #6
0
if (!HasPermission('forum.viewforum', $fid)) {
    Kill(__('You may not access this forum.'));
}
$tags = ParseThreadTags($thread['title']);
$isHidden = !HasPermission('forum.viewforum', $fid, true);
if ($_POST['report']) {
    if ($_POST['key'] !== $loguser['token']) {
        Kill(__('No.'));
    }
    // TODO make this use actual notifications or anything better
    Query("INSERT INTO {pmsgs_text} (title,text) VALUES ({0},{1})", "Post report (post #{$pid})", '');
    $pmid = InsertId();
    Query("INSERT INTO {pmsgs} (id,userto,userfrom,date,ip,msgread,deleted,drafting)\n\t\tVALUES ({0},{1},{2},{3},{4},0,0,0)", $pmid, -1, $loguserid, time(), $_SERVER['REMOTE_ADDR']);
    $report = "<strong>Post report</strong>\n\n<strong>Post:</strong> " . actionLinkTag($tags[0], 'post', $pid) . " (post #{$pid})\n\n<strong>Message:</strong>\n{$_POST['message']}\n\n" . actionLinkTag('Mark issue as resolved', 'showprivate', $pmid, 'markread=1');
    Query("UPDATE {pmsgs_text} SET text={0} WHERE pid={1}", $report, $pmid);
    SendNotification('pm', $pmid, -1);
    die(header('Location: ' . actionLink('post', $pid)));
}
MakeCrumbs(forumCrumbs($forum) + array(actionLink("thread", $tid, '', $isHidden ? '' : $tags[0]) => $tags[0], '' => __("Report post")));
$user = Fetch(Query("SELECT * FROM {users} WHERE id={0}", $post['user']));
foreach ($user as $key => $value) {
    $post['u_' . $key] = $value;
}
MakePost($post, POST_SAMPLE);
$fields = array('message' => '<textarea id="text" name="message" rows=10></textarea>', 'btnSubmit' => '<input type="submit" name="report" value="' . __('Submit report') . '">');
echo '
	<form action="" method="POST">';
RenderTemplate('form_reportpost', array('fields' => $fields));
echo '
		<input type="hidden" name="key" value="' . $loguser['token'] . '">
	</form>';
Example #7
0
} else {
    Kill(__("Unknown user ID."));
}
$title = __("Post list");
$total = FetchResult("\n\t\t\tSELECT\n\t\t\t\tcount(p.id)\n\t\t\tFROM\n\t\t\t\t{posts} p\n\t\t\t\tLEFT JOIN {threads} t ON t.id=p.thread{$extrashit}\n\t\t\tWHERE p.user={0} AND t.forum IN ({1c})", $id, ForumsWithPermission('forum.viewforum'));
$ppp = $loguser['postsperpage'];
if (isset($_GET['from'])) {
    $from = (int) $_GET['from'];
} else {
    $from = 0;
}
if (!$ppp) {
    $ppp = 25;
}
$rPosts = Query("\tSELECT\n\t\t\t\tp.*,\n\t\t\t\tpt.text, pt.revision, pt.user AS revuser, pt.date AS revdate,\n\t\t\t\tu.(_userfields), u.(rankset,title,picture,posts,postheader,signature,signsep,lastposttime,lastactivity,regdate,globalblock,fulllayout),\n\t\t\t\tru.(_userfields),\n\t\t\t\tdu.(_userfields),\n\t\t\t\tt.id thread, t.title threadname,\n\t\t\t\tf.id fid\n\t\t\tFROM\n\t\t\t\t{posts} p\n\t\t\t\tLEFT JOIN {posts_text} pt ON pt.pid = p.id AND pt.revision = p.currentrevision\n\t\t\t\tLEFT JOIN {users} u ON u.id = p.user\n\t\t\t\tLEFT JOIN {users} ru ON ru.id=pt.user\n\t\t\t\tLEFT JOIN {users} du ON du.id=p.deletedby\n\t\t\t\tLEFT JOIN {threads} t ON t.id=p.thread\n\t\t\t\tLEFT JOIN {forums} f ON f.id=t.forum\n\t\t\t\tLEFT JOIN {categories} c ON c.id=f.catid\n\t\t\tWHERE u.id={1} AND f.id IN ({4c}){$extrashit}\n\t\t\tORDER BY date ASC LIMIT {2u}, {3u}", $loguserid, $id, $from, $ppp, ForumsWithPermission('forum.viewforum'));
$numonpage = NumRows($rPosts);
$uname = $user["name"];
if ($user["displayname"]) {
    $uname = $user["displayname"];
}
MakeCrumbs(array(actionLink("profile", $id, "", $user["name"]) => htmlspecialchars($uname), '' => __("List of posts")));
$pagelinks = PageLinks(actionLink("listposts", $id, "from=", $user['name']), $ppp, $from, $total);
RenderTemplate('pagelinks', array('pagelinks' => $pagelinks, 'position' => 'top'));
if (NumRows($rPosts)) {
    while ($post = Fetch($rPosts)) {
        MakePost($post, POST_NORMAL, array('threadlink' => 1, 'tid' => $post['thread'], 'fid' => $post['fid'], 'noreplylinks' => 1));
    }
} else {
    Alert('This user has no posts.', 'Notice');
}
RenderTemplate('pagelinks', array('pagelinks' => $pagelinks, 'position' => 'bottom'));
Example #8
0
<?php

//  AcmlmBoard XD - Private message sending/previewing page
//  Access: user
if (!defined('BLARG')) {
    die;
}
$title = __("Private messages");
MakeCrumbs(array(actionLink("private") => __("Private messages"), '' => __("Send PM")));
if (!$loguserid) {
    //Not logged in?
    Kill(__("You must be logged in to send private messages."));
}
CheckPermission('user.sendpms');
$draftID = 0;
$replyTo = 0;
$convStart = 0;
$urlargs = array();
$pid = (int) $_GET['pid'];
if ($pid) {
    $urlargs[] = 'pid=' . $pid;
    // this shouldn't select drafts someone else is preparing for us
    // those drafts will have recipients stored in draft_to, with userto set to 0
    $rPM = Query("select * from {pmsgs} left join {pmsgs_text} on pid = {pmsgs}.id where (userfrom={0} OR userto={0}) and {pmsgs}.id = {1}", $loguserid, $pid);
    if (NumRows($rPM)) {
        $pm = Fetch($rPM);
        $rUser = Query("select name from {users} where id = {0}", $pm['userfrom']);
        if (NumRows($rUser)) {
            $user = Fetch($rUser);
        } else {
            Kill(__("Unknown user."));
Example #9
0
<?php

//  AcmlmBoard XD - Frequently Asked Questions page
//  Access: all
if (!defined('BLARG')) {
    die;
}
$title = __("FAQ");
$links = array();
if (HasPermission('admin.editsettings')) {
    $links[] = actionLinkTag(__("Edit the FAQ"), "editsettings", '', 'field=faqText');
}
MakeCrumbs(array(actionLink("faq") => __("FAQ")), $links);
makeThemeArrays();
$admin = Fetch(Query("select u.(_userfields) from {users} u where u.primarygroup={0}", Settings::get('rootGroup')));
$admin = userLink(getDataPrefix($admin, 'u_'));
$sexes = array(0 => __("Male"), 1 => __("Female"), 2 => __("N/A"));
$scolors = array(0 => 'color_male', 1 => 'color_female', 2 => 'color_unspec');
$gcolors = array();
$g = Query("SELECT title, color_male, color_female, color_unspec FROM {usergroups} WHERE type=0 ORDER BY rank");
while ($group = Fetch($g)) {
    $gcolors[] = $group;
}
$headers = "";
$colors = "";
foreach ($sexes as $ss) {
    $headers .= format("\n\t<th>\n\t\t{0}\n\t</th>\n", $ss);
}
foreach ($gcolors as $g) {
    $cellClass = ($cellClass + 1) % 2;
    $items = "";
Example #10
0
<?php

$title = __("Ranks");
MakeCrumbs(array(actionLink("ranks") => __("Ranks")));
loadRanksets();
if (count($ranksetData) == 0) {
    Kill(__("No ranksets have been defined."));
}
if (!isset($_GET['id'])) {
    $rankset = $loguser['rankset'];
    if (!$rankset || !isset($ranksetData[$rankset])) {
        $rankset = array_keys($ranksetData);
        $rankset = $rankset[0];
    }
    die(header("Location: " . actionLink("ranks", $rankset)));
}
$rankset = $_GET['id'];
if (!isset($ranksetData[$rankset])) {
    Kill(__("Rankset not found."));
}
$ranksets = array();
foreach ($ranksetNames as $name => $title) {
    if ($name == $rankset) {
        $ranksets[] = $title;
    } else {
        $ranksets[] = actionLinkTag($title, 'ranks', $name);
    }
}
$users = array();
$rUsers = Query("select u.(_userfields), u.(posts,lastposttime) from {users} u order by id asc");
while ($user = Fetch($rUsers)) {
Example #11
0
     } else {
         Alert(__("No such file or not yours to mess with."));
     }
 } else {
     if ($_GET['action'] == 'restore' && HasPermission('uploader.deletefiles')) {
         $fid = $_GET['fid'];
         $check = FetchResult("select count(*) from {uploader} where id = {0}", $fid);
         if ($check) {
             Query("UPDATE {uploader} SET deldate=0 WHERE id={0}", $fid);
             Report("[b]" . $loguser['name'] . "[/] restored \"[b]" . $entry['filename'] . "[/]\" ({$fid}).", 1);
             die(header("Location: " . actionLink("uploaderlist", "", "cat=" . $_GET["cat"])));
         } else {
             Alert(__("No such file."));
         }
     } else {
         MakeCrumbs(array(actionLink("uploader") => "Uploader"), $links);
         $errormsg = __("No categories found.");
         $entries = Query("select * from {uploader_categories} order by ord");
         if (NumRows($entries) == 0) {
             print "\n\t\t<table class=\"outline margin\">\n\t\t\t<tr class=\"header0\">\n\n\n\n\t\t\t\t<th colspan=\"7\">" . __("Files") . "</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td colspan=\"4\">\n\t\t\t\t\t" . $errormsg . "\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t\t";
         } else {
             print "\n\t\t<table class=\"outline margin width100\">\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"7\">" . __("Categories") . "</th>\n\t\t\t</tr>\n\t\t";
             $cellClass = 0;
             while ($entry = Fetch($entries)) {
                 $filecount = FetchResult("select count(*) from {uploader} where category = {0} AND deldate=0", $entry['id']);
                 print "<tr class=\"cell{$cellClass}\"><td>";
                 print actionLinkTag($entry['name'], "uploaderlist", "", "cat=" . $entry['id']);
                 print "<br />";
                 print $entry['description'];
                 print "<br />";
                 print Plural($filecount, 'file');
        Kill(__('No.'));
    }
    if ($settings[$htmlfield]['type'] != 'texthtml') {
        Kill(__('No.'));
    }
    $htmlname = $settings[$htmlfield]['name'];
} else {
    $htmlfield = null;
}
if (!ctype_alnum($plugin)) {
    Kill(__("No."));
}
if ($plugin == "main") {
    MakeCrumbs(array(actionLink("admin") => __("Admin"), '' => __("Edit settings")));
} else {
    MakeCrumbs(array(actionLink("admin") => __("Admin"), actionLink("pluginmanager") => __("Plugin manager"), '' => $plugins[$plugin]['name']));
}
$settings = Settings::getSettingsFile($plugin);
$oursettings = Settings::$settingsArray[$plugin];
$invalidsettings = array();
if (isset($_POST["_plugin"])) {
    if ($_POST['key'] !== $loguser['token']) {
        Kill(__('No.'));
    }
    //Save the settings.
    $valid = true;
    foreach ($_POST as $key => $value) {
        if ($key == "_plugin") {
            continue;
        }
        //Don't accept unexisting settings.
Example #13
0
<?php

require 'wikilib.php';
$title = 'Wiki &raquo; Recent changes';
MakeCrumbs(array(actionLink('wiki') => 'Wiki', actionLink('wikichanges') => 'Recent changes'), $links);
$mydatefmt = 'm-d-Y';
if ($loguserid) {
    $mydatefmt = $loguser['dateformat'];
}
$time = (int) $_GET['time'];
if (!$time) {
    $time = 86400;
}
$spans = array(86400 => 'Today', 604800 => 'This week', 2592000 => 'This month');
$spanList = "";
foreach ($spans as $span => $text) {
    if ($span == $time) {
        $spanList .= '<li>' . $text . '</li>';
    } else {
        $spanList .= actionLinkTagItem($text, 'wikichanges', '', 'time=' . $span);
    }
}
echo '
	<div class="smallFonts margin">
		View changes for:
		<ul class="pipemenu">
			' . $spanList . '
		</ul>
	</div>
';
echo '
Example #14
0
<?php

//  AcmlmBoard XD - IP ban management tool
//  Access: administrators only
$title = __("IP bans");
CheckPermission('admin.manageipbans');
MakeCrumbs(array(actionLink("admin") => __("Admin"), actionLink("ipbans") => __("IP ban manager")));
if (isset($_POST['actionadd'])) {
    //This doesn't allow you to ban IP ranges...
    //if(!filter_var($_POST['ip'], FILTER_VALIDATE_IP))
    //	Alert("Invalid IP");
    //else
    if (isIPBanned($_POST['ip'])) {
        Alert("Already banned IP!");
    } else {
        $rIPBan = Query("insert into {ipbans} (ip, reason, date) values ({0}, {1}, {2})", $_POST['ip'], $_POST['reason'], (int) $_POST['days'] > 0 ? time() + (int) $_POST['days'] * 86400 : 0);
        Alert(__("Added."), __("Notice"));
    }
} elseif ($_GET['action'] == "delete") {
    $rIPBan = Query("delete from {ipbans} where ip={0} limit 1", $_GET['ip']);
    Alert(__("Removed."), __("Notice"));
}
$rIPBan = Query("select * from {ipbans} order by date desc, ip asc");
$banList = "";
while ($ipban = Fetch($rIPBan)) {
    $cellClass = ($cellClass + 1) % 2;
    if ($ipban['date']) {
        $date = formatdate($ipban['date']) . " (" . TimeUnits($ipban['date'] - time()) . " left)";
    } else {
        $date = __("Permanent");
    }
<?php

$title = __("Mood avatars");
if (!$loguserid) {
    Kill(__("You must be logged in to edit your avatars."));
}
CheckPermission('user.editprofile');
CheckPermission('user.editavatars');
MakeCrumbs(array(actionLink('profile', $loguserid, '', $loguser['name']) => htmlspecialchars($loguser['displayname'] ? $loguser['displayname'] : $loguser['name']), actionLink("editavatars") => __("Mood avatars")));
if (isset($_POST['actionrename']) || isset($_POST['actiondelete']) || isset($_POST['actionadd'])) {
    $mid = (int) $_POST['mid'];
    if ($_POST['actionrename']) {
        Query("update {moodavatars} set name={0} where mid={1} and uid={2}", $_POST['name'], $mid, $loguserid);
        die(header('Location: ' . actionLink('editavatars')));
    } else {
        if ($_POST['actiondelete']) {
            Query("delete from {moodavatars} where uid={0} and mid={1}", $loguserid, $mid);
            Query("update {posts} set mood=0 where user={0} and mood={1}", $loguserid, $mid);
            if (file_exists(DATA_DIR . "avatars/" . $loguserid . "_" . $mid)) {
                unlink(DATA_DIR . "avatars/" . $loguserid . "_" . $mid);
            }
            die(header('Location: ' . actionLink('editavatars')));
        } else {
            if ($_POST['actionadd']) {
                $highest = FetchResult("select mid from {moodavatars} where uid={0} order by mid desc limit 1", $loguserid);
                if ($highest < 1) {
                    $highest = 1;
                }
                $mid = $highest + 1;
                //Begin copypasta from edituser/editprofile_avatar...
                if ($fname = $_FILES['picture']['name']) {
<?php

$title = __("Last posts");
MakeCrumbs(array(actionLink("lastposts") => __("Last posts")));
$allowedforums = ForumsWithPermission('forum.viewforum');
$time = $_GET['time'];
if ($time != 'new') {
    $time = (int) $time;
}
if (!$time) {
    $time = 86400;
}
$show = $_GET['show'];
if ($show != 'threads' && $show != 'posts') {
    $show = 'threads';
}
$from = (int) $_GET['from'];
$fparam = $from ? '&from=' . $from : '';
$spans = array(3600 => __('1 hour'), 86400 => __('1 day'), 259200 => __('3 days'), 'new' => __('New posts'));
$options = array();
foreach ($spans as $span => $desc) {
    if ($span == $time) {
        $options[] = $desc;
    } else {
        $options[] = actionLinkTag($desc, 'lastposts', '', 'time=' . $span . '&show=' . $show . $fparam);
    }
}
$options2 = array();
$options2[] = $show == 'threads' ? __('List threads') : actionLinkTag(__('Show threads'), 'lastposts', '', 'time=' . $time . '&show=threads' . $fparam);
$options2[] = $show == 'posts' ? __('Show posts') : actionLinkTag(__('Show posts'), 'lastposts', '', 'time=' . $time . '&show=posts' . $fparam);
RenderTemplate('lastposts_options', array('timelinks' => $options, 'misclinks' => $options2));
Example #17
0
        Kill(__('You may not edit permissions for this user.'));
    }
    MakeCrumbs(array(actionLink('admin') => __('Admin'), '' => __('Edit permissions for user: '******'displayname'] ? $user['displayname'] : $user['name'])));
} else {
    if (isset($_GET['gid'])) {
        CheckPermission('admin.editgroups');
        $applyto = 0;
        $id = (int) $_GET['gid'];
        if (!$usergroups[$id]) {
            Kill(__('Invalid group ID.'));
        }
        $targetrank = $usergroups[$id]['rank'];
        if ($targetrank >= $loguserGroup['rank'] && !$loguser['root']) {
            Kill(__('You may not edit permissions for this group.'));
        }
        MakeCrumbs(array(actionLink('admin') => __('Admin'), '' => __('Edit permissions for group: ') . htmlspecialchars($usergroups[$id]['name'])));
    } else {
        Kill(__('Invalid parameters.'));
    }
}
if ($_POST['saveaction'] || $_POST['addfpermaction']) {
    if ($_POST['token'] !== $loguser['token']) {
        Kill(__('No.'));
    }
    if ($_POST['addfpermaction']) {
        $fid = (int) $_POST['newforumid'];
        foreach ($_POST as $k => $v) {
            if (substr($k, 0, 8) != 'fperm_0_') {
                continue;
            }
            if ($v == 0) {
<?php

$title = "Plugin Manager";
CheckPermission('admin.editsettings');
MakeCrumbs(array(actionLink("admin") => __("Admin"), actionLink("pluginmanager") => __("Plugin Manager")));
if ($_REQUEST['action'] == "enable") {
    if ($_REQUEST['key'] != $loguser['token']) {
        Kill("No.");
    }
    Query("insert into {enabledplugins} values ({0})", $_REQUEST['id']);
    Upgrade();
    die(header("location: " . actionLink("pluginmanager")));
}
if ($_REQUEST['action'] == "disable") {
    if ($_REQUEST['key'] != $loguser['token']) {
        Kill("No.");
    }
    Query("delete from {enabledplugins} where plugin={0}", $_REQUEST['id']);
    die(header("location: " . actionLink("pluginmanager")));
}
$cell = 0;
$pluginsDir = @opendir("plugins");
$enabledplugins = array();
$disabledplugins = array();
$pluginDatas = array();
if ($pluginsDir !== FALSE) {
    while (($plugin = readdir($pluginsDir)) !== FALSE) {
        if ($plugin == "." || $plugin == "..") {
            continue;
        }
        if (is_dir("./plugins/" . $plugin)) {
Example #19
0
<?php

//  AcmlmBoard XD - User account registration page
//  Access: any, but meant for guests.
require 'config/kurikey.php';
$title = __("Register");
MakeCrumbs(array('' => __('Register')));
$sexes = array(__("Male"), __("Female"), __("N/A"));
if ($_POST['register']) {
    $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
    $kuridata = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, md5(KURIKEY, true), base64_decode($_POST['kuridata']), MCRYPT_MODE_ECB, $iv);
    if (!$kuridata) {
        Kill('Hack attempt detected');
    }
    $kuridata = explode('|', $kuridata);
    if (count($kuridata) != 3) {
        Kill('Hack attempt detected');
    }
    $kuriseed = intval($kuridata[0]);
    $check = intval($kuridata[1]);
    $kurichallenge = $kuridata[2];
    $kurichallenge = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, md5(KURIKEY . $check, true), base64_decode($kurichallenge), MCRYPT_MODE_ECB, $iv);
    if (!$kurichallenge) {
        Kill('Hack attempt detected');
    }
    $kurichallenge = explode('|', $kurichallenge);
    if (count($kurichallenge) != 3) {
        Kill('Hack attempt detected');
    }
    if ($kurichallenge[0] != $kuridata[0]) {
Example #20
0
        }
        $thread = Fetch($thread);
        if (!HasPermission('forum.viewforum', $thread['forum'])) {
            Kill(__("Nice try, hacker kid, but no."));
        }
        if ($_GET['action'] == 'add') {
            Query("INSERT IGNORE INTO {favorites} (user,thread) VALUES ({0},{1})", $loguserid, $tid);
        } else {
            Query("DELETE FROM {favorites} WHERE user={0} AND thread={1}", $loguserid, $tid);
        }
        die(header('Location: ' . $_SERVER['HTTP_REFERER']));
    }
}
$title = 'Favorites';
$links = array(actionLinkTag(__("Mark threads read"), 'favorites', 0, 'action=markasread'));
MakeCrumbs(array(actionLink('favorites') => 'Favorites'), $links);
$viewableforums = ForumsWithPermission('forum.viewforum');
$total = FetchResult("SELECT COUNT(*) FROM {threads} t INNER JOIN {favorites} fav ON fav.user={0} AND fav.thread=t.id WHERE t.forum IN ({1c})", $loguserid, $viewableforums);
$tpp = $loguser['threadsperpage'];
if (isset($_GET['from'])) {
    $from = (int) $_GET['from'];
} else {
    $from = 0;
}
if (!$tpp) {
    $tpp = 50;
}
$rThreads = Query("\tSELECT\n\t\t\t\t\t\tt.*,\n\t\t\t\t\t\ttr.date readdate,\n\t\t\t\t\t\tsu.(_userfields),\n\t\t\t\t\t\tlu.(_userfields),\n\t\t\t\t\t\tf.(id,title)\n\t\t\t\t\tFROM\n\t\t\t\t\t\t{threads} t\n\t\t\t\t\t\tINNER JOIN {favorites} fav ON fav.user={0} AND fav.thread=t.id\n\t\t\t\t\t\tLEFT JOIN {threadsread} tr ON tr.thread=t.id AND tr.id={0}\n\t\t\t\t\t\tLEFT JOIN {users} su ON su.id=t.user\n\t\t\t\t\t\tLEFT JOIN {users} lu ON lu.id=t.lastposter\n\t\t\t\t\t\tLEFT JOIN {forums} f ON f.id=t.forum\n\t\t\t\t\tWHERE f.id IN ({3c})\n\t\t\t\t\tORDER BY sticky DESC, lastpostdate DESC LIMIT {1u}, {2u}", $loguserid, $from, $tpp, $viewableforums);
$numonpage = NumRows($rThreads);
$pagelinks = PageLinks(actionLink('favorites', '', 'from='), $tpp, $from, $total);
if (NumRows($rThreads)) {
Example #21
0
<?php

CheckPermission('admin.ipsearch');
$ip = $_GET["id"];
if (!filter_var($ip, FILTER_VALIDATE_IP)) {
    Kill("Invalid IP");
}
$links = array();
$links[] = "<a href=\"http://dnsquery.org/ipwhois/{$ip}\" target=\"_blank\">Whois Query</a>";
$links[] = "<a onclick=\"if(confirm('Are you sure you want to IP-ban {$ip}?')) {document.getElementById('banform').submit();} return false;\" href=\"#\">IP Ban</a>";
MakeCrumbs(array(actionLink("admin") => __("Admin"), actionLink("ipbans") => __("IP ban manager"), '' => $ip), $links);
$rUsers = Query("select * from {users} where lastip={0}", $ip);
echo "<h3>Users with this IP</h3>";
$userList = "";
$ipBanComment = "";
$i = 1;
if (NumRows($rUsers)) {
    while ($user = Fetch($rUsers)) {
        $ipBanComment .= $user["name"] . " ";
        $cellClass = ($cellClass + 1) % 2;
        if ($user['lasturl']) {
            $lastUrl = "<a href=\"" . $user['lasturl'] . "\">" . $user['lasturl'] . "</a>";
        } else {
            $lastUrl = __("None");
        }
        $userList .= format("\n\t\t<tr class=\"cell{0}\">\n\t\t\t<td>\n\t\t\t\t{1}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{2}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{3}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{4}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{5}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{6}\n\t\t\t</td>\n\t\t</tr>\n\t", $cellClass, $i, UserLink($user), cdate("d-m-y G:i:s", $user['lastactivity']), $user['lastposttime'] ? cdate("d-m-y G:i:s", $user['lastposttime']) : __("Never"), $lastUrl, formatIP($user['lastip']));
        $i++;
    }
} else {
    $userList = "<tr class=\"cell0\"><td colspan=\"6\">" . __("No users") . "</td></tr>";
}
Example #22
0
if ($pm['drafting'] && !$snoop) {
    Kill(__("Unknown PM"));
}
//could say "PM is addresssed to you, but is being drafted", but what they hey?
$rUser = Query("select * from {users} where id = {0}", $pm['userfrom']);
if (NumRows($rUser)) {
    $user = Fetch($rUser);
} else {
    Kill(__("Unknown user."));
}
$links = array();
if (!$snoop && $pm['userto'] == $loguserid) {
    Query("update {pmsgs} set msgread=1 where id={0}", $pm['id']);
    DismissNotification('pm', $pm['id'], $loguserid);
    $links[] = actionLinkTag(__("Send reply"), "sendprivate", "", "pid=" . $pm['id']);
} else {
    if ($_GET['markread']) {
        Query("update {pmsgs} set msgread=1 where id={0}", $pm['id']);
        DismissNotification('pm', $pm['id'], -1);
        die(header('Location: ' . actionLink('private')));
    }
}
$pmtitle = htmlspecialchars($pm['title']);
MakeCrumbs(array(actionLink("private") => __("Private messages"), '' => $pmtitle), $links);
$pm['num'] = 0;
$pm['posts'] = $user['posts'];
$pm['id'] = 0;
foreach ($user as $key => $value) {
    $pm['u_' . $key] = $value;
}
MakePost($pm, POST_PM);
Example #23
0
        $forumList .= Format("\n\t\t<tr class=\"cell{0}\">\n\t\t\t<td class=\"cell2 threadIcon\">{1}</td>\n\t\t\t<td class=\"threadIcon\" style=\"border-right: 0px none;\">\n\t\t\t\t{2}\n\t\t\t</td>\n\t\t\t<td style=\"border-left: 0px none;\">\n\t\t\t\t{3}\n\t\t\t\t<a href=\"thread.php?id={4}\">\n\t\t\t\t\t{5}\n\t\t\t\t</a>\n\t\t\t\t{6}\n\t\t\t\t{7}\n\t\t\t</td>\n\t\t\t<td class=\"center\">\n\t\t\t\t{8}\n\t\t\t</td>\n\t\t\t<td class=\"center\">\n\t\t\t\t{9}\n\t\t\t</td>\n\t\t\t<td class=\"center\">\n\t\t\t\t{10}\n\t\t\t</td>\n\t\t\t<td class=\"smallFonts center\">\n\t\t\t\t{11}<br />\n\t\t\t\t" . __("by") . " {12} {13}</td>\n\t\t</tr>\n", $cellClass, $NewIcon, $ThreadIcon, $poll, $thread['id'], strip_tags($thread['title']), $pl, $tags, UserLink($starter), $thread['replies'], $thread['views'], cdate($dateformat, $thread['lastpostdate']), UserLink($last), $lastLink);
    }
    Write("\n\t<table class=\"outline margin width100\">\n\t\t<tr class=\"header1\">\n\t\t\t<th style=\"width: 20px;\">&nbsp;</th>\n\t\t\t<th style=\"width: 16px;\">&nbsp;</th>\n\t\t\t<th style=\"width: 60%;\">" . __("Title") . "</th>\n\t\t\t<th>" . __("Started by") . "</th>\n\t\t\t<th>" . __("Replies") . "</th>\n\t\t\t<th>" . __("Views") . "</th>\n\t\t\t<th>" . __("Last post") . "</th>\n\t\t</tr>\n\t\t{0}\n\t</table>\n", $forumList);
} else {
    if ($forum['minpowerthread'] > $loguser['powerlevel']) {
        Alert(__("You cannot start any threads here."), __("Empty forum"));
    } elseif ($loguserid) {
        Alert(format(__("Would you like to {0}post something{1}?"), "<a href=\"newthread.php?id=" . $fid . "\">", "</a>"), __("Empty forum"));
    } else {
        Alert(format(__("{0}Log in{1} so you can post something."), "<a href=\"login.php\">", "</a>"), __("Empty forum"));
    }
}
if ($pagelinks) {
    Write("<div class=\"smallFonts pages\">" . __("Pages:") . " {0}</div>", $pagelinks);
}
MakeCrumbs(array(__("Main") => "./", $forum['title'] => "forum.php?id=" . $fid), $links);
ForumJump();
function ForumJump()
{
    global $fid, $loguser;
    $pl = $loguser['powerlevel'];
    if ($pl < 0) {
        $pl = 0;
    }
    $lastCatID = -1;
    $rFora = Query("\tSELECT \n\t\t\t\t\t\t\tf.id, f.title, f.catid,\n\t\t\t\t\t\t\tc.name cname\n\t\t\t\t\t\tFROM \n\t\t\t\t\t\t\tforums f\n\t\t\t\t\t\t\tLEFT JOIN categories c ON c.id=f.catid\n\t\t\t\t\t\tWHERE c.minpower<=" . $pl . " AND f.minpower<=" . $pl . ($pl < 1 ? " AND f.hidden=0" : '') . "\n\t\t\t\t\t\tORDER BY c.corder, c.id, f.forder");
    $theList = "";
    $optgroup = "";
    while ($forum = Fetch($rFora)) {
        if ($forum['catid'] != $lastCatID) {
            $lastCatID = $forum['catid'];
Example #24
0
<?php

CheckPermission('admin.ipsearch');
$title = 'Rereg radar';
MakeCrumbs(array(actionLink("admin") => "Admin", actionLink('reregs') => 'Rereg radar'));
$ipm = Query("SELECT u.(_userfields), u.(lastactivity,lastip) FROM {users} u WHERE (SELECT COUNT(*) FROM {users} u2 WHERE u2.lastip=u.lastip)>1 ORDER BY lastactivity DESC");
$ipmatches = array();
while ($match = Fetch($ipm)) {
    $ipmatches[$match['u_lastip']][] = $match;
}
foreach ($ipmatches as $ip => $match) {
    $date = 0;
    foreach ($match as $user) {
        if ($user['u_lastactivity'] > $date) {
            $date = $user['u_lastactivity'];
        }
    }
    $ipmatches[$ip]['date'] = $date;
}
$passm = Query("SELECT u.(_userfields), m.(date,user,matches) FROM {passmatches} m LEFT JOIN {users} u ON u.id=m.user ORDER BY date DESC");
$passmatches = array();
while ($match = Fetch($passm)) {
    $passmatches[$match['m_user']] = $match;
}
?>
	<table class="outline margin">
		<tr class="header1">
			<th>Rereg radar</th>
		</tr>
		<tr class="cell2 center">
			<td>
Example #25
0
<?php

if (!defined('BLARG')) {
    die;
}
//Category/forum editor -- By Nikolaj
//Secured and improved by Dirbaio
// Adapted to Blargboard by StapleButter.
$title = __("Edit forums");
CheckPermission('admin.editforums');
MakeCrumbs(array(actionLink("admin") => __("Admin"), actionLink("editfora") => __("Edit forum list")));
/**
	Okay. Much like the category editor, now the action is specified by $_POST["action"].

	Possible actions are:
	- updateforum: Updates the settings of a forum in the DB.
	- addforum: Adds a new forum to the DB.
	- deleteforum: Deletes a forum from the DB. Also, depending on $_GET["threads"]: (NOT YET)
		- "delete": DELETES all threads and posts in the DB.
		- "trash": TRASHES all the threads (move to trash and close)
		- "move": MOVES the threads to forum ID $_POST["threadsmove"]
		- "leave": LEAVES all the threads untouched in the DB (like the old forum editor. Not recommended. Will cause "invisible posts" that will still count towards user's postcounts)

	- forumtable: Returns the forum table for the left panel.
	- editforum: Returns the HTML code for the forum settings in right panel.
		- editforumnew: Returns the forum edit box to create a new forum. This way the huge HTML won't be duplicated in the code.
		- editforum: Returns the forum edit box to edit a forum.
		
		
	PERMISSION EDITING PRESETS
	
Example #26
0
        }
    }
    if (HasPermission('mod.trashthreads', $fid) && Settings::get('trashForum')) {
        if ($forum['id'] != Settings::get('trashForum')) {
            $links[] = actionLinkTag(__("Trash"), "editthread", $tid, "action=trash&key=" . $loguser['token']);
        }
    }
    if (HasPermission('mod.deletethreads', $fid) && Settings::get('secretTrashForum')) {
        if ($forum['id'] != Settings::get('secretTrashForum')) {
            $links[] = actionLinkTagConfirm(__("Delete"), __("Are you sure you want to just up and delete this whole thread?"), "editthread", $tid, "action=delete&key=" . $loguser['token']);
        }
    }
}
$OnlineUsersFid = $fid;
LoadPostToolbar();
MakeCrumbs(forumCrumbs($forum) + array(actionLink("thread", $tid, '', $urlname) => $threadtags[0]), $links);
if ($thread['poll']) {
    $poll = Fetch(Query("SELECT p.*,\n\t\t\t\t\t\t\t(SELECT COUNT(DISTINCT user) FROM {pollvotes} pv WHERE pv.poll = p.id) as users,\n\t\t\t\t\t\t\t(SELECT COUNT(*) FROM {pollvotes} pv WHERE pv.poll = p.id) as votes\n\t\t\t\t\t\t FROM {poll} p\n\t\t\t\t\t\t WHERE p.id={0}", $thread['poll']));
    if (!$poll) {
        Kill(__("Poll not found"));
    }
    $totalVotes = $poll['users'];
    $rOptions = Query("SELECT pc.*,\n\t\t\t\t\t\t\t(SELECT COUNT(*) FROM {pollvotes} pv WHERE pv.poll = {0} AND pv.choiceid = pc.id) as votes,\n\t\t\t\t\t\t\t(SELECT COUNT(*) FROM {pollvotes} pv WHERE pv.poll = {0} AND pv.choiceid = pc.id AND pv.user = {1}) as myvote\n\t\t\t\t\t   FROM {poll_choices} pc\n\t\t\t\t\t   WHERE poll={0}", $thread['poll'], $loguserid);
    $pops = 0;
    $noColors = 0;
    $defaultColors = array("#0000B6", "#00B600", "#00B6B6", "#B60000", "#B600B6", "#B66700", "#B6B6B6", "#676767", "#6767FF", "#67FF67", "#67FFFF", "#FF6767", "#FF67FF", "#FFFF67", "#FFFFFF");
    $pdata = array();
    $pdata['question'] = htmlspecialchars($poll['question']);
    $pdata['options'] = array();
    while ($option = Fetch($rOptions)) {
        $odata = array();
Example #27
0
<?php

if (!$loguser['root']) {
    Kill(__("You're not an administrator. There is nothing for you here."));
}
MakeCrumbs(array(actionLink("admin") => __("Admin"), actionLink("optimize") => __("Optimize tables")));
$rStats = Query("show table status");
while ($stat = Fetch($rStats)) {
    $tables[$stat['Name']] = $stat;
}
$tablelist = "";
$total = 0;
foreach ($tables as $table) {
    $cellClass = ($cellClass + 1) % 2;
    $overhead = $table['Data_free'];
    $total += $overhead;
    $status = __("OK");
    if ($overhead > 0) {
        Query("OPTIMIZE TABLE `{" . $table['Name'] . "}`");
        $status = "<strong>" . __("Optimized") . "</strong>";
    }
    $tablelist .= format("\n\t<tr class=\"cell{0}\">\n\t\t<td class=\"cell2\">{1}</td>\n\t\t<td>\n\t\t\t{2}\n\t\t</td>\n\t\t<td>\n\t\t\t{3}\n\t\t</td>\n\t\t<td>\n\t\t\t{4}\n\t\t</td>\n\t</tr>\n", $cellClass, $table['Name'], $table['Rows'], $overhead, $status);
}
write("\n<table class=\"outline margin\">\n\t<tr class=\"header0\">\n\t\t<th colspan=\"7\">\n\t\t\t" . __("Table Status") . "\n\t\t</th>\n\t</tr>\n\t<tr class=\"header1\">\n\t\t<th>\n\t\t\t" . __("Name") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Rows") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Overhead") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Final Status") . "\n\t\t</th>\n\t</tr>\n\t{0}\n\t<tr class=\"header0\">\n\t\t<th colspan=\"7\" style=\"font-size: 130%;\">\n\t\t\t" . __("Excess trimmed: {1} bytes") . "\n\t\t</th>\n\t</tr>\n</table>\n\n", $tablelist, $total);
Example #28
0
    }
    if (!$thread['sticky']) {
        $mod .= "<label><input type=\"checkbox\" name=\"stick\">&nbsp;" . __("Sticky", 1) . "</label>\n";
    } else {
        $mod .= "<label><input type=\"checkbox\" name=\"unstick\">&nbsp;" . __("Unstick", 1) . "</label>\n";
    }
    $mod .= "\n\n";
}
write("\n\t<table style=\"width: 100%;\">\n\t\t<tr>\n\t\t\t<td style=\"vertical-align: top; border: none;\">\n\t\t\t\t<form action=\"newreply.php\" method=\"post\">\n\t\t\t\t\t<input type=\"hidden\" name=\"ninja\" value=\"{0}\" />\n\t\t\t\t\t<table class=\"outline margin width100\">\n\t\t\t\t\t\t<tr class=\"header1\">\n\t\t\t\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t\t\t\t" . __("New reply") . "\n\t\t\t\t\t\t\t</th>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell0\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<label for=\"uname\">\n\t\t\t\t\t\t\t\t\t" . __("User name", 1) . "\n\t\t\t\t\t\t\t\t</label>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"text\" id=\"uname\" name=\"username\" value=\"{1}\" size=\"32\" maxlength=\"32\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell1\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<label for=\"upass\">\n\t\t\t\t\t\t\t\t\t" . __("Password") . "\n\t\t\t\t\t\t\t\t</label>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"password\" id=\"upass\" name=\"password\" value=\"{2}\" size=\"32\" maxlength=\"32\" />\n\t\t\t\t\t\t\t\t<img src=\"img/icons/icon5.png\" title=\"" . __("If you want to post under another account without having to log out, enter that account's user name and password here. Leave the password field blank to use the current account ({10}).") . "\" alt=\"[?]\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell0\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<label for=\"text\">\n\t\t\t\t\t\t\t\t\t" . __("Post") . "\n\t\t\t\t\t\t\t\t</label>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<textarea id=\"text\" name=\"text\" rows=\"16\" style=\"width: 98%;\">{3}</textarea>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell2\">\n\t\t\t\t\t\t\t<td></td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Post") . "\" /> \n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Preview") . "\" />\n\t\t\t\t\t\t\t\t<select size=\"1\" name=\"mood\">\n\t\t\t\t\t\t\t\t\t{4}\n\t\t\t\t\t\t\t\t</select>\n\t\t\t\t\t\t\t\t<label>\n\t\t\t\t\t\t\t\t\t<input type=\"checkbox\" name=\"nopl\" {5} />&nbsp;" . __("Disable post layout", 1) . "\n\t\t\t\t\t\t\t\t</label>\n\t\t\t\t\t\t\t\t<label>\n\t\t\t\t\t\t\t\t\t<input type=\"checkbox\" name=\"nosm\" {6} />&nbsp;" . __("Disable smilies", 1) . "\n\t\t\t\t\t\t\t\t</label>\n\t\t\t\t\t\t\t\t<label>\n\t\t\t\t\t\t\t\t\t<input type=\"checkbox\" name=\"nobr\" {9} />&nbsp;" . __("Disable auto-<br>", 1) . "\n\t\t\t\t\t\t\t\t</label>\n\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"id\" value=\"{7}\" />\n\t\t\t\t\t\t\t\t{8}\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t\t</form>\n\t\t\t</td>\n\t\t\t<td style=\"width: 20%; vertical-align: top; border: none;\">\n", $ninja, htmlval($postingAsUser['name']), $_POST['password'], $prefill, $moodOptions, $nopl, $nosm, $tid, $mod, $nobr, htmlspecialchars($loguser['name']));
DoSmileyBar();
DoPostHelp();
write("\n\t\t\t</td>\n\t\t</tr>\n\t</table>\n");
$qPosts = "select ";
$qPosts .= "posts.id, posts.date, posts.num, posts.deleted, posts.options, posts.mood, posts.ip, posts_text.text, posts_text.text, posts_text.revision, users.id as uid, users.name, users.displayname, users.rankset, users.powerlevel, users.sex, users.posts";
$qPosts .= " from posts left join posts_text on posts_text.pid = posts.id and posts_text.revision = posts.currentrevision left join users on users.id = posts.user";
$qPosts .= " where thread=" . $tid . " and deleted=0 order by date desc limit 0, 20";
$rPosts = Query($qPosts);
if (NumRows($rPosts)) {
    $posts = "";
    while ($post = Fetch($rPosts)) {
        $cellClass = ($cellClass + 1) % 2;
        $poster = $post;
        $poster['id'] = $post['uid'];
        $nosm = $post['options'] & 2;
        $nobr = $post['options'] & 4;
        $posts .= Format("\n\t\t<tr>\n\t\t\t<td class=\"cell2\" style=\"width: 15%; vertical-align: top;\">\n\t\t\t\t{1}\n\t\t\t</td>\n\t\t\t<td class=\"cell{0}\">\n\t\t\t\t<button style=\"float: right;\" onclick=\"insertQuote({2});\">" . __("Quote") . "</button>\n\t\t\t\t<button style=\"float: right;\" onclick=\"insertChanLink({2});\">" . __("Link") . "</button>\n\t\t\t\t{3}\n\t\t\t</td>\n\t\t</tr>\n", $cellClass, UserLink($poster), $post['id'], CleanUpPost($post['text'], $poster['name'], $nosm, $nobr));
    }
    Write("\n\t<table class=\"outline margin\">\n\t\t<tr class=\"header0\">\n\t\t\t<th colspan=\"2\">" . __("Thread review") . "</th>\n\t\t</tr>\n\t\t{0}\n\t</table>\n", $posts);
}
MakeCrumbs(array(__("Main") => "./", $forum['title'] => "forum.php?id=" . $fid, $titleandtags => "thread.php?id=" . $tid, __("New reply") => ""), $links);
Example #29
0
                        }
                        $qPM = "insert into pmsgs (userto, userfrom, date, ip, msgread) values (" . $recipient . ", " . $loguserid . ", " . time() . ", '" . $_SERVER['REMOTE_ADDR'] . "', 0)";
                        $rPM = Query($qPM);
                        $pid = mysql_insert_id();
                        $qPMT = "insert into pmsgs_text (pid,title,text) values (" . $pid . ", '" . justEscape($_POST['title']) . "', '" . $post . "')";
                        $rPMT = Query($qPMT);
                    }
                    Redirect(__("PM sent!"), "private.php?show=1", __("your PM outbox"));
                    exit;
                }
            } else {
                Alert(__("Enter a message and try again."), __("Your PM is empty."));
            }
        } else {
            Alert(__("Enter a title and try again."), __("Your PM is untitled."));
        }
    }
    //if($_POST['text']) $prefill = htmlval($_POST['text']);
    //if($_POST['title']) $trefill = htmlval($_POST['title']);
    $prefill = $pm['text'];
    $trefill = $pmtitle;
    MakePost($pm, 0, 0, 1);
    Write("\n\t<table style=\"width: 100%;\">\n\t\t<tr>\n\t\t\t<td style=\"vertical-align: top; border: none;\">\n\t\t\t\t<form action=\"showprivate.php\" method=\"post\">\n\t\t\t\t\t<table class=\"outline margin width100\">\n\t\t\t\t\t\t<tr class=\"header1\">\n\t\t\t\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t\t\t\t" . __("Edit Draft") . "\n\t\t\t\t\t\t\t</th>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell0\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t" . __("To") . "\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"text\" name=\"to\" style=\"width: 98%;\" maxlength=\"1024\" value=\"{2}\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell1\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t" . __("Title") . "\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"text\" name=\"title\" style=\"width: 98%;\" maxlength=\"60\" value=\"{1}\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<tr class=\"cell0\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t" . __("Message") . "\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<textarea id=\"text\" name=\"text\" rows=\"16\" style=\"width: 98%;\">{0}</textarea>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell2\">\n\t\t\t\t\t\t\t<td></td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Send") . "\" /> \n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Preview") . "\" />\n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Update Draft") . "\" /> \n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Discard Draft") . "\" /> \n\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"id\" value=\"{3}\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t\t</form>\n\t\t\t</td>\n\t\t\t<td style=\"width: 200px; vertical-align: top; border: none;\">\n", $prefill, $trefill, $to, $pmid);
    DoSmileyBar();
    DoPostHelp();
    Write("\n\t\t\t</td>\n\t\t</tr>\n\t</table>\n");
} else {
    MakePost($pm, 0, 0, 1);
}
MakeCrumbs(array("Main" => "./", "Private messages" => "private.php", $pmtitle => ""), $links);
Example #30
0
    return;
}
$fid = $forum['id'];
$total = $forum['numthreads'];
if (isset($_GET['from'])) {
    $from = (int) $_GET['from'];
} else {
    $from = 0;
}
$tpp = 5;
//echo '<br>';
$links = array('<a href="' . BOARD_ROOT . 'rss.php">' . __('RSS feed') . '</a>');
if (HasPermission('forum.postthreads', $forum['id'])) {
    $links[] = actionLinkTag(__('Post new'), 'newthread', $forum['id']);
}
MakeCrumbs(array(), $links);
$rThreads = Query("\tSELECT \n\t\t\t\t\t\tt.id, t.title, t.closed, t.replies, t.lastpostid,\n\t\t\t\t\t\tp.id pid, p.date,\n\t\t\t\t\t\tpt.text,\n\t\t\t\t\t\tsu.(_userfields),\n\t\t\t\t\t\tlu.(_userfields)\n\t\t\t\t\tFROM \n\t\t\t\t\t\t{threads} t\n\t\t\t\t\t\tLEFT JOIN {posts} p ON p.thread=t.id AND p.id=t.firstpostid\n\t\t\t\t\t\tLEFT JOIN {posts_text} pt ON pt.pid=p.id AND pt.revision=p.currentrevision\n\t\t\t\t\t\tLEFT JOIN {users} su ON su.id=t.user\n\t\t\t\t\t\tLEFT JOIN {users} lu ON lu.id=t.lastposter\n\t\t\t\t\tWHERE t.forum={0} AND p.deleted=0\n\t\t\t\t\tORDER BY p.date DESC LIMIT {1u}, {2u}", $fid, $from, $tpp);
$numonpage = NumRows($rThreads);
$pagelinks = PageLinks(actionLink('home', '', 'from='), $tpp, $from, $total);
RenderTemplate('pagelinks', array('pagelinks' => $pagelinks, 'position' => 'top'));
while ($thread = Fetch($rThreads)) {
    $pdata = array();
    $starter = getDataPrefix($thread, 'su_');
    $last = getDataPrefix($thread, 'lu_');
    $tags = ParseThreadTags($thread['title']);
    $pdata['title'] = $tags[0];
    $pdata['formattedDate'] = formatdate($thread['date']);
    $pdata['userlink'] = UserLink($starter);
    $pdata['text'] = CleanUpPost($thread['text'], $starter['name'], false, false);
    if (!$thread['replies']) {
        $comments = 'No comments yet';