function main() { try { global $editable; global $user; global $thisURIEncoded; global $session; global $bbsRow; $PHP_SELF = $_SERVER['PHP_SELF']; $post = $_POST['blnPost']; $id = $_GET['id']; $topic = new Post($id); if (!$topic->IsNew()) { $session->Viewed("Post", $id); } $enablePost = $_GET['enablePost'] == '1' ? true : false; $disablePost = $_GET['disablePost'] == '1' ? true : false; if ($enablePost || $disablePost) { if (!NoteViolation("toggle {$enablePost}:{$disablePost} ({$id})")) { $postID = $_GET['postID']; $posts = $topic->Posts(); foreach ($posts as $post0) { if ($post0->ID() == $postID) { $post0->Disabled($disablePost); UpdateObject($post0); if ($disabled) { $session->Disabled('Post', $postID); } else { $session->Enabled('Post', $postID); } break; } } } } if ($id == "") { $movID = $_GET['movID']; $mov = new Movie($movID); $topic->MovieID($movID); } else { $mov =& $topic->Movie(); $movID = $mov->ID(); } if ($mov->IsEmpty()) { BlockIfViolation("non-exisisting movie (id={$movID})"); } if (!$mov->Visible()) { BlockIfViolation("invisable view (id={$movID})"); } ?> <a href="movie.php?id=<?php echo $mov->ID(); ?> "> <img src="<?php echo $mov->MainPicture(); ?> " alt=""/></a> <b><font size="6"><a href="movie.php?id=<?php echo $movID; ?> "><?php echo $mov->Title(); ?> </a></font></b> <?php if ($post) { ThrowExceptionOnMaliciousInput($_POST['txtText'], 'BBS_TEXT'); ThrowExceptionOnMaliciousInput($_POST['txtSubject'], 'BBS_SUB'); $username = $user->Username(); if ($topic->IsNew()) { $topic->Text($_POST['txtText']); $topic->Subject($_POST['txtSubject']); $topic->Username($username); $topic->ParentID(0); // Currently non-threaded, may change... $topic->MovieID($movID); $upd =& $topic; } else { $objPost = new Post(); $objPost->Text($_POST['txtText']); $objPost->Username($username); $objPost->ParentID($topic->ID()); // Currently non-threaded, may change... $objPost->MovieID($movID); $upd =& $objPost; } UpdateObject($upd); $id = $topic->ID(); } if (!$topic->IsNew()) { $posts =& $topic->Posts(); } $subject = $topic->Subject(); $username = $topic->Username(); $text = $topic->Text(); ?> <table> <?php if (!$topic->IsNew()) { ?> <tr> <td> <h3><?php echo GetCap('capTopic') . ": {$subject}"; ?> </h3> </td> </tr> <?php } if (isset($posts)) { foreach ($posts as $post) { $text = $post->Text(); $text = wordwrap(strip_tags($text), 75); $text = str_replace("\n", '<br />', $text); $date = $post->DatePosted(); $postID = $post->ID(); $username = $post->Username(); $pad = str_repeat(' ', 20 - strlen($username)); $disabled = $post->Disabled(); if ($disabled) { if ($user == null || $username != $user->Username() && !$user->IsMaintainer()) { continue; } } ?> <tr <?php echo $bbsRow; ?> > <td> <?php echo "<b><a href=\"user.php?username={$username}\">{$username}</a></b>" . '<br />' . $date . ""; ?> <?php echo "<a href=\"bbsReport.php?postID={$postID}&type=" . REPORT_TYPE_SPAM . "\">[" . GetCap('capReport') . "]</a>"; ?> </td> </tr> <?php if ($editable) { ?> <tr align="right"> <?php if ($post->Disabled()) { echo "<td><a href=\"bbs.php?id={$id}&postID={$postID}&enablePost=1\">" . GetCap('capEnable') . "</a></td>"; } else { echo "<td><a href=\"bbs.php?id={$id}&postID={$postID}&disablePost=1\">" . GetCap('capDisable') . "</a></td>"; } ?> </td> <?php } ?> <tr> <td> <?php if ($disabled) { if ($user->IsMaintainer()) { echo " "; echo "<b>" . strtoupper(GetCap('capDisabled')) . "</b><br />"; } else { echo "<b>" . GetCap('capThisPostWasDisabledBecauseItViolatedOurPolicy') . "</b>"; echo "<br>  "; echo "<b>" . GetCap('capOnlyYouCanSeeThisPost') . "</b>"; echo "<br>  "; } } echo "<p>{$text}</p>"; ?> </td> </tr> <?php } } ?> </table> <?php if ($user != null) { ?> <form name="frm" method="post" action="<?php echo $PHP_SELF . "?id={$id}&movID={$movID}"; ?> "> <table> <?php if ($topic->IsNew()) { ?> <tr> <td> <?php echo "<b>" . GetCap('capSubject') . "</b>"; ?> </td> </tr> <tr> <td> <input type="text" name="txtSubject" value="<?php echo $subject; ?> "/> </td> </tr> <?php } ?> <tr <?php echo $postMessageRow; ?> > <td> <?php echo "<b>" . GetCap('capPostMessage') . "</b>"; ?> </td> </tr> <tr> <td> <textarea rows="10" cols="57" name="txtText"></textarea> </td> </tr> <tr> <td> <input type="submit" name="btnPost" value="<?php echo GetCap('capPost'); ?> "/> </td> <td> <input type="hidden" name="blnPost" value="1"/> </td> </tr> </table> </form> <?php } else { ?> <table> <tr> <td> <?php echo GetCap('capYouMustBeLoggedInToPostA Message'); ?> </td> </tr> </table> <?php } } catch (Exception $ex) { ProcessException($ex); } }
function main() { try { global $pageTitle; global $editable; global $session; global $user; $post = $_POST['blnPost']; $username = $_GET['username']; $selUser = new User("username = '******'"); $logout = $_GET['logout']; if ($selUser->IsEmpty()) { print GetCap('capUserNotFound'); $session->ViewedNotFound("Movie", $username); UpdateObject($session, false); Dump(); } if ($logout) { $selUser->Logout(); $session->ForcedLogout($selUser->ID()); } if (isset($user)) { if ($user->ID() == $selUser->ID()) { $sameUser = true; } } if (!$editable && !$selUser->Enabled()) { echo GetCap('capThisAccountHasBeenDisabled'); Dump(); } if ($post) { if (!$editable && !$sameUser) { BlockIfViolation('update'); } ThrowExceptionOnMaliciousInput($_POST['txtInfo'], 'USER_INFO'); if ($editable) { $selUser->Enabled($_POST['chkEnabled'] == '1' ? 1 : 0); } $selUser->PlayTimesLocation($_POST['txtPlayTimesLocation']); $selUser->Email($_POST['txtEmail']); $selUser->Info(strip_tags($_POST['txtInfo'])); UpdateObject($selUser); } else { $session->Viewed("User", $selUser->ID()); } $username = $selUser->UserName(); $pageTitle = $username; $email = $selUser->Email(); $playTimesLocation = $selUser->PlayTimesLocation(); $enabled = $selUser->Enabled(); $info = $selUser->Info(); ?> <br /> <form name="frm" method="post" action="<?php echo $PHP_SELF . "?username="******"> <table> <tr> <td> <font size=6><b><?php echo $username; ?> </b></font> <?php if (!$sameUser) { echo PublicizedInfo($info); } ?> </td> </tr> <?php if ($editable || $sameUser) { ?> <tr> <td> <b><?php echo GetCap('capEmailAddress'); ?> : </b> </td> <td> <input type="text" size=50 name="txtEmail" value="<?php echo $email; ?> "/> <?php echo "<i>(" . GetCap('capPrivate') . ")</i>"; ?> </td> </tr> <?php } if ($editable || $sameUser) { ?> <tr> <td> <b><?php echo GetCap('capPlayTimesLocation'); ?> : </b> </td> <td> <input type="text" size=50 name="txtPlayTimesLocation" value="<?php echo $playTimesLocation; ?> "/> <?php echo "<i>(" . GetCap('capPrivate') . ")</i>"; ?> </td> </tr> <?php } if ($editable || $sameUser) { ?> <tr> <td valign=top> <b><?php echo GetCap('capTellUsAboutYourself'); ?> : </b> <br/> <i>(<?php echo GetCap('capEditAnywayYouWish'); ?> )</i> </td> <td valign=top> <textarea rows="10" cols="57" name="txtInfo"><?php echo $info; ?> </textarea> <?php echo "<i>(" . GetCap('capPublic') . ")</i>"; ?> </td> </tr> <tr valign=top> <td> <b><?php echo GetCap('capPublicView'); ?> : </b> </td> <td> <?php echo PublicizedInfo($info); ?> </td> </tr> <?php } if ($editable) { ?> <tr> <td> <b><?php echo GetCap('capLoggedIn'); ?> : </b> <?php if ($selUser->LoggedIn()) { print GetCap("capYes"); if ($admin) { print "<a href=\"user.php?username={$username}&logout=1\">[" . GetCap('capLogout') . "]</a>"; } } else { print GetCap("capNo"); } ?> </tr> <tr> <td> <b><?php echo GetCap('capEnabled'); ?> : </b> <?php print "<input type=\"checkbox\" name=\"chkEnabled\" value=\"1\" " . ($enabled ? 'checked="checked"' : '') . "/>"; ?> </tr> <?php } if ($editable || $sameUser) { ?> <tr> <td> <input type="submit" name="btnLogin" value="<?php echo GetCap('capSave'); ?> "/> </td> <td> <input type="hidden" name="blnPost" value="1"/> </td> </tr> <?php } ?> </table> </form> <?php } catch (Exception $ex) { ProcessException($ex); } }