$row = $cache[$id];
                $rev[] = array('name' => $row['uname'], 'date' => $row['date'], 'reason' => $lang->phrase('admin_merge_edit_add'), 'ip' => $row['ip']);
            }
            $rev[] = array('name' => $my->name, 'date' => time(), 'reason' => $lang->phrase('admin_merge_edit_reason'), 'ip' => $my->ip);
            usort($rev, "cmp_edit_date");
            $edit = '';
            foreach ($rev as $row) {
                $edit .= "{$row['name']}\t{$row['date']}\t{$row['reason']}\t{$row['ip']}\n";
            }
            $edit = trim($edit, "\n");
            $db->query("UPDATE {$db->pre}postratings SET tid = '{$base['id']}' WHERE tid IN ({$iold})", __LINE__, __FILE__);
            $db->query("UPDATE {$db->pre}uploads SET tid = '{$base['id']}' WHERE tid IN ({$iold})", __LINE__, __FILE__);
            $db->query("UPDATE {$db->pre}vote SET tid = '{$base['id']}' WHERE tid IN ({$iold})", __LINE__, __FILE__);
            $db->query("UPDATE {$db->pre}replies SET topic = '{$topic}', name = '{$name}', comment = '{$_POST['comment']}', dosmileys = '{$_POST['dosmileys']}', dowords = '{$_POST['dowords']}', email = '{$email}', ip = '{$ip}', edit = '{$edit}', guest = '{$guest}' WHERE id = '{$base['id']}'", __LINE__, __FILE__);
            $db->query("DELETE FROM {$db->pre}replies WHERE id IN ({$iold})", __LINE__, __FILE__);
            ($code = $plugins->load('managetopic_pmerge_end')) ? eval($code) : null;
            UpdateTopicStats($info['id']);
            UpdateBoardStats($info['board']);
            $anz = count($ids);
            ok($lang->phrase('x_entries_merged'), "showtopic.php?topic_id=" . $base['id'] . "&action=jumpto&id=" . $base['topic_id'] . SID2URL_x);
        }
    }
    ($code = $plugins->load('managetopic_end')) ? eval($code) : null;
} else {
    errorLogin($lang->phrase('not_allowed'));
}
$slog->updatelogged();
$zeitmessung = t2();
echo $tpl->parse("footer");
$phpdoc->Out();
$db->close();
FROM ' . $db->pre . 'topics 
WHERE id = ' . $_GET['id'] . ' 
LIMIT 1
', __LINE__, __FILE__);
$info = $gpc->prepare($db->fetch_assoc($result));
$my->p = $slog->Permissions($info['board']);
$my->mp = $slog->ModPermissions($info['board']);
$error = array();
if ($db->num_rows($result) < 1) {
    $error[] = $lang->phrase('query_string_error');
}
if ($my->p['forum'] == 0) {
    $error[] = $lang->phrase('not_allowed');
}
if (count($error) > 0) {
    errorLogin($error, 'forum.php' . SID2URL_1);
}
$catbid = $scache->load('cat_bid');
$fc = $catbid->get();
$last = $fc[$info['board']];
if ($last['topiczahl'] < 1) {
    $last['topiczahl'] = $config['topiczahl'];
}
$q = urldecode($gpc->get('q', str));
if (strlen($q) > 2) {
    $qUrl = '&q=' . urlencode($q);
} else {
    $qUrl = '';
}
if ($_GET['action'] == 'firstnew') {
    if ($info['last'] > $my->clv) {
         $error = TRUE;
     }
     $upinfo = $db->fetch_assoc($result);
     $upinfo['name'] = $gpc->prepare($upinfo['name']);
 } else {
     $error = TRUE;
 }
 if ($error) {
     echo $tpl->parse("popup/header");
     error($lang->phrase('query_string_error'), 'javascript: self.close();');
 }
 $my->p = $slog->Permissions($upinfo['board']);
 $my->mp = $slog->ModPermissions($upinfo['board']);
 if ($my->p['attachments'] != 1) {
     echo $tpl->parse("popup/header");
     errorLogin($lang->phrase('not_allowed'), 'javascript: self.close();');
 }
 if ($_GET['action'] == "save") {
     if (is_array($_POST['delete']) && count($_POST['delete']) > 0) {
         if ($my->mp[0] == 1 || $upinfo['name'] == $my->id) {
             $ids = array();
             foreach ($_POST['delete'] as $key => $value) {
                 if (is_int($key) && $key > 0) {
                     $ids[] = $key;
                 }
             }
             $result = $db->query('SELECT file FROM ' . $db->pre . 'uploads WHERE mid = "' . $upinfo['name'] . '" AND id IN (' . implode(',', $ids) . ')', __LINE__, __FILE__);
             while ($row = $db->fetch_array($result)) {
                 if (file_exists('uploads/topics/' . $row[0])) {
                     @unlink('uploads/topics/' . $row[0]);
                 }
Example #4
0
 ($code = $plugins->load('popup_edithistory_query')) ? eval($code) : null;
 $result = $db->query("\n\tSELECT r.ip, r.topic_id, r.board, r.edit, r.id, r.topic, r.date, u.name as uname, r.name as gname, u.id as mid, u.groups, r.email as gmail, r.guest \n\tFROM {$db->pre}replies AS r \n\t\tLEFT JOIN {$db->pre}user AS u ON r.name=u.id \n\tWHERE r.id = '{$_GET['id']}' \n\tLIMIT 1\n\t", __LINE__, __FILE__);
 $found = $db->num_rows($result);
 if ($found == 1) {
     $row = $gpc->prepare($db->fetch_assoc($result));
     $my->p = $slog->Permissions($row['board']);
 }
 $error = array();
 if ($found == 0) {
     $error[] = $lang->phrase('query_string_error');
 }
 if ($found == 1 && $my->p['forum'] == 0) {
     $error[] = $lang->phrase('not_allowed');
 }
 if (count($error) > 0) {
     errorLogin($error, 'javascript:self.close();');
 }
 $catbid = $scache->load('cat_bid');
 $fc = $catbid->get();
 $last = $fc[$row['board']];
 forum_opt($last);
 ($code = $plugins->load('popup_edithistory_start')) ? eval($code) : null;
 if ($row['guest'] == 0) {
     $row['mail'] = '';
     $row['name'] = $row['uname'];
 } else {
     $row['mail'] = $row['gmail'];
     $row['name'] = $row['gname'];
     $row['mid'] = 0;
     $row['groups'] = GROUP_GUEST;
 }
Example #5
0
    if (check_hp($_SERVER['HTTP_REFERER'])) {
        $url = parse_url($_SERVER['HTTP_REFERER']);
        if (strpos($config['furl'], $url['host']) !== FALSE) {
            $loc = htmlspecialchars($_SERVER['HTTP_REFERER']);
        }
    }
    if (empty($loc)) {
        $loc = 'javascript:history.back(-1);';
    }
    $slog->mark_read();
    ok($lang->phrase('marked_as_read'), $loc);
} elseif ($_GET['action'] == "markforumasread") {
    $board = $gpc->get('board', int);
    $my->p = $slog->Permissions($board);
    if (!is_id($board) || $my->p['forum'] == 0) {
        errorLogin();
    }
    $result = $db->query('SELECT id FROM ' . $db->pre . 'topics WHERE board = ' . $board . ' AND last > ' . $my->clv, __LINE__, __FILE__);
    while ($row = $db->fetch_assoc($result)) {
        $my->mark['t'][$row['id']] = time();
    }
    $my->mark['f'][$board] = time();
    $slog->updatelogged();
    ok($lang->phrase('marked_as_read'), 'showforum.php?id=' . $board);
} elseif ($_GET['action'] == "rules") {
    $my->p = $slog->Permissions();
    $breadcrumb->Add($lang->phrase('rules_title'));
    echo $tpl->parse("header");
    echo $tpl->parse("menu");
    $rules = $lang->get_words('rules');
    ($code = $plugins->load('misc_rules_prepared')) ? eval($code) : null;
function forum_opt($array, $check = 'forum')
{
    global $my, $lang, $tpl;
    extract($array, EXTR_PREFIX_ALL, 'f');
    if ($f_opt == 'pw' && (!isset($my->pwfaccess[$f_id]) || $my->pwfaccess[$f_id] != $f_optvalue)) {
        if (!$tpl->tplsent('header')) {
            echo $tpl->parse('header');
        }
        if (!$tpl->tplsent('menu')) {
            echo $tpl->parse('menu');
        }
        GoBoardPW($f_optvalue, $f_id);
    } elseif ($f_opt == "re") {
        error($lang->phrase('forumopt_re'), $f_optvalue);
    } elseif ($f_invisible == 2) {
        error($lang->phrase('query_string_error'));
    } elseif (($check == 'postreplies' || $check == 'posttopics' || $check == 'edit') && $f_readonly == '1') {
        error($lang->phrase('forum_is_read_only'));
    } elseif ($my->p[$check] == 0 || $my->p['forum'] == 0) {
        errorLogin();
    }
}
    } else {
        removeOldImages('uploads/pics/', $my->id);
    }
    if (count($error) == 0 && file_exists($my->pic) == false) {
        $error[] = $lang->phrase('unknown_error');
    }
    if (count($error) > 0) {
        error($error, 'editprofile.php?action=pic');
    } else {
        ($code = $plugins->load('editprofile_pic2_query')) ? eval($code) : null;
        $db->query("UPDATE {$db->pre}user SET pic = '{$my->pic}' WHERE id = '{$my->id}' LIMIT 1");
        ok($lang->phrase('editprofile_pic_success'), "editprofile.php?action=pic" . SID2URL_x);
    }
} elseif ($_GET['action'] == "pic") {
    if ($my->p['usepic'] == 0) {
        errorLogin($lang->phrase('not_allowed'), "editprofile.php");
    }
    $breadcrumb->Add($lang->phrase('editprofile_pic'));
    echo $tpl->parse("header");
    echo $tpl->parse("menu");
    $filetypes = str_replace(",", $lang->phrase('listspacer'), $config['avfiletypes']);
    $filesize = formatFilesize($config['avfilesize']);
    $size = '';
    if ($config['avwidth'] > 0) {
        $size .= $lang->phrase('editprofile_pic_w1');
    } else {
        $size .= $lang->phrase('editprofile_pic_w2');
    }
    if ($config['avheight'] > 0) {
        $size .= $lang->phrase('editprofile_pic_h1');
    } else {
Example #8
0
SELECT topic, posts, sticky, status, last, board, vquestion, prefix
FROM ' . $db->pre . 'topics
WHERE id = ' . $_GET['id'] . '
LIMIT 1
');
$info = $gpc->prepare($db->fetch_assoc($result));
$my->p = $slog->Permissions($info['board']);
$error = array();
if ($db->num_rows($result) < 1) {
    $error[] = $lang->phrase('query_string_error');
}
if ($my->p['forum'] == 0) {
    $error[] = $lang->phrase('not_allowed');
}
if (count($error) > 0) {
    errorLogin($error);
}
$catbid = $scache->load('cat_bid');
$fc = $catbid->get();
$last = $fc[$info['board']];
if ($last['topiczahl'] < 1) {
    $last['topiczahl'] = $config['topiczahl'];
}
$prefix = '';
if ($info['prefix'] > 0) {
    $prefix_obj = $scache->load('prefix');
    $prefix_arr = $prefix_obj->get($info['board']);
    if (isset($prefix_arr[$info['prefix']])) {
        $prefix = $prefix_arr[$info['prefix']]['value'];
        $prefix = $lang->phrase('showtopic_prefix_title');
    }
    ($code = $plugins->load('newtopic_startvote_prepared')) ? eval($code) : null;
    echo $tpl->parse("newtopic/startvote");
    ($code = $plugins->load('newtopic_startvote_end')) ? eval($code) : null;
} elseif ($_GET['action'] == "savevote") {
    $temp = $gpc->get('temp', int);
    $topic_id = $gpc->get('topic_id', int);
    if (!empty($_POST['Update'])) {
        $_POST['notice']['question'] = $_POST['question'];
        $fid = save_error_data($_POST['notice']);
        $slog->updatelogged();
        $db->close();
        viscacha_header("Location: newtopic.php?action=startvote&id={$board}&topic_id={$topic_id}&temp={$temp}&fid=" . $fid . SID2URL_x);
        exit;
    }
    if ($my->p['addvotes'] == 0 || !empty($info['vquestion'])) {
        errorLogin($lang->phrase('not_allowed'), "showforum.php?id=" . $info['board'] . SID2URL_x);
    }
    $result = $db->query('SELECT id, vquestion, board FROM ' . $db->pre . 'topics WHERE id = "' . $topic_id . '" LIMIT 1');
    $info = $db->fetch_assoc($result);
    $error = $sqlwhere = array();
    if ($db->num_rows($result) != 1) {
        $error[] = $lang->phrase('query_string_error');
    }
    if (strxlen($_POST['question']) > $config['maxtitlelength']) {
        $error[] = $lang->phrase('question_too_long');
    }
    if (strxlen($_POST['question']) < $config['mintitlelength']) {
        $error[] = $lang->phrase('question_too_short');
    }
    if (count_filled($_POST['notice']) < 2) {
        $error[] = $lang->phrase('min_replies_vote');
function forum_opt($opt, $optvalue, $bid, $check = 'forum')
{
    global $my, $lang, $tpl;
    if ($opt == 'pw' && (!isset($my->pwfaccess[$bid]) || $my->pwfaccess[$bid] != $optvalue)) {
        if (!$tpl->tplsent('header')) {
            echo $tpl->parse('header');
        }
        if (!$tpl->tplsent('menu')) {
            echo $tpl->parse('menu');
        }
        GoBoardPW($optvalue, $bid);
    } elseif ($opt == "re") {
        error($lang->phrase('forumopt_re'), $optvalue);
    } elseif ($my->p[$check] == 0 || $my->p['forum'] == 0) {
        errorLogin();
    }
}
	while ($row = $db->fetch_num($votes)) {
		$voteaids[] = $row[0];
	}
	if (count($voteaids) > 0) {
		$db->query ("DELETE FROM {$db->pre}votes WHERE id IN (".implode(',', $voteaids).")");
		$anz += $db->affected_rows();
	}
	$db->query ("DELETE FROM {$db->pre}vote WHERE tid = '{$info['id']}'");
	$anz += $db->affected_rows();
	$db->query("UPDATE {$db->pre}topics SET vquestion = '' WHERE id = '{$info['id']}'");

	ok($lang->phrase('x_entries_deleted'),"showforum.php?id=".$info['board'].SID2URL_x);
}
elseif ($action == "pdelete") {
	if ($my->mp[0] == 1 && $my->mp[4] == 0) {
		errorLogin($lang->phrase('not_allowed'), 'showtopic.php?id='.$info['id'].SID2URL_x);
	}
	$ids = $gpc->get('ids', arr_int);
	if (count($ids) == 0) {
		error($lang->phrase('no_data_selected'));
	}

	$iid = implode(',', $ids);

	if ($config['updatepostcounter'] == 1 && $last['count_posts'] == 1) {
		$result = $db->query("SELECT COUNT(*) AS posts, name FROM {$db->pre}replies WHERE guest = '0' AND id IN ({$iid}) GROUP BY name");
		while ($row = $db->fetch_assoc($result)) {
			$db->query("UPDATE {$db->pre}user SET posts = posts-{$row['posts']} WHERE id = '{$row['name']}'");
		}
	}
Example #12
0
     $error[] = $lang->phrase('not_allowed');
 }
 $sqlfields = '';
 ($code = $plugins->load('profile_ims_start')) ? eval($code) : null;
 if ($_GET['type'] == 'icq' || $_GET['type'] == 'aol' || $_GET['type'] == 'yahoo' || $_GET['type'] == 'msn' || $_GET['type'] == 'jabber' || $_GET['type'] == 'skype') {
     $imtext = $lang->phrase('im_' . $_GET['type']);
 } else {
     $error[] = $lang->phrase('query_string_error');
 }
 $result = $db->query("SELECT id, name, icq, aol, yahoo, msn, jabber, skype {$sqlfields} FROM {$db->pre}user WHERE id = '{$_GET['id']}'");
 $row = $slog->cleanUserData($db->fetch_assoc($result));
 if (empty($row[$_GET['type']])) {
     $error[] = $lang->phrase('im_no_data');
 }
 if (count($error) > 0) {
     errorLogin($error, 'profile.php?id=' . $_GET['id'] . SID2URL_x);
 } else {
     $t = $_GET['type'];
     $d = $row[$_GET['type']];
     $breadcrumb->Add($imtext);
     echo $tpl->parse("header");
     echo $tpl->parse("menu");
     include "classes/class.imstatus.php";
     $imstatus = new IMStatus();
     $status = $imstatus->{$t}($d);
     if ($status) {
         $imstatus = $lang->phrase('im_status_' . $status);
     } else {
         $imstatus = $lang->phrase('im_no_connection') . '<!-- Error #' . $imstatus->error(IM_ERRNO) . ' occurred during query: ' . $imstatus->error(IM_ERRSTR) . ' -->';
     }
     ($code = $plugins->load('profile_ims_prepared')) ? eval($code) : null;
    echo $tpl->parse("menu");
    ($code = $plugins->load('newtopic_startvote_prepared')) ? eval($code) : null;
    echo $tpl->parse("newtopic/startvote");
    ($code = $plugins->load('newtopic_startvote_end')) ? eval($code) : null;
} elseif ($_GET['action'] == "savevote") {
    $result = $db->query('SELECT id, vquestion FROM ' . $db->pre . 'topics WHERE id = "' . $_GET['topic_id'] . '" LIMIT 1');
    $info = $db->fetch_assoc($result);
    $error = array();
    if ($my->p['addvotes'] == 0 || !empty($info['vquestion'])) {
        $error[] = $lang->phrase('not_allowed');
    }
    if ($db->num_rows() != 1) {
        $error[] = $lang->phrase('query_string_error');
    }
    if (count($error) > 0) {
        errorLogin($error, "showforum.php?id=" . $board . SID2URL_x);
    }
    $error = array();
    if (strxlen($_POST['question']) > $config['maxtitlelength']) {
        $error[] = $lang->phrase('question_too_long');
    }
    if (strxlen($_POST['question']) < $config['mintitlelength']) {
        $error[] = $lang->phrase('question_too_short');
    }
    if (count_filled($_POST['notice']) < 2) {
        $error[] = $lang->phrase('min_replies_vote');
    }
    if (count_filled($_POST['notice']) > 50) {
        $error[] = $lang->phrase('max_replies_vote');
    }
    ($code = $plugins->load('newtopic_savevote_errorhandling')) ? eval($code) : null;
            $to = array('0' => array('name' => $old['name'], 'mail' => $old['email']));
            $from = array();
            xmail($to, $from, $data['title'], $data['comment']);
        }
    }
    if ($config['updateboardstats'] == 1) {
        UpdateBoardStats($board);
        UpdateBoardStats($_POST['opt_0']);
    } else {
        UpdateBoardLastStats($board);
        UpdateBoardLastStats($_POST['opt_0']);
    }
    ok($lang->phrase('x_entries_moved'), 'showforum.php?id=' . $board . SID2URL_x);
} elseif ($_GET['action'] == "delete") {
    if ($my->mp[0] == 1 && $my->mp[4] == 0) {
        errorLogin($lang->phrase('not_allowed'), 'manageforum.php?action=index&amp;id=' . $board . '&amp;type=' . $_GET['action'] . SID2URL_x);
    }
    if (count($_POST['delete']) == 0) {
        $slog->updatelogged();
        $db->close();
        if (empty($_GET['action'])) {
            $url = 'showforum.php?id=' . $board . SID2URL_JS_x;
        } else {
            $url = 'manageforum.php?action=index&id=' . $board . '&type=' . $_GET['action'] . SID2URL_JS_x;
        }
        sendStatusCode(307, $config['furl'] . '/' . $url);
        exit;
    }
    $ids = implode(',', $_POST['delete']);
    if ($config['updatepostcounter'] == 1 && $info['count_posts'] == 1) {
        $result = $db->query("SELECT COUNT(*) AS posts, name FROM {$db->pre}replies WHERE guest = '0' AND topic_id IN({$ids}) GROUP BY name");