function history_get()
{
global $DB, $Parse, $Core;
$last = MD5($DB->value("SELECT extract(epoch from stamp) FROM chat ORDER BY stamp DESC LIMIT 1"));
// Technically, we should add the ignore WHERE clause on to the above, but...
if (session('id')) {
$DB->query("UPDATE member SET last_chat=now() WHERE id=\$1", array(session('id')));
}
if ($last == id()) {
print $last;
exit_clean();
}
if ($list = array_keys($Core->list_ignored(session('id')))) {
$list = implode(",", $list);
} else {
$list = "0";
}
$DB->query("SELECT\n extract(epoch from c.stamp) as stamp,\n c.member_id as member_id,\n m.name as name,\n c.chat as chat\n FROM\n chat c\n LEFT JOIN\n member m\n ON\n m.id=c.member_id\n WHERE\n c.member_id NOT IN ({$list})\n ORDER BY c.stamp DESC LIMIT 100");
$chats = $DB->load_all();
if ($chats === FALSE) {
print $last;
exit_clean();
}
$chats = array_reverse($chats);
$output = $last;
foreach ($chats as $chat) {
$output .= date("h:i:s A", $chat['stamp']) . " | ";
$output .= "<strong>" . $Core->member_link($chat['name']) . "</strong>: ";
$output .= "<span>" . $Parse->run($chat['chat']) . "</span><br/>\n";
}
print str_replace(": <span>/me ", "<span> ", $output);
exit_clean();
}
function resetlink_get()
{
global $Security, $DB;
if (id() && $Security->is_admin(session('id')) && md5(session_id()) == cmd(3)) {
$DB->query("SELECT email_signup||pass FROM member WHERE id=\$1", array(id()));
$hash = md5($DB->load_result() . time());
$DB->update("member", "id", id(), array("reset" => $hash));
print "http://{$_SERVER['HTTP_HOST']}/member/reset/{$hash}/";
}
exit_clean();
}
function editpost_post()
{
$Data = new Data();
if (trim(post('body')) == "") {
print "You must enter a post body.";
} else {
if (!$Data->thread_post_update($_POST, id())) {
print "Your thread was not submitted.";
}
}
exit_clean();
}
function reply_post()
{
$Data = new Data();
if (trim(post('body')) == "") {
print "You must enter a post body.";
} else {
if (!$Data->thread_post_insert($_POST)) {
print "Your post was not submitted.";
}
}
exit_clean();
}
function speak_post()
{
global $DB;
if (!session('id') || !post('msg')) {
return;
}
if (post('msg') != "") {
$insert = array();
$insert['member_id'] = session('id');
$insert['chat'] = post('msg');
$DB->insert("chat", $insert);
}
exit_clean();
}
function accept_post()
{
global $DB;
// read the post from PayPal system and add 'cmd'
$req = "cmd=_notify-validate";
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&{$key}={$value}";
}
// send post back to paypal
$url = "http://www.paypal.com/cgi-bin/webscr";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
$res = curl_exec($ch);
curl_close($ch);
if (strcmp($res, "VERIFIED") == 0) {
// if correct item and email continue
if (post('item_name') == FUNDRAISER_ITEM_NAME) {
// prep data for insertion/updating
$data = array();
$data['fundraiser_id'] = FUNDRAISER_ID;
$data['payment_status'] = post('payment_status');
$data['payer_email'] = post('payer_email');
$data['txn_id'] = post('txn_id');
$data['payment_fee'] = '$' . post('payment_fee');
$data['payment_gross'] = '$' . post('payment_gross');
// if transaction exists, update it otherwise insert it
if ($DB->check("SELECT true FROM donation WHERE txn_id=\$1 AND fundraiser_id=\$2", array(post('txn_id'), FUNDRAISER_ID))) {
$DB->update("donation", "txn_id", post('txn_id'), $data);
} else {
$DB->insert("donation", $data);
}
}
} else {
$email = "";
foreach ($_POST as $key => $value) {
$email .= "{$key}={$value}\n";
}
send_email(ADMIN_EMAIL, "donation failure: {$res}", $email);
}
exit_clean();
}
function addmember_post()
{
global $Core;
if (!post('names')) {
exit;
}
$respond = "";
$members = post('names');
$members = array_unique(explode(",", $members));
foreach ($members as $member) {
if ($id = $Core->idfromname(strtolower(str_replace(SPACE, "", $member)))) {
if ($id == session('id')) {
continue;
}
$respond .= $id . "," . $Core->member_link($member) . ",";
}
}
print substr($respond, 0, -1);
exit_clean();
}
function history_get()
{
global $DB, $Parse, $Core;
$last = MD5($DB->value("SELECT extract(epoch from stamp) FROM chat ORDER BY stamp DESC LIMIT 1"));
if ($last == id()) {
print $last;
exit_clean();
}
if (session('id')) {
$DB->query("UPDATE member SET last_chat=now() WHERE id=\$1", array(session('id')));
}
$DB->query("SELECT\r\n extract(epoch from c.stamp) as stamp,\r\n c.member_id as member_id,\r\n m.name as name,\r\n c.chat as chat\r\n FROM\r\n chat c\r\n LEFT JOIN\r\n member m\r\n ON\r\n m.id=c.member_id\r\n ORDER BY c.stamp DESC LIMIT 100");
$chats = array_reverse($DB->load_all());
$output = $last;
foreach ($chats as $chat) {
$output .= date("h:i:s A", $chat['stamp']) . " | ";
$output .= "<strong>" . $Core->member_link($chat['name']) . "</strong>: ";
$output .= "<span>" . $Parse->run($chat['chat']) . "</span><br/>\n";
}
print str_replace(": <span>/me ", "<span> ", $output);
exit_clean();
}
function editcolors_post()
{
global $DB, $Core;
$theme = array();
foreach ($_POST as $key => $val) {
if (substr($key, 0, 1) == "_" || $key == "theme") {
continue;
}
switch ($key) {
case "font":
case "fontsize":
break;
case "body":
case "even":
case "odd":
case "me":
case "readbar":
$val = "#" . substr($val, 0, 6);
break;
case "hover":
if ($val == "none") {
$val = "transparent";
} else {
$val = "#" . substr($val, 0, 6);
}
break;
default:
continue;
break;
}
$theme[$key] = strip_tags($val);
}
$save = serialize($theme);
if ($Core->member_pref(session('id'), "theme")) {
$DB->query("UPDATE member_pref SET value=\$1 WHERE member_id=\$2 AND pref_id=15", array($save, session('id')));
} else {
$insert = array();
$insert['member_id'] = session('id');
$insert['pref_id'] = 15;
$insert['value'] = $save;
$DB->insert("member_pref", $insert);
}
return to_index("/");
exit_clean();
}
function reset_get()
{
global $DB;
$DB->query("SELECT id,reset FROM member WHERE reset=\$1", array(id()));
if ($data = $DB->load_array()) {
$pass = md5($data['reset']);
$update = array("reset" => null, "pass" => md5($pass));
$DB->update("member", "id", $data['id'], $update);
print "Your new password: {$pass}";
}
exit_clean();
}
require_once "class/Admin.php";
// search management
require_once "class/Plugin.php";
// plugins
$Security = new BoardSecurity();
$Core = new BoardCore();
$DB = new DB(DB, true);
$Parse = new BoardParse($_bbc_, $_rep_);
if (!session('id') && cookie('board')) {
$Security->login_cookie();
}
$Style = new BoardStyle(session('id'));
if (!isset($commandline)) {
ob_start();
if (!$DB->db) {
$Base = new Base();
$Base->title("Dead database!");
$Base->header();
$Base->footer();
} else {
$Core->command_parse();
if (get('ajax')) {
$buffer = ob_get_contents();
ob_end_clean();
print $buffer;
exit_clean();
}
$buffer = ob_get_contents();
ob_end_clean();
}
}
function togglefavorite_get()
{
global $DB, $Core;
if (!session('id')) {
print "failed to change";
exit_clean();
}
if ($Core->check_favorite(id())) {
$DB->query("DELETE FROM favorite WHERE thread_id=\$1 AND member_id=\$2", array(id(), session('id')));
print "add";
exit_clean();
} else {
$insert = array();
$insert['thread_id'] = id();
$insert['member_id'] = session('id');
$DB->insert("favorite", $insert);
print "remove";
exit_clean();
}
}
function undot_get()
{
global $DB, $Core;
if (!session('id')) {
print "undot failed.";
exit_clean();
}
$DB->query("UPDATE thread_member SET undot=true WHERE thread_id=\$1 AND member_id=\$2", array(id(), session('id')));
print "undotted";
exit_clean();
}
