function search()
{
global $logged;
if (!isset($_POST['submit'])) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "search_find.tpl";
$Temp->tp(__LINE__, __FILE__);
return $Temp->html;
} else {
$t = $_POST['s'] == 2 ? 1 : 2;
$type = $_POST['s'] == 2 ? '`topics`' : '`replies`';
$type_ = $_POST['s'] == 2 ? '`title`' : '`post`';
$query = htmlspecialchars($_POST['query']);
$sql = mysql_query("SELECT * FROM " . $type . " WHERE " . $type_ . " LIKE '%" . $query . "%'");
if (empty($query) || $query == "") {
pageerror("Search Error", "Something was blank.", "Looks like you left the search field blank, please go back and try again.");
}
if (mysql_num_rows($sql) <= 0) {
pageerror("Search Error", "Not found", "Looks like there wasn't post or topic in the database that matched your query.");
}
$content = "";
while ($row = mysql_fetch_array($sql)) {
switch ($t) {
case 1:
if (getFP($row['fid'], 1)) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "search_msg.tpl";
$Temp->tp(__LINE__, __FILE__);
$Temp->tr(array('TID' => $row['id'], 'TNAME' => $row['title'], 'UID' => getid($row['username']), 'DATE' => !empty($row['date']) ? date("m-d-y", $row['date']) : 'unknown', 'MESSAGE' => nl2br(bbcode_format(getFirstPost($row['id']))), 'POSTER' => $row['username']));
$content .= $Temp->html;
}
break;
case 2:
if (getFP(topic_parent_($row['id']), 1)) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "search_msg.tpl";
$Temp->tp(__LINE__, __FILE__);
$Temp->tr(array('TID' => $row['tid'], 'TNAME' => topicName($row['title']), 'UID' => getid($row['username']), 'DATE' => !empty($row['date']) ? date("m-d-y", $row['date']) : 'unknown', 'MESSAGE' => nl2br(bbcode_format($row['post'])), 'POSTER' => $row['username']));
$content .= $Temp->html;
}
break;
}
}
if (empty($content) || $content == "") {
pageerror("Search Error", "Not found", "Looks like there wasn't post or topic in the database that matched your query.");
}
return $content;
}
}
function RUN_Newtopic()
{
global $logged, $permissions;
if (is_numeric($_GET['id']) and !empty($_GET['id'])) {
$id = intval(htmlspecialchars($_GET['id']));
} else {
pageerror("Topic Error", "", "Sorry, but there wasn't a forum id present.");
}
if (!getFP($id, 3)) {
pageerror("Permission Error", "", "Sorry, but you don't have permissions to post a new topic.");
}
if (check_forum_lock($id) and $permissions['admin'] != 't') {
pageerror("Forum Locked", "", "Sorry, you can't post a topic in here because this forum is locked");
} else {
$post = htmlspecialchars($_POST['post']);
$ttitle = htmlspecialchars($_POST['title']);
$tdesc = htmlspecialchars($_POST['tdesc']);
$time = time();
if (!isset($_POST['newtopic'])) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "newtopic.tpl";
$Temp->tp();
$Temp->tr(array('TOPIC_NAME' => 'New Topic', 'TITLE' => '', 'DESC' => '', 'POST' => '', '<<HIDE>>' => '', '<<HIDE_2>>' => ''));
echo $Temp->html;
} else {
if (!$logged['username']) {
pageerror("Topic Error", "There was an error creating topic", "You don't have permissions to post a new topic!");
}
if (empty($post)) {
pageerror("Topic Error", "There was an error creating topic", "Please check your post because you left the topic post blank!");
} elseif (empty($ttitle)) {
pageerror("Topic Error", "There was an error creating topic", "Please check your post because you left the topic title blank!");
} else {
update_post_count();
$newtopic = mysql_query("INSERT INTO `topics`(`fid`,`date`,`timestamp`,`title`,`username`,`description`) VALUES('" . $id . "','" . $time . "','" . $time . "','" . $ttitle . "','" . $logged['username'] . "','" . $tdesc . "')") or die(pageerror("Topic Error", "Something went wrong in SQL", "Sorry, but your topic couldn't be created please contact the administrator with this error"));
$nreply = mysql_query("SELECT `id` FROM `topics` ORDER BY `id` DESC LIMIT 1") or die("ERROR");
$nreply = mysql_fetch_array($nreply);
finished("Topic Created!", "New Topic was Created!", "Thank you now your topic was sucessfully created.", "index.php?act=topicshow&id=" . $nreply['id']);
$new_reply = mysql_query("INSERT INTO `replies` (`tid`,`post`,`username`,`date`) VALUES('" . $nreply['id'] . "','" . $post . "','" . $logged['username'] . "','" . $time . "')") or die(pageerror("Reply Error", "There was a problem adding reply", "Something went wrong adding new reply"));
}
}
}
}
function RUN_Index()
{
global $logged;
//lets get the categories from DB ordering then by there custom order 0 is default
$nc = mysql_query("SELECT `id`,`title` FROM `categories` ORDER By categories.order ") or die(mysql_error());
//do a loop threw ALL categories and show the selected forums and forum information
while ($c = mysql_fetch_array($nc)) {
$forum_count = 0;
$forums_html = "";
//show the categories header
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "category_header.tpl";
$Temp->tp();
$Temp->tr(array('CAT_NAME' => $c['title']));
$forums_html .= $Temp->html;
//lets get the forums and its information from DB
$nc2 = mysql_query("SELECT `locked`,`description`,`id`, `title`,`replies`,`topics`,`lastvisited` FROM `forums` WHERE `cid` = '" . $c['id'] . "'") or die(mysql_error());
//lets loop threw all forums and get its individual forum information
while ($f = mysql_fetch_array($nc2)) {
//select the total replies for each forum
$total_topics_f = mysql_query("SELECT topics.id,replies.tid FROM `topics`,`replies` WHERE `fid` = '" . $f['id'] . "' AND topics.id = replies.tid") or die(mysql_error());
$total_topics_f_2 = mysql_num_rows($total_topics_f);
//select topic data from the database from these forums
$nlastpost = mysql_query("SELECT `id`,`title`,`username` FROM `topics` WHERE `fid` ='" . $f['id'] . "' ORDER BY timestamp DESC") or die(mysql_error());
$nlastpost1 = mysql_fetch_array($nlastpost);
$topicid = $nlastpost1['id'];
$topicuser = $nlastpost1['username'];
$topicnumber = mysql_num_rows($nlastpost);
//get latest replies from current forum
$allreplies = mysql_query("SELECT * FROM `replies` WHERE `tid` = '" . $topicid . "' ORDER BY `id` DESC ") or die(mysql_error());
$all_replies = mysql_fetch_array($allreplies);
//check if forum is locked
if ($f['locked'] == 't') {
$no_new_post = "<img src='styles/" . $logged['dskin'] . "/flocked.png' alt='Locked' />";
} else {
if ($f['lastvisited'] == "") {
$no_new_post = $total_topics_f_2 != 0 ? "<img src='styles/" . $logged['dskin'] . "/New.png' alt='New' />" : "<img src='styles/" . $logged['dskin'] . "/No%20New.png' alt='No-New' />";
} else {
$lID = $logged['id'];
$last_vdata = unserialize($f['lastvisited']);
$no_new_post = $last_vdata[$lID] < $total_topics_f_2 ? "<img src='styles/" . $logged['dskin'] . "/New.png' alt='New' />" : "<img src='styles/" . $logged['dskin'] . "/No%20New.png' alt='No-New' />";
}
}
//check if there we're any replies
if (empty($nlastpost1['title'])) {
$IN = "No Topics Here.";
} else {
$IN = "<a href=\"index.php?act=topicshow&id=" . $nlastpost1['id'] . "\">" . $nlastpost1['title'] . "</a>";
}
if ($all_replies['username'] == "") {
$BY = $topicuser;
} else {
$BY = $all_replies['username'];
}
$subforums = "";
$subForum = mysql_query("SELECT * FROM `forums` WHERE `sid` = '" . $f['id'] . "'");
if (mysql_num_rows($subForum) > 0) {
while ($subForumz = mysql_fetch_array($subForum)) {
$subforums .= "<a href='index.php?act=viewforum&id=" . $subForumz['id'] . "'>" . $subForumz['title'] . "</a>, ";
}
}
$subforums = $subforums != "" ? "<b>Children</b>: " . substr($subforums, 0, strlen($subforums) - 2) : '';
//show the forums
if (getFP($f['id'], 0)) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "idxforum.tpl";
$Temp->tp();
$Temp->tr(array('NEWPOST' => $no_new_post, 'FORUM_ID' => $f['id'], 'FORUM_NAME' => $f['title'], 'FORUM_DESC' => $f['description'], 'TOPICS' => $topicnumber, 'REPLIES' => $total_topics_f_2, 'LASTPOSTER' => $BY, 'UID' => getid($BY), 'TOPIC_LINK' => $IN, 'SUBFORUMS' => $subforums));
$forums_html .= $Temp->html;
$forum_count = $forum_count + 1;
}
}
$forums_html .= "</table>";
if ($forum_count > 0) {
echo $forums_html;
}
}
}
function RUN_Forums()
{
global $logged;
if (is_numeric($_GET['id'])) {
$id = intval(htmlspecialchars($_GET['id']));
//finish checking
} else {
pageerror("Forum Error", "", "Sorry, but there wasn't a forum id present.");
}
//Show Subforums here
$SubForums = mysql_query("SELECT * FROM `forums` WHERE `sid` = '" . $id . "'");
if (mysql_num_rows($SubForums) > 0) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "category_header.tpl";
$Temp->tp();
$Temp->tr(array("CAT_NAME" => "SubForums"));
echo $Temp->html;
while ($SubForum = mysql_fetch_array($SubForums)) {
//select the total replies for each forum
$total_replies = mysql_query("SELECT topics.id,replies.tid FROM `topics`,`replies` WHERE `fid` = '" . $SubForum['id'] . "' AND topics.id = replies.tid") or die(mysql_error());
$total_replies_ = mysql_num_rows($total_replies);
//select topic data from the database from these forums
$nlastpost = mysql_query("SELECT `id`,`title`,`username` FROM `topics` WHERE `fid` ='" . $SubForum['id'] . "' ORDER BY timestamp DESC") or die(mysql_error());
$nlastpost1 = mysql_fetch_array($nlastpost);
$topicid = $nlastpost1['id'];
$topicuser = $nlastpost1['username'];
$topicnumber = mysql_num_rows($nlastpost);
//get latest replies from current forum
$allreplies = mysql_query("SELECT * FROM `replies` WHERE `tid` = '" . $topicid . "' ORDER BY `id` DESC ") or die(mysql_error());
$all_replies = mysql_fetch_array($allreplies);
if ($f['lastvisited'] == "") {
$no_new_post = $total_topics_f_2 != 0 ? "<img src='styles/default/New.png' alt='New' />" : "<img src='styles/default/No%20New.png' alt='No-New' />";
} else {
$lID = $logged['id'];
$last_vdata = unserialize($f['lastvisited']);
$no_new_post = $last_vdata[$lID] < $total_topics_f_2 ? "<img src='styles/default/New.png' alt='New' />" : "<img src='styles/default/No%20New.png' alt='No-New' />";
}
//check if there we're any replies
if (empty($nlastpost1['title'])) {
$IN = "No Topics Here.";
} else {
$IN = "<a href=\"index.php?act=topicshow&id=" . $nlastpost1['id'] . "\">" . $nlastpost1['title'] . "</a>";
}
if ($all_replies['username'] == "") {
$BY = $topicuser;
} else {
$BY = $all_replies['username'];
}
if (getFP($SubForum['id'])) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "idxforum.tpl";
$Temp->tp();
$Temp->tr(array('NEWPOST' => $no_new_post, 'FORUM_ID' => $SubForum['id'], 'FORUM_NAME' => $SubForum['title'], 'FORUM_DESC' => $SubForum['description'], 'TOPICS' => $topicnumber, 'REPLIES' => $total_replies_, 'LASTPOSTER' => $BY, 'TOPIC_LINK' => $IN, 'SUBFORUMS' => ''));
echo $Temp->html;
}
}
echo "</table><br /><br /><br />";
}
//End Subforums here.
//total replies pagination limit
$ppt = mysql_query("SELECT `topicsperforum` FROM `boardstatus` LIMIT 1;");
$p_p_t = mysql_fetch_array($ppt);
$total_limit = intval($p_p_t['topicsperforum']);
if (!isset($_GET['p']) || empty($_GET['p']) || $_GET['p'] == 0) {
$page = 1;
} else {
if (!is_numeric($_GET['p'])) {
pageerror("Page Error", "", "Didn't specify a correct page id.");
} else {
$page = intval(mysql_real_escape_string($_GET['p']));
}
}
$limit_start = $page * $total_limit - $total_limit;
//do topic stuff with pagination
$topics = mysql_query("SELECT * FROM `topics` WHERE `fid` = '" . $id . "' AND `sticky` = '1' ORDER BY `timestamp` DESC LIMIT {$limit_start},{$total_limit}") or die(mysql_error());
$TTtopics = mysql_query("SELECT * FROM `topics` WHERE `fid` = '" . $id . "' ");
$has_topics = mysql_num_rows($TTtopics);
$forum_title = mysql_query("SELECT `locked`,`title`,`lastvisited` FROM `forums` WHERE `id` = '" . $id . "' ") or die("Couldn't fetch forum info");
$forum = mysql_fetch_array($forum_title);
if (!getFP($id, 0)) {
pageerror("Permission Error", "", "Sorry, but you don't have permissions viewing this forum.");
}
topic_pagination($id, $total_limit, 0);
echo "<br /><br />";
if ($forum['locked'] == 't') {
echo "\n\t\t\t\t\t\t\t<img src='styles/" . $logged['dskin'] . "/Lockd.png' /><br />\n\t\t\t\t\t\t";
} else {
echo "\n\t\t\t\t\t\t\t<a href=\"index.php?act=newtopic&id=" . $id . "\"><img src=\"styles/" . $logged['dskin'] . "/New%20topic.png\" alt='New Topic' style='border:1px solid black;margin-bottom:1px;' /></a>\n\t\t\t\t\t\t";
}
if ($has_topics == 0) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "forums_none.tpl";
$Temp->tp();
$Temp->tr(array('FORUM_NAME' => $forum['title']));
echo $Temp->html;
} else {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "forums_header.tpl";
$Temp->tp();
$Temp->tr(array('FORUM_NAME' => $forum['title']));
echo $Temp->html;
//do a check to see if topics are stickied
$pinned_t = mysql_query("SELECT * FROM `topics` WHERE `fid` = '" . $id . "' AND `sticky` = '0' ORDER BY `timestamp` DESC");
$totalpins = mysql_num_rows($pinned_t);
//show pinned topics
if ($totalpins != 0) {
echo '
<tr>
<td width="100%" class="small_title" colspan="4"><span>Pinned Topics</span></td>
</tr>
';
$totalrepliesever = 0;
while ($pinned = mysql_fetch_array($pinned_t)) {
$replizS = mysql_query("SELECT * FROM `replies` WHERE `tid` = '" . $pinned['id'] . "' ");
$replizS = mysql_num_rows($replizS);
$lastS = mysql_query("SELECT `username`,`date` FROM `replies` WHERE tid='" . $topic_info['id'] . "' ORDER BY `id` DESC");
$lastpS = mysql_fetch_array($lastS);
($lastposterS = mysql_num_rows($lastS)) != 0 ? $ltpS = $lastpS['username'] and $ltpdS = date("m-d-y", $lastpS['date']) : ($ltpS = $pinned['username']) and $ltpdS = date("m-d-y", $pinned['timestamp']);
$totalrepliesever += $replizS;
//Output pinned topics
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "forums_content.tpl";
$Temp->tp();
$Temp->tr(array('VIEWS' => $pinned['views'], 'REPLIES' => $replizS, 'TID' => $pinned['id'], 'TNAME' => $pinned['title'], 'AUTHOR' => $pinned['username'], 'UID' => getid($pinned['username']), 'DESC' => $pinned['description'], 'LASTP' => $ltpS, 'UID_2' => getid($ltpS), 'DATE' => $ltpdS));
echo $Temp->html;
}
if (mysql_num_rows($topics) > 0) {
echo '
<tr>
<td width="100%" class="small_title" colspan="4"><span>Normal Topics</span></td>
</tr>
';
}
}
while ($topic_info = mysql_fetch_array($topics)) {
$repliz = mysql_query("SELECT * FROM `replies` WHERE `tid` = '" . $topic_info['id'] . "' ");
$repliz = mysql_num_rows($repliz);
$totalrepliesever = $totalrepliesever + $repliz;
$last = mysql_query("SELECT `username`,`date` FROM `replies` WHERE `tid` = '" . $topic_info['id'] . "' ORDER BY `id` DESC");
$lastp = mysql_fetch_array($last);
($lastposter = mysql_num_rows($last)) != 0 ? $ltp = $lastp['username'] and $ltpd = date("m-d-y", $lastp['date']) : ($ltp = $topic_info['username']) and $ltpd = date("m-d-y", $topic_info['timestamp']);
//output normal topics
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "forums_content.tpl";
$Temp->tp();
$Temp->tr(array('VIEWS' => $topic_info['views'], 'REPLIES' => $repliz, 'TID' => $topic_info['id'], 'TNAME' => $topic_info['title'], 'AUTHOR' => $topic_info['username'], 'UID' => getid($topic_info['username']), 'DESC' => $topic_info['description'], 'LASTP' => $ltp, 'UID_2' => getid($ltp), 'DATE' => $ltpd));
echo $Temp->html;
}
$lfvisit = $forum['lastvisited'];
$lID = $logged['id'];
if ($lfvisit == "") {
$user_lv = serialize(array($logged['id'] => $totalrepliesever));
$up_lfv = mysql_query("UPDATE `forums` SET `lastvisited` ='" . $user_lv . "' WHERE `id` = '" . $id . "' ") or die("error updating last visited");
} else {
$lfvi = unserialize($lfvisit);
if ($lfvi[$lID] < $totalrepliesever || $lfvi[$lID] == "") {
$lfvi[$lID] = $totalrepliesever;
$up_lfv = mysql_query("UPDATE `forums` SET `lastvisited` ='" . serialize($lfvi) . "' WHERE `id` = '" . $id . "' ") or die("error updating last visited");
}
}
echo '
</table>
';
}
}
function RUN_Topic()
{
global $logged, $permissions;
if (is_numeric($_GET['id']) and !empty($_GET['id'])) {
$id = intval(htmlspecialchars($_GET['id']));
} else {
pageerror("Topic Error", "", "Sorry, but there wasn't a topic id present.");
}
if (!getFP(topic_parent_($id), 1)) {
pageerror("Permission Error", "", "Sorry, but you don't have permissions viewing this topic.");
}
//do some post stuff
//total replies pagination limit
$ppt = mysql_query("SELECT `postpertopic` FROM `boardstatus` LIMIT 1");
$p_p_t = mysql_fetch_array($ppt);
$total_limit = $p_p_t['postpertopic'];
topic_pagination($id, $total_limit);
$main = mysql_query("SELECT * FROM `topics` WHERE `id` = '" . $id . "' ");
$tmain = mysql_fetch_array($main);
$umain = mysql_query("SELECT * FROM `users` WHERE `username` = '" . $tmain['username'] . "'");
$fuser = mysql_fetch_array($umain);
$isSticked = $tmain['sticky'] == 1 ? "<a href='mode.php?type=sticktopic&tid=" . $id . "'>Sticky</a>" : "<a href='mode.php?type=unsticktopic&tid=" . $id . "'>Un-Sticky</a>";
$isLocked = $tmain['closed'] == 1 ? "<a href='mode.php?type=closetopic&tid=" . $id . "'>Lock</a>" : "<a href='mode.php?type=opentopic&tid=" . $id . "'>Un-Lock</a>";
//check if user has permissions
if ($permissions['admin'] == 't' || $permissions['e_topic'] == 't') {
$modet = "<a href='mode.php?type=edit&post=topic&id=" . $id . "'>Edit</a> | <a href='mode.php?type=move&post=topic&id=" . $id . "'>Move Topic</a> | " . $isSticked . " | " . $isLocked;
} elseif ($logged['username'] == $tmain['username'] && $permissions['e_topic'] == 't') {
$modet = "<a href='mode.php?type=edit&post=topic&id=" . $id . "'>Edit</a>";
} else {
$modet = "";
}
echo "<br />" . run_buttons($id);
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "topic_title.tpl";
$Temp->tp();
$Temp->tr(array('TITLE' => $tmain['title']));
echo $Temp->html;
//if($_GET['p'] == 1 || !isset($_GET['p']) )
// {
echo '
<tr>
<td colspan="2" class="small_title"><span style="float:left;"><b>Posted On:</b> ' . timezone_stamp($tmain['timestamp'], $logged['timezone']) . '</span><span style="float:right" class="small_title_link">' . $modet . '</span></td>
</tr>
';
//}
if (!isset($_GET['p']) || empty($_GET['p']) || $_GET['p'] == 0) {
$page = 1;
} else {
if (!is_numeric($_GET['p'])) {
pageerror("Page Error", "", "Didn't specify a correct page id.");
} else {
$page = intval(mysql_real_escape_string($_GET['p']));
}
}
$limit_start = $page * $total_limit - $total_limit;
//get replies
$replies = mysql_query("SELECT * FROM `replies` WHERE `tid` = '" . $id . "' ORDER BY `id` LIMIT {$limit_start},{$total_limit}") or die(mysql_error(__FILE__, __LINE__));
$has_replys = mysql_num_rows($replies);
if ($has_replys != 0) {
//check to see if there are any replies :D
while ($replys = mysql_fetch_array($replies)) {
//check if user has permissions
if ($permissions['admin'] == 't' || $permissions['d_post'] == 't') {
$modep = "<a href='mode.php?type=edit&post=reply&id=" . $replys['id'] . "&tid=" . $id . "'>Edit</a> | <a href='mode.php?type=delete&post=reply&id=" . $replys['id'] . "&tid=" . $id . "'>Delete</a>";
} elseif ($logged['username'] == $replys['username']) {
$modep = "<a href='mode.php?type=edit&post=reply&id=" . $replys['id'] . "&tid=" . $id . "'>Edit</a>";
} else {
$modep = "";
}
$usez = mysql_query("SELECT * FROM `users` WHERE `username` = '" . $replys['username'] . "'");
$useri = mysql_fetch_array($usez);
//show replies
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "topic_post.tpl";
$Temp->tp();
$Temp->tr(array('OPTIONS' => $modep, 'POSTER' => $replys['username'], 'AVY' => !empty($useri['avatar']) ? '<img width="100" height="100" src="' . $useri['avatar'] . '" alt="" /><br />' : '', 'DATE' => timezone_stamp($replys['date'], $logged['timezone']), 'GROUP' => group($useri['level']), 'UID' => $useri['id'], 'UPOST' => $useri['post'], 'POST' => nl2br(bbcode_format($replys['post'])) . "<br />__________________<br />" . ($useri['signature'] == '' ? ' ' : nl2br(bbcode_format($useri['signature'])))));
echo $Temp->html;
}
} else {
echo "\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td width='100%' class='rows' align='center'><em>There isn't any posts in this topic</em></td>\n\t\t\t\t\t</tr>\n\t\t\t\t";
}
echo ' </table> ' . run_buttons($id) . '<br />';
topic_pagination($id, $total_limit);
add_views($id);
}