default:
// Just print out a smilie.
?>
<td align="center" bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
" class="small">
<div class="medium"><?php
echo htmlsanitize($strTitle);
?>
</div>
<div style="padding: 5px;"><table cellpadding="2" cellspacing="0" border="0" height="35" style="vertical-align: middle"><tr><td style="vertical-align: middle"><img src="<?php
echo "{$CFG['paths']['smilies']}{$strFilename}";
?>
" alt="" /></td><td style="vertical-align: middle"><b><?php
echo htmlsanitize($strCode);
?>
</b></td></tr></table></div>
[<a href="admincp.php?section=smilies&action=edit&smilieid=<?php
echo $iSmilieID;
?>
">Edit</a>] [<a href="admincp.php?section=smilies&action=remove&smilieid=<?php
echo $iSmilieID;
?>
">Remove</a>]
</td>
<?php
break;
}
// Update the position.
if ($i != $iRowLength) {
<tr>
<td bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
" class="medium"><b>Usergroup</b></td>
<td bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
">
<select name="usergroupid">
<?php
foreach ($aGroup as $iGroupID => $temp) {
if ($iGroupID == $iUsergroupID) {
$strSelected = ' selected="selected"';
}
$strUsergroup = htmlsanitize($aGroup[$iGroupID]['groupname']);
echo "\t\t\t<option value=\"{$iGroupID}\"{$strSelected}>{$strUsergroup}</option>\n";
unset($strSelected);
}
?>
</select>
</td>
</tr>
</table>
<div style="text-align: center;"><br /><input type="submit" name="submit" value="Add User" accesskey="s" /></div>
</form>
<?php
// Footer
<td bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
" class="medium"><b>Parent Forum</b></td>
<td bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
">
<select name="parent">
<option value="0">None (new category)</option>
<?php
foreach ($aForums as $iForumID => $strForumName) {
if ($aForum['parent'] == $iForumID) {
$strSelected = 'selected="selected"';
}
$strForumName = htmlsanitize($strForumName);
echo "\t\t\t<option value=\"{$iForumID}\"{$strSelected}>{$strForumName}</option>\n";
}
?>
</select>
</td>
</tr>
</table>
<div style="text-align: center;"><br /><input type="submit" name="submit" value="Add Forum" accesskey="s" /></div>
</form>
<?php
// Footer
require "./skins/{$CFG['skin']}/footer.tpl.php";
" onchange="javascript:update(this);" /> <input id="link_a_preview" style="border: black solid 1px; background-color: <?php
echo $aStyles['link_a'];
?>
;" type="text" size="10" disabled="disabled" /></td>
</tr>
<tr>
<td bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
" class="medium"><b>Hover Link Color</b></td>
<td bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
" class="medium"><input type="text" name="link_h" size="10" value="<?php
echo htmlsanitize($aStyles['link_h']);
?>
" onchange="javascript:update(this);" /> <input id="link_h_preview" style="border: black solid 1px; background-color: <?php
echo $aStyles['link_h'];
?>
;" type="text" size="10" disabled="disabled" /></td>
</tr>
</table>
<div style="text-align: center;"><br /><input type="submit" name="submit" value="Save Changes" accesskey="s" /></div>
</form>
<?php
// Footer
require "./skins/{$CFG['skin']}/footer.tpl.php";
<?php
// Header
$strPageTitle = ' :: Admin Control Panel :. Remove Smilie';
require "./skins/{$CFG['skin']}/header.tpl.php";
?>
<table width="100%" cellspacing="0" cellpadding="2" border="0" align="center">
<tr>
<td align="left" valign="top"><a href="index.php"><img src="images/ovbb.png" align="middle" border="0" alt="<?php
echo htmlsanitize($CFG['general']['name']);
?>
:: Powered by OvBB" /></a></td>
<td width="100%" align="left" valign="top" class="medium"><b><a href="index.php"><?php
echo htmlsanitize($CFG['general']['name']);
?>
</a> > <a href="admincp.php">Admin Control Panel</a> > <a href="admincp.php?section=smilies">Smilies</a> > Remove Smilie</b></td>
</tr>
</table><br />
<?php
// Admin CP menu.
PrintCPMenu();
?>
<br />
<form action="admincp.php" method="post">
<input type="hidden" name="section" value="smilies" />
<input type="hidden" name="action" value="remove" />
<input type="hidden" name="smilieid" value="<?php
"><input type="text" name="title" size="35" maxlength="255" value="<?php
echo htmlsanitize($aSkin['title']);
?>
" /></td>
</tr>
<tr>
<td bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
" class="medium">
<b>Skin Folder</b>
<div class="smaller">This is the folder containing the skin/template files (located in "<b>skins/</b>").</div>
</td>
<td bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
"><input type="text" name="folder" size="35" maxlength="255" value="<?php
echo htmlsanitize($aSkin['folder']);
?>
" /></td>
</tr>
</table>
<div style="text-align: center;"><br /><input type="submit" name="submit" value="Add Skin" accesskey="s" /></div>
</form>
<?php
// Footer
require "./skins/{$CFG['skin']}/footer.tpl.php";
<td valign="top" bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
" class="medium" nowrap="nowrap">
<b>Message</b>
<div class="smaller"><br />
Note by using this form,<br />
your e-mail address will<br />
become available to the<br />
person you are contacting.
</div>
</td>
<td bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
">
<textarea name="body" cols="50" rows="10"><?php
echo htmlsanitize($aMessageInfo[BODY]);
?>
</textarea>
</td>
</tr>
</table><br />
<div style="text-align: center;"><input type="submit" name="submit" value="Send E-Mail" accesskey="s" /></div>
</form><br />
<?php
// Footer.
require "./skins/{$CFG['skin']}/footer.tpl.php";
function SendMessage()
{
global $CFG, $dbConn;
// Get the values from the user.
$strRecipient = $dbConn->sanitize($_REQUEST['recipient']);
$strSubject = $_REQUEST['subject'];
$iPostIcon = (int) $_REQUEST['icon'];
$strMessage = $_REQUEST['message'];
$bDisableSmilies = (int) (bool) $_REQUEST['dsmilies'];
$bTracking = (int) (bool) $_REQUEST['track'];
// Recipient
$dbConn->query("SELECT id, enablepms, rejectpms, ignorelist FROM citizen WHERE username='******'");
list($iRecipientID, $bEnablePMs, $bRejectPMs, $aIgnoreList) = $dbConn->getresult();
$aIgnoreList = (array) explode(',', $aIgnoreList);
// Does the user exist?
if ($iRecipientID === NULL) {
$aError[] = 'The user you specified does not exist.';
} else {
if ($iRecipientID == $_SESSION['userid']) {
$aError[] = 'You cannot send private messages to yourself.';
} else {
if (!$bEnablePMs) {
$aError[] = htmlsanitize("The message cannot be sent because {$strRecipient} has private messages disabled.");
} else {
if ($bRejectPMs && in_array($_SESSION['userid'], $aIgnoreList)) {
$aError[] = 'The user you specified does not accept private messages from members on their Ignore list.';
}
}
}
}
// Subject
if (trim($strSubject) == '') {
// They either put in only whitespace or nothing at all.
$aError[] = 'You must specify a subject.';
} else {
if (strlen($strSubject) > $CFG['maxlen']['subject']) {
// The subject they specified is too long.
$aError[] = "The subject you specified is longer than {$CFG['maxlen']['subject']} characters.";
}
}
$strSubject = $dbConn->sanitize($strSubject);
// Icon
if ($iPostIcon < 0 || $iPostIcon > 14) {
// They don't know what icon they want. We'll give them none.
$iPostIcon = 0;
}
// Message
if (trim($strMessage) == '') {
// They either put in only whitespace or nothing at all.
$aError[] = 'You must specify a message.';
} else {
if (strlen($strMessage) > $CFG['maxlen']['messagebody']) {
// The message they specified is too long.
$aError[] = "The message you specified is longer than {$CFG['maxlen']['messagebody']} characters.";
}
}
if ($_REQUEST['parseemails']) {
$strMessage = ParseEMails($strMessage);
}
$strMessage = $dbConn->sanitize($strMessage);
// If there was an error, let's return it.
if (is_array($aError)) {
return $aError;
}
// Add the message to the database.
$dbConn->query("INSERT INTO pm(ownerid, datetime, author, recipient, subject, body, parent, ipaddress, icon, dsmilies, beenread, tracking) VALUES({$iRecipientID}, {$CFG['globaltime']}, {$_SESSION['userid']}, {$iRecipientID}, '{$strSubject}', '{$strMessage}', 0, {$_SESSION['userip']}, {$iPostIcon}, {$bDisableSmilies}, 0, {$bTracking})");
// Did they want to save a copy?
if ($_REQUEST['savecopy']) {
// Yes, so do so.
$dbConn->query("INSERT INTO pm(ownerid, datetime, author, recipient, subject, body, parent, ipaddress, icon, dsmilies, beenread) VALUES({$_SESSION['userid']}, {$CFG['globaltime']}, {$_SESSION['userid']}, {$iRecipientID}, '{$strSubject}', '{$strMessage}', 1, {$_SESSION['userip']}, {$iPostIcon}, {$bDisableSmilies}, 0)");
}
// Was this message a reply to another one?
if ($_REQUEST['action'] == 'reply') {
// Yes, mark the original message as been replied.
$iMessageID = (int) $_REQUEST['id'];
$dbConn->query("UPDATE pm SET replied=1 WHERE id={$iMessageID} AND ownerid={$_SESSION['userid']}");
}
// Render the page.
Msg("<b>Your message has been successfully sent.</b><br /><br /><span class=\"smaller\">You should be redirected momentarily. Click <a href=\"private.php\">here</a> if you do not want to wait any longer or if you are not redirected.</span>", 'private.php');
}
echo ' <img src="images/sort_asc.png" style="vertical-align: middle;" alt="Ascending" />';
} else {
echo ' <img src="images/sort_desc.png" style="vertical-align: middle;" alt="Descending" />';
}
}
?>
</td>
</tr></table>
</td>
</tr>
<?php
// Display the members.
foreach ($aMembers as $iMemberID => $aMember) {
// Do some value preparation.
$aMember[USERNAME] = htmlsanitize($aMember[USERNAME]);
$aMember[WEBSITE] = htmlsanitize($aMember[WEBSITE]);
$aMember[ONLINE] = $aMember[ONLINE] ? 'online' : 'offline';
// Set the color.
$strColor = $strColor == $CFG['style']['table']['cella'] ? $CFG['style']['table']['cellb'] : $CFG['style']['table']['cella'];
?>
<tr>
<td bgcolor="<?php
echo $strColor;
?>
" width="40%" align="left" valign="middle" colspan="2">
<table cellspacing="0" cellpadding="0" border="0">
<tr>
<td align="center" valign="middle"><img src="images/<?php
if ($aMember[ONLINE] == 'offline') {
echo 'in';
}
echo $CFG['style']['table']['cellb'];
?>
" class="small" style="border-width: 1px; border-style: inset"><b>Smilies</b></td>
</tr>
<?php
// Display the Smilie table.
SmilieTable($aSmilies);
?>
</table>
</td>
<td bgcolor="<?php
echo $CFG['style']['table']['cellb'];
?>
">
<textarea name="message" cols="70" rows="20"><?php
echo htmlsanitize($aEventInfo['body']);
?>
</textarea>
<div class="smaller">[<a href="#" onclick="javascript:alert('The maximum permitted length is <?php
echo $CFG['maxlen']['messagebody'];
?>
characters.\n\nYour event information is '+document.theform.message.value.length+' characters long.');">Check length.</a>]</div>
</td>
</tr>
<tr>
<td bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
" class="medium" nowrap="nowrap"><b>Options</b></td>
<td bgcolor="<?php
echo $CFG['style']['table']['cellb'];
?>
" class="small" style="border-width: 1px; border-style: inset"><b>Smilies</b></td>
</tr>
<?php
// Display the Smilie table.
SmilieTable($aSmilies);
?>
</table>
</td>
<td bgcolor="<?php
echo $CFG['style']['table']['cellb'];
?>
">
<textarea name="message" cols="70" rows="20"><?php
echo htmlsanitize($strMessage);
?>
</textarea>
<div class="smaller">[<a href="#" onclick="javascript:alert('The maximum permitted length is <?php
echo $CFG['maxlen']['messagebody'];
?>
characters.\n\nYour message is '+document.theform.message.value.length+' characters long.');">Check message length.</a>]</div>
</td>
</tr>
<tr>
<td valign="top" bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
" class="medium" nowrap="nowrap"><b>Options</b></td>
<td bgcolor="<?php
function SavePost($aPostInfo)
{
global $CFG, $dbConn, $iRootID, $aAttachments, $aPostIcons;
$iPostID = $aPostInfo['id'];
$iThreadID = $aPostInfo['parent'];
// Initiate some variables.
$aToDelete = array();
$iAddedAttachments = 0;
$iRemovedAttachments = 0;
// Grab the info. specified by the user.
$strSubject = $_REQUEST['subject'];
$strThreadDesc = $_REQUEST['description'];
$iPostIcon = (int) $_REQUEST['icon'];
$strBody = $_REQUEST['message'];
$bParseURLs = (bool) $_REQUEST['parseurls'];
$bParseEMails = (bool) $_REQUEST['parseemails'];
$bDisableSmilies = (int) (bool) $_REQUEST['dsmilies'];
$aDeleteAttachments = $_REQUEST['deleteattach'];
// Subject
if (trim($strSubject) == '' && $iPostID == $iRootID) {
// This post is the thread root, and they either put in only whitespace or nothing at all.
$aError[] = 'You must specify a subject.';
} else {
if (strlen($strSubject) > $CFG['maxlen']['subject']) {
// The subject they specified is too long.
$aError[] = "The subject you specified is longer than {$CFG['maxlen']['subject']} characters.";
}
}
$strCleanSubject = $dbConn->sanitize($strSubject);
// Description
if (strlen($strThreadDesc) > $CFG['maxlen']['desc']) {
// The description they specified is too long.
$aError[] = "The description you specified is longer than {$CFG['maxlen']['desc']} characters.";
}
$strThreadDesc = $dbConn->sanitize($strThreadDesc);
// Icon
if ($iPostIcon < 0 || $iPostIcon > count($aPostIcons) - 1) {
// They don't know what icon they want. We'll give them none.
$iPostIcon = 0;
}
// Body
if (trim($strBody) == '') {
// They either put in only whitespace or nothing at all.
$aError[] = 'You must specify a message.';
} else {
if (strlen($strBody) > $CFG['maxlen']['messagebody']) {
// The body they specified is too long.
$aError[] = "The message you specified is longer than {$CFG['maxlen']['messagebody']} characters.";
}
}
$strCleanBody = $dbConn->sanitize($strBody);
// Attachment
if (isset($_FILES['attachment']) && $_FILES['attachment']['error'] != UPLOAD_ERR_NO_FILE) {
// What is the problem?
switch ($_FILES['attachment']['error']) {
// Upload was successful?
case UPLOAD_ERR_OK:
// Is it bigger than the allowable maximum?
if ($_FILES['attachment']['size'] > $CFG['uploads']['maxsize']) {
$aError[] = "The attachment you uploaded is too large. The maximum allowable filesize is {$CFG['uploads']['maxsize']} bytes.";
}
// Is it an invalid filetype?
if (!isset($CFG['uploads']['oktypes'][strtolower(substr(strrchr($_FILES['attachment']['name'], '.'), 1))])) {
$aError[] = 'The file you uploaded is an invalid type of attachment. Valid types are: ' . htmlsanitize(implode(', ', array_keys($CFG['uploads']['oktypes']))) . '.';
}
// If there are no errors, grab the data from the temporary file.
if (!is_array($aError)) {
$strAttachmentName = $dbConn->sanitize($_FILES['attachment']['name']);
if ($fileUploaded = fopen($_FILES['attachment']['tmp_name'], 'rb')) {
$blobAttachment = $dbConn->sanitize(fread($fileUploaded, 65536), TRUE);
} else {
$aError[] = 'There was a problem while reading the attachment. If this problem persists, please contact the Webmaster.';
}
}
break;
// File is too big?
// File is too big?
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
$aError[] = "The attachment you uploaded is too large. The maximum allowable filesize is {$CFG['uploads']['maxsize']} bytes.";
break;
// File was partially uploaded?
// File was partially uploaded?
case UPLOAD_ERR_PARTIAL:
$aError[] = 'The attachment was only partially uploaded.';
break;
// WTF happened?
// WTF happened?
default:
$aError[] = 'There was an error while uploading the attachment.';
break;
}
}
// If there was an error, let's return it.
if ($aError) {
return $aError;
}
// Update the post's record.
$dbConn->query("UPDATE post SET datetime_edited={$CFG['globaltime']}, title='{$strCleanSubject}', body='{$strCleanBody}', icon={$iPostIcon}, dsmilies={$bDisableSmilies} WHERE id={$iPostID}");
// Was this post the thread root?
if ($iPostID == $iRootID) {
// Yes, update the thread description.
$dbConn->query("UPDATE thread SET title='{$strCleanSubject}', icon={$iPostIcon}, description='{$strThreadDesc}' WHERE id={$iThreadID}");
}
// Store the attachment, if there is one.
if ($fileUploaded) {
// Insert the first chunk of the file.
$dbConn->query("INSERT INTO attachment(filename, filedata, viewcount, parent) VALUES('{$strAttachmentName}', '{$blobAttachment}', 0, {$iPostID})");
// Get the ID of the attachment we just created.
$iAttachmentID = $dbConn->getinsertid('attachment');
// Insert the rest of the file, if any, into the database.
while (!feof($fileUploaded)) {
$blobAttachment = $dbConn->sanitize(fread($fileUploaded, 65536), TRUE);
$dbConn->squery(CONCAT_ATTACHMENT, $blobAttachment, $iAttachmentID);
}
// Close the temporary file.
fclose($fileUploaded);
// Increment the added attachment count.
$iAddedAttachments++;
}
// Are there any attachments to delete?
if (is_array($aDeleteAttachments) && is_array($aAttachments)) {
// Yes, so remove the ones that don't belong to this post.
foreach ($aDeleteAttachments as $iAttachmentID => $null) {
// Is the attachment in this post?
if (array_key_exists($iAttachmentID, $aAttachments) && !array_search($iAttachmentID, $aToDelete)) {
// Yes, so add the attachment to the list to delete.
$aToDelete[] = $iAttachmentID;
}
}
// Are there still attachments to delete?
if (is_array($aToDelete)) {
// Yes, so delete them.
$strToDelete = implode(', ', $aToDelete);
$dbConn->query("DELETE FROM attachment WHERE id IN ({$strToDelete})");
// Set the removed attachments counter.
$iRemovedAttachments = count($aToDelete);
}
}
// Are there any changes to the number of attachments in this post (and therefore the parent thread)?
$iAttachmentCount = $iAddedAttachments - $iRemovedAttachments;
if ($iAttachmentCount != 0) {
// Yes, so update the thread's record.
$dbConn->query("UPDATE thread SET attachcount=attachcount+({$iAttachmentCount}) WHERE id={$iThreadID}");
}
// Remove all searchindexes for this post.
$dbConn->query("DELETE FROM searchindex WHERE postid={$iPostID}");
// Now let's re-add the message into the search engine index.
AddSearchIndex($iPostID, $strSubject, $strBody);
// Update the user.
Msg("<b>Your changes have been successfully saved.</b><br /><br /><span class=\"smaller\">You should be redirected to your post momentarily. Click <a href=\"thread.php?threadid={$iThreadID}&postid={$iPostID}#post{$iPostID}\">here</a> if you do not want to wait any longer or if you are not redirected.</span>", "thread.php?threadid={$iThreadID}&postid={$iPostID}#post{$iPostID}");
}
" cellpadding="5" cellspacing="1" border="0" align="center">
<tr class="section">
<td align="center" class="small">Extension</td>
<td align="center" class="small">Icon</td>
<td align="center" class="small">MIME Type</td>
<td align="center" class="small" colspan="2">Actions</td>
</tr>
<?php
foreach ($CFG['uploads']['oktypes'] as $strExtension => $aType) {
// Sanitize the file type's information.
$strExtA = htmlsanitize($strExtension);
$strExtB = urlencode($strExtension);
$strIcon = urlencode($aType[0]);
$strMIME = htmlsanitize($aType[1]);
// Display the information.
echo "<tr>\n";
echo "\t<td align=\"center\" bgcolor=\"{$CFG['style']['table']['cellb']}\">{$strExtA}</td>\n";
echo "\t<td align=\"center\" bgcolor=\"{$CFG['style']['table']['cellb']}\"><img src=\"images/attach/{$strIcon}\" alt=\"\" /></td>\n";
echo "\t<td align=\"center\" bgcolor=\"{$CFG['style']['table']['cellb']}\">{$strMIME}</td>\n";
echo "\t<td bgcolor=\"{$CFG['style']['table']['cellb']}\"><a href=\"admincp.php?section=attachments&action=edit&type={$strExtB}\">Edit</a></td>\n";
echo "\t<td bgcolor=\"{$CFG['style']['table']['cellb']}\"><a href=\"admincp.php?section=attachments&action=remove&type={$strExtB}\">Remove</a></td>\n";
echo "</tr>\n";
}
?>
<tr class="section"><td align="center" class="smaller" colspan="5"><a class="section" href="admincp.php?section=attachments&action=add">Add New File Type</a></td></tr>
</table>
</td></tr>
function SubmitPost()
{
global $CFG, $dbConn, $aPostIcons, $iThreadID, $iForumID;
// Get the values from the user.
$strSubject = $_REQUEST['subject'];
$iPostIcon = (int) $_REQUEST['icon'];
$strMessage = $_REQUEST['message'];
$bParseEMails = (int) (bool) $_REQUEST['parseemails'];
$bDisableSmilies = (int) (bool) $_REQUEST['dsmilies'];
// Floodcheck
if (!$_SESSION['permissions']['cbypassflood'] && $_SESSION['lastpost'] + $CFG['floodcheck'] > $CFG['globaltime']) {
Msg("Sorry! The administrator has specified that users can only post one message every {$CFG['floodcheck']} seconds.", '', 'justify');
}
// Subject
if (strlen($strSubject) > $CFG['maxlen']['subject']) {
// The subject they specified is too long.
$aError[] = "The subject you specified is longer than {$CFG['maxlen']['subject']} characters.";
}
$strCleanSubject = $dbConn->sanitize($strSubject);
// Icon
if ($iPostIcon < 0 || $iPostIcon > count($aPostIcons) - 1) {
// They don't know what icon they want. We'll give them none.
$iPostIcon = 0;
}
// Message
if (trim($strMessage) == '') {
// They either put in only whitespace or nothing at all.
$aError[] = 'You must specify a message.';
} else {
if (strlen($strMessage) > $CFG['maxlen']['messagebody']) {
// The message they specified is too long.
$aError[] = "The message you specified is longer than {$CFG['maxlen']['messagebody']} characters.";
}
}
if ($bParseEMails) {
$strMessage = ParseEMails($strMessage);
}
$strCleanMessage = $dbConn->sanitize($strMessage);
// Attachment
if (isset($_FILES['attachment']) && $_FILES['attachment']['error'] != UPLOAD_ERR_NO_FILE) {
// What is the problem?
switch ($_FILES['attachment']['error']) {
// Upload was successful?
case UPLOAD_ERR_OK:
// Is it bigger than 100KB?
if ($_FILES['attachment']['size'] > $CFG['uploads']['maxsize']) {
$aError[] = "The attachment you uploaded is too large. The maximum allowable filesize is {$CFG['uploads']['maxsize']} bytes.";
}
// Is it an invalid filetype?
if (!isset($CFG['uploads']['oktypes'][strtolower(substr(strrchr($_FILES['attachment']['name'], '.'), 1))])) {
$aError[] = 'The file you uploaded is an invalid type of attachment. Valid types are: ' . htmlsanitize(implode(', ', array_keys($CFG['uploads']['oktypes']))) . '.';
}
// If there are no errors, grab the data from the temporary file.
if (!is_array($aError)) {
$strAttachmentName = $dbConn->sanitize($_FILES['attachment']['name']);
if ($fileUploaded = fopen($_FILES['attachment']['tmp_name'], 'rb')) {
$blobAttachment = $dbConn->sanitize(fread($fileUploaded, 65536), TRUE);
} else {
$aError[] = 'There was a problem while reading the attachment. If this problem persists, please contact the Webmaster.';
}
}
break;
// File is too big?
// File is too big?
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
$aError[] = "The attachment you uploaded is too large. The maximum allowable filesize is {$CFG['uploads']['maxsize']} bytes.";
break;
// File was partially uploaded?
// File was partially uploaded?
case UPLOAD_ERR_PARTIAL:
$aError[] = 'The attachment was only partially uploaded.';
break;
// WTF happened?
// WTF happened?
default:
$aError[] = 'There was an error while uploading the attachment.';
break;
}
}
// If there was an error, let's return it.
if (is_array($aError)) {
return $aError;
}
// First we obviously need the post in the post table.
$dbConn->query("INSERT INTO post(author, datetime_posted, title, body, parent, ipaddress, icon, dsmilies) VALUES({$_SESSION['userid']}, {$CFG['globaltime']}, '{$strCleanSubject}', '{$strCleanMessage}', {$iThreadID}, {$_SESSION['userip']}, {$iPostIcon}, {$bDisableSmilies})");
// Before we continue, get the ID of the post we just created.
$iPostID = $dbConn->getinsertid('post');
// Second, we need to update record of the thread we are posting to.
$dbConn->query("UPDATE thread SET lpost={$CFG['globaltime']}, lposter={$_SESSION['userid']}, postcount=postcount+1 WHERE id={$iThreadID}");
// Get the post count of the thread we replied to, so we can figure the last page.
$dbConn->query("SELECT postcount FROM thread WHERE id={$iThreadID}");
list($iPostCount) = $dbConn->getresult();
// Third, we need to update the record of the forum that contains the thread we are posting to.
$dbConn->query("UPDATE board SET postcount=postcount+1, lpost={$CFG['globaltime']}, lposter={$_SESSION['userid']}, lthread={$iThreadID}, lthreadpcount={$iPostCount} WHERE id={$iForumID}");
// Fourth, we need to update the poster's postcount.
$dbConn->query("UPDATE citizen SET postcount=postcount+1 WHERE id={$_SESSION['userid']}");
// And finally, we need to store the attachment, if there is one.
if ($fileUploaded) {
// Insert the first chunk of the file.
$dbConn->query("INSERT INTO attachment(filename, filedata, viewcount, parent) VALUES('{$strAttachmentName}', '{$blobAttachment}', 0, {$iPostID})");
// Get the ID of the attachment we just created.
$iAttachmentID = $dbConn->getinsertid('attachment');
// Insert the rest of the file, if any, into the database.
while (!feof($fileUploaded)) {
$blobAttachment = $dbConn->sanitize(fread($fileUploaded, 65536), TRUE);
$dbConn->squery(CONCAT_ATTACHMENT, $blobAttachment, $iAttachmentID);
}
// Close the temporary file.
fclose($fileUploaded);
// Update the attachment count for the thread.
$dbConn->query("UPDATE thread SET attachcount=attachcount+1 WHERE id={$iThreadID}");
}
// Now let's add the message into the search engine index.
AddSearchIndex($iPostID, $strSubject, $strMessage);
// Update the forum stats.
$dbConn->query("UPDATE stats SET content=content+1 WHERE name='postcount'");
// Set user's last post time.
$_SESSION['lastpost'] = $CFG['globaltime'];
// What page is this new post on (so we can redirect them)?
$iPage = ceil($iPostCount / $_SESSION['postsperpage']);
// Render the page.
Msg("<b>Thank you for posting.</b><br /><br /><span class=\"smaller\">You should be redirected to your post momentarily. Click <a href=\"thread.php?threadid={$iThreadID}&page={$iPage}#post{$iPostID}\">here</a> if you do not want to wait any longer or if you are not redirected.</span>", "thread.php?threadid={$iThreadID}&page={$iPage}#post{$iPostID}");
}
<td align="center" class="small">Order</td>
<td align="center" class="small" colspan="2">Actions</td>
</tr>
<?php
foreach ($aCategory as $iCategoryID => $temp) {
$aCategory[$iCategoryID][NAME] = htmlsanitize($aCategory[$iCategoryID][NAME]);
echo "\t<tr>\n";
echo "\t\t<td bgcolor=\"{$CFG['style']['table']['cellb']}\"><b><a href=\"forumdisplay.php?forumid={$iCategoryID}\">{$aCategory[$iCategoryID][NAME]}</a></b></td>\n";
echo "\t\t<td bgcolor=\"{$CFG['style']['table']['cellb']}\"><input type=\"text\" name=\"forumid[{$iCategoryID}]\" size=\"5\" value=\"{$aCategory[$iCategoryID][DISPORDER]}\" /></td>\n";
echo "\t\t<td bgcolor=\"{$CFG['style']['table']['cellb']}\"><a href=\"admincp.php?section=forums&action=edit&forumid={$iCategoryID}\">Edit</a></td>\n";
echo "\t\t<td bgcolor=\"{$CFG['style']['table']['cellb']}\"><a href=\"admincp.php?section=forums&action=remove&forumid={$iCategoryID}\">Remove</a></td>\n";
echo "\t</tr>\n";
foreach ($aForum as $iForumID => $temp) {
if ($aForum[$iForumID][PARENT] == $iCategoryID) {
$aForum[$iForumID][NAME] = htmlsanitize($aForum[$iForumID][NAME]);
echo "\t<tr>\n";
echo "\t\t<td bgcolor=\"{$CFG['style']['table']['cellb']}\"> -- <b><a href=\"forumdisplay.php?forumid={$iForumID}\">{$aForum[$iForumID][NAME]}</a></b></td>\n";
echo "\t\t<td bgcolor=\"{$CFG['style']['table']['cellb']}\"><input type=\"text\" name=\"forumid[{$iForumID}]\" size=\"5\" value=\"{$aForum[$iForumID][DISPORDER]}\" /></td>\n";
echo "\t\t<td bgcolor=\"{$CFG['style']['table']['cellb']}\"><a href=\"admincp.php?section=forums&action=edit&forumid={$iForumID}\">Edit</a></td>\n";
echo "\t\t<td bgcolor=\"{$CFG['style']['table']['cellb']}\"><a href=\"admincp.php?section=forums&action=remove&forumid={$iForumID}\">Remove</a></td>\n";
echo "\t</tr>\n";
}
}
}
?>
<tr class="section"><td align="center" class="smaller" colspan="4"><a class="section" href="admincp.php?section=forums&action=add">Add New Forum</a></td></tr>
</table>
</td></tr>
<td align="left" class="smaller" nowrap="nowrap" width="50%">
<form action="forumdisplay.php" method="post">
<b>Forum Jump</b>:<br />
<select name="forumid" onchange="window.location=('forumdisplay.php?forumid='+this.options[this.selectedIndex].value);">
<option>Please select one:</option>
<?php
// Print out all of the forums.
foreach ($aCategories as $iCategoryID => $strCategory) {
// Print the category.
$strCategory = htmlsanitize($strCategory);
echo "\t\t\t<option value=\"{$iCategoryID}\">{$strCategory}</option>\n";
// Print the category's children forums.
foreach ($aBoards as $iBoardID => $aBoard) {
// Only process if it's a child forum.
if ($aBoard[0] == $iCategoryID) {
$aBoard[1] = htmlsanitize($aBoard[1]);
echo "\t\t\t<option value=\"{$iBoardID}\">-- {$aBoard[1]}</option>\n";
}
}
}
?>
</select>
<input style="vertical-align: text-bottom;" name="submit" type="image" src="images/go.png" />
</form>
</td>
<td align="right" class="smaller" width="50%">
<table border="0" cellpadding="0" cellspacing="0">
<tr><td align="left"><b>Admin Options:</b></td></tr>
<tr><td>
<form action="mod.php" method="post">
$dateAuthorLastActive = $aAuthor[LASTACTIVE];
$bInvisible = $aAuthor[INVISIBLE];
$datePosted = $aPost[DT_POSTED];
$dateEdited = $aPost[DT_EDITED];
$strPostTitle = htmlsanitize($aPost[TITLE]);
$strPostBody = $aPost[BODY];
$bDisableSmilies = $aPost[DSMILIES];
$bLoggedIP = $aPost[LOGGEDIP];
$strReadStatus = $aPost[DT_POSTED] > $tLastViewed ? 'new.png' : 'old.png';
// Set the status flag.
$bIsOnline = $dateAuthorLastActive + 300 >= $CFG['globaltime'] && !$bInvisible && $aAuthor[ONLINE] ? TRUE : FALSE;
// For guests.
if ($iPostAuthor == 0) {
$strAuthorTitle = $aGroup[0]['usertitle'];
list($strPostAuthor, $strPostBody) = explode("\n", $strPostBody);
$strPostAuthor = htmlsanitize($strPostAuthor);
}
// Parse the message.
$strPostBody = ParseMessage($strPostBody, $bDisableSmilies);
// Parse the signature.
$strAuthorSignature = ParseMessage($strAuthorSignature, FALSE);
?>
<table bgcolor="<?php
echo $CFG['style']['table']['bgcolor'];
?>
" width="100%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<td bgcolor="<?php
echo $CFG['style']['table']['cellb'];
?>
"><?php
echo htmlsanitize($aCategory[NAME]);
?>
</option>
<?php
// Print the forums under this category.
foreach ($aForums as $iBoardID => $aForum) {
// Only process this forum if it's under the current category.
if ($aForum[PARENT] == $iCategoryID) {
// Print the forum.
?>
<option value="<?php
echo $iBoardID;
?>
">-- <?php
echo htmlsanitize($aForum[NAME]);
?>
</option>
<?php
}
}
}
?>
</select>
<input style="vertical-align: text-bottom;" name="submit" type="image" src="images/go.png" />
</form>
</td>
<td align="right" class="smaller" width="50%">
<table border="0" cellpadding="0" cellspacing="0">
<tr><td align="left"><b>Search this forum:</b></td></tr>
" /></td>
</tr>
<tr>
<td bgcolor="<?php
echo $CFG['style']['table']['cellb'];
?>
" class="medium">
<b>File Name</b>
<div class="smaller">This is the name of the smilie image (located in "<b><?php
echo $CFG['paths']['smilies'];
?>
</b>").</div>
</td>
<td bgcolor="<?php
echo $CFG['style']['table']['cellb'];
?>
"><input type="text" name="filename" size="35" maxlength="255" value="<?php
echo htmlsanitize($aSmilie['filename']);
?>
" /></td>
</tr>
</table>
<div style="text-align: center;"><br /><input type="submit" name="submit" value="Save Changes" accesskey="s" /></div>
</form>
<?php
// Footer
require "./skins/{$CFG['skin']}/footer.tpl.php";
?>
<a class="heading" style="font-weight: normal;" href="usercp.php?section=ignorelist&action=add&userid=<?php
echo $aUserInfo[USERID];
?>
">Add <b><?php
echo htmlsanitize($aUserInfo[USERNAME]);
?>
</b> to your Ignore list.</a><?php
} else {
if ($aUserInfo[IGNORED]) {
?>
<a class="heading" style="font-weight: normal;" href="usercp.php?section=ignorelist&action=remove&userid=<?php
echo $aUserInfo[USERID];
?>
">Remove <b><?php
echo htmlsanitize($aUserInfo[USERNAME]);
?>
</b> from your Ignore list.</a><?php
}
}
?>
</td>
</tr>
</table>
<div class="smaller" align="left"><br /><?php
echo TimeInfo();
?>
</div>
function ValidateIgnoreList($aIgnoreList)
{
global $CFG, $dbConn;
// Put the array of ignorant usernames into a plaintext string for use in our SQL query.
$strIgnoreList = implode("', '", array_map(array($dbConn, 'sanitize'), $aIgnoreList));
// Swap the keys with the values of the Ignore list array.
$aIgnoreList = array_flip($aIgnoreList);
// Empty all of the values, leaving only the keys (usernames).
foreach ($aIgnoreList as $k => $v) {
$aIgnoreList[$k] = NULL;
}
// Get the usernames of each of the ignorants in our list.
$dbConn->query("SELECT id, username FROM citizen WHERE username IN ('{$strIgnoreList}')");
while ($aSQLResult = $dbConn->getresult(TRUE)) {
// Store the ID in the Ignore list, corresponding with its username.
$aIgnoreList[$aSQLResult['username']] = $aSQLResult['id'];
}
// Find any invalid usernames in the list.
foreach ($aIgnoreList as $strUsername => $iUserID) {
if ($iUserID == NULL) {
// Return the error.
$strUsername = htmlsanitize($strUsername);
return array("'{$strUsername}' appears to be an invalid user.");
} else {
if ($iUserID == $_SESSION['userid']) {
return array('You can\'t ignore yourself.');
}
}
}
// Put the Ignore list into a plaintext string for use in our SQL query.
$strIgnoreList = implode(',', $aIgnoreList);
// Save the new Ignore list to the member's record.
$dbConn->query("UPDATE citizen SET ignorelist='{$strIgnoreList}' WHERE id={$_SESSION['userid']}");
// Update the user's live Ignore list.
$_SESSION['ignorelist'] = (array) array_values($aIgnoreList);
// Get our Buddy list.
$dbConn->query("SELECT buddylist FROM citizen WHERE id={$_SESSION['userid']}");
list($strBuddyList) = $dbConn->getresult();
// Remove our ignorants from our Buddy list.
if ($strBuddyList) {
$aBuddyList = array_diff(explode(',', $strBuddyList), $aIgnoreList);
$strBuddyList = implode(',', $aBuddyList);
$dbConn->query("UPDATE citizen SET buddylist='{$strBuddyList}'");
}
// Show them the success page.
ListSuccess('Ignore');
}
function AvatarTable($iAvatar, $aAvatars)
{
global $CFG;
echo "\n\n<table cellpadding=\"10\" cellspacing=\"1\" border=\"0\" bgcolor=\"{$CFG['style']['table']['bgcolor']}\" align=\"center\">\n";
$iRowLength = 4;
// Display the Avatars table.
$i = 0;
foreach ($aAvatars as $iAvatarID => $aAvatar) {
// Get the avatar's properties.
$strTitle = $aAvatar['title'];
$strFilename = $aAvatar['filename'];
// Where are we?
switch ($i) {
// First in row?
case 0:
// Start a new row AND print out a avatar.
?>
<tr>
<td align="center" bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
" class="medium">
<img src="<?php
echo "{$CFG['paths']['avatars']}{$strFilename}";
?>
" alt="" /><br />
<input type="radio" name="avatarid" value="<?php
echo $iAvatarID;
?>
"<?php
if ($iAvatar == $iAvatarID) {
echo ' checked="checked"';
}
?>
/><?php
echo htmlsanitize($strTitle);
?>
</td>
<?php
break;
// Last in row?
// Last in row?
case $iRowLength:
// Print out a avatar AND end the row.
?>
<td align="center" bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
" class="medium">
<img src="<?php
echo "{$CFG['paths']['avatars']}{$strFilename}";
?>
" alt="" /><br />
<input type="radio" name="avatarid" value="<?php
echo $iAvatarID;
?>
"<?php
if ($iAvatar == $iAvatarID) {
echo ' checked="checked"';
}
?>
/><?php
echo htmlsanitize($strTitle);
?>
</td>
</tr>
<?php
break;
// In the middle?
// In the middle?
default:
// Just print out a avatar.
?>
<td align="center" bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
" class="medium">
<img src="<?php
echo "{$CFG['paths']['avatars']}{$strFilename}";
?>
" alt="" /><br />
<input type="radio" name="avatarid" value="<?php
echo $iAvatarID;
?>
"<?php
if ($iAvatar == $iAvatarID) {
echo ' checked="checked"';
}
?>
/><?php
echo htmlsanitize($strTitle);
?>
</td>
<?php
break;
}
// Update the position.
if ($i != $iRowLength) {
$i++;
} else {
$i = 0;
}
}
// Clean-up.
if ($i > 0 && $i < ++$iRowLength) {
// Last avatar was in the middle, so we need to end the left-over row.
for ($x = $i; $x < $iRowLength; $x++) {
echo "\t<td align=\"center\" bgcolor=\"{$CFG['style']['table']['cella']}\" class=\"medium\"> </td>\n";
}
echo "</tr>\n";
}
echo "\n</table>\n\n";
}
" /></td>
</tr>
<tr>
<td bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
" class="medium">
<b>File Name</b>
<div class="smaller">This is the filename of the avatar image (located in "<b><?php
echo $CFG['paths']['avatars'];
?>
</b>").</div>
</td>
<td bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
"><input type="text" name="filename" size="35" maxlength="255" value="<?php
echo htmlsanitize($aAvatar['filename']);
?>
" /></td>
</tr>
</table>
<div style="text-align: center;"><br /><input type="submit" name="submit" value="Add Avatar" accesskey="s" /></div>
</form>
<?php
// Footer
require "./skins/{$CFG['skin']}/footer.tpl.php";
<select name="forumid" onchange="window.location=('forumdisplay.php?forumid='+this.options[this.selectedIndex].value);">
<option>Please select one:</option>
<?php
// Print out all of the forums.
reset($aCategory);
while (list($iCategoryID) = each($aCategory)) {
// Print the category.
$aCategory[$iCategoryID] = htmlsanitize($aCategory[$iCategoryID]);
echo "\t\t\t<option value=\"{$iCategoryID}\">{$aCategory[$iCategoryID]}</option>\n";
// Print the forums under this category.
reset($aForum);
while (list($iForumID) = each($aForum)) {
// Only process this forum if it's under the current category.
if ($aForum[$iForumID][0] == $iCategoryID) {
// Print the forum.
$aForum[$iForumID][1] = htmlsanitize($aForum[$iForumID][1]);
echo "\t\t\t<option value=\"{$iForumID}\">-- {$aForum[$iForumID][1]}</option>\n";
}
}
}
?>
</select>
<input style="vertical-align: text-bottom;" name="submit" type="image" src="images/go.png" />
</form>
</td>
</tr>
</table>
<br /><br /><br />
<?php
<?php
}
// Display any events for this day.
if (isset($aEvents[$iDay]) && $bInMonth) {
?>
<div class="smaller" style="margin: 3px;">
<?php
foreach ($aEvents[$iDay] as $iEventID => $aEvent) {
// Only display if it's either public or if it's private and the user that created it is logged in.
if ($aEvent[ISPRIVATE] == 0 || $aEvent[ISPRIVATE] == 1 && $_SESSION['userid'] == $aEvent[AUTHOR]) {
?>
- <a href="calendar.php?action=viewevent&eventid=<?php
echo $iEventID;
?>
"><?php
echo htmlsanitize($aEvent[TITLE]);
?>
</a><br />
<?php
}
}
?>
</div>
<?php
}
?>
</td>
<?php
}
// End the week row.
echo "</tr>\n";
"><input type="text" name="mime" size="35" maxlength="255" value="<?php
echo htmlsanitize($aAttachment['mime']);
?>
" /></td>
</tr>
<tr>
<td bgcolor="<?php
echo $CFG['style']['table']['cellb'];
?>
" class="medium">
<b>File Name</b>
<div class="smaller">This is the name of the attachment icon image (located in "<b>images/attach/</b>").</div>
</td>
<td bgcolor="<?php
echo $CFG['style']['table']['cellb'];
?>
"><input type="text" name="filename" size="35" maxlength="255" value="<?php
echo htmlsanitize($aAttachment['filename']);
?>
" /></td>
</tr>
</table>
<div style="text-align: center;"><br /><input type="submit" name="submit" value="Save Changes" accesskey="s" /></div>
</form>
<?php
// Footer
require "./skins/{$CFG['skin']}/footer.tpl.php";
">Remove</a>]
</td>
</tr>
<?php
break;
// In the middle?
// In the middle?
default:
// Just print out an icon.
?>
<td align="center" bgcolor="<?php
echo $CFG['style']['table']['cella'];
?>
" class="small">
<div class="medium"><?php
echo htmlsanitize($strTitle);
?>
</div>
<div><img src="<?php
echo "{$CFG['paths']['posticons']}{$strFilename}";
?>
" alt="" /></div>
[<a href="admincp.php?section=posticons&action=edit&posticonid=<?php
echo $iPostIconID;
?>
">Edit</a>] [<a href="admincp.php?section=posticons&action=remove&posticonid=<?php
echo $iPostIconID;
?>
">Remove</a>]
</td>
<?php
function GetLocation($strLastLocation, $aRequest)
{
global $CFG;
// Sanitize the request array.
$aRequest = array_map('urlencode', $aRequest);
// Location descriptions
$aLocations['admincp.php'][NULL] = 'Administrating...';
$aLocations['attachment.php'][NULL] = 'Viewing Attachment';
$aLocations['calendar.php'][NULL] = 'Viewing <a href="calendar.php">Calendar</a>';
$aLocations['calendar.php']['action=addevent'] = 'Adding Event to the <a href="calendar.php">Calendar</a>';
$aLocations['calendar.php']['action=viewevent'] = 'Viewing a Calendar Event';
$aLocations['editpost.php'][NULL] = 'Editing Post';
$aLocations['forumdisplay.php'][NULL] = 'Viewing <a href="forumdisplay.php?forumid={$aRequest[forumid]}">Forum</a>';
$aLocations['index.php'][NULL] = htmlsanitize($CFG['general']['name']) . ' <a href="index.php">Main Index</a>';
$aLocations['member.php'][NULL] = 'Recovering Member Details';
$aLocations['member.php']['action=getprofile'] = 'Viewing Profile of a Forum Member';
$aLocations['member.php']['action=login'] = '******';
$aLocations['member.php']['action=logout'] = 'Logging Out';
$aLocations['member.php']['action=request'] = 'Recovering Member Details';
$aLocations['member.php']['action=reset'] = 'Resetting Member Details';
$aLocations['member.php']['action=mailuser'] = '******';
$aLocations['memberlist.php'][NULL] = 'Viewing <a href="memberlist.php">Memberlist</a>';
$aLocations['mod.php'][NULL] = 'Moderating';
$aLocations['newreply.php'][NULL] = 'Replying to <a href="thread.php?threadid={$aRequest[threadid]}">Thread</a>';
$aLocations['newthread.php'][NULL] = 'Posting New Thread';
$aLocations['online.php'][NULL] = 'Viewing <a href="online.php">Who\'s Online</a>';
$aLocations['poll.php'][NULL] = 'Using the Polling System';
$aLocations['poll.php']['action=newpoll'] = 'Posting New Poll';
$aLocations['poll.php']['action=vote'] = 'Voting in Poll';
$aLocations['poll.php']['action=showresults'] = 'Viewing Results of <a href="poll.php?action=showresults&pollid={$aRequest[pollid]}">Poll</a>';
$aLocations['posters.php'][NULL] = 'Viewing Who Posted in Thread';
$aLocations['private.php'][NULL] = 'Using the Private Messaging System';
$aLocations['private.php']['action=viewmessage'] = 'Reading a Private Message';
$aLocations['private.php']['action=newmessage'] = 'Sending a Private Message';
$aLocations['private.php']['action=reply'] = 'Replying to a Private Message';
$aLocations['register.php'][NULL] = 'Registering...';
$aLocations['search.php'][NULL] = 'Searching Forums';
$aLocations['thread.php'][NULL] = 'Viewing <a href="thread.php?threadid={$aRequest[threadid]}">Thread</a>';
$aLocations['thread.php']['action=showpost'] = 'Viewing <a href="thread.php?action=showpost&postid={$aRequest[postid]}">Post</a>';
$aLocations['usercp.php'][NULL] = 'Viewing User Control Panel';
$aLocations['usercp.php']['section=profile'] = 'Editing Forum Profile';
$aLocations['usercp.php']['section=options'] = 'Editing Forum Options';
$aLocations['usercp.php']['section=avatar'] = 'Updating User Avatar';
$aLocations['usercp.php']['section=password'] = '******';
$aLocations['usercp.php']['section=buddylist'] = 'Editing Buddy List';
$aLocations['usercp.php']['section=ignorelist'] = 'Editing Ignore List';
// Are they viewing a page that has more than one location description entry?
if (count($aLocations[$strLastLocation]) > 1) {
// Yes. Look for the entry that has a querystring that matches the user's location.
foreach ($aLocations[$strLastLocation] as $strQueryString => $v) {
// Extract the querystring.
parse_str($strQueryString, $x);
// Parse the querystring.
foreach ($x as $k => $v) {
if ($aRequest[$k] != $v) {
$bNoMatch = TRUE;
break;
}
}
// Do the querystrings match?
if (!$bNoMatch) {
// Yes, use that location description.
$strLocationDesc = $aLocations[$strLastLocation][$strQueryString];
} else {
// Unset the flag.
unset($bNoMatch);
}
}
// Did we find a location description?
if (!$strLocationDesc) {
// No, so they must be viewing the root page.
$strLocationDesc = $aLocations[$strLastLocation][NULL];
}
} else {
// No.
$strLocationDesc = $aLocations[$strLastLocation][NULL];
}
// Parse the location description.
$strLocationDesc = str_replace('"', '\\"', $strLocationDesc);
@eval("\$strLocationDesc = \"{$strLocationDesc}\";");
// Return the location description.
return $strLocationDesc;
}
"><input type="text" name="groupname" size="35" maxlength="255" value="<?php echo htmlsanitize($aUsergroup['groupname']); ?> " /></td> </tr> <tr> <td bgcolor="<?php echo $CFG['style']['table']['cella']; ?> " class="medium"><b>User Status</b></td> <td bgcolor="<?php echo $CFG['style']['table']['cella']; ?> "><input type="text" name="usertitle" size="35" maxlength="255" value="<?php echo htmlsanitize($aUsergroup['usertitle']); ?> " /></td> </tr> <tr class="section"> <td colspan="2" class="medium">User Permissions</td> </tr> <tr> <td bgcolor="<?php echo $CFG['style']['table']['cellb']; ?> " class="medium"><b>Can view attachments?</b></td> <td bgcolor="<?php echo $CFG['style']['table']['cellb'];
<table cellpadding="4" cellspacing="1" border="0" bgcolor="<?php
echo $CFG['style']['table']['bgcolor'];
?>
" width="100%" align="center">
<tr class="heading">
<td width="10%" align="center" valign="middle" class="smaller">Delete?</td>
<td width="90%" align="center" valign="middle" class="smaller">Post</td>
</tr>
<?php
// Display the posts.
foreach ($aPosts as $iPostID => $aPost) {
// Store the post information temporarily.
$iAuthorID = $aPost[AUTHOR];
$strAuthor = htmlsanitize($aUsernames[$aPost[AUTHOR]]);
$tPostDate = $aPost[POSTDATE];
$strPost = ParseMessage($aPost[BODY], TRUE, TRUE);
// Set the color.
$strColor = $strColor == $CFG['style']['table']['cella'] ? $CFG['style']['table']['cellb'] : $CFG['style']['table']['cella'];
?>
<tr>
<td bgcolor="<?php
echo $strColor;
?>
" class="smaller" align="center" valign="middle">
<input type="checkbox" name="postid[]" value="<?php
echo $iPostID;
?>
" checked="checked" />
