?> " /> </div> </form> <?php require_once "include_footer.php"; die; } // insert the new thread into ttf_thread $sql = "INSERT INTO ttf_thread " . "SET forum_id={$forum_id}, " . " author_id={$ttf["uid"]}, " . " posts=1, " . " date=UNIX_TIMESTAMP(), " . " title='" . clean($title) . "' "; if (!($result = mysql_query($sql))) { showerror(); } $thread_id = mysql_insert_id(); // insert the post into the respective thread $sql = "INSERT INTO ttf_post " . "SET thread_id={$thread_id}, " . " author_id={$ttf["uid"]}, " . " date=UNIX_TIMESTAMP(), " . " body='" . clean(outputbody($body)) . "' "; if (!($result = mysql_query($sql))) { showerror(); } $post_id = mysql_insert_id(); // insert the thread as a base revision $sql = "INSERT INTO ttf_revision " . "SET ref_id={$thread_id}, " . " type='thread', " . " author_id={$ttf["uid"]}, " . " date=UNIX_TIMESTAMP(), " . " ip='{$_SERVER["REMOTE_ADDR"]}', " . " body='" . clean($title) . "' "; if (!($result = mysql_query($sql))) { showerror(); } // insert the post as a base revision $sql = "INSERT INTO ttf_revision " . "SET ref_id={$post_id}, " . " type='post', " . " author_id={$ttf["uid"]}, " . " date=UNIX_TIMESTAMP(), " . " ip='{$_SERVER["REMOTE_ADDR"]}', " . " body='" . clean($body) . "' "; if (!($result = mysql_query($sql))) { showerror(); } // update the date, thread count, and post count of the forum
if (isset($_POST["edit"])) { // edit profile ************************************************* $profile = $_POST["profile"]; if (strcmp($profile, $profile_head) != 0) { // insert the profile as a new revision $sql = "INSERT INTO ttf_revision SET " . "ref_id='{$ttf["uid"]}', " . "type='profile', " . "author_id='{$ttf["uid"]}', " . "date=UNIX_TIMESTAMP(), " . "ip='{$_SERVER["REMOTE_ADDR"]}', " . "body='" . clean($profile) . "' "; if (!($result = mysql_query($sql))) { showerror(); } // update the user's last rev date $sql = "UPDATE ttf_user " . "SET rev_date=UNIX_TIMESTAMP() " . "WHERE user_id={$ttf["uid"]} "; if (!($result = mysql_query($sql))) { showerror(); } // update the user's profile with a formatted version $sql = "UPDATE ttf_user " . "SET profile='" . clean(outputbody($profile)) . "' " . "WHERE user_id='{$ttf["uid"]}' "; if (!($result = mysql_query($sql))) { showerror(); } else { $messages[] = "your profile has been successfully changed."; } } // change password ********************************************** $pass0 = $_POST["password0"]; $pass1 = $_POST["password1"]; if (!empty($pass0) || !empty($pass1)) { if (strcmp($pass0, $pass1) == 0) { if (strcmp($pass0, clean($pass0)) == 0) { $encrypt = sha1(clean($pass0)); // this line should be reconsidered. --jlr $sql = "UPDATE ttf_user SET password='******' WHERE user_id='{$ttf["uid"]}'";
function reformat_caches() { $sql = "SELECT rev_id, " . " ref_id, " . " type, " . " body " . "FROM ttf_revision " . "ORDER BY rev_id ASC "; if (!($result = mysql_query($sql))) { showerror(); } while ($rev = mysql_fetch_array($result)) { if ($rev["type"] === "post") { $sql = "UPDATE `ttf_post` " . "SET `body`='" . clean(outputbody($rev["body"])) . "' " . "WHERE `post_id`='{$rev["ref_id"]}' "; } else { if ($rev["type"] === "profile") { $sql = "UPDATE `ttf_user` " . "SET `profile`='" . clean(outputbody($rev["body"])) . "' " . "WHERE `user_id`='{$rev["ref_id"]}' "; } else { if ($rev["type"] === "title") { $sql = "UPDATE `ttf_user` " . "SET `title`='" . clean(output($rev["body"])) . "' " . "WHERE `user_id`='{$rev["ref_id"]}' "; } } } if (!($result_nested = mysql_query($sql))) { showerror(); } else { echo "successfully reformatted rev_id={$rev["rev_id"]} ({$rev["type"]}={$rev["ref_id"]}).<br />\n"; } } }
if (!($result = mysql_query($sql))) { showerror(); } } else { if ((strcmp($body, $head) !== 0 || $unarchive == "TRUE") && empty($archive)) { if (strcmp(trim($body), "") === 0) { message($ttf_label, $ttf_msg["fatal_error"], "a post cannot be an empty string or whitespace."); die; } // insert the new revision $sql = "INSERT INTO ttf_revision " . "SET ref_id='" . clean($post_id) . "', " . " type='post', " . " author_id='{$ttf["uid"]}', " . " date=UNIX_TIMESTAMP(), " . " ip='{$_SERVER["REMOTE_ADDR"]}', " . " body='" . clean($body) . "' "; if (!($result = mysql_query($sql))) { showerror(); } // update the formatted ttf_post $sql = "UPDATE ttf_post " . "SET rev=rev+1, " . " body='" . clean(outputbody($body)) . "' " . "WHERE post_id='" . clean($post_id) . "' "; if (!($result = mysql_query($sql))) { showerror(); } } else { if (empty($archive) && empty($unarchive) && strcmp($body, $head) === 0) { message($ttf_label, $ttf_msg["fatal_error"], "you didn't make any changes."); die; } else { message($ttf_label, $ttf_msg["fatal_error"], "you cannot make multiple changes at once."); die; } } } // update the user's last rev date $sql = "UPDATE ttf_user " . "SET rev_date=UNIX_TIMESTAMP() " . "WHERE user_id={$ttf["uid"]} ";
} function outputbody($info) { if ($info == array()) { return '<h3>地区代码非法或该地区当前无预警信息!</h3>'; } $body = ''; $count = count($info); for ($i = 0; $i < $count; $i++) { if (date('i', $info[$i]['time']) == '00') { $time = date('Y年m月d日H时', $info[$i]['time']); } else { $time = date('Y年m月d日H时i分', $info[$i]['time']); } $body .= '【' . $info[$i]['area'] . $time . '发布' . $info[$i]['type'] . "预警信号】<br />\n" . $info[$i]['content'] . "<br /><br />\n"; } return $body; } ?> <!doctype html> <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <title>灾害预警信息</title> </head> <body> <?php echo outputbody(getalarminfo($aid)); ?> </body> </html>
kill_guests(); if (empty($thread_id) || trim($body) == "") { message($ttf_label, $ttf_msg["fatal_error"], $ttf_msg["field_empty"]); die; } // select the $forum_id of the forum that the post is being inserted into $sql = "SELECT forum_id FROM ttf_thread WHERE thread_id='" . clean($thread_id) . "' LIMIT 1"; $result = mysql_query($sql); list($forum_id) = mysql_fetch_array($result); mysql_free_result($result); if (empty($forum_id)) { message($ttf_label, $ttf_msg["fatal_error"], $ttf_msg["thread_dne"]); die; } // insert the post into the respective thread $sql = "INSERT INTO ttf_post SET thread_id='" . clean($thread_id) . "', author_id='{$ttf["uid"]}', " . "date=UNIX_TIMESTAMP(), body='" . clean(outputbody($body)) . "'"; if (!($result = mysql_query($sql))) { showerror(); } $post_id = mysql_insert_id(); // insert the post as a base revision $sql = "INSERT INTO ttf_revision SET ref_id='{$post_id}', type='post', author_id='{$ttf["uid"]}', " . "date=UNIX_TIMESTAMP(), ip='{$_SERVER["REMOTE_ADDR"]}', body='" . clean($body) . "'"; if (!($result = mysql_query($sql))) { showerror(); } // update the thread's post count and date $sql = "UPDATE ttf_thread SET date=UNIX_TIMESTAMP(), posts=posts+1 WHERE thread_id='" . clean($thread_id) . "'"; if (!($result = mysql_query($sql))) { showerror(); } // update the forum's post count and date