$link = @mysqli_connect(TINYIB_DBHOST, TINYIB_DBUSERNAME, TINYIB_DBPASSWORD);
if (!$link) {
fancyDie("Could not connect to database: " . (is_object($link) ? mysqli_error($link) : (($link_error = mysqli_connect_error()) ? $link_error : '(unknown error)')));
}
$db_selected = @mysqli_query($link, "USE " . constant('TINYIB_DBNAME'));
if (!$db_selected) {
fancyDie("Could not select database: " . (is_object($link) ? mysqli_error($link) : (($link_error = mysqli_connect_error()) ? $link_error : '(unknown error')));
}
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) {
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBBANS . "'")) == 0) {
mysqli_query($link, $posts_sql);
mysqli_query($link, $bans_sql);
$max_id = 0;
$threads = allThreads();
foreach ($threads as $thread) {
$posts = postsInThreadByID($thread['id']);
foreach ($posts as $post) {
mysqli_query($link, "INSERT INTO `" . TINYIB_DBPOSTS . "` (`id`, `parent`, `timestamp`, `bumped`, `ip`, `name`, `tripcode`, `email`, `nameblock`, `subject`, `message`, `password`, `file`, `file_hex`, `file_original`, `file_size`, `file_size_formatted`, `image_width`, `image_height`, `thumb`, `thumb_width`, `thumb_height`, `stickied`) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . time() . ", " . time() . ", '" . $_SERVER['REMOTE_ADDR'] . "', '" . mysqli_real_escape_string($link, $post['name']) . "', '" . mysqli_real_escape_string($link, $post['tripcode']) . "',\t'" . mysqli_real_escape_string($link, $post['email']) . "',\t'" . mysqli_real_escape_string($link, $post['nameblock']) . "', '" . mysqli_real_escape_string($link, $post['subject']) . "', '" . mysqli_real_escape_string($link, $post['message']) . "', '" . mysqli_real_escape_string($link, $post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysqli_real_escape_string($link, $post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['stickied'] . ")");
$max_id = max($max_id, $post['id']);
}
}
if ($max_id > 0 && !mysqli_query($link, "ALTER TABLE `" . TINYIB_DBPOSTS . "` AUTO_INCREMENT = " . ($max_id + 1))) {
$text .= '<p><b>Warning:</b> Unable to update the AUTO_INCREMENT value for table ' . TINYIB_DBPOSTS . ', please set it to ' . ($max_id + 1) . '.</p>';
}
$max_id = 0;
$bans = allBans();
foreach ($bans as $ban) {
$max_id = max($max_id, $ban['id']);
mysqli_query($link, "INSERT INTO `" . TINYIB_DBBANS . "` (`id`, `ip`, `timestamp`, `expire`, `reason`) VALUES ('" . mysqli_real_escape_string($link, $ban['id']) . "', '" . mysqli_real_escape_string($link, $ban['ip']) . "', '" . mysqli_real_escape_string($link, $ban['timestamp']) . "', '" . mysqli_real_escape_string($link, $ban['expire']) . "', '" . mysqli_real_escape_string($link, $ban['reason']) . "')");
}
if ($max_id > 0 && !mysqli_query($link, "ALTER TABLE `" . TINYIB_DBBANS . "` AUTO_INCREMENT = " . ($max_id + 1))) {
}
} elseif (isset($_GET["rawpost"])) {
$onload = manageOnLoad("rawpost");
$text .= manageRawPostForm();
} elseif (isset($_GET["logout"])) {
$_SESSION['tinyib'] = '';
session_destroy();
die('--> --> --><meta http-equiv="refresh" content="0;url=' . $returnlink . '?manage">');
}
if ($text == '') {
$text = manageStatus();
}
} else {
$onload = manageOnLoad('login');
$text .= manageLogInForm();
}
echo managePage($text, $onload);
} elseif (!file_exists('index.html') || countThreads() == 0) {
rebuildIndexes();
} elseif (isset($_GET['json']) && TINYIB_JSON) {
$redirect = false;
$json = $_GET['json'];
if ($json == '') {
echo '{"id": ' . 0 . ', "name": "' . TINYIB_BOARD . '", "threads":' . getJSON(allThreads(true)) . '}';
} else {
echo '{"id": ' . $json . ', "posts":' . getJSON(postsInThreadByID($json, true, true)) . '}';
}
}
if ($redirect) {
echo '--> --> --><meta http-equiv="refresh" content="' . (isset($slow_redirect) ? '3' : '0') . ';url=' . (is_string($redirect) ? $redirect : 'index.html') . '">';
}
function deletePostByID($id)
{
$posts = postsInThreadByID($id);
foreach ($posts as $post) {
if ($post['id'] != $id) {
deletePostImages($post);
mysql_query("DELETE FROM `" . $GLOBALS['mysql_posts_table'] . "` WHERE `id` = " . $post['id'] . " LIMIT 1");
} else {
$thispost = $post;
}
}
if (isset($thispost)) {
deletePostImages($thispost);
mysql_query("DELETE FROM `" . $GLOBALS['mysql_posts_table'] . "` WHERE `id` = " . $thispost['id'] . " LIMIT 1");
}
}
function deletePostByID($id)
{
global $link;
$posts = postsInThreadByID($id, false);
foreach ($posts as $post) {
if ($post['id'] != $id) {
deletePostImages($post);
mysqli_query($link, "DELETE FROM `" . TINYIB_DBPOSTS . "` WHERE `id` = " . $post['id'] . " LIMIT 1");
} else {
$thispost = $post;
}
}
if (isset($thispost)) {
if ($thispost['parent'] == TINYIB_NEWTHREAD) {
@unlink('res/' . $thispost['id'] . '.html');
}
deletePostImages($thispost);
mysqli_query($link, "DELETE FROM `" . TINYIB_DBPOSTS . "` WHERE `id` = " . $thispost['id'] . " LIMIT 1");
}
}
function deletePostByID($id)
{
$posts = postsInThreadByID($id, false);
foreach ($posts as $post) {
if ($post['id'] != $id) {
deletePostImages($post);
$GLOBALS['db']->deleteWhere(POSTS_FILE, new SimpleWhereClause(POST_ID, '=', $post['id'], INTEGER_COMPARISON));
} else {
$thispost = $post;
}
}
if (isset($thispost)) {
if ($thispost['parent'] == 0) {
@unlink('res/' . $thispost['id'] . '.html');
}
deletePostImages($thispost);
$GLOBALS['db']->deleteWhere(POSTS_FILE, new SimpleWhereClause(POST_ID, '=', $thispost['id'], INTEGER_COMPARISON));
}
}
function manageModeratePost($post)
{
global $isadmin;
$ban = banByIP($post['ip']);
$ban_disabled = !$ban && $isadmin ? '' : ' disabled';
$ban_info = !$ban ? !$isadmin ? 'Only an administrator may ban an IP address.' : 'IP address: ' . $post["ip"] : ' A ban record already exists for ' . $post['ip'];
$delete_info = $post['parent'] == TINYIB_NEWTHREAD ? 'This will delete the entire thread below.' : 'This will delete the post below.';
$post_or_thread = $post['parent'] == TINYIB_NEWTHREAD ? 'Thread' : 'Post';
$sticky_html = "";
if ($post["parent"] == TINYIB_NEWTHREAD) {
$sticky_set = $post['stickied'] == 1 ? '0' : '1';
$sticky_unsticky = $post['stickied'] == 1 ? 'Un-sticky' : 'Sticky';
$sticky_unsticky_help = $post['stickied'] == 1 ? 'Return this thread to a normal state.' : 'Keep this thread at the top of the board.';
$sticky_html = <<<EOF
\t<tr><td colspan="2"> </td></tr>
\t<tr><td align="right" width="50%;">
\t\t<form method="get" action="?">
\t\t<input type="hidden" name="manage" value="">
\t\t<input type="hidden" name="sticky" value="{$post['id']}">
\t\t<input type="hidden" name="setsticky" value="{$sticky_set}">
\t\t<input type="submit" value="{$sticky_unsticky} Thread" class="managebutton" style="width: 50%;">
\t\t</form>
\t</td><td><small>{$sticky_unsticky_help}</small></td></tr>
EOF;
$post_html = "";
$posts = postsInThreadByID($post["id"]);
foreach ($posts as $post_temp) {
$post_html .= buildPost($post_temp, TINYIB_INDEXPAGE);
}
} else {
$post_html = buildPost($post, TINYIB_INDEXPAGE);
}
return <<<EOF
\t<fieldset>
\t<legend>Moderating No.{$post['id']}</legend>
\t
\t<fieldset>
\t<legend>Action</legend>
\t
\t<table border="0" cellspacing="0" cellpadding="0" width="100%">
\t<tr><td align="right" width="50%;">
\t
\t<form method="get" action="?">
\t<input type="hidden" name="manage" value="">
\t<input type="hidden" name="delete" value="{$post['id']}">
\t<input type="submit" value="Delete {$post_or_thread}" class="managebutton" style="width: 50%;">
\t</form>
\t
\t</td><td><small>{$delete_info}</small></td></tr>
\t<tr><td align="right" width="50%;">
\t
\t<form method="get" action="?">
\t<input type="hidden" name="manage" value="">
\t<input type="hidden" name="bans" value="{$post['ip']}">
\t<input type="submit" value="Ban Poster" class="managebutton" style="width: 50%;"{$ban_disabled}>
\t</form>
\t
\t</td><td><small>{$ban_info}</small></td></tr>
\t{$sticky_html}
\t
\t</table>
\t
\t</fieldset>
\t
\t<fieldset>
\t<legend>{$post_or_thread}</legend>\t
\t{$post_html}
\t</fieldset>
\t
\t</fieldset>
\t<br>
EOF;
}
function deletePostByID($id)
{
$posts = postsInThreadByID($id, false);
foreach ($posts as $post) {
if ($post['id'] != $id) {
deletePostImages($post);
pdoQuery("DELETE FROM " . TINYIB_DBPOSTS . " WHERE id = ?", array($id));
} else {
$thispost = $post;
}
}
if (isset($thispost)) {
if ($thispost['parent'] == TINYIB_NEWTHREAD) {
@unlink('res/' . $thispost['id'] . '.html');
}
deletePostImages($thispost);
pdoQuery("DELETE FROM " . TINYIB_DBPOSTS . " WHERE id = ?", array($thispost['id']));
}
}
function rebuildThread($id)
{
global $mysql_posts_table;
$htmlposts = "";
$posts = postsInThreadByID($id);
foreach ($posts as $post) {
$htmlposts .= buildPost($post, True);
}
$htmlposts .= "<br clear=\"left\">\n" . "<hr>";
writePage("res/" . $id . ".html", fixLinksInRes(buildPage($htmlposts, $id)));
}
