} if ($User1CanExecPHP == "no") { $User1Signature = preg_replace("/\\[ExecPHP\\](.*?)\\[\\/ExecPHP\\]/is", "<span style=\"color: red; font-weight: bold;\">ERROR:</span> cannot execute php code.", $User1Signature); } if ($User1CanExecPHP == "yes") { $User1Signature = php_execute($User1Signature); } if ($User1CanDoHTML1 == "no") { $User1Signature = preg_replace("/\\[DoHTML\\](.*?)\\[\\/DoHTML\\]/is", "<span style=\"color: red; font-weight: bold;\">ERROR:</span> cannot execute html.", $User1Signature); } if ($User1CanDoHTML == "yes") { $User1Signature = do_html_bbcode($User1Signature); } $User1Signature = text2icons($User1Signature, $Settings['sqltable'], $SQLStat); $User1Signature = preg_replace("/\\<br\\>/", "<br />", nl2br($User1Signature)); $User1Signature = url2link($User1Signature); $CanEditReply = false; $CanDeleteReply = false; if ($_SESSION['UserGroup'] != $Settings['GuestGroup']) { if ($PermissionInfo['CanEditReplys'][$MyForumID] == "yes" && $_SESSION['UserID'] == $MyUserID) { $CanEditReply = true; } if ($PermissionInfo['CanDeleteReplys'][$MyForumID] == "yes" && $_SESSION['UserID'] == $MyUserID) { $CanDeleteReply = true; } if ($PermissionInfo['CanModForum'][$MyForumID] == "yes") { $CanEditReply = true; $CanDeleteReply = true; } } if ($_SESSION['UserID'] == 0) {
<input type="submit" value="Ok" class="btn red"/> </form> </div> '; require THEME_PATH . '/footer.php'; } else { if (!isset($_POST['password']) || isset($_POST['password']) && $blured . $sub_id == $id) { # normal mode or access granted if ($f && is_file($f)) { # file request => return file according to $behaviour var (see core.php) $type = _mime_content_type($f); $ext = strtolower(pathinfo($f, PATHINFO_EXTENSION)); if ($ext == 'md') { include 'core/markdown.php'; require THEME_PATH . '/header_markdown.php'; echo parse(url2link(file_get_contents($f))); require THEME_PATH . '/footer_markdown.php'; } else { if (is_in($ext, 'FILES_TO_ECHO') !== false) { require THEME_PATH . '/header.php'; echo '<pre>' . htmlspecialchars(file_get_contents($f)) . '</pre>'; require THEME_PATH . '/footer.php'; } else { if (is_in($ext, 'FILES_TO_RETURN') !== false) { header('Content-type: ' . $type . '; charset=utf-8'); header('Content-Transfer-Encoding: binary'); header('Content-Length: ' . filesize($f)); readfile($f); } else { header('Content-type: ' . $type); header('Content-Transfer-Encoding: binary');
function cw_top_menu_update($data) { global $tables; $data = explode("\n", trim($data)); foreach ($data as $v) { if (trim($v) != '') { list($op, $id, $pos, $active, $title, $title_orig, $link) = explode("---", trim($v)); if ($op == "update" && preg_match("'^p[0-9]*\$'", $id)) { $mid = intval(str_replace('p', '', $id)); if ($title == $title_orig) { $title = ''; } $tbl = $tables['categories']; $where = "category_id={$mid}"; $tm_pos = $pos; $tm_active = $active; $tm_title = $title; $arr = compact('tm_pos', 'tm_active', 'tm_title'); $upd[] = compact('tbl', 'where', 'arr'); } if ($op == "update" && preg_match("'^u[0-9]*\$'", $id)) { $mid = intval(str_replace('u', '', $id)); $tbl = $tables['top_menu_user_categories']; $where = "category_id={$mid}"; $category = $title; $link = url2link($link); $arr = compact('pos', 'active', 'category', 'link'); $upd[] = compact('tbl', 'where', 'arr'); } if ($op == "add" && trim($title) != '') { $pid = trim($id); $re = "'^([a-z])([0-9]*)\$'i"; if (preg_match($re, $pid) || $pid == '0') { if ($pid != '0') { $pid_tag = preg_replace($re, "\$1", $pid); $pid = intval(preg_replace($re, "\$2", $pid)); } else { $pid_tag = ''; } $link = url2link($link); $tbl = $tables['top_menu_user_categories']; $category = $title; $link = url2link($link); $parent_id_tag = $pid_tag; $parent_id = $pid; $arr = compact('parent_id_tag', 'parent_id', 'category', 'link', 'pos', 'active'); $add[] = compact('tbl', 'arr'); } } if ($op == "remove") { $set = str_replace('u', '', $id); $del[] = "delete from {$tables['top_menu_user_categories']} where category_id in {$set};"; } } } if (isset($upd) && is_array($upd)) { foreach ($upd as $v) { cw_array2update($v['tbl'], $v['arr'], $v['where']); } } if (isset($add) && is_array($add)) { foreach ($add as $v) { cw_array2insert($v['tbl'], $v['arr']); } } if (isset($del) && is_array($del)) { foreach ($del as $v) { db_query($v); } } }
} if ($User1CanExecPHP == "no") { $MyDescription = preg_replace("/\\[ExecPHP\\](.*?)\\[\\/ExecPHP\\]/is", "<span style=\"color: red; font-weight: bold;\">ERROR:</span> cannot execute php code.", $MyDescription); } if ($User1CanExecPHP == "yes") { $MyDescription = php_execute($MyDescription); } if ($User1CanDoHTML == "no") { $MyDescription = preg_replace("/\\[DoHTML\\](.*?)\\[\\/DoHTML\\]/is", "<span style=\"color: red; font-weight: bold;\">ERROR:</span> cannot execute html.", $MyDescription); } if ($User1CanDoHTML == "yes") { $MyDescription = do_html_bbcode($MyDescription); } $MyDescription = text2icons($MyDescription, $Settings['sqltable'], $SQLStat); $MyDescription = preg_replace("/\\<br\\>/", "<br />", nl2br($MyDescription)); $MyDescription = url2link($MyDescription); if (isset($GroupNamePrefix) && $GroupNamePrefix != null) { $UsersName = $GroupNamePrefix . $UsersName; } if (isset($GroupNameSuffix) && $GroupNameSuffix != null) { $UsersName = $UsersName . $GroupNameSuffix; } $TheTime = sql_result($result, $i, "TimeStamp"); $AtomTime = GMTimeChange("Y-m-d\\TH:i:s\\Z", $TheTime, 0); //$OldRSSTime=GMTimeChange("Y-m-d\TH:i:s+0:00",$TheTime,0); $OldRSSTime = $AtomTime; $TheTime = GMTimeChange("D, j M Y G:i:s \\G\\M\\T", $TheTime, 0); $TopicName = sql_result($result, $i, "TopicName"); $ForumDescription = sql_result($result, $i, "Description"); if (isset($PermissionInfo['CanViewForum'][$ForumID]) && $PermissionInfo['CanViewForum'][$ForumID] == "yes" && isset($CatPermissionInfo['CanViewCategory'][$CategoryID]) && $CatPermissionInfo['CanViewCategory'][$CategoryID] == "yes") { if ($_GET['feedtype'] == "atom") {
header("Content-Type: text/plain; charset=" . $Settings['charset']); $urlstatus = 302; gzip_page($Settings['use_gzip'], $GZipEncode['Type']); session_write_close(); die; } $membertitle = " " . $ThemeSet['TitleDivider'] . " " . $ViewMem['Name']; if ($ViewMem['Avatar'] == "http://" || $ViewMem['Avatar'] == null || strtolower($ViewMem['Avatar']) == "noavatar") { $ViewMem['Avatar'] = $ThemeSet['NoAvatar']; $ViewMem['AvatarSize'] = $ThemeSet['NoAvatarSize']; } $AvatarSize1 = explode("x", $ViewMem['AvatarSize']); $AvatarSize1W = $AvatarSize1[0]; $AvatarSize1H = $AvatarSize1[1]; $ViewMem['Signature'] = text2icons($ViewMem['Signature'], $Settings['sqltable'], $SQLStat); $ViewMem['Signature'] = url2link($ViewMem['Signature']); if ($_GET['view'] == null) { $_GET['view'] = "profile"; } if ($_GET['view'] != "profile" && $_GET['view'] != "avatar" && $_GET['view'] != "website" && $_GET['view'] != "homepage") { $_GET['view'] = "profile"; } if ($_GET['view'] == "avatar") { session_write_close(); $urlstatus = 302; header("Location: " . $ViewMem['Avatar']); gzip_page($Settings['use_gzip'], $GZipEncode['Type']); die; } if ($_GET['view'] == "website" || $_GET['view'] == "homepage") { if ($ViewMem['Website'] != "http://" && $ViewMem['Website'] != null) {