}
if ($User1CanExecPHP == "no") {
$User1Signature = preg_replace("/\\[ExecPHP\\](.*?)\\[\\/ExecPHP\\]/is", "<span style=\"color: red; font-weight: bold;\">ERROR:</span> cannot execute php code.", $User1Signature);
}
if ($User1CanExecPHP == "yes") {
$User1Signature = php_execute($User1Signature);
}
if ($User1CanDoHTML1 == "no") {
$User1Signature = preg_replace("/\\[DoHTML\\](.*?)\\[\\/DoHTML\\]/is", "<span style=\"color: red; font-weight: bold;\">ERROR:</span> cannot execute html.", $User1Signature);
}
if ($User1CanDoHTML == "yes") {
$User1Signature = do_html_bbcode($User1Signature);
}
$User1Signature = text2icons($User1Signature, $Settings['sqltable'], $SQLStat);
$User1Signature = preg_replace("/\\<br\\>/", "<br />", nl2br($User1Signature));
$User1Signature = url2link($User1Signature);
$CanEditReply = false;
$CanDeleteReply = false;
if ($_SESSION['UserGroup'] != $Settings['GuestGroup']) {
if ($PermissionInfo['CanEditReplys'][$MyForumID] == "yes" && $_SESSION['UserID'] == $MyUserID) {
$CanEditReply = true;
}
if ($PermissionInfo['CanDeleteReplys'][$MyForumID] == "yes" && $_SESSION['UserID'] == $MyUserID) {
$CanDeleteReply = true;
}
if ($PermissionInfo['CanModForum'][$MyForumID] == "yes") {
$CanEditReply = true;
$CanDeleteReply = true;
}
}
if ($_SESSION['UserID'] == 0) {
<input type="submit" value="Ok" class="btn red"/>
</form>
</div>
';
require THEME_PATH . '/footer.php';
} else {
if (!isset($_POST['password']) || isset($_POST['password']) && $blured . $sub_id == $id) {
# normal mode or access granted
if ($f && is_file($f)) {
# file request => return file according to $behaviour var (see core.php)
$type = _mime_content_type($f);
$ext = strtolower(pathinfo($f, PATHINFO_EXTENSION));
if ($ext == 'md') {
include 'core/markdown.php';
require THEME_PATH . '/header_markdown.php';
echo parse(url2link(file_get_contents($f)));
require THEME_PATH . '/footer_markdown.php';
} else {
if (is_in($ext, 'FILES_TO_ECHO') !== false) {
require THEME_PATH . '/header.php';
echo '<pre>' . htmlspecialchars(file_get_contents($f)) . '</pre>';
require THEME_PATH . '/footer.php';
} else {
if (is_in($ext, 'FILES_TO_RETURN') !== false) {
header('Content-type: ' . $type . '; charset=utf-8');
header('Content-Transfer-Encoding: binary');
header('Content-Length: ' . filesize($f));
readfile($f);
} else {
header('Content-type: ' . $type);
header('Content-Transfer-Encoding: binary');
function cw_top_menu_update($data)
{
global $tables;
$data = explode("\n", trim($data));
foreach ($data as $v) {
if (trim($v) != '') {
list($op, $id, $pos, $active, $title, $title_orig, $link) = explode("---", trim($v));
if ($op == "update" && preg_match("'^p[0-9]*\$'", $id)) {
$mid = intval(str_replace('p', '', $id));
if ($title == $title_orig) {
$title = '';
}
$tbl = $tables['categories'];
$where = "category_id={$mid}";
$tm_pos = $pos;
$tm_active = $active;
$tm_title = $title;
$arr = compact('tm_pos', 'tm_active', 'tm_title');
$upd[] = compact('tbl', 'where', 'arr');
}
if ($op == "update" && preg_match("'^u[0-9]*\$'", $id)) {
$mid = intval(str_replace('u', '', $id));
$tbl = $tables['top_menu_user_categories'];
$where = "category_id={$mid}";
$category = $title;
$link = url2link($link);
$arr = compact('pos', 'active', 'category', 'link');
$upd[] = compact('tbl', 'where', 'arr');
}
if ($op == "add" && trim($title) != '') {
$pid = trim($id);
$re = "'^([a-z])([0-9]*)\$'i";
if (preg_match($re, $pid) || $pid == '0') {
if ($pid != '0') {
$pid_tag = preg_replace($re, "\$1", $pid);
$pid = intval(preg_replace($re, "\$2", $pid));
} else {
$pid_tag = '';
}
$link = url2link($link);
$tbl = $tables['top_menu_user_categories'];
$category = $title;
$link = url2link($link);
$parent_id_tag = $pid_tag;
$parent_id = $pid;
$arr = compact('parent_id_tag', 'parent_id', 'category', 'link', 'pos', 'active');
$add[] = compact('tbl', 'arr');
}
}
if ($op == "remove") {
$set = str_replace('u', '', $id);
$del[] = "delete from {$tables['top_menu_user_categories']} where category_id in {$set};";
}
}
}
if (isset($upd) && is_array($upd)) {
foreach ($upd as $v) {
cw_array2update($v['tbl'], $v['arr'], $v['where']);
}
}
if (isset($add) && is_array($add)) {
foreach ($add as $v) {
cw_array2insert($v['tbl'], $v['arr']);
}
}
if (isset($del) && is_array($del)) {
foreach ($del as $v) {
db_query($v);
}
}
}
}
if ($User1CanExecPHP == "no") {
$MyDescription = preg_replace("/\\[ExecPHP\\](.*?)\\[\\/ExecPHP\\]/is", "<span style=\"color: red; font-weight: bold;\">ERROR:</span> cannot execute php code.", $MyDescription);
}
if ($User1CanExecPHP == "yes") {
$MyDescription = php_execute($MyDescription);
}
if ($User1CanDoHTML == "no") {
$MyDescription = preg_replace("/\\[DoHTML\\](.*?)\\[\\/DoHTML\\]/is", "<span style=\"color: red; font-weight: bold;\">ERROR:</span> cannot execute html.", $MyDescription);
}
if ($User1CanDoHTML == "yes") {
$MyDescription = do_html_bbcode($MyDescription);
}
$MyDescription = text2icons($MyDescription, $Settings['sqltable'], $SQLStat);
$MyDescription = preg_replace("/\\<br\\>/", "<br />", nl2br($MyDescription));
$MyDescription = url2link($MyDescription);
if (isset($GroupNamePrefix) && $GroupNamePrefix != null) {
$UsersName = $GroupNamePrefix . $UsersName;
}
if (isset($GroupNameSuffix) && $GroupNameSuffix != null) {
$UsersName = $UsersName . $GroupNameSuffix;
}
$TheTime = sql_result($result, $i, "TimeStamp");
$AtomTime = GMTimeChange("Y-m-d\\TH:i:s\\Z", $TheTime, 0);
//$OldRSSTime=GMTimeChange("Y-m-d\TH:i:s+0:00",$TheTime,0);
$OldRSSTime = $AtomTime;
$TheTime = GMTimeChange("D, j M Y G:i:s \\G\\M\\T", $TheTime, 0);
$TopicName = sql_result($result, $i, "TopicName");
$ForumDescription = sql_result($result, $i, "Description");
if (isset($PermissionInfo['CanViewForum'][$ForumID]) && $PermissionInfo['CanViewForum'][$ForumID] == "yes" && isset($CatPermissionInfo['CanViewCategory'][$CategoryID]) && $CatPermissionInfo['CanViewCategory'][$CategoryID] == "yes") {
if ($_GET['feedtype'] == "atom") {
header("Content-Type: text/plain; charset=" . $Settings['charset']);
$urlstatus = 302;
gzip_page($Settings['use_gzip'], $GZipEncode['Type']);
session_write_close();
die;
}
$membertitle = " " . $ThemeSet['TitleDivider'] . " " . $ViewMem['Name'];
if ($ViewMem['Avatar'] == "http://" || $ViewMem['Avatar'] == null || strtolower($ViewMem['Avatar']) == "noavatar") {
$ViewMem['Avatar'] = $ThemeSet['NoAvatar'];
$ViewMem['AvatarSize'] = $ThemeSet['NoAvatarSize'];
}
$AvatarSize1 = explode("x", $ViewMem['AvatarSize']);
$AvatarSize1W = $AvatarSize1[0];
$AvatarSize1H = $AvatarSize1[1];
$ViewMem['Signature'] = text2icons($ViewMem['Signature'], $Settings['sqltable'], $SQLStat);
$ViewMem['Signature'] = url2link($ViewMem['Signature']);
if ($_GET['view'] == null) {
$_GET['view'] = "profile";
}
if ($_GET['view'] != "profile" && $_GET['view'] != "avatar" && $_GET['view'] != "website" && $_GET['view'] != "homepage") {
$_GET['view'] = "profile";
}
if ($_GET['view'] == "avatar") {
session_write_close();
$urlstatus = 302;
header("Location: " . $ViewMem['Avatar']);
gzip_page($Settings['use_gzip'], $GZipEncode['Type']);
die;
}
if ($_GET['view'] == "website" || $_GET['view'] == "homepage") {
if ($ViewMem['Website'] != "http://" && $ViewMem['Website'] != null) {
