Example #1
0
     $currenttime = ctime();
     $ipaddr = getenv("REMOTE_ADDR");
     if (!$x_hacks['host'] && false) {
         $sql->query("INSERT INTO `pendingusers` SET `username` = '{$name}', `password` = '" . $pass . "', `ip` = '{$ipaddr}', `time` = '{$currenttime}'") or print mysql_error();
         //		$sql->query("INSERT INTO `ipbans` SET `ip` = '$ipaddr', `reason` = 'Automagic ban', `banner` = 'Acmlmboard'");
         print "{$tccell1}>Thank you, {$username}, for registering your account.<br>" . redirect('index.php', 'the board', 0);
     } else {
         $ircout['name'] = stripslashes($name);
         $ircout['ip'] = $ipaddr;
         // No longer useful
         //$ircout['pmatch']	= $sql -> resultq("SELECT COUNT(*) FROM `users` WHERE `password` = '". md5($pass) ."'");
         $sql->query("INSERT INTO `users` SET `name` = '{$name}', `password` = '" . md5($pass) . "', `powerlevel` = '0', `postsperpage` = '20', `threadsperpage` = '50', `lastip` = '{$ipaddr}', `layout` = '1', `scheme` = '0', `lastactivity` = '{$currenttime}', `regdate` = '{$currenttime}'") or print mysql_error();
         $newuserid = mysql_insert_id();
         $sql->query("UPDATE users SET `password` = '" . getpwhash($pass, $newuserid) . "' WHERE `id` = '{$newuserid}'");
         $ircout['id'] = $newuserid;
         xk_ircout("user", $ircout['name'], $ircout);
         $sql->query("INSERT INTO `users_rpg` (`uid`) VALUES ('" . $newuserid . "')") or print mysql_error();
         print "{$tccell1}>Thank you, {$username}, for registering your account.<br>" . redirect('index.php', 'the board', 0);
     }
 } else {
     /*	if ($password == "123") {
     		echo	"$tccell1>Thank you, $username, for registering your account.<img src=cookieban.php width=1 height=1><br>".redirect('index.php','the board',0);
     		mysql_query("INSERT INTO `ipbans` (`ip`, `reason`, `date`) VALUES ('". $_SERVER['REMOTE_ADDR'] ."', 'blocked password of 123', '". ctime() ."')");
     		die();
     	}
     */
     if ($userid != -1) {
         $reason = "That username is already in use.";
     } elseif ($nomultis) {
         $reason = "You have already registered! (<a href=profile.php?id={$nomultis['id']}>here</a>)";
     } elseif (!$username || !$password) {
Example #2
0
             $stickq = "`sticky` = '1',";
         } else {
             $stickq = "`sticky` = '0',";
         }
     }
     $sql->query("INSERT INTO posts (thread,user,date,ip,num,headid,signid,moodid) VALUES ({$id},{$userid},{$currenttime},'{$userip}',{$numposts},{$headid},{$signid},'" . $_POST['moodid'] . "')");
     $pid = mysql_insert_id();
     $options = filter_int($nosmilies) . "|" . filter_int($nohtml);
     if ($pid) {
         $sql->query("INSERT INTO `posts_text` (`pid`,`text`,`tagval`, `options`) VALUES ('{$pid}','{$message}','{$tagval}', '{$options}')");
     }
     $sql->query("UPDATE `threads` SET {$closeq} {$stickq} `replies` =  `replies` + 1, `lastpostdate` = '{$currenttime}', `lastposter` = '{$userid}' WHERE `id`='{$id}'");
     $sql->query("UPDATE `forums` SET `numposts` = `numposts` + 1, `lastpostdate` = '{$currenttime}', `lastpostuser` ='{$userid}', `lastpostid` = '{$pid}' WHERE `id`='{$forumid}'");
     $sql->query("UPDATE `threadsread` SET `read` = '0' WHERE `tid` = '{$id}'");
     $sql->query("REPLACE INTO threadsread SET `uid` = '{$userid}', `tid` = '{$id}', `time` = " . ctime() . ", `read` = '1'");
     xk_ircout("reply", $user['name'], array('forum' => $forum['title'], 'fid' => $forumid, 'thread' => str_replace("&lt;", "<", $thread['title']), 'pid' => $pid, 'pow' => $forum['minpower']));
     return header("Location: thread.php?pid={$pid}#{$pid}");
 } else {
     loadtlayout();
     $message = stripslashes($message);
     $ppost = $user;
     $ppost['posts']++;
     $ppost['uid'] = $userid;
     $ppost['num'] = $numposts;
     $ppost['lastposttime'] = $currenttime;
     $ppost['date'] = $currenttime;
     $ppost['moodid'] = $_POST['moodid'];
     if (filter_bool($nolayout)) {
         $ppost['headtext'] = "";
         $ppost['signtext'] = "";
     } else {
Example #3
0
     }
     mysql_query("UPDATE `forums` SET `numthreads` = `numthreads` + 1, `numposts` = `numposts` + 1, `lastpostdate` = '{$currenttime}', `lastpostuser` = '{$userid}', `lastpostid` = '{$pid}' WHERE id={$id}");
     if (!$poll) {
         print "\n\t\t\t\t\t\t{$tccell1}>Thread posted successfully!\n\t\t\t\t\t\t<br>" . redirect("thread.php?id={$t}", stripslashes($subject), 0) . $tblend;
         xk_ircout("thread", $user['name'], array('forum' => $forum['title'], 'fid' => $forum['id'], 'thread' => str_replace("&lt;", "<", $subject), 'pid' => $pid, 'pow' => $forum['minpower']));
     } else {
         mysql_query("INSERT INTO `poll` (`question`, `briefing`, `closed`, `doublevote`) VALUES ('{$question}', '{$briefing}', '0', '{$mltvote}')");
         $p = mysql_insert_id();
         mysql_query("UPDATE `threads` SET `poll` = '{$p}' where `id` = '{$t}'");
         $c = 1;
         while ($chtext[$c]) {
             mysql_query("INSERT INTO `poll_choices` (`poll`, `choice`, `color`) VALUES ('{$p}', '{$chtext[$c]}', '{$chcolor[$c]}')");
             $c++;
         }
         print "\n\t\t\t\t\t\t{$tccell1}>Poll created successfully!\n\t\t\t\t\t\t<br>" . redirect("thread.php?id={$t}", stripslashes($subject), 0) . $tblend;
         xk_ircout("poll", $user['name'], array('forum' => $forum['title'], 'fid' => $forum['id'], 'thread' => str_replace("&lt;", "<", $subject), 'pid' => $pid, 'pow' => $forum['minpower']));
     }
 } else {
     if ($posticon) {
         $posticon1 = "<img src='" . stripslashes($posticon) . "' height=15 align=absmiddle>";
     }
     if ($poll) {
         for ($c = 1; $chtext[$c]; $c++) {
             $chtext[$c] = stripslashes($chtext[$c]);
             $chcolor[$c] = stripslashes($chcolor[$c]);
             $hchoices .= "{$inph}=chtext[{$c}] VALUE=\"" . htmlspecialchars($chtext[$c]) . "\">{$inph}=chcolor[{$c}] VALUE=\"" . htmlspecialchars($chcolor[$c]) . '">';
             $pchoices .= "\n\t\t\t\t\t\t\t{$tccell1l} width=20%>{$chtext[$c]}</td>\n\t\t\t\t\t\t\t{$tccell2l} width=60%><table cellpadding=0 cellspacing=0 width=50% bgcolor='{$chcolor[$c]}'><td>&nbsp</table></td>\n\t\t\t\t\t\t\t{$tccell1} width=20%>{$fonttag} ? votes, ??.?%<tr>\n\t\t\t\t\t\t";
         }
         $mlt = $mltvote ? 'enabled' : 'disabled';
         $pollpreview = "\n\t\t\t\t\t\t<td colspan=3 class='tbl tdbgc center font'><b>{$question}<tr>\n\t\t\t\t\t\t{$tccell2ls} colspan=3>{$briefing}<tr>\n\t\t\t\t\t\t{$pchoices}\n\t\t\t\t\t\t{$tccell2ls} colspan=3>Multi-voting is {$mlt}.\n\t\t\t\t\t\t{$tblend}<br>{$tblstart}\n\t\t\t\t\t";
         $subject = htmlspecialchars(stripslashes($subject));