function tfooter() { $Temp = new Template(); $Temp->dir = 'pro'; $Temp->file = "footer.tpl"; $Temp->tp(); echo $Temp->html; }
function search() { global $logged; if (!isset($_POST['submit'])) { $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "search_find.tpl"; $Temp->tp(__LINE__, __FILE__); return $Temp->html; } else { $t = $_POST['s'] == 2 ? 1 : 2; $type = $_POST['s'] == 2 ? '`topics`' : '`replies`'; $type_ = $_POST['s'] == 2 ? '`title`' : '`post`'; $query = htmlspecialchars($_POST['query']); $sql = mysql_query("SELECT * FROM " . $type . " WHERE " . $type_ . " LIKE '%" . $query . "%'"); if (empty($query) || $query == "") { pageerror("Search Error", "Something was blank.", "Looks like you left the search field blank, please go back and try again."); } if (mysql_num_rows($sql) <= 0) { pageerror("Search Error", "Not found", "Looks like there wasn't post or topic in the database that matched your query."); } $content = ""; while ($row = mysql_fetch_array($sql)) { switch ($t) { case 1: if (getFP($row['fid'], 1)) { $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "search_msg.tpl"; $Temp->tp(__LINE__, __FILE__); $Temp->tr(array('TID' => $row['id'], 'TNAME' => $row['title'], 'UID' => getid($row['username']), 'DATE' => !empty($row['date']) ? date("m-d-y", $row['date']) : 'unknown', 'MESSAGE' => nl2br(bbcode_format(getFirstPost($row['id']))), 'POSTER' => $row['username'])); $content .= $Temp->html; } break; case 2: if (getFP(topic_parent_($row['id']), 1)) { $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "search_msg.tpl"; $Temp->tp(__LINE__, __FILE__); $Temp->tr(array('TID' => $row['tid'], 'TNAME' => topicName($row['title']), 'UID' => getid($row['username']), 'DATE' => !empty($row['date']) ? date("m-d-y", $row['date']) : 'unknown', 'MESSAGE' => nl2br(bbcode_format($row['post'])), 'POSTER' => $row['username'])); $content .= $Temp->html; } break; } } if (empty($content) || $content == "") { pageerror("Search Error", "Not found", "Looks like there wasn't post or topic in the database that matched your query."); } return $content; } }
function profile() { global $logged; $id = intval(htmlspecialchars($_GET['profile;id'])); $sql = mysql_query("SELECT * FROM `users` WHERE `id` = '" . $id . "' LIMIT 1;"); if (mysql_num_rows($sql) <= 0) { pageerror("Profile Error", "Doesn't exists.", "Sorry, but it looks like this user wasn't created or was deleted."); } $information = mysql_fetch_array($sql); $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "profile.tpl"; $Temp->tp(); $Temp->tr(array('USERNAME' => $information['username'], 'POSTS' => $information['post'], 'GROUP' => getgroupname($information['level']), 'JOINED' => empty($information['joined']) ? 'unknown' : date("m-d-y", $information['joined']), 'AVY' => '', 'MSN' => empty($information['msn']) ? 'unknown' : $information['msn'], 'GTALK' => 'unknown', 'EMAIL' => 'unknown')); echo $Temp->html; }
function RUN_Newtopic() { global $logged, $permissions; if (is_numeric($_GET['id']) and !empty($_GET['id'])) { $id = intval(htmlspecialchars($_GET['id'])); } else { pageerror("Topic Error", "", "Sorry, but there wasn't a forum id present."); } if (!getFP($id, 3)) { pageerror("Permission Error", "", "Sorry, but you don't have permissions to post a new topic."); } if (check_forum_lock($id) and $permissions['admin'] != 't') { pageerror("Forum Locked", "", "Sorry, you can't post a topic in here because this forum is locked"); } else { $post = htmlspecialchars($_POST['post']); $ttitle = htmlspecialchars($_POST['title']); $tdesc = htmlspecialchars($_POST['tdesc']); $time = time(); if (!isset($_POST['newtopic'])) { $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "newtopic.tpl"; $Temp->tp(); $Temp->tr(array('TOPIC_NAME' => 'New Topic', 'TITLE' => '', 'DESC' => '', 'POST' => '', '<<HIDE>>' => '', '<<HIDE_2>>' => '')); echo $Temp->html; } else { if (!$logged['username']) { pageerror("Topic Error", "There was an error creating topic", "You don't have permissions to post a new topic!"); } if (empty($post)) { pageerror("Topic Error", "There was an error creating topic", "Please check your post because you left the topic post blank!"); } elseif (empty($ttitle)) { pageerror("Topic Error", "There was an error creating topic", "Please check your post because you left the topic title blank!"); } else { update_post_count(); $newtopic = mysql_query("INSERT INTO `topics`(`fid`,`date`,`timestamp`,`title`,`username`,`description`) VALUES('" . $id . "','" . $time . "','" . $time . "','" . $ttitle . "','" . $logged['username'] . "','" . $tdesc . "')") or die(pageerror("Topic Error", "Something went wrong in SQL", "Sorry, but your topic couldn't be created please contact the administrator with this error")); $nreply = mysql_query("SELECT `id` FROM `topics` ORDER BY `id` DESC LIMIT 1") or die("ERROR"); $nreply = mysql_fetch_array($nreply); finished("Topic Created!", "New Topic was Created!", "Thank you now your topic was sucessfully created.", "index.php?act=topicshow&id=" . $nreply['id']); $new_reply = mysql_query("INSERT INTO `replies` (`tid`,`post`,`username`,`date`) VALUES('" . $nreply['id'] . "','" . $post . "','" . $logged['username'] . "','" . $time . "')") or die(pageerror("Reply Error", "There was a problem adding reply", "Something went wrong adding new reply")); } } } }
function do_register_2($TOS) { global $logged; if (!$logged['username']) { if (!isset($_POST['register'])) { $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = 'register.tpl'; $Temp->tp(); $Temp->tr(array("TOS" => $TOS)); echo $Temp->html; } else { $captcha_value = $_POST['verify']; $captcha = $_SESSION['captchastr']; $email = htmlspecialchars($_POST['email']); $email2 = htmlspecialchars($_POST['email2']); $pass = htmlspecialchars($_POST['password']); $pass2 = $_POST['password2']; $username = htmlspecialchars($_POST['name']); $user = mysql_query("SELECT * FROM `users` WHERE `username` = '" . $username . "' "); $user = mysql_num_rows($user); $TOSz = $_POST['TOS']; if ($user != 0) { die(pageerror("Registration Error", "There was an error in registering!", "User name already exists please try a new name!")); } elseif ($captcha_value != $captcha) { die(pageerror("Registration Error", "There was an error in registering!", "Your verification characters were incorrect. Please go back and try again. If you can't see the characters, refresh else contact the administrator.")); } elseif (empty($username) || empty($pass) || empty($pass2) || empty($email) || empty($email2)) { die(pageerror("Registration Error", "There was an error in registering!", "There was a input left empty please go back and try again!")); } elseif (!isset($TOSz)) { die(pageerror("Registration Error", "There was an error in registering!", "In order to register on this site you must agree to TOS!")); } $ip = $_SERVER["REMOTE_ADDR"]; $salt = substr(md5(uniqid(rand(), true)), 0, 5); $hash = md5($salt . $pass); $online = time(); $timezone = intval(htmlspecialchars($_POST['timezone'])); $new_user = mysql_query("INSERT INTO `users` (`username`,`password`,`email`,`ip`,`salt`,`online`,`timezone`) VALUES('" . $username . "','" . $hash . "','" . $email . "','" . $ip . "','" . $salt . "','" . $online . "','" . $timezone . "') ") or die(pageerror("Registration Error", "There was an error in registering!", "Something went wrong in the database please contact administrator!")); $users = mysql_query("SELECT `id` FROM `users` ORDER BY `id` DESC LIMIT 1"); $users = mysql_fetch_array($users); $_SESSION['uid'] = $users['id']; $_SESSION['upass'] = htmlspecialchars($hash); finished("Registered Sucessfully!", $username . " now Logged in!", "Thank you now you are now logged in and Registered!", "index.php"); } } else { finished("Register Error", "Error registering in.", "Sorry, but you are already logged in. Please logout before you can reregister.", "index.php"); } }
function RUN_Wrappers() { global $logged; $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "boardstats.tpl"; $Temp->tp(); $Temp->tr(array("WRAPPER" => users_online())); echo $Temp->html; }
<?php $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "footer.tpl"; $Temp->tp(); echo $Temp->html;
function panel_email() { global $logged; if (!isset($_POST['update'])) { $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "cpanel_email.tpl"; $Temp->tp(__LINE__, __FILE__); $Temp->tr(array('E' => $logged['email'])); return $Temp->html; } else { if (empty($_POST['password'])) { pageerror("Profile Error", "Something went wrong", "Looks like you left the password field blank please go back and fix it."); } if (empty($_POST['e1']) || empty($_POST['e2'])) { pageerror("Profile Error", "Something went wrong", "In order to change your email, you must provide both new email fields with a new email to update email."); } if (md5($logged['salt'] . $_POST['password']) != $logged['password']) { pageerror("Profile Error", "Something went wrong", "Sorry, but your password was incorrect, please fix this error."); } if ($_POST['e1'] != $_POST['e2']) { pageerror("Profile Error", "Something went wrong", "Email fields didn't match please go back to make them match."); } $email = htmlspecialchars($_POST['e1']); $sql = mysql_query("UPDATE `users` SET `email` = '" . $email . "' WHERE `username` = '" . $logged['username'] . "'"); if (!$sql) { pageerror("Profile Error", "Something went wrong", "There was a problem updating sql: " . mysql_error()); } return imessage("Profile Updated Sucessfully!", "", "Thank you, now your profile is updated!", "index.php?act=Cpanel&option=email", true); } }
function RUN_Forums() { global $logged; if (is_numeric($_GET['id'])) { $id = intval(htmlspecialchars($_GET['id'])); //finish checking } else { pageerror("Forum Error", "", "Sorry, but there wasn't a forum id present."); } //Show Subforums here $SubForums = mysql_query("SELECT * FROM `forums` WHERE `sid` = '" . $id . "'"); if (mysql_num_rows($SubForums) > 0) { $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "category_header.tpl"; $Temp->tp(); $Temp->tr(array("CAT_NAME" => "SubForums")); echo $Temp->html; while ($SubForum = mysql_fetch_array($SubForums)) { //select the total replies for each forum $total_replies = mysql_query("SELECT topics.id,replies.tid FROM `topics`,`replies` WHERE `fid` = '" . $SubForum['id'] . "' AND topics.id = replies.tid") or die(mysql_error()); $total_replies_ = mysql_num_rows($total_replies); //select topic data from the database from these forums $nlastpost = mysql_query("SELECT `id`,`title`,`username` FROM `topics` WHERE `fid` ='" . $SubForum['id'] . "' ORDER BY timestamp DESC") or die(mysql_error()); $nlastpost1 = mysql_fetch_array($nlastpost); $topicid = $nlastpost1['id']; $topicuser = $nlastpost1['username']; $topicnumber = mysql_num_rows($nlastpost); //get latest replies from current forum $allreplies = mysql_query("SELECT * FROM `replies` WHERE `tid` = '" . $topicid . "' ORDER BY `id` DESC ") or die(mysql_error()); $all_replies = mysql_fetch_array($allreplies); if ($f['lastvisited'] == "") { $no_new_post = $total_topics_f_2 != 0 ? "<img src='styles/default/New.png' alt='New' />" : "<img src='styles/default/No%20New.png' alt='No-New' />"; } else { $lID = $logged['id']; $last_vdata = unserialize($f['lastvisited']); $no_new_post = $last_vdata[$lID] < $total_topics_f_2 ? "<img src='styles/default/New.png' alt='New' />" : "<img src='styles/default/No%20New.png' alt='No-New' />"; } //check if there we're any replies if (empty($nlastpost1['title'])) { $IN = "No Topics Here."; } else { $IN = "<a href=\"index.php?act=topicshow&id=" . $nlastpost1['id'] . "\">" . $nlastpost1['title'] . "</a>"; } if ($all_replies['username'] == "") { $BY = $topicuser; } else { $BY = $all_replies['username']; } if (getFP($SubForum['id'])) { $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "idxforum.tpl"; $Temp->tp(); $Temp->tr(array('NEWPOST' => $no_new_post, 'FORUM_ID' => $SubForum['id'], 'FORUM_NAME' => $SubForum['title'], 'FORUM_DESC' => $SubForum['description'], 'TOPICS' => $topicnumber, 'REPLIES' => $total_replies_, 'LASTPOSTER' => $BY, 'TOPIC_LINK' => $IN, 'SUBFORUMS' => '')); echo $Temp->html; } } echo "</table><br /><br /><br />"; } //End Subforums here. //total replies pagination limit $ppt = mysql_query("SELECT `topicsperforum` FROM `boardstatus` LIMIT 1;"); $p_p_t = mysql_fetch_array($ppt); $total_limit = intval($p_p_t['topicsperforum']); if (!isset($_GET['p']) || empty($_GET['p']) || $_GET['p'] == 0) { $page = 1; } else { if (!is_numeric($_GET['p'])) { pageerror("Page Error", "", "Didn't specify a correct page id."); } else { $page = intval(mysql_real_escape_string($_GET['p'])); } } $limit_start = $page * $total_limit - $total_limit; //do topic stuff with pagination $topics = mysql_query("SELECT * FROM `topics` WHERE `fid` = '" . $id . "' AND `sticky` = '1' ORDER BY `timestamp` DESC LIMIT {$limit_start},{$total_limit}") or die(mysql_error()); $TTtopics = mysql_query("SELECT * FROM `topics` WHERE `fid` = '" . $id . "' "); $has_topics = mysql_num_rows($TTtopics); $forum_title = mysql_query("SELECT `locked`,`title`,`lastvisited` FROM `forums` WHERE `id` = '" . $id . "' ") or die("Couldn't fetch forum info"); $forum = mysql_fetch_array($forum_title); if (!getFP($id, 0)) { pageerror("Permission Error", "", "Sorry, but you don't have permissions viewing this forum."); } topic_pagination($id, $total_limit, 0); echo "<br /><br />"; if ($forum['locked'] == 't') { echo "\n\t\t\t\t\t\t\t<img src='styles/" . $logged['dskin'] . "/Lockd.png' /><br />\n\t\t\t\t\t\t"; } else { echo "\n\t\t\t\t\t\t\t<a href=\"index.php?act=newtopic&id=" . $id . "\"><img src=\"styles/" . $logged['dskin'] . "/New%20topic.png\" alt='New Topic' style='border:1px solid black;margin-bottom:1px;' /></a>\n\t\t\t\t\t\t"; } if ($has_topics == 0) { $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "forums_none.tpl"; $Temp->tp(); $Temp->tr(array('FORUM_NAME' => $forum['title'])); echo $Temp->html; } else { $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "forums_header.tpl"; $Temp->tp(); $Temp->tr(array('FORUM_NAME' => $forum['title'])); echo $Temp->html; //do a check to see if topics are stickied $pinned_t = mysql_query("SELECT * FROM `topics` WHERE `fid` = '" . $id . "' AND `sticky` = '0' ORDER BY `timestamp` DESC"); $totalpins = mysql_num_rows($pinned_t); //show pinned topics if ($totalpins != 0) { echo ' <tr> <td width="100%" class="small_title" colspan="4"><span>Pinned Topics</span></td> </tr> '; $totalrepliesever = 0; while ($pinned = mysql_fetch_array($pinned_t)) { $replizS = mysql_query("SELECT * FROM `replies` WHERE `tid` = '" . $pinned['id'] . "' "); $replizS = mysql_num_rows($replizS); $lastS = mysql_query("SELECT `username`,`date` FROM `replies` WHERE tid='" . $topic_info['id'] . "' ORDER BY `id` DESC"); $lastpS = mysql_fetch_array($lastS); ($lastposterS = mysql_num_rows($lastS)) != 0 ? $ltpS = $lastpS['username'] and $ltpdS = date("m-d-y", $lastpS['date']) : ($ltpS = $pinned['username']) and $ltpdS = date("m-d-y", $pinned['timestamp']); $totalrepliesever += $replizS; //Output pinned topics $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "forums_content.tpl"; $Temp->tp(); $Temp->tr(array('VIEWS' => $pinned['views'], 'REPLIES' => $replizS, 'TID' => $pinned['id'], 'TNAME' => $pinned['title'], 'AUTHOR' => $pinned['username'], 'UID' => getid($pinned['username']), 'DESC' => $pinned['description'], 'LASTP' => $ltpS, 'UID_2' => getid($ltpS), 'DATE' => $ltpdS)); echo $Temp->html; } if (mysql_num_rows($topics) > 0) { echo ' <tr> <td width="100%" class="small_title" colspan="4"><span>Normal Topics</span></td> </tr> '; } } while ($topic_info = mysql_fetch_array($topics)) { $repliz = mysql_query("SELECT * FROM `replies` WHERE `tid` = '" . $topic_info['id'] . "' "); $repliz = mysql_num_rows($repliz); $totalrepliesever = $totalrepliesever + $repliz; $last = mysql_query("SELECT `username`,`date` FROM `replies` WHERE `tid` = '" . $topic_info['id'] . "' ORDER BY `id` DESC"); $lastp = mysql_fetch_array($last); ($lastposter = mysql_num_rows($last)) != 0 ? $ltp = $lastp['username'] and $ltpd = date("m-d-y", $lastp['date']) : ($ltp = $topic_info['username']) and $ltpd = date("m-d-y", $topic_info['timestamp']); //output normal topics $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "forums_content.tpl"; $Temp->tp(); $Temp->tr(array('VIEWS' => $topic_info['views'], 'REPLIES' => $repliz, 'TID' => $topic_info['id'], 'TNAME' => $topic_info['title'], 'AUTHOR' => $topic_info['username'], 'UID' => getid($topic_info['username']), 'DESC' => $topic_info['description'], 'LASTP' => $ltp, 'UID_2' => getid($ltp), 'DATE' => $ltpd)); echo $Temp->html; } $lfvisit = $forum['lastvisited']; $lID = $logged['id']; if ($lfvisit == "") { $user_lv = serialize(array($logged['id'] => $totalrepliesever)); $up_lfv = mysql_query("UPDATE `forums` SET `lastvisited` ='" . $user_lv . "' WHERE `id` = '" . $id . "' ") or die("error updating last visited"); } else { $lfvi = unserialize($lfvisit); if ($lfvi[$lID] < $totalrepliesever || $lfvi[$lID] == "") { $lfvi[$lID] = $totalrepliesever; $up_lfv = mysql_query("UPDATE `forums` SET `lastvisited` ='" . serialize($lfvi) . "' WHERE `id` = '" . $id . "' ") or die("error updating last visited"); } } echo ' </table> '; } }
function moderator() { //global vars global $logged, $permissions; //set up permissions id's and type id's $id = intval(htmlspecialchars(trim(strip_tags($_GET['id'])))); $type = htmlspecialchars(trim(strip_tags($_GET['type']))); $tid = intval(htmlspecialchars($_GET['tid'])); $posts = htmlspecialchars($_GET['post']); //check what type and modes where in switch ($type) { case "edit": switch ($posts) { case "topic": echo "TOPIC"; //gets topic data from database $tdata_ = mysql_query("SELECT * FROM `topics` WHERE `id` = '" . $id . "' "); $tdata = mysql_fetch_array($tdata_); //if they don't have permission if (($permissions['e_topic'] != 't' and $logged['username'] != $tdata['username']) || $permissions['admin'] != 't') { logs("Invalid User", "1"); pageerror("Topic Error", "There was an error editing topic.", "You don't have permissions to edit this topic!"); } if (!isset($_POST['newtopic'])) { $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "newtopic.tpl"; $Temp->tp(); $Temp->tr(array('TOPIC_NAME' => 'Edit Topic', 'TITLE' => $tdata['title'], 'DESC' => $tdata['description'], 'POST' => '', '<<HIDE>>' => '<!--', '<<HIDE_2>>' => '-->')); echo $Temp->html; } else { if (empty($_POST['title'])) { pageerror("Topic Error", "There was an error editing topic", "Please check your post because you left the topic post or topic title blank!"); } else { $ttitle = htmlspecialchars($_POST['title']); $description = htmlspecialchars($_POST['tdesc']); $ndata = @mysql_query("UPDATE `topics` SET `description` = '" . $description . "', `title` = '" . $ttitle . "' WHERE `id` = '" . $id . "' "); if (!$ndata) { pageerror("Topic Error", "There was an error editing topic", "There was an error updating sql: " . mysql_error()); } finished("Topic Updated!", "Current Topic was Updated!", "Thank you now your topic was sucessfully updated.", "index.php?act=topicshow&id=" . $id); } } break; case "reply": //Selects reply data from db $pdata_ = mysql_query("SELECT * FROM `replies` WHERE `id` = '" . $id . "' "); $pdata = mysql_fetch_array($pdata_); if ($permissions['e_post'] != 't' and $logged['username'] != $pdata['username'] or $permissions['admin'] != 't') { logs("Invalid User", "1"); pageerror("Reply Error", "There was an error editing reply.", "You don't have permissions to edit this post!"); } if (!isset($_POST['newreply'])) { $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "newreply.tpl"; $Temp->tp(); $Temp->tr(array('POST' => $pdata['post'], 'NAME' => "Edit Reply")); echo $Temp->html; } else { $rpost = htmlspecialchars($_POST['post']); if (empty($_POST['post'])) { pageerror("Reply Error", "There was an error editing reply.", "You left the post field blank please go back and check again!"); } else { $pdata = @mysql_query("UPDATE `replies` SET `post` = '" . $rpost . "' WHERE `id` = '" . $id . "' "); if (!$pdata) { pageerror("Reply Error", "There was an error editing reply.", "There was an sql error: " . mysql_error()); } finished("Reply Updated!", "Current Post was Updated!", "Thank you now your reply was sucessfully updated.", "index.php?act=topicshow&id=" . $tid); } } break; } break; case "delete": //Checks if user has permissiosn if ($permissions['d_post'] != 't') { logs("Invalid User", "1"); pageerror("Topic Error", "There was an error opening topic.", "You don't have permissions to open this topic!"); } switch ($posts) { case "reply": if (!isset($_POST['submit'])) { $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "mode_delete.tpl"; $Temp->tp(); echo $Temp->html; } else { if (isset($_POST['del'])) { if (mysql_query("DELETE FROM `replies` WHERE `id` = '" . $id . "'")) { finished("Post deleted Successfully", "", "Your post was deleted successfully, please wait while your being redirected.", "index.php?act=topicshow&id=" . $tid); } else { pageerror("Deletion Error", "", "There was a problem deleting post, please contact the NevuxAB Support Tech."); } } else { finished("Post Message", "", "No action was taken, please wait while your being redirected.", "index.php?act=topicshow&id=" . $tid); } } break; } break; case "opentopic": if ($permissions['o_topic'] != 't') { logs("Invalid User", "1"); pageerror("Topic Error", "There was an error opening topic.", "You don't have permissions to open this topic!"); } $otopic = mysql_query("SELECT `closed` FROM `topics` WHERE `id` = '" . $tid . "' "); $otopic = mysql_fetch_array($otopic); if ($otopic['closed'] == 1) { pageerror("Topic Error", "", "Topic is already Opened!"); } else { $topic_update = mysql_query("UPDATE `topics` SET `closed` = '1' WHERE `id` = '" . $tid . "' "); if (!$topic_update) { pageerror("Topic Error", "", "There was an error updating topic: " . mysql_error()); } finished("Topic Updated!", "Current Topic was Pinned!", "Thank you now your topic was sucessfully opened.", "index.php?act=topicshow&id=" . $tid); } break; case "closetopic": if ($permissions['c_topic'] != 't') { logs("Invalid User", "1"); pageerror("Topic Error", "There was an error closing topic.", "You don't have permissions to close this topic!"); } $ctopic = mysql_query("SELECT `closed` FROM `topics` WHERE `id` = '" . $tid . "' "); $ctopic = mysql_fetch_array($ctopic); if ($ctopic['closed'] == 0) { pageerror("Topic Error", "", "Topic is already closed!"); } else { $topic_update = mysql_query("UPDATE `topics` SET `closed` = '0' WHERE `id` = '" . $tid . "' "); if (!$topic_update) { pageerror("Topic Error", "", "There was an error updating topic: " . mysql_error()); } finished("Topic Updated!", "Current Topic was Closed!", "Thank you now your topic was sucessfully Closed.", "index.php?act=topicshow&id=" . $tid); } break; case "sticktopic": if ($permissions['topic_pin'] != 't') { logs("Invalid User", "1"); pageerror("Topic Error", "There was an error Pinning topic.", "You don't have permissions to Pin this topic!"); } $stopic = mysql_query("SELECT `sticky` FROM `topics` WHERE `id` = '" . $tid . "' "); $stopic = mysql_fetch_array($stopic); if ($stopic['sticky'] == 0) { pageerror("Topic Error", "", "Topic is already Pinned!"); } else { $topic_update = mysql_query("UPDATE `topics` SET `sticky` = '0' WHERE `id` = '" . $tid . "' "); if (!$topic_update) { pageerror("Topic Error", "", "There was an error updating topic: " . mysql_error()); } finished("Topic Updated!", "Current Topic was Pinned!", "Thank you now your topic was sucessfully Pinned.", "index.php?act=topicshow&id=" . $tid); } break; case "unsticktopic": if ($permissions['topic_pin'] != 't') { logs("Invalid User", "1"); pageerror("Topic Error", "There was an error Un-Pinning topic.", "You don't have permissions to Un-Pin this topic!"); } $ustopic = mysql_query("SELECT `sticky` FROM `topics` WHERE `id` = '" . $tid . "' "); $ustopic = mysql_fetch_array($ustopic); if ($ustopic['sticky'] == 1) { pageerror("Topic Error", "", "Topic is already Un-Pinned!"); } else { $topic_update = mysql_query("UPDATE topics SET sticky = '1' WHERE `id` = '" . $tid . "' "); if (!$topic_update) { pageerror("Topic Error", "", "There was an error updating topic: " . mysql_error()); } finished("Topic Updated!", "Current Topic was Un-Pinned!", "Thank you now your topic was sucessfully Un-Pinned.", "index.php?act=topicshow&id={$tid}"); } break; case "move": if ($permissions['m_topic'] != 't') { logs("Invalid User", "1"); pageerror("Topic Error", "There was an error moving topic.", "You don't have permissions to move this topic!"); } $nparent = htmlspecialchars($_POST['to']); if (isset($_POST['update'])) { $topic_update = mysql_query("UPDATE `topics` SET `fid` = '" . $nparent . "' WHERE `id` = '" . $id . "'"); if (!$topic_update) { pageerror("Topic Error", "", "There was an error updating topic: " . mysql_error()); } finished("Topic Updated!", "Current Topic was Pinned!", "Thank you now your topic was moved sucessfully.", "index.php?act=topicshow&id=" . $id); } else { $gettopics = mysql_query("SELECT * FROM `forums` ORDER BY `id` ASC"); $values = ""; while ($showtopics = MySQL_Fetch_Array($gettopics)) { $values .= "<option value='" . $showtopics['id'] . "'>" . $showtopics['title'] . "</option>"; } $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "mode_move.tpl"; $Temp->tp(); $Temp->tr(array('OPTIONS' => $values)); echo $Temp->html; } break; } }
function RUN_Topic() { global $logged, $permissions; if (is_numeric($_GET['id']) and !empty($_GET['id'])) { $id = intval(htmlspecialchars($_GET['id'])); } else { pageerror("Topic Error", "", "Sorry, but there wasn't a topic id present."); } if (!getFP(topic_parent_($id), 1)) { pageerror("Permission Error", "", "Sorry, but you don't have permissions viewing this topic."); } //do some post stuff //total replies pagination limit $ppt = mysql_query("SELECT `postpertopic` FROM `boardstatus` LIMIT 1"); $p_p_t = mysql_fetch_array($ppt); $total_limit = $p_p_t['postpertopic']; topic_pagination($id, $total_limit); $main = mysql_query("SELECT * FROM `topics` WHERE `id` = '" . $id . "' "); $tmain = mysql_fetch_array($main); $umain = mysql_query("SELECT * FROM `users` WHERE `username` = '" . $tmain['username'] . "'"); $fuser = mysql_fetch_array($umain); $isSticked = $tmain['sticky'] == 1 ? "<a href='mode.php?type=sticktopic&tid=" . $id . "'>Sticky</a>" : "<a href='mode.php?type=unsticktopic&tid=" . $id . "'>Un-Sticky</a>"; $isLocked = $tmain['closed'] == 1 ? "<a href='mode.php?type=closetopic&tid=" . $id . "'>Lock</a>" : "<a href='mode.php?type=opentopic&tid=" . $id . "'>Un-Lock</a>"; //check if user has permissions if ($permissions['admin'] == 't' || $permissions['e_topic'] == 't') { $modet = "<a href='mode.php?type=edit&post=topic&id=" . $id . "'>Edit</a> | <a href='mode.php?type=move&post=topic&id=" . $id . "'>Move Topic</a> | " . $isSticked . " | " . $isLocked; } elseif ($logged['username'] == $tmain['username'] && $permissions['e_topic'] == 't') { $modet = "<a href='mode.php?type=edit&post=topic&id=" . $id . "'>Edit</a>"; } else { $modet = ""; } echo "<br />" . run_buttons($id); $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "topic_title.tpl"; $Temp->tp(); $Temp->tr(array('TITLE' => $tmain['title'])); echo $Temp->html; //if($_GET['p'] == 1 || !isset($_GET['p']) ) // { echo ' <tr> <td colspan="2" class="small_title"><span style="float:left;"><b>Posted On:</b> ' . timezone_stamp($tmain['timestamp'], $logged['timezone']) . '</span><span style="float:right" class="small_title_link">' . $modet . '</span></td> </tr> '; //} if (!isset($_GET['p']) || empty($_GET['p']) || $_GET['p'] == 0) { $page = 1; } else { if (!is_numeric($_GET['p'])) { pageerror("Page Error", "", "Didn't specify a correct page id."); } else { $page = intval(mysql_real_escape_string($_GET['p'])); } } $limit_start = $page * $total_limit - $total_limit; //get replies $replies = mysql_query("SELECT * FROM `replies` WHERE `tid` = '" . $id . "' ORDER BY `id` LIMIT {$limit_start},{$total_limit}") or die(mysql_error(__FILE__, __LINE__)); $has_replys = mysql_num_rows($replies); if ($has_replys != 0) { //check to see if there are any replies :D while ($replys = mysql_fetch_array($replies)) { //check if user has permissions if ($permissions['admin'] == 't' || $permissions['d_post'] == 't') { $modep = "<a href='mode.php?type=edit&post=reply&id=" . $replys['id'] . "&tid=" . $id . "'>Edit</a> | <a href='mode.php?type=delete&post=reply&id=" . $replys['id'] . "&tid=" . $id . "'>Delete</a>"; } elseif ($logged['username'] == $replys['username']) { $modep = "<a href='mode.php?type=edit&post=reply&id=" . $replys['id'] . "&tid=" . $id . "'>Edit</a>"; } else { $modep = ""; } $usez = mysql_query("SELECT * FROM `users` WHERE `username` = '" . $replys['username'] . "'"); $useri = mysql_fetch_array($usez); //show replies $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "topic_post.tpl"; $Temp->tp(); $Temp->tr(array('OPTIONS' => $modep, 'POSTER' => $replys['username'], 'AVY' => !empty($useri['avatar']) ? '<img width="100" height="100" src="' . $useri['avatar'] . '" alt="" /><br />' : '', 'DATE' => timezone_stamp($replys['date'], $logged['timezone']), 'GROUP' => group($useri['level']), 'UID' => $useri['id'], 'UPOST' => $useri['post'], 'POST' => nl2br(bbcode_format($replys['post'])) . "<br />__________________<br />" . ($useri['signature'] == '' ? ' ' : nl2br(bbcode_format($useri['signature']))))); echo $Temp->html; } } else { echo "\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td width='100%' class='rows' align='center'><em>There isn't any posts in this topic</em></td>\n\t\t\t\t\t</tr>\n\t\t\t\t"; } echo ' </table> ' . run_buttons($id) . '<br />'; topic_pagination($id, $total_limit); add_views($id); }
function imessage($a = "Unknown Clause", $b = "", $c = "Unknown Clause Occured.", $extra = false, $return = false) { global $logged; $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = 'message.tpl'; $Temp->tp(); $Temp->tr(array("TITLE" => $a, "STITLE" => $b, "BODY" => $c)); if ($return == true) { if ($extra != false) { return $Temp->to() . '<meta http-equiv="refresh" content="3;url=' . $extra . '">'; } else { return $Temp->to(); } } else { $Temp->_print(); } }
<?php /* **************************************************************** #sources/header.php File #Version 1.4 **************************************************************** #Copy Righted 2006-2007(http://nevuxbulletin.com) [nevuxab.info] #Created By NevuxAB Developement Team **************************************************************** */ if (!defined("NABPROOF")) { die("Hacking attempt"); } $bname = mysql_query("SELECT `boardname` FROM `boardstatus` WHERE `id` = '1' ") or die(mysql_error()); $boardname = mysql_fetch_array($bname); $Temp = new Template(); $Temp->dir = $logged['dskin']; $Temp->file = "header.tpl"; $Temp->tp(__LINE__, __FILE__); $Temp->tr(array('TITLE' => '<title>' . $boardname['boardname'] . ' - (Powered By Nevux Ability Boards)</title> ', 'SKIN' => $logged['dskin'], 'PERMISSIONS' => $NAV)); echo $Temp->html; ?>