function getWikiPage($id, $rev = 0) { global $canedit, $canmod; $ptitle = $id; if (!$ptitle) { $ptitle = 'Main_page'; } else { $ptitle = title2url($ptitle); } // so that we don't have for example 'Main page' and 'Main_page' being considered different pages if ($rev < 0) { $rev = 0; } $page = Query("SELECT p.*, pt.date, pt.user, pt.text FROM {wiki_pages} p LEFT JOIN {wiki_pages_text} pt ON pt.id=p.id AND pt.revision=" . ($rev > 0 ? 'LEAST(p.revision,{1})' : 'p.revision') . " WHERE p.id={0}", $ptitle, $rev); if (!NumRows($page)) { $page = array('id' => $ptitle, 'revision' => 0, 'flags' => 0, 'text' => '', 'new' => 1); header('HTTP/1.1 404 Not Found'); header('Status: 404 Not Fount'); } else { $page = Fetch($page); } $page['istalk'] = strtolower(substr($ptitle, 0, 5)) == 'talk:'; $page['ismain'] = strtolower($ptitle) == 'main_page'; $page['canedit'] = $canedit && (!($page['flags'] & WIKI_PFLAG_SPECIAL) || HasPermission('wiki.makepagesspecial')); return $page; }
function CleanupUploads() { $targetdir = DATA_DIR . 'uploads'; $timebeforedel = time() - 604800; // one week $todelete = Query("SELECT physicalname, user, filename FROM {uploadedfiles} WHERE deldate!=0 AND deldate<{0}", $timebeforedel); if (NumRows($todelete)) { while ($entry = Fetch($todelete)) { Report("[b]{$entry['filename']}[/] deleted by auto-cleanup", false); DeleteUpload($targetdir . '/' . $entry['physicalname'], $entry['user']); } Query("DELETE FROM {uploadedfiles} WHERE deldate!=0 AND deldate<{0}", $timebeforedel); } }
function CanMod($userid, $fid) { global $loguser; // Private messages. You cannot moderate them if (!$fid) { return false; } if ($loguser['powerlevel'] > 1) { return true; } if ($loguser['powerlevel'] == 1) { $rMods = Query("select * from {forummods} where forum={0} and user={1}", $fid, $userid); if (NumRows($rMods)) { return true; } } return false; }
function doThreadPreview($tid) { global $mobileLayout; if ($mobileLayout) { return; } $rPosts = Query("\n\t\tselect\n\t\t\t{posts}.id, {posts}.date, {posts}.num, {posts}.deleted, {posts}.options, {posts}.mood, {posts}.ip,\n\t\t\t{posts_text}.text, {posts_text}.text, {posts_text}.revision,\n\t\t\tu.(_userfields)\n\t\tfrom {posts}\n\t\tleft join {posts_text} on {posts_text}.pid = {posts}.id and {posts_text}.revision = {posts}.currentrevision\n\t\tleft join {users} u on u.id = {posts}.user\n\t\twhere thread={0} and deleted=0\n\t\torder by date desc limit 0, 20", $tid); if (NumRows($rPosts)) { $posts = ""; while ($post = Fetch($rPosts)) { $cellClass = ($cellClass + 1) % 2; $poster = getDataPrefix($post, "u_"); $nosm = $post['options'] & 2; $nobr = $post['options'] & 4; $posts .= Format("\n\t\t\t<tr>\n\t\t\t\t<td class=\"cell2\" style=\"width: 15%; vertical-align: top;\">\n\t\t\t\t\t{1}\n\t\t\t\t</td>\n\t\t\t\t<td class=\"cell{0}\">\n\t\t\t\t\t<button style=\"float: right;\" onclick=\"insertQuote({2});\">" . __("Quote") . "</button>\n\t\t\t\t\t<button style=\"float: right;\" onclick=\"insertChanLink({2});\">" . __("Link") . "</button>\n\t\t\t\t\t{3}\n\t\t\t\t</td>\n\t\t\t</tr>\n\t", $cellClass, UserLink($poster), $post['id'], CleanUpPost($post['text'], $poster['name'], $nosm)); } Write("\n\t\t<table class=\"outline margin\">\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"2\">" . __("Thread review") . "</th>\n\t\t\t</tr>\n\t\t\t{0}\n\t\t</table>\n\t", $posts); } }
function listGuests($rGuests, $noMsg) { global $showIPs; if (!NumRows($rGuests)) { return "<tr class=\"cell0\"><td colspan=\"6\">{$noMsg}</td></tr>"; } $i = 1; while ($guest = Fetch($rGuests)) { $cellClass = ($cellClass + 1) % 2; if ($guest['date']) { $lastUrl = "<a href=\"" . FilterURL($guest['lasturl']) . "\">" . FilterURL($guest['lasturl']) . "</a>"; } else { $lastUrl = __("None"); } $guestList .= "\n\t\t<tr class=\"cell{$cellClass}\">\n\t\t\t<td>{$i}</td>\n\t\t\t<td colspan=\"2\" title=\"" . htmlspecialchars($guest['useragent']) . "\">" . htmlspecialchars(substr($guest['useragent'], 0, 65)) . "</td>\n\t\t\t<td>" . cdate("d-m-y G:i:s", $guest['date']) . "</td>\n\t\t\t<td>{$lastUrl}</td>"; if ($showIPs) { $guestList .= "<td>" . formatIP($guest['ip']) . "</td>"; } $guestList .= "</tr>"; $i++; } return $guestList; }
<?php $viewableforums = ForumsWithPermission('forum.viewforum'); $tag = $_GET['tag']; $tagcode = '"[' . $tag . ']"'; $forum = $_GET['fid']; $cond = "WHERE MATCH (t.title) AGAINST ({0} IN BOOLEAN MODE)"; if ($forum) { $cond .= " AND t.forum = {1}"; } $total = Fetch(Query("SELECT count(*) from threads t {$cond} AND t.forum IN ({2c})", $tag, $forum, $viewableforums)); $total = $total[0]; $tpp = $loguser['threadsperpage']; if (isset($_GET['from'])) { $from = (int) $_GET['from']; } else { $from = 0; } if (!$tpp) { $tpp = 50; } $rThreads = Query("\tSELECT\n\t\t\t\t\t\tt.*,\n\t\t\t\t\t\tf.(title, id),\n\t\t\t\t\t\t" . ($loguserid ? "tr.date readdate," : '') . "\n\t\t\t\t\t\tsu.(_userfields),\n\t\t\t\t\t\tlu.(_userfields)\n\t\t\t\t\tFROM\n\t\t\t\t\t\tthreads t\n\t\t\t\t\t\t" . ($loguserid ? "LEFT JOIN threadsread tr ON tr.thread=t.id AND tr.id={2}" : '') . "\n\t\t\t\t\t\tLEFT JOIN users su ON su.id=t.user\n\t\t\t\t\t\tLEFT JOIN users lu ON lu.id=t.lastposter\n\t\t\t\t\t\tLEFT JOIN forums f ON f.id=t.forum\n\t\t\t\t\t{$cond} AND f.id IN ({5c})\n\t\t\t\t\tORDER BY sticky DESC, lastpostdate DESC LIMIT {3u}, {4u}", $tagcode, $forum, $loguserid, $from, $tpp, $viewableforums); $pagelinks = PageLinks(actionLink("tagsearch", "", "tag={$tag}&fid={$forum}&from="), $tpp, $from, $total); if (NumRows($rThreads)) { makeThreadListing($rThreads, $pagelinks, false, !$forum); } else { Alert(format(__("Tag {0} was not found in any thread."), htmlspecialchars($tag)), __("No threads found.")); }
$re = NumRows($dbtype, $result); $del = shell_exec("rm -rf {$getfile} 2>&1"); if ($re > 0) { $re = FetchArray($dbtype, $result); $smsid = $re[smsid]; $msg = stripslashes($re[msg]); $cellnum = $re[telnum]; $pos7 = strpos($msg, " "); if ($pos7 == "") { $pos7 = 4; } $keyword = trim(strtolower(substr($msg, 0, $pos7))); $othermsg = trim(substr($msg, $pos7 + 1, 10)); //get reply $res = SelectDataWhere($dbtype, $dbLink, "sms_message", "where keyword='{$keyword}'"); $cnt = NumRows($dbtype, $res); if ($cnt == 0) { $sendthis = "Your message {$msg} is not a valid message.Please type HELP for more information"; } else { if ($othermsg == "") { $sendthis = FetchArray($dbtype, $res); $sendthis = $sendthis[full_message]; $sendthis = addslashes($sendthis); } else { $keyword = strtolower($keyword); $pt = substr($othermsg, 0, 1); $pt = strtoupper($pt); if ($pt == 'B') { $permit_type = 'Business'; $pld = 'steps, owner_id, business_id'; $idme = 'business_permit_id';
//I can't figure it out. Anybody else? $where .= " and substring(name, 1,1) regexp '[:punct:]' or substring(displayname, 1,1) regexp '[:punct:]'"; } if ($letter == "#") { $where .= " and substring(name, 1,1) regexp '[0-9]' or substring(displayname, 1,1) regexp '[0-9]'"; } else { $where .= " and name like '" . $letter . "%' or displayname like '" . $letter . "%'"; } } if (!(isset($pow) && $pow == 5)) { $where .= " and powerlevel < 5"; } $numUsers = FetchResult("select count(*) from users where " . $where, 0, 0); $qUsers = "select * from users where " . $where . " order by " . $order . ", name asc limit " . $from . ", " . $tpp; $rUsers = Query($qUsers); $numonpage = NumRows($rUsers); for ($i = $tpp; $i < $numUsers; $i += $tpp) { if ($i == $from) { $pagelinks .= " " . ($i / $tpp + 1); } else { $pagelinks .= " " . mlink($sort, $sex, $pow, $tpp, $letter, $dir, $i) . ($i / $tpp + 1) . "</a>"; } } if ($pagelinks) { if ($from == 0) { $pagelinks = "1" . $pagelinks; } else { $pagelinks = mlink($sort, $sex, $pow, $tpp, $letter, $dir, 0) . "1</a>" . $pagelinks; } } //$alphabet .= "<li>".mlink($sort,$sex,$pow,$tpp,"@",$dir)."@</a></li>\n";
if ($istat == 'ReNew') { // || $istat=='Retire') { require "includes/penalty.php"; } } else { echo "0.00"; $amt2pay[$si + 1] = 0; } ?> </td> <?php //check if no more line to pay $hvl = SelectDataWhere($dbtype, $dbLink, "tempbusnature", "where owner_id = {$owner_id} and\n\t\t\tbusiness_id={$business_id} and linepaid=0"); $hvl = NumRows($dbtype, $hvl); //getpayhistory if ($balance == '') { $balance = $tabs; } if ($balance >= 0) { //echo $cnthave."-".$gethis."<BR>"; if ($iswev == 1) { //$gethis=1; } if ($gethis == 0 and $hvl > 0 and $amt2pay[$si + 1] > 0) { if ($mayunpaid == 1) { $unpaid = 2; } else { $mayunpaid = 1; $unpaid = 1;
$getna = $getnat['naturedesc']; $nat = SelectDataWhere($dbtype, $dbLink, "tempbusnature", "where tempid='{$savenat}'"); $getnat = FetchArray($dbtype, $nat); $transme = $getnat['transaction']; if ($transme == 'New') { $multi = $_cap; $oldm = $getnat[cap_inv]; } else { $multi = $lastyr; $oldm = $getnat[last_yr]; } $result = UpdateQuery($dbtype, $dbLink, "tempbusnature", "bus_code={$_idx}, bus_nature='{$getna}', cap_inv='{$_cap}',\n last_yr='{$lastyr}'", "tempid='{$savenat}'"); $result = UpdateQuery($dbtype, $dbLink, "tempassess", "multi='{$multi}'", "owner_id='{$owner_id}' and\n\t\t\t\t\t business_id='{$business_id}' and natureid = '{$business_nature_code}'\n\t\t\t\t\t and transaction = '{$stat}' and multi='{$oldm}'"); } else { $check = SelectDataWhere($dbtype, $dbLink, $tempbiz, "where bus_code='{$_idx}' and business_id={$business_id}\n and owner_id={$owner_id}"); $checkit = NumRows($dbtype, $check); if ($checkit == 0) { //get nature_desc $nat = SelectDataWhere($dbtype, $dbLink, "ebpls_buss_nature", "where natureid='{$_idx}'"); $getnat = FetchArray($dbtype, $nat); $getnat = $getnat['naturedesc']; //save to temp table if ($stat == 'New') { if ($business_capital_investment != 0) { $oki = 1; } else { $oki = 0; } } else { if ($gross_sale != 0 || $business_capital_investment != 0) { $oki = 1;
if ($ry == '1') { $getpyr = mysql_query("select * from {$permittable} order by {$incode} desc"); $gt = mysql_fetch_assoc($getpyr); $anoba = $gt["for_year"]; if ($anoba == date('Y')) { //get total number of permit released $curyr = date('Y'); $gettotal = SelectDataWhere($dbtype, $dbLink, $permittable, "where released = 1 and for_year = '{$curyr}'"); $gettot = NumRows($dbtype, $gettotal); } else { $gettot = 0; } } else { //get total number of permit released $gettotal = SelectDataWhere($dbtype, $dbLink, $permittable, "where released = 1"); $gettot = NumRows($dbtype, $gettotal); } $sequence = $getcode[2]; $sequence = '100000000000' + $sequence; $sequence = $sequence + $gettot + 1; $sequence = substr($sequence, 1, 11); if ($getcode[1] == '1') { // check if have date $permitnumber = $getcode[0] . "-" . $currdate[year] . "-" . $sequence; } else { $permitnumber = $getcode[0] . "-" . $sequence; } if ($permit_type != 'Business') { //insert permitcode to $permittable $updateit = UpdateQuery($dbtype, $dbLink, $permittable, "{$incode}='{$permitnumber}'", "owner_id={$owner_id}"); //update it to released status
$ppp = $loguser['postsperpage']; if (!$ppp) { $ppp = 20; } if (isset($_GET['from'])) { $from = $_GET['from']; } else { $from = 0; } $rPosts = Query("\n\t\t\tSELECT\n\t\t\t\tp.*,\n\t\t\t\tpt.text, pt.revision, pt.user AS revuser, pt.date AS revdate,\n\t\t\t\tu.(_userfields), u.(rankset,title,picture,posts,postheader,signature,signsep,lastposttime,lastactivity,regdate,globalblock),\n\t\t\t\tru.(_userfields),\n\t\t\t\tdu.(_userfields)\n\t\t\tFROM\n\t\t\t\t{posts} p\n\t\t\t\tLEFT JOIN {posts_text} pt ON pt.pid = p.id AND pt.revision = p.currentrevision\n\t\t\t\tLEFT JOIN {users} u ON u.id = p.user\n\t\t\t\tLEFT JOIN {users} ru ON ru.id=pt.user\n\t\t\t\tLEFT JOIN {users} du ON du.id=p.deletedby\n\t\t\tWHERE thread={1}\n\t\t\tORDER BY date ASC LIMIT {2u}, {3u}", $loguserid, $tid, $from, $ppp); $numonpage = NumRows($rPosts); $pagelinks = PageLinks(actionLink("thread", $tid, "from="), $ppp, $from, $total); if ($pagelinks) { write("<div class=\"smallFonts pages\">" . __("Pages:") . " {0}</div>", $pagelinks); } if (NumRows($rPosts)) { while ($post = Fetch($rPosts)) { $post['closed'] = $thread['closed']; MakePost($post, POST_NORMAL, array('tid' => $tid, 'fid' => $fid)); } } if ($pagelinks) { write("<div class=\"smallFonts pages\">" . __("Pages:") . " {0}</div>", $pagelinks); } if ($loguserid && $loguser['powerlevel'] >= $forum['minpowerreply'] && (!$thread['closed'] || $loguser['powerlevel'] > 0) && !isset($replyWarning)) { $ninja = FetchResult("select id from {posts} where thread={0} order by date desc limit 0, 1", $tid); //Quick reply goes here if (CanMod($loguserid, $fid)) { //print $thread['closed']; if (!$thread['closed']) { $mod .= "<label><input type=\"checkbox\" name=\"lock\"> " . __("Close thread", 1) . "</label>\n";
</tr> <?php //if ($owner_id<>'' and $business_id<>'') { $ic = 0; $col1 = 0; $getreq = SelectDataWhere($dbtype, $dbLink, "ebpls_buss_requirements", "where recstatus='A' and reqindicator='1' and permit_type='Business'"); $gt = NumRows($dbtype, $getreq); while ($ic < $gt) { while ($getr = FetchRow($dbtype, $getreq)) { $ic++; if ($col1 == 0) { include 'tablecolor-inc.php'; print "<tr bgcolor='{$varcolor}'>\n"; } $check1 = SelectDataWhere($dbtype, $dbLink, "havereq", " where owner_id={$owner_id}\n \tand business_id={$business_id} \n\t\t\t\t\tand reqid={$getr['0']}"); $hreq = NumRows($dbtype, $check1); if ($hreq == 0) { $insertreq = InsertQuery($dbtype, $dbLink, "havereq", "", "'', {$getr['0']}, {$owner_id}, {$business_id},0"); $ch = 'UNCHECKED'; $gethr[4] = 0; } else { $gethr = FetchRow($dbtype, $check1); if ($gethr[4] == 1) { $ch = 'CHECKED'; } else { $ch = 'UNCHECKED'; } } $getr[1] = stripslashes($getr[1]); print "\t\n\t\t\t\t<td align=right width=5%><input type=hidden name=colre[{$ic}] \n\t\t\t\tvalue={$getr['0']}>  \n\t\t\t\t<input type=checkbox name=x[{$ic}] {$ch}></td><td align=left width=23%>{$getr['1']}\n\t\t\t\t</td>"; $col1 = $col1 + 1;
function WriteCategoryEditContents($cid) { global $loguser, $forumBoards; $boardlist = ''; if ($cid != -1) { $rCategory = Query("SELECT * FROM {categories} WHERE id={0}", $cid); if (!NumRows($rCategory)) { Kill("Category not found."); } $cat = Fetch($rCategory); $candelete = FetchResult("SELECT COUNT(*) FROM {forums} WHERE catid={0}", $cid) == 0; $name = htmlspecialchars($cat['name']); $corder = $cat['corder']; if (count($forumBoards) > 1) { foreach ($forumBoards as $bid => $bname) { $boardlist .= '<label><input type="radio" name="board" value="' . htmlspecialchars($bid) . '"' . ($cat['board'] == $bid ? ' checked="checked"' : '') . '> ' . htmlspecialchars($bname) . '</label>'; } } $boxtitle = __("Editing category ") . $name; $fields = array('name' => '<input type="text" name="name" value="' . $name . '" size=64>', 'order' => '<input type="text" name="corder" value="' . $corder . '" size=3>', 'board' => $boardlist, 'btnSave' => '<button onclick="changeCategoryInfo(' . $cid . '); return false;">Save</button>', 'btnDelete' => '<button ' . ($candelete ? 'onclick="deleteCategory(); return false;"' : 'disabled="disabled"') . '>Delete</button>'); $delMessage = $candelete ? '' : __('Before deleting a category, remove all forums from it.'); } else { if (count($forumBoards) > 1) { foreach ($forumBoards as $bid => $bname) { $boardlist .= '<label><input type="radio" name="board" value="' . htmlspecialchars($bid) . '"' . ($bid == '' ? ' checked="checked"' : '') . '> ' . htmlspecialchars($bname) . '</label>'; } } $boxtitle = __("New category"); $fields = array('name' => '<input type="text" name="name" value="" size=64>', 'order' => '<input type="text" name="corder" value="0" size=3>', 'board' => $boardlist, 'btnSave' => '<button onclick="addCategory(); return false;">Save</button>', 'btnDelete' => ''); $delMessage = ''; } echo "\n\t<form method=\"post\" id=\"forumform\" action=\"" . htmlentities(actionLink("editfora")) . "\">\n\t<input type=\"hidden\" name=\"key\" value=\"" . $loguser["token"] . "\">\n\t<input type=\"hidden\" name=\"id\" value=\"{$cid}\">"; RenderTemplate('form_editcategory', array('formtitle' => $boxtitle, 'fields' => $fields, 'delMessage' => $delMessage)); echo "\n\t</form>"; }
$getfee = SelectMultiTable($dbtype, $dbLink, "boat_fee", "amt", "where boat_type='{$getb['4']}' and\n range_lower<={$getb['5']} and range_higher=0 and\n transaction='{$stat}' and active = 1"); } $getfee = FetchRow($dbtype, $getfee); $ttfee = $ttfee + $getfee[0]; } $getot = SelectDataWhere($dbtype, $dbLink, $fee, " where permit_type='{$stat}' and active=1"); $getact = SelectMultiTable($dbtype, $dbLink, "fish_activity", "sum(act_fee)", "where owner_id={$owner_id} and transaction='{$stat}' and active = 1"); $getact = FetchRow($dbtype, $getact); $tfee1 = $getact[0]; $getboat = SelectDataWhere($dbtype, $dbLink, "fish_assess", "where owner_id={$owner_id}"); while ($getb = FetchArray($dbtype, $getboat)) { $getfee = SelectDataWhere($dbtype, $dbLink, "culture_fee", "where culture_id='{$getb['culture_id']}' and\n\t\t transaction='{$stat}' and active = 1 "); $getnum = FetchArray($dbtype, $getfee); if ($getnum[fee_type] == '3') { $getfee = SelectDataWhere($dbtype, $dbLink, "culture_range", "where culture_id='{$getb['culture_id']}' and\n\t\t range_lower<{$getb['amt']} and range_higher>={$getb['amt']} "); $getnum = NumRows($dbtype, $getfee); if ($getnum == 0) { $getfee = SelectDataWhere($dbtype, $dbLink, "culture_range", "where culture_id='{$getb['culture_id']}' and\n range_lower<={$getb['amt']} and range_higher=0"); } } $getfee1 = FetchArray($dbtype, $getfee); $ttfee1 = $ttfee1 + $getfee1[amt]; } ?> <table width=60%> <tr> <td>Fees from Boat Registration</td><td><?php echo number_format($ttfee, 2); ?> </td> </tr>
<?php $title = 'Referrals'; $crumbs = new PipeMenu(); $crumbs->add(new PipeMenuLinkEntry(__("Admin"), "admin")); $crumbs->add(new PipeMenuLinkEntry(__("Referrals"), "referrals")); makeBreadcrumbs($crumbs); echo '<table class="outline margin"> <tr class="header1"><th>URL</th><th>Hit count</th></tr> '; $refs = Query("SELECT referral,count FROM {referrals} ORDER BY count DESC LIMIT 200"); if (!NumRows($refs)) { echo ' <tr class="cell0"><td colspan="2">No referrals recorded.</td></tr> '; } else { $c = 0; while ($ref = Fetch($refs)) { echo ' <tr class="cell', $c, '"><td>', htmlspecialchars($ref['referral']), '</td><td class="center">', $ref['count'], '</td></tr> '; $c = 1 - $c; } } echo '</table> ';
"> <table border =0 width=60% align=center><Br><br> <tr> <td> Copy from Line of Business </td> <td align=center ><?php echo get_select_data($dbLink, "fromnat", "ebpls_buss_nature", "natureid", "naturedesc", $fromnat, "true", "naturestatus='A' and natureid<>'{$natureid}' order by naturedesc", "onchange='_FRM.submit();'"); ?> </td> </tr> </table> <table border =0 width=70% align=center><Br> <?php $ic = 0; $col1 = 0; $getreq = SelectDataWhere($dbtype, $dbLink, "ebpls_buss_taxfeeother a, ebpls_buss_tfo b", "where a.tfo_id=b.tfoid and a.natureid='{$fromnat}' order by a.mode"); $gt = NumRows($dbtype, $getreq); while ($ic < $gt) { while ($s = FetchArray($dbtype, $getreq)) { $ic++; if ($col1 == 0) { include 'tablecolor-inc.php'; print "<tr bgcolor='{$varcolor}'>\n"; } if ($s[taxtype] == 1) { $lbl = ' (New)'; } if ($s[taxtype] == 2) { $lbl = ' (ReNew)'; } if ($s[taxtype] == 3) { $lbl = ' (Retire)';
} if (isset($_GET['key']) && isset($_GET['id'])) { $user = Query("select id, name, password from users where id = '" . (int) $_GET['id'] . "' and lostkey = '" . justEscape($_GET['key']) . "'"); if (NumRows($user) == 0) { Kill(__("This old key cannot be used."), __("Invalid key")); } else { $user = Fetch($user); } $newPass = randomString(8); $sha = hash("sha256", $newPass . $salt, FALSE); Query("update users set lostkey = '', password = '******', pss = '' where id = " . (int) $_GET['id']); Kill(format(__("Your password has been reset to <strong>{0}</strong>. You can use this password to log in to the board. We suggest you change it as soon as possible."), $newPass), __("Password reset")); } else { if ($_POST['action'] == __("Send reset email")) { $user = Query("select id, name, password, email, lostkeytimer from users where name = '" . justEscape($_POST['name']) . "' and email = '" . justEscape($_POST['mail']) . "'"); if (NumRows($user) == 0) { Kill(__("Could not find a user with that name and email address."), __("Invalid user name or email")); } else { $user = Fetch($user); } //print_r($user); if ($user['lostkeytimer'] > time() - 60 * 60) { //wait an hour between attempts Kill(__("To prevent abuse, this function can only be used once an hour."), __("Slow down!")); } $resetKey = md5($user['id'] . $user['name'] . $user['password'] . $user['email']); $from = $mailResetFrom; $to = $user['email']; $subject = format(__("Password reset for {0}"), $user['name']); $message = format(__("A password reset was requested for your user account on {0}."), $boardname) . "\n" . __("If you did not submit this request, this message can be ignored.") . "\n\n" . __("To reset your password, visit the following URL:") . "\n\n" . $_SERVER['HTTP_REFERER'] . "?id=" . $user['id'] . "&key=" . $resetKey . "\n\n" . __("This link can be used once."); $headers = "From: " . $from . "\r\n" . "Reply-To: " . $from . "\r\n" . "X-Mailer: PHP/" . phpversion();
} if (isset($_POST['id'])) { $_GET['id'] = $_POST['id']; } if (!isset($_GET['id'])) { Kill(__("Forum ID unspecified.")); } $fid = (int) $_GET['id']; if (!HasPermission('forum.viewforum', $fid)) { Kill(__('You may not access this forum.')); } if (!HasPermission('forum.postthreads', $fid)) { Kill($loguser['banned'] ? __('You may not post because you are banned.') : __('You may not post threads in this forum.')); } $rFora = Query("select * from {forums} where id={0}", $fid); if (NumRows($rFora)) { $forum = Fetch($rFora); } else { Kill(__("Unknown forum ID.")); } if ($forum['locked']) { Kill(__("This forum is locked.")); } if (!isset($_POST['poll']) || isset($_GET['poll'])) { $_POST['poll'] = $_GET['poll']; } $isHidden = !HasPermission('forum.viewforum', $fid, true); $urlname = $isHidden ? '' : $forum['title']; $OnlineUsersFid = $fid; MakeCrumbs(forumCrumbs($forum) + array('' => __("New thread"))); $attachs = array();
echo $confx; ?> '> <input type=hidden name=owner_id value='<?php echo $owner_id; ?> '> <input type=hidden name=com> <input type=hidden name=com1> </td> </tr> <?php if ($sb == 'Submit') { if ($owner_id == '') { $checksame = SelectDataWhere($dbtype, $dbLink, $dtable, "where fee_desc='{$feedesc}' and\n\t\t\t\tpermit_type='{$ptype}'"); $chks = NumRows($dbtype, $checksame); if ($chks > 0) { ?> <body onLoad='javascript:alert ("Duplicate Entry. Cannot Save");'></body> <?php // print "<td align=right><font color=red>Duplicat</font></td>"; // print "<td align=left><font color=red>e Entry. Cannot Save</font></td>"; } else { $feedesc = addslashes($feedesc); if ($feet == "Motorized") { $result = InsertQuery($dbtype, $dbLink, $dtable, "(fee_desc, fee_amount, lastupdatedby, \n\t\t\t\t\t\tlastupdated, permit_type, nyears)", "'{$feedesc}', {$feeamount},'{$usern}', now(), '{$ptype}', '{$MFees}'"); $MFees = ""; } else { $result = InsertQuery($dbtype, $dbLink, $dtable, "(fee_desc, fee_amount, lastupdatedby, \n\t\t\t\t\t\tlastupdated, permit_type)", "'{$feedesc}', {$feeamount},'{$usern}', now(), '{$ptype}'"); } $feet = "";
$cellClass = ($cellClass + 1) % 2; if ($entry['user'] != $lastID) { if ($lastID == -1) { $lastID = $entry['user']; } else { $lastID = $entry['user']; $private .= format("\n\t\t\t<tr class=\"header1\">\n\t\t\t\t<th colspan=\"7\" style=\"height: 2px;\"></th>\n\t\t\t</tr>\n"); } } $private .= format("\n\t\t\t<tr class=\"cell{0}\">\n\t\t\t\t{8}\n\t\t\t\t<td>\n\t\t\t\t\t<a href=\"{$boardroot}get.php?id={1}\">{2}</a>{3}\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t{4}\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t{5}\n\t\t\t\t</td>\n\t\t\t\t<td>\n\t\t\t\t\t{6}\n\t\t\t\t</td>\n\t\t\t</tr>\n\t", $cellClass, $entry['id'], $entry['filename'], $delete, $entry['description'], BytesToSize(@filesize($rootdir . "/" . $entry['user'] . "/" . $entry['filename'])), UserLink($entry, "user"), $entry['user'], $multidel); } } $private .= "</table>"; } $entries = Query("select \n\t\t\t\t\t\tup.*, \n\t\t\t\t\t\tu.name, u.displayname, u.powerlevel, u.sex \n\t\t\t\t\tfrom {uploader} up\n\t\t\t\t\tleft join {users} u on up.user = u.id \n\t\t\t\t\twhere up.private = 0 order by " . $skey . $sdir); if (NumRows($entries) == 0 && !$havePrivates) { $public = format("\n\t<table class=\"outline margin\">\n\t\t<tr class=\"header0\">\n\t\t\t<th colspan=\"7\">" . __("Public Files") . "</th>\n\t\t</tr>\n\t\t<tr class=\"cell1\">\n\t\t\t<td colspan=\"4\">\n\t\t\t\t" . __("The uploader is empty.") . "\n\t\t\t</td>\n\t\t</tr>\n\t</table>\n"); } else { if ($havePrivates) { $head = str_replace("<input type=\"checkbox\" id=\"ca\" onchange=\"checkAll();\" />", "", $head); } $public = format("\n\t<table class=\"outline margin\">\n\t\t<tr class=\"header0\">\n\t\t\t<th colspan=\"7\">" . __("Public Files") . "</th>\n\t\t</tr>\n\t\t{0}\n", $head); while ($entry = Fetch($entries)) { $delete = ""; $multidel = ""; if ($loguserid) { $multidel = "<td><input type=\"checkbox\" name=\"delete[" . $entry['id'] . "]\" disabled=\"disabled\" /></td>"; } if ($loguserid == $entry['user'] || $loguser['powerlevel'] > 2) { $delete = "<sup> " . actionLinkTag("✘", "uploader", "", "action=delete&fid=" . $entry['id']) . "</sup>"; $multidel = "<td><input type=\"checkbox\" name=\"del[" . $entry['id'] . "]\" /></td>";
$to = substr($pm['text'], 17, strpos($pm['text'], "### -->") - 18); $pm['text'] = substr($pm['text'], strpos($pm['text'], "### -->") + 7); } if ($_POST['action'] == __("Send") || $_POST['action'] == __("Update Draft")) { $recipIDs = array(); if ($_POST['to']) { $firstTo = -1; $recipients = explode(";", $_POST['to']); foreach ($recipients as $to) { $to = mysql_real_escape_string(trim(htmlentities($to))); if ($to == "") { continue; } $qUser = "******" . $to . "' or displayname='" . $to . "'"; $rUser = Query($qUser); if (NumRows($rUser)) { $user = Fetch($rUser); $id = $user['id']; if ($firstTo == -1) { $firstTo = $id; } if ($id == $loguserid) { $errors .= __("You can't send private messages to yourself.") . "<br />"; } else { if (!in_array($id, $recipIDs)) { $recipIDs[] = $id; } } } $maxRecips = array(-1 => 1, 3, 3, 3, 10, 100, 1); $maxRecips = $maxRecips[$loguser['powerlevel']];
$attachs = HandlePostAttachments($pid, true); Query("UPDATE {posts} SET has_attachments={0} WHERE id={1}", !empty($attachs) ? 1 : 0, $pid); Report("New reply by [b]" . $loguser['name'] . "[/] in [b]" . $thread['title'] . "[/] (" . $forum['title'] . ") -> [g]#HERE#?pid=" . $pid, $isHidden); $bucket = "newreply"; include BOARD_ROOT . "lib/pluginloader.php"; die(header("Location: " . actionLink("post", $pid))); } else { $attachs = HandlePostAttachments(0, false); } } } } $prefill = htmlspecialchars($_POST['text']); if ($_GET['quote']) { $rQuote = Query("\tselect\n\t\t\t\t\tp.id, p.deleted, pt.text,\n\t\t\t\t\tt.forum fid, \n\t\t\t\t\tu.name poster\n\t\t\t\tfrom {posts} p\n\t\t\t\t\tleft join {posts_text} pt on pt.pid = p.id and pt.revision = p.currentrevision\n\t\t\t\t\tleft join {threads} t on t.id=p.thread\n\t\t\t\t\tleft join {users} u on u.id=p.user\n\t\t\t\twhere p.id={0}", (int) $_GET['quote']); if (NumRows($rQuote)) { $quote = Fetch($rQuote); //SPY CHECK! if (!HasPermission('forum.viewforum', $quote['fid'])) { $quote['poster'] = 'your mom'; $quote['text'] = __('Nice try kid, but no.'); } if ($quote['deleted']) { $quote['text'] = __('(deleted post)'); } $prefill = "[quote=\"" . htmlspecialchars($quote['poster']) . "\" id=\"" . $quote['id'] . "\"]" . htmlspecialchars($quote['text']) . "[/quote]"; $prefill = str_replace("/me", "[b]* " . htmlspecialchars(htmlspecialchars($quote['poster'])) . "[/b]", $prefill); } } function getCheck($name) {
$total = FetchResult("SELECT\n\t\t\t\t\t\tcount(*)\n\t\t\t\t\tFROM {usercomments}\n\t\t\t\t\tWHERE uid={0}", $id); $from = (int) $_GET["from"]; if (!isset($_GET["from"])) { $from = 0; } $realFrom = $total - $from - $cpp; $realLen = $cpp; if ($realFrom < 0) { $realLen += $realFrom; $realFrom = 0; } $rComments = Query("SELECT\n\t\tu.(_userfields),\n\t\t{usercomments}.id, {usercomments}.cid, {usercomments}.text\n\t\tFROM {usercomments}\n\t\tLEFT JOIN {users} u ON u.id = {usercomments}.cid\n\t\tWHERE uid={0}\n\t\tORDER BY {usercomments}.date ASC LIMIT {1u},{2u}", $id, $realFrom, $realLen); $pagelinks = PageLinksInverted(actionLink($mobileLayout ? "usercomments" : "profile", $id, "from="), $cpp, $from, $total); $commentList = ""; $commentField = ""; if (NumRows($rComments)) { while ($comment = Fetch($rComments)) { if ($canDeleteComments) { $deleteLink = "<small style=\"float: right; margin: 0px 4px;\">" . actionLinkTag("✘", $mobileLayout ? "usercomments" : "profile", $id, "action=delete&cid=" . $comment['id'] . "&token={$loguser['token']}") . "</small>"; } $cellClass = ($cellClass + 1) % 2; $thisComment = format("\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td class=\"cell2\">\n\t\t\t\t\t\t\t\t{0}\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td class=\"cell{1}\">\n\t\t\t\t\t\t\t\t{3}{2}\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n", UserLink(getDataPrefix($comment, "u_")), $cellClass, CleanUpPost($comment['text'], $comment['u_name']), $deleteLink); $commentList = $commentList . $thisComment; if (!isset($lastCID)) { $lastCID = $comment['cid']; } } $pagelinks = "<td colspan=\"2\" class=\"cell1\">{$pagelinks}</td>"; if ($total > $cpp) { $commentList = "{$pagelinks}{$commentList}{$pagelinks}"; }
function getCategory($cat) { if (!is_numeric($cat)) { Kill('Invalid category'); } if ($cat >= 0) { $rCategory = Query("select * from {uploader_categories} where id={0}", $cat); if (NumRows($rCategory) == 0) { Kill("Invalid category"); } $rcat = Fetch($rCategory); } else { if ($cat == -1) { $rcat = array("id" => -1, "name" => "Private files"); } else { if ($cat == -2) { $rcat = array("id" => -2, "name" => "All private files"); } else { Kill('Invalid category'); } } } return $rcat; }
<?php $ajaxPage = true; $id = (int) $_GET["id"]; $rPost = Query("\n\t\tSELECT\n\t\t\tp.id, p.date, p.num, p.deleted, p.deletedby, p.reason, p.options, p.mood, p.ip,\n\t\t\tpt.text, pt.revision, pt.user AS revuser, pt.date AS revdate,\n\t\t\tu.(_userfields), u.(rankset,title,picture,posts,postheader,signature,signsep,lastposttime,lastactivity,regdate,globalblock),\n\t\t\tru.(_userfields),\n\t\t\tdu.(_userfields),\n\t\t\tf.id fid\n\t\tFROM\n\t\t\t{posts} p\n\t\t\tLEFT JOIN {posts_text} pt ON pt.pid = p.id AND pt.revision = p.currentrevision\n\t\t\tLEFT JOIN {users} u ON u.id = p.user\n\t\t\tLEFT JOIN {users} ru ON ru.id=pt.user\n\t\t\tLEFT JOIN {users} du ON du.id=p.deletedby\n\t\t\tLEFT JOIN {threads} t ON t.id=p.thread\n\t\t\tLEFT JOIN {forums} f ON f.id=t.forum\n\t\tWHERE p.id={0}", $id); if (!NumRows($rPost)) { die(__("Unknown post ID.")); } $post = Fetch($rPost); if (!CanMod($loguserid, $post['fid']) && $loguserid != $post["u_id"]) { die(__("No.")); } echo MakePost($post, $_GET['o'] ? POST_DELETED_SNOOP : POST_NORMAL, array('tid' => $post['thread'], 'fid' => $post['fid']));
$depval = ''; $depval1 = ''; } print "<tr><td align =right>Engine Capacity</td><td> \n\t\t\t<input type=hidden name=feeid[{$i}] value={$getrec['0']}>\n <input type=text name=rangelow[{$i}] size=5 value={$getrec['2']} {$depval}> \n <input type=text name=rangehigh[{$i}] size=5 value={$getrec['3']} {$depval1}> \n <input type=text name=amt[{$i}] size=5 value={$getrec['5']}></td>\n </td><td> </td>\n </tr>"; $depval = ''; $depval1 = ''; $i++; } } } if ($addrange == 'Add Range') { if ($updateit == 1) { $ftag = 'Update'; $chkread = 'hidden'; $cntrec = SelectDataWhere($dbtype, $dbLink, "boat_fee", "where boat_type='{$boat_type}'\n\t\t\tand transaction='{$trans}' order by fee_id"); $cnt = NumRows($dbtype, $cntrec); print "<tr><td></td><td><br>Range Low Range High Amount</td><td></td></tr>"; while ($i < $cnt) { while ($getrec = FetchRow($dbtype, $cntrec)) { $boat_type = $getrec[1]; $no_range = $cnt; $uom = $getrec[4]; $ptype = $getrec[6]; if ($i == '0') { $depval = 'readonly'; } elseif ($i == $cnt - 1) { $depval1 = 'readonly'; } else { $depval = ''; $depval1 = ''; }
$nres = FetchResult("\n\t\t\tSELECT COUNT(*)\n\t\t\tFROM {threads} t\n\t\t\tWHERE t.id IN ({0c}) AND t.forum IN ({1c})", $results, $viewableforums); $search = Query("\n\t\t\tSELECT\n\t\t\t\tt.id, t.title, t.user, t.lastpostdate, t.forum, \n\t\t\t\tu.(_userfields)\n\t\t\tFROM {threads} t\n\t\t\t\tLEFT JOIN {users} u ON u.id=t.user\n\t\t\tWHERE t.id IN ({0c}) AND t.forum IN ({1c})\n\t\t\tORDER BY t.lastpostdate DESC\n\t\t\tLIMIT {2u},{3u}", $results, $viewableforums, $from, $tpp); if (NumRows($search)) { while ($result = Fetch($search)) { $r = array(); $r['link'] = makeThreadLink($result); $r['description'] = ''; $r['user'] = UserLink(getDataPrefix($result, "u_")); $r['formattedDate'] = formatdate($result['lastpostdate']); $rdata[] = $r; } } } else { $nres = FetchResult("\n\t\t\tSELECT COUNT(*)\n\t\t\tFROM {posts_text} pt\n\t\t\t\tLEFT JOIN {posts} p ON pt.pid = p.id\n\t\t\t\tLEFT JOIN {threads} t ON t.id = p.thread\n\t\t\tWHERE pt.pid IN ({0c}) AND t.forum IN ({1c}) AND pt.revision = p.currentrevision", $results, $viewableforums); $search = Query("\n\t\t\tSELECT\n\t\t\t\tpt.text, pt.pid,\n\t\t\t\tp.date,\n\t\t\t\tt.title, t.id,\n\t\t\t\tu.(_userfields)\n\t\t\tFROM {posts_text} pt\n\t\t\t\tLEFT JOIN {posts} p ON pt.pid = p.id\n\t\t\t\tLEFT JOIN {threads} t ON t.id = p.thread\n\t\t\t\tLEFT JOIN {users} u ON u.id = p.user\n\t\t\tWHERE pt.pid IN ({0c}) AND t.forum IN ({1c}) AND pt.revision = p.currentrevision\n\t\t\tORDER BY p.date DESC\n\t\t\tLIMIT {2u},{3u}", $results, $viewableforums, $from, $tpp); if (NumRows($search)) { $results = ""; while ($result = Fetch($search)) { $r = array(); $tags = ParseThreadTags($result['title']); // $result['text'] = str_replace("<!--", "~#~", str_replace("-->", "~#~", $result['text'])); $r['description'] = MakeSnippet($result['text'], $terms); $r['user'] = UserLink(getDataPrefix($result, "u_")); $r['link'] = actionLinkTag($tags[0], "post", $result['pid']); $r['formattedDate'] = formatdate($result['date']); $rdata[] = $r; } } } if ($nres == 0) { $restext = __('No results found');
function Upgrade() { global $dbname; include "installSchema.php"; foreach ($tables as $table => $tableSchema) { print "<li>"; print $table . "…"; $tableStatus = Query("show table status from " . $dbname . " like '" . $table . "'"); $numRows = NumRows($tableStatus); if ($numRows == 0) { print " creating…"; $create = "create table `" . $table . "` (\n"; $comma = ""; foreach ($tableSchema['fields'] as $field => $type) { $create .= $comma . "\t`" . $field . "` " . $type; $comma = ",\n"; } if (isset($tableSchema['special'])) { $create .= ",\n\t" . $tableSchema['special']; } $create .= "\n) ENGINE=MyISAM;"; //print "<pre>".$create."</pre>"; Query($create); } else { //print " checking…"; //$tableStatus = mysql_fetch_assoc($tableStatus); //print "<pre>"; print_r($tableStatus); print "</pre>"; $primaryKey = ""; $changes = 0; $foundFields = array(); $scan = Query("show columns from `" . $table . "`"); while ($field = mysql_fetch_assoc($scan)) { $fieldName = $field['Field']; $foundFields[] = $fieldName; $type = $field['Type']; if ($field['Null'] == "NO") { $type .= " NOT NULL"; } //if($field['Default'] != "") if ($field['Extra'] == "auto_increment") { $type .= " AUTO_INCREMENT"; } else { $type .= " DEFAULT '" . $field['Default'] . "'"; } if ($field['Key'] == "PRI") { $primaryKey = $fieldName; } if (array_key_exists($fieldName, $tableSchema['fields'])) { $wantedType = $tableSchema['fields'][$fieldName]; if (strcasecmp($wantedType, $type)) { print " \"" . $fieldName . "\" not correct type…"; if ($fieldName == "id") { print_r($field); print "{ " . $type . " }"; } Query("ALTER TABLE `" . $table . "` CHANGE `" . $fieldName . "` `" . $fieldName . "` " . $wantedType); $changes++; } } } foreach ($tableSchema['fields'] as $fieldName => $type) { if (!in_array($fieldName, $foundFields)) { print " \"" . $fieldName . "\" missing…"; Query("ALTER TABLE `" . $table . "` ADD `" . $fieldName . "` " . $type); $changes++; } } if ($changes == 0) { print " OK."; } } print "</li>"; } }
$tabs = abs($grdmt - $totalpaidtax); if ($grdmt == '0.00') { $grdmt = $grandamt; } $gettag = SelectDataWhere($dbtype, $dbLink, "ebpls_buss_preference", ""); $gettag = FetchArray($dbtype, $gettag); if ($gettag[sassess] == '') { $grdmt = $ota - $add2fee + $totfee; $tabs = abs($grdmt - $totalpaidtax); $grandamt = $grdmt; } //getpayhistory $gethis = SelectDataWhere($dbtype, $dbLink, "ebpls_transaction_payment_or_details", "where trans_id={$owner_id} and payment_id={$business_id} and \n\t\t\t transaction='{$istat}' and payment_part='{$s}+1' and \n\t\t\t or_entry_type<>'CHECK'"); $getc = NumRows($dbtype, $gethis); $gethis = SelectDataWhere($dbtype, $dbLink, "ebpls_transaction_payment_or_details a, \n\t\t\tebpls_transaction_payment_check b", "where a.trans_id={$owner_id} and a.payment_id={$business_id} \n\t\t\t and a.transaction='{$istat}' and a.payment_part='{$s}+1' \n\t\t\t and a.or_entry_type='CHECK' and b.check_status='CLEARED'\n and a.or_no=b.or_no"); $getch = NumRows($dbtype, $gethis); $gethis = $getc + $getch; if ($gethis > 0 and $pmode == 'ANNUAL') { $grdmt = 0; $tabs = 0; $grandamt = 0; $an = 1; } if ($gettag[sassess] != 1) { $grdmt = $total_tax_compute + $total_sf_compute + $fee; //$grdmt=$fee+$gentax; ?> <table border=0 cellpadding=0 cellspacing=0 width="100%" align = center class=sub> <td width=25%> </td><td> </td> <td align=right width=50%>Total Taxes, Fees and Other Charges:</td>