Exemple #1
0
     $nextsite = 2;
 }
 // BEGIN LIST CLAN RANKINGS
 $query = db_query("SELECT * FROM xcl_players left join xcl_players_rank using (pid) WHERE lid='{$ladderc}' AND points!='0' ORDER BY points desc, pid LIMIT {$start},{$prosite}");
 while ($data = mysql_fetch_array($query)) {
     if (get_side($data[countries]) == 1) {
         if ($data[points] > 699) {
             $button = "<img src=\"images/yuri/yuri-red3.jpg\" alt=\"\" >";
         }
         if ($data[points] < 700 && $data[points] > 299) {
             $button = "<img src=\"images/yuri/yuri-red2.jpg\" alt=\"\" >";
         }
         if ($data[points] < 300 && $data[points] > 0) {
             $button = "<img src=\"images/yuri/yuri-red1.jpg\" alt=\"\" >";
         }
     } elseif (get_side($data[countries]) == 2) {
         if ($data[points] > 700) {
             $button = "<img src=\"images/yuri/yuri-p3.jpg\" alt=\"\" >";
         }
         if ($data[points] < 700 && $data[points] > 299) {
             $button = "<img src=\"images/yuri/yuri-p2.jpg\" alt=\"\" >";
         }
         if ($data[points] < 300 && $data[points] > 0) {
             $button = "<img src=\"images/yuri/yuri-p1.jpg\" alt=\"\" >";
         }
     } else {
         if ($data[points] > 700) {
             $button = "<img src=\"images/yuri/yuri-blue3.gif\" alt=\"\" >";
         }
         if ($data[points] < 700 && $data[points] > 299) {
             $button = "<img src=\"images/yuri/yuri-blue2.gif\" alt=\"\" >";
Exemple #2
0
?>
"><img src="<?php 
echo cal_url();
?>
/img/share/zurpy.png" alt="zurpy" title="zurpy" /></a>
				</div>
			</div>
						
			<div id="loc_events">
			<h2>&nbsp;<?php 
location_rss_link($myLoc['LocID']);
?>
</h2>
			<?php 
location_events(10);
?>
			
			</div>
			
			<?php 
get_comments($myLoc['CommentsID'], $myLoc['CommentsURL'], $myLoc['Name'], 1);
?>
		</article>
	</section>

	<?php 
get_side();
?>
	
	<?php 
get_footer();
function forum_index(&$sqlr, &$sqlm)
{
    global $enablesidecheck, $forum_skeleton, $forum_lang, $user_lvl, $output, $realm_db, $mmfpm_db;
    if ($enablesidecheck) {
        $side = get_side();
    }
    $sqlm = new SQL();
    $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
    $result = $sqlm->query('
		SELECT authorname, id, name, time, forum
		FROM mm_forum_posts
		WHERE id IN 
			(SELECT MAX(id)
			FROM mm_forum_posts
			GROUP BY forum)
		ORDER BY forum;');
    $lasts = array();
    if ($sqlm->num_rows($result) > 0) {
        while ($row = $sqlm->fetch_assoc($result)) {
            $lasts[$row['forum']] = $row;
        }
    }
    $output .= '
<div class="top">
	<h1>' . $forum_lang['forums'] . '</h1>
</div>
<center>
<fieldset>
	<legend><a href="forum.php">' . $forum_lang['forum_index'] . '</a></legend>
	<table class="lined">';
    $cid = $sqlm->query('
		SELECT category, name, description, side_access, level_post_topic, level_read, level_post
		FROM mm_forum_categories');
    while ($category = $sqlm->fetch_assoc($cid)) {
        if ($category['level_read'] > $user_lvl) {
            continue;
        }
        if ($user_lvl == 0 && $enablesidecheck) {
            if ($category['side_access'] != 'ALL') {
                // Not an all side forum
                if ($side == 'NO') {
                    // No char
                    continue;
                } else {
                    if ($category['side_access'] != $side) {
                        // Forumside different of the user side
                        continue;
                    }
                }
            }
        }
        $output .= '
		<tr>
			<th class="head" align="left">' . $category['name'] . '<br />' . $category['description'] . '</th>
			<th class="head">' . $forum_lang['topics'] . '</th>
			<th class="head">' . $forum_lang['replies'] . '</th>
			<th class="head" align="right">' . $forum_lang['last_post'] . '</th>
		</tr>';
        $fid = $sqlm->query('
		SELECT forum, category, name, description, side_access, level_post_topic, level_read, level_post
		FROM mm_forum_forums
		WHERE category = ' . $category['category'] . '');
        while ($forum = $sqlm->fetch_assoc($fid)) {
            if ($forum['level_read'] > $user_lvl) {
                continue;
            }
            if ($user_lvl == 0 && $enablesidecheck) {
                if ($forum['side_access'] != 'ALL') {
                    // Not an all side forum
                    if ($side == 'NO') {
                        // No char
                        continue;
                    } else {
                        if ($forum['side_access'] != $side) {
                            // Forumside different of the user side
                            continue;
                        }
                    }
                }
            }
            $totaltopics = $sqlm->query('
				SELECT id
				FROM mm_forum_posts
				WHERE forum = ' . $forum['forum'] . ' AND id = topic');
            $numtopics = $sqlm->num_rows($totaltopics);
            $totalreplies = $sqlm->query('
				SELECT id
				FROM mm_forum_posts
				WHERE forum = ' . $forum['forum'] . '');
            $numreplies = $sqlm->num_rows($totalreplies);
            $output .= '
		<tr>
			<td align="left"><a href="forum.php?action=view_forum&amp;id=' . $forum['forum'] . '">' . $forum['name'] . '</a><br />' . $forum['description'] . '</td>
			<td>' . $numtopics . '</td>
			<td>' . $numreplies . '</td>';
            if (isset($lasts[$forum['forum']])) {
                $lasts[$forum['forum']]['name'] = htmlspecialchars($lasts[$forum['forum']]['name']);
                $output .= '
			<td align="right">
				<a href="forum.php?action=view_topic&amp;postid=' . $lasts[$forum['forum']]['id'] . '">' . $lasts[$forum['forum']]['name'] . '</a>
				<br />by ' . $lasts[$forum['forum']]['authorname'] . '
				<br /> ' . $lasts[$forum['forum']]['time'] . '
			</td>
		</tr>';
            } else {
                $output .= '
			<td align="right">' . $forum_lang['no_topics'] . '</td>
		</tr>';
            }
        }
    }
    $output .= '
		<tr>
			<td align="right" class="hidden"></td>
		</tr>
	</table>
</fieldset>
</center>
<br/>';
    $sqlm->close();
    // Queries : 1
}
function forum_do_add_topic(&$sqlm)
{
    global $enablesidecheck, $forum_skeleton, $forum_lang, $user_lvl, $user_name, $user_id, $mmfpm_db, $minfloodtime;
    if ($enablesidecheck) {
        $side = get_side();
    }
    // Better to use it here instead of call it many time in the loop :)
    $sqlm = new SQL();
    $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
    $userposts = $sqlm->query('
			SELECT time
			FROM mm_forum_posts
			WHERE authorid = ' . $user_id . '
			ORDER BY id DESC
			LIMIT 1');
    if ($sqlm->num_rows($userposts) != 0) {
        $mintimeb4post = $sqlm->fetch_assoc($userposts);
        $mintimeb4post = time() - strtotime($mintimeb4post['time']);
        if ($mintimeb4post < $minfloodtime) {
            error($forum_lang['please_wait']);
        }
    }
    //==========================$_POST and SECURE=================================
    if (!isset($_POST['forum'])) {
        error($forum_lang['no_such_forum']);
    } else {
        $forum = $sqlm->quote_smart($_POST['forum']);
    }
    //==========================$_POST and SECURE end=============================
    $cat = 0;
    foreach ($forum_skeleton as $cid => $category) {
        foreach ($category['forums'] as $fid => $forum_) {
            if ($fid == $forum) {
                $cat = $cid;
            }
        }
    }
    if (empty($forum_skeleton[$cat]['forums'][$forum])) {
        error($forum_lang['no_such_forum']);
    }
    $forum_ = $forum_skeleton[$cat]['forums'][$forum];
    if ($forum_skeleton[$cat]['level_post_topic'] > $user_lvl || $forum_['level_post_topic'] > $user_lvl) {
        error($forum_lang['no_access']);
    }
    if ($user_lvl == 0 && $enablesidecheck) {
        if ($forum_skeleton[$cat]['side_access'] != 'ALL') {
            // Not an all side forum
            if ($side == 'NO') {
                // No char
                continue;
            } else {
                if ($forum_skeleton[$cat]['side_access'] != $side) {
                    // Forumside different of the user side
                    continue;
                }
            }
        }
        if ($forum_['side_access'] != 'ALL') {
            // Not an all side forum
            if ($side == 'NO') {
                // No char
                continue;
            } else {
                if ($forum_['side_access'] != $side) {
                    // Forumside different of the user side
                    continue;
                }
            }
        }
    }
    //==========================$_POST and SECURE=================================
    //  $_POST['msg'] = htmlspecialchars($_POST['msg']);
    $msg = trim($sqlm->quote_smart($_POST['msg']), " ");
    //  $_POST['name'] = htmlspecialchars($_POST['name']);
    $name = trim($sqlm->quote_smart($_POST['name']), " ");
    //==========================$_POST and SECURE end=============================
    if (strlen($name) > 49) {
        $sqlm->close();
        error($forum_lang['name_too_long']);
    }
    if (strlen($name) < 5) {
        $sqlm->close();
        error($forum_lang['name_too_short']);
    }
    if (strlen($msg) < 5) {
        $sqlm->close();
        error($forum_lang['msg_too_short']);
    }
    $msg = str_replace('\\n', '<br />', $msg);
    //  $msg = str_replace('\r', '<br />', $msg);
    $time = date("m/d/y H:i:s");
    $sqlm->query('
		INSERT INTO mm_forum_posts
			(authorid, authorname, forum, name, text, time)
		VALUES
			(\'' . $user_id . '\', \'' . $user_name . '\', \'' . $forum . '\', \'' . $name . '\', \'' . $msg . '\', \'' . $time . '\')');
    $id = $sqlm->insert_id();
    $sqlm->query('
		UPDATE mm_forum_posts
		SET topic = ' . $id . ', lastpost = ' . $id . '
		WHERE id = ' . $id . '');
    $sqlm->close();
    redirect('forum.php?action=view_topic&id=' . $id . '');
    // Queries : 3
}
Exemple #5
0
function forum_do_add_post()
{
    global $enablesidecheck, $forum_skeleton, $forum_lang, $minfloodtime, $user_lvl, $user_name, $user_id, $mmfpm_db;
    if ($enablesidecheck) {
        $side = get_side();
    }
    // Better to use it here instead of call it many time in the loop :)
    $mysql = new SQL();
    $link = $link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
    if ($minfloodtime > 0) {
        $userposts = $mysql->query("SELECT time FROM mm_forum_posts WHERE authorid = '{$user_id}' ORDER BY id DESC LIMIT 1;");
        if ($mysql->num_rows($userposts) != 0) {
            $mintimeb4post = $mysql->fetch_row($userposts);
            $mintimeb4post = time() - strtotime($mintimeb4post[0]);
            if ($mintimeb4post < $minfloodtime) {
                error($forum_lang["please_wait"]);
            }
        }
    }
    if (!isset($_POST['forum'])) {
        error($forum_lang["no_such_forum"]);
    } else {
        $forum = $mysql->quote_smart($_POST['forum']);
    }
    $cat = 0;
    foreach ($forum_skeleton as $cid => $category) {
        foreach ($category["forums"] as $fid => $forum_) {
            if ($fid == $forum) {
                $cat = $cid;
            }
        }
    }
    if (empty($forum_skeleton[$cat]["forums"][$forum])) {
        error($forum_lang["no_such_forum"]);
    }
    $forum_ = $forum_skeleton[$cat]["forums"][$forum];
    if (($user_lvl > 0 || !$closed) && ($forum_skeleton[$cat]["level_post"] > $user_lvl || $forum_["level_post"] > $user_lvl)) {
        error($forum_lang["no_access"]);
    }
    if ($user_lvl == 0 && $enablesidecheck) {
        if ($forum_skeleton[$cat]["side_access"] != "ALL") {
            // Not an all side forum
            if ($side == "NO") {
                // No char
                continue;
            } else {
                if ($forum_skeleton[$cat]["side_access"] != $side) {
                    // Forumside different of the user side
                    continue;
                }
            }
        }
        if ($forum_["side_access"] != "ALL") {
            // Not an all side forum
            if ($side == "NO") {
                // No char
                continue;
            } else {
                if ($forum_["side_access"] != $side) {
                    // Forumside different of the user side
                    continue;
                }
            }
        }
    }
    if (!isset($_POST['topic'])) {
        error($forum_lang["no_such_topic"]);
    } else {
        $topic = $mysql->quote_smart($_POST['topic']);
    }
    //  $_POST['msg'] = htmlspecialchars($_POST['msg']);
    $msg = trim($mysql->quote_smart($_POST['msg']), " ");
    $msg = str_replace('\\n', '<br />', $msg);
    //  $msg = str_replace('\r', '<br />', $msg);
    if (strlen($msg) < 5) {
        $mysql->close();
        error($forum_lang["msg_too_short"]);
    }
    $name = $mysql->query("SELECT name FROM mm_forum_posts WHERE id = '{$topic}';");
    $name = $mysql->fetch_row($name);
    $name = $mysql->quote_smart($name[0]);
    $time = date("m/d/y H:i:s");
    $mysql->query("INSERT INTO mm_forum_posts (authorid, authorname, forum, topic, name, text, time) VALUES ('{$user_id}', '{$user_name}', '{$forum}', {$topic}, '{$name}', '{$msg}', '{$time}');");
    $id = @mysql_insert_id($link);
    $mysql->query("UPDATE mm_forum_posts SET lastpost = {$id} WHERE id = {$topic};");
    $mysql->close();
    redirect("forum.php?action=view_topic&id={$topic}");
    // Queries : 4
}
function forum_view_topic(&$sqlr, &$sqlc, &$sqlm)
{
    global $enablesidecheck, $forum_skeleton, $maxqueries, $forum_lang, $user_lvl, $user_id, $output, $realm_db, $characters_db, $mmfpm_db, $realm_id;
    if ($enablesidecheck) {
        $side = get_side();
    }
    // Better to use it here instead of call it many time in the loop :)
    $sqlm = new SQL();
    $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
    //==========================$_GET and SECURE=================================
    if (isset($_GET['id'])) {
        $id = $sqlm->quote_smart($_GET['id']);
        $post = false;
    } else {
        if (isset($_GET['postid'])) {
            $id = $sqlm->quote_smart($_GET['postid']);
            $post = true;
        } else {
            error($forum_lang['no_such_topic']);
        }
    }
    if (!isset($_GET['page'])) {
        $page = 0;
    } else {
        $page = $sqlm->quote_smart($_GET['page']);
    }
    // Fok you mathafoker haxorz
    //==========================$_GET and SECURE end=============================
    $start = $maxqueries * $page;
    if (!$post) {
        $posts = $sqlm->query('
			SELECT id, authorid, authorname, forum, name, text, time, annouced, sticked, closed
			FROM mm_forum_posts
			WHERE topic = ' . $id . '
			ORDER BY id ASC
			LIMIT ' . $start . ', ' . $maxqueries . '');
        $sqlr = new SQL();
        $sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
        // need to update this query to use ' instead of "
        $query = "\r\n\t\t\tSELECT account, name, gender, race, class, level,\r\n\t\t\t\t(SELECT gmlevel\r\n\t\t\t\tFROM `{$realm_db['name']}`.account\r\n\t\t\t\tWHERE `{$realm_db['name']}`.account.id = `{$characters_db[$realm_id]['name']}`.characters.account) as gmlevel\r\n\t\t\tFROM `{$characters_db[$realm_id]['name']}`.characters\r\n\t\t\tWHERE totaltime IN \r\n\t\t\t\t(SELECT MAX(totaltime)\r\n\t\t\t\tFROM `{$characters_db[$realm_id]['name']}`.characters\r\n\t\t\t\tWHERE account IN (";
        while ($post = $sqlm->fetch_row($posts)) {
            $query .= "{$post['1']},";
        }
        mysql_data_seek($posts, 0);
        $query .= "\r\n\t\t\t\t\t0)\r\n\t\t\t\tGROUP BY account);";
        $sqlc = new SQL();
        $sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
        $results = $sqlc->query($query);
        while ($avatar = $sqlc->fetch_assoc($results)) {
            $char_gender = str_pad(dechex($avatar['gender']), 8, 0, STR_PAD_LEFT);
            $avatars[$avatar['account']]['name'] = $avatar['name'];
            $avatars[$avatar['account']]['sex'] = $char_gender['race'];
            $avatars[$avatar['account']]['race'] = $avatar['race'];
            $avatars[$avatar['account']]['class'] = $avatar['class'];
            $avatars[$avatar['account']]['level'] = $avatar['level'];
            $avatars[$avatar['account']]['gm'] = $avatar['gmlevel'];
        }
        $replies = $sqlm->num_rows($posts);
        if ($replies == 0) {
            error($forum_lang['no_such_topic']);
        }
        $post = $sqlm->fetch_assoc($posts);
        $fid = $post['forum'];
        $cat = 0;
        $cid = $sqlm->query('
			SELECT category, name, description, side_access, level_post_topic, level_read, level_post
			FROM mm_forum_categories');
        while ($category = $sqlm->fetch_assoc($cid)) {
            $fid_ = $sqlm->query('
				SELECT forum, category, name, description, side_access, level_post_topic, level_read, level_post
				FROM mm_forum_forums
				WHERE category = ' . $category['category'] . '');
            while ($forum = $sqlm->fetch_assoc($fid_)) {
                if ($forum['forum'] == $fid) {
                    $cat = $forum['category'];
                }
                if (empty($forum['forum'])) {
                    error($forum_lang['no_such_forum']);
                }
                if ($category['level_read'] > $user_lvl || $forum['level_read'] > $user_lvl) {
                    error($forum_lang['no_access']);
                }
                if ($user_lvl == 0 && $enablesidecheck) {
                    if ($category['side_access'] != 'ALL') {
                        // Not an all side forum
                        if ($side == 'NO') {
                            // No char
                            continue;
                        } else {
                            if ($category['side_access'] != $side) {
                                // Forumside different of the user side
                                continue;
                            }
                        }
                    }
                    if ($forum['side_access'] != 'ALL') {
                        // Not an all side forum
                        if ($side == 'NO') {
                            // No char
                            continue;
                        } else {
                            if ($forum['side_access'] != $side) {
                                // Forumside different of the user side
                                continue;
                            }
                        }
                    }
                }
            }
        }
        $post['name'] = htmlspecialchars($post['name']);
        $post['text'] = htmlspecialchars($post['text']);
        $post['text'] = bbcode_parse1($post['text']);
        $output .= '
<div class="top">
	<h1>' . $forum_lang['forums'] . '</h1>
</div>
<center>
<fieldset>
	<legend>
		<a href="forum.php">' . $forum_lang['forum_index'] . '</a> ->
		<a href="forum.php?action=view_forum&amp;id=' . $forum['forum'] . '">' . $forum['name'] . '</a> -> 
		<a href="forum.php?action=view_topic&amp;id=' . $id . '">' . $post['name'] . '</a>
	</legend>
<table class="lined">
	<tr>
		<th style="width:15%;">' . $forum_lang['info'] . '</th>
		<th style="text-align:left;">' . $forum_lang['text'] . '</th>';
        if ($user_lvl > 0) {
            $output .= '
		<th style="width:50%;text-align:right;">';
            if ($post['sticked'] == "1") {
                if ($post['annouced'] == "1") {
                    // Annoucement
                    $output .= '
			' . $forum_lang['annoucement'] . '';
                } else {
                    // Sticky
                    $output .= '
			' . $forum_lang['sticky'] . '';
                }
            } else {
                if ($post['annouced'] == "1") {
                    // Annoucement
                    $output .= '
			' . $forum_lang['annoucement'] . '';
                } else {
                    // Normal Topic
                    $output .= '
			' . $forum_lang['normal'] . '';
                }
            }
            if ($post['closed'] == "1") {
                $output .= '
		</th>';
            }
        }
        if (isset($avatars[$post['authorid']])) {
            $avatar = gen_avatar_panel($avatars[$post['authorid']]['level'], $avatars[$post['authorid']]['sex'], $avatars[$post['authorid']]['race'], $avatars[$post['authorid']]['class'], 1, $avatars[$post['authorid']]['gm']);
        } else {
            $avatar = "";
        }
        $output .= '
	<tr>
		<td colspan="3" align="left">
			' . $post['time'] . '
		</td>
	</tr>	
	</tr>';
        $output .= '
	<tr>
		<td style="width:15%;text-align:center;"><center>' . $avatar . '</center>' . $forum_lang['author'] . ' : ';
        if ($user_lvl > 0) {
            $output .= '
			<a href="user.php?action=edit_user&error=11&id=' . $post['authorid'] . '">';
        }
        if (isset($avatars[$post['authorid']])) {
            $output .= $avatars[$post['authorid']]['name'];
        } else {
            $output .= $post['authorname'];
        }
        if ($user_lvl > 0) {
            $output .= '
			</a>';
        }
        $output .= '
		</td>
		<td colspan="2" style="text-align:left">' . $post['text'] . '<br />
			<div style="text-align:right\\">
		</td>
	</tr>';
        if ($user_lvl > 0) {
            $output .= '
	<tr>
		<th colspan="3" align="right">';
            if ($post['sticked'] == "1") {
                if ($post['annouced'] == "1") {
                    // Annoucement
                    $output .= '
			<a href="forum.php?action=edit_announce&amp;id=' . $post['id'] . '&amp;state=0"><img src="img/forums/unannounce.png" border="0" alt="' . $forum_lang['down'] . '" /></a>';
                } else {
                    // Sticky
                    $output .= '
			<a href="forum.php?action=edit_stick&amp;id=' . $post['id'] . '&amp;state=0"><img src="img/forums/unstick.png" border="0" alt="' . $forum_lang['down'] . '" /></a>
			<a href="forum.php?action=edit_announce&amp;id=' . $post['id'] . '&amp;state=1"><img src="img/forums/announce.png" border="0" alt="' . $forum_lang["up"] . '" /></a>';
                }
            } else {
                if ($post['annouced'] == "1") {
                    // Annoucement
                    $output .= '
			<a href="forum.php?action=edit_announce&amp;id=' . $post['id'] . '&amp;state=0"><img src="img/forums/unannounce.png" border="0" alt="' . $forum_lang['down'] . '" /></a>';
                } else {
                    // Normal Topic
                    $output .= '
			<a href="forum.php?action=edit_stick&amp;id=' . $post['id'] . '&amp;state=1"><img src="img/forums/stick.png" border="0" alt="' . $forum_lang['up'] . '" /></a>';
                }
            }
            if ($post['closed'] == "1") {
                $output .= '
			<a href="forum.php?action=edit_close&amp;id=' . $post['id'] . '&amp;state=0"><img src="img/forums/lock.png" border="0" alt=\\"' . $forum_lang['open'] . '" /></a>';
            } else {
                $output .= '
			<a href="forum.php?action=edit_close&amp;id=' . $post['id'] . '&amp;state=1"><img src="img/forums/unlock.png" border="0" alt="' . $forum_lang['close'] . '" /></a>';
            }
            $output .= '
			<a href="forum.php?action=move_topic&amp;id=' . $post['id'] . '"><img src="img/forums/move.png" border="0" alt="' . $forum_lang['move'] . '" /></a>
			<a href="forum.php?action=edit_post&amp;id=' . $post['id'] . '"><img src="img/forums/edit.png" border="0" alt="' . $forum_lang["edit"] . '" /></a>
			<a href="forum.php?action=delete_post&amp;id=' . $post['id'] . '"><img src="img/forums/delete.png" border="0" alt="' . $forum_lang["delete"] . '" /></a>
		</th>
	</tr>';
        }
        $closed = $post['closed'];
        while ($post = $sqlm->fetch_assoc($posts)) {
            $post['text'] = htmlspecialchars($post['text']);
            $post['text'] = bbcode_parse1($post['text']);
            if (isset($avatars[$post['authorid']])) {
                $avatar = gen_avatar_panel($avatars[$post['authorid']]['level'], $avatars[$post['authorid']]['sex'], $avatars[$post['authorid']]['race'], $avatars[$post['authorid']]['class'], 1, $avatars[$post['authorid']]['gm']);
            } else {
                $avatar = "";
            }
            $output .= '
	<tr>
		<td colspan="3" align="left">
			' . $post['time'] . '
		</td>
	</tr>		
	<tr>
		<td style="width:15%;text-align:center;">
			<center>' . $avatar . '</center>' . $forum_lang['author'] . ' : ';
            if ($user_lvl > 0) {
                $output .= '
			<a href="user.php?action=edit_user&error=11&id=' . $post['authorid'] . '">';
            }
            if (isset($avatars[$post['authorid']])) {
                $output .= $avatars[$post['authorid']]['name'];
            } else {
                $output .= $post['authorname'];
            }
            $output .= '
			</a>';
            $output .= '
		</td>
		<td colspan="2" style="text-align:left;">' . $post['text'] . '<br />';
            $output .= '
		</td>
	</tr>';
            if ($user_lvl > 0 || $user_id == $post['authorid']) {
                $output .= '
				<tr>
					<th colspan="3" align="right">
						<a href="forum.php?action=edit_post&amp;id=' . $post['id'] . '"><img src="img/forums/edit.png" border="0" alt="' . $forum_lang['edit'] . '"></a>
						<a href="forum.php?action=delete_post&amp;id=' . $post['id'] . '"><img src="img/forums/delete.png" border="0" alt="' . $forum_lang['delete'] . '"></a>
					</th>
				</tr>';
            }
        }
        $totalposts = $sqlm->query('
		SELECT id
		FROM mm_forum_posts
		WHERE topic = ' . $id . '');
        $totalposts = $sqlm->num_rows($totalposts);
        $pages = ceil($totalposts / $maxqueries);
        $output .= '
	<tr>
		<td align="right" colspan="3">' . $forum_lang['pages'] . ' : ';
        for ($x = 1; $x <= $pages; $x++) {
            $y = $x - 1;
            $output .= '
			<a href="forum.php?action=view_topic&amp;id=' . $id . '&amp;page=' . $y . '">' . $x . '</a>';
        }
        $output .= '
		</td>
	</tr>
</table>
</fieldset>
<br />';
        $category = $sqlm->query('
			SELECT category, name, description, side_access, level_post_topic, level_read, level_post
			FROM mm_forum_categories');
        // Quick reply form
        if (($user_lvl > 0 || !$closed) && ($category['level_post'] <= $user_lvl && $forum['level_post'] <= $user_lvl)) {
            $output .= '
<form action="forum.php?action=do_add_post" method="POST" name="form">
<fieldset>
	<legend>
		' . $forum_lang['quick_reply'] . '
	</legend>
<table class="lined">
	<tr>
		<td align="left" colspan="3">';
            bbcode_add_editor();
            $output .= '
		</td>
	</tr>
	<tr>
		<td colspan="3">
			<TEXTAREA ID="msg" NAME="msg" ROWS=8 COLS=93></TEXTAREA><br/>
			<input type="hidden" name="forum" value="' . $fid . '">
			<input type="hidden" name="topic" value="' . $id . '">
		</td>
	</tr>
	<tr>
		<td align="left">';
            makebutton($forum_lang['post'], "javascript:do_submit()", 100);
            $output .= '
		</td>
	</tr>
</table>
</fieldset>
</form>';
        }
        $output .= '
</center>';
        $sqlm->close();
    } else {
        $output .= '
<div class="top">
	<h1>Stand by...</h1>
</div>';
        // Get post id
        $post = $sqlm->query('
			SELECT topic, id
			FROM mm_forum_posts
			WHERE id = ' . $id . '');
        if ($sqlm->num_rows($post) == 0) {
            error($forum_lang['no_such_topic']);
        }
        $post = $sqlm->fetch_assoc($post);
        if ($post['id'] == $post['authorid']) {
            redirect('forum.php?action=view_topic&id=' . $id . '');
        }
        $topic = $post['id'];
        // Get posts in topic
        $posts = $sqlm->query('
			SELECT id
			FROM mm_forum_posts
			WHERE topic = ' . $topic . '');
        $replies = $sqlm->num_rows($posts);
        if ($replies == 0) {
            error($forum_lang['no_such_topic']);
        }
        $row = 0;
        // Find the row of our post, so we could have his ratio (topic x/total topics) and knew the page to show
        while ($post = $sqlm->fetch_row($posts)) {
            $row++;
            if ($topic == $id) {
                break;
            }
        }
        $page = 0;
        while ($page * $maxqueries < $row) {
            $page++;
        }
        $page--;
        $sqlm->close();
        redirect('forum.php?action=view_topic&id=' . $topic . '&page=' . $page . '');
    }
    // Queries : 2 with id || 2 (+2) with postid
}
Exemple #7
0
function forum_do_add_post()
{
    global $enablesidecheck, $forum_skeleton, $minfloodtime, $user_lvl, $user_name, $user_id, $corem_db, $sql;
    if ($enablesidecheck) {
        $side = get_side();
    }
    // Better to use it here instead of call it many time in the loop :)
    if ($minfloodtime > 0) {
        $userposts = $sql["mgr"]->query("SELECT time FROM forum_posts WHERE authorid='" . $user_id . "' ORDER BY id DESC LIMIT 1;");
        if ($sql["mgr"]->num_rows($userposts) != 0) {
            $mintimeb4post = $sql["mgr"]->fetch_row($userposts);
            $mintimeb4post = time() - strtotime($mintimeb4post[0]);
            if ($mintimeb4post < $minfloodtime) {
                error(lang("forum", "please_wait1") . " " . $minfloodtime . " " . lang("forum", "please_wait2"));
            }
        }
    }
    if (!isset($_POST["forum"])) {
        error(lang("forum", "no_such_forum"));
    } else {
        $forum = $sql["mgr"]->quote_smart($_POST["forum"]);
    }
    $cat = 0;
    foreach ($forum_skeleton as $cid => $category) {
        foreach ($category["forums"] as $fid => $forum_) {
            if ($fid == $forum) {
                $cat = $cid;
            }
        }
    }
    if (empty($forum_skeleton[$cat]["forums"][$forum])) {
        error(lang("forum", "no_such_forum"));
    }
    $forum_ = $forum_skeleton[$cat]["forums"][$forum];
    if (($user_lvl > 0 || !$closed) && ($forum_skeleton[$cat]["level_post"] > $user_lvl || $forum_["level_post"] > $user_lvl)) {
        error(lang("forum", "no_access"));
    }
    if ($user_lvl == 0 && $enablesidecheck) {
        if ($forum_skeleton[$cat]["side_access"] != "ALL") {
            // Not an all side forum
            if ($side == "NO") {
                // No char
                continue;
            } elseif ($forum_skeleton[$cat]["side_access"] != $side) {
                // Forumside different of the user side
                continue;
            }
        }
        if ($forum_["side_access"] != "ALL") {
            // Not an all side forum
            if ($side == "NO") {
                // No char
                continue;
            } elseif ($forum_["side_access"] != $side) {
                // Forumside different of the user side
                continue;
            }
        }
    }
    if (!isset($_POST["topic"])) {
        error(lang("forum", "no_such_topic"));
    } else {
        $topic = $sql["mgr"]->quote_smart($_POST["topic"]);
    }
    $msg = trim($sql["mgr"]->quote_smart($_POST["msg"]), " ");
    //$msg = str_replace('\n', '<br />', $msg);
    if (strlen($msg) < 5) {
        error(lang("forum", "msg_too_short"));
    }
    $name = $sql["mgr"]->query("SELECT name FROM forum_posts WHERE id='" . $topic . "';");
    $name = $sql["mgr"]->fetch_row($name);
    $name = $sql["mgr"]->quote_smart($name[0]);
    $time = date("m/d/y H:i:s");
    $sql["mgr"]->query("INSERT INTO forum_posts (authorid, authorname, forum, topic, name, text, time) VALUES ('" . $user_id . "', '" . $user_name . "', '" . $forum . "', '" . $topic . "', '" . $name . "', '" . $msg . "', '" . $time . "');");
    $query = "SELECT id FROM forum_posts WHERE authorid='" . $user_id . "' AND topic='" . $topic . "' AND time='" . $time . "'";
    $result = $sql["mgr"]->query($query);
    $fields = $sql["mgr"]->fetch_assoc($result);
    $id = $fields["id"];
    //$id = @mysql_insert_id($sql["mgr"]);
    $sql["mgr"]->query("UPDATE forum_posts SET lastpost=" . $id . " WHERE id=" . $topic . ";");
    redirect("forum.php?action=view_topic&id=" . $topic);
    // Queries: 4
}
Exemple #8
0
         $akt_seite = $site;
         $nextsite = $i + 1;
         $prewsite = $i - 1;
         break;
     }
 }
 if ($site == "") {
     $start = 0;
     $akt_seite = 1;
     $site = 1;
     $nextsite = 2;
 }
 // BEGIN LIST CLAN RANKINGS
 $query = db_query("SELECT * FROM xcl_players left join xcl_players_rank using (pid) WHERE lid='{$ladderc}' AND points!='0' ORDER BY points desc, pid LIMIT {$start},{$prosite}");
 while ($data = mysql_fetch_array($query)) {
     if (get_side($data[countries]) == 1) {
         if ($data[points] > 699) {
             $button = "<img src=\"images/ts/red5n.gif\" alt=\"\" >";
         }
         if ($data[points] < 700 && $data[points] > 499) {
             $button = "<img src=\"images/ts/red4n.gif\" alt=\"\" >";
         }
         if ($data[points] < 500 && $data[points] > 299) {
             $button = "<img src=\"images/ts/red3n.gif\" alt=\"\" >";
         }
         if ($data[points] < 300 && $data[points] > 149) {
             $button = "<img src=\"images/ts/red2n.gif\" alt=\"\" >";
         }
         if ($data[points] < 150 && $data[points] > 0) {
             $button = "<img src=\"images/ts/red1n.gif\" alt=\"\" >";
         }
function forum_view_forum(&$sqlm)
{
    global $enablesidecheck, $forum_skeleton, $maxqueries, $forum_lang, $user_lvl, $output, $mmfpm_db;
    if ($enablesidecheck) {
        $side = get_side();
    }
    $sqlm = new SQL();
    $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
    //==========================$_GET and SECURE=================================
    if (!isset($_GET['id'])) {
        error($forum_lang['no_such_forum']);
    } else {
        $id = $sqlm->quote_smart($_GET['id']);
    }
    if (!isset($_GET['page'])) {
        $page = 0;
    } else {
        $page = $sqlm->quote_smart($_GET['page']);
    }
    $cat = 0;
    //==========================$_GET and SECURE end=============================
    $cid = $sqlm->query('
		SELECT category, name, description, side_access, level_post_topic, level_read, level_post
		FROM mm_forum_categories');
    while ($category = $sqlm->fetch_assoc($cid)) {
        $fid = $sqlm->query('
			SELECT forum, category, name, description, side_access, level_post_topic, level_read, level_post
			FROM mm_forum_forums
			WHERE category = ' . $category['category'] . '');
        while ($forum = $sqlm->fetch_assoc($fid)) {
            if ($forum['forum'] == $id) {
                $cat = $forum['category'];
            }
            if (empty($forum['forum'])) {
                error($forum_lang['no_such_forum']);
            }
            if ($category['level_read'] > $user_lvl || $forum['level_read'] > $user_lvl) {
                error($forum_lang['no_access']);
            }
            if ($user_lvl == 0 && $enablesidecheck) {
                if ($category['side_access'] != 'ALL') {
                    // Not an all side forum
                    if ($side == 'NO') {
                        // No char
                        continue;
                    } else {
                        if ($category['side_access'] != $side) {
                            // Forumside different of the user side
                            continue;
                        }
                    }
                }
                if ($forum['side_access'] != 'ALL') {
                    // Not an all side forum
                    if ($side == 'NO') {
                        // No char
                        continue;
                    } else {
                        if ($forum['side_access'] != $side) {
                            // Forumside different of the user side
                            continue;
                        }
                    }
                }
            }
        }
    }
    $start = $maxqueries * $page;
    $output .= '
<div class="top">
	<h1>' . $forum_lang['forums'] . '</h1>
</div>
';
    if ($forum[$category]['level_post_topic'] <= $user_lvl && $forum['level_post_topic'] <= $user_lvl) {
        $output .= '
<table class="hidden">
	<tr>
		<td>';
    }
    makebutton($forum_lang['new_topic'], 'forum.php?action=add_topic&amp;id=' . $id . '" type="def', 130);
    $output .= '
		</td>
	</tr>
</table>
<center>
<fieldset>
	<legend>
		<a href="forum.php">' . $forum_lang['forum_index'] . '</a> -> 
		<a href="forum.php">' . $category['name'] . '</a> -> 
		<a href="forum.php?action=view_forum&amp;id=' . $id . '">' . $forum['name'] . '</a>
	</legend>';
    $topics = $sqlm->query('
		SELECT id, authorid, authorname, name, annouced, sticked, closed
		FROM mm_forum_posts
		WHERE (forum = ' . $id . ' AND id = topic) OR annouced = 1 AND id = topic
		ORDER BY annouced DESC, sticked DESC, lastpost DESC
		LIMIT ' . $start . ', ' . $maxqueries . '');
    $result = $sqlm->query('
		SELECT topic as curtopic,
			(SELECT count(id)-1
			FROM mm_forum_posts
			WHERE topic = curtopic) AS replies,	lastpost as curlastpost,
			(SELECT authorname
			FROM mm_forum_posts
			WHERE id = curlastpost) as authorname,
			(SELECT time
			FROM mm_forum_posts
			WHERE id = curlastpost) as time
		FROM mm_forum_posts
		WHERE (forum = ' . $id . ' AND topic = id ) OR annouced = 1');
    $lasts = array();
    if ($sqlm->num_rows($result) > 0) {
        while ($row = $sqlm->fetch_assoc($result)) {
            $lasts[$row['curtopic']] = $row;
        }
    }
    if ($sqlm->num_rows($topics) != 0) {
        $output .= '
	<table class="lined">
		<tr>
			<th style="width:35%;text-align:left;">' . $forum_lang['title'] . '</th>
			<th style="width:15%;">' . $forum_lang['author'] . '</th>
			<th>' . $forum_lang['replies'] . '</th>
			<th>' . $forum_lang['last_post'] . '</th>
		</tr>';
        while ($topic = $sqlm->fetch_assoc($topics)) {
            $output .= '
		<tr>
			<td style="text-align:left;">';
            if ($topic['annouced'] == "1") {
                $output .= '
				<img src="img/forums/announce.png" border="0" alt="' . $forum_lang['annoucement'] . '" /> : ';
            } else {
                if ($topic['sticked'] == "1") {
                    $output .= '
				<img src="img/forums/stick.png" border="0" alt="' . $forum_lang['sticky'] . '" /> : ';
                } else {
                    if ($topic['closed'] == "1") {
                        $output .= '
				<img src="img/forums/lock.png" border="0" alt="' . $forum_lang['closed'] . '" /> : ';
                    }
                }
            }
            $topic['name'] = htmlspecialchars($topic['name']);
            $output .= '
				<a href="forum.php?action=view_topic&amp;id=' . $topic['id'] . '">' . $topic['name'] . '</a>
			</td>
			<td>' . $topic['authorname'] . '</td>
			<td>' . $lasts[$topic['id']]['replies'] . '</td>
			<td>' . $forum_lang['last_post_by'] . ' ' . $lasts[$topic['id']]['authorname'] . ', ' . $lasts[$topic['id']]['time'] . '</td>
		</tr>';
        }
        $totaltopics = $sqlm->query('
			SELECT id
			FROM mm_forum_posts
			WHERE forum = ' . $id . ' AND id = topic');
        //My page system is so roxing, i can' t break this query xD
        $pages = ceil($sqlm->num_rows($totaltopics) / $maxqueries);
        $output .= '
		<tr>
			<td align="right" class="hidden"></td>
		</tr>
		<tr>
			<td align="right" colspan="4">' . $forum_lang['pages'] . ' : ';
        for ($x = 1; $x <= $pages; $x++) {
            $y = $x - 1;
            $output .= '
				<a href="forum.php?action=view_forum&amp;id=' . $id . '&amp;page=' . $y . '">' . $x . '</a> ';
        }
        $output .= '
			</td>
		</tr>';
    } else {
        $output .= '
		<tr>
			<td>' . $forum_lang['no_topics'] . '</td>
		</tr>';
    }
    $sqlm->close();
    $output .= '
	</table>
</fieldset>
</center>
<br/>';
    // Queries : 3
}