function groupCreate($name, $flags) { global $database_cfg; $errors = array(); $group = groupGetByName($name); if (is_array($group) && is_string($group[0]["name"])) { $errors[] = "Group with this name already exists"; } if (count($errors) > 0) { return $errors; } $new_flags = ""; $new_flags = stringAddTokens($new_flags, $flags); databaseQuery("insert into " . $database_cfg["prefix"] . "groups (name, flags) values ('" . stringEncode($name) . "', '" . $new_flags . "')", "Can not create group"); }
function postUpdate($post_id, $params) { global $database_cfg; if (!is_array($params)) { return "Wrong parameters type"; } $post = postGetById($post_id); if (isset($params["topic"])) { $post["topic_id"] = intval($params["topic"]); } if (isset($params["message"])) { $post["message"] = stringEncode($params["message"]); } if (isset($params["flags"])) { $post["flags"] = $params["flags"]; } databaseQuery("update " . $database_cfg["prefix"] . "posts set topic_id='" . $post['topic_id'] . "', edited='" . stringEncode(date("H:i, d.m.Y")) . "', message='" . $post['message'] . "', flags='" . $post['flags'] . "' where id='" . intval($post_id) . "'", "Can't update post"); }
function userSetParams($user_id, $params) { global $database_cfg; $user = userGetById($user_id); if (!userExistsById($user_id)) { return; } foreach ($params as $i => $t) { if (array_key_exists($i, $user)) { $user[$i] = $t; } } databaseQuery("update " . $database_cfg["prefix"] . "users set username='******', " . " password='******', email='" . stringEncode($user["email"]) . "', nickname='" . stringEncode($user["nickname"]) . "', " . "last_visit='" . $user["last_visit"] . "' where id='" . intval($user_id) . "'", "Unable to set user params"); }
function topicCreate($title, $author_id, $parent_id = -1, $flags = array(), $moderators = array()) { $errors = array(); if (topicExists($title)) { $errors[] = "Topic with this name already exists"; } if (!topicExistsById($parent_id) && $parent_id >= 0) { $errors[] = "Parent topic not found"; } if (!userExistsById($author_id)) { $errors[] = "Author not found"; } $moderators_str = ""; if (count($moderators) > 0) { foreach ($moderators as $i) { if (!userExistsById($i)) { $errors[] = "Moderator not found: " . $i; } else { $moderators_str .= $i; } } } else { $errors[] = "\"Moderators\" is not an array"; } $flags_str = ""; if (count($flags) > 0) { //-for ($i = 0; $i < count($flags); $i++) foreach ($flags as $i) { if (!in_array($i, $topic_flags)) { $errors[] = "Unknown topic flag: " . $i; } else { $flags_str .= $i; } } } else { $errors[] = "\"Flags\" is not an array"; } if (count($errors) > 0) { return $errors; } databaseQuery("insert into " . $database_cfg["prefix"] . "topics (title, author_id, parent_id, flags, moderators, created) values ('" . stringEncode($title) . "', '" . intval($author_id) . "', '" . intval($parent_id) . "', '" . $flags . "', '" . stringEncode(date("H:i, d.m.Y")) . "')", "Can't create topic"); }
<?php if (isset($_GET["editpost"])) { $post = postGetById(intval($_GET["post_id"])); if (postExistsById($post["id"])) { echo "<form action=\"index.php?changepost&post_id=" . $_GET["post_id"] . "\" method=\"post\">"; echo "Message:<br /><textarea name=\"message\">" . stringDecode($post["message"]) . "</textarea><br /><br />"; echo "<input type=\"submit\" value=\"Save\" />"; echo "</form>"; } } else { if (isset($_GET["find"])) { $res2 = topicSearchByTitle(stringEncode($_POST["query"])); $res4 = postSearchByMessage(stringEncode($_POST["query"])); $res5 = userSearchByEmail(stringEncode($_POST["query"])); $res6 = userSearchByNickname(stringEncode($_POST["query"])); $res7 = groupSearchByName(stringEncode($_POST["query"])); $user = userGetLoggedIn(); echo "<h1>Search results</h1><br />"; echo "<br /><p class=\"item_top\">Topic search results: " . count($res2) . "</p>"; if (count($res2) > 0) { foreach ($res2 as $i) { if (!topicCheckPrivate($i["id"])) { echo "<a href=\"index.php?topic_id=" . $i["id"] . "\">" . stringDecode($i["title"]) . "</a><br /><br />"; } } } echo "<br /><p class=\"item_top\">Post search results: " . count($res4) . "</p>"; if (count($res4) > 0) { foreach ($res4 as $i) { if (!topicCheckPrivate($i["topic_id"])) { echo "<a href=\"index.php?topic_id=" . $i["topic_id"] . "\">" . stringDecode($i["message"]) . "</a><br /><br />";