********************************************************************************/ //---------- Things to sort out before it can start printing/generating content // Check for lame SQL injection attempts $ForumID = $_GET['forumid']; if (!is_number($ForumID)) { error(0); } $IsDonorForum = $ForumID == DONOR_FORUM ? true : false; $Tooltip = $ForumID == DONOR_FORUM ? "tooltip_gold" : "tooltip"; if (isset($LoggedUser['PostsPerPage'])) { $PerPage = $LoggedUser['PostsPerPage']; } else { $PerPage = POSTS_PER_PAGE; } list($Page, $Limit) = Format::page_limit(TOPICS_PER_PAGE); //---------- Get some data to start processing // Caching anything beyond the first page of any given forum is just wasting RAM. // Users are more likely to search than to browse to page 2. if ($Page == 1) { list($Forum, , , $Stickies) = $Cache->get_value("forums_{$ForumID}"); } if (!isset($Forum) || !is_array($Forum)) { $DB->query("\n\t\tSELECT\n\t\t\tID,\n\t\t\tTitle,\n\t\t\tAuthorID,\n\t\t\tIsLocked,\n\t\t\tIsSticky,\n\t\t\tNumPosts,\n\t\t\tLastPostID,\n\t\t\tLastPostTime,\n\t\t\tLastPostAuthorID\n\t\tFROM forums_topics\n\t\tWHERE ForumID = '{$ForumID}'\n\t\tORDER BY Ranking = 0, Ranking ASC, IsSticky DESC, LastPostTime DESC\n\t\tLIMIT {$Limit}"); // Can be cached until someone makes a new post $Forum = $DB->to_array('ID', MYSQLI_ASSOC, false); if ($Page == 1) { $DB->query("\n\t\t\tSELECT COUNT(ID)\n\t\t\tFROM forums_topics\n\t\t\tWHERE ForumID = '{$ForumID}'\n\t\t\t\tAND IsSticky = '1'"); list($Stickies) = $DB->next_record(); $Cache->cache_value("forums_{$ForumID}", array($Forum, '', 0, $Stickies), 0); }
<?php /************************************************************************ ************************************************************************/ if (!check_perms('admin_reports') && !check_perms('project_team') && !check_perms('site_moderate_forums')) { error(404); } // Number of reports per page define('REPORTS_PER_PAGE', '10'); list($Page, $Limit) = Format::page_limit(REPORTS_PER_PAGE); include SERVER_ROOT . '/sections/reports/array.php'; // Header View::show_header('Reports', 'bbcode,reports'); if ($_GET['id'] && is_number($_GET['id'])) { $View = 'Single report'; $Where = 'r.ID = ' . $_GET['id']; } elseif (empty($_GET['view'])) { $View = 'New'; $Where = "Status = 'New'"; } else { $View = $_GET['view']; switch ($_GET['view']) { case 'old': $Where = "Status = 'Resolved'"; break; default: error(404); break; } } if (!check_perms('admin_reports')) {
if (isset($_GET['post']) && is_number($_GET['post'])) { $PostNum = $_GET['post']; } elseif (isset($_GET['postid']) && is_number($_GET['postid']) && $_GET['postid'] != $ThreadInfo['StickyPostID']) { $SQL = "\n\t\t\tSELECT COUNT(ID)\n\t\t\tFROM forums_posts\n\t\t\tWHERE TopicID = {$ThreadID}\n\t\t\t\tAND ID <= {$_GET['postid']}"; if ($ThreadInfo['StickyPostID'] < $_GET['postid']) { $SQL .= " AND ID != {$ThreadInfo['StickyPostID']}"; } $DB->query($SQL); list($PostNum) = $DB->next_record(); } else { $PostNum = 1; } } else { $PostNum = 1; } list($Page, $Limit) = Format::page_limit($PerPage, min($ThreadInfo['Posts'], $PostNum)); if (($Page - 1) * $PerPage > $ThreadInfo['Posts']) { $Page = ceil($ThreadInfo['Posts'] / $PerPage); } list($CatalogueID, $CatalogueLimit) = Format::catalogue_limit($Page, $PerPage, THREAD_CATALOGUE); // Cache catalogue from which the page is selected, allows block caches and future ability to specify posts per page if (!($Catalogue = $Cache->get_value("thread_{$ThreadID}_catalogue_{$CatalogueID}"))) { $DB->query("\n\t\tSELECT\n\t\t\tp.ID,\n\t\t\tp.AuthorID,\n\t\t\tp.AddedTime,\n\t\t\tp.Body,\n\t\t\tp.EditedUserID,\n\t\t\tp.EditedTime,\n\t\t\ted.Username\n\t\tFROM forums_posts AS p\n\t\t\tLEFT JOIN users_main AS ed ON ed.ID = p.EditedUserID\n\t\tWHERE p.TopicID = '{$ThreadID}'\n\t\t\tAND p.ID != '" . $ThreadInfo['StickyPostID'] . "'\n\t\tLIMIT {$CatalogueLimit}"); $Catalogue = $DB->to_array(false, MYSQLI_ASSOC); if (!$ThreadInfo['IsLocked'] || $ThreadInfo['IsSticky']) { $Cache->cache_value("thread_{$ThreadID}_catalogue_{$CatalogueID}", $Catalogue, 0); } } $Thread = Format::catalogue_select($Catalogue, $Page, $PerPage, THREAD_CATALOGUE); $LastPost = end($Thread); $LastPost = $LastPost['ID'];
<?php if (!check_perms('site_torrents_notify')) { json_die("failure"); } define('NOTIFICATIONS_PER_PAGE', 50); list($Page, $Limit) = Format::page_limit(NOTIFICATIONS_PER_PAGE); $Results = $DB->query("\n\t\tSELECT\n\t\t\tSQL_CALC_FOUND_ROWS\n\t\t\tunt.TorrentID,\n\t\t\tunt.UnRead,\n\t\t\tunt.FilterID,\n\t\t\tunf.Label,\n\t\t\tt.GroupID\n\t\tFROM users_notify_torrents AS unt\n\t\t\tJOIN torrents AS t ON t.ID = unt.TorrentID\n\t\t\tLEFT JOIN users_notify_filters AS unf ON unf.ID = unt.FilterID\n\t\tWHERE unt.UserID = {$LoggedUser['ID']}" . (!empty($_GET['filterid']) && is_number($_GET['filterid']) ? " AND unf.ID = '{$_GET['filterid']}'" : '') . "\n\t\tORDER BY TorrentID DESC\n\t\tLIMIT {$Limit}"); $GroupIDs = array_unique($DB->collect('GroupID')); $DB->query('SELECT FOUND_ROWS()'); list($TorrentCount) = $DB->next_record(); if (count($GroupIDs)) { $TorrentGroups = Torrents::get_groups($GroupIDs); $DB->query("\n\t\tUPDATE users_notify_torrents\n\t\tSET UnRead = '0'\n\t\tWHERE UserID = {$LoggedUser['ID']}"); $Cache->delete_value("notifications_new_{$LoggedUser['ID']}"); } $DB->set_query_id($Results); $JsonNotifications = array(); $NumNew = 0; $FilterGroups = array(); while ($Result = $DB->next_record(MYSQLI_ASSOC)) { if (!$Result['FilterID']) { $Result['FilterID'] = 0; } if (!isset($FilterGroups[$Result['FilterID']])) { $FilterGroups[$Result['FilterID']] = array(); $FilterGroups[$Result['FilterID']]['FilterLabel'] = $Result['Label'] ? $Result['Label'] : false; } array_push($FilterGroups[$Result['FilterID']], $Result); } unset($Result);
default: if ($UserLevel >= 700) { $ViewString = 'Your Unanswered'; $WhereCondition = "\n\t\t\t\tWHERE (\n\t\t\t\t\t\t(Level >= " . max($Classes[MOD]['Level'], 700) . " AND Level <= {$UserLevel})\n\t\t\t\t\t\tOR AssignedToUser = '******'ID'] . "'\n\t\t\t\t\t)\n\t\t\t\t\tAND Status = 'Unanswered'"; } elseif ($UserLevel == 650) { // Forum Mods $ViewString = 'Your Unanswered'; $WhereCondition = "\n\t\t\t\tWHERE (Level = {$UserLevel} OR AssignedToUser = '******'ID'] . "')\n\t\t\t\t\tAND Status = 'Unanswered'"; } else { // FLS $ViewString = 'Unanswered'; $WhereCondition = "\n\t\t\t\tWHERE (Level <= {$UserLevel} OR AssignedToUser = '******'ID'] . "')\n\t\t\t\t\tAND Status = 'Unanswered'"; } break; } list($Page, $Limit) = Format::page_limit(MESSAGES_PER_PAGE); // Get messages $StaffPMs = $DB->query("\n\tSELECT\n\t\tSQL_CALC_FOUND_ROWS\n\t\tID,\n\t\tSubject,\n\t\tUserID,\n\t\tStatus,\n\t\tLevel,\n\t\tAssignedToUser,\n\t\tDate,\n\t\tUnread,\n\t\tResolverID\n\tFROM staff_pm_conversations\n\t{$WhereCondition}\n\tORDER BY {$SortStr} Level DESC, Date DESC\n\tLIMIT {$Limit}\n"); $DB->query('SELECT FOUND_ROWS()'); list($NumResults) = $DB->next_record(); $DB->set_query_id($StaffPMs); $CurURL = Format::get_url(); if (empty($CurURL)) { $CurURL = 'staffpm.php?'; } else { $CurURL = "staffpm.php?{$CurURL}&"; } $Pages = Format::get_pages($Page, $NumResults, MESSAGES_PER_PAGE, 9); $Row = 'a'; // Start page ?>
<?php list($Page, $Limit) = Format::page_limit(LOG_ENTRIES_PER_PAGE); if (!empty($_GET['search'])) { $Search = db_string($_GET['search']); } else { $Search = false; } $Words = explode(' ', $Search); $SQL = ' SELECT SQL_CALC_FOUND_ROWS ID, Message, Time FROM log '; if ($Search) { $SQL .= "WHERE Message LIKE '%"; $SQL .= implode("%' AND Message LIKE '%", $Words); $SQL .= "%' "; } if (!check_perms('site_view_full_log')) { if ($Search) { $SQL .= ' AND '; } else { $SQL .= ' WHERE '; } $SQL .= " Time>'" . time_minus(3600 * 24 * 28) . "' "; } $SQL .= "\n\tORDER BY ID DESC\n\tLIMIT {$Limit}"; $Log = $DB->query($SQL);
$UnreadSQL = 'AND q.UnRead'; if ($_GET['showall']) { $UnreadSQL = ''; } if ($_GET['catchup']) { $DB->query("UPDATE users_notify_quoted SET UnRead = '0' WHERE UserID = '{$LoggedUser['ID']}'"); $Cache->delete_value('notify_quoted_' . $LoggedUser['ID']); header('Location: userhistory.php?action=quote_notifications'); die; } if (isset($LoggedUser['PostsPerPage'])) { $PerPage = $LoggedUser['PostsPerPage']; } else { $PerPage = POSTS_PER_PAGE; } list($Page, $Limit) = Format::page_limit($PerPage); // Get $Limit last quote notifications // We deal with the information about torrents and requests later on... $sql = "\n\tSELECT\n\t\tSQL_CALC_FOUND_ROWS\n\t\tq.Page,\n\t\tq.PageID,\n\t\tq.PostID,\n\t\tq.QuoterID,\n\t\tq.Date,\n\t\tq.UnRead,\n\t\tf.ID as ForumID,\n\t\tf.Name as ForumName,\n\t\tt.Title as ForumTitle,\n\t\ta.Name as ArtistName,\n\t\tc.Name as CollageName\n\tFROM users_notify_quoted AS q\n\t\tLEFT JOIN forums_topics AS t ON t.ID = q.PageID\n\t\tLEFT JOIN forums AS f ON f.ID = t.ForumID\n\t\tLEFT JOIN artists_group AS a ON a.ArtistID = q.PageID\n\t\tLEFT JOIN collages AS c ON c.ID = q.PageID\n\tWHERE q.UserID = {$LoggedUser['ID']}\n\t\tAND (q.Page != 'forums' OR " . Forums::user_forums_sql() . ")\n\t\tAND (q.Page != 'collages' OR c.Deleted = '0')\n\t\t{$UnreadSQL}\n\tORDER BY q.Date DESC\n\tLIMIT {$Limit}"; $DB->query($sql); $Results = $DB->to_array(false, MYSQLI_ASSOC, false); $DB->query('SELECT FOUND_ROWS()'); list($NumResults) = $DB->next_record(); $TorrentGroups = $Requests = array(); foreach ($Results as $Result) { if ($Result['Page'] == 'torrents') { $TorrentGroups[] = $Result['PageID']; } elseif ($Result['Page'] == 'requests') { $Requests[] = $Result['PageID']; } }
<?php /************************************************************************ //------------// Main friends page //----------------------------------// This page lists a user's friends. There's no real point in caching this page. I doubt users load it that much. ************************************************************************/ // Number of users per page define('FRIENDS_PER_PAGE', '20'); include_once SERVER_ROOT . '/classes/paranoia.class.php'; View::show_header('Friends'); $UserID = $LoggedUser['ID']; list($Page, $Limit) = Format::page_limit(FRIENDS_PER_PAGE); // Main query $DB->query("\n\tSELECT\n\t\tSQL_CALC_FOUND_ROWS\n\t\tf.FriendID,\n\t\tf.Comment,\n\t\tm.Username,\n\t\tm.Uploaded,\n\t\tm.Downloaded,\n\t\tm.PermissionID,\n\t\tm.Paranoia,\n\t\tm.LastAccess,\n\t\ti.Avatar\n\tFROM friends AS f\n\t\tJOIN users_main AS m ON f.FriendID = m.ID\n\t\tJOIN users_info AS i ON f.FriendID = i.UserID\n\tWHERE f.UserID = '{$UserID}'\n\tORDER BY Username\n\tLIMIT {$Limit}"); $Friends = $DB->to_array(false, MYSQLI_BOTH, array(6, 'Paranoia')); // Number of results (for pagination) $DB->query('SELECT FOUND_ROWS()'); list($Results) = $DB->next_record(); // Start printing stuff ?> <div class="thin"> <div class="header"> <h2>Friends List</h2> </div> <div class="linkbox"> <?php // Pagination $Pages = Format::get_pages($Page, $Results, FRIENDS_PER_PAGE, 9);
<?php if (!check_perms("users_mod")) { error(404); } Text::$TOC = true; define('QUESTIONS_PER_PAGE', 25); list($Page, $Limit) = Format::page_limit(QUESTIONS_PER_PAGE); $DB->query("\n\t\tSELECT\n\t\t\tuq.ID,\n\t\t\tuq.Question,\n\t\t\tuq.UserID,\n\t\t\tuq.Date,\n\t\t\t(\n\t\t\t\tSELECT COUNT(1)\n\t\t\t\tFROM staff_answers AS sa\n\t\t\t\tWHERE sa.QuestionID = uq.ID\n\t\t\t) AS Responses\n\t\tFROM user_questions AS uq\n\t\tWHERE uq.ID NOT IN\n\t\t\t\t(\n\t\t\t\t\tSELECT siq.QuestionID\n\t\t\t\t\tFROM staff_ignored_questions AS siq\n\t\t\t\t\tWHERE siq.UserID = '{$LoggedUser['ID']}'\n\t\t\t\t)\n\t\t\tAND uq.ID NOT IN\n\t\t\t\t(\n\t\t\t\t\tSELECT sq.QuestionID\n\t\t\t\t\tFROM staff_answers AS sq\n\t\t\t\t\tWHERE sq.UserID = '{$LoggedUser['ID']}'\n\t\t\t\t)\n\t\tORDER BY uq.Date DESC\n\t\tLIMIT {$Limit}"); $Questions = $DB->to_array(); $DB->query("\n\tSELECT COUNT(1)\n\tFROM user_questions"); list($TotalQuestions) = $DB->next_record(); View::show_header('Ask the Staff', 'questions,bbcode'); if ($TotalQuestions > QUESTIONS_PER_PAGE) { ?> <div class="linkbox"> <?php $Pages = Format::get_pages($Page, $TotalQuestions, QUESTIONS_PER_PAGE); echo $Pages; ?> </div> <?php } ?> <div class="thin"> <div class="header"> <h2>User Questions</h2> <h3><?php echo number_format($TotalQuestions); ?> questions asked; <?php
<?php if (!check_perms('admin_donor_log')) { error(403); } include SERVER_ROOT . '/sections/donate/config.php'; define('DONATIONS_PER_PAGE', 50); list($Page, $Limit) = Format::page_limit(DONATIONS_PER_PAGE); $AfterDate = $_GET['after_date']; $BeforeDate = $_GET['before_date']; $DateSearch = false; if (!empty($AfterDate) && !empty($BeforeDate)) { list($Y, $M, $D) = explode('-', $AfterDate); if (!checkdate($M, $D, $Y)) { error('Incorrect "after" date format'); } list($Y, $M, $D) = explode('-', $BeforeDate); if (!checkdate($M, $D, $Y)) { error('Incorrect "before" date format'); } $AfterDate = db_string($AfterDate); $BeforeDate = db_string($BeforeDate); $DateSearch = true; } $Operator = "WHERE"; $SQL = "\n\tSELECT\n\t\tSQL_CALC_FOUND_ROWS\n\t\td.UserID,\n\t\td.Amount,\n\t\td.Currency,\n\t\td.Email,\n\t\td.Time,\n\t\td.Source,\n\t\tm.Username,\n\t\td.AddedBy,\n\t\td.Reason\n\tFROM donations AS d\n\tLEFT JOIN users_main AS m ON m.ID = d.UserID "; if (!empty($_GET['email'])) { $SQL .= "\n\t{$Operator} d.Email LIKE '%" . db_string($_GET['email']) . "%' "; $Operator = "AND"; } if (!empty($_GET['username'])) {
xmlhttp = new ActiveXObject("Microsoft.XMLHTTP"); } xmlhttp.onreadystatechange = function() { if (xmlhttp.readyState == 4 && xmlhttp.status == 200) { document.getElementById(elemID).innerHTML = "Ban"; document.getElementById(elemID).onclick = function() { Ban(ip, elemID); return false; }; } } xmlhttp.open("GET","tools.php?action=quick_ban&perform=delete&id=" + id + "&ip=" + ip, true); xmlhttp.send(); } */ //]]> </script> <?php list($Page, $Limit) = Format::page_limit(IPS_PER_PAGE); if ($UsersOnly) { $DB->query("\n\t\tSELECT DISTINCT IP\n\t\tFROM users_history_ips\n\t\tWHERE UserID = '{$UserID}'\n\t\t\t{$SearchIPQuery}"); if ($DB->has_results()) { $UserIPs = db_array($DB->collect('IP'), array(), true); $DB->query("\n\t\t\tSELECT DISTINCT IP\n\t\t\tFROM users_history_ips\n\t\t\tWHERE UserID != '{$UserID}'\n\t\t\t\tAND IP IN (" . implode(',', $UserIPs) . ")"); unset($UserIPs); if ($DB->has_results()) { $OtherIPs = db_array($DB->collect('IP'), array(), true); $QueryID = $DB->query("\n\t\t\t\tSELECT\n\t\t\t\t\tSQL_CALC_FOUND_ROWS\n\t\t\t\t\tIP,\n\t\t\t\t\tStartTime,\n\t\t\t\t\tEndTime\n\t\t\t\tFROM users_history_ips\n\t\t\t\tWHERE UserID = '{$UserID}'\n\t\t\t\t\tAND IP IN (" . implode(',', $OtherIPs) . ")\n\t\t\t\tORDER BY StartTime DESC\n\t\t\t\tLIMIT {$Limit}"); unset($OtherIPs); } } } else { $QueryID = $DB->query("\n\t\tSELECT\n\t\t\tSQL_CALC_FOUND_ROWS\n\t\t\tIP,\n\t\t\tStartTime,\n\t\t\tEndTime\n\t\tFROM users_history_ips\n\t\tWHERE UserID = '{$UserID}'\n\t\t\t{$SearchIPQuery}\n\t\tORDER BY StartTime DESC\n\t\tLIMIT {$Limit}"); }
} $UserID = $_GET['userid']; $TorrentID = $_GET['torrentid']; if (!is_number($UserID) || !is_number($TorrentID)) { error(403); } $DB->query("\n\t\tSELECT info_hash\n\t\tFROM torrents\n\t\tWHERE ID = {$TorrentID}"); if (list($InfoHash) = $DB->next_record(MYSQLI_NUM, FALSE)) { $DB->query("\n\t\t\tUPDATE users_freeleeches\n\t\t\tSET Expired = TRUE\n\t\t\tWHERE UserID = {$UserID}\n\t\t\t\tAND TorrentID = {$TorrentID}"); $Cache->delete_value("users_tokens_{$UserID}"); Tracker::update_tracker('remove_token', array('info_hash' => rawurlencode($InfoHash), 'userid' => $UserID)); } header("Location: userhistory.php?action=token_history&userid={$UserID}"); } View::show_header('Freeleech token history'); list($Page, $Limit) = Format::page_limit(25); $DB->query("\n\tSELECT\n\t\tSQL_CALC_FOUND_ROWS\n\t\tf.TorrentID,\n\t\tt.GroupID,\n\t\tf.Time,\n\t\tf.Expired,\n\t\tf.Downloaded,\n\t\tf.Uses,\n\t\tg.Name,\n\t\tt.Format,\n\t\tt.Encoding\n\tFROM users_freeleeches AS f\n\t\tLEFT JOIN torrents AS t ON t.ID = f.TorrentID\n\t\tLEFT JOIN torrents_group AS g ON g.ID = t.GroupID\n\tWHERE f.UserID = {$UserID}\n\tORDER BY f.Time DESC\n\tLIMIT {$Limit}"); $Tokens = $DB->to_array(); $DB->query('SELECT FOUND_ROWS()'); list($NumResults) = $DB->next_record(); $Pages = Format::get_pages($Page, $NumResults, 25); ?> <div class="header"> <h2>Freeleech token history for <?php echo Users::format_username($UserID, false, false, false); ?> </h2> </div> <div class="linkbox"><?php echo $Pages; ?>
/** * Load a page's comments. This takes care of `postid` and (indirectly) `page` parameters passed in $_GET. * Quote notifications and last read are also handled here, unless $HandleSubscriptions = false is passed. * @param string $Page * @param int $PageID * @param bool $HandleSubscriptions Whether or not to handle subscriptions (last read & quote notifications) * @return array ($NumComments, $Page, $Thread, $LastRead) * $NumComments: the total number of comments on this artist/request/torrent group * $Page: the page we're currently on * $Thread: an array of all posts on this page * $LastRead: ID of the last comment read by the current user in this thread; * will be false if $HandleSubscriptions == false or if there are no comments on this page */ public static function load($Page, $PageID, $HandleSubscriptions = true) { $QueryID = G::$DB->get_query_id(); // Get the total number of comments $NumComments = G::$Cache->get_value($Page . "_comments_{$PageID}"); if ($NumComments === false) { G::$DB->query("\n\t\t\t\tSELECT COUNT(ID)\n\t\t\t\tFROM comments\n\t\t\t\tWHERE Page = '{$Page}'\n\t\t\t\t\tAND PageID = {$PageID}"); list($NumComments) = G::$DB->next_record(); G::$Cache->cache_value($Page . "_comments_{$PageID}", $NumComments, 0); } // If a postid was passed, we need to determine which page that comment is on. // Format::page_limit handles a potential $_GET['page'] if (isset($_GET['postid']) && is_number($_GET['postid']) && $NumComments > TORRENT_COMMENTS_PER_PAGE) { G::$DB->query("\n\t\t\t\tSELECT COUNT(ID)\n\t\t\t\tFROM comments\n\t\t\t\tWHERE Page = '{$Page}'\n\t\t\t\t\tAND PageID = {$PageID}\n\t\t\t\t\tAND ID <= {$_GET['postid']}"); list($PostNum) = G::$DB->next_record(); list($CommPage, $Limit) = Format::page_limit(TORRENT_COMMENTS_PER_PAGE, $PostNum); } else { list($CommPage, $Limit) = Format::page_limit(TORRENT_COMMENTS_PER_PAGE, $NumComments); } // Get the cache catalogue $CatalogueID = floor((TORRENT_COMMENTS_PER_PAGE * $CommPage - TORRENT_COMMENTS_PER_PAGE) / THREAD_CATALOGUE); // Cache catalogue from which the page is selected, allows block caches and future ability to specify posts per page $Catalogue = G::$Cache->get_value($Page . '_comments_' . $PageID . '_catalogue_' . $CatalogueID); if ($Catalogue === false) { $CatalogueLimit = $CatalogueID * THREAD_CATALOGUE . ', ' . THREAD_CATALOGUE; G::$DB->query("\n\t\t\t\tSELECT\n\t\t\t\t\tc.ID,\n\t\t\t\t\tc.AuthorID,\n\t\t\t\t\tc.AddedTime,\n\t\t\t\t\tc.Body,\n\t\t\t\t\tc.EditedUserID,\n\t\t\t\t\tc.EditedTime,\n\t\t\t\t\tu.Username\n\t\t\t\tFROM comments AS c\n\t\t\t\t\tLEFT JOIN users_main AS u ON u.ID = c.EditedUserID\n\t\t\t\tWHERE c.Page = '{$Page}'\n\t\t\t\t\tAND c.PageID = {$PageID}\n\t\t\t\tORDER BY c.ID\n\t\t\t\tLIMIT {$CatalogueLimit}"); $Catalogue = G::$DB->to_array(false, MYSQLI_ASSOC); G::$Cache->cache_value($Page . '_comments_' . $PageID . '_catalogue_' . $CatalogueID, $Catalogue, 0); } //This is a hybrid to reduce the catalogue down to the page elements: We use the page limit % catalogue $Thread = array_slice($Catalogue, (TORRENT_COMMENTS_PER_PAGE * $CommPage - TORRENT_COMMENTS_PER_PAGE) % THREAD_CATALOGUE, TORRENT_COMMENTS_PER_PAGE, true); if ($HandleSubscriptions && count($Thread) > 0) { // quote notifications $LastPost = end($Thread); $LastPost = $LastPost['ID']; $FirstPost = reset($Thread); $FirstPost = $FirstPost['ID']; G::$DB->query("\n\t\t\t\tUPDATE users_notify_quoted\n\t\t\t\tSET UnRead = false\n\t\t\t\tWHERE UserID = " . G::$LoggedUser['ID'] . "\n\t\t\t\t\tAND Page = '{$Page}'\n\t\t\t\t\tAND PageID = {$PageID}\n\t\t\t\t\tAND PostID >= {$FirstPost}\n\t\t\t\t\tAND PostID <= {$LastPost}"); if (G::$DB->affected_rows()) { G::$Cache->delete_value('notify_quoted_' . G::$LoggedUser['ID']); } // last read G::$DB->query("\n\t\t\t\tSELECT PostID\n\t\t\t\tFROM users_comments_last_read\n\t\t\t\tWHERE UserID = " . G::$LoggedUser['ID'] . "\n\t\t\t\t\tAND Page = '{$Page}'\n\t\t\t\t\tAND PageID = {$PageID}"); list($LastRead) = G::$DB->next_record(); if ($LastRead < $LastPost) { G::$DB->query("\n\t\t\t\t\tINSERT INTO users_comments_last_read\n\t\t\t\t\t\t(UserID, Page, PageID, PostID)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t(" . G::$LoggedUser['ID'] . ", '{$Page}', {$PageID}, {$LastPost})\n\t\t\t\t\tON DUPLICATE KEY UPDATE\n\t\t\t\t\t\tPostID = {$LastPost}"); G::$Cache->delete_value('subscriptions_user_new_' . G::$LoggedUser['ID']); } } else { $LastRead = false; } G::$DB->set_query_id($QueryID); return array($NumComments, $CommPage, $Thread, $LastRead); }
<?php if (empty($_GET['nojump'])) { $ArticleID = Wiki::alias_to_id($_GET['search']); if ($ArticleID) { //Found the article! header('Location: wiki.php?action=article&id=' . $ArticleID); die; } } define('ARTICLES_PER_PAGE', 25); list($Page, $Limit) = Format::page_limit(ARTICLES_PER_PAGE); $OrderVals = array('Title', 'Created', 'Edited'); $WayVals = array('Ascending', 'Descending'); $TypeTable = array('Title' => 'Title', 'Body' => 'Body'); $OrderTable = array('Title' => 'Title', 'Created' => 'ID', 'Edited' => 'Date'); $WayTable = array('Ascending' => 'ASC', 'Descending' => 'DESC'); // What are we looking for? Let's make sure it isn't dangerous. $Search = db_string(trim($_GET['search'])); if (!in_array($Type, array('Title', 'Body'))) { $Type = 'Title'; } // Break search string down into individual words $Words = explode(' ', $Search); $Type = $TypeTable[$_GET['type']]; if (!$Type) { $Type = 'Title'; } $Order = $OrderTable[$_GET['order']]; if (!$Order) { $Order = 'ID';
<?php define('COLLAGES_PER_PAGE', 25); list($Page, $Limit) = Format::page_limit(COLLAGES_PER_PAGE); $OrderVals = array('Time', 'Name', 'Subscribers', 'Torrents', 'Updated'); $WayVals = array('Ascending', 'Descending'); $OrderTable = array('Time' => 'ID', 'Name' => 'c.Name', 'Subscribers' => 'c.Subscribers', 'Torrents' => 'NumTorrents', 'Updated' => 'c.Updated'); $WayTable = array('Ascending' => 'ASC', 'Descending' => 'DESC'); // Are we searching in bodies, or just names? if (!empty($_GET['type'])) { $Type = $_GET['type']; if (!in_array($Type, array('c.name', 'description'))) { $Type = 'c.name'; } } else { $Type = 'c.name'; } if (!empty($_GET['search'])) { // What are we looking for? Let's make sure it isn't dangerous. $Search = db_string(trim($_GET['search'])); // Break search string down into individual words $Words = explode(' ', $Search); } if (!empty($_GET['tags'])) { $Tags = explode(',', db_string(trim($_GET['tags']))); foreach ($Tags as $ID => $Tag) { $Tags[$ID] = Misc::sanitize_tag($Tag); } } if (!empty($_GET['cats'])) { $Categories = $_GET['cats'];
<?php define('EMAILS_PER_PAGE', 25); if (!check_perms('users_view_email')) { error(403); } list($Page, $Limit) = Format::page_limit(EMAILS_PER_PAGE); View::show_header('Manage email blacklist'); $Where = ""; if (!empty($_POST['email'])) { $Email = db_string($_POST['email']); $Where .= " WHERE Email LIKE '%{$Email}%'"; } if (!empty($_POST['comment'])) { $Comment = db_string($_POST['comment']); if (!empty($Where)) { $Where .= " AND"; } else { $Where .= " WHERE"; } $Where .= " Comment LIKE '%{$Comment}%'"; } $DB->query("\n\tSELECT\n\t\tSQL_CALC_FOUND_ROWS\n\t\tID,\n\t\tUserID,\n\t\tTime,\n\t\tEmail,\n\t\tComment\n\tFROM email_blacklist\n\t{$Where}\n\tORDER BY Time DESC\n\tLIMIT {$Limit}"); $Results = $DB->to_array(false, MYSQLI_ASSOC, false); $DB->query('SELECT FOUND_ROWS()'); list($NumResults) = $DB->next_record(); ?> <div class="header"> <h2>Email Blacklist</h2> </div> <br />