$urltitle = $page['id'];
//urlencode($page['id']);
$nicetitle = htmlspecialchars(url2title($page['id']));
$title = 'Wiki » ' . $nicetitle;
if ($page['istalk']) {
$links .= actionLinkTagItem('Page', 'wiki', substr($urltitle, 5)) . '<li>Discuss</li>';
} else {
$links .= '<li>Page</li>' . actionLinkTagItem('Discuss', 'wiki', 'Talk:' . $urltitle);
}
if ($page['canedit']) {
$links .= actionLinkTagItem('Edit', 'wikiedit', $urltitle);
}
if ($page['ismain']) {
MakeCrumbs(array(actionLink('wiki') => 'Wiki'), $links);
} else {
MakeCrumbs(array(actionLink('wiki') => 'Wiki', actionLink('wiki', $urltitle) => $nicetitle), $links);
}
echo '
<table class="outline margin">
<tr class="cell1">
<td style="padding:0px 1em 1em;">';
if ($page['flags'] & WIKI_PFLAG_DELETED) {
echo '<h1>' . $nicetitle . '</h1>This page has been deleted.';
} else {
if ($page['new']) {
echo '<h1>' . $nicetitle . '</h1>This page does not exist.';
if ($page['canedit']) {
echo '<br><br>' . actionLinkTag('Create it now', 'wikiedit', $urltitle);
}
} else {
$revInfo = '';
$rFora = Query("select * from {forums} where id={0}", $fid);
if (NumRows($rFora)) {
$forum = Fetch($rFora);
} else {
Kill(__("Unknown forum ID."));
}
if ($forum['locked']) {
Kill(__("This forum is locked."));
}
if (!isset($_POST['poll']) || isset($_GET['poll'])) {
$_POST['poll'] = $_GET['poll'];
}
$isHidden = !HasPermission('forum.viewforum', $fid, true);
$urlname = $isHidden ? '' : $forum['title'];
$OnlineUsersFid = $fid;
MakeCrumbs(forumCrumbs($forum) + array('' => __("New thread")));
$attachs = array();
if (isset($_POST['saveuploads'])) {
$attachs = HandlePostAttachments(0, false);
} else {
if (isset($_POST['actionpreview'])) {
$attachs = HandlePostAttachments(0, false);
if ($_POST['poll']) {
$options = array();
$pdata = array();
$pdata['question'] = htmlspecialchars($_POST['pollQuestion']);
$pdata['options'] = array();
$noColors = 0;
$defaultColors = array("#0000B6", "#00B600", "#00B6B6", "#B60000", "#B600B6", "#B66700", "#B6B6B6", "#676767", "#6767FF", "#67FF67", "#67FFFF", "#FF6767", "#FF67FF", "#FFFF67", "#FFFFFF");
$totalVotes = 0;
foreach ($_POST['pollOption'] as $i => $opt) {
$rFora = Query("select * from {forums} where id={0}", $fid);
if (NumRows($rFora)) {
$forum = Fetch($rFora);
} else {
Kill("Unknown forum ID.");
}
$fid = $forum['id'];
$isHidden = !HasPermission('forum.viewforum', $fid, true);
if ($thread['closed'] && !HasPermission('mod.closethreads', $fid)) {
Kill(__("This thread is locked."));
}
$OnlineUsersFid = $fid;
LoadPostToolbar();
$tags = ParseThreadTags($thread['title']);
$urlname = $isHidden ? '' : $tags[0];
MakeCrumbs(forumCrumbs($forum) + array(actionLink("thread", $tid, '', $urlname) => $tags[0], '' => __("New reply")));
if (!$thread['sticky'] && Settings::get("oldThreadThreshold") > 0 && $thread['lastpostdate'] < time() - 2592000 * Settings::get("oldThreadThreshold")) {
Alert(__("You are about to bump an old thread. This is usually a very bad idea. Please think about what you are about to do before you press the Post button."));
}
$attachs = array();
if (isset($_POST['saveuploads'])) {
$attachs = HandlePostAttachments(0, false);
} else {
if (isset($_POST['actionpreview'])) {
$attachs = HandlePostAttachments(0, false);
$previewPost['text'] = $_POST["text"];
$previewPost['num'] = $loguser['posts'] + 1;
$previewPost['posts'] = $loguser['posts'] + 1;
$previewPost['id'] = 0;
$previewPost['options'] = 0;
if ($_POST['nopl']) {
}
}
$search = Query("\n\t\t\tSELECT pt.pid pid\n\t\t\tFROM {posts_text} pt\n\t\t\t\tLEFT JOIN {posts} p ON pt.pid = p.id\n\t\t\tWHERE pt.revision = p.currentrevision AND MATCH(pt.text) AGAINST({0} IN BOOLEAN MODE)\n\t\t\tORDER BY p.date DESC", $bool);
$presults = array();
if (NumRows($search)) {
while ($result = Fetch($search)) {
$presults[] = $result['pid'];
}
}
Query("\n\t\t\tINSERT INTO {searchcache} (queryhash,query,date,threadresults,postresults) \n\t\t\tVALUES ({0},{1},{2},{3},{4})\n\t\t\tON DUPLICATE KEY UPDATE date={2}, threadresults={3}, postresults={4}", $sqhash, $searchQuery, time(), implode(',', $tresults), implode(',', $presults));
}
if (isset($_POST['q'])) {
die(header('Location: ' . actionLink('search', '', 'q=' . urlencode($searchQuery) . '&inposts=' . $_POST['inposts'])));
}
}
MakeCrumbs(array(actionLink("search") => __("Search")));
echo "\n\t<form action=\"" . htmlentities(actionLink("search")) . "\" method=\"post\">";
$fields = array('terms' => "<input type=\"text\" maxlength=\"1024\" name=\"q\" style=\"width:100%;border-sizing:border-box;-moz-border-sizing:border-box;\" value=\"" . htmlspecialchars($_REQUEST['q']) . "\">", 'searchin' => '
<label><input type="radio" name="inposts" value="0"' . ($_REQUEST['inposts'] == 0 ? ' checked="checked"' : '') . '>' . __('Thread titles') . '</label>
<label><input type="radio" name="inposts" value="1"' . ($_REQUEST['inposts'] == 1 ? ' checked="checked"' : '') . '>' . __('Posts') . '</label>', 'btnSubmit' => "<input type=\"submit\" value=\"" . __("Search") . "\">");
RenderTemplate('form_search', array('fields' => $fields));
echo "\n\t</form>";
if (isset($_GET['q'])) {
$viewableforums = ForumsWithPermission('forum.viewforum');
$searchQuery = $_GET['q'];
$searchQuery = strtolower(preg_replace('@\\s+@', ' ', $searchQuery));
$bool = htmlspecialchars($searchQuery);
$t = explode(" ", $bool);
$terms = array();
foreach ($t as $term) {
if ($term[0] == "-") {
<?php
if (!defined('BLARG')) {
die;
}
$title = 'Post quality stats';
MakeCrumbs(array(actionLink('postquality') => 'Post quality stats'));
$stuff = Query("\tSELECT\n\t\t\t\t\t\tu.(_userfields),\n\t\t\t\t\t\tu.posts totalposts,\n\t\t\t\t\t\t(SELECT COUNT(*) FROM {posts} p WHERE p.user=u.id AND p.deleted!=0 AND p.deletedby!=u.id) deletedposts\n\t\t\t\t\tFROM\n\t\t\t\t\t\t{users} u\n\t\t\t\t\tWHERE " . ($_GET['showbanned'] ? '' : 'u.primarygroup!={0} AND ') . "u.posts>0\n\t\t\t\t\tHAVING (deletedposts / totalposts)>0.015\n\t\t\t\t\tORDER BY (deletedposts / totalposts) DESC", Settings::get('bannedGroup'));
echo '
<table class="outline margin">
<tr class="cell0">
<td colspan="5" class="center">
<br>
This page shows, for each user, how many of their posts were deleted by the staff.<br>
(users with less than 2% of deleted posts aren\'t shown)<br>
<br>
If you are in the green part, you are fine, but try to be a little careful.<br>
If you are in the orange part, you should really improve the quality of your posts.<br>
If you are in the red part, you are walking on thin ice, and should think twice before posting again.<br>
<br>
</td>
</tr>
<tr class="header1">
<th>User</th>
<th>Posts</th>
<th>Deleted</th>
<th>Ratio</th>
<th style="width:120px;"> </th>
</tr>';
$c = 1;
while ($user = Fetch($stuff)) {
if (!HasPermission('forum.viewforum', $fid)) {
Kill(__('You may not access this forum.'));
}
$tags = ParseThreadTags($thread['title']);
$isHidden = !HasPermission('forum.viewforum', $fid, true);
if ($_POST['report']) {
if ($_POST['key'] !== $loguser['token']) {
Kill(__('No.'));
}
// TODO make this use actual notifications or anything better
Query("INSERT INTO {pmsgs_text} (title,text) VALUES ({0},{1})", "Post report (post #{$pid})", '');
$pmid = InsertId();
Query("INSERT INTO {pmsgs} (id,userto,userfrom,date,ip,msgread,deleted,drafting)\n\t\tVALUES ({0},{1},{2},{3},{4},0,0,0)", $pmid, -1, $loguserid, time(), $_SERVER['REMOTE_ADDR']);
$report = "<strong>Post report</strong>\n\n<strong>Post:</strong> " . actionLinkTag($tags[0], 'post', $pid) . " (post #{$pid})\n\n<strong>Message:</strong>\n{$_POST['message']}\n\n" . actionLinkTag('Mark issue as resolved', 'showprivate', $pmid, 'markread=1');
Query("UPDATE {pmsgs_text} SET text={0} WHERE pid={1}", $report, $pmid);
SendNotification('pm', $pmid, -1);
die(header('Location: ' . actionLink('post', $pid)));
}
MakeCrumbs(forumCrumbs($forum) + array(actionLink("thread", $tid, '', $isHidden ? '' : $tags[0]) => $tags[0], '' => __("Report post")));
$user = Fetch(Query("SELECT * FROM {users} WHERE id={0}", $post['user']));
foreach ($user as $key => $value) {
$post['u_' . $key] = $value;
}
MakePost($post, POST_SAMPLE);
$fields = array('message' => '<textarea id="text" name="message" rows=10></textarea>', 'btnSubmit' => '<input type="submit" name="report" value="' . __('Submit report') . '">');
echo '
<form action="" method="POST">';
RenderTemplate('form_reportpost', array('fields' => $fields));
echo '
<input type="hidden" name="key" value="' . $loguser['token'] . '">
</form>';
} else {
Kill(__("Unknown user ID."));
}
$title = __("Post list");
$total = FetchResult("\n\t\t\tSELECT\n\t\t\t\tcount(p.id)\n\t\t\tFROM\n\t\t\t\t{posts} p\n\t\t\t\tLEFT JOIN {threads} t ON t.id=p.thread{$extrashit}\n\t\t\tWHERE p.user={0} AND t.forum IN ({1c})", $id, ForumsWithPermission('forum.viewforum'));
$ppp = $loguser['postsperpage'];
if (isset($_GET['from'])) {
$from = (int) $_GET['from'];
} else {
$from = 0;
}
if (!$ppp) {
$ppp = 25;
}
$rPosts = Query("\tSELECT\n\t\t\t\tp.*,\n\t\t\t\tpt.text, pt.revision, pt.user AS revuser, pt.date AS revdate,\n\t\t\t\tu.(_userfields), u.(rankset,title,picture,posts,postheader,signature,signsep,lastposttime,lastactivity,regdate,globalblock,fulllayout),\n\t\t\t\tru.(_userfields),\n\t\t\t\tdu.(_userfields),\n\t\t\t\tt.id thread, t.title threadname,\n\t\t\t\tf.id fid\n\t\t\tFROM\n\t\t\t\t{posts} p\n\t\t\t\tLEFT JOIN {posts_text} pt ON pt.pid = p.id AND pt.revision = p.currentrevision\n\t\t\t\tLEFT JOIN {users} u ON u.id = p.user\n\t\t\t\tLEFT JOIN {users} ru ON ru.id=pt.user\n\t\t\t\tLEFT JOIN {users} du ON du.id=p.deletedby\n\t\t\t\tLEFT JOIN {threads} t ON t.id=p.thread\n\t\t\t\tLEFT JOIN {forums} f ON f.id=t.forum\n\t\t\t\tLEFT JOIN {categories} c ON c.id=f.catid\n\t\t\tWHERE u.id={1} AND f.id IN ({4c}){$extrashit}\n\t\t\tORDER BY date ASC LIMIT {2u}, {3u}", $loguserid, $id, $from, $ppp, ForumsWithPermission('forum.viewforum'));
$numonpage = NumRows($rPosts);
$uname = $user["name"];
if ($user["displayname"]) {
$uname = $user["displayname"];
}
MakeCrumbs(array(actionLink("profile", $id, "", $user["name"]) => htmlspecialchars($uname), '' => __("List of posts")));
$pagelinks = PageLinks(actionLink("listposts", $id, "from=", $user['name']), $ppp, $from, $total);
RenderTemplate('pagelinks', array('pagelinks' => $pagelinks, 'position' => 'top'));
if (NumRows($rPosts)) {
while ($post = Fetch($rPosts)) {
MakePost($post, POST_NORMAL, array('threadlink' => 1, 'tid' => $post['thread'], 'fid' => $post['fid'], 'noreplylinks' => 1));
}
} else {
Alert('This user has no posts.', 'Notice');
}
RenderTemplate('pagelinks', array('pagelinks' => $pagelinks, 'position' => 'bottom'));
<?php
// AcmlmBoard XD - Private message sending/previewing page
// Access: user
if (!defined('BLARG')) {
die;
}
$title = __("Private messages");
MakeCrumbs(array(actionLink("private") => __("Private messages"), '' => __("Send PM")));
if (!$loguserid) {
//Not logged in?
Kill(__("You must be logged in to send private messages."));
}
CheckPermission('user.sendpms');
$draftID = 0;
$replyTo = 0;
$convStart = 0;
$urlargs = array();
$pid = (int) $_GET['pid'];
if ($pid) {
$urlargs[] = 'pid=' . $pid;
// this shouldn't select drafts someone else is preparing for us
// those drafts will have recipients stored in draft_to, with userto set to 0
$rPM = Query("select * from {pmsgs} left join {pmsgs_text} on pid = {pmsgs}.id where (userfrom={0} OR userto={0}) and {pmsgs}.id = {1}", $loguserid, $pid);
if (NumRows($rPM)) {
$pm = Fetch($rPM);
$rUser = Query("select name from {users} where id = {0}", $pm['userfrom']);
if (NumRows($rUser)) {
$user = Fetch($rUser);
} else {
Kill(__("Unknown user."));
<?php
// AcmlmBoard XD - Frequently Asked Questions page
// Access: all
if (!defined('BLARG')) {
die;
}
$title = __("FAQ");
$links = array();
if (HasPermission('admin.editsettings')) {
$links[] = actionLinkTag(__("Edit the FAQ"), "editsettings", '', 'field=faqText');
}
MakeCrumbs(array(actionLink("faq") => __("FAQ")), $links);
makeThemeArrays();
$admin = Fetch(Query("select u.(_userfields) from {users} u where u.primarygroup={0}", Settings::get('rootGroup')));
$admin = userLink(getDataPrefix($admin, 'u_'));
$sexes = array(0 => __("Male"), 1 => __("Female"), 2 => __("N/A"));
$scolors = array(0 => 'color_male', 1 => 'color_female', 2 => 'color_unspec');
$gcolors = array();
$g = Query("SELECT title, color_male, color_female, color_unspec FROM {usergroups} WHERE type=0 ORDER BY rank");
while ($group = Fetch($g)) {
$gcolors[] = $group;
}
$headers = "";
$colors = "";
foreach ($sexes as $ss) {
$headers .= format("\n\t<th>\n\t\t{0}\n\t</th>\n", $ss);
}
foreach ($gcolors as $g) {
$cellClass = ($cellClass + 1) % 2;
$items = "";
<?php
$title = __("Ranks");
MakeCrumbs(array(actionLink("ranks") => __("Ranks")));
loadRanksets();
if (count($ranksetData) == 0) {
Kill(__("No ranksets have been defined."));
}
if (!isset($_GET['id'])) {
$rankset = $loguser['rankset'];
if (!$rankset || !isset($ranksetData[$rankset])) {
$rankset = array_keys($ranksetData);
$rankset = $rankset[0];
}
die(header("Location: " . actionLink("ranks", $rankset)));
}
$rankset = $_GET['id'];
if (!isset($ranksetData[$rankset])) {
Kill(__("Rankset not found."));
}
$ranksets = array();
foreach ($ranksetNames as $name => $title) {
if ($name == $rankset) {
$ranksets[] = $title;
} else {
$ranksets[] = actionLinkTag($title, 'ranks', $name);
}
}
$users = array();
$rUsers = Query("select u.(_userfields), u.(posts,lastposttime) from {users} u order by id asc");
while ($user = Fetch($rUsers)) {
} else {
Alert(__("No such file or not yours to mess with."));
}
} else {
if ($_GET['action'] == 'restore' && HasPermission('uploader.deletefiles')) {
$fid = $_GET['fid'];
$check = FetchResult("select count(*) from {uploader} where id = {0}", $fid);
if ($check) {
Query("UPDATE {uploader} SET deldate=0 WHERE id={0}", $fid);
Report("[b]" . $loguser['name'] . "[/] restored \"[b]" . $entry['filename'] . "[/]\" ({$fid}).", 1);
die(header("Location: " . actionLink("uploaderlist", "", "cat=" . $_GET["cat"])));
} else {
Alert(__("No such file."));
}
} else {
MakeCrumbs(array(actionLink("uploader") => "Uploader"), $links);
$errormsg = __("No categories found.");
$entries = Query("select * from {uploader_categories} order by ord");
if (NumRows($entries) == 0) {
print "\n\t\t<table class=\"outline margin\">\n\t\t\t<tr class=\"header0\">\n\n\n\n\t\t\t\t<th colspan=\"7\">" . __("Files") . "</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td colspan=\"4\">\n\t\t\t\t\t" . $errormsg . "\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t\t";
} else {
print "\n\t\t<table class=\"outline margin width100\">\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"7\">" . __("Categories") . "</th>\n\t\t\t</tr>\n\t\t";
$cellClass = 0;
while ($entry = Fetch($entries)) {
$filecount = FetchResult("select count(*) from {uploader} where category = {0} AND deldate=0", $entry['id']);
print "<tr class=\"cell{$cellClass}\"><td>";
print actionLinkTag($entry['name'], "uploaderlist", "", "cat=" . $entry['id']);
print "<br />";
print $entry['description'];
print "<br />";
print Plural($filecount, 'file');
Kill(__('No.'));
}
if ($settings[$htmlfield]['type'] != 'texthtml') {
Kill(__('No.'));
}
$htmlname = $settings[$htmlfield]['name'];
} else {
$htmlfield = null;
}
if (!ctype_alnum($plugin)) {
Kill(__("No."));
}
if ($plugin == "main") {
MakeCrumbs(array(actionLink("admin") => __("Admin"), '' => __("Edit settings")));
} else {
MakeCrumbs(array(actionLink("admin") => __("Admin"), actionLink("pluginmanager") => __("Plugin manager"), '' => $plugins[$plugin]['name']));
}
$settings = Settings::getSettingsFile($plugin);
$oursettings = Settings::$settingsArray[$plugin];
$invalidsettings = array();
if (isset($_POST["_plugin"])) {
if ($_POST['key'] !== $loguser['token']) {
Kill(__('No.'));
}
//Save the settings.
$valid = true;
foreach ($_POST as $key => $value) {
if ($key == "_plugin") {
continue;
}
//Don't accept unexisting settings.
<?php
require 'wikilib.php';
$title = 'Wiki » Recent changes';
MakeCrumbs(array(actionLink('wiki') => 'Wiki', actionLink('wikichanges') => 'Recent changes'), $links);
$mydatefmt = 'm-d-Y';
if ($loguserid) {
$mydatefmt = $loguser['dateformat'];
}
$time = (int) $_GET['time'];
if (!$time) {
$time = 86400;
}
$spans = array(86400 => 'Today', 604800 => 'This week', 2592000 => 'This month');
$spanList = "";
foreach ($spans as $span => $text) {
if ($span == $time) {
$spanList .= '<li>' . $text . '</li>';
} else {
$spanList .= actionLinkTagItem($text, 'wikichanges', '', 'time=' . $span);
}
}
echo '
<div class="smallFonts margin">
View changes for:
<ul class="pipemenu">
' . $spanList . '
</ul>
</div>
';
echo '
<?php
// AcmlmBoard XD - IP ban management tool
// Access: administrators only
$title = __("IP bans");
CheckPermission('admin.manageipbans');
MakeCrumbs(array(actionLink("admin") => __("Admin"), actionLink("ipbans") => __("IP ban manager")));
if (isset($_POST['actionadd'])) {
//This doesn't allow you to ban IP ranges...
//if(!filter_var($_POST['ip'], FILTER_VALIDATE_IP))
// Alert("Invalid IP");
//else
if (isIPBanned($_POST['ip'])) {
Alert("Already banned IP!");
} else {
$rIPBan = Query("insert into {ipbans} (ip, reason, date) values ({0}, {1}, {2})", $_POST['ip'], $_POST['reason'], (int) $_POST['days'] > 0 ? time() + (int) $_POST['days'] * 86400 : 0);
Alert(__("Added."), __("Notice"));
}
} elseif ($_GET['action'] == "delete") {
$rIPBan = Query("delete from {ipbans} where ip={0} limit 1", $_GET['ip']);
Alert(__("Removed."), __("Notice"));
}
$rIPBan = Query("select * from {ipbans} order by date desc, ip asc");
$banList = "";
while ($ipban = Fetch($rIPBan)) {
$cellClass = ($cellClass + 1) % 2;
if ($ipban['date']) {
$date = formatdate($ipban['date']) . " (" . TimeUnits($ipban['date'] - time()) . " left)";
} else {
$date = __("Permanent");
}
<?php
$title = __("Mood avatars");
if (!$loguserid) {
Kill(__("You must be logged in to edit your avatars."));
}
CheckPermission('user.editprofile');
CheckPermission('user.editavatars');
MakeCrumbs(array(actionLink('profile', $loguserid, '', $loguser['name']) => htmlspecialchars($loguser['displayname'] ? $loguser['displayname'] : $loguser['name']), actionLink("editavatars") => __("Mood avatars")));
if (isset($_POST['actionrename']) || isset($_POST['actiondelete']) || isset($_POST['actionadd'])) {
$mid = (int) $_POST['mid'];
if ($_POST['actionrename']) {
Query("update {moodavatars} set name={0} where mid={1} and uid={2}", $_POST['name'], $mid, $loguserid);
die(header('Location: ' . actionLink('editavatars')));
} else {
if ($_POST['actiondelete']) {
Query("delete from {moodavatars} where uid={0} and mid={1}", $loguserid, $mid);
Query("update {posts} set mood=0 where user={0} and mood={1}", $loguserid, $mid);
if (file_exists(DATA_DIR . "avatars/" . $loguserid . "_" . $mid)) {
unlink(DATA_DIR . "avatars/" . $loguserid . "_" . $mid);
}
die(header('Location: ' . actionLink('editavatars')));
} else {
if ($_POST['actionadd']) {
$highest = FetchResult("select mid from {moodavatars} where uid={0} order by mid desc limit 1", $loguserid);
if ($highest < 1) {
$highest = 1;
}
$mid = $highest + 1;
//Begin copypasta from edituser/editprofile_avatar...
if ($fname = $_FILES['picture']['name']) {
<?php
$title = __("Last posts");
MakeCrumbs(array(actionLink("lastposts") => __("Last posts")));
$allowedforums = ForumsWithPermission('forum.viewforum');
$time = $_GET['time'];
if ($time != 'new') {
$time = (int) $time;
}
if (!$time) {
$time = 86400;
}
$show = $_GET['show'];
if ($show != 'threads' && $show != 'posts') {
$show = 'threads';
}
$from = (int) $_GET['from'];
$fparam = $from ? '&from=' . $from : '';
$spans = array(3600 => __('1 hour'), 86400 => __('1 day'), 259200 => __('3 days'), 'new' => __('New posts'));
$options = array();
foreach ($spans as $span => $desc) {
if ($span == $time) {
$options[] = $desc;
} else {
$options[] = actionLinkTag($desc, 'lastposts', '', 'time=' . $span . '&show=' . $show . $fparam);
}
}
$options2 = array();
$options2[] = $show == 'threads' ? __('List threads') : actionLinkTag(__('Show threads'), 'lastposts', '', 'time=' . $time . '&show=threads' . $fparam);
$options2[] = $show == 'posts' ? __('Show posts') : actionLinkTag(__('Show posts'), 'lastposts', '', 'time=' . $time . '&show=posts' . $fparam);
RenderTemplate('lastposts_options', array('timelinks' => $options, 'misclinks' => $options2));
Kill(__('You may not edit permissions for this user.'));
}
MakeCrumbs(array(actionLink('admin') => __('Admin'), '' => __('Edit permissions for user: '******'displayname'] ? $user['displayname'] : $user['name'])));
} else {
if (isset($_GET['gid'])) {
CheckPermission('admin.editgroups');
$applyto = 0;
$id = (int) $_GET['gid'];
if (!$usergroups[$id]) {
Kill(__('Invalid group ID.'));
}
$targetrank = $usergroups[$id]['rank'];
if ($targetrank >= $loguserGroup['rank'] && !$loguser['root']) {
Kill(__('You may not edit permissions for this group.'));
}
MakeCrumbs(array(actionLink('admin') => __('Admin'), '' => __('Edit permissions for group: ') . htmlspecialchars($usergroups[$id]['name'])));
} else {
Kill(__('Invalid parameters.'));
}
}
if ($_POST['saveaction'] || $_POST['addfpermaction']) {
if ($_POST['token'] !== $loguser['token']) {
Kill(__('No.'));
}
if ($_POST['addfpermaction']) {
$fid = (int) $_POST['newforumid'];
foreach ($_POST as $k => $v) {
if (substr($k, 0, 8) != 'fperm_0_') {
continue;
}
if ($v == 0) {
<?php
$title = "Plugin Manager";
CheckPermission('admin.editsettings');
MakeCrumbs(array(actionLink("admin") => __("Admin"), actionLink("pluginmanager") => __("Plugin Manager")));
if ($_REQUEST['action'] == "enable") {
if ($_REQUEST['key'] != $loguser['token']) {
Kill("No.");
}
Query("insert into {enabledplugins} values ({0})", $_REQUEST['id']);
Upgrade();
die(header("location: " . actionLink("pluginmanager")));
}
if ($_REQUEST['action'] == "disable") {
if ($_REQUEST['key'] != $loguser['token']) {
Kill("No.");
}
Query("delete from {enabledplugins} where plugin={0}", $_REQUEST['id']);
die(header("location: " . actionLink("pluginmanager")));
}
$cell = 0;
$pluginsDir = @opendir("plugins");
$enabledplugins = array();
$disabledplugins = array();
$pluginDatas = array();
if ($pluginsDir !== FALSE) {
while (($plugin = readdir($pluginsDir)) !== FALSE) {
if ($plugin == "." || $plugin == "..") {
continue;
}
if (is_dir("./plugins/" . $plugin)) {
<?php
// AcmlmBoard XD - User account registration page
// Access: any, but meant for guests.
require 'config/kurikey.php';
$title = __("Register");
MakeCrumbs(array('' => __('Register')));
$sexes = array(__("Male"), __("Female"), __("N/A"));
if ($_POST['register']) {
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$kuridata = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, md5(KURIKEY, true), base64_decode($_POST['kuridata']), MCRYPT_MODE_ECB, $iv);
if (!$kuridata) {
Kill('Hack attempt detected');
}
$kuridata = explode('|', $kuridata);
if (count($kuridata) != 3) {
Kill('Hack attempt detected');
}
$kuriseed = intval($kuridata[0]);
$check = intval($kuridata[1]);
$kurichallenge = $kuridata[2];
$kurichallenge = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, md5(KURIKEY . $check, true), base64_decode($kurichallenge), MCRYPT_MODE_ECB, $iv);
if (!$kurichallenge) {
Kill('Hack attempt detected');
}
$kurichallenge = explode('|', $kurichallenge);
if (count($kurichallenge) != 3) {
Kill('Hack attempt detected');
}
if ($kurichallenge[0] != $kuridata[0]) {
}
$thread = Fetch($thread);
if (!HasPermission('forum.viewforum', $thread['forum'])) {
Kill(__("Nice try, hacker kid, but no."));
}
if ($_GET['action'] == 'add') {
Query("INSERT IGNORE INTO {favorites} (user,thread) VALUES ({0},{1})", $loguserid, $tid);
} else {
Query("DELETE FROM {favorites} WHERE user={0} AND thread={1}", $loguserid, $tid);
}
die(header('Location: ' . $_SERVER['HTTP_REFERER']));
}
}
$title = 'Favorites';
$links = array(actionLinkTag(__("Mark threads read"), 'favorites', 0, 'action=markasread'));
MakeCrumbs(array(actionLink('favorites') => 'Favorites'), $links);
$viewableforums = ForumsWithPermission('forum.viewforum');
$total = FetchResult("SELECT COUNT(*) FROM {threads} t INNER JOIN {favorites} fav ON fav.user={0} AND fav.thread=t.id WHERE t.forum IN ({1c})", $loguserid, $viewableforums);
$tpp = $loguser['threadsperpage'];
if (isset($_GET['from'])) {
$from = (int) $_GET['from'];
} else {
$from = 0;
}
if (!$tpp) {
$tpp = 50;
}
$rThreads = Query("\tSELECT\n\t\t\t\t\t\tt.*,\n\t\t\t\t\t\ttr.date readdate,\n\t\t\t\t\t\tsu.(_userfields),\n\t\t\t\t\t\tlu.(_userfields),\n\t\t\t\t\t\tf.(id,title)\n\t\t\t\t\tFROM\n\t\t\t\t\t\t{threads} t\n\t\t\t\t\t\tINNER JOIN {favorites} fav ON fav.user={0} AND fav.thread=t.id\n\t\t\t\t\t\tLEFT JOIN {threadsread} tr ON tr.thread=t.id AND tr.id={0}\n\t\t\t\t\t\tLEFT JOIN {users} su ON su.id=t.user\n\t\t\t\t\t\tLEFT JOIN {users} lu ON lu.id=t.lastposter\n\t\t\t\t\t\tLEFT JOIN {forums} f ON f.id=t.forum\n\t\t\t\t\tWHERE f.id IN ({3c})\n\t\t\t\t\tORDER BY sticky DESC, lastpostdate DESC LIMIT {1u}, {2u}", $loguserid, $from, $tpp, $viewableforums);
$numonpage = NumRows($rThreads);
$pagelinks = PageLinks(actionLink('favorites', '', 'from='), $tpp, $from, $total);
if (NumRows($rThreads)) {
<?php
CheckPermission('admin.ipsearch');
$ip = $_GET["id"];
if (!filter_var($ip, FILTER_VALIDATE_IP)) {
Kill("Invalid IP");
}
$links = array();
$links[] = "<a href=\"http://dnsquery.org/ipwhois/{$ip}\" target=\"_blank\">Whois Query</a>";
$links[] = "<a onclick=\"if(confirm('Are you sure you want to IP-ban {$ip}?')) {document.getElementById('banform').submit();} return false;\" href=\"#\">IP Ban</a>";
MakeCrumbs(array(actionLink("admin") => __("Admin"), actionLink("ipbans") => __("IP ban manager"), '' => $ip), $links);
$rUsers = Query("select * from {users} where lastip={0}", $ip);
echo "<h3>Users with this IP</h3>";
$userList = "";
$ipBanComment = "";
$i = 1;
if (NumRows($rUsers)) {
while ($user = Fetch($rUsers)) {
$ipBanComment .= $user["name"] . " ";
$cellClass = ($cellClass + 1) % 2;
if ($user['lasturl']) {
$lastUrl = "<a href=\"" . $user['lasturl'] . "\">" . $user['lasturl'] . "</a>";
} else {
$lastUrl = __("None");
}
$userList .= format("\n\t\t<tr class=\"cell{0}\">\n\t\t\t<td>\n\t\t\t\t{1}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{2}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{3}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{4}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{5}\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{6}\n\t\t\t</td>\n\t\t</tr>\n\t", $cellClass, $i, UserLink($user), cdate("d-m-y G:i:s", $user['lastactivity']), $user['lastposttime'] ? cdate("d-m-y G:i:s", $user['lastposttime']) : __("Never"), $lastUrl, formatIP($user['lastip']));
$i++;
}
} else {
$userList = "<tr class=\"cell0\"><td colspan=\"6\">" . __("No users") . "</td></tr>";
}
if ($pm['drafting'] && !$snoop) {
Kill(__("Unknown PM"));
}
//could say "PM is addresssed to you, but is being drafted", but what they hey?
$rUser = Query("select * from {users} where id = {0}", $pm['userfrom']);
if (NumRows($rUser)) {
$user = Fetch($rUser);
} else {
Kill(__("Unknown user."));
}
$links = array();
if (!$snoop && $pm['userto'] == $loguserid) {
Query("update {pmsgs} set msgread=1 where id={0}", $pm['id']);
DismissNotification('pm', $pm['id'], $loguserid);
$links[] = actionLinkTag(__("Send reply"), "sendprivate", "", "pid=" . $pm['id']);
} else {
if ($_GET['markread']) {
Query("update {pmsgs} set msgread=1 where id={0}", $pm['id']);
DismissNotification('pm', $pm['id'], -1);
die(header('Location: ' . actionLink('private')));
}
}
$pmtitle = htmlspecialchars($pm['title']);
MakeCrumbs(array(actionLink("private") => __("Private messages"), '' => $pmtitle), $links);
$pm['num'] = 0;
$pm['posts'] = $user['posts'];
$pm['id'] = 0;
foreach ($user as $key => $value) {
$pm['u_' . $key] = $value;
}
MakePost($pm, POST_PM);
$forumList .= Format("\n\t\t<tr class=\"cell{0}\">\n\t\t\t<td class=\"cell2 threadIcon\">{1}</td>\n\t\t\t<td class=\"threadIcon\" style=\"border-right: 0px none;\">\n\t\t\t\t{2}\n\t\t\t</td>\n\t\t\t<td style=\"border-left: 0px none;\">\n\t\t\t\t{3}\n\t\t\t\t<a href=\"thread.php?id={4}\">\n\t\t\t\t\t{5}\n\t\t\t\t</a>\n\t\t\t\t{6}\n\t\t\t\t{7}\n\t\t\t</td>\n\t\t\t<td class=\"center\">\n\t\t\t\t{8}\n\t\t\t</td>\n\t\t\t<td class=\"center\">\n\t\t\t\t{9}\n\t\t\t</td>\n\t\t\t<td class=\"center\">\n\t\t\t\t{10}\n\t\t\t</td>\n\t\t\t<td class=\"smallFonts center\">\n\t\t\t\t{11}<br />\n\t\t\t\t" . __("by") . " {12} {13}</td>\n\t\t</tr>\n", $cellClass, $NewIcon, $ThreadIcon, $poll, $thread['id'], strip_tags($thread['title']), $pl, $tags, UserLink($starter), $thread['replies'], $thread['views'], cdate($dateformat, $thread['lastpostdate']), UserLink($last), $lastLink);
}
Write("\n\t<table class=\"outline margin width100\">\n\t\t<tr class=\"header1\">\n\t\t\t<th style=\"width: 20px;\"> </th>\n\t\t\t<th style=\"width: 16px;\"> </th>\n\t\t\t<th style=\"width: 60%;\">" . __("Title") . "</th>\n\t\t\t<th>" . __("Started by") . "</th>\n\t\t\t<th>" . __("Replies") . "</th>\n\t\t\t<th>" . __("Views") . "</th>\n\t\t\t<th>" . __("Last post") . "</th>\n\t\t</tr>\n\t\t{0}\n\t</table>\n", $forumList);
} else {
if ($forum['minpowerthread'] > $loguser['powerlevel']) {
Alert(__("You cannot start any threads here."), __("Empty forum"));
} elseif ($loguserid) {
Alert(format(__("Would you like to {0}post something{1}?"), "<a href=\"newthread.php?id=" . $fid . "\">", "</a>"), __("Empty forum"));
} else {
Alert(format(__("{0}Log in{1} so you can post something."), "<a href=\"login.php\">", "</a>"), __("Empty forum"));
}
}
if ($pagelinks) {
Write("<div class=\"smallFonts pages\">" . __("Pages:") . " {0}</div>", $pagelinks);
}
MakeCrumbs(array(__("Main") => "./", $forum['title'] => "forum.php?id=" . $fid), $links);
ForumJump();
function ForumJump()
{
global $fid, $loguser;
$pl = $loguser['powerlevel'];
if ($pl < 0) {
$pl = 0;
}
$lastCatID = -1;
$rFora = Query("\tSELECT \n\t\t\t\t\t\t\tf.id, f.title, f.catid,\n\t\t\t\t\t\t\tc.name cname\n\t\t\t\t\t\tFROM \n\t\t\t\t\t\t\tforums f\n\t\t\t\t\t\t\tLEFT JOIN categories c ON c.id=f.catid\n\t\t\t\t\t\tWHERE c.minpower<=" . $pl . " AND f.minpower<=" . $pl . ($pl < 1 ? " AND f.hidden=0" : '') . "\n\t\t\t\t\t\tORDER BY c.corder, c.id, f.forder");
$theList = "";
$optgroup = "";
while ($forum = Fetch($rFora)) {
if ($forum['catid'] != $lastCatID) {
$lastCatID = $forum['catid'];
<?php
CheckPermission('admin.ipsearch');
$title = 'Rereg radar';
MakeCrumbs(array(actionLink("admin") => "Admin", actionLink('reregs') => 'Rereg radar'));
$ipm = Query("SELECT u.(_userfields), u.(lastactivity,lastip) FROM {users} u WHERE (SELECT COUNT(*) FROM {users} u2 WHERE u2.lastip=u.lastip)>1 ORDER BY lastactivity DESC");
$ipmatches = array();
while ($match = Fetch($ipm)) {
$ipmatches[$match['u_lastip']][] = $match;
}
foreach ($ipmatches as $ip => $match) {
$date = 0;
foreach ($match as $user) {
if ($user['u_lastactivity'] > $date) {
$date = $user['u_lastactivity'];
}
}
$ipmatches[$ip]['date'] = $date;
}
$passm = Query("SELECT u.(_userfields), m.(date,user,matches) FROM {passmatches} m LEFT JOIN {users} u ON u.id=m.user ORDER BY date DESC");
$passmatches = array();
while ($match = Fetch($passm)) {
$passmatches[$match['m_user']] = $match;
}
?>
<table class="outline margin">
<tr class="header1">
<th>Rereg radar</th>
</tr>
<tr class="cell2 center">
<td>
<?php
if (!defined('BLARG')) {
die;
}
//Category/forum editor -- By Nikolaj
//Secured and improved by Dirbaio
// Adapted to Blargboard by StapleButter.
$title = __("Edit forums");
CheckPermission('admin.editforums');
MakeCrumbs(array(actionLink("admin") => __("Admin"), actionLink("editfora") => __("Edit forum list")));
/**
Okay. Much like the category editor, now the action is specified by $_POST["action"].
Possible actions are:
- updateforum: Updates the settings of a forum in the DB.
- addforum: Adds a new forum to the DB.
- deleteforum: Deletes a forum from the DB. Also, depending on $_GET["threads"]: (NOT YET)
- "delete": DELETES all threads and posts in the DB.
- "trash": TRASHES all the threads (move to trash and close)
- "move": MOVES the threads to forum ID $_POST["threadsmove"]
- "leave": LEAVES all the threads untouched in the DB (like the old forum editor. Not recommended. Will cause "invisible posts" that will still count towards user's postcounts)
- forumtable: Returns the forum table for the left panel.
- editforum: Returns the HTML code for the forum settings in right panel.
- editforumnew: Returns the forum edit box to create a new forum. This way the huge HTML won't be duplicated in the code.
- editforum: Returns the forum edit box to edit a forum.
PERMISSION EDITING PRESETS
}
}
if (HasPermission('mod.trashthreads', $fid) && Settings::get('trashForum')) {
if ($forum['id'] != Settings::get('trashForum')) {
$links[] = actionLinkTag(__("Trash"), "editthread", $tid, "action=trash&key=" . $loguser['token']);
}
}
if (HasPermission('mod.deletethreads', $fid) && Settings::get('secretTrashForum')) {
if ($forum['id'] != Settings::get('secretTrashForum')) {
$links[] = actionLinkTagConfirm(__("Delete"), __("Are you sure you want to just up and delete this whole thread?"), "editthread", $tid, "action=delete&key=" . $loguser['token']);
}
}
}
$OnlineUsersFid = $fid;
LoadPostToolbar();
MakeCrumbs(forumCrumbs($forum) + array(actionLink("thread", $tid, '', $urlname) => $threadtags[0]), $links);
if ($thread['poll']) {
$poll = Fetch(Query("SELECT p.*,\n\t\t\t\t\t\t\t(SELECT COUNT(DISTINCT user) FROM {pollvotes} pv WHERE pv.poll = p.id) as users,\n\t\t\t\t\t\t\t(SELECT COUNT(*) FROM {pollvotes} pv WHERE pv.poll = p.id) as votes\n\t\t\t\t\t\t FROM {poll} p\n\t\t\t\t\t\t WHERE p.id={0}", $thread['poll']));
if (!$poll) {
Kill(__("Poll not found"));
}
$totalVotes = $poll['users'];
$rOptions = Query("SELECT pc.*,\n\t\t\t\t\t\t\t(SELECT COUNT(*) FROM {pollvotes} pv WHERE pv.poll = {0} AND pv.choiceid = pc.id) as votes,\n\t\t\t\t\t\t\t(SELECT COUNT(*) FROM {pollvotes} pv WHERE pv.poll = {0} AND pv.choiceid = pc.id AND pv.user = {1}) as myvote\n\t\t\t\t\t FROM {poll_choices} pc\n\t\t\t\t\t WHERE poll={0}", $thread['poll'], $loguserid);
$pops = 0;
$noColors = 0;
$defaultColors = array("#0000B6", "#00B600", "#00B6B6", "#B60000", "#B600B6", "#B66700", "#B6B6B6", "#676767", "#6767FF", "#67FF67", "#67FFFF", "#FF6767", "#FF67FF", "#FFFF67", "#FFFFFF");
$pdata = array();
$pdata['question'] = htmlspecialchars($poll['question']);
$pdata['options'] = array();
while ($option = Fetch($rOptions)) {
$odata = array();
<?php
if (!$loguser['root']) {
Kill(__("You're not an administrator. There is nothing for you here."));
}
MakeCrumbs(array(actionLink("admin") => __("Admin"), actionLink("optimize") => __("Optimize tables")));
$rStats = Query("show table status");
while ($stat = Fetch($rStats)) {
$tables[$stat['Name']] = $stat;
}
$tablelist = "";
$total = 0;
foreach ($tables as $table) {
$cellClass = ($cellClass + 1) % 2;
$overhead = $table['Data_free'];
$total += $overhead;
$status = __("OK");
if ($overhead > 0) {
Query("OPTIMIZE TABLE `{" . $table['Name'] . "}`");
$status = "<strong>" . __("Optimized") . "</strong>";
}
$tablelist .= format("\n\t<tr class=\"cell{0}\">\n\t\t<td class=\"cell2\">{1}</td>\n\t\t<td>\n\t\t\t{2}\n\t\t</td>\n\t\t<td>\n\t\t\t{3}\n\t\t</td>\n\t\t<td>\n\t\t\t{4}\n\t\t</td>\n\t</tr>\n", $cellClass, $table['Name'], $table['Rows'], $overhead, $status);
}
write("\n<table class=\"outline margin\">\n\t<tr class=\"header0\">\n\t\t<th colspan=\"7\">\n\t\t\t" . __("Table Status") . "\n\t\t</th>\n\t</tr>\n\t<tr class=\"header1\">\n\t\t<th>\n\t\t\t" . __("Name") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Rows") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Overhead") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Final Status") . "\n\t\t</th>\n\t</tr>\n\t{0}\n\t<tr class=\"header0\">\n\t\t<th colspan=\"7\" style=\"font-size: 130%;\">\n\t\t\t" . __("Excess trimmed: {1} bytes") . "\n\t\t</th>\n\t</tr>\n</table>\n\n", $tablelist, $total);
}
if (!$thread['sticky']) {
$mod .= "<label><input type=\"checkbox\" name=\"stick\"> " . __("Sticky", 1) . "</label>\n";
} else {
$mod .= "<label><input type=\"checkbox\" name=\"unstick\"> " . __("Unstick", 1) . "</label>\n";
}
$mod .= "\n\n";
}
write("\n\t<table style=\"width: 100%;\">\n\t\t<tr>\n\t\t\t<td style=\"vertical-align: top; border: none;\">\n\t\t\t\t<form action=\"newreply.php\" method=\"post\">\n\t\t\t\t\t<input type=\"hidden\" name=\"ninja\" value=\"{0}\" />\n\t\t\t\t\t<table class=\"outline margin width100\">\n\t\t\t\t\t\t<tr class=\"header1\">\n\t\t\t\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t\t\t\t" . __("New reply") . "\n\t\t\t\t\t\t\t</th>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell0\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<label for=\"uname\">\n\t\t\t\t\t\t\t\t\t" . __("User name", 1) . "\n\t\t\t\t\t\t\t\t</label>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"text\" id=\"uname\" name=\"username\" value=\"{1}\" size=\"32\" maxlength=\"32\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell1\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<label for=\"upass\">\n\t\t\t\t\t\t\t\t\t" . __("Password") . "\n\t\t\t\t\t\t\t\t</label>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"password\" id=\"upass\" name=\"password\" value=\"{2}\" size=\"32\" maxlength=\"32\" />\n\t\t\t\t\t\t\t\t<img src=\"img/icons/icon5.png\" title=\"" . __("If you want to post under another account without having to log out, enter that account's user name and password here. Leave the password field blank to use the current account ({10}).") . "\" alt=\"[?]\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell0\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<label for=\"text\">\n\t\t\t\t\t\t\t\t\t" . __("Post") . "\n\t\t\t\t\t\t\t\t</label>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<textarea id=\"text\" name=\"text\" rows=\"16\" style=\"width: 98%;\">{3}</textarea>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell2\">\n\t\t\t\t\t\t\t<td></td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Post") . "\" /> \n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Preview") . "\" />\n\t\t\t\t\t\t\t\t<select size=\"1\" name=\"mood\">\n\t\t\t\t\t\t\t\t\t{4}\n\t\t\t\t\t\t\t\t</select>\n\t\t\t\t\t\t\t\t<label>\n\t\t\t\t\t\t\t\t\t<input type=\"checkbox\" name=\"nopl\" {5} /> " . __("Disable post layout", 1) . "\n\t\t\t\t\t\t\t\t</label>\n\t\t\t\t\t\t\t\t<label>\n\t\t\t\t\t\t\t\t\t<input type=\"checkbox\" name=\"nosm\" {6} /> " . __("Disable smilies", 1) . "\n\t\t\t\t\t\t\t\t</label>\n\t\t\t\t\t\t\t\t<label>\n\t\t\t\t\t\t\t\t\t<input type=\"checkbox\" name=\"nobr\" {9} /> " . __("Disable auto-<br>", 1) . "\n\t\t\t\t\t\t\t\t</label>\n\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"id\" value=\"{7}\" />\n\t\t\t\t\t\t\t\t{8}\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t\t</form>\n\t\t\t</td>\n\t\t\t<td style=\"width: 20%; vertical-align: top; border: none;\">\n", $ninja, htmlval($postingAsUser['name']), $_POST['password'], $prefill, $moodOptions, $nopl, $nosm, $tid, $mod, $nobr, htmlspecialchars($loguser['name']));
DoSmileyBar();
DoPostHelp();
write("\n\t\t\t</td>\n\t\t</tr>\n\t</table>\n");
$qPosts = "select ";
$qPosts .= "posts.id, posts.date, posts.num, posts.deleted, posts.options, posts.mood, posts.ip, posts_text.text, posts_text.text, posts_text.revision, users.id as uid, users.name, users.displayname, users.rankset, users.powerlevel, users.sex, users.posts";
$qPosts .= " from posts left join posts_text on posts_text.pid = posts.id and posts_text.revision = posts.currentrevision left join users on users.id = posts.user";
$qPosts .= " where thread=" . $tid . " and deleted=0 order by date desc limit 0, 20";
$rPosts = Query($qPosts);
if (NumRows($rPosts)) {
$posts = "";
while ($post = Fetch($rPosts)) {
$cellClass = ($cellClass + 1) % 2;
$poster = $post;
$poster['id'] = $post['uid'];
$nosm = $post['options'] & 2;
$nobr = $post['options'] & 4;
$posts .= Format("\n\t\t<tr>\n\t\t\t<td class=\"cell2\" style=\"width: 15%; vertical-align: top;\">\n\t\t\t\t{1}\n\t\t\t</td>\n\t\t\t<td class=\"cell{0}\">\n\t\t\t\t<button style=\"float: right;\" onclick=\"insertQuote({2});\">" . __("Quote") . "</button>\n\t\t\t\t<button style=\"float: right;\" onclick=\"insertChanLink({2});\">" . __("Link") . "</button>\n\t\t\t\t{3}\n\t\t\t</td>\n\t\t</tr>\n", $cellClass, UserLink($poster), $post['id'], CleanUpPost($post['text'], $poster['name'], $nosm, $nobr));
}
Write("\n\t<table class=\"outline margin\">\n\t\t<tr class=\"header0\">\n\t\t\t<th colspan=\"2\">" . __("Thread review") . "</th>\n\t\t</tr>\n\t\t{0}\n\t</table>\n", $posts);
}
MakeCrumbs(array(__("Main") => "./", $forum['title'] => "forum.php?id=" . $fid, $titleandtags => "thread.php?id=" . $tid, __("New reply") => ""), $links);
}
$qPM = "insert into pmsgs (userto, userfrom, date, ip, msgread) values (" . $recipient . ", " . $loguserid . ", " . time() . ", '" . $_SERVER['REMOTE_ADDR'] . "', 0)";
$rPM = Query($qPM);
$pid = mysql_insert_id();
$qPMT = "insert into pmsgs_text (pid,title,text) values (" . $pid . ", '" . justEscape($_POST['title']) . "', '" . $post . "')";
$rPMT = Query($qPMT);
}
Redirect(__("PM sent!"), "private.php?show=1", __("your PM outbox"));
exit;
}
} else {
Alert(__("Enter a message and try again."), __("Your PM is empty."));
}
} else {
Alert(__("Enter a title and try again."), __("Your PM is untitled."));
}
}
//if($_POST['text']) $prefill = htmlval($_POST['text']);
//if($_POST['title']) $trefill = htmlval($_POST['title']);
$prefill = $pm['text'];
$trefill = $pmtitle;
MakePost($pm, 0, 0, 1);
Write("\n\t<table style=\"width: 100%;\">\n\t\t<tr>\n\t\t\t<td style=\"vertical-align: top; border: none;\">\n\t\t\t\t<form action=\"showprivate.php\" method=\"post\">\n\t\t\t\t\t<table class=\"outline margin width100\">\n\t\t\t\t\t\t<tr class=\"header1\">\n\t\t\t\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t\t\t\t" . __("Edit Draft") . "\n\t\t\t\t\t\t\t</th>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell0\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t" . __("To") . "\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"text\" name=\"to\" style=\"width: 98%;\" maxlength=\"1024\" value=\"{2}\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell1\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t" . __("Title") . "\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"text\" name=\"title\" style=\"width: 98%;\" maxlength=\"60\" value=\"{1}\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<tr class=\"cell0\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t" . __("Message") . "\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<textarea id=\"text\" name=\"text\" rows=\"16\" style=\"width: 98%;\">{0}</textarea>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell2\">\n\t\t\t\t\t\t\t<td></td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Send") . "\" /> \n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Preview") . "\" />\n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Update Draft") . "\" /> \n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Discard Draft") . "\" /> \n\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"id\" value=\"{3}\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t\t</form>\n\t\t\t</td>\n\t\t\t<td style=\"width: 200px; vertical-align: top; border: none;\">\n", $prefill, $trefill, $to, $pmid);
DoSmileyBar();
DoPostHelp();
Write("\n\t\t\t</td>\n\t\t</tr>\n\t</table>\n");
} else {
MakePost($pm, 0, 0, 1);
}
MakeCrumbs(array("Main" => "./", "Private messages" => "private.php", $pmtitle => ""), $links);
return;
}
$fid = $forum['id'];
$total = $forum['numthreads'];
if (isset($_GET['from'])) {
$from = (int) $_GET['from'];
} else {
$from = 0;
}
$tpp = 5;
//echo '<br>';
$links = array('<a href="' . BOARD_ROOT . 'rss.php">' . __('RSS feed') . '</a>');
if (HasPermission('forum.postthreads', $forum['id'])) {
$links[] = actionLinkTag(__('Post new'), 'newthread', $forum['id']);
}
MakeCrumbs(array(), $links);
$rThreads = Query("\tSELECT \n\t\t\t\t\t\tt.id, t.title, t.closed, t.replies, t.lastpostid,\n\t\t\t\t\t\tp.id pid, p.date,\n\t\t\t\t\t\tpt.text,\n\t\t\t\t\t\tsu.(_userfields),\n\t\t\t\t\t\tlu.(_userfields)\n\t\t\t\t\tFROM \n\t\t\t\t\t\t{threads} t\n\t\t\t\t\t\tLEFT JOIN {posts} p ON p.thread=t.id AND p.id=t.firstpostid\n\t\t\t\t\t\tLEFT JOIN {posts_text} pt ON pt.pid=p.id AND pt.revision=p.currentrevision\n\t\t\t\t\t\tLEFT JOIN {users} su ON su.id=t.user\n\t\t\t\t\t\tLEFT JOIN {users} lu ON lu.id=t.lastposter\n\t\t\t\t\tWHERE t.forum={0} AND p.deleted=0\n\t\t\t\t\tORDER BY p.date DESC LIMIT {1u}, {2u}", $fid, $from, $tpp);
$numonpage = NumRows($rThreads);
$pagelinks = PageLinks(actionLink('home', '', 'from='), $tpp, $from, $total);
RenderTemplate('pagelinks', array('pagelinks' => $pagelinks, 'position' => 'top'));
while ($thread = Fetch($rThreads)) {
$pdata = array();
$starter = getDataPrefix($thread, 'su_');
$last = getDataPrefix($thread, 'lu_');
$tags = ParseThreadTags($thread['title']);
$pdata['title'] = $tags[0];
$pdata['formattedDate'] = formatdate($thread['date']);
$pdata['userlink'] = UserLink($starter);
$pdata['text'] = CleanUpPost($thread['text'], $starter['name'], false, false);
if (!$thread['replies']) {
$comments = 'No comments yet';