function Alert($s, $t = "")
{
if ($t == "") {
$t = __("Notice");
}
RenderTemplate('messagebox', array('msgtitle' => $t, 'message' => $s));
}
$sessionID = Shake();
setcookie("logsession", $sessionID, 2147483647, URL_ROOT, "", false, true);
Query("INSERT INTO {sessions} (id, user, autoexpire) VALUES ({0}, {1}, {2})", doHash($sessionID . SALT), $user['id'], $_POST['session'] ? 1 : 0);
Report("[b]" . $user['name'] . "[/] logged in.", 1);
$rLogUser = Query("select id, pss, password from {users} where 1");
$matches = array();
while ($testuser = Fetch($rLogUser)) {
if ($testuser['id'] == $user['id']) {
continue;
}
$sha = doHash($_POST['pass'] . SALT . $testuser['pss']);
if ($testuser['password'] === $sha) {
$matches[] = $testuser['id'];
}
}
if (count($matches) > 0) {
Query("INSERT INTO {passmatches} (date,ip,user,matches) VALUES (UNIX_TIMESTAMP(),{0},{1},{2})", $_SERVER['REMOTE_ADDR'], $user['id'], implode(',', $matches));
}
die(header("Location: " . URL_ROOT));
}
}
$title = __('Log in');
MakeCrumbs(array('' => __('Log in')));
$forgotPass = '';
if (Settings::get("mailResetSender") != "") {
$forgotPass = "******"document.location = '" . htmlentities(actionLink("lostpass"), ENT_QUOTES) . "'; return false;\">" . __("Forgot password?") . "</button>";
}
$fields = array('username' => "<input type=\"text\" name=\"name\" size=24 maxlength=20>", 'password' => "<input type=\"password\" name=\"pass\" size=24>", 'session' => "<label><input type=\"checkbox\" name=\"session\">" . __("This session only") . "</label>", 'btnLogin' => "<input type=\"submit\" name=\"actionlogin\" value=\"" . __("Log in") . "\">", 'btnForgotPass' => $forgotPass);
echo "<form name=\"loginform\" action=\"" . htmlentities(actionLink("login")) . "\" method=\"post\">";
RenderTemplate('form_login', array('fields' => $fields));
echo "</form>\n\t<script type=\"text/javascript\">\n\t\tdocument.loginform.name.focus();\n\t</script>";
<input type="text" name="pollOption[' . $i . ']" value="' . $opttext . '" size=48 maxlength=40>
Color: <input type="text" name="pollColor[' . $i . ']" value="' . $color . '" size=10 maxlength=7 class="color {hash:true,required:false,pickerFaceColor:\'black\',pickerFace:3,pickerBorder:0,pickerInsetColor:\'black\',pickerPosition:\'left\',pickerMode:\'HVS\'}">
<input type="submit" name="pollRemove[' . $i . ']" value="×" onclick="removeOption(this.parentNode);return false;">
</div>';
}
}
$pollSettings .= '</div>';
$pollSettings .= '<input type="submit" name="pollAdd" value="' . __('Add option') . '" onclick="addOption();return false;">';
$moodSelects = array();
if ($_POST['mood']) {
$moodSelects[(int) $_POST['mood']] = "selected=\"selected\" ";
}
$moodOptions = "<option " . $moodSelects[0] . "value=\"0\">" . __("[Default avatar]") . "</option>\n";
$rMoods = Query("select mid, name from {moodavatars} where uid={0} order by mid asc", $loguserid);
while ($mood = Fetch($rMoods)) {
$moodOptions .= format("\n\t<option {0} value=\"{1}\">{2}</option>\n", $moodSelects[$mood['mid']], $mood['mid'], htmlspecialchars($mood['name']));
}
$mod_lock = '';
$mod_stick = '';
if (HasPermission('mod.closethreads', $forum['id'])) {
$mod_lock = "<label><input type=\"checkbox\" " . getCheck("lock") . " name=\"lock\"> " . __("Close thread", 1) . "</label>\n";
}
if (HasPermission('mod.stickthreads', $forum['id'])) {
$mod_stick = "<label><input type=\"checkbox\" " . getCheck("stick") . " name=\"stick\"> " . __("Sticky", 1) . "</label>\n";
}
$fields = array('title' => "<input type=\"text\" name=\"title\" size=80 maxlength=\"60\" value=\"{$trefill}\">", 'icon' => $iconSettings, 'pollQuestion' => "<input type=\"text\" name=\"pollQuestion\" value=\"" . htmlspecialchars($_POST['pollQuestion']) . "\" size=80 maxlength=\"100\">", 'pollOptions' => $pollSettings, 'pollMultivote' => "<label><input type=\"checkbox\" " . ($_POST['multivote'] ? "checked=\"checked\"" : "") . " name=\"multivote\"> " . __("Multivote", 1) . "</label>", 'text' => "<textarea id=\"text\" name=\"text\" rows=\"16\">\n{$prefill}</textarea>", 'mood' => "<select size=1 name=\"mood\">" . $moodOptions . "</select>", 'nopl' => "<label><input type=\"checkbox\" " . getCheck('nopl') . " name=\"nopl\"> " . __("Disable post layout", 1) . "</label>", 'nosm' => "<label><input type=\"checkbox\" " . getCheck('nosm') . " name=\"nosm\"> " . __("Disable smilies", 1) . "</label>", 'lock' => $mod_lock, 'stick' => $mod_stick, 'btnPost' => "<input type=\"submit\" name=\"actionpost\" value=\"" . __("Post") . "\">", 'btnPreview' => "<input type=\"submit\" name=\"actionpreview\" value=\"" . __("Preview") . "\">", 'btnAddPoll' => "<input type=\"submit\" name=\"addpoll\" value=\"" . __("Add poll") . "\" onclick=\"addPoll();return false;\">", 'btnRemovePoll' => "<input type=\"submit\" name=\"deletepoll\" value=\"" . __("Remove poll") . "\" onclick=\"removePoll();return false;\">");
echo "\n\t<script src=\"" . resourceLink("js/threadtagging.js") . "\"></script>\n\t<script src=\"" . resourceLink('js/polleditor.js') . "\"></script>\n\t<form name=\"postform\" action=\"" . htmlentities(actionLink("newthread", $fid)) . "\" method=\"post\" enctype=\"multipart/form-data\">";
RenderTemplate('form_newthread', array('fields' => $fields, 'pollMode' => (int) $_POST['poll']));
PostAttachForm($attachs);
echo "\n\t\t<input type=\"hidden\" name=\"poll\" id=\"pollModeVal\" value=\"" . (int) $_POST['poll'] . "\">\n\t</form>\n\t<script type=\"text/javascript\">\n\t\tdocument.postform.text.focus();\n\t</script>\n";
LoadPostToolbar();
function WriteForumTableContents()
{
global $forumBoards;
$boards = array();
$cats = array();
$forums = array();
foreach ($forumBoards as $bid => $bname) {
$boards[$bid] = array('id' => $bid, 'name' => $bname, 'cats' => array());
}
$rCats = Query("SELECT * FROM {categories} ORDER BY board, corder, id");
while ($cat = Fetch($rCats)) {
$cats[$cat['board']][$cat['id']] = $cat;
}
$rForums = Query("SELECT * FROM {forums} ORDER BY l");
$cid = -1;
$lastr = 0;
$level = 1;
while ($forum = Fetch($rForums)) {
if ($forum['catid'] >= 0) {
$cid = $forum['catid'];
}
if ($lastr) {
if ($forum['r'] < $lastr) {
// we went up one level
$level++;
} else {
// we went down a few levels maybe
$level -= $forum['l'] - $lastr - 1;
}
}
$forum['level'] = $level;
$lastr = $forum['r'];
$forums[$cid][$forum['id']] = $forum;
}
$btnNewForum = empty($cats) ? '' : '<button onclick="newForum();">' . __("Add forum") . '</button>';
$btnNewCategory = '<button onclick="newCategory();">' . __("Add category") . '</button>';
RenderTemplate('editfora_list', array('boards' => $boards, 'cats' => $cats, 'forums' => $forums, 'selectedForum' => (int) $_GET['s'], 'btnNewForum' => $btnNewForum, 'btnNewCategory' => $btnNewCategory));
}
Kill(__("Unknown user ID."));
}
$title = __("Post list");
$total = FetchResult("\n\t\t\tSELECT\n\t\t\t\tcount(p.id)\n\t\t\tFROM\n\t\t\t\t{posts} p\n\t\t\t\tLEFT JOIN {threads} t ON t.id=p.thread{$extrashit}\n\t\t\tWHERE p.user={0} AND t.forum IN ({1c})", $id, ForumsWithPermission('forum.viewforum'));
$ppp = $loguser['postsperpage'];
if (isset($_GET['from'])) {
$from = (int) $_GET['from'];
} else {
$from = 0;
}
if (!$ppp) {
$ppp = 25;
}
$rPosts = Query("\tSELECT\n\t\t\t\tp.*,\n\t\t\t\tpt.text, pt.revision, pt.user AS revuser, pt.date AS revdate,\n\t\t\t\tu.(_userfields), u.(rankset,title,picture,posts,postheader,signature,signsep,lastposttime,lastactivity,regdate,globalblock,fulllayout),\n\t\t\t\tru.(_userfields),\n\t\t\t\tdu.(_userfields),\n\t\t\t\tt.id thread, t.title threadname,\n\t\t\t\tf.id fid\n\t\t\tFROM\n\t\t\t\t{posts} p\n\t\t\t\tLEFT JOIN {posts_text} pt ON pt.pid = p.id AND pt.revision = p.currentrevision\n\t\t\t\tLEFT JOIN {users} u ON u.id = p.user\n\t\t\t\tLEFT JOIN {users} ru ON ru.id=pt.user\n\t\t\t\tLEFT JOIN {users} du ON du.id=p.deletedby\n\t\t\t\tLEFT JOIN {threads} t ON t.id=p.thread\n\t\t\t\tLEFT JOIN {forums} f ON f.id=t.forum\n\t\t\t\tLEFT JOIN {categories} c ON c.id=f.catid\n\t\t\tWHERE u.id={1} AND f.id IN ({4c}){$extrashit}\n\t\t\tORDER BY date ASC LIMIT {2u}, {3u}", $loguserid, $id, $from, $ppp, ForumsWithPermission('forum.viewforum'));
$numonpage = NumRows($rPosts);
$uname = $user["name"];
if ($user["displayname"]) {
$uname = $user["displayname"];
}
MakeCrumbs(array(actionLink("profile", $id, "", $user["name"]) => htmlspecialchars($uname), '' => __("List of posts")));
$pagelinks = PageLinks(actionLink("listposts", $id, "from=", $user['name']), $ppp, $from, $total);
RenderTemplate('pagelinks', array('pagelinks' => $pagelinks, 'position' => 'top'));
if (NumRows($rPosts)) {
while ($post = Fetch($rPosts)) {
MakePost($post, POST_NORMAL, array('threadlink' => 1, 'tid' => $post['thread'], 'fid' => $post['fid'], 'noreplylinks' => 1));
}
} else {
Alert('This user has no posts.', 'Notice');
}
RenderTemplate('pagelinks', array('pagelinks' => $pagelinks, 'position' => 'bottom'));
if (!HasPermission('forum.viewforum', $fid)) {
Kill(__('You may not access this forum.'));
}
$tags = ParseThreadTags($thread['title']);
$isHidden = !HasPermission('forum.viewforum', $fid, true);
if ($_POST['report']) {
if ($_POST['key'] !== $loguser['token']) {
Kill(__('No.'));
}
// TODO make this use actual notifications or anything better
Query("INSERT INTO {pmsgs_text} (title,text) VALUES ({0},{1})", "Post report (post #{$pid})", '');
$pmid = InsertId();
Query("INSERT INTO {pmsgs} (id,userto,userfrom,date,ip,msgread,deleted,drafting)\n\t\tVALUES ({0},{1},{2},{3},{4},0,0,0)", $pmid, -1, $loguserid, time(), $_SERVER['REMOTE_ADDR']);
$report = "<strong>Post report</strong>\n\n<strong>Post:</strong> " . actionLinkTag($tags[0], 'post', $pid) . " (post #{$pid})\n\n<strong>Message:</strong>\n{$_POST['message']}\n\n" . actionLinkTag('Mark issue as resolved', 'showprivate', $pmid, 'markread=1');
Query("UPDATE {pmsgs_text} SET text={0} WHERE pid={1}", $report, $pmid);
SendNotification('pm', $pmid, -1);
die(header('Location: ' . actionLink('post', $pid)));
}
MakeCrumbs(forumCrumbs($forum) + array(actionLink("thread", $tid, '', $isHidden ? '' : $tags[0]) => $tags[0], '' => __("Report post")));
$user = Fetch(Query("SELECT * FROM {users} WHERE id={0}", $post['user']));
foreach ($user as $key => $value) {
$post['u_' . $key] = $value;
}
MakePost($post, POST_SAMPLE);
$fields = array('message' => '<textarea id="text" name="message" rows=10></textarea>', 'btnSubmit' => '<input type="submit" name="report" value="' . __('Submit report') . '">');
echo '
<form action="" method="POST">';
RenderTemplate('form_reportpost', array('fields' => $fields));
echo '
<input type="hidden" name="key" value="' . $loguser['token'] . '">
</form>';
}
}
RenderTemplate('pagelinks', array('pagelinks' => $pagelinks, 'position' => 'bottom'));
if ($loguserid && HasPermission('forum.postreplies', $fid) && !$thread['closed'] && !$isold) {
$ninja = FetchResult("select id from {posts} where thread={0} order by date desc limit 0, 1", $tid);
$mod_lock = '';
if (HasPermission('mod.closethreads', $fid)) {
if (!$thread['closed']) {
$mod_lock = "<label><input type=\"checkbox\" name=\"lock\"> " . __("Close thread", 1) . "</label>\n";
} else {
$mod_lock = "<label><input type=\"checkbox\" name=\"unlock\"> " . __("Open thread", 1) . "</label>\n";
}
}
$mod_stick = '';
if (HasPermission('mod.stickthreads', $fid)) {
if (!$thread['sticky']) {
$mod_stick = "<label><input type=\"checkbox\" name=\"stick\"> " . __("Sticky", 1) . "</label>\n";
} else {
$mod_stick = "<label><input type=\"checkbox\" name=\"unstick\"> " . __("Unstick", 1) . "</label>\n";
}
}
$moodOptions = "<option selected=\"selected\" value=\"0\">" . __("[Default avatar]") . "</option>\n";
$rMoods = Query("select mid, name from {moodavatars} where uid={0} order by mid asc", $loguserid);
while ($mood = Fetch($rMoods)) {
$moodOptions .= format("\n\t<option value=\"{0}\">{1}</option>\n", $mood['mid'], htmlspecialchars($mood['name']));
}
$fields = array('text' => "<textarea id=\"text\" name=\"text\" rows=\"8\"></textarea>", 'mood' => "<select size=1 name=\"mood\">" . $moodOptions . "</select>", 'nopl' => "<label><input type=\"checkbox\" name=\"nopl\"> " . __("Disable post layout", 1) . "</label>", 'nosm' => "<label><input type=\"checkbox\" name=\"nosm\"> " . __("Disable smilies", 1) . "</label>", 'lock' => $mod_lock, 'stick' => $mod_stick, 'btnPost' => "<input type=\"submit\" name=\"actionpost\" value=\"" . __("Post") . "\">", 'btnPreview' => "<input type=\"submit\" name=\"actionpreview\" value=\"" . __("Preview") . "\">");
echo "\n\t<form action=\"" . htmlentities(actionLink("newreply", $tid)) . "\" method=\"post\">\n\t\t<input type=\"hidden\" name=\"ninja\" value=\"{$ninja}\">";
RenderTemplate('form_quickreply', array('fields' => $fields));
echo "\n\t</form>";
}
$disabledplugins[$plugin] = $plugindata['name'];
}
}
}
}
asort($enabledplugins);
asort($disabledplugins);
$ep = array();
$dp = array();
foreach ($enabledplugins as $plugin => $pluginname) {
$ep[] = listPlugin($plugin, $pluginDatas[$plugin]);
}
foreach ($disabledplugins as $plugin => $pluginname) {
$dp[] = listPlugin($plugin, $pluginDatas[$plugin]);
}
RenderTemplate('pluginlist', array('enabledPlugins' => $ep, 'disabledPlugins' => $dp));
function listPlugin($plugin, $plugindata)
{
global $plugins, $loguser;
$pdata = $plugindata;
$hasperms = false;
if (!isset($plugins[$plugin]) && file_exists('plugins/' . $plugin . '/permStrings.php')) {
$hasperms = true;
}
if ($hasperms) {
$pdata['description'] .= '<br><strong>This plugin has permissions. After enabling it, make sure to configure them properly.</strong>';
}
$text = __("Enable");
$act = "enable";
if (isset($plugins[$plugin])) {
$text = __("Disable");
function PostAttachForm($files)
{
if (!Settings::get('postAttach')) {
return;
}
$fdata = array();
asort($files);
foreach ($files as $_fileid => $filename) {
$fileid = htmlspecialchars($_fileid);
$fdata[] = htmlspecialchars($filename) . '
<label><input type="checkbox" name="deletefile[' . $fileid . ']" value="1"> Delete</label>
<input type="hidden" name="files[' . $fileid . ']" value="blarg">';
}
$fields = array('newFile' => '<input type="file" name="newfile">', 'btnSave' => '<input type="submit" name="saveuploads" value="' . __('Save') . '">');
RenderTemplate('form_attachfiles', array('files' => $fdata, 'fields' => $fields, 'fileCap' => BytesToSize(POST_ATTACHMENT_CAP)));
}
if ($iconid == $i) {
$check = "checked=\"checked\" ";
}
$icons .= "\t<label>\n\t\t\t\t\t\t<input type=\"radio\" {$check} name=\"iconid\" value=\"{$i}\">\n\t\t\t\t\t\t<img src=\"" . resourceLink("img/icons/icon{$i}.png") . "\" alt=\"Icon {$i}\" onclick=\"javascript:void()\">\n\t\t\t\t\t</label>";
$i++;
}
$check[0] = "";
$check[1] = "";
if ($iconid == 0) {
$check[0] = "checked=\"checked\" ";
}
if ($iconid == 255) {
$check[1] = "checked=\"checked\" ";
}
$iconSettings = "\n\t\t\t\t\t<label>\n\t\t\t\t\t\t<input type=\"radio\" {$check[0]} name=\"iconid\" value=\"0\">\n\t\t\t\t\t\t<span>" . __("None") . "</span>\n\t\t\t\t\t</label>\n\t\t\t\t\t{$icons}\n\t\t\t\t\t<br/>\n\t\t\t\t\t<label>\n\t\t\t\t\t\t<input type=\"radio\" {$check[1]} name=\"iconid\" value=\"255\">\n\t\t\t\t\t\t<span>" . __("Custom") . "</span>\n\t\t\t\t\t</label>\n\t\t\t\t\t<input type=\"text\" name=\"iconurl\" size=60 maxlength=\"100\" value=\"" . htmlspecialchars($iconurl) . "\">";
$fields['title'] = "<input type=\"text\" id=\"tit\" name=\"title\" size=80 maxlength=\"60\" value=\"" . htmlspecialchars($thread['title']) . "\">";
$fields['icon'] = $iconSettings;
}
if ($canClose) {
$fields['closed'] = "<label><input type=\"checkbox\" name=\"isClosed\" " . ($thread['closed'] ? " checked=\"checked\"" : "") . "> " . __('Closed') . "</label>";
}
if ($canStick) {
$fields['sticky'] = "<label><input type=\"checkbox\" name=\"isSticky\" " . ($thread['sticky'] ? " checked=\"checked\"" : "") . "> " . __('Sticky') . "</label>";
}
if ($canMove) {
$fields['forum'] = makeForumList('moveTo', $thread['forum']);
}
$fields['btnEditThread'] = "<input type=\"submit\" name=\"actionedit\" value=\"" . __("Edit") . "\">";
echo "\n\t<script src=\"" . resourceLink("js/threadtagging.js") . "\"></script>\n\t<form action=\"" . htmlentities(actionLink("editthread")) . "\" method=\"post\">";
RenderTemplate('form_editthread', array('fields' => $fields, 'canRename' => $canRename, 'canClose' => $canClose, 'canStick' => $canStick, 'canMove' => $canMove));
echo "\n\t\t<input type=\"hidden\" name=\"id\" value=\"{$tid}\">\n\t\t<input type=\"hidden\" name=\"key\" value=\"" . $loguser['token'] . "\">\n\t\t<input type=\"hidden\" name=\"ref\" value=\"" . htmlspecialchars($_SERVER['HTTP_REFERER']) . "\">\n\t</form>";
$pic = str_replace('$root/', DATA_URL, $user['picture']);
$udata['avatar'] = "<img src=\"" . htmlspecialchars($pic) . "\" alt=\"\" style=\"max-width: 60px;max-height:60px;\">";
} else {
$udata['avatar'] = '';
}
$udata['num'] = $i;
$udata['link'] = UserLink($user);
$udata['posts'] = $user['posts'];
$udata['birthday'] = $user['birthday'] ? cdate('M jS', $user['birthday']) : '';
$udata['regdate'] = cdate('M jS Y', $user['regdate']);
$users[] = $udata;
$i++;
}
$getArgs[] = 'from=';
$pagelinks = PageLinks(actionLink('memberlist', '', implode('&', $getArgs)), $tpp, $from, $numUsers);
RenderTemplate('memberlist', array('pagelinks' => $pagelinks, 'numUsers' => $numUsers, 'users' => $users));
function makeSelect($name, $options)
{
$result = "<select name=\"" . $name . "\" id=\"" . $name . "\">";
$i = 0;
$hasgroups = false;
foreach ($options as $key => $value) {
if ($value == null) {
if ($hasgroups) {
$result .= "\n\t</optgroup>";
}
$result .= "\n\t<optgroup label=\"" . $key . "\">";
$hasgroups = true;
continue;
}
$result .= "\n\t<option" . ($key === $_GET[$name] ? " selected=\"selected\"" : "") . " value=\"" . $key . "\">" . $value . "</option>";
function ForumJump()
{
global $fid, $loguserid, $loguser, $forum;
$viewableforums = ForumsWithPermission('forum.viewforum');
$viewhidden = HasPermission('user.viewhiddenforums');
$rCats = Query("SELECT id, name FROM {categories} WHERE board={0} ORDER BY corder, id", $forum['board']);
$cats = array();
while ($cat = Fetch($rCats)) {
$cats[$cat['id']] = $cat['name'];
}
$rFora = Query("\tSELECT\n\t\t\t\t\t\t\tf.id, f.title, f.catid, f.redirect\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t{forums} f\n\t\t\t\t\t\tWHERE f.id IN ({0c})" . (!$viewhidden ? " AND f.hidden=0" : '') . "\n\t\t\t\t\t\tORDER BY f.forder, f.id", $viewableforums);
$fora = array();
while ($forum = Fetch($rFora)) {
$fora[$forum['catid']][] = $forum;
}
$theList = '';
foreach ($cats as $cid => $cname) {
if (empty($fora[$cid])) {
continue;
}
$theList .= ' <optgroup label="' . htmlspecialchars($cname) . '">
' . fj_forumBlock($fora, $cid, $fid, 0) . ' </optgroup>
';
}
$theList = '<select onchange="document.location=this.options[this.selectedIndex].value;">' . ($forum['board'] ? '<option value="' . actionLink('board') . '">Back to main forums</option>' : '') . $theList . '</select>';
RenderTemplate('forumjump', array('forumlist' => $theList));
}
if (!defined('BLARG')) {
die;
}
$board = $_GET['id'];
if (!$board) {
$board = '';
}
if (!isset($forumBoards[$board])) {
$board = '';
}
if ($loguserid && isset($_GET['action']) && $_GET['action'] == "markallread") {
Query("REPLACE INTO {threadsread} (id,thread,date) SELECT {0}, t.id, {1} FROM {threads} t" . ($board != '' ? ' LEFT JOIN {forums} f ON f.id=t.forum WHERE f.board={2}' : ''), $loguserid, time(), $board);
die(header("Location: " . actionLink("board", $board)));
}
$links = array();
if ($loguserid) {
$links[] = actionLinkTag(__("Mark all forums read"), "board", $board, "action=markallread");
}
MakeCrumbs(forumCrumbs(array('board' => $board)), $links);
if ($board == '') {
$statData = Fetch(Query("SELECT\n\t\t(SELECT COUNT(*) FROM {threads}) AS numThreads,\n\t\t(SELECT COUNT(*) FROM {posts}) AS numPosts,\n\t\t(SELECT COUNT(*) FROM {users}) AS numUsers,\n\t\t(select count(*) from {posts} where date > {0}) AS newToday,\n\t\t(select count(*) from {posts} where date > {1}) AS newLastHour,\n\t\t(select count(*) from {users} where lastposttime > {2}) AS numActive", time() - 86400, time() - 3600, time() - 2592000));
$statData['pctActive'] = $statData['numUsers'] ? ceil(100 / $statData['numUsers'] * $statData['numActive']) : 0;
$lastUser = Query("select u.(_userfields) from {users} u order by u.regdate desc limit 1");
if (numRows($lastUser)) {
$lastUser = getDataPrefix(Fetch($lastUser), "u_");
$statData['lastUserLink'] = UserLink($lastUser);
}
RenderTemplate('boardstats', array('stats' => $statData));
}
makeAnncBar();
makeForumListing(0, $board);
//Make a RANDOM reset key.
$resetKey = Shake();
$hashedResetKey = doHash($resetKey . SALT . $user['pss']);
$from = Settings::get("mailResetSender");
$to = $user['email'];
$subject = format(__("Password reset for {0}"), $user['name']);
$message = format(__("A password reset was requested for your user account on {0}."), Settings::get("boardname")) . "\n" . __("If you did not submit this request, this message can be ignored.") . "\n\n" . __("To reset your password, visit the following URL:") . "\n\n" . absoluteActionLink("lostpass", $user['id'], "key={$resetKey}") . "\n\n" . __("This link can be used once.");
$headers = "From: " . $from . "\r\n" . "Reply-To: " . $from . "\r\n" . "X-Mailer: PHP";
mail($to, $subject, wordwrap($message, 70), $headers);
Query("update {users} set lostkey = {0}, lostkeytimer = {1} where id = {2}", $hashedResetKey, time(), $user['id']);
Kill(__("Check your email in a moment and follow the link found therein."), __("Reset email sent"));
}
Kill(__('Invalid user name or email address.'));
} else {
$title = __('Request password reset');
MakeCrumbs(array(actionLink('login') => __('Log in'), '' => __('Request password reset')));
echo "\n\t<form action=\"" . htmlentities(actionLink("lostpass")) . "\" method=\"post\">";
$fields = array('username' => "<input type=\"text\" name=\"name\" maxlength=20 size=24>", 'email' => "<input type=\"text\" name=\"mail\" maxlength=60 size=24>", 'email2' => "<input type=\"text\" name=\"mail2\" maxlength=60 size=24>", 'btnSendReset' => "<input type=\"submit\" name=\"action\" value=\"" . __("Send reset email") . "\">");
RenderTemplate('form_lostpass', array('fields' => $fields));
echo "\n\t</form>\n";
}
}
function randomString($len, $chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")
{
$s = "";
for ($i = 0; $i < $len; $i++) {
$p = rand(0, strlen($chars) - 1);
$s .= $chars[$p];
}
return $s;
}
}
$item['caption'] = '';
break;
case 'themeselector':
$output .= $themeList;
break;
}
if (isset($item['extra'])) {
$output .= " " . $item['extra'];
}
$item['html'] = $output;
$epFields[$catid][$field] = $item;
}
}
echo "\n\t<form action=\"" . htmlentities(actionLink("editprofile")) . "\" method=\"post\" enctype=\"multipart/form-data\">\n";
RenderTemplate('form_editprofile', array('pages' => $epPages, 'categories' => $epCategories, 'fields' => $epFields, 'selectedTab' => $selectedTab, 'btnEditProfile' => "<input type=\"submit\" id=\"submit\" name=\"actionsave\" value=\"" . __("Save") . "\">"));
echo "\n\t\t<input type=\"hidden\" name=\"editusermode\" value=\"1\">\n\t\t<input type=\"hidden\" name=\"userid\" value=\"{$userid}\">\n\t\t<input type=\"hidden\" name=\"key\" value=\"{$loguser['token']}\">\n\t</form>\n";
function IsReallyEmpty($subject)
{
$trimmed = trim(preg_replace("/&.*;/", "", $subject));
return strlen($trimmed) == 0;
}
function AddPage($page, $name)
{
global $epPages, $epCategories;
$epPages[$page] = $name;
$epCategories[$page] = array();
}
function AddCategory($page, $cat, $name)
{
global $epCategories, $epFields;
$udata['link'] = UserLink($user);
$udata['lastPost'] = $user['lastposttime'] ? cdate("d-m-y G:i:s", $user['lastposttime']) : __("Never");
$udata['lastView'] = cdate("d-m-y G:i:s", $user['lastactivity']);
if ($user['lasturl']) {
$udata['lastURL'] = "<a href=\"" . FilterURL($user['lasturl']) . "\">" . FilterURL($user['lasturl']) . "</a>";
} else {
$udata['lastURL'] = __("None");
}
if ($showIPs) {
$udata['ip'] = formatIP($user['lastip']);
}
$userList[] = $udata;
}
$guestList = listGuests($rGuests);
$botList = listGuests($rBots);
RenderTemplate('onlinelist', array('timelinks' => $spanList, 'showIPs' => $showIPs, 'users' => $userList, 'guests' => $guestList, 'bots' => $botList));
function FilterURL($url)
{
//$url = str_replace('_', ' ', urldecode($url)); // what?
$url = htmlspecialchars($url);
$url = preg_replace("@(&)?(key|token)=[0-9a-f]{40,64}@i", '', $url);
return $url;
}
function listGuests($rGuests)
{
global $showIPs;
$guestList = array();
$i = 1;
while ($guest = Fetch($rGuests)) {
$gdata = array();
$gdata['num'] = $i++;
}
} else {
Alert(__("Enter a title and try again."), __("Your PM is untitled."));
}
}
if ($_POST['text']) {
$prefill = $_POST['text'];
}
if ($_POST['title']) {
$trefill = $_POST['title'];
}
if ($_POST['actionpreview'] || $draftID) {
if ($prefill) {
$previewPost['text'] = $prefill;
$previewPost['num'] = 0;
$previewPost['posts'] = $loguser['posts'];
$previewPost['id'] = 0;
$previewPost['options'] = 0;
foreach ($loguser as $key => $value) {
$previewPost['u_' . $key] = $value;
}
MakePost($previewPost, POST_SAMPLE);
}
}
$fields = array('to' => "<input type=\"text\" name=\"to\" size=40 maxlength=\"128\" value=\"" . htmlspecialchars($_POST['to']) . "\">", 'title' => "<input type=\"text\" name=\"title\" size=80 maxlength=\"60\" value=\"" . htmlspecialchars($trefill) . "\">", 'text' => "<textarea id=\"text\" name=\"text\" rows=\"16\">\n" . htmlspecialchars($prefill) . "</textarea>", 'btnSend' => "<input type=\"submit\" name=\"actionsend\" value=\"" . __("Send") . "\">", 'btnPreview' => "<input type=\"submit\" name=\"actionpreview\" value=\"" . __("Preview") . "\">", 'btnSaveDraft' => "<input type=\"submit\" name=\"actionsave\" value=\"" . __("Save draft") . "\">", 'btnDeleteDraft' => "<input type=\"submit\" name=\"actiondelete\" value=\"" . __("Delete draft") . "\" onclick=\"if(!confirm('Really delete this draft?'))return false;\">");
if (!$draftID) {
unset($fields['btnDeleteDraft']);
}
echo "\n\t<form name=\"postform\" action=\"\" method=\"post\">";
RenderTemplate('form_sendprivate', array('fields' => $fields, 'draftMode' => $draftID ? true : false, 'maxRecipients' => 5));
echo "\n\t</form>\n\t<script type=\"text/javascript\">\n\t\tdocument.postform.text.focus();\n\t</script>\n";
$cmt = array();
$deleteLink = '';
if ($canDeleteComments || $comment['cid'] == $loguserid && HasPermission('user.deleteownusercomments')) {
$deleteLink = "<small style=\"float: right; margin: 0px 4px;\">" . actionLinkTag("✘", "profile", $id, "action=delete&cid=" . $comment['id'] . "&token={$loguser['token']}") . "</small>";
}
$cmt['deleteLink'] = $deleteLink;
$cmt['userlink'] = UserLink(getDataPrefix($comment, 'u_'));
$cmt['formattedDate'] = relativedate($comment['date']);
$cmt['text'] = CleanUpPost($comment['text']);
$comments[] = $cmt;
}
$commentField = '';
if ($canComment) {
$commentField = "\n\t\t<form name=\"commentform\" method=\"post\" action=\"" . htmlentities(actionLink("profile")) . "\">\n\t\t\t<input type=\"hidden\" name=\"id\" value=\"{$id}\">\n\t\t\t<input type=\"text\" name=\"text\" style=\"width: 80%;\" maxlength=\"255\">\n\t\t\t<input type=\"submit\" name=\"actionpost\" value=\"" . __("Post") . "\">\n\t\t\t<input type=\"hidden\" name=\"token\" value=\"{$loguser['token']}\">\n\t\t</form>";
}
RenderTemplate('profile', array('username' => htmlspecialchars($uname), 'userlink' => UserLink($user), 'profileParts' => $profileParts, 'comments' => $comments, 'commentField' => $commentField, 'pagelinks' => $pagelinks));
if (!$mobileLayout) {
$previewPost['text'] = Settings::get("profilePreviewText");
$previewPost['num'] = 0;
$previewPost['id'] = 0;
foreach ($user as $key => $value) {
$previewPost['u_' . $key] = $value;
}
MakePost($previewPost, POST_SAMPLE);
}
$links = array();
if (HasPermission('admin.banusers') && $loguserid != $id) {
if ($user['primarygroup'] != Settings::get('bannedGroup')) {
$links[] = actionLinkTag('Ban user', 'banhammer', $id);
} else {
$links[] = actionLinkTag('Unban user', 'banhammer', $id, 'unban=1');
</style>
<?php
}
?>
<?php
}
?>
</head>
<body style="width:100%; font-size: <?php
echo $loguser['fontsize'];
?>
%;">
<form action="<?php
echo htmlentities(actionLink('login'));
?>
" method="post" id="logout" style="display:none;"><input type="hidden" name="action" value="logout"></form>
<?php
if (Settings::get('maintenance')) {
echo '<div style="font-size:30px; font-weight:bold; color:red; background:black; padding:5px; border:2px solid red; position:absolute; top:30px; left:30px;">MAINTENANCE MODE</div>';
}
RenderTemplate('pagelayout', array('layout_contents' => $layout_contents, 'layout_crumbs' => $layout_crumbs, 'layout_actionlinks' => $layout_actionlinks, 'headerlinks' => $headerlinks, 'sidelinks' => $sidelinks, 'layout_userpanel' => $layout_userpanel, 'notifications' => $notifications, 'boardname' => Settings::get('boardname'), 'poratitle' => Settings::get('PoRATitle'), 'poratext' => Settings::get('PoRAText'), 'layout_logopic' => $layout_logopic, 'layout_time' => $layout_time, 'layout_views' => $layout_views, 'layout_onlineusers' => $layout_onlineusers, 'layout_birthdays' => $layout_birthdays, 'layout_credits' => $layout_credits, 'mobileswitch' => $mobileswitch, 'perfdata' => $perfdata));
?>
</body>
</html>
<?php
$bucket = "finish";
include 'lib/pluginloader.php';
?>
function makeAnncBar()
{
global $loguserid;
$anncforum = Settings::get('anncForum');
if ($anncforum > 0) {
$annc = Query("\tSELECT \n\t\t\t\t\t\t\tt.id, t.title, t.icon, t.poll, t.forum,\n\t\t\t\t\t\t\tt.date anncdate,\n\t\t\t\t\t\t\t" . ($loguserid ? "tr.date readdate," : '') . "\n\t\t\t\t\t\t\tu.(_userfields)\n\t\t\t\t\t\tFROM \n\t\t\t\t\t\t\t{threads} t \n\t\t\t\t\t\t\t" . ($loguserid ? "LEFT JOIN {threadsread} tr ON tr.thread=t.id AND tr.id={1}" : '') . "\n\t\t\t\t\t\t\tLEFT JOIN {users} u ON u.id=t.user\n\t\t\t\t\t\tWHERE forum={0}\n\t\t\t\t\t\tORDER BY anncdate DESC LIMIT 1", $anncforum, $loguserid);
if ($annc && NumRows($annc)) {
$annc = Fetch($annc);
$adata = array();
$adata['new'] = '';
if (!$loguserid && $annc['anncdate'] > time() - 900 || $loguserid && $annc['anncdate'] > $annc['readdate']) {
$adata['new'] = "<div class=\"statusIcon new\"></div>";
}
$adata['poll'] = $annc['poll'] ? "<img src=\"" . resourceLink('img/poll.png') . "\" alt=\"Poll\"/> " : '';
$adata['link'] = MakeThreadLink($annc);
$user = getDataPrefix($annc, 'u_');
$adata['user'] = UserLink($user);
$adata['date'] = formatdate($annc['anncdate']);
RenderTemplate('anncbar', array('annc' => $adata));
}
}
}
imagecopyresampled($img2, $img1, 0, 0, 0, 0, $dimx, $dimy / $r, imagesx($img1), imagesy($img1));
} else {
$img2 = imagecreatetruecolor(floor($dimx * $r), $dimy);
imagecopyresampled($img2, $img1, 0, 0, 0, 0, $dimx * $r, $dimy, imagesx($img1), imagesy($img1));
}
imagepng($img2, $file);
} else {
$error .= "<li>Invalid format.</li>";
}
}
if (!$error) {
die(header('Location: ' . actionLink('editavatars')));
} else {
Kill(__("Could not update your avatar for the following reason(s):") . "<ul>" . $error . "</ul>");
}
}
}
}
}
}
$moodRows = array();
$rMoods = Query("select mid, name from {moodavatars} where uid={0} order by mid asc", $loguserid);
while ($mood = Fetch($rMoods)) {
$row = array();
$row['avatar'] = "<img src=\"" . DATA_URL . "avatars/{$loguserid}_{$mood['mid']}\" alt=\"\">";
$row['field'] = "\n\t\t\t\t<form method=\"post\" action=\"" . htmlentities(actionLink("editavatars")) . "\">\n\t\t\t\t\t<input type=\"hidden\" name=\"mid\" value=\"{$mood['mid']}\">\n\t\t\t\t\t<input type=\"text\" id=\"name{$mood['mid']}\" name=\"name\" size=80 maxlength=60 value=\"" . htmlspecialchars($mood['name']) . "\"><br>\n\t\t\t\t\t<input type=\"submit\" name=\"actionrename\" value=\"" . __("Rename") . "\">\n\t\t\t\t\t<input type=\"submit\" name=\"actiondelete\" value=\"" . __("Delete") . "\" \n\t\t\t\t\t\tonclick=\"if(!confirm('" . __('Really delete this avatar? All posts using it will be changed to use your default avatar.') . "'))return false;\">\n\t\t\t\t</form>";
$moodRows[] = $row;
}
$newField = "\n\t\t\t\t<form method=\"post\" action=\"" . htmlentities(actionLink("editavatars")) . "\" enctype=\"multipart/form-data\">\n\t\t\t\t\t" . __("Name:") . " <input type=\"text\" id=\"newName\" name=\"name\" size=80 maxlength=60><br>\n\t\t\t\t\t" . __("Image:") . " <input type=\"file\" id=\"pic\" name=\"picture\"><br>\n\t\t\t\t\t<input type=\"submit\" name=\"actionadd\" value=\"" . __("Add") . "\">\n\t\t\t\t</form>";
RenderTemplate('moodavatars', array('avatars' => $moodRows, 'newField' => $newField));
}
}
if (isset($_GET['unban'])) {
$title = __('Unban user');
MakeCrumbs(array(actionLink("profile", $id, '', $user['u_name']) => htmlspecialchars($user['u_displayname'] ? $user['u_displayname'] : $user['u_name']), actionLink('banhammer', $id, 'unban=1') => __('Unban user')));
$userlink = userLink(getDataPrefix($user, 'u_'));
$fields = array('target' => $userlink, 'btnUnbanUser' => '<input type="submit" name="unban" value="Unban user">');
$template = 'form_unbanuser';
} else {
$title = __('Ban user');
MakeCrumbs(array(actionLink("profile", $id, '', $user['u_name']) => htmlspecialchars($user['u_displayname'] ? $user['u_displayname'] : $user['u_name']), actionLink('banhammer', $id) => __('Ban user')));
$duration = '
<label><input type="radio" name="permanent" value="0"> For: </label>
<input type="text" name="time" size="4" maxlength="2">
<select name="timemult">
<option value="3600">hours</option>
<option value="86400">days</option>
<option value="604800">weeks</option>
</select>
<br>
<label><input type="radio" name="permanent" value="1" checked="checked"> Permanent</label>';
$userlink = userLink(getDataPrefix($user, 'u_'));
$fields = array('target' => $userlink, 'duration' => $duration, 'reason' => '<input type="text" name="reason" size=80 maxlength=200>', 'btnBanUser' => '<input type="submit" name="ban" value="Ban user">');
$template = 'form_banuser';
}
echo '
<form action="" method="POST">';
RenderTemplate($template, array('fields' => $fields));
echo '
<input type="hidden" name="token" value="' . $loguser['token'] . '">
</form>';
$_POST['sex'] = 2;
$_POST['autologin'] = 0;
}
$kuriseed = crc32(KURIKEY . microtime());
srand($kuriseed);
$check = time();
$kurichallenge = "{$kuriseed}|{$check}|" . rand(3, 12);
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$kurichallenge = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, md5(KURIKEY . $check, true), $kurichallenge, MCRYPT_MODE_ECB, $iv);
$kurichallenge = base64_encode($kurichallenge);
$kuridata = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, md5(KURIKEY, true), "{$kuriseed}|{$check}|{$kurichallenge}", MCRYPT_MODE_ECB, $iv);
$kuridata = base64_encode($kuridata);
$fields = array('username' => "<input type=\"text\" name=\"name\" maxlength=20 size=24 value=\"" . htmlspecialchars($_POST['name']) . "\" class=\"required\">", 'password' => "<input type=\"password\" name=\"pass\" size=24 class=\"required\">", 'password2' => "<input type=\"password\" name=\"pass2\" size=24 class=\"required\">", 'email' => "<input type=\"email\" name=\"email\" value=\"" . htmlspecialchars($_POST['email']) . "\" maxlength=\"60\" size=24>", 'sex' => MakeOptions("sex", $_POST['sex'], $sexes), 'readfaq' => "<label><input type=\"checkbox\" name=\"readFaq\">" . format(__("I have read the {0}FAQ{1}"), "<a href=\"" . actionLink("faq") . "\">", "</a>") . "</label>", 'kurichallenge' => "<img src=\"" . resourceLink("kurichallenge.php?data=" . urlencode($kuridata)) . "\" alt=\"[reload the page if the image fails to load]\"><br>\n\t\t<input type=\"text\" name=\"kurichallenge\" size=\"10\" maxlength=\"6\" class=\"required\">\n\t\t<input type=\"hidden\" name=\"kuridata\" value=\"" . htmlspecialchars($kuridata) . "\">", 'autologin' => "<label><input type=\"checkbox\" checked=\"checked\" name=\"autologin\"" . ($_POST['autologin'] ? ' checked="checked"' : '') . ">" . __("Log in afterwards") . "</label>", 'btnRegister' => "<input type=\"submit\" name=\"register\" value=\"" . __("Register") . "\">");
echo "<form action=\"" . htmlentities(actionLink("register")) . "\" method=\"post\">";
RenderTemplate('form_register', array('fields' => $fields));
echo "<span style=\"display : none;\"><input type=\"checkbox\" name=\"likesCake\"> I am a robot</span></form>";
function MakeOptions($fieldName, $checkedIndex, $choicesList)
{
$checks[$checkedIndex] = " checked=\"checked\"";
foreach ($choicesList as $key => $val) {
$result .= format("\n\t\t\t\t\t<label>\n\t\t\t\t\t\t<input type=\"radio\" name=\"{1}\" value=\"{0}\"{2}>\n\t\t\t\t\t\t{3}\n\t\t\t\t\t</label>", $key, $fieldName, $checks[$key], $val);
}
return $result;
}
function IsProxy()
{
if ($_SERVER['HTTP_X_FORWARDED_FOR'] && $_SERVER['HTTP_X_FORWARDED_FOR'] != $_SERVER['REMOTE_ADDR']) {
return true;
}
$result = QueryURL('http://www.stopforumspam.com/api?ip=' . urlencode($_SERVER['REMOTE_ADDR']));
if ($_POST['nopl']) {
$nopl = "checked=\"checked\"";
}
if ($_POST['nosm']) {
$nosm = "checked=\"checked\"";
}
} else {
$prefill = $post['text'];
if ($post['options'] & 1) {
$nopl = "checked=\"checked\"";
}
if ($post['options'] & 2) {
$nosm = "checked=\"checked\"";
}
$_POST['mood'] = $post['mood'];
}
$moodSelects = array();
if ($_POST['mood']) {
$moodSelects[(int) $_POST['mood']] = "selected=\"selected\" ";
}
$moodOptions = Format("<option {0}value=\"0\">" . __("[Default avatar]") . "</option>\n", $moodSelects[0]);
$rMoods = Query("select mid, name from {moodavatars} where uid={0} order by mid asc", $post['user']);
while ($mood = Fetch($rMoods)) {
$moodOptions .= Format("<option {0}value=\"{1}\">{2}</option>\n", $moodSelects[$mood['mid']], $mood['mid'], htmlspecialchars($mood['name']));
}
$fields = array('text' => "<textarea id=\"text\" name=\"text\" rows=\"16\">\n" . htmlspecialchars($prefill) . "</textarea>", 'mood' => "<select size=1 name=\"mood\">" . $moodOptions . "</select>", 'nopl' => "<label><input type=\"checkbox\" {$nopl} name=\"nopl\"> " . __("Disable post layout", 1) . "</label>", 'nosm' => "<label><input type=\"checkbox\" {$nosm} name=\"nosm\"> " . __("Disable smilies", 1) . "</label>", 'btnPost' => "<input type=\"submit\" name=\"actionpost\" value=\"" . __("Save") . "\">", 'btnPreview' => "<input type=\"submit\" name=\"actionpreview\" value=\"" . __("Preview") . "\">");
echo "\n\t<form name=\"postform\" action=\"" . htmlentities(actionLink("editpost", $pid)) . "\" method=\"post\" enctype=\"multipart/form-data\">";
RenderTemplate('form_editpost', array('fields' => $fields));
PostAttachForm($attachs);
echo "\n\t\t<input type=\"hidden\" name=\"key\" value=\"{$loguser['token']}\">\n\t</form>\n\t<script type=\"text/javascript\">\n\t\tdocument.postform.text.focus();\n\t</script>\n";
doThreadPreview($tid, $post['date']);
$r['formattedDate'] = formatdate($result['date']);
$rdata[] = $r;
}
}
}
if ($nres == 0) {
$restext = __('No results found');
} else {
if ($nres == 1) {
$restext = __('1 result found');
} else {
$restext = $nres . __(' results found');
}
}
$pagelinks = PageLinks(actionLink('search', '', 'q=' . urlencode($searchQuery) . '&inposts=' . $_GET['inposts'] . '&from='), $tpp, $from, $nres);
RenderTemplate('searchresults', array('results' => $rdata, 'nresults' => $nres, 'resultstext' => $restext, 'pagelinks' => $pagelinks));
}
function MakeSnippet($text, $terms, $title = false)
{
$text = strip_tags($text);
if (!$title) {
$text = preg_replace("/(\\[\\/?)(\\w+)([^\\]]*\\])/i", "", $text);
}
$lines = explode("\n", $text);
$terms = implode("|", $terms);
$contextlines = 3;
$max = 50;
$pat1 = "/(.*)(" . $terms . ")(.{0," . $max . "})/i";
$lineno = 0;
$extract = "";
foreach ($lines as $line) {
}
}
$sdata['field'] = $input;
if ($invalidsettings[$name]) {
$sdata['name'] = "<span style=\"color: #f44;\">{$sdata['name']} (invalid)</span>";
}
if ($help) {
$sdata['name'] .= "<br><small>{$help}</small>";
}
$settingfields[$data['category']][] = $sdata;
}
if (!$settingfields['']) {
unset($settingfields['']);
}
$fields = array('btnSaveExit' => "<input type=\"submit\" name=\"_exit\" value=\"" . __("Save and Exit") . "\">", 'btnSave' => "<input type=\"submit\" name=\"_action\" value=\"" . __("Save") . "\">");
RenderTemplate('form_settings', array('settingfields' => $settingfields, 'htmlfield' => $htmlfield, 'fields' => $fields));
echo "\n\t</form>";
function makeSelect($fieldName, $checkedIndex, $choicesList, $extras = "")
{
$checks[$checkedIndex] = " selected=\"selected\"";
foreach ($choicesList as $key => $val) {
$options .= format("\n\t\t\t\t\t\t<option value=\"{0}\"{1}>{2}</option>", $key, $checks[$key], $val);
}
$result = format("\n\t\t\t\t\t<select id=\"{0}\" name=\"{0}\" size=\"1\" {1} >{2}\n\t\t\t\t\t</select>", $fieldName, $extras, $options);
return $result;
}
function makeThemeList($fieldname, $value)
{
$themes = array();
$dir = @opendir("themes");
while ($file = readdir($dir)) {
function makePost($post, $type, $params = array())
{
global $loguser, $loguserid, $usergroups, $isBot, $blocklayouts;
$poster = getDataPrefix($post, 'u_');
$post['userlink'] = UserLink($poster);
LoadBlockLayouts();
$pltype = Settings::get('postLayoutType');
$isBlocked = $poster['globalblock'] || $loguser['blocklayouts'] || $post['options'] & 1 || isset($blocklayouts[$poster['id']]);
$post['type'] = $type;
$post['formattedDate'] = formatdate($post['date']);
if (!HasPermission('admin.viewips')) {
$post['ip'] = '';
} else {
$post['ip'] = htmlspecialchars($post['ip']);
}
// TODO IP formatting?
if ($post['deleted'] && $type == POST_NORMAL) {
$post['deluserlink'] = UserLink(getDataPrefix($post, 'du_'));
$post['delreason'] = htmlspecialchars($post['reason']);
$links = array();
if (HasPermission('mod.deleteposts', $params['fid'])) {
$links['undelete'] = actionLinkTag(__("Undelete"), "editpost", $post['id'], "delete=2&key=" . $loguser['token']);
$links['view'] = "<a href=\"#\" onclick=\"replacePost(" . $post['id'] . ",true); return false;\">" . __("View") . "</a>";
}
$post['links'] = $links;
RenderTemplate('postbox_deleted', array('post' => $post));
return;
}
$links = array();
if ($type != POST_SAMPLE) {
$forum = $params['fid'];
$thread = $params['tid'];
$notclosed = !$post['closed'] || HasPermission('mod.closethreads', $forum);
$extraLinks = array();
if (!$isBot) {
if ($type == POST_DELETED_SNOOP) {
if ($notclosed && HasPermission('mod.deleteposts', $forum)) {
$links['undelete'] = actionLinkTag(__("Undelete"), "editpost", $post['id'], "delete=2&key=" . $loguser['token']);
}
$links['close'] = "<a href=\"#\" onclick=\"replacePost(" . $post['id'] . ",false); return false;\">" . __("Close") . "</a>";
} else {
if ($type == POST_NORMAL) {
if ($notclosed) {
if ($loguserid && HasPermission('forum.postreplies', $forum) && !$params['noreplylinks']) {
$links['quote'] = actionLinkTag(__("Quote"), "newreply", $thread, "quote=" . $post['id']);
}
$editrights = 0;
if ($poster['id'] == $loguserid && HasPermission('user.editownposts') || HasPermission('mod.editposts', $forum)) {
$links['edit'] = actionLinkTag(__("Edit"), "editpost", $post['id']);
$editrights++;
}
if ($poster['id'] == $loguserid && HasPermission('user.deleteownposts') || HasPermission('mod.deleteposts', $forum)) {
if ($post['id'] != $post['firstpostid']) {
$link = htmlspecialchars(actionLink('editpost', $post['id'], 'delete=1&key=' . $loguser['token']));
$onclick = HasPermission('mod.deleteposts', $forum) ? " onclick=\"deletePost(this);return false;\"" : ' onclick="if(!confirm(\'Really delete this post?\'))return false;"';
$links['delete'] = "<a href=\"{$link}\"{$onclick}>" . __('Delete') . "</a>";
}
$editrights++;
}
if ($editrights < 2 && HasPermission('user.reportposts')) {
$links['report'] = actionLinkTag(__('Report'), 'reportpost', $post['id']);
}
}
// plugins should add to $extraLinks
$bucket = "topbar";
include __DIR__ . "/pluginloader.php";
}
}
$links['extra'] = $extraLinks;
}
//Threadlinks for listpost.php
if ($params['threadlink']) {
$thread = array();
$thread['id'] = $post['thread'];
$thread['title'] = $post['threadname'];
$thread['forum'] = $post['fid'];
$post['threadlink'] = makeThreadLink($thread);
} else {
$post['threadlink'] = '';
}
//Revisions
if ($post['revision']) {
$ru_link = UserLink(getDataPrefix($post, "ru_"));
$revdetail = ' ' . format(__('by {0} on {1}'), $ru_link, formatdate($post['revdate']));
if (HasPermission('mod.editposts', $forum)) {
$post['revdetail'] = "<a href=\"javascript:void(0);\" onclick=\"showRevisions(" . $post['id'] . ")\">" . Format(__('rev. {0}'), $post['revision']) . "</a>" . $revdetail;
} else {
$post['revdetail'] = Format(__('rev. {0}'), $post['revision']) . $revdetail;
}
}
//</revisions>
}
$post['links'] = $links;
// POST SIDEBAR
$sidebar = array();
// quit abusing custom syndromes you unoriginal fuckers
$poster['title'] = preg_replace('@Affected by \'?.*?Syndrome\'?@si', '', $poster['title']);
$sidebar['rank'] = GetRank($poster['rankset'], $poster['posts']);
if ($poster['title']) {
$sidebar['title'] = strip_tags(CleanUpPost($poster['title'], '', true), '<b><strong><i><em><span><s><del><img><a><br/><br><small>');
} else {
$sidebar['title'] = htmlspecialchars($usergroups[$poster['primarygroup']]['title']);
}
$sidebar['syndrome'] = GetSyndrome(getActivity($poster['id']));
if ($post['mood'] > 0) {
if (file_exists(DATA_DIR . "avatars/" . $poster['id'] . "_" . $post['mood'])) {
$sidebar['avatar'] = "<img src=\"" . DATA_URL . "avatars/" . $poster['id'] . "_" . $post['mood'] . "\" alt=\"\">";
}
} else {
if ($poster['picture']) {
$pic = str_replace('$root/', DATA_URL, $poster['picture']);
$sidebar['avatar'] = "<img src=\"" . htmlspecialchars($pic) . "\" alt=\"\">";
}
}
$lastpost = $poster['lastposttime'] ? timeunits(time() - $poster['lastposttime']) : "none";
$lastview = timeunits(time() - $poster['lastactivity']);
if (!$post['num']) {
$sidebar['posts'] = $poster['posts'];
} else {
$sidebar['posts'] = $post['num'] . '/' . $poster['posts'];
}
$sidebar['since'] = cdate($loguser['dateformat'], $poster['regdate']);
$sidebar['lastpost'] = $lastpost;
$sidebar['lastview'] = $lastview;
if ($poster['lastactivity'] > time() - 300) {
$sidebar['isonline'] = __("User is <strong>online</strong>");
}
$sidebarExtra = array();
$bucket = "sidebar";
include __DIR__ . "/pluginloader.php";
$sidebar['extra'] = $sidebarExtra;
$post['sidebar'] = $sidebar;
// OTHER STUFF
$post['haslayout'] = false;
$post['fulllayout'] = false;
if (!$isBlocked) {
$poster['postheader'] = $pltype ? trim($poster['postheader']) : '';
$poster['signature'] = trim($poster['signature']);
$post['haslayout'] = $poster['postheader'] ? 1 : 0;
$post['fulllayout'] = $poster['fulllayout'] && $post['haslayout'] && $pltype == 2;
if (!$post['haslayout'] && $poster['signature']) {
$poster['signature'] = '<div class="signature">' . $poster['signature'] . '</div>';
}
} else {
$poster['postheader'] = '';
$poster['signature'] = '';
}
$post['contents'] = makePostText($post, $poster);
//PRINT THE POST!
RenderTemplate('postbox', array('post' => $post));
}
foreach ($users as $user) {
if ($user['posts'] >= $rank['num'] && $user['posts'] < $nextRank['num']) {
$total++;
if ($user['lastposttime'] > time() - 2592000) {
$members[] = UserLink($user);
} else {
$inactive++;
}
}
}
if ($inactive) {
$members[] = $inactive . ' inactive';
}
$showRank = HasPermission('admin.viewallranks') || $loguser['posts'] >= $rank['num'] || count($members) > 0;
if ($showRank) {
$rdata['rank'] = getRankHtml($rankset, $rank);
} else {
$rdata['rank'] = '???';
}
if (count($members) == 0) {
$members = ' ';
} else {
$members = join(', ', $members);
}
$rdata['posts'] = $showRank ? $rank['num'] : '???';
$rdata['numUsers'] = $total;
$rdata['users'] = $members;
$ranklist[] = $rdata;
}
RenderTemplate('ranks', array('ranksets' => $ranksets, 'ranks' => $ranklist));
if ($_POST['mood']) {
$moodSelects[(int) $_POST['mood']] = "selected=\"selected\" ";
}
$moodOptions = "<option " . $moodSelects[0] . "value=\"0\">" . __("[Default avatar]") . "</option>\n";
$rMoods = Query("select mid, name from {moodavatars} where uid={0} order by mid asc", $loguserid);
while ($mood = Fetch($rMoods)) {
$moodOptions .= format("\n\t<option {0} value=\"{1}\">{2}</option>\n", $moodSelects[$mood['mid']], $mood['mid'], htmlspecialchars($mood['name']));
}
$ninja = FetchResult("select id from {posts} where thread={0} order by date desc limit 0, 1", $tid);
$mod_lock = '';
if (HasPermission('mod.closethreads', $fid)) {
if (!$thread['closed']) {
$mod_lock = "<label><input type=\"checkbox\" " . getCheck("lock") . " name=\"lock\"> " . __("Close thread", 1) . "</label>\n";
} else {
$mod_lock = "<label><input type=\"checkbox\" " . getCheck("unlock") . " name=\"unlock\"> " . __("Open thread", 1) . "</label>\n";
}
}
$mod_stick = '';
if (HasPermission('mod.stickthreads', $fid)) {
if (!$thread['sticky']) {
$mod_stick = "<label><input type=\"checkbox\" " . getCheck("stick") . " name=\"stick\"> " . __("Sticky", 1) . "</label>\n";
} else {
$mod_stick = "<label><input type=\"checkbox\" " . getCheck("unstick") . " name=\"unstick\"> " . __("Unstick", 1) . "</label>\n";
}
}
$fields = array('text' => "<textarea id=\"text\" name=\"text\" rows=\"16\">\n{$prefill}</textarea>", 'mood' => "<select size=1 name=\"mood\">" . $moodOptions . "</select>", 'nopl' => "<label><input type=\"checkbox\" " . getCheck('nopl') . " name=\"nopl\"> " . __("Disable post layout", 1) . "</label>", 'nosm' => "<label><input type=\"checkbox\" " . getCheck('nosm') . " name=\"nosm\"> " . __("Disable smilies", 1) . "</label>", 'lock' => $mod_lock, 'stick' => $mod_stick, 'btnPost' => "<input type=\"submit\" name=\"actionpost\" value=\"" . __("Post") . "\">", 'btnPreview' => "<input type=\"submit\" name=\"actionpreview\" value=\"" . __("Preview") . "\">");
echo "\n\t<form name=\"postform\" action=\"" . htmlentities(actionLink("newreply", $tid)) . "\" method=\"post\" enctype=\"multipart/form-data\">\n\t\t<input type=\"hidden\" name=\"ninja\" value=\"{$ninja}\">";
RenderTemplate('form_newreply', array('fields' => $fields));
PostAttachForm($attachs);
echo "\n\t\t</form>\n\t<script type=\"text/javascript\">\n\t\tdocument.postform.text.focus();\n\t</script>\n";
doThreadPreview($tid);
CheckPermission('admin.editgroups');
$title = __('Edit groups');
MakeCrumbs(array(actionLink('admin') => __('Admin'), '' => __('Edit groups')));
$gtypes = array(0 => __('Primary'), 1 => __('Secondary'));
$gdisplays = array(-1 => __('Hidden'), 0 => __('Regular'), 1 => __('Staff'));
if (!$_POST['saveaction']) {
$groups = Query("SELECT * FROM {usergroups} WHERE rank<={0} ORDER BY type, rank", $loguserGroup['rank']);
$gdata = array();
while ($group = Fetch($groups)) {
$gtitle = htmlspecialchars($group['title']);
if (!$group['type']) {
$gtitle = '<span class="userlink" style="color:' . htmlspecialchars($group['color_unspec']) . ';">' . $gtitle . '</span>';
}
$gdata[] = actionLinkTag($gtitle, 'editgroups', $group['id']);
}
RenderTemplate('grouplist', array('groups' => $gdata));
}
if (isset($_GET['id'])) {
$gid = (int) $_GET['id'];
$group = Fetch(Query("SELECT * FROM {usergroups} WHERE id={0}", $gid));
if (!$group) {
Kill(__('Invalid group ID.'));
}
if ($group['rank'] > $loguserGroup['rank']) {
Kill(__('You may not edit this group.'));
}
MakeCrumbs(array(actionLink('admin') => __('Admin'), actionLink('editgroups') => __('Edit groups'), '' => htmlspecialchars($group['title'])));
$canPromoteHigher = $loguser['root'] && $gid == $loguserGroup['id'];
} else {
MakeCrumbs(array(actionLink('admin') => __('Admin'), actionLink('editgroups') => __('Edit groups')));
Alert(__('Select a group above to edit it.'), __('Notice'));
