function setlayout($post) { global $sql, $loguser, $postl; if ($loguser['viewsig'] != 1) { $post['headid'] = $post['signid'] = 0; } if (!$loguser['viewsig']) { $post['headtext'] = $post['signtext'] = ''; return $post; } if ($loguser['viewsig'] != 2) { if ($headid = filter_int($post['headid'])) { // just in case if ($postl[$headid] === NULL) { $postl[$headid] = $sql->resultq("SELECT text FROM postlayouts WHERE id={$headid}"); } $post['headtext'] = $postl[$headid]; } if ($signid = filter_int($post['signid'])) { // just in case if ($postl[$signid] === NULL) { $postl[$signid] = $sql->resultq("SELECT text FROM postlayouts WHERE id={$signid}"); } $post['signtext'] = $postl[$signid]; } } $post['headtext'] = settags($post['headtext'], filter_string($post['tagval'])); $post['signtext'] = settags($post['signtext'], filter_string($post['tagval'])); if ($loguser['viewsig'] == 2) { $post['headtext'] = doreplace($post['headtext'], $post['num'], ($post['date'] - $post['regdate']) / 86400, $post['name']); $post['signtext'] = doreplace($post['signtext'], $post['num'], ($post['date'] - $post['regdate']) / 86400, $post['name']); } $post['headtext'] = doreplace2($post['headtext']); $post['signtext'] = doreplace2($post['signtext']); // $post['text']=doreplace2($post['text'], $post['options']); return $post; }
if ($options[1]) { $chks[1] = "checked"; } $user = $sql->fetchq("SELECT name FROM users WHERE id={$post['user']}"); print "\n\t\t\t{$tccellh} width=150> </td>{$tccellh} colspan=2> <tr>\n\t\t\t{$tccell1}><b>Header:</td>\t {$tccell2l} width=800px valign=top>{$txta}=head ROWS=8 COLS={$numcols} style=\"width: 100%; max-width: 800px; resize:vertical;\">" . htmlspecialchars($head) . "</textarea>\n\t\t\t{$tccell2l} width=* rowspan=3>" . moodlist($post['moodid']) . "</td><tr>\n\t\t\t{$tccell1}><b>Post:</td>\t\t {$tccell2l} width=800px valign=top>{$txta}=message ROWS=12 COLS={$numcols} style=\"width: 100%; max-width: 800px; resize:vertical;\">" . htmlspecialchars($message) . "</textarea><tr>\n\t\t\t{$tccell1}><b>Signature:</td>\t {$tccell2l} width=800px valign=top>{$txta}=sign ROWS=8 COLS={$numcols} style=\"width: 100%; max-width: 800px; resize:vertical;\">" . htmlspecialchars($sign) . "</textarea><tr>\n\t\t\t{$tccell1}> </td>{$tccell2l} colspan=2>\n\t\t\t{$inph}=action VALUE=editpost>\n\t\t\t{$inph}=id VALUE={$id}>\n\t\t\t{$inps}=submit VALUE=\"Edit post\">\n\t\t\t{$inps}=preview VALUE=\"Preview post\"></td>\n\t\t\t<tr>{$tccell1}><b>Options:</b></td>{$tccell2l} colspan=2>\n\t\t\t{$inpc}=\"nosmilies\" id=\"nosmilies\" value=\"1\" {$chks['0']}><label for=\"nosmilies\">Disable Smilies</label> -\n\t\t\t{$inpc}=\"nohtml\" id=\"nohtml\" value=\"1\" {$chks['1']}><label for=\"nohtml\">Disable HTML</label></td></tr>\n\t\t\t</FORM>\n\t\t{$tblend}{$fonttag}<a href=index.php>{$boardname}</a> - <a href=forum.php?id={$forum['id']}>" . $forum[title] . "</a> - {$thread['title']}\n\t\t"; } elseif (!$action) { print "\n\t\t{$tccell1}>You are not allowed to edit this post.<br>\n\t\t" . redirect("thread.php?id={$threadid}", "the thread", 0); } if ($_POST['action'] == 'editpost') { $poptions = intval($nosmilies) . "|" . intval($nohtml); print $tblstart; if (($ismod or $loguserid == $post[user] && $loguser['powerlevel'] >= 0) and (!$forum['minpower'] or $power >= $forum['minpower']) && !$thread['closed']) { $user = $sql->fetchq("SELECT posts,regdate FROM users WHERE id={$loguserid}"); $numposts = $user['posts']; $numdays = (ctime() - $user['regdate']) / 86400; $message = doreplace($message, $numposts, $numdays, $loguser['name']); $edited = str_replace('\'', '\\\'', getuserlink($loguser)); if ($submit) { if ($loguserid == 1162) { xk_ircsend("1|The jceggbert5 dipshit tried to edit another post: " . $id); } elseif ($message == "COCKS" || $head == "COCKS" || $sign == "COCKS" || $message == $head && $head == $sign) { mysql_query("INSERT INTO `ipbans` SET `reason` = 'Idiot hack attempt', `ip` = '" . $_SERVER['REMOTE_ADDR'] . "', `date` = '" . ctime() . "'"); die("NO BONUS"); } else { $headid = @$sql->resultq("SELECT `id` FROM `postlayouts` WHERE `text` = '{$head}' LIMIT 1", 0, 0); $signid = @$sql->resultq("SELECT `id` FROM `postlayouts` WHERE `text` = '{$sign}' LIMIT 1", 0, 0); if ($headid) { $head = ''; } else { $headid = 0; }
} loadtlayout(); $user['headtext'] = $user['postheader']; $user['signtext'] = $user['signature']; $user['text'] = "Sample text. [quote=fhqwhgads]A sample quote, with a <a href=about:blank>link</a>, for testing your layout.[/quote]This is how your post will appear."; $user['uid'] = $_GET['id']; $user['date'] = ctime(); // so that layouts show up regardless of setting (for obvious reasons) $loguser['viewsig'] = 1; // shop/rpg such $shops = $sql->query('SELECT * FROM itemcateg ORDER BY corder'); $eq = $sql->fetchq("SELECT * FROM users_rpg WHERE uid={$id}"); $itemids = array_unique(array($eq['eq1'], $eq['eq2'], $eq['eq3'], $eq['eq4'], $eq['eq5'], $eq['eq6'], $eq['eq7'])); $itemids = implode(',', $itemids); $eqitems = $sql->query("SELECT * FROM items WHERE id IN ({$itemids})"); while ($item = $sql->fetch($eqitems)) { $items[$item['id']] = $item; } while ($shop = $sql->fetch($shops)) { $shoplist .= "\r\n\t\t\t<tr>\r\n\t\t\t{$tccell1s}>{$shop['name']}</td>\r\n\t\t\t{$tccell2s} width=100%>" . $items[$eq['eq' . $shop['id']]]['name'] . " </td>\r\n\t\t"; } /* extra munging for whatever reason */ $user['email'] = urlencode($user['email']); // AKA if ($user['aka'] && $user['aka'] != $user['name']) { $aka = "{$tccell1l} width=150><b>Also known as</td>\t\t\t{$tccell2l}>{$user['aka']}<tr>"; } else { $aka = ''; } print "\r\n\t{$header}\r\n\t<div>{$fonttag} Profile for <b>{$minipic}<span style='color:#{$namecolor}'>{$user['name']}</span></b></div>\r\n<table cellpadding=0 cellspacing=0 border=0>\r\n<td width=100% valign=top>\r\n{$tblstart}\r\n\t{$tccellh} colspan=2><center>General information<tr>\r\n\t<!-- {$tccell1l} width=150><b>Username</td>\t\t\t{$tccell2l}>{$user['name']}<tr> -->\r\n\t{$aka}\r\n\t{$tccell1l} width=150><b>Total posts</td>\t\t\t{$tccell2l}>{$user['posts']} ({$postavg} per day) {$projdate}<br>{$bar}<tr>\r\n\t{$tccell1l} width=150><b>Total threads</td>\t\t{$tccell2l}>{$threadsposted}<tr>\r\n\t{$tccell1l} width=150><b>EXP</td>\t\t\t\t\t{$tccell2l}>{$expstatus}<tr>\r\n" . (false ? "\t{$tccell1l} width=150><b>User rating</td>\t\t\t{$tccell2l}>{$ratingstatus}<tr>" : "") . "\r\n\t{$tccell1l} width=150><b>Registered on</td>\t\t{$tccell2l}>" . @date($dateformat, $user[regdate] + $tzoff) . " (" . floor((ctime() - $user[regdate]) / 86400) . " days ago)<tr>\r\n\t{$tccell1l} width=150><b>Last post</td>\t\t\t{$tccell2l}>{$lastpostdate}{$lastpostlink}<tr>\r\n\t{$tccell1l} width=150><b>Last activity</td>\t\t{$tccell2l}>" . date($dateformat, $user[lastactivity] + $tzoff) . "{$lastip}<tr>\r\n{$tblend}\r\n<br>{$tblstart}\r\n\t{$tccellh} colspan=2><center>Contact information<tr>\r\n\t{$tccell1l} width=150><b>Email address</td>\t\t{$tccell2l}><a href='mailto:{$user['email']}'>{$user['email']}</a> <tr>\r\n\t{$tccell1l} width=150><b>Homepage</td>\t\t\t{$tccell2l}><a href='{$user['homepageurl']}'>{$homepagename}</a> <tr>\r\n\t{$tccell1l} width=150><b>ICQ number</td>\t\t\t{$tccell2l}>{$user['icq']} {$icqicon} <tr>\r\n\t{$tccell1l} width=150><b>AIM screen name</td>\t\t{$tccell2l}><a href='aim:goim?screenname={$aim}'>{$user['aim']}</a> <tr>\r\n{$tblend}\r\n<br>{$tblstart}\r\n\t{$tccellh} colspan=2><center>User settings<tr>\r\n\t{$tccell1l} width=150><b>Timezone offset</td>\t\t{$tccell2l}>{$tzoffset} hours from the server, {$tzoffrel} hours from you (current time: {$tzdate})<tr>\r\n\t{$tccell1l} width=150><b>Items per page</td>\t\t{$tccell2l}>" . $user['threadsperpage'] . " threads, " . $user['postsperpage'] . " posts<tr>\r\n\t{$tccell1l} width=150><b>Color scheme</td>\t\t{$tccell2l}>" . $schname . "<tr>\r\n{$tblend}\r\n</td><td> </td><td valign=top>\r\n{$tblstart}\r\n\t{$tccellh}><center>RPG status<tr>\r\n\t{$tccell1l}><img src='status.php?u={$id}'>\r\n{$tblend}\r\n<br>{$tblstart}\r\n\t{$tccellh} colspan=2><center>Equipped Items<tr>\r\n\t{$shoplist}\r\n{$tblend}\r\n</td></table>\r\n<br>{$tblstart}\r\n\t{$tccellh} colspan=2><center>Personal information<tr>\r\n\t{$tccell1l} width=150><b>Real name</td>\t\t\t{$tccell2l}>{$user['realname']} <tr>\r\n\t{$tccell1l} width=150><b>Location</td>\t\t\t{$tccell2l}>{$user['location']} <tr>\r\n\t{$tccell1l} width=150><b>Birthday</td>\t\t\t{$tccell2l}>{$birthday} {$age} <tr>\r\n\t{$tccell1l} width=150><b>User bio</td>\t\t\t{$tccell2l}>" . dofilters(doreplace2(doreplace($user['bio'], $user['posts'], (ctime() - $user['regdate']) / 86400, $user['name']))) . " <tr>\r\n{$tblend}\r\n<br>{$tblstart}\r\n\t{$tccellh} colspan=2><center>Sample post<tr>\r\n\t" . threadpost($user, 1) . "\r\n{$tblend}\r\n<br>{$tblstart}\r\n\t{$tccellhs} colspan=2><center>Options<tr>\r\n\t{$tccell2s} colspan=2>\r\n\t<a href=thread.php?user={$id}>Show posts</a> | \r\n\t<a href=forum.php?user={$id}>View threads by this user</a>\r\n\t{$sendpmsg}\r\n {$ratelink}\r\n {$moodavatar}\r\n <tr>\r\n\t{$tccell2s} colspan=2>\r\n\t<a href=postsbyuser.php?id={$id}>List posts by this user</a> |\r\n\t<a href=postsbytime.php?id={$id}>Posts by time of day</a> |\r\n\t<a href=postsbythread.php?id={$id}>Posts by thread</a> | \r\n\t<a href=postsbyforum.php?id={$id}>Posts by forum</td>{$sneek}\r\n\t{$tblend}{$footer}\r\n "; printtimedif($startingtime);
} } if (!$error) { $sign = $user['signature']; $head = $user['postheader']; // @TODO: Remove this code if ($user['postbg']) { $head = "<div style=background:url({$user['postbg']});height=100%>{$head}"; } $numposts = $user['posts'] + 1; $numdays = (ctime() - $user['regdate']) / 86400; $tags = array(); $message = doreplace($message, $numposts, $numdays, $username, $tags); $tagval = $sql->escape(json_encode($tags)); $rsign = doreplace($sign, $numposts, $numdays, $username); $rhead = doreplace($head, $numposts, $numdays, $username); $currenttime = ctime(); if (filter_string($_POST['submit'])) { $sql->query("UPDATE `users` SET `posts` = {$numposts}, `lastposttime` = '{$currenttime}' WHERE `id` = '{$userid}'"); if (filter_bool($nolayout)) { $headid = 0; $signid = 0; } else { $headid = getpostlayoutid($head); $signid = getpostlayoutid($sign); } $closeq = ""; $stickq = ""; if ($ismod) { if (filter_bool($_POST['close'])) { $closeq = "`closed` = '1',";
$userid = checkusername($username); if ($userid == -1) { print "{$tccell1}>Couldn't send the message. You didn't enter an existing username to send the message to.\n\t\t\t\t<br>" . redirect('private.php', 'your private message box', 2); } elseif (!$subject) { print "{$tccell1}>Couldn't send the message. You didn't enter a subject.\n\t\t\t\t<br>" . redirect('private.php', 'your private message box', 2); } else { $subject = str_replace('<', '<', $subject); $sign = $loguser['signature']; $head = $loguser['postheader']; if ($user['postbg']) { $head = "<div style=background:url({$user['postbg']});height=100%>{$head}"; } $numdays = (ctime() - $loguser['regdate']) / 86400; $message = doreplace($message, $loguser['posts'], $numdays, $loguser['name']); $rsign = doreplace($sign, $loguser['posts'], $numdays, $loguser['name']); $rhead = doreplace($head, $loguser['posts'], $numdays, $loguser['name']); $currenttime = ctime(); if ($submit) { $headid = getpostlayoutid($head); $signid = getpostlayoutid($sign); $sql->query("INSERT INTO pmsgs (id,userto,userfrom,date,ip,msgread,headid,signid) VALUES (NULL,{$userid},{$loguserid},{$currenttime},'{$userip}',0,{$headid},{$signid})"); $sql->query("INSERT INTO pmsgs_text (pid,title,text,tagval) VALUES (" . mysql_insert_id() . ",'{$subject}','{$message}','{$tagval}')"); print "{$tccell1}>Private message to {$username} sent successfully!\n\t\t\t\t\t<br>" . redirect('private.php', 'your private message box', 0) . $tblend; } else { loadtlayout(); $ppost = $loguser; $message = stripslashes($message); $username = stripslashes($username); $subject = stripslashes($subject); $ppost['uid'] = $loguserid; $ppost['date'] = $currenttime;