function insert_compose_frame($id, $type = 'new')
{
global $maxsubjectlength, $CURUSER;
global $lang_forums;
$hassubject = false;
$hasmodechoose = false;
$subject = "";
$body = "";
print "<form id=\"compose\" method=\"post\" name=\"compose\" action=\"?action=post\">\n";
switch ($type) {
case 'new':
$forumname = get_single_value("forums", "name", "WHERE id=" . sqlesc($id));
$forummode = get_single_value("forums", "casinomode", "WHERE id=" . sqlesc($id));
$forummodeclass = get_single_value("forums", "casinoclass", "WHERE id=" . sqlesc($id));
$title = $lang_forums['text_new_topic_in'] . " <a href=\"" . htmlspecialchars("?action=viewforum&forumid=" . $id) . "\">" . htmlspecialchars($forumname) . "</a> " . $lang_forums['text_forum'];
$hassubject = true;
if ($forummode && (get_user_class() >= $forummodeclass || is_forum_moderator($id, 'forum'))) {
$hasmodechoose = true;
}
break;
case 'reply':
$topicname = get_single_value("topics", "subject", "WHERE id=" . sqlesc($id));
$title = $lang_forums['text_reply_to_topic'] . " <a href=\"" . htmlspecialchars("?action=viewtopic&topicid=" . $id) . "\">" . htmlspecialchars($topicname) . "</a> ";
break;
case 'quote':
$topicid = get_single_value("posts", "topicid", "WHERE id=" . sqlesc($id));
$topicmode = get_single_value("topics", "casinomode", "WHERE id=" . sqlesc($topicid)) == "yes";
$topicname = get_single_value("topics", "subject", "WHERE id=" . sqlesc($topicid));
$title = $lang_forums['text_reply_to_topic'] . " <a href=\"" . htmlspecialchars("?action=viewtopic&topicid=" . $topicid) . "\">" . htmlspecialchars($topicname) . "</a> ";
$res = sql_query("SELECT posts.body, users.username FROM posts LEFT JOIN users ON posts.userid = users.id WHERE posts.id={$id}") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) != 1) {
stderr($lang_forums['std_error'], $lang_forums['std_no_post_id']);
}
$arr = mysql_fetch_assoc($res);
if (!$topicmode) {
$body = "[quote=" . htmlspecialchars($arr["username"]) . "]" . htmlspecialchars(unesc($arr["body"])) . "[/quote]";
} else {
$body = "[quote=" . htmlspecialchars($arr["username"]) . "]" . "[/quote]";
}
$id = $topicid;
$type = 'reply';
break;
case 'edit':
$res = sql_query("SELECT topicid, body FROM posts WHERE id=" . sqlesc($id) . " LIMIT 1") or sqlerr(__FILE__, __LINE__);
$row = mysql_fetch_array($res);
$topicid = $row['topicid'];
$firstpost = get_single_value("posts", "MIN(id)", "WHERE topicid=" . sqlesc($topicid));
if ($firstpost == $id) {
$subject = get_single_value("topics", "subject", "WHERE id=" . sqlesc($topicid));
$hassubject = true;
$forumid = get_single_value("topics", "forumid", "WHERE id=" . sqlesc($topicid));
$forummode = get_single_value("forums", "casinomode", "WHERE id=" . sqlesc($forumid));
$forummodeclass = get_single_value("forums", "casinoclass", "WHERE id=" . sqlesc($forumid));
if ($forummode && (get_user_class() >= $forummodeclass || is_forum_moderator($forumid, 'forum'))) {
$hasmodechoose = true;
}
}
$body = htmlspecialchars(unesc($row["body"]));
$title = $lang_forums['text_edit_post'];
break;
default:
die;
}
print "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\" />";
print "<input type=\"hidden\" name=\"type\" value=\"" . $type . "\" />";
begin_compose($title, $type, $body, $hassubject, $subject, 100, $hasmodechoose);
end_compose();
print "</form>";
}
$body .= $msga[msg] . "\n\n-------- [url=userdetails.php?id=" . $CURUSER["id"] . "]" . $CURUSER["username"] . "[/url][i] Wrote at " . date("Y-m-d H:i:s") . ":[/i] --------\n";
$subject = $msga['subject'];
if (preg_match('/^Re:\\s/', $subject)) {
$subject = preg_replace('/^Re:\\s(.*)$/', 'Re(2): \\1', $subject);
} elseif (preg_match('/^Re\\([0-9]*\\):\\s/', $msga['subject'])) {
$replycount = (int) preg_replace('/^Re\\(([0-9]*)\\):\\s/', '\\1', $subject);
$replycount++;
$subject = preg_replace('/^Re\\(([0-9]*)\\):\\s(.*)$/', 'Re(' . $replycount . '): \\2', $subject);
} else {
$subject = "Re: " . $msga['subject'];
}
$subject = htmlspecialchars($subject);
}
stdhead($lang_sendmessage['head_send_message'], false);
begin_main_frame();
print "<form id=compose name=\"compose\" method=post action=takemessage.php>";
print "<input type=hidden name=receiver value=" . $receiver . ">";
if ($_GET["returnto"] || $_SERVER["HTTP_REFERER"]) {
print "<input type=hidden name=returnto value=\"" . (htmlspecialchars($_GET["returnto"]) ? htmlspecialchars($_GET["returnto"]) : htmlspecialchars($_SERVER["HTTP_REFERER"])) . "\">";
}
$title = $lang_sendmessage['text_message_to'] . get_username($receiver);
begin_compose($title, $replyto ? "reply" : "new", $body, true, $subject);
print "<tr><td class=toolbox colspan=2 align=center>";
if ($replyto) {
print "<input type=checkbox name='delete' value='yes' " . ($CURUSER['deletepms'] == 'yes' ? " checked" : "") . ">" . $lang_sendmessage['checkbox_delete_message_replying_to'] . "<input type=hidden name=origmsg value=" . $replyto . ">";
}
print "<input type=checkbox name='save' value='yes' " . ($CURUSER['savepms'] == 'yes' ? " checked" : "") . ">" . $lang_sendmessage['checkbox_save_message_to_sendbox'];
print "</td></tr>";
end_compose();
end_main_frame();
stdfoot();
$title = htmlspecialchars($_POST['subject']);
if ($title == "") {
stderr($lang_fun['std_error'], $lang_fun['std_title_is_empty']);
}
$body = sqlesc($body);
$title = sqlesc($title);
sql_query("UPDATE fun SET body={$body}, title={$title} WHERE id=" . sqlesc($id)) or sqlerr(__FILE__, __LINE__);
$Cache->delete_value('current_fun_content');
$Cache->delete_value('current_fun', true);
header("Location: " . get_protocol_prefix() . "{$BASEURL}/index.php");
} else {
stdhead($lang_fun['head_edit_fun']);
begin_main_frame();
$title = $lang_fun['text_edit_fun'];
print "<form id=compose method=post name=\"compose\" action=?action=edit&id=" . $id . ">\n";
begin_compose($title, 'edit', $arr['body'], true, $arr['title']);
end_compose();
end_main_frame();
}
stdfoot();
}
if ($action == 'ban') {
if (get_user_class() < $funmanage_class) {
permissiondenied();
}
$id = 0 + $_GET["id"];
int_check($id, true);
$res = sql_query("SELECT * FROM fun WHERE id={$id}") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_array($res);
if (!$arr) {
stderr($lang_fun['std_error'], $lang_fun['std_invalid_id']);
$url = "details.php?id={$parent_id}";
} else {
if ($type == "offer") {
$url = "offers.php?id={$parent_id}&off_details=1";
} else {
if ($type == "request") {
$url = "viewrequest.php?id={$parent_id}&req_details=1";
}
}
}
stdhead($lang_comment['head_edit_comment_to'] . "\"" . $arr["name"] . "\"");
begin_main_frame();
$title = $lang_comment['head_edit_comment_to'] . "<a href={$url}>" . htmlspecialchars($arr["name"]) . "</a>";
print "<form id=compose method=post name=\"compose\" action=\"comment.php?action=edit&cid={$commentid}&type={$type}\">\n";
print "<input type=\"hidden\" name=\"returnto\" value=\"" . htmlspecialchars($_SERVER["HTTP_REFERER"]) . "\" />\n";
begin_compose($title, "edit", htmlspecialchars(unesc($arr["text"])), false);
end_compose();
print "</form>";
end_main_frame();
stdfoot();
die;
} elseif ($action == "delete") {
if (get_user_class() < $commanage_class) {
stderr($lang_comment['std_error'], $lang_comment['std_permission_denied']);
}
$commentid = 0 + $_GET["cid"];
$sure = $_GET["sure"];
int_check($commentid, true);
if (!$sure) {
$referer = $_SERVER["HTTP_REFERER"];
stderr($lang_comment['std_delete_comment'], $lang_comment['std_delete_comment_note'] . "<a href=comment.php?action=delete&cid={$commentid}&sure=1&type={$type}" . ($referer ? "&returnto=" . rawurlencode($referer) : "") . $lang_comment['std_here_if_sure'], false);
sql_query("UPDATE news SET body={$body}, title={$title}, notify={$notify} WHERE id=" . sqlesc($newsid)) or sqlerr(__FILE__, __LINE__);
$Cache->delete_value('recent_news', true);
header("Location: " . get_protocol_prefix() . "{$BASEURL}/index.php");
} else {
stdhead($lang_news['head_edit_site_news']);
begin_main_frame();
$body = $arr["body"];
$subject = htmlspecialchars($arr['title']);
$title = $lang_news['text_edit_site_news'];
print "<form id=\"compose\" name=\"compose\" method=\"post\" action=\"" . htmlspecialchars("?action=edit&newsid=" . $newsid) . "\">";
print "<input type=\"hidden\" name=\"returnto\" value=\"" . $returnto . "\" />";
begin_compose($title, "edit", $body, true, $subject);
print "<tr><td class=\"toolbox\" align=\"center\" colspan=\"2\"><input type=\"checkbox\" name=\"notify\" value=\"yes\" " . ($arr['notify'] == 'yes' ? " checked=\"checked\"" : "") . " />" . $lang_news['text_notify_users_of_this'] . "</td></tr>\n";
end_compose();
end_main_frame();
stdfoot();
die;
}
}
// Other Actions and followup ////////////////////////////////////////////
stdhead($lang_news['head_site_news']);
begin_main_frame();
$title = $lang_news['text_submit_news_item'];
print "<form id=\"compose\" method=\"post\" name=\"compose\" action=\"?action=add\">\n";
begin_compose($title, 'new');
print "<tr><td class=\"toolbox\" align=\"center\" colspan=\"2\"><input type=\"checkbox\" name=\"notify\" value=\"yes\" />" . $lang_news['text_notify_users_of_this'] . "</td></tr>\n";
end_compose();
print "</form>";
end_main_frame();
stdfoot();
die;
?>
">
<?php
}
?>
<input type=hidden name=receiver value=<?php
echo $receiver;
?>
>
<input type=hidden name=answeringto value=<?php
echo $answeringto;
?>
>
<?php
$title = $lang_staffbox['text_answering_to'] . "<a href=\"staffbox.php?action=viewpm&pmid=" . $staffmsg['id'] . "\">" . htmlspecialchars($staffmsg['subject']) . "</a>" . $lang_staffbox['text_sent_by'] . get_username($staffmsg['sender']);
begin_compose($title, "reply", "", false);
end_compose();
print "</form>";
end_main_frame();
stdfoot();
}
//////////////////////////
// TAKE ANSWER //
//////////////////////////
if ($action == "takeanswer") {
if ($_SERVER["REQUEST_METHOD"] != "POST") {
die;
}
if (get_user_class() < $staffmem_class) {
permissiondenied();
}
function insert_compose_frame($id, $type = 'new')
{
global $maxsubjectlength, $CURUSER;
global $lang_forums;
$hassubject = false;
$subject = "";
$body = "";
print("<form id=\"compose\" method=\"post\" name=\"compose\" action=\"?action=post\">\n");
switch ($type){
case 'new':
{
$forumname = get_single_value("forums","name","WHERE id=".sqlesc($id));
$title = $lang_forums['text_new_topic_in']." <a href=\"".htmlspecialchars("?action=viewforum&forumid=".$id)."\">".htmlspecialchars($forumname)."</a> ".$lang_forums['text_forum'];
$hassubject = true;
if($id == 5)$subject = "【悬赏***麦粒】【求*****】";
break;
}
case 'reply':
{
$topicname = get_single_value("topics","subject","WHERE id=".sqlesc($id));
$title = $lang_forums['text_reply_to_topic']." <a href=\"".htmlspecialchars("?action=viewtopic&topicid=".$id)."\">".htmlspecialchars($topicname)."</a> ";
break;
}
case 'quote':
{
$topicid=get_single_value("posts","topicid","WHERE id=".sqlesc($id));
$topicname = get_single_value("topics","subject","WHERE id=".sqlesc($topicid));
$title = $lang_forums['text_reply_to_topic']." <a href=\"".htmlspecialchars("?action=viewtopic&topicid=".$topicid)."\">".htmlspecialchars($topicname)."</a> ";
$res = sql_query("SELECT posts.body, users.username FROM posts LEFT JOIN users ON posts.userid = users.id WHERE posts.id=$id") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) != 1)
stderr($lang_forums['std_error'], $lang_forums['std_no_post_id']);
$arr = mysql_fetch_assoc($res);
$arr["body"] = preg_replace('/\[(@)([^\]]*?)\]/','[b]@$2[/b]',$arr["body"]);
$body = "[quote=".htmlspecialchars($arr["username"])."]".htmlspecialchars(unesc($arr["body"]))."[/quote]";
$id = $topicid;
$type = 'quote';
break;
}
case 'edit':
{
$res = sql_query("SELECT topicid, body FROM posts WHERE id=".sqlesc($id)." LIMIT 1") or sqlerr(__FILE__, __LINE__);
$row = mysql_fetch_array($res);
$topicid=$row['topicid'];
$firstpost = get_single_value("posts","MIN(id)", "WHERE topicid=".sqlesc($topicid));
if ($firstpost == $id){
$subject = get_single_value("topics","subject","WHERE id=".sqlesc($topicid));
$onlyauthor = get_single_value("topics","onlyauthor","WHERE id=".sqlesc($topicid));
$hassubject = true;
}
$body = htmlspecialchars(unesc($row["body"]));
$title = $lang_forums['text_edit_post'];
break;
}
default:
{
die;
}
}
print("<input type=\"hidden\" name=\"id\" value=\"".$id."\" />");
print("<input type=\"hidden\" name=\"type\" value=\"".$type."\" />");
begin_compose($title, $type, $body, $hassubject, $subject,$maxsubjectlength, $onlyauthor);
end_compose();
print("</form>");
}
<?php
require "include/bittorrent.php";
dbconn();
require_once get_langfile_path();
loggedinorreturn();
stdhead($lang_contactstaff['head_contact_staff'], false);
begin_main_frame();
print "<form id=compose method=post name=\"compose\" action=takecontact.php>";
if ($_GET["returnto"] || $_SERVER["HTTP_REFERER"]) {
print "<input type=hidden name=returnto value=\"" . (htmlspecialchars($_GET["returnto"]) ? htmlspecialchars($_GET["returnto"]) : htmlspecialchars($_SERVER["HTTP_REFERER"])) . "\">";
}
begin_compose($lang_contactstaff['text_message_to_staff'], "new");
end_compose();
print "</form>";
end_main_frame();
stdfoot();
