<?php require_once "configuration/main.php"; if (!$permissions['viewforum']) { redirect("errors/permissions.html"); } $mQuery = $mysql->query("SELECT `title`, `section` FROM `threads` WHERE `id` = '" . escape($_GET['thread']) . "'"); if ($mQuery->num_rows) { $mData = $mQuery->fetch_assoc(); setPageInfo("Rate Thread", $mData['title']); } else { die("You have followed an invalid link."); } if (!$permissions['ratethreads']) { redirect("errors/permissions.html"); } $rateQuery = $mysql->query("SELECT `id` FROM `rating` WHERE `thread` = '" . escape($_GET['thread']) . "' AND `user` = '" . $_SESSION['accountid'] . "'"); if ($rateQuery->num_rows) { die("You have already rated this thread."); } if ($_GET['rating'] != 1 && $_GET['rating'] != 2 && $_GET['rating'] != 3 && $_GET['rating'] != 4 && $_GET['rating'] != 5) { die("You have followed an invalid link."); } $mysql->query("INSERT INTO `rating` (`thread`, `rating`, `user`) VALUES ('" . escape($_GET['thread']) . "', '" . escape($_GET['rating']) . "', '" . $_SESSION['accountid'] . "')"); redirect("section?id=" . $mData['section'] . ""); ?> <?php require_once "includes/footer.php";
<?php require_once "configuration/main.php"; if (!$permissions['viewforum']) { redirect("errors/permissions.html"); } $mQuery = $mysql->query("SELECT * FROM `comments` WHERE `id` = '" . escape($_GET['id']) . "'"); $mData = $mQuery->fetch_assoc(); if (!$permissions['viewotherthreads'] && $mData['poster'] != $_SESSION['accountid']) { redirect("errors/permissions.html"); } if ($mData['hidden'] && !$permissions['viewhiddencomments'] && (!$permissions['viewownhiddencomments'] || $mData['poster'] != $_SESSION['accountid'])) { redirect("errors/permissions.html"); } setPageInfo("View Comment", ""); $accountQuery = $mysql->query("SELECT `displayname`, `country`, `usertitle`, `avatar`, `ip`, `signature` FROM `accounts` WHERE `id` = '" . $mData['poster'] . "'"); if ($accountQuery->num_rows) { $accountData = $accountQuery->fetch_assoc(); $commentPoster = $accountData['displayname']; } else { $commentPoster = "Guest"; } if (!$accountData['usertitle']) { $userTitleQuery = $mysql->query("SELECT `usergroup` FROM `usergroup_tracker` WHERE `user` = '" . $mData['poster'] . "' ORDER BY `primary` DESC"); if ($userTitleQuery->num_rows) { while ($userTitleData = $userTitleQuery->fetch_assoc()) { $userGroupQuery = $mysql->query("SELECT `title` FROM `usergroups` WHERE `id` = '" . $userTitleData['usergroup'] . "'"); $userGroupData = $userGroupQuery->fetch_assoc(); if ($accountData['usertitle'] && $userGropuData['title']) { $accountData['usertitle'] .= "<br>"; }
<?php require_once "configuration/main.php"; if (!$permissions['viewforum']) { redirect("errors/permissions.html"); } $mQuery = $mysql->query("SELECT * FROM `categories` WHERE `id` = '" . escape($_GET['id']) . "'"); if ($mQuery->num_rows) { $mData = $mQuery->fetch_assoc(); setPageNavigation("category", $_GET['id']); setPageInfo($mData['name'], $mData['description']); } else { die("You have followed an invalid link."); } echo "<div class='categoryTitle'>\n\t\t<table>\n\t\t\t<tr>\n\t\t\t\t<td width='540'>\n\t\t\t\t\t" . $mData['name'] . "\n\t\t\t\t</td>\n\n\t\t\t\t<td width='100'>\n\t\t\t\t\tStatistics\n\t\t\t\t</td>\n\n\t\t\t\t<td>\n\t\t\t\t\tLast Post\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t</div>"; if ($mData['description']) { echo "<div class='categoryDescription'>\n\t\t\t" . $mData['description'] . "\n\t\t</div>"; } $sectionQuery = $mysql->query("SELECT * FROM `sections` WHERE `category` = '" . escape($_GET['id']) . "' AND `parent` IS NULL ORDER BY `order` ASC"); while ($sectionData = $sectionQuery->fetch_assoc()) { $threadAmount = 0; $commentAmount = 0; if ($permissions['viewotherthreads']) { if ($permissions['viewhiddenthreads']) { $threadQuery = $mysql->query("SELECT `id` FROM `threads` WHERE `section` = '" . $sectionData['id'] . "'"); } else { $threadQuery = $mysql->query("SELECT `id` FROM `threads` WHERE `section` = '" . $sectionData['id'] . "' AND `hidden` != '1'"); } } else { if ($permissions['viewhiddenthreads']) { $threadQuery = $mysql->query("SELECT `id` FROM `threads` WHERE `section` = '" . $sectionData['id'] . "' AND `poster` = '" . $_SESSION['accountid'] . "'");
<?php require_once "configuration/main.php"; if (!$permissions['viewforum'] || !$permissions['search']) { redirect("errors/permissions.html"); } setPageInfo("Search", ""); if ($_POST['search']) { echo "<div class='categoryTitle'>\n\t\t\t<table>\n\t\t\t\t<tr>\n\t\t\t\t\t<td width='540'>\n\t\t\t\t\t\tSearch Results\n\t\t\t\t\t</td>\n\n\t\t\t\t\t<td>\n\t\t\t\t\t\tType\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t</table>\n\t\t</div>"; if ($_POST['threadtitles'] == "on") { $mQuery = $mysql->query("SELECT `id`, `poster`, `title`, `date`, `locked`, `hidden` FROM `threads` WHERE `title` LIKE '%" . escape($_POST['search']) . "%'"); while ($mData = $mQuery->fetch_assoc()) { if (!$mData['hidden'] || $permissions['viewhiddenthreads']) { $accountQuery = $mysql->query("SELECT `displayname` FROM `accounts` WHERE `id` = '" . $mData['poster'] . "'"); $accountData = $accountQuery->fetch_assoc(); $sectionIcon = $mData['locked'] ? "" : ""; if ($mData['hidden']) { $sectionIcon = ""; } echo "<a href='thread?id=" . $mData['id'] . "'>\n\t\t\t\t\t\t<div class='sectionContainer'>\n\t\t\t\t\t\t\t<table>\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t\t\t<div class='sectionIcon'>\n\t\t\t\t\t\t\t\t\t\t\t{$sectionIcon}\n\t\t\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t\t\t\t<td width='500'>\n\t\t\t\t\t\t\t\t\t\t<div class='sectionName'>\n\t\t\t\t\t\t\t\t\t\t\t" . $mData['title'] . "\n\t\t\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t\t\t<div class='sectionDescription'>\n\t\t\t\t\t\t\t\t\t\t\tStarted by " . $accountData['displayname'] . " - " . customDate($mData['date']) . "\n\t\t\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t\t\tThread Title\n\t\t\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t</div>\n\t\t\t\t\t</a>"; } } } if ($_POST['threadcomments'] == "on") { $mQuery = $mysql->query("SELECT `id`, `poster`, `thread`, `date`, `hidden` FROM `comments` WHERE `comment` LIKE '%" . escape($_POST['search']) . "%'"); while ($mData = $mQuery->fetch_assoc()) { if (!$mData['hidden'] || $permissions['viewhiddencomments'] || $permissions['viewownhiddencomments'] && $mData['poster'] == $_SESSION['accountid']) { $threadQuery = $mysql->query("SELECT `title` FROM `threads` WHERE `id` = '" . $mData['thread'] . "'"); $threadData = $threadQuery->fetch_assoc(); $accountQuery = $mysql->query("SELECT `displayname` FROM `accounts` WHERE `id` = '" . $mData['poster'] . "'"); $accountData = $accountQuery->fetch_assoc();
} else { die("You have followed an invalid link."); } if (!$permissions['editpost'] && (!$permissions['editownprofilemessage'] || $mData['poster'] != $_SESSION['accountid'])) { redirect("errors/permissions.html"); } if ($_POST['editprofilemessage']) { if (strlen($_POST['body']) >= 3) { $mysql->query("UPDATE `profilemessages` SET `message` = '" . escape($_POST['body']) . "' WHERE `id` = '" . escape($_GET['profilemessage']) . "'"); echo "You have edited the profile message."; redirect("user?id=" . $mData['user'] . "", 2); } else { echo "<div class='box'>\n\t\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\t\tThe profile message must be at least 3 characters long.\n\t\t\t\t\t</div>\n\t\t\t\t</div>\n\n\t\t\t\t<br>"; } } setPageInfo("Edit Profile Message", ""); echo "<form action='editpost?profilemessage=" . $_GET['profilemessage'] . "' method='POST'>\n\t\t\t<div id='commentBox' class='box'>\n\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\tEdit Profile Message\n\t\t\t\t</div>\n\n\t\t\t\t<div class='boxMain'>\n\t\t\t\t\t<button type='button' data-tag='B' class='bbcode boxButton'>bold</button>\n\t\t\t\t\t<button type='button' data-tag='I' class='bbcode boxButton'>italic</button>\n\t\t\t\t\t<button type='button' data-tag='U' class='bbcode boxButton'>underline</button>\n\t\t\t\t\t<button type='button' data-tag='LEFT' class='bbcode boxButton'>left</button>\n\t\t\t\t\t<button type='button' data-tag='CENTER' class='bbcode boxButton'>center</button>\n\t\t\t\t\t<button type='button' data-tag='RIGHT' class='bbcode boxButton'>right</button>\n\t\t\t\t\t<button type='button' data-tag='LIST' class='bbcode boxButton'>bullet list</button>\n\t\t\t\t\t<button type='button' data-tag='NLIST' class='bbcode boxButton'>number list</button>\n\t\t\t\t\t<button type='button' data-tag='LI' class='bbcode boxButton'>list item</button>\n\t\t\t\t\t<button type='button' data-tag='EMAIL' class='bbcode boxButton'>email</button>\n\t\t\t\t\t<button type='button' data-tag='IMG' class='bbcode boxButton'>image</button>\n\t\t\t\t\t<button type='button' data-tag='QUOTE' class='bbcode boxButton'>quote</button>\n\t\t\t\t\t<button id='bbcode-link' type='button' data-tooltip='Example: [URL=http://example.com]Click here[/URL]' class='boxButton'>link</button>\n\t\t\t\t\t<button id='bbcode-font' type='button' data-tooltip='Example: [FONT=Arial]Hello world![/FONT]' class='boxButton'>font</button>\n\t\t\t\t\t<button id='bbcode-size' type='button' data-tooltip='Example: [SIZE=5]Hello world![/SIZE]' class='boxButton'>size</button>\n\t\t\t\t\t<button id='bbcode-color' type='button' data-tooltip='Example: [COLOR=RED]Hello[/COLOR] [COLOR=#00FF00]world![/COLOR]' class='boxButton'>color</button> "; if ($permissions['mentionusers']) { echo "<button type='button' data-tag='MENTION' data-tooltip='Example: [MENTION]Jimmy[/MENTION]' class='bbcode boxButton'>mention</button>"; } echo "<br><br>\n\n\t\t\t\t\t<textarea id='body' name='body' placeholder=' Profile Message' maxlength='5000' class='boxTextArea' required>" . $mData['message'] . "</textarea>\n\t\t\t\t</div>\n\t\t\t</div>\n\n\t\t\t<div align='right'>\n\t\t\t\t<input type='submit' name='editprofilemessage' value='Edit Profile Message' class='boxButton'>\n\t\t\t</div>\n\t\t</form>"; } else { die("You have followed an invalid link."); } } } ?> <script> $(document).ready(function() {
<?php require_once "configuration/main.php"; if (!$permissions['viewprofile']) { redirect("errors/permissions.html"); } if ($_GET['id'] == "me") { redirect("user?id=" . $_SESSION['accountid'] . ""); } $mQuery = $mysql->query("SELECT * FROM `accounts` WHERE `id` = '" . escape($_GET['id']) . "'"); if ($mQuery->num_rows) { $mData = $mQuery->fetch_assoc(); setPageInfo("User Profile", $mData['displayname']); if (!$mData['usertitle']) { $userTitleQuery = $mysql->query("SELECT `usergroup` FROM `usergroup_tracker` WHERE `user` = '" . $mData['id'] . "' ORDER BY `primary` DESC"); if ($userTitleQuery->num_rows) { while ($userTitleData = $userTitleQuery->fetch_assoc()) { $userGroupQuery = $mysql->query("SELECT `title` FROM `usergroups` WHERE `id` = '" . $userTitleData['usergroup'] . "'"); $userGroupData = $userGroupQuery->fetch_assoc(); if ($mData['usertitle'] && $userGroupData['title']) { $mData['usertitle'] .= "<br>"; } $mData['usertitle'] .= $userGroupData['title']; } } } } else { die("You have followed an invalid link."); } if ($_POST['postprofilemessage']) { if (strlen($_POST['profilemessage']) >= 3) {
<p class="p3"> <span class="sp_1"><b>' . $award3 . '</b><s></s></span> <span class="sp_2"><b>' . $award2 . '</b><s></s></span> </p> </div> </div>'; $i++; } $totalnum = getTotalNumber($sql); $totalpage = ceil($totalnum / $pagesize); //$out= preg_replace("/".$searchkey."/", "<font style='color:#f60'>".$searchkey."</font>", $out); if (empty($out)) { $out = '<div class="nht_box" style="height:200px;width:960px; text-align:center"><img style="margin-top:40px" src="' . $cfg_templets_skin . '/images/nodata.jpg"/></div>'; } $data['list'] = $out; $data['pageinfo'] = setPageInfo($curpage, $totalpage); $data['total'] = $totalnum; $data['totalpage'] = $totalpage; //$data['rechotel']=$recHotel; //array_push($data,$out,$pageinfo,$totalnum); echo json_encode($data); } //获取线路价格范围 function getMinMax($priceid) { global $dsql; $arr = array(); $tablename = '#@__line_pricelist'; $arr['min'] = ''; $arr['max'] = ''; $sql = "select lowerprice,highprice from {$tablename} where id={$priceid}";
if ($mQuery->num_rows) { $mData = $mQuery->fetch_assoc(); if (!$permissions['viewotherthreads'] && $mData['poster'] != $_SESSION['accountid']) { redirect("errors/permissions.html"); } if (!$permissions['postcomments'] && (!$permissions['postowncomments'] || $mData['poster'] != $_SESSION['accountid'])) { redirect("errors/permissions.html"); } if ($mData['locked']) { echo "This thread is locked."; redirect("thread?id=" . $_GET['thread'] . "", 2); } } else { die("You have followed an invalid link."); } setPageInfo("Post Comment", $mData['title']); if ($_GET['reply'] && !$_POST['comment']) { if ($_GET['reply'] == "thread") { $accountQuery = $mysql->query("SELECT `displayname` FROM `accounts` WHERE `id` = '" . escape($mData['poster']) . "'"); $accountData = $accountQuery->fetch_assoc(); $_POST['comment'] = "[SIZE=11]Quote by " . $accountData['displayname'] . "[/SIZE]\r\n[QUOTE]" . $mData['body'] . "[/QUOTE]\r\n\r\n"; } else { $commentQuery = $mysql->query("SELECT `poster`, `comment` FROM `comments` WHERE `id` = '" . escape($_GET['reply']) . "'"); if ($commentQuery->num_rows) { $commentData = $commentQuery->fetch_assoc(); $accountQuery = $mysql->query("SELECT `displayname` FROM `accounts` WHERE `id` = '" . escape($commentData['poster']) . "'"); $accountData = $accountQuery->fetch_assoc(); $_POST['comment'] = "[SIZE=11]Quote by " . $accountData['displayname'] . "[/SIZE]\r\n[QUOTE]" . $commentData['comment'] . "[/QUOTE]\r\n\r\n"; } } }
<?php require_once "configuration/main.php"; setPageNavigation("index"); setPageInfo("Lawless Boards", "The new and revolutionary way of creating your forums."); if ($permissions['viewforum']) { $mQuery = $mysql->query("SELECT * FROM `categories` ORDER BY `order` ASC"); while ($mData = $mQuery->fetch_assoc()) { echo "<div class='categoryTitle'>\n\t\t\t\t<table>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td width='540'>\n\t\t\t\t\t\t\t<a href='category?id=" . $mData['id'] . "'>\n\t\t\t\t\t\t\t\t" . $mData['name'] . "\n\t\t\t\t\t\t\t</a>\n\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t<td width='130'>\n\t\t\t\t\t\t\tStatistics\n\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t<td width='256'>\n\t\t\t\t\t\t\tLast Post\n\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t<td data-category='" . $mData['id'] . "' class='hidden categoryCollapse noselect'>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</td>\n\t\t\t\t</table>\n\t\t\t</div>"; if ($mData['description']) { echo "<div class='categoryDescription'>\n\t\t\t\t\t" . $mData['description'] . "\n\t\t\t\t</div>"; } echo "<div id='CATEGORY-" . $mData['id'] . "'>"; $sectionQuery = $mysql->query("SELECT * FROM `sections` WHERE `category` = '" . $mData['id'] . "' AND `parent` IS NULL ORDER BY `order` ASC"); while ($sectionData = $sectionQuery->fetch_assoc()) { $threadAmount = 0; $commentAmount = 0; if ($permissions['viewotherthreads']) { if ($permissions['viewhiddenthreads']) { $threadQuery = $mysql->query("SELECT `id` FROM `threads` WHERE `section` = '" . $sectionData['id'] . "'"); } else { $threadQuery = $mysql->query("SELECT `id` FROM `threads` WHERE `section` = '" . $sectionData['id'] . "' AND `hidden` != '1'"); } } else { if ($permissions['viewhiddenthreads']) { $threadQuery = $mysql->query("SELECT `id` FROM `threads` WHERE `section` = '" . $sectionData['id'] . "' AND `poster` = '" . $_SESSION['accountid'] . "'"); } else { $threadQuery = $mysql->query("SELECT `id` FROM `threads` WHERE `section` = '" . $sectionData['id'] . "' AND `poster` = '" . $_SESSION['accountid'] . "' AND `hidden` != '1'"); } } while ($threadData = $threadQuery->fetch_assoc()) {
<?php require_once "configuration/main.php"; if (!$permissions['viewforum'] || !$permissions['postthreads']) { redirect("errors/permissions.html"); } $mQuery = $mysql->query("SELECT `name` FROM `sections` WHERE `id` = '" . escape($_GET['section']) . "'"); if ($mQuery->num_rows) { $mData = $mQuery->fetch_assoc(); setPageInfo("Create New Thread", $mData['name']); } else { die("You have followed an invalid link."); } if ($_POST['newthread']) { if (strlen($_POST['title']) >= 3) { if (strlen($_POST['body']) >= 3) { if (time() - $_SESSION['lastcomment'] >= 60) { $mysql->query("INSERT INTO `threads` (`section`, `poster`, `date`, `lastpost`, `title`, `body`) VALUES ('" . escape($_GET['section']) . "', '" . $_SESSION['accountid'] . "', '" . time() . "', '" . time() . "', '" . escape($_POST['title']) . "', '" . escape($_POST['body']) . "')"); $threadID = $mysql->insert_id; if ($permissions['postpolls'] && $_POST['polltext'] && $_POST['polloptions']) { $mysql->query("INSERT INTO `polls` (`thread`, `text`) VALUES ('{$threadID}', '" . escape($_POST['polltext']) . "')"); $pollID = $mysql->insert_id; foreach (explode("\n", $_POST['polloptions']) as $pollOption) { $mysql->query("INSERT INTO `polloptions` (`poll`, `text`, `votes`) VALUES ('{$pollID}', '" . escape($pollOption) . "', '0')"); } } if ($permissions['uploadattachments']) { $nextUploadIndex = file_get_contents(ATTACHMENTS_PATH . "/next") + 1; mkdir(ATTACHMENTS_PATH . "/{$nextUploadIndex}"); file_put_contents(ATTACHMENTS_PATH . "/next", $nextUploadIndex); foreach ($_FILES['attachments']['name'] as $fileIndex => $fileName) {
<?php require_once "configuration/main.php"; $mQuery = $mysql->query("SELECT * FROM `privatemessages` WHERE `id` = '" . escape($_GET['id']) . "' AND `to` = '" . $_SESSION['accountid'] . "'"); if ($mQuery->num_rows) { setPageInfo("Private Message", ""); $mData = $mQuery->fetch_assoc(); $accountQuery = $mysql->query("SELECT `displayname`, `country`, `usertitle`, `avatar`, `ip`, `signature` FROM `accounts` WHERE `id` = '" . $mData['from'] . "'"); $accountData = $accountQuery->fetch_assoc(); if (!$accountData['usertitle']) { $userTitleQuery = $mysql->query("SELECT `usergroup` FROM `usergroup_tracker` WHERE `user` = '" . $mData['from'] . "' ORDER BY `primary` DESC"); if ($userTitleQuery->num_rows) { while ($userTitleData = $userTitleQuery->fetch_assoc()) { $userGroupQuery = $mysql->query("SELECT `title` FROM `usergroups` WHERE `id` = '" . $userTitleData['usergroup'] . "'"); $userGroupData = $userGroupQuery->fetch_assoc(); if ($accountData['usertitle'] && $userGropuData['title']) { $accountData['usertitle'] .= "<br>"; } $accountData['usertitle'] .= $userGroupData['title']; } } } if (!$mData['read']) { $mysql->query("UPDATE `privatemessages` SET `read` = '1' WHERE `id` = '" . escape($_GET['id']) . "'"); } } else { die("You have followed an invalid link."); } $bbParser->parse($mData['message']); echo "<div class='box'>\n\t\t<div class='boxHeading'>\n\t\t\t" . $mData['title'] . "\n\t\t</div>\n\n\t\t<div class='boxSubHeading'>\n\t\t\tSent by " . $accountData['displayname'] . " - " . customDate($mData['date']) . "\n\t\t</div>\n\n\t\t<div class='boxMain'>\n\t\t\t<table class='tdAlignTop'>\n\t\t\t\t<tr>\n\t\t\t\t\t<td width='200'>\n\t\t\t\t\t\t<a href='user?id=" . $mData['from'] . "' data-tooltip='View Profile: " . $accountData['displayname'] . "'>\n\t\t\t\t\t\t\t<div class='commentUser'>\n\t\t\t\t\t\t\t\t<div class='bold'>\n\t\t\t\t\t\t\t\t\t" . userNameTags($mData['from'], $accountData['displayname']) . "\n\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t<br>\n\n\t\t\t\t\t\t\t\t" . $accountData['usertitle'] . "\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t</a>\n\n\t\t\t\t\t\t<br> <br>\n\n\t\t\t\t\t\t<img src='" . $accountData['avatar'] . "' data-noenlarge='true' " . getAvatarStyle($mData['from']) . ">\n\n\t\t\t\t\t\t<br> <br> <br>\n\n\t\t\t\t\t\t<span class='bold'>Posts:</span> " . getPostCount($mData['from']) . " <br>\n\t\t\t\t\t\t<span class='bold'>Country:</span> " . $accountData['country'] . "\n\t\t\t\t\t</td>\n\n\t\t\t\t\t<td width='20'></td>\n\n\t\t\t\t\t<td width='900'>\n\t\t\t\t\t\t<div class='commentText'>\n\t\t\t\t\t\t\t" . nl2br(unescape($bbParser->getAsHtml())) . ""; storePermissions($mData['from']);
<?php require_once "configuration/main.php"; if ($_SESSION['accountid']) { redirect("index"); } setPageInfo("Registration", ""); if ($_GET['key']) { $mQuery = $mysql->query("SELECT `id`, `username`, `password` FROM `accounts` WHERE `key` = '" . escape($_GET['key']) . "' AND `verified` IS NULL"); if ($mQuery->num_rows) { $mData = $mQuery->fetch_assoc(); $_SESSION['accountid'] = $mData['id']; cookie("lb_accountid", $mData['id']); cookie("lb_username", $mData['username']); cookie("lb_password", $mData['password']); $mysql->query("UPDATE `accounts` SET `verified` = '1' WHERE `id` = '" . $mData['id'] . "'"); echo "Your account has been verified."; redirect("index", 2); } else { die("You have followed an invalid link."); } } else { if ($_POST['register']) { if (strlen($_POST['username']) >= 2) { if (strlen($_POST['password']) >= 4) { if ($_POST['confirmpassword']) { if ($_POST['password'] == $_POST['confirmpassword']) { if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) && strpos($_POST['email'], ".")) { if ($_POST['confirmemail']) { if ($_POST['email'] == $_POST['confirmemail']) { if (strtolower($_POST['captcha']) == $_SESSION['captcha']) {
<?php require_once "configuration/main.php"; if ($_SESSION['accountid']) { redirect("index"); } setPageInfo("Login", ""); if ($_POST['login']) { if ($_POST['username']) { if ($_POST['password']) { $mQuery = $mysql->query("SELECT `id` FROM `accounts` WHERE `username` = '" . escape($_POST['username']) . "' AND `password` = '" . password($_POST['password']) . "' AND `verified` = '1'"); if ($mQuery->num_rows) { $mData = $mQuery->fetch_assoc(); $_SESSION['accountid'] = $mData['id']; cookie("lb_accountid", $mData['id']); cookie("lb_username", $_POST['username']); cookie("lb_password", password($_POST['password'])); echo "<div class='box'>\n\t\t\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\t\t\tYou have successfully logged in.\n\t\t\t\t\t\t</div>\n\t\t\t\t\t</div>"; redirect("index", 2); } else { echo "<div class='box'>\n\t\t\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\t\t\tThe account information you have entered is invalid or the account is not verified.\n\t\t\t\t\t\t</div>\n\t\t\t\t\t</div>\n\n\t\t\t\t\t<br>"; } } else { echo "<div class='box'>\n\t\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\t\tYou have entered an invalid password.\n\t\t\t\t\t</div>\n\t\t\t\t</div>\n\n\t\t\t\t<br>"; } } else { echo "<div class='box'>\n\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\tYou have entered an invalid username.\n\t\t\t\t</div>\n\t\t\t</div>\n\n\t\t\t<br>"; } } ?>
} if (!$_GET['id']) { die("You have followed an invalid link."); } $mQuery = $mysql->query("SELECT * FROM `threads` WHERE `id` = '" . escape($_GET['id']) . "'"); $mData = $mQuery->fetch_assoc(); if (!$permissions['viewotherthreads'] && $mData['poster'] != $_SESSION['accountid']) { redirect("errors/permissions.html"); } if ($mData['hidden'] && !$permissions['viewhiddenthreads']) { redirect("errors/permissions.html"); } $threadLocked = $mData['locked']; $threadPoster = $mData['poster']; setPageNavigation("thread", $_GET['id']); setPageInfo($mData['title'], "" . $mData['views'] . " views"); $mysql->query("UPDATE `threads` SET `views` = `views` + '1' WHERE `id` = '" . escape($_GET['id']) . "'"); if ($_SESSION['accountid']) { $readQuery = $mysql->query("SELECT `id` FROM `read` WHERE `thread` = '" . escape($_GET['id']) . "' AND `user` = '" . $_SESSION['accountid'] . "'"); if (!$readQuery->num_rows) { $mysql->query("INSERT INTO `read` (`thread`, `user`) VALUES ('" . escape($_GET['id']) . "', '" . $_SESSION['accountid'] . "')"); } if (!$threadLocked) { echo "<button id='commentScrollPost' class='commentScrollPost boxButton'>Comment</button>"; } } echo "<br>"; if ($permissions['votepolls'] && $_POST['votepoll']) { $pollQuery = $mysql->query("SELECT `id`, `voters` FROM `polls` WHERE `thread` = '" . escape($_GET['id']) . "'"); $pollData = $pollQuery->fetch_assoc(); if (strpos($pollData['voters'], "[" . $_SESSION['accountid'] . "]") === false) {
<?php require_once "configuration/main.php"; if (!$permissions['viewforum']) { redirect("errors/permissions.html"); } $mQuery = $mysql->query("SELECT `poster`, `title`, `section` FROM `threads` WHERE `id` = '" . escape($_GET['thread']) . "'"); if ($mQuery->num_rows) { $mData = $mQuery->fetch_assoc(); setPageInfo("Move Thread", $mData['title']); } else { die("You have followed an invalid link."); } if (!$permissions['viewotherthreads'] && $mData['poster'] != $_SESSION['accountid']) { redirect("errors/permissions.html"); } if (!$permissions['movethreads'] && (!$permissions['moveownthreads'] || $mData['poster'] != $_SESSION['accountid'])) { redirect("errors/permissions.html"); } function listSubSections($sectionID, $parentIndex) { global $mysql; $sectionQuery = $mysql->query("SELECT `id`, `name` FROM `sections` WHERE `parent` = '{$sectionID}' ORDER BY `order` ASC"); while ($sectionData = $sectionQuery->fetch_assoc()) { echo "<option value='" . $sectionData['id'] . "'>" . getParentIndex($parentIndex) . " " . $sectionData['name'] . "</option>"; $parentQuery = $mysql->query("SELECT `id` FROM `sections` WHERE `parent` = '" . $sectionData['id'] . "' ORDER BY `order` ASC"); if ($parentQuery->num_rows) { listSubSections($sectionData['id'], $parentIndex + 1); } } }
</tr>'; $foot = '</table>'; $offset = ($curpage - 1) * $pagesize; $arr = $_model->getAll("memberid='{$uid}'", "addtime desc", "{$offset},{$pagesize}"); foreach ($arr as $row) { $addtime = Mydate('Y-m-d H:i:s', $row['addtime']); $out .= ' <tr> <td height="50">' . $addtime . '</td> <td>' . $row['content'] . '</td> </tr>'; } $out = !empty($out) ? $head . $out . $foot : $nocontent_msg; $totalnum = $_model->getCount("memberid='{$uid}'"); $totalpage = ceil($totalnum / $pagesize); $pageinfo = setPageInfo($curpage, $totalpage); $data = array('list' => $out, 'pageinfo' => $pageinfo); echo json_encode($data); exit; } /* * 返库存操作 * */ function refundStorage($orderid, $op) { global $dsql; Helper_Archive::loadModule('common'); $_model = new CommonModule('#@__member_order'); $row = $_model->getOne("id='{$orderid}'"); if (isset($row)) { $dingnum = intval($row['dingnum']) + intval($row['childnum']);
<?php require_once "configuration/main.php"; if (!$_SESSION['accountid']) { redirect("index"); } setPageInfo("Settings", ""); ?> <table class='tdAlignTop'> <tr> <td width='200'> <div class='settingsNavigationHeader'> Messages </div> <div class='settingsNavigationBox'> <a href='?view=inbox'> Inbox </a> <a href='?view=send'> Send Private Message </a> </div> <div class='settingsNavigationHeader'> General Settings </div> <div class='settingsNavigationBox'>
<?php if (isset($_GET['id'])) { setPageInfo($_GET['id']); $fileName = $markdown; if (file_exists($fileName)) { $globalPostId = $_GET['id']; $text = file_get_contents($fileName); $body = $globalMd->defaultTransform(remove_html_comments($text)); $head = '<h1 style="margin-bottom:10px;">■ ' . $title . '</h1>'; if ($description != '') { $head .= '<div class="description">' . $description . '</div>'; } $body = $head . $body; } else { $body = 'file not found'; } } else { $body = 'not found'; } $globalBody = $body;