<?php
if (!defined('SITE_ROOT')) {
define('SITE_ROOT', '../');
}
require_once SITE_ROOT . 'portal_config.php';
require_once SITE_ROOT . 'include/database.class.php';
require_once SITE_ROOT . 'include/functions.php';
if (isset($_GET['slid'])) {
$dbsls = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$sharerLinkID = $dbsls->prot(htmlspecialchars($_GET['slid']));
$dbsls->query("SELECT * FROM ip_sharerlinks WHERE id='{$sharerLinkID}'");
if ($sls = $dbsls->fetch_array()) {
$url = $sls['sharerurl'];
$removehttp = str_replace('http://', '', $url);
$removeslash = rtrim($removehttp, '/');
if (strpos($removeslash, ':') !== false) {
list($ip, $port) = explode(":", $removeslash);
} else {
$ip = $removeslash;
$port = 80;
}
}
if (fsockopen($ip, $port, $errno, $errstr, 5) !== false) {
echo '1';
$dbsls->query("UPDATE ip_sharerlinks SET status='1' WHERE id='{$sharerLinkID}'");
} else {
echo '0';
$dbsls->query("UPDATE ip_sharerlinks SET status='0' WHERE id='{$sharerLinkID}'");
}
$dbsls->close();
<?php
if (isset($_GET['retweet']) && !empty($_GET['retweet'])) {
if (!defined('SITE_ROOT')) {
define('SITE_ROOT', '../');
}
require_once SITE_ROOT . 'portal_config.php';
require_once SITE_ROOT . 'include/database.class.php';
$db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$retweetID = $db->prot(htmlspecialchars($_GET['retweet']));
$db->query("SELECT shout_msg FROM ip_shouts WHERE id='{$retweetID}'");
if ($row = $db->fetch_array()) {
$shoutMsg = stripslashes(rtrim(htmlspecialchars_decode($row['shout_msg'])));
$shoutMsg = str_ireplace("[rt]", "", $shoutMsg);
$shoutMsg = str_ireplace("[/rt]", "", $shoutMsg);
$shoutMsg = str_ireplace("<code>", "", $shoutMsg);
$shoutMsg = str_ireplace("</code>", "", $shoutMsg);
if (preg_match("/!update/i", $shoutMsg)) {
$replaceShout = str_ireplace("!update", "", $shoutMsg);
echo '[rt]' . $replaceShout . '[/rt]';
} else {
if (preg_match("/!request/i", $shoutMsg)) {
$replaceShout = str_ireplace("!request", "", $shoutMsg);
echo '[rt]' . $replaceShout . '[/rt]';
} else {
echo '[rt]' . $shoutMsg . '[/rt]';
}
}
} else {
echo 'KO';
}
if ($avatar_ext == '1') {
return FORUM_ROOT . 'img/avatars/' . $user_id . '.gif?no_cache=' . random_keyx(8, TRUE);
}
if ($avatar_ext == '2') {
return FORUM_ROOT . 'img/avatars/' . $user_id . '.jpg?no_cache=' . random_keyx(8, TRUE);
}
if ($avatar_ext == '3') {
return FORUM_ROOT . 'img/avatars/' . $user_id . '.png?no_cache=' . random_keyx(8, TRUE);
}
if ($avatar_ext == '0') {
return SITE_ROOT . 'portal/assets/img/default-avatar.png';
}
}
if (isset($_GET['lastid']) && !empty($_GET['lastid'])) {
$db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$lastid = $db->prot(htmlspecialchars($_GET['lastid']));
$db->query("SELECT * FROM ip_shouts WHERE id<'{$lastid}' ORDER BY id DESC LIMIT 20");
$count_shout_more = 0;
while ($row = $db->fetch_assoc()) {
$count_shout_more++;
$get_shoutID = $row['id'];
$get_userID = $row['user_id'];
$get_shoutMsg = $row['shout_msg'];
$get_sTime = $row['shout_time'];
$dbf = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$dbf->query("SELECT * FROM forum_users WHERE id='{$get_userID}'");
if ($rowf = $dbf->fetch_array()) {
$get_groupID = $rowf['group_id'];
$get_username = $rowf['username'];
$get_realname = $rowf['realname'];
$get_title = $rowf['title'];
} else {
$slink = 'http://' . $sharerlink;
}
if ($sharername == '' || $sharerlink == '' || $sharerdesc == '') {
echo 'ERROR! All fields are required.';
} else {
if (!validateSharername($sharername)) {
echo 'ERROR! Only alphanumerics, underscore, dot and space are allowed.';
} else {
$db->query("UPDATE ip_sharerlinks SET sharername='{$sharername}', sharerurl='{$slink}', sharerdesc='{$sharerdesc}' WHERE user_id='{$userID}'");
echo 'OK';
}
}
$db->close();
} else {
if (isset($_POST['delete']) && isset($_POST['userID'])) {
$db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$userID = $db->prot(htmlspecialchars($_POST['userID']));
$db->query("SELECT id FROM ip_sharerlinks WHERE user_id='{$userID}'");
if ($row = $db->fetch_array()) {
$sharerlinkID = $row['id'];
}
$db->query("DELETE FROM ip_sharerlinks WHERE user_id='{$userID}'");
$db->query("DELETE FROM ip_shlikes WHERE sharer_id='{$sharerlinkID}'");
echo 'DEL';
$db->close();
} else {
header('Location: ' . SITE_ROOT . '404.php');
}
}
}
if ($avatar_ext == '1') {
return FORUM_ROOT . 'img/avatars/' . $user_id . '.gif';
}
if ($avatar_ext == '2') {
return FORUM_ROOT . 'img/avatars/' . $user_id . '.jpg';
}
if ($avatar_ext == '3') {
return FORUM_ROOT . 'img/avatars/' . $user_id . '.png';
}
if ($avatar_ext == '0') {
return SITE_ROOT . 'portal/assets/img/default-avatar.png';
}
}
if (isset($_GET['rid']) && !empty($_GET['rid']) && is_numeric($_GET['rid'])) {
$db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$requestID = $db->prot(htmlspecialchars($_GET['rid']));
$db->query("SELECT * FROM ip_requests WHERE id='{$requestID}'");
echo '<div class="latest-shouts">';
echo '<i class="icon-edit"></i> Write a reply to this request';
echo '<ul id="rmsg" class="chat">';
if ($row = $db->fetch_array()) {
$reqmsg = $row['shout_msg'];
$reqmsgid = $row['id'];
$reqmsgtime = $row['shout_time'];
$requser = $row['user_id'];
$dbf = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$dbf->query("SELECT * FROM forum_users WHERE id='{$requser}'");
if ($rowf = $dbf->fetch_array()) {
$get_username = $rowf['username'];
$get_realname = $rowf['realname'];
$get_title = $rowf['title'];
{
if ($avatar_ext == '1') {
return FORUM_ROOT . 'img/avatars/' . $user_id . '.gif?no_cache=' . random_keyx(8, TRUE);
}
if ($avatar_ext == '2') {
return FORUM_ROOT . 'img/avatars/' . $user_id . '.jpg?no_cache=' . random_keyx(8, TRUE);
}
if ($avatar_ext == '3') {
return FORUM_ROOT . 'img/avatars/' . $user_id . '.png?no_cache=' . random_keyx(8, TRUE);
}
if ($avatar_ext == '0') {
return SITE_ROOT . 'assets/img/default-avatar.png';
}
}
$db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$userID = $db->prot(htmlspecialchars($_GET['id']));
$checkDB = $db->num($db->query("SELECT * FROM forum_users WHERE id='{$userID}'"));
if ($checkDB !== 1) {
header('Location: index.php');
}
// Load top level HTML structures
html('start');
html_meta();
html_css();
html_favicon();
html_jquery();
html('body');
html_header();
?>
<div class="container">
if ($avatar_ext == '1') {
return FORUM_ROOT . 'img/avatars/' . $user_id . '.gif';
}
if ($avatar_ext == '2') {
return FORUM_ROOT . 'img/avatars/' . $user_id . '.jpg';
}
if ($avatar_ext == '3') {
return FORUM_ROOT . 'img/avatars/' . $user_id . '.png';
}
if ($avatar_ext == '0') {
return SITE_ROOT . 'assets/img/default-avatar.png';
}
}
$db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
if (!empty($_GET['q']) && isset($_GET['q'])) {
$thisHashtag = $db->prot(htmlspecialchars($_GET['q']));
$findHashtag = '#' . $thisHashtag;
$db->query("SELECT COUNT(id) FROM ip_shouts WHERE shout_msg LIKE '%{$findHashtag}%'");
$total_hashtag = implode($db->fetch_assoc());
echo '<div class="well well-small">Found <strong>' . $total_hashtag . '</strong> shout(s) with hashtag: <code>' . stripslashes(rtrim($findHashtag)) . '</code></div>';
echo '<ul id="chat" class="chat">';
$db->query("SELECT * FROM ip_shouts WHERE shout_msg LIKE '%{$findHashtag}%' ORDER BY id DESC LIMIT 50");
while ($row = $db->fetch_assoc()) {
$get_shoutID = $row['id'];
$get_userID = $row['user_id'];
$get_shoutMsg = $row['shout_msg'];
$get_sTime = $row['shout_time'];
$dbf = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$dbf->query("SELECT * FROM forum_users WHERE id='{$get_userID}'");
if ($rowf = $dbf->fetch_array()) {
$get_username = $rowf['username'];
<?php
if (!defined('SITE_ROOT')) {
define('SITE_ROOT', '../');
}
require_once SITE_ROOT . 'portal_config.php';
require_once SITE_ROOT . 'include/database.class.php';
if (isset($_POST['sid']) && isset($_POST['lid'])) {
$dbcf = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$shoutID = $dbcf->prot(htmlspecialchars($_POST['sid']));
$likerID = $dbcf->prot(htmlspecialchars($_POST['lid']));
$dbcf->query("SELECT COUNT(*) FROM ip_uplikes WHERE shout_id='{$shoutID}' AND user_id='{$likerID}'");
$checkValue = implode($dbcf->fetch_assoc());
$dbcf->close();
if ($checkValue == 1) {
$dbcfrem = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$dbcfrem->query("DELETE FROM ip_uplikes WHERE shout_id='{$shoutID}' AND user_id='{$likerID}'");
$dbcfrem->close();
$dbch = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$dbch->query("SELECT COUNT(*) FROM ip_uplikes WHERE shout_id='{$shoutID}'");
$total_like = implode($dbch->fetch_assoc());
$dbch->close();
if ($total_like == 0) {
echo '0';
} else {
echo $total_like;
}
} else {
$dbil = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$dbil->query("INSERT INTO ip_uplikes (shout_id, user_id) VALUES ('{$shoutID}', '{$likerID}')");
$dbil->close();
<?php
if (session_id() == '') {
session_start();
}
if (!defined('SITE_ROOT')) {
define('SITE_ROOT', '../');
}
require_once SITE_ROOT . 'portal_config.php';
require_once SITE_ROOT . 'include/functions.php';
require_once SITE_ROOT . 'include/database.class.php';
$db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
if (isset($_POST['requestMsgID']) && isset($_POST['replyMsg']) && isset($_POST['userID']) && isset($_POST['cts'])) {
$replyTime = time();
$requestMsgID = $db->prot(htmlspecialchars($_POST['requestMsgID']));
$replyMsg = $db->prot(htmlspecialchars($_POST['replyMsg']));
$replierID = $db->prot(htmlspecialchars($_POST['userID']));
$db2 = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$db2->query("SELECT user_id FROM ip_requests WHERE id='{$requestMsgID}'");
if ($row2 = $db2->fetch_array()) {
$requestUserID = $row2['user_id'];
$dbf = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$dbf->query("SELECT username FROM forum_users WHERE id='{$requestUserID}'");
if ($rowf = $dbf->fetch_array()) {
$reqUsername = $rowf['username'];
}
$dbf->close();
}
$db2->close();
if ($replyMsg == '') {
echo 'ERROR! Nothing to reply? Keep that confuse away.';
<?php
if (!defined('SITE_ROOT')) {
define('SITE_ROOT', '../');
}
require_once SITE_ROOT . 'portal_config.php';
require_once SITE_ROOT . 'include/database.class.php';
if (isset($_POST['sid']) && isset($_POST['fid'])) {
$dbcf = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$sharerID = $dbcf->prot(htmlspecialchars($_POST['sid']));
$likerID = $dbcf->prot(htmlspecialchars($_POST['fid']));
$dbcf->query("SELECT COUNT(*) FROM ip_shlikes WHERE sharer_id='{$sharerID}' AND user_id='{$likerID}'");
$checkValue = implode($dbcf->fetch_assoc());
$dbcf->close();
if ($checkValue == 1) {
$dbcfrem = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$dbcfrem->query("DELETE FROM ip_shlikes WHERE sharer_id='{$sharerID}' AND user_id='{$likerID}'");
$dbcfrem->close();
$dbch = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$dbch->query("SELECT COUNT(*) FROM ip_shlikes WHERE sharer_id='{$sharerID}'");
$total_like = implode($dbch->fetch_assoc());
$dbch->close();
if ($total_like == 0) {
echo '0';
} else {
echo $total_like;
}
} else {
$dbil = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$dbil->query("INSERT INTO ip_shlikes (sharer_id, user_id) VALUES ('{$sharerID}', '{$likerID}')");
$dbil->close();
}
function emptybbCode($input)
{
if (preg_match('/\\{\\:(\\s*)\\:\\}/i', $input) || preg_match('/\\[\\:(\\s*)\\:\\]/i', $input) || preg_match('/\\[\\;(\\s*)\\;\\]/i', $input) || preg_match('/\\{\\;(\\s*)\\;\\}/i', $input) || preg_match('/\\[rt\\](\\s*)\\[\\/rt\\]/i', $input) || preg_match('/\\[quote\\](\\s*)\\[\\/quote\\]/i', $input) || preg_match('/\\[purple\\](\\s*)\\[\\/purple\\]/i', $input) || preg_match('/\\[blue\\](\\s*)\\[\\/blue\\]/i', $input) || preg_match('/\\[teal\\](\\s*)\\[\\/teal\\]/i', $input) || preg_match('/\\[green\\](\\s*)\\[\\/green\\]/i', $input) || preg_match('/\\[orange\\](\\s*)\\[\\/orange\\]/i', $input) || preg_match('/\\[pink\\](\\s*)\\[\\/pink\\]/i', $input) || preg_match('/\\[red\\](\\s*)\\[\\/red\\]/is', $input)) {
return true;
} else {
return false;
}
}
if (isset($_GET['display']) && $_GET['display'] == 1) {
populate_shoutbox();
} else {
if (isset($_POST['shoutMsg']) && isset($_POST['userID'])) {
$db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$shoutTime = time();
$shoutMsg = $db->prot(htmlspecialchars($_POST['shoutMsg']));
$userID = $db->prot(htmlspecialchars($_POST['userID']));
if ($shoutMsg == '' || strlen($shoutMsg) == 0) {
echo 'ERROR! You shout nothing! Say something.';
} else {
if (emptybbCode($shoutMsg)) {
echo 'ERROR! bbCode tags cannot be empty.';
} else {
if (preg_match('/!request/i', $shoutMsg) && preg_match('/!update/i', $shoutMsg)) {
echo 'ERROR! !update and !request cannot be together in one shout.';
} else {
if (preg_match('/!request/i', $shoutMsg)) {
$requestMsg = preg_replace('/!request/i', '', $shoutMsg);
if ($requestMsg !== '') {
$db->query("INSERT INTO ip_requests (shout_time, shout_msg, user_id) VALUES ('{$shoutTime}', '{$requestMsg}', '{$userID}')");
$db->query("INSERT INTO ip_shouts (shout_time, shout_msg, user_id) VALUES ('{$shoutTime}', '{$shoutMsg}', '{$userID}')");
<?php
if (session_id() == '') {
session_start();
}
if (!defined('SITE_ROOT')) {
define('SITE_ROOT', './');
}
require_once SITE_ROOT . 'portal_config.php';
require_once SITE_ROOT . 'include/functions.php';
require_once SITE_ROOT . 'include/database.class.php';
$db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
if (isset($_POST['add']) && isset($_POST['userID']) && isset($_POST['sharername']) && isset($_POST['sharerlink']) && isset($_POST['sharerdesc'])) {
$dbs = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$userID = $dbs->prot(htmlspecialchars($_POST['userID']));
$sharerdate = time();
$sharername = $dbs->prot(htmlspecialchars($_POST['sharername']));
$sharerlink = $dbs->prot(htmlspecialchars($_POST['sharerlink']));
$sharerdesc = $dbs->prot(htmlspecialchars($_POST['sharerdesc']));
if (strpos($sharerlink, "http://") === 0) {
$slink = $sharerlink;
} else {
$slink = 'http://' . $sharerlink;
}
$dbs->query("SELECT COUNT(*) FROM ip_sharerlinks WHERE user_id='{$userID}'");
$checkSharer = implode($dbs->fetch_assoc());
$dbs->close();
if ($checkSharer == 1) {
echo 'ERROR! You already added a sharerlink. Only one sharerlink per single user.';
} else {
if ($userID == '' || $sharername == '' || $sharerlink == '' || $sharerdesc == '') {
