function count_threads($fid, $tag)
{
/* FIXME: translate pid -> pmid */
$sql = "select count(distinct f_messages" . $fid . ".tid) from " . "f_indexes,f_messages" . $fid . " where " . $fid . "=f_indexes.fid and " . "f_messages" . $fid . ".mid>=f_indexes.minmid and " . "f_messages" . $fid . ".mid<=f_indexes.maxmid and " . "f_messages" . $fid . ".pid=0 and f_messages" . $fid . ".state=?";
$row = db_query_first($sql, array($tag));
return $row[0];
}
function UserLogin($data)
{
$sql = "select * from user where username=:username";
$userinfo = db_query_first($sql, array(":username" => $data['username']));
if (empty($userinfo)) {
return Register($data);
} else {
if ($userinfo['password'] == md5($data['password'])) {
$token = Crypt3Des::encrypt(json_encode($userinfo), $GLOBALS['keys']);
return ErrorCode::CODE("1000", array("token" => urlencode($token)));
} else {
return ErrorCode::CODE("1001");
}
}
}
function count_state_by_aid($aid)
{
$out = array();
$sth = db_query("select iid,fid from f_indexes order by iid");
while ($row = $sth->fetch(PDO::FETCH_ASSOC)) {
$iid = $row['iid'];
$fid = $row['fid'];
foreach (array("Active", "Offtopic", "Deleted", "Moderated") as $state) {
if (!isset($out[$fid])) {
$out[$fid] = array();
}
if (!isset($out[$fid][$state])) {
$out[$fid][$state] = 0;
}
$row2 = db_query_first("select count(*) from f_messages{$iid} where aid=? and state=?", array($aid, $state));
$out[$fid][$state] += $row2[0];
}
}
$sth->closeCursor();
return $out;
}
function find_forum($shortname)
{
global $user, $forum, $indexes, $tthreads, $tthreads_by_tid, $down_for_maint;
$sql = "select * from f_forums where shortname = ?";
$forum = db_query_first($sql, array($shortname));
if (!$forum) {
return 0;
}
/* Short circuit it here */
if ($down_for_maint || isset($forum['version']) && $forum['version'] == 1) {
echo "This forum is currently undergoing maintenance, please try back in a couple of minutes\n";
exit;
}
$indexes = build_indexes($forum['fid']);
list($tthreads, $tthreads_by_tid) = build_tthreads($forum['fid']);
$options = explode(",", $forum['options']);
foreach ($options as $value) {
$forum['option'][$value] = true;
}
return 1;
}
<?php
require_once "page-yatt.inc.php";
$dir = new YATT();
$dir->load("{$template_dir}/directory.yatt");
$sth = db_query("select fid,name,shortname from f_forums where options like '%Searchable%' order by name");
for ($i = 0; $row = $sth->fetch(); $i++) {
$dir->set("r", $i & 1);
$fid = $row['fid'];
/* should only count active and off-topic, but its too slow */
try {
$row2 = db_query_first("select count(*) from f_messages{$fid}");
$count = $row2 ? $row2[0] : NULL;
} catch (PDOException $e) {
$count = NULL;
}
$dir->set("count", $count);
$dir->set("row", $row);
$dir->parse("dir.row");
}
$sth->closeCursor();
$dir->parse("dir");
print generate_page('Directory', $dir->output());
$tpl->set_block("finish", "error");
$tpl->set_block("error", "unknown");
$tpl->set_block("error", "invalid_aid");
$tpl->set_block("error", "activate_failed");
$tpl->set_block("error", "dup_email");
$tpl->set_block("finish", "success");
$tpl->set_block("success", "create");
$tpl->set_block("success", "email");
$tpl->set_block("success", "forgot_password");
$errors = array("unknown", "invalid_aid", "activate_failed", "dup_email");
$successes = array("create", "email", "forgot_password");
if (!isset($_REQUEST['cookie'])) {
err_not_found('No cookie');
}
$cookie = $_REQUEST['cookie'];
$pending = db_query_first("select * from u_pending where cookie = ?", array($cookie));
if (!$pending) {
if (isset($cookie) && !empty($cookie)) {
$error = "unknown";
$tpl->set_var("COOKIE", $cookie);
} else {
err_not_found('No cookie');
}
} else {
$user = new AccountUser();
$user->find_by_aid((int) $pending['aid']);
if (!$user->valid()) {
$error = "invalid_aid";
} else {
db_exec("update u_pending set status = 'Done' where tid = ?", array($pending['tid']));
switch ($pending['type']) {
<?php
if (!$user->valid()) {
err_not_found();
}
$gid = $_REQUEST['gid'];
if (!isset($gid) || is_int($gid) || $gid < -1 || $gid > 63) {
err_not_found();
}
$gmsg = db_query_first("select * from f_global_messages where gid = ?", array($gid));
if (strlen($_REQUEST['state']) > 0) {
if (!$gmsg || !$user->admin()) {
err_not_found();
}
if (!$user->is_valid_token($_REQUEST['token'])) {
err_not_found('Invalid token');
}
if ($_REQUEST['state'] == "Active") {
db_exec("update f_global_messages set state = 'Active' where gid = ?", array($gid));
} elseif ($_REQUEST['state'] == "Inactive") {
db_exec("update f_global_messages set state = 'Inactive' where gid = ?", array($gid));
} else {
err_not_found();
}
}
if (isset($_REQUEST['hide'])) {
if (!$user->is_valid_token($_REQUEST['token'])) {
err_not_found('Invalid token');
}
if ($gid == -1) {
if ($_REQUEST['hide'] == 1) {
<?php
require_once "pagenav.inc.php";
$user->req("ForumAdmin");
page_header("Forum User ACL");
if (isset($_GET['message'])) {
page_show_message($_GET['message']);
}
$rowsperpage = 100;
if (is_valid_integer($_GET['page'])) {
$page = $_GET['page'];
} else {
$page = 1;
}
$sql = "select count(*) from f_moderators, u_users where u_users.aid = f_moderators.aid";
$row = db_query_first($sql);
$numrows = $row[0];
echo "{$numrows} total user ACL records<br>\n";
$numpages = ceil($numrows / $rowsperpage);
function print_pages($page, $numpages)
{
$fmt = "useracl.phtml?page=%d";
print "Page: " . gen_pagenav($fmt, $page, $numpages) . "<br>\n";
}
print_pages($page, $numpages);
$sql = "select f_moderators.*, u_users.name from f_moderators, u_users where u_users.aid = f_moderators.aid";
$skiprows = ($page - 1) * $rowsperpage;
$sql .= " order by aid limit {$skiprows},{$rowsperpage}";
$sth = db_query($sql);
?>
<?php
require_once "pagenav.inc.php";
$user->req("ForumAdmin");
page_header("Visits");
if (isset($_GET['message'])) {
page_show_message($_GET['message']);
}
$visitsperpage = 100;
if (is_valid_integer($_GET['page'])) {
$page = $_GET['page'];
} else {
$page = 1;
}
$row = db_query_first("select count(*) from f_visits");
$numvisits = $row[0];
echo "{$numvisits} active user/ip pairs<br>\n";
$numpages = ceil($numvisits / $visitsperpage);
function print_pages($page, $numpages)
{
$fmt = "showvisits.phtml?page=%d";
print "Page: " . gen_pagenav($fmt, $page, $numpages) . "<br>\n";
}
print_pages($page, $numpages);
$skipvisits = ($page - 1) * $visitsperpage;
$sql = "select f_visits.*, u_users.name, u_users.email FROM f_visits LEFT JOIN u_users ON u_users.aid = f_visits.aid order by f_visits.ip limit {$skipvisits},{$visitsperpage}";
$sth = db_query($sql);
?>
<p>
function generate_edit_form($tpl, $gid)
{
global $user;
$msg = db_query_first("select * from f_global_messages where gid=?", array($gid));
$tpl->set('token', $user->token());
$tpl->set('msg', $msg);
$tpl->parse('form');
$tpl->reset();
}
if (isset($options)) {
$options = implode(",", $options);
} else {
$options = "";
}
db_exec("replace into f_forums " . "( fid, name, shortname, options ) " . "values ( ?, ?, ?, ?)", array($fid, $name, $shortname, $options));
Header("Location: index.phtml?message=" . urlencode("Forum Modified"));
exit;
}
/* If we find an ID, means that we're in update mode */
if (!is_valid_integer($_GET['fid'])) {
page_header("Modify forum");
# page_show_nav("1.2");
ads_die("", "No forum ID specified (fid)");
}
$forum = db_query_first("select * from f_forums,f_indexes where f_forums.fid=f_indexes.fid and f_forums.fid = ?", array($_GET['fid']));
$options = explode(",", $forum['options']);
foreach ($options as $value) {
$options[$value] = true;
}
page_header("Modify '" . $forum['name'] . "' fid=" . $forum['fid']);
#page_show_nav("1.2");
?>
<form method="post" action="<?php
echo basename($_SERVER['PHP_SELF']);
?>
">
<input type="hidden" name="fid" value="<?php
echo $forum['fid'];
?>
if (substr($line, 0, 1) == "#") {
continue;
}
$ip_list[] = $line;
}
fclose($handle);
echo "Fetched " . count($ip_list) . " IPs.\n";
// Find the TOR proxy_type id.
$row = db_query_first("SELECT id FROM acl_proxy_types WHERE proxy_type = 'TOR' LIMIT 1");
if (!$row) {
echo "Unable to find the TOR proxy type id.\n";
exit(1);
}
$tor_proxy_type_id = $row[0];
// Find the account_creation ban_type id.
$row = db_query_first("SELECT id FROM acl_ban_types WHERE ban_type = 'account_creation' LIMIT 1");
if (!$row) {
echo "Unable to find the account_creation ban type id.\n";
exit(1);
}
$account_ban_type_id = $row[0];
// Iterate over all the IPs and create/update records as needed.
$num_created = 0;
$num_updated = 0;
$sql = "SELECT ai.id, ai.proxy_type, aib.id " . "FROM acl_ips ai LEFT JOIN acl_ip_bans aib " . " ON (ai.id = aib.ip_id AND aib.ban_type_id = ?) " . "WHERE ai.ip = INET_ATON(?) AND ai.mask = INET_ATON('255.255.255.255') " . "LIMIT 1";
$sth = $DBH->prepare($sql);
foreach ($ip_list as $ip) {
$sth->execute(array($account_ban_type_id, $ip));
$row = $sth->fetch();
$sth->closeCursor();
if ($row) {
exit;
}
if ($state != 'Active' && $state != 'OffTopic' && $state != 'Moderated' && $state != 'Deleted') {
err_not_found("Invalid state {$state}");
}
if (!is_numeric($mid)) {
err_not_found("Invalid mid {$mid}");
}
$iid = mid_to_iid($mid);
if (!isset($iid)) {
err_not_found("Invalid mid {$mid}");
}
if (!$user->is_valid_token($_REQUEST['token'])) {
err_not_found('Invalid token');
}
$msg = db_query_first("select mid, aid, pid, state, subject, flags from f_messages{$iid} where mid = ?", array($mid));
/* don't do anything if no change */
if ($msg['state'] == $state) {
header("Location: {$page}");
}
/* FIXME: translate pid -> pmid */
if (!isset($msg['pmid']) && isset($msg['pid'])) {
$msg['pmid'] = $msg['pid'];
}
if (!empty($msg['flags'])) {
$flagexp = explode(",", $msg['flags']);
while (list(, $flag) = each($flagexp)) {
$flags[$flag] = true;
}
}
$levels = array('Active' => 1, 'OffTopic' => 2, 'Moderated' => 3, 'Deleted' => 4);
<?php
require_once 'xbt_common.php';
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<link rel=stylesheet href="xbt.css">
<title>XBT Files</title>
<?php
$result = db_query_first("select sum(completed) completed, sum(leechers) leechers, sum(seeders) seeders, sum(leechers or seeders) torrents from xbt_files");
$result['peers'] = $result['leechers'] + $result['seeders'];
echo '<table>';
printf('<tr><th align=right>completed<td align=right>%d<td>', $result['completed']);
printf('<tr><th align=right>peers<td align=right>%d<td align=right>100 %%', $result['peers']);
if ($result['peers']) {
printf('<tr><th align=right>leechers<td align=right>%d<td align=right>%d %%', $result['leechers'], $result['leechers'] * 100 / $result['peers']);
printf('<tr><th align=right>seeders<td align=right>%d<td align=right>%d %%', $result['seeders'], $result['seeders'] * 100 / $result['peers']);
}
printf('<tr><th align=right>torrents<td align=right>%d<td>', $result['torrents']);
printf('<tr><th align=right>time<td align=right colspan=2>%s', gmdate('Y-m-d H:i:s'));
echo '</table>';
echo '<hr>';
$results = db_query("select * from xbt_files where leechers or seeders order by ctime desc");
echo '<table>';
echo '<tr>';
echo '<th>fid';
echo '<th>info_hash';
echo '<th>leechers';
echo '<th>seeders';
echo '<th>completed';
echo '<th>modified';
echo '<th>created';
$tid = $_REQUEST['tid'];
if (!$user->valid()) {
header("Location: {$page}");
exit;
}
if (!$user->capable($forum['fid'], 'Lock')) {
echo "You are not allowed to lock this thread\n";
exit;
}
if (!$user->is_valid_token($_REQUEST['token'])) {
err_not_found('Invalid token');
}
$iid = tid_to_iid($tid);
if (!isset($iid)) {
echo "Invalid thread!\n";
exit;
}
$sql = "select * from f_threads{$iid} where tid = ?";
$thread = db_query_first($sql, array($tid));
$options = explode(",", $thread['flags']);
foreach ($options as $name => $value) {
if ($options[$name] == 'Locked') {
unset($options[$name]);
}
}
$options[] = 'Locked';
$flags = implode(",", $options);
$sql = "update f_threads{$iid} set flags = ? where tid = ?";
db_exec($sql, array($flags, $tid));
db_exec("update f_messages{$iid} set " . "changes = CONCAT(changes, 'Locked by ', ?, '/', ?, ' at ', NOW(), '\n') " . "where mid = ?", array($user->name, $user->aid, $thread['mid']));
header("Location: {$page}");
$where .= " email like ?";
$args[] = $_GET['email'];
}
if (isset($_GET['name']) && !empty($_GET['name'])) {
echo "<h2>Searching for name like \"" . $_GET['name'] . "\"</h2><br>\n";
if (!empty($where)) {
$where .= " and";
}
$where .= " name like ?";
$args[] = $_GET['name'];
}
$sql = "select count(*) from u_users";
if (!empty($where)) {
$sql .= " where {$where}";
}
$row = db_query_first($sql, $args);
$numaccounts = $row[0];
if (!empty($where)) {
echo "{$numaccounts} matching accounts<br>\n";
} else {
echo "{$numaccounts} total accounts<br>\n";
}
$numpages = ceil($numaccounts / $accountsperpage);
function print_pages($page, $numpages)
{
$fmt = "admin.phtml?page=%d";
/* no maximum (maxjump=0)! */
print "Page: " . gen_pagenav($fmt, $page, $numpages, 0) . "<br>\n";
}
print_pages($page, $numpages);
?>
require_once "postmessage.inc";
/* sets $msg['mid'] to the new message id */
if (postmessage($user, $forum['fid'], $msg, $_POST) == true) {
$tpl->set_var("duplicate", "");
}
require_once "mailfrom.inc";
$sql = "select * from f_tracking where fid = ? and tid = ? and options = 'SendEmail' and aid != ?";
$sth = db_query($sql, array($forum['fid'], $msg['tid'], $user->aid));
$track = $sth->fetch();
if ($track) {
$iid = mid_to_iid($thread['mid']);
if (!isset($iid)) {
throw new RuntimeException("no iid for thread mid " . $thread['mid']);
}
$sql = "select subject from f_messages{$iid} where mid = ?";
$row = db_query_first($sql, array($thread['mid']));
list($t_subject) = $row;
$e_message = substr($msg['message'], 0, 1024);
if (strlen($msg['message']) > 1024) {
$bytes = strlen($msg['message']) - 1024;
$plural = $bytes == 1 ? '' : 's';
$e_message .= "...\n\nMessage continues for another {$bytes} byte{$plural}\n";
}
$tpl->set_var(array("THREAD_SUBJECT" => $t_subject, "USER_NAME" => $user->name, "HOST" => $_url, "FORUM_NAME" => $forum['name'], "FORUM_SHORTNAME" => $forum['shortname'], "MSG_MID" => $msg['mid'], "MAIL_MSG_SUBJECT" => $msg['subject'], "MAIL_MSG_MESSAGE" => $e_message, "PHPVERSION" => phpversion()));
do {
$uuser = new ForumUser($track['aid']);
$tpl->set_var("EMAIL", $uuser->email);
$e_message = $tpl->parse("MAIL", "mail");
$e_message = textwrap($e_message, 78, "\n");
mailfrom("followup-" . $track['aid'] . "@" . $bounce_host, $uuser->email, $e_message);
} while ($track = $sth->fetch());
if (isset($_REQUEST['time']) && is_numeric($_REQUEST['time'])) {
$time = $_REQUEST['time'];
} else {
$time = time();
}
/* Unix time (seconds since epoch) */
/* Convert it to MySQL format */
/* TZ: strftime is local time of SQL server -> used for tstamp */
$time = strftime("%Y%m%d%H%M%S", $time);
if ($tid == "all") {
require_once "thread.inc";
/* for is_thread_bumped() */
foreach ($tthreads as $tthread) {
$iid = tid_to_iid($tthread['tid']);
if (!isset($iid)) {
continue;
}
/* TZ: unixtime is seconds since epoch */
$thread = db_query_first("select *, UNIX_TIMESTAMP(tstamp) as unixtime from f_threads{$iid} where tid = ?", array($tthread['tid']));
if (is_thread_bumped($thread)) {
/* TZ: tstamp is sql local time */
db_exec("update f_tracking set tstamp = ? where fid = ? and tid = ? and aid = ?", array($time, $forum['fid'], $thread['tid'], $user->aid));
}
}
} else {
if (is_numeric($tid)) {
/* TZ: tstamp is SQL server local time, NOT PHP server local time */
db_exec("update f_tracking set tstamp = ? where fid = ? and tid = ? and aid = ?", array($time, $forum['fid'], $tid, $user->aid));
}
}
Header("Location: " . $page);
continue;
}
echo "{$aid} has {$count} posts in {$table} (fid={$fid})\n";
if ($dry_run) {
$cmd = "select count(*) from {$table} WHERE {$where}";
printf("'{$cmd}', array(" . implode(", ", $where_args) . ")\n");
$row = db_query_first($cmd, $where_args);
$count = $row[0];
printf("Matched %d messages\n", $count);
} else {
$num_affected = sql_execute_wrapper("UPDATE {$table} SET state = 'Deleted', " . "flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'StateLocked'), " . "changes = CONCAT_WS('\\n', changes, ?) " . "WHERE {$where}", array_merge(array($changes), $where_args));
printf("Deleted %d messages\n", $num_affected);
}
$row = db_query_first("select count(*) from {$table} where aid = ? AND state = 'Deleted'", array($aid));
$deleted = $row[0];
$row = db_query_first("select count(*) from {$table} where aid = ? AND state = 'Active'", array($aid));
$active = $row[0];
sql_execute_wrapper("replace into f_upostcount (aid, fid, status, count ) values ( ?, ?, 'Deleted', ? )", array($aid, $fid, $deleted));
sql_execute_wrapper("replace into f_upostcount (aid, fid, status, count ) values ( ?, ?, 'Active', ? )", array($aid, $fid, $active));
printf("Change log entry: '%s'\n", $changes);
}
function sql_execute_wrapper($cmd, $args = array())
{
global $dry_run;
if ($dry_run) {
printf("dry run '%s'" . ($args ? " array(" . implode(", ", $args) . ")" : "") . "\n", $cmd);
} else {
//printf("real '%s'\n", $cmd);
return db_exec($cmd, $args);
}
}
exit;
}
require_once "strip.inc";
require_once "message.inc";
$tpl->set_file(array("del" => "delete.tpl", "message" => "message.tpl", "forum_header" => array("forum/" . $forum['shortname'] . ".tpl", "forum/generic.tpl")));
$tpl->set_block("del", "disabled");
message_set_block($tpl);
$tpl->set_var("FORUM_NAME", $forum['name']);
$tpl->set_var("FORUM_SHORTNAME", $forum['shortname']);
$tpl->parse("FORUM_HEADER", "forum_header");
$iid = mid_to_iid($mid);
if (!isset($iid)) {
echo "Invalid message!\n";
exit;
}
$sql = "select * from f_messages{$iid} where mid = ?";
$msg = db_query_first($sql, array($mid));
if ($msg['aid'] != $user->aid) {
echo "This message does not belong to you!\n";
exit;
}
if (!isset($forum['option']['PostEdit'])) {
$tpl->set_var(array("image" => "", "preview" => "", "form" => "", "accept" => ""));
print generate_page('Delete Message Denied', $tpl->parse("CONTENT", "disabled"));
exit;
}
$tpl->set_var("disabled", "");
render_message($tpl, $msg, $user);
$tpl->set_var("PAGE", $_page);
$tpl->parse("PREVIEW", "message");
print generate_page('Delete Message', $tpl->parse("CONTENT", "del"));
function findkey($key)
{
$sql = "select id from `keys` where `key` = :iskey";
return db_query_first($sql, array(":iskey" => $key));
}
function db_find($table, $id)
{
if (empty($id) || empty($table)) {
return array();
}
return db_query_first("select * from {$table} where id = :id", array(':id' => $id));
}
if (!$users) {
echo "All users already have createip set, doing nothing.\n";
exit(0);
}
echo "Found " . count($users) . " broken users.\n";
$sth = db_query("SHOW TABLES LIKE 'f_messages%'");
$tables = array();
while ($row = $sth->fetch()) {
$tables[] = $row[0];
}
$sth->closeCursor();
echo "There are " . count($tables) . " message tables.\n";
foreach ($users as $aid) {
echo "Fixing aid {$aid}...";
$sub_queries = array();
$sub_args = array();
foreach ($tables as $table) {
$sub_queries[] = "(SELECT ip, date FROM {$table} WHERE aid = ? ORDER BY date LIMIT 1)";
$sub_args[] = $aid;
}
$sql = "SELECT ip FROM (" . implode(" UNION ", $sub_queries) . ") m ORDER BY m.date LIMIT 1";
$row = db_query_first($sql, $sub_args);
if (!$row) {
echo " user has no messages, skipping.\n";
continue;
}
list($ip) = $row;
echo " first message IP is {$ip}";
db_exec("UPDATE u_users SET createip = ? WHERE aid = ?", array($ip, $aid));
echo " done.\n";
}
