function count_threads($fid, $tag) { /* FIXME: translate pid -> pmid */ $sql = "select count(distinct f_messages" . $fid . ".tid) from " . "f_indexes,f_messages" . $fid . " where " . $fid . "=f_indexes.fid and " . "f_messages" . $fid . ".mid>=f_indexes.minmid and " . "f_messages" . $fid . ".mid<=f_indexes.maxmid and " . "f_messages" . $fid . ".pid=0 and f_messages" . $fid . ".state=?"; $row = db_query_first($sql, array($tag)); return $row[0]; }
function UserLogin($data) { $sql = "select * from user where username=:username"; $userinfo = db_query_first($sql, array(":username" => $data['username'])); if (empty($userinfo)) { return Register($data); } else { if ($userinfo['password'] == md5($data['password'])) { $token = Crypt3Des::encrypt(json_encode($userinfo), $GLOBALS['keys']); return ErrorCode::CODE("1000", array("token" => urlencode($token))); } else { return ErrorCode::CODE("1001"); } } }
function count_state_by_aid($aid) { $out = array(); $sth = db_query("select iid,fid from f_indexes order by iid"); while ($row = $sth->fetch(PDO::FETCH_ASSOC)) { $iid = $row['iid']; $fid = $row['fid']; foreach (array("Active", "Offtopic", "Deleted", "Moderated") as $state) { if (!isset($out[$fid])) { $out[$fid] = array(); } if (!isset($out[$fid][$state])) { $out[$fid][$state] = 0; } $row2 = db_query_first("select count(*) from f_messages{$iid} where aid=? and state=?", array($aid, $state)); $out[$fid][$state] += $row2[0]; } } $sth->closeCursor(); return $out; }
function find_forum($shortname) { global $user, $forum, $indexes, $tthreads, $tthreads_by_tid, $down_for_maint; $sql = "select * from f_forums where shortname = ?"; $forum = db_query_first($sql, array($shortname)); if (!$forum) { return 0; } /* Short circuit it here */ if ($down_for_maint || isset($forum['version']) && $forum['version'] == 1) { echo "This forum is currently undergoing maintenance, please try back in a couple of minutes\n"; exit; } $indexes = build_indexes($forum['fid']); list($tthreads, $tthreads_by_tid) = build_tthreads($forum['fid']); $options = explode(",", $forum['options']); foreach ($options as $value) { $forum['option'][$value] = true; } return 1; }
<?php require_once "page-yatt.inc.php"; $dir = new YATT(); $dir->load("{$template_dir}/directory.yatt"); $sth = db_query("select fid,name,shortname from f_forums where options like '%Searchable%' order by name"); for ($i = 0; $row = $sth->fetch(); $i++) { $dir->set("r", $i & 1); $fid = $row['fid']; /* should only count active and off-topic, but its too slow */ try { $row2 = db_query_first("select count(*) from f_messages{$fid}"); $count = $row2 ? $row2[0] : NULL; } catch (PDOException $e) { $count = NULL; } $dir->set("count", $count); $dir->set("row", $row); $dir->parse("dir.row"); } $sth->closeCursor(); $dir->parse("dir"); print generate_page('Directory', $dir->output());
$tpl->set_block("finish", "error"); $tpl->set_block("error", "unknown"); $tpl->set_block("error", "invalid_aid"); $tpl->set_block("error", "activate_failed"); $tpl->set_block("error", "dup_email"); $tpl->set_block("finish", "success"); $tpl->set_block("success", "create"); $tpl->set_block("success", "email"); $tpl->set_block("success", "forgot_password"); $errors = array("unknown", "invalid_aid", "activate_failed", "dup_email"); $successes = array("create", "email", "forgot_password"); if (!isset($_REQUEST['cookie'])) { err_not_found('No cookie'); } $cookie = $_REQUEST['cookie']; $pending = db_query_first("select * from u_pending where cookie = ?", array($cookie)); if (!$pending) { if (isset($cookie) && !empty($cookie)) { $error = "unknown"; $tpl->set_var("COOKIE", $cookie); } else { err_not_found('No cookie'); } } else { $user = new AccountUser(); $user->find_by_aid((int) $pending['aid']); if (!$user->valid()) { $error = "invalid_aid"; } else { db_exec("update u_pending set status = 'Done' where tid = ?", array($pending['tid'])); switch ($pending['type']) {
<?php if (!$user->valid()) { err_not_found(); } $gid = $_REQUEST['gid']; if (!isset($gid) || is_int($gid) || $gid < -1 || $gid > 63) { err_not_found(); } $gmsg = db_query_first("select * from f_global_messages where gid = ?", array($gid)); if (strlen($_REQUEST['state']) > 0) { if (!$gmsg || !$user->admin()) { err_not_found(); } if (!$user->is_valid_token($_REQUEST['token'])) { err_not_found('Invalid token'); } if ($_REQUEST['state'] == "Active") { db_exec("update f_global_messages set state = 'Active' where gid = ?", array($gid)); } elseif ($_REQUEST['state'] == "Inactive") { db_exec("update f_global_messages set state = 'Inactive' where gid = ?", array($gid)); } else { err_not_found(); } } if (isset($_REQUEST['hide'])) { if (!$user->is_valid_token($_REQUEST['token'])) { err_not_found('Invalid token'); } if ($gid == -1) { if ($_REQUEST['hide'] == 1) {
<?php require_once "pagenav.inc.php"; $user->req("ForumAdmin"); page_header("Forum User ACL"); if (isset($_GET['message'])) { page_show_message($_GET['message']); } $rowsperpage = 100; if (is_valid_integer($_GET['page'])) { $page = $_GET['page']; } else { $page = 1; } $sql = "select count(*) from f_moderators, u_users where u_users.aid = f_moderators.aid"; $row = db_query_first($sql); $numrows = $row[0]; echo "{$numrows} total user ACL records<br>\n"; $numpages = ceil($numrows / $rowsperpage); function print_pages($page, $numpages) { $fmt = "useracl.phtml?page=%d"; print "Page: " . gen_pagenav($fmt, $page, $numpages) . "<br>\n"; } print_pages($page, $numpages); $sql = "select f_moderators.*, u_users.name from f_moderators, u_users where u_users.aid = f_moderators.aid"; $skiprows = ($page - 1) * $rowsperpage; $sql .= " order by aid limit {$skiprows},{$rowsperpage}"; $sth = db_query($sql); ?>
<?php require_once "pagenav.inc.php"; $user->req("ForumAdmin"); page_header("Visits"); if (isset($_GET['message'])) { page_show_message($_GET['message']); } $visitsperpage = 100; if (is_valid_integer($_GET['page'])) { $page = $_GET['page']; } else { $page = 1; } $row = db_query_first("select count(*) from f_visits"); $numvisits = $row[0]; echo "{$numvisits} active user/ip pairs<br>\n"; $numpages = ceil($numvisits / $visitsperpage); function print_pages($page, $numpages) { $fmt = "showvisits.phtml?page=%d"; print "Page: " . gen_pagenav($fmt, $page, $numpages) . "<br>\n"; } print_pages($page, $numpages); $skipvisits = ($page - 1) * $visitsperpage; $sql = "select f_visits.*, u_users.name, u_users.email FROM f_visits LEFT JOIN u_users ON u_users.aid = f_visits.aid order by f_visits.ip limit {$skipvisits},{$visitsperpage}"; $sth = db_query($sql); ?> <p>
function generate_edit_form($tpl, $gid) { global $user; $msg = db_query_first("select * from f_global_messages where gid=?", array($gid)); $tpl->set('token', $user->token()); $tpl->set('msg', $msg); $tpl->parse('form'); $tpl->reset(); }
if (isset($options)) { $options = implode(",", $options); } else { $options = ""; } db_exec("replace into f_forums " . "( fid, name, shortname, options ) " . "values ( ?, ?, ?, ?)", array($fid, $name, $shortname, $options)); Header("Location: index.phtml?message=" . urlencode("Forum Modified")); exit; } /* If we find an ID, means that we're in update mode */ if (!is_valid_integer($_GET['fid'])) { page_header("Modify forum"); # page_show_nav("1.2"); ads_die("", "No forum ID specified (fid)"); } $forum = db_query_first("select * from f_forums,f_indexes where f_forums.fid=f_indexes.fid and f_forums.fid = ?", array($_GET['fid'])); $options = explode(",", $forum['options']); foreach ($options as $value) { $options[$value] = true; } page_header("Modify '" . $forum['name'] . "' fid=" . $forum['fid']); #page_show_nav("1.2"); ?> <form method="post" action="<?php echo basename($_SERVER['PHP_SELF']); ?> "> <input type="hidden" name="fid" value="<?php echo $forum['fid']; ?>
if (substr($line, 0, 1) == "#") { continue; } $ip_list[] = $line; } fclose($handle); echo "Fetched " . count($ip_list) . " IPs.\n"; // Find the TOR proxy_type id. $row = db_query_first("SELECT id FROM acl_proxy_types WHERE proxy_type = 'TOR' LIMIT 1"); if (!$row) { echo "Unable to find the TOR proxy type id.\n"; exit(1); } $tor_proxy_type_id = $row[0]; // Find the account_creation ban_type id. $row = db_query_first("SELECT id FROM acl_ban_types WHERE ban_type = 'account_creation' LIMIT 1"); if (!$row) { echo "Unable to find the account_creation ban type id.\n"; exit(1); } $account_ban_type_id = $row[0]; // Iterate over all the IPs and create/update records as needed. $num_created = 0; $num_updated = 0; $sql = "SELECT ai.id, ai.proxy_type, aib.id " . "FROM acl_ips ai LEFT JOIN acl_ip_bans aib " . " ON (ai.id = aib.ip_id AND aib.ban_type_id = ?) " . "WHERE ai.ip = INET_ATON(?) AND ai.mask = INET_ATON('255.255.255.255') " . "LIMIT 1"; $sth = $DBH->prepare($sql); foreach ($ip_list as $ip) { $sth->execute(array($account_ban_type_id, $ip)); $row = $sth->fetch(); $sth->closeCursor(); if ($row) {
exit; } if ($state != 'Active' && $state != 'OffTopic' && $state != 'Moderated' && $state != 'Deleted') { err_not_found("Invalid state {$state}"); } if (!is_numeric($mid)) { err_not_found("Invalid mid {$mid}"); } $iid = mid_to_iid($mid); if (!isset($iid)) { err_not_found("Invalid mid {$mid}"); } if (!$user->is_valid_token($_REQUEST['token'])) { err_not_found('Invalid token'); } $msg = db_query_first("select mid, aid, pid, state, subject, flags from f_messages{$iid} where mid = ?", array($mid)); /* don't do anything if no change */ if ($msg['state'] == $state) { header("Location: {$page}"); } /* FIXME: translate pid -> pmid */ if (!isset($msg['pmid']) && isset($msg['pid'])) { $msg['pmid'] = $msg['pid']; } if (!empty($msg['flags'])) { $flagexp = explode(",", $msg['flags']); while (list(, $flag) = each($flagexp)) { $flags[$flag] = true; } } $levels = array('Active' => 1, 'OffTopic' => 2, 'Moderated' => 3, 'Deleted' => 4);
<?php require_once 'xbt_common.php'; ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"> <link rel=stylesheet href="xbt.css"> <title>XBT Files</title> <?php $result = db_query_first("select sum(completed) completed, sum(leechers) leechers, sum(seeders) seeders, sum(leechers or seeders) torrents from xbt_files"); $result['peers'] = $result['leechers'] + $result['seeders']; echo '<table>'; printf('<tr><th align=right>completed<td align=right>%d<td>', $result['completed']); printf('<tr><th align=right>peers<td align=right>%d<td align=right>100 %%', $result['peers']); if ($result['peers']) { printf('<tr><th align=right>leechers<td align=right>%d<td align=right>%d %%', $result['leechers'], $result['leechers'] * 100 / $result['peers']); printf('<tr><th align=right>seeders<td align=right>%d<td align=right>%d %%', $result['seeders'], $result['seeders'] * 100 / $result['peers']); } printf('<tr><th align=right>torrents<td align=right>%d<td>', $result['torrents']); printf('<tr><th align=right>time<td align=right colspan=2>%s', gmdate('Y-m-d H:i:s')); echo '</table>'; echo '<hr>'; $results = db_query("select * from xbt_files where leechers or seeders order by ctime desc"); echo '<table>'; echo '<tr>'; echo '<th>fid'; echo '<th>info_hash'; echo '<th>leechers'; echo '<th>seeders'; echo '<th>completed'; echo '<th>modified'; echo '<th>created';
$tid = $_REQUEST['tid']; if (!$user->valid()) { header("Location: {$page}"); exit; } if (!$user->capable($forum['fid'], 'Lock')) { echo "You are not allowed to lock this thread\n"; exit; } if (!$user->is_valid_token($_REQUEST['token'])) { err_not_found('Invalid token'); } $iid = tid_to_iid($tid); if (!isset($iid)) { echo "Invalid thread!\n"; exit; } $sql = "select * from f_threads{$iid} where tid = ?"; $thread = db_query_first($sql, array($tid)); $options = explode(",", $thread['flags']); foreach ($options as $name => $value) { if ($options[$name] == 'Locked') { unset($options[$name]); } } $options[] = 'Locked'; $flags = implode(",", $options); $sql = "update f_threads{$iid} set flags = ? where tid = ?"; db_exec($sql, array($flags, $tid)); db_exec("update f_messages{$iid} set " . "changes = CONCAT(changes, 'Locked by ', ?, '/', ?, ' at ', NOW(), '\n') " . "where mid = ?", array($user->name, $user->aid, $thread['mid'])); header("Location: {$page}");
$where .= " email like ?"; $args[] = $_GET['email']; } if (isset($_GET['name']) && !empty($_GET['name'])) { echo "<h2>Searching for name like \"" . $_GET['name'] . "\"</h2><br>\n"; if (!empty($where)) { $where .= " and"; } $where .= " name like ?"; $args[] = $_GET['name']; } $sql = "select count(*) from u_users"; if (!empty($where)) { $sql .= " where {$where}"; } $row = db_query_first($sql, $args); $numaccounts = $row[0]; if (!empty($where)) { echo "{$numaccounts} matching accounts<br>\n"; } else { echo "{$numaccounts} total accounts<br>\n"; } $numpages = ceil($numaccounts / $accountsperpage); function print_pages($page, $numpages) { $fmt = "admin.phtml?page=%d"; /* no maximum (maxjump=0)! */ print "Page: " . gen_pagenav($fmt, $page, $numpages, 0) . "<br>\n"; } print_pages($page, $numpages); ?>
require_once "postmessage.inc"; /* sets $msg['mid'] to the new message id */ if (postmessage($user, $forum['fid'], $msg, $_POST) == true) { $tpl->set_var("duplicate", ""); } require_once "mailfrom.inc"; $sql = "select * from f_tracking where fid = ? and tid = ? and options = 'SendEmail' and aid != ?"; $sth = db_query($sql, array($forum['fid'], $msg['tid'], $user->aid)); $track = $sth->fetch(); if ($track) { $iid = mid_to_iid($thread['mid']); if (!isset($iid)) { throw new RuntimeException("no iid for thread mid " . $thread['mid']); } $sql = "select subject from f_messages{$iid} where mid = ?"; $row = db_query_first($sql, array($thread['mid'])); list($t_subject) = $row; $e_message = substr($msg['message'], 0, 1024); if (strlen($msg['message']) > 1024) { $bytes = strlen($msg['message']) - 1024; $plural = $bytes == 1 ? '' : 's'; $e_message .= "...\n\nMessage continues for another {$bytes} byte{$plural}\n"; } $tpl->set_var(array("THREAD_SUBJECT" => $t_subject, "USER_NAME" => $user->name, "HOST" => $_url, "FORUM_NAME" => $forum['name'], "FORUM_SHORTNAME" => $forum['shortname'], "MSG_MID" => $msg['mid'], "MAIL_MSG_SUBJECT" => $msg['subject'], "MAIL_MSG_MESSAGE" => $e_message, "PHPVERSION" => phpversion())); do { $uuser = new ForumUser($track['aid']); $tpl->set_var("EMAIL", $uuser->email); $e_message = $tpl->parse("MAIL", "mail"); $e_message = textwrap($e_message, 78, "\n"); mailfrom("followup-" . $track['aid'] . "@" . $bounce_host, $uuser->email, $e_message); } while ($track = $sth->fetch());
if (isset($_REQUEST['time']) && is_numeric($_REQUEST['time'])) { $time = $_REQUEST['time']; } else { $time = time(); } /* Unix time (seconds since epoch) */ /* Convert it to MySQL format */ /* TZ: strftime is local time of SQL server -> used for tstamp */ $time = strftime("%Y%m%d%H%M%S", $time); if ($tid == "all") { require_once "thread.inc"; /* for is_thread_bumped() */ foreach ($tthreads as $tthread) { $iid = tid_to_iid($tthread['tid']); if (!isset($iid)) { continue; } /* TZ: unixtime is seconds since epoch */ $thread = db_query_first("select *, UNIX_TIMESTAMP(tstamp) as unixtime from f_threads{$iid} where tid = ?", array($tthread['tid'])); if (is_thread_bumped($thread)) { /* TZ: tstamp is sql local time */ db_exec("update f_tracking set tstamp = ? where fid = ? and tid = ? and aid = ?", array($time, $forum['fid'], $thread['tid'], $user->aid)); } } } else { if (is_numeric($tid)) { /* TZ: tstamp is SQL server local time, NOT PHP server local time */ db_exec("update f_tracking set tstamp = ? where fid = ? and tid = ? and aid = ?", array($time, $forum['fid'], $tid, $user->aid)); } } Header("Location: " . $page);
continue; } echo "{$aid} has {$count} posts in {$table} (fid={$fid})\n"; if ($dry_run) { $cmd = "select count(*) from {$table} WHERE {$where}"; printf("'{$cmd}', array(" . implode(", ", $where_args) . ")\n"); $row = db_query_first($cmd, $where_args); $count = $row[0]; printf("Matched %d messages\n", $count); } else { $num_affected = sql_execute_wrapper("UPDATE {$table} SET state = 'Deleted', " . "flags = CONCAT_WS(',', IF(flags = '', NULL, flags), 'StateLocked'), " . "changes = CONCAT_WS('\\n', changes, ?) " . "WHERE {$where}", array_merge(array($changes), $where_args)); printf("Deleted %d messages\n", $num_affected); } $row = db_query_first("select count(*) from {$table} where aid = ? AND state = 'Deleted'", array($aid)); $deleted = $row[0]; $row = db_query_first("select count(*) from {$table} where aid = ? AND state = 'Active'", array($aid)); $active = $row[0]; sql_execute_wrapper("replace into f_upostcount (aid, fid, status, count ) values ( ?, ?, 'Deleted', ? )", array($aid, $fid, $deleted)); sql_execute_wrapper("replace into f_upostcount (aid, fid, status, count ) values ( ?, ?, 'Active', ? )", array($aid, $fid, $active)); printf("Change log entry: '%s'\n", $changes); } function sql_execute_wrapper($cmd, $args = array()) { global $dry_run; if ($dry_run) { printf("dry run '%s'" . ($args ? " array(" . implode(", ", $args) . ")" : "") . "\n", $cmd); } else { //printf("real '%s'\n", $cmd); return db_exec($cmd, $args); } }
exit; } require_once "strip.inc"; require_once "message.inc"; $tpl->set_file(array("del" => "delete.tpl", "message" => "message.tpl", "forum_header" => array("forum/" . $forum['shortname'] . ".tpl", "forum/generic.tpl"))); $tpl->set_block("del", "disabled"); message_set_block($tpl); $tpl->set_var("FORUM_NAME", $forum['name']); $tpl->set_var("FORUM_SHORTNAME", $forum['shortname']); $tpl->parse("FORUM_HEADER", "forum_header"); $iid = mid_to_iid($mid); if (!isset($iid)) { echo "Invalid message!\n"; exit; } $sql = "select * from f_messages{$iid} where mid = ?"; $msg = db_query_first($sql, array($mid)); if ($msg['aid'] != $user->aid) { echo "This message does not belong to you!\n"; exit; } if (!isset($forum['option']['PostEdit'])) { $tpl->set_var(array("image" => "", "preview" => "", "form" => "", "accept" => "")); print generate_page('Delete Message Denied', $tpl->parse("CONTENT", "disabled")); exit; } $tpl->set_var("disabled", ""); render_message($tpl, $msg, $user); $tpl->set_var("PAGE", $_page); $tpl->parse("PREVIEW", "message"); print generate_page('Delete Message', $tpl->parse("CONTENT", "del"));
function findkey($key) { $sql = "select id from `keys` where `key` = :iskey"; return db_query_first($sql, array(":iskey" => $key)); }
function db_find($table, $id) { if (empty($id) || empty($table)) { return array(); } return db_query_first("select * from {$table} where id = :id", array(':id' => $id)); }
if (!$users) { echo "All users already have createip set, doing nothing.\n"; exit(0); } echo "Found " . count($users) . " broken users.\n"; $sth = db_query("SHOW TABLES LIKE 'f_messages%'"); $tables = array(); while ($row = $sth->fetch()) { $tables[] = $row[0]; } $sth->closeCursor(); echo "There are " . count($tables) . " message tables.\n"; foreach ($users as $aid) { echo "Fixing aid {$aid}..."; $sub_queries = array(); $sub_args = array(); foreach ($tables as $table) { $sub_queries[] = "(SELECT ip, date FROM {$table} WHERE aid = ? ORDER BY date LIMIT 1)"; $sub_args[] = $aid; } $sql = "SELECT ip FROM (" . implode(" UNION ", $sub_queries) . ") m ORDER BY m.date LIMIT 1"; $row = db_query_first($sql, $sub_args); if (!$row) { echo " user has no messages, skipping.\n"; continue; } list($ip) = $row; echo " first message IP is {$ip}"; db_exec("UPDATE u_users SET createip = ? WHERE aid = ?", array($ip, $aid)); echo " done.\n"; }