while ($movetopic = DB_fetchArray($moveResult)) { DB_query("UPDATE {$_TABLES['gf_topic']} SET forum='{$newforumid}' WHERE id='{$movetopic['id']}'"); } // Update any topic subscription records - need to change the forum ID record DB_query("UPDATE {$_TABLES['gf_watch']} SET forum_id = '{$newforumid}' WHERE topic_id='{$moveid}'"); DB_query("UPDATE {$_TABLES['gf_topic']} SET forum = '{$newforumid}', moved = '1' WHERE id={$moveid}"); // Update the Last Post Information gf_updateLastPost($newforumid, $moveid); gf_updateLastPost($forum); // Update Topic and Post Count for the effected forums DB_query("UPDATE {$_TABLES['gf_forums']} SET topic_count=topic_count+1, post_count=post_count+{$postCount} WHERE forum_id={$newforumid}"); DB_query("UPDATE {$_TABLES['gf_forums']} SET topic_count=topic_count-1, post_count=post_count-{$postCount} WHERE forum_id={$forum}"); // Remove any lastviewed records in the log so that the new updated topic indicator will appear DB_query("DELETE FROM {$_TABLES['gf_log']} WHERE topic='{$moveid}'"); $link = "{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$moveid}"; forum_statusMessage($LANG_GF02['msg163'], $link, $LANG_GF02['msg163']); } gf_siteFooter(); exit; } } if ($modfunction == 'deletepost' and forum_modPermission($forum, $_USER['uid'], 'mod_delete') and $fortopicid != 0) { if ($top == 'yes') { $alertmessage = $LANG_GF02['msg65'] . "<p>"; } else { $alertmessage = ''; } $subject = DB_getITEM($_TABLES['gf_topic'], "subject", "id='{$msgpid}'"); $alertmessage .= sprintf($LANG_GF02['msg64'], $fortopicid, $subject); $promptform = '<p><FORM ACTION="' . $_CONF['site_url'] . '/forum/moderation.php" METHOD="POST">'; $promptform .= '<INPUT TYPE="hidden" NAME="modconfirmdelete" VALUE="1">';
} } elseif ($op == 'banip' && $ip == '') { $messagetemplate = new Template($_CONF['path_layout'] . 'forum/layout/admin'); $messagetemplate->set_file(array('messagetemplate' => 'message.thtml')); $messagetemplate->set_var('message', $LANG_GF01['ERROR']); $messagetemplate->set_var('transfer', $LANG_GF96['specip']); $messagetemplate->parse('output', 'messagetemplate'); echo $messagetemplate->finish($messagetemplate->get_var('output')); echo COM_endBlock(); echo adminfooter(); echo COM_siteFooter(true); exit; } if ($op == 'unban' && $ip != '') { DB_query("DELETE FROM {$_TABLES['gf_banned_ip']} WHERE (host_ip='{$ip}')"); forum_statusMessage($LANG_GF96['ipunbanned'], $_CONF['site_admin_url'] . '/plugins/forum/ips.php', $LANG_GF96['ipunbanned']); echo COM_endBlock(); echo adminfooter(); echo COM_siteFooter(); } if (!empty($forum)) { $theforum = "WHERE forum='{$forum}'"; } else { $theforum = ''; } if ($op == '') { $bannedsql = DB_query("SELECT * FROM {$_TABLES['gf_banned_ip']} ORDER BY host_ip DESC"); $bannum = DB_numRows($bannedsql); $p = new Template($_CONF['path_layout'] . 'forum/layout/admin'); $p->set_file(array('page' => 'banip_mgmt.thtml', 'records' => 'ip_records.thtml')); if ($bannum == 0) {
forum_chkUsercanAccess(true); // SAVE SETTINGS if (isset($_POST['submit'])) { $xtopicsperpage = COM_applyFilter($_POST['xtopicsperpage'], true); $xpostsperpage = COM_applyFilter($_POST['xpostsperpage'], true); $xpopularlimit = COM_applyFilter($_POST['xpopularlimit'], true); $xmessagesperpage = COM_applyFilter($_POST['xmessagesperpage'], true); $xsearchlines = COM_applyFilter($_POST['xsearchlines'], true); $xmembersperpage = COM_applyFilter($_POST['xmembersperpage'], true); $xemailnotify = COM_applyFilter($_POST['xemailnotify'], true); $xviewanonposts = COM_applyFilter($_POST['xviewanonposts'], true); $xalwaysnotify = COM_applyFilter($_POST['xalwaysnotify'], true); $xnotifyonce = COM_applyFilter($_POST['xnotifyonce'], true); $xshowiframe = COM_applyFilter($_POST['xshowiframe'], true); DB_query("UPDATE {$_TABLES['gf_userprefs']} SET\r\n topicsperpage='{$xtopicsperpage}',\r\n postsperpage='{$xpostsperpage}',\r\n popularlimit='{$xpopularlimit}',\r\n searchlines='{$xsearchlines}',\r\n membersperpage='{$xmembersperpage}',\r\n enablenotify='{$xemailnotify}',\r\n viewanonposts='{$xviewanonposts}',\r\n alwaysnotify='{$xalwaysnotify}',\r\n notify_once='{$xnotifyonce}',\r\n showiframe='{$xshowiframe}'\r\n WHERE uid='{$_USER['uid']}'"); forum_statusMessage($LANG_GF92['setsavemsg'], $_CONF['site_url'] . '/forum/userprefs.php', $LANG_GF92['setsavemsg']); gf_siteFooter(); exit; } // SETTINGS MAIN if (!isset($_POST['$submit'])) { // Get user specific settings from database $result = DB_query("SELECT * FROM {$_TABLES['gf_userprefs']} WHERE uid='{$_USER['uid']}'"); $nrows = DB_numRows($result); if ($nrows == 0) { // Insert a new blank record. Defaults are set in SQL Defintion for table. DB_query("INSERT INTO {$_TABLES['gf_userprefs']} (uid) VALUES ('{$_USER['uid']}')"); $result = DB_query("SELECT * FROM {$_TABLES['gf_userprefs']} WHERE uid='{$_USER['uid']}'"); } $A = DB_fetchArray($result); if ($A['viewanonposts'] == 1) {
DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE (id='{$id}')"); $notifytype = COM_applyFilter($_GET['filter']); forum_statusMessage($LANG_GF02['msg42'], "{$_CONF['site_url']}/forum/notify.php?filter={$notifytype}", $LANG_GF02['msg42']); exit; } elseif ($_REQUEST['submit'] == 'delete2' and $id != '') { // Check and see if subscribed to complete forum and if so - unsubscribe to just this topic if (DB_getItem($_TABLES['gf_watch'], 'topic_id', "id='{$id}'") == 0) { $ntopic = -$topic; // Negative Value DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE uid='{$_USER['uid']}' AND forum_id='{$forum}' and topic_id = '{$topic}'"); DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE uid='{$_USER['uid']}' AND forum_id='{$forum}' and topic_id = '{$ntopic}'"); DB_query("INSERT INTO {$_TABLES['gf_watch']} (forum_id,topic_id,uid,date_added) VALUES ('{$forum}','{$ntopic}','{$_USER['uid']}',now() )"); } else { DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE (id='{$id}')"); } forum_statusMessage($LANG_GF02['msg146'], $_CONF['site_url'] . "/forum/viewtopic.php?showtopic={$topic}", $LANG_GF02['msg146']); exit; } // NOTIFY MAIN $notifytype = COM_applyFilter($_REQUEST['filter']); $op = COM_applyFilter($_REQUEST['op']); $show = COM_applyFilter($_GET['show'], true); $page = COM_applyFilter($_GET['page'], true); // Page Navigation Logic if ($show == 0) { $show = $CONF_FORUM['show_messages_perpage']; } // Check if this is the first page. if ($page == 0) { $page = 1; }
$level2name = @htmlspecialchars($_POST['level2name'], ENT_QUOTES, $CONF_FORUM['charset']); $level3name = @htmlspecialchars($_POST['level3name'], ENT_QUOTES, $CONF_FORUM['charset']); $level4name = @htmlspecialchars($_POST['level4name'], ENT_QUOTES, $CONF_FORUM['charset']); $level5name = @htmlspecialchars($_POST['level5name'], ENT_QUOTES, $CONF_FORUM['charset']); $cb_enable = COM_applyFilter($_POST['cb_enable'], true); $cb_homepage = COM_applyFilter($_POST['cb_homepage'], true); $cb_where = COM_applyFilter($_POST['cb_where'], true); $cb_subjectsize = COM_applyFilter($_POST['cb_subjectsize'], true); $cb_numposts = COM_applyFilter($_POST['cb_numposts'], true); $sb_subjectsize = COM_applyFilter($_POST['sb_subjectsize'], true); $sb_numposts = COM_applyFilter($_POST['sb_numposts'], true); $sb_latestposts = COM_applyFilter($_POST['sb_latestposts'], true); $CONF_FORUM['autorefresh_delay'] = $refreshdelay; // Set this so that it can take immediate effect DB_query("UPDATE {$_TABLES['gf_settings']} SET \r\n registrationrequired='{$registrationrequired}',\r\n registerpost='{$registerpost}',\r\n allowhtml='{$allowhtml}',\r\n glfilter='{$glfilter}',\r\n censor='{$censor}',\r\n showmood='{$showmood}',\r\n allowsmilies='{$allowsmilies}',\r\n allow_notify='{$allow_notify}',\r\n post_htmlmode='{$post_htmlmode}',\r\n allow_userdatefmt='{$allow_userdatefmt}',\r\n showiframe='{$showiframe}',\r\n autorefresh='{$autorefresh}',\r\n refresh_delay='{$refresh_delay}',\r\n viewtopicnumchars='{$viewtopicnumchars}',\r\n topicsperpage='{$topicsperpage}',\r\n postsperpage='{$postsperpage}',\r\n messagesperpage='{$messagesperpage}',\r\n searchesperpage='{$searchesperpage}',\r\n popular='{$popular}',\r\n speedlimit='{$speedlimit}',\r\n edit_timewindow='{$edit_timewindow}',\r\n use_spamxfilter='{$use_spamxfilter}',\r\n use_geshi_formatting='{$use_geshi_formatting}',\r\n use_pmplugin='{$use_pmplugin}',\r\n use_smiliesplugin='{$use_smiliesplugin}',\r\n min_comment_len='{$min_comment_len}',\r\n min_name_len='{$min_name_len}',\r\n min_subject_len='{$min_subject_len}',\r\n html_newline='{$html_newline}',\r\n level1='{$level1}',\r\n level2='{$level2}',\r\n level3='{$level3}',\r\n level4='{$level4}',\r\n level5='{$level5}', \r\n level1name='{$level1name}',\r\n level2name='{$level2name}',\r\n level3name='{$level3name}',\r\n level4name='{$level4name}',\r\n level5name='{$level5name}',\r\n cb_enable='{$cb_enable}',\r\n cb_homepage='{$cb_homepage}',\r\n cb_where='{$cb_where}',\r\n cb_subjectsize='{$cb_subjectsize}',\r\n cb_numposts='{$cb_numposts}',\r\n sb_subjectsize='{$sb_subjectsize}',\r\n sb_numposts='{$sb_numposts}',\r\n sb_latestposts='{$sb_latestposts}'\r\n "); forum_statusMessage($LANG_GF92['setsave'], "{$_CONF['site_admin_url']}/plugins/forum/settings.php", $LANG_GF92['setsavemsg']); echo COM_endBlock(); echo COM_siteFooter(); exit; } $result = DB_query("SELECT * FROM {$_TABLES['gf_settings']}"); /* Retrieve Settings that can be over-ridden by user preference to show global settings */ $A = DB_fetchArray($result); $CONF_FORUM['show_topicreview'] = $A['showiframe']; $CONF_FORUM['use_autorefresh'] = $A['autorefresh']; $CONF_FORUM['views_tobe_popular'] = $A['popular']; // * Added as of Version 2.4 $CONF_FORUM['show_subject_length'] = $A['viewtopicnumchars']; $CONF_FORUM['show_topics_perpage'] = $A['topicsperpage']; $CONF_FORUM['show_posts_perpage'] = $A['postsperpage']; $CONF_FORUM['statusmsg_pause'] = $A['statusmsg_pause'];
DB_query($sql); } elseif ($notify == 'on' and $currentTopicUnNotifyRecID > 1) { // Had un-subcribed to topic and now wants to subscribe DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE id={$currentTopicUnNotifyRecID}"); } elseif ($notify == '' and $currentTopicNotifyRecID > 1) { // Subscribed to topic - but does not want to be notified anymore DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE uid='{$uid}' AND forum_id='{$forum}' and topic_id = '{$id}'"); } elseif ($notify == '' and $currentForumNotifyRecID > 1) { // Subscribed to forum - but does not want to be notified about this topic DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE uid='{$uid}' AND forum_id='{$forum}' and topic_id = '{$id}'"); DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE uid='{$uid}' AND forum_id='{$forum}' and topic_id = '{$nid}'"); DB_query("INSERT INTO {$_TABLES['gf_watch']} (forum_id,topic_id,uid,date_added) VALUES ('{$forum}','{$nid}','{$uid}',now() )"); } COM_updateSpeedlimit('forum'); $link = "{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$id}&lastpost=true#{$lastid}"; forum_statusMessage($LANG_GF02['msg19'], $link, $LANG_GF02['msg19'], true, $forum); } } else { alertMessage($LANG_GF02['msg18']); } } } if ($msg == '') { gf_siteFooter(); exit; } } // EDIT MESSAGE $comment = COM_stripslashes($_POST['comment']); if ($id > 0) { $sql = "SELECT a.forum,a.pid,a.comment,a.date,a.locked,a.subject,a.mood,a.sticky,a.uid,a.name,a.postmode,";
} else { $link = "<p><a href=\"{$_CONF['site_url']}/forum/index.php?forum={$forum}\">{$LANG_GF02['msg175']}</a><p />"; $report->set_var('bottomlink', $link); } $report->parse('output', 'report'); echo $report->finish($report->get_var('output')); // Display Common headers gf_siteFooter(); exit; } if ($op == 'subscribe') { if ($forum != 0) { DB_query("INSERT INTO {$_TABLES['gf_watch']} (forum_id,topic_id,uid,date_added) VALUES ('{$forum}','0','{$_USER['uid']}', now() )"); // Delete all individual topic notification records DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE uid='{$_USER['uid']}' AND forum_id='{$forum}' and topic_id > '0' "); forum_statusMessage($LANG_GF02['msg134'], $_CONF['site_url'] . '/forum/index.php?forum=' . $forum, $LANG_GF02['msg135']); } else { BlockMessage($LANG_GF01['ERROR'], $LANG_GF02['msg136'], false); } // Display Common headers gf_siteFooter(); exit; } // MAIN CODE BEGINS to view forums or topics within a forum ForumHeader($forum, $showtopic); // Check if the number of records was specified to show - part of page navigation. // Will be 0 if not set - as I'm now passing this tru gf_applyFilte() at top of script if ($show == 0 and $CONF_FORUM['show_topics_perpage'] > 0) { $show = $CONF_FORUM['show_topics_perpage']; } elseif ($show == 0) { $show = 20;
} // Pass thru filter any get or post variables to only allow numeric values and remove any hostile data $id = COM_applyFilter($_REQUEST['id'], true); //Check is anonymous users can access if ($CONF_FORUM['registration_required'] && $_USER['uid'] < 2) { echo COM_siteHeader(); echo COM_startBlock(); alertMessage($LANG_GF02['msg01'], $LANG_GF02['msg171']); echo COM_endBlock(); echo COM_siteFooter(); exit; } //Check is anonymous users can access if ($id == 0 or DB_count($_TABLES['gf_topic'], "id", "{$id}") == 0) { echo COM_siteHeader(); forum_statusMessage($LANG_GF02['msg166'], $_CONF['site_url'] . "/forum/index.php?forum={$forum}", $LANG_GF02['msg166']); echo COM_siteFooter(); exit; } $forum = DB_getItem($_TABLES['gf_topic'], "forum", "id='{$id}'"); $query = DB_query("SELECT grp_name from {$_TABLES['groups']} groups, {$_TABLES['gf_forums']} forum WHERE forum.forum_id='{$forum}' AND forum.grp_id=groups.grp_id"); list($groupname) = DB_fetchArray($query); if (!SEC_inGroup($groupname) and $grp_id != 2) { echo COM_siteHeader(); alertMessage($LANG_GF02['msg02'], $LANG_GF02['msg171']); echo COM_siteFooter(); exit; } $result = DB_query("SELECT * FROM {$_TABLES['gf_topic']} WHERE (id='{$id}')"); $A = DB_fetchArray($result); if ($CONF_FORUM['allow_smilies']) {
$privgroup = COM_applyFilter($_POST['privgroup'], true); $is_readonly = COM_applyFilter($_POST['is_readonly'], true); $is_hidden = COM_applyFilter($_POST['is_hidden'], true); $no_newposts = COM_applyFilter($_POST['no_newposts'], true); if ($privgroup == 0) { $privgroup = 2; } $attachmentgroup = COM_applyFilter($_POST['attachmentgroup'], true); if ($attachmentgroup == 0) { $privgroup = 1; } $sql = "UPDATE {$_TABLES['gf_forums']} SET forum_name='{$name}',forum_dscp='{$dscp}', grp_id={$privgroup}, "; $sql .= "is_hidden='{$is_hidden}', is_readonly='{$is_readonly}', no_newposts='{$no_newposts}',use_attachment_grpid={$attachmentgroup} "; $sql .= "WHERE forum_id='{$id}'"; DB_query($sql); forum_statusMessage($LANG_GF93['forumedited'], $_CONF['site_admin_url'] . '/plugins/forum/boards.php', $LANG_GF93['forumedited']); echo COM_endBlock(); echo COM_siteFooter(); exit; } elseif ($mode == $LANG_GF01['RESYNC']) { gf_resyncforum($id); } elseif ($mode == $LANG_GF01['EDIT']) { $sql = "SELECT forum_name,forum_cat,forum_dscp,grp_id,use_attachment_grpid,forum_order,is_hidden,is_readonly,no_newposts "; $sql .= "FROM {$_TABLES['gf_forums']} WHERE (forum_id='{$id}')"; $resForum = DB_query($sql); list($forum_name, $forum_category, $forum_dscp, $privgroup, $attachgroup, $forum_order, $is_hidden, $is_readonly, $no_newposts) = DB_fetchArray($resForum); $resGroups = DB_query("SELECT DISTINCT grp_id,grp_name FROM {$_TABLES['groups']}"); $nrows = DB_numRows($resGroups); $grouplist = ''; $attachgrouplist = ''; while (list($grp, $name) = DB_fetchARRAY($resGroups)) {