private function remove() { $v = _request(array('event' => 0)); if (_empty($v)) { return; } $sql = 'SELECT * FROM _events WHERE id = ?'; if (!$row = sql_fieldrow(sql_filter($sql, $event))) { _pre('El evento no existe.', true); } $e_artist = explode(nr(), $artist); foreach ($e_artist as $row) { $subdomain = get_subdomain($row); $sql = 'SELECT * FROM _artists WHERE subdomain = ?'; if ($a_row = sql_fieldrow(sql_filter($sql, $subdomain))) { $sql = 'DELETE FROM _artists_events WHERE a_artist = ? AND a_event = ?'; sql_query(sql_filter($sql, $a_row['ub'], $event)); } } return redirect(s_link('events', $row['event_alias'])); }
function prepare_message($message) { global $config; // Do some general 'cleanup' first before processing message, // e.g. remove excessive newlines(?), smilies(?) // Transform \r\n and \r into \n $match = array('#\r\n?#', '#sid=[a-z0-9]*?&?#', "#([\n][\s]+){3,}#", '#(script|about|applet|activex|chrome):#i'); $replace = array(nr(), '', nr(false, 2), "\\1:"); $message = preg_replace($match, $replace, trim($message)); $allowed_tags = split(',', $config['allow_html_tags']); if (sizeof($allowed_tags)) { $message = preg_replace('#<(\/?)(' . str_replace('*', '.*?', implode('|', $allowed_tags)) . ')>#is', '<$1$2>', $message); } return $message; }
function npi_sql_filter() { if (!($args = func_get_args())) { return false; } $sql = array_shift($args); if (is_array($sql)) { $sql_ary = w(); foreach ($sql as $row) { $sql_ary[] = npi_sql_filter($row, $args); } return $sql_ary; } $count_args = count($args); $sql = str_replace('%', '[!]', $sql); if (!$count_args || $count_args < 1) { return str_replace('[!]', '%', $sql); } if ($count_args == 1 && is_array($args[0])) { $args = $args[0]; } foreach ($args as $i => $arg) { $args[$i] = strpos($arg, '/***/') !== false ? $arg : npi_sql_escape($arg); } foreach ($args as $i => $row) { if (strpos($row, 'addquotes') !== false) { $e_row = explode(',', $row); array_shift($e_row); foreach ($e_row as $j => $jr) { $e_row[$j] = "'" . $jr . "'"; } $args[$i] = implode(',', $e_row); } } array_unshift($args, str_replace(w('?? ?'), w("%s '%s'"), $sql)); // Conditional deletion of lines if input is zero if (strpos($args[0], '-- ') !== false) { $e_sql = explode(nr(), $args[0]); $matches = 0; foreach ($e_sql as $i => $row) { $e_sql[$i] = str_replace('-- ', '', $row); if (strpos($row, '%s')) { $matches++; } if (strpos($row, '-- ') !== false && !$args[$matches]) { unset($e_sql[$i], $args[$matches]); } } $args[0] = implode($e_sql); } return str_replace('[!]', '%', hook('sprintf', $args)); }
public function object() { global $auth, $user, $config, $comments, $upload; $mode = request_var('mode', ''); switch ($mode) { case 'view': case 'fav': case 'rsvp': $download_id = request_var('download_id', 0); if (!$download_id) { redirect(s_link('events', $this->v('event_alias'))); } switch ($mode) { case 'view': $sql = 'SELECT e.*, COUNT(e2.image) AS prev_images FROM _events_images e, _events_images e2 WHERE e.event_id = ? AND e.event_id = e2.event_id AND e.image = ? AND e2.image <= ? GROUP BY e.image ORDER BY e.image ASC'; $sql = sql_filter($sql, $this->v('id'), $download_id, $download_id); break; case 'rsvp': $sql = ''; break; default: $sql = 'SELECT e2.* FROM _events_images e2 LEFT JOIN _events e ON e.id = e2.event_id WHERE e2.event_id = ? AND e2.image = ?'; $sql = sql_filter($sql, $this->v('id'), $download_id); break; } if (!empty($sql)) { if (!$imagedata = sql_fieldrow($sql)) { redirect(s_link('events', $this->v('event_alias'))); } } break; } switch ($mode) { case 'fav': if (!$user->is('member')) { do_login(); } $sql = 'SELECT * FROM _events_fav WHERE event_id = ? AND image_id = ? AND member_id = ?'; if ($row = sql_fieldrow(sql_filter($sql, $this->v('id'), $imagedata['image'], $user->d('user_id')))) { $sql = 'UPDATE _events_fav SET fav_date = ? WHERE event_id = ? AND image_id = ?'; sql_query(sql_filter($sql, time(), $this->v('id'), $imagedata['image'])); } else { $sql_insert = array( 'event_id' => (int) $this->v('id'), 'image_id' => (int) $imagedata['image'], 'member_id' => (int) $user->d('user_id'), 'fav_date' => time() ); sql_insert('events_fav', $sql_insert); } redirect(s_link('events', $this->v('event_alias'), $imagedata['image'], 'view')); break; case 'rsvp': $choice = array_key(array_keys(request_var('choice', array(0 => ''))), 0); $topic_id = $this->v('event_topic'); if (!$topic_id) { fatal_error(); } if (!$choice) { redirect(s_link('events', $this->v('event_alias'))); } if (!$user->is('member')) { do_login(); } $sql = 'SELECT vd.vote_id FROM _poll_options vd, _poll_results vr WHERE vd.topic_id = ? AND vr.vote_id = vd.vote_id AND vr.vote_option_id = ? GROUP BY vd.vote_id'; if (!$vote_id = sql_field(sql_filter($sql, $topic_id, $choice), 'vote_id', 0)) { fatal_error(); } $sql = 'SELECT * FROM _poll_voters WHERE vote_id = ? AND vote_user_id = ?'; if (!sql_fieldrow(sql_filter($sql, $vote_id, $user->d('user_id')))) { $sql = 'UPDATE _poll_results SET vote_result = vote_result + 1 WHERE vote_id = ? AND vote_option_id = ?'; sql_query(sql_filter($sql, $vote_id, $choice)); $insert_vote = array( 'vote_id' => (int) $vote_id, 'vote_user_id' => (int) $user->d('user_id'), 'vote_user_ip' => $user->ip, 'vote_cast' => (int) $choice ); sql_insert('poll_voters', $insert_vote); } redirect(s_link('events', $this->v('event_alias'))); break; case 'view': default: /** * Generate thumbnail for events list. */ if ($user->is('colab') && !$this->v('images') && _button('create_thumbnail')) { $location_large = $config['events_path'] . 'future/' . $this->v('id') . '.jpg'; $location_mini = $config['events_path'] . 'mini/' . $this->v('id') . '.jpg'; $x1 = request_var('x1', 0); $y1 = request_var('y1', 0); $x2 = request_var('x2', 0); $y2 = request_var('y2', 0); $w = request_var('w', 0); $h = request_var('h', 0); //Scale the image to the thumb_width set above $scale = $config['events_thumb_width'] / $w; $cropped = $upload->resizeThumbnailImage($location_mini, $location_large, $w, $h, $x1, $y1, $scale); redirect(s_link('events')); } /** * Normal operations */ $t_offset = request_var('offset', 0); if ($mode == 'view') { $sql = 'UPDATE _events_images SET views = views + 1 WHERE event_id = ? AND image = ?'; sql_query(sql_filter($sql, $this->v('id'), $imagedata['image'])); _style('selected', array( 'IMAGE' => $config['events_url'] . 'gallery/' . $this->v('id') . '/' . $imagedata['image'] . '.jpg', 'WIDTH' => $imagedata['width'], 'HEIGHT' => $imagedata['height'], 'FOOTER' => $imagedata['image_footer']) ); if ($user->is('founder')) { _style('selected.update', array( 'URL' => s_link('async eif'), 'EID' => $this->v('id'), 'PID' => $imagedata['image']) ); } $is_fav = false; if ($user->is('member')) { $sql = 'SELECT member_id FROM _events_fav WHERE event_id = ? AND image_id = ? AND member_id = ?'; if (sql_field(sql_filter($sql, $this->v('id'), $imagedata['image'], $user->d('user_id')), 'member_id', 0)) { $is_fav = true; } } if (!$is_fav || !$user->is('member')) { _style('selected.fav', array( 'URL' => s_link('events', $this->v('id'), $imagedata['image'], 'fav')) ); } } else { if (!$t_offset && $user->is('founder')) { $sql = 'UPDATE _events SET views = views + 1 WHERE id = ?'; sql_query(sql_filter($sql, $this->v('id'))); } } $sql = 'SELECT t.topic_id, t.topic_title, t.topic_locked, t.topic_replies, t.topic_time, t.topic_important, t.topic_vote, t.topic_featured, t.topic_points, t.topic_last_post_id, f.forum_alias, f.forum_name, f.forum_locked, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_announce, f.auth_pollcreate, f.auth_vote FROM _forum_topics t, _forums f WHERE t.topic_id = ? AND f.forum_id = t.forum_id'; if (!$event_topic = sql_fieldrow(sql_filter($sql, $this->v('event_topic')))) { fatal_error(); } $mod_auth = $user->is('mod'); $error = w(); $forum_id = $event_topic['forum_id']; $submit_reply = _button('post'); $reply = request_var('reply', 0); if ($reply) { $post_reply = request_var('p', 0); $sql = 'SELECT p.*, u.user_id, u.username FROM _forum_posts p, _members u WHERE p.post_id = ? AND u.user_id = p.poster_id AND p.post_deleted = 0'; if (!$post_data = sql_fieldrow(sql_filter($sql, $post_reply))) { redirect(s_link('events', $this->v('event_alias'))); } } $is_auth = $auth->forum(AUTH_ALL, $forum_id, $event_topic); $u_event_alias = s_link('events', $this->v('event_alias')); $u_event_publish = ($reply) ? s_link('events', $this->v('event_alias'), $post_reply, 'reply') : $u_event_alias; if ($submit_reply) { $auth_key = 'auth_reply'; if (((!$is_auth['auth_view'] || !$is_auth['auth_read'])) || !$is_auth[$auth_key]) { if (!$user->is('member')) { do_login(); } $can_reply_closed = $auth->option(array('forum', 'topics', 'delete')); if (!$can_reply_closed && ($event_topic['forum_locked'] || $event_topic['topic_locked'])) { $error[] = 'TOPIC_LOCKED'; } if (sizeof($error)) { redirect($u_event_alias); } } $post_message = request_var('message', '', true); if ($reply) { $post_reply_message = request_var('reply_message', '', true); } // Check message if (empty($post_message)) { $error[] = 'EMPTY_MESSAGE'; } if (sizeof($error)) { redirect($u_event_alias); } if (!$mod_auth) { $sql = 'SELECT MAX(post_time) AS last_post_time FROM _forum_posts WHERE poster_id = ?'; if ($last_post_time = sql_field(sql_filter($sql, $user->d('user_id')))) { if (intval($last_post_time) > 0 && ($current_time - intval($last_post_time)) < intval($config['flood_interval'])) { $error[] = 'FLOOD_ERROR'; } } } if (sizeof($error)) { redirect($u_event_alias); } $update_topic = w(); if (strstr($post_message, '-Anuncio-') && $user->is('mod')) { $topic_announce = 1; $post_message = str_replace('-Anuncio-', '', $post_message); $update_topic['topic_announce'] = $topic_announce; } if (strstr($post_message, '-Cerrado-') && $user->is('mod')) { $topic_locked = 1; $post_message = str_replace('-Cerrado-', '', $post_message); $update_topic['topic_locked'] = $topic_locked; } $post_message = $comments->prepare($post_message); if ($reply && $post_reply_message != '') { $post_reply_message = preg_replace('#(^|[\n ]|\()(http|https|ftp)://([a-z0-9\-\.,\?!%\*_:;~\\&$@/=\+]+)(gif|jpg|jpeg|png)#ie', '', $post_reply_message); } if ($reply && empty($post_reply_message)) { $post_reply_message = '...'; } if ($reply && $post_reply_message != '') { $post_message = '<blockquote><strong>' . $post_data['username'] . "</strong>" . nr(false, 2) . $post_reply_message . '</blockquote><br /> ' . $post_message; } else { $reply = 0; } $insert_data = array( 'topic_id' => (int) $this->v('event_topic'), 'forum_id' => (int) $forum_id, 'poster_id' => (int) $user->d('user_id'), 'post_time' => time(), 'poster_ip' => $user->ip, 'post_text' => $post_message, 'post_np' => '' ); if ($reply) { $insert_data['post_reply'] = $post_reply; } $post_id = sql_insert('forum_posts', $insert_data); $user->delete_unread(UH_T, $this->v('event_topic')); $user->save_unread(UH_T, $this->v('event_topic')); // $a_list = forum_for_team_list($forum_id); if (count($a_list)) { $sql_delete_unread = 'DELETE FROM _members_unread WHERE element = ? AND item = ? AND user_id NOT IN (??)'; sql_query(sql_filter($sql, 8, $this->v('event_topic'), implode(', ', $a_list))); } $update_topic['topic_last_post_id'] = $post_id; if ($topic_locked) { topic_feature($topic_id, 0); } $sql = 'UPDATE _forums SET forum_posts = forum_posts + 1, forum_last_topic_id = ? WHERE forum_id = ?'; sql_query(sql_filter($sql, $this->v('event_topic'), $forum_id)); $sql = 'UPDATE _forum_topics SET topic_replies = topic_replies + 1, ' . sql_build('UPDATE', $update_topic) . sql_filter(' WHERE topic_id = ?', $this->v('event_topic')); sql_query($sql); $sql = 'UPDATE _members SET user_posts = user_posts + 1 WHERE user_id = ?'; sql_query(sql_filter($sql, $user->d('user_id'))); redirect($u_event_alias); } // Get event thumbnails $t_per_page = 18; if ($mode == 'view' && $download_id) { $val = 1; $sql = 'SELECT MAX(image) AS total FROM _events_images WHERE event_id = ?'; if ($maximage = sql_field(sql_filter($sql, $this->v('id')), 'total', 0)) { $val = ($download_id == $maximage) ? 2 : 1; } $t_offset = floor(($imagedata['prev_images'] - $val) / $t_per_page) * $t_per_page; } if ($this->v('images')) { $exception_sql = (isset($download_id) && $download_id) ? sql_filter(' AND g.image <> ? ', $download_id) : ''; $sql = 'SELECT g.* FROM _events e, _events_images g WHERE e.id = ? AND e.id = g.event_id ' . $exception_sql . ' ORDER BY g.image ASC LIMIT ??, ??'; if (!$result = sql_rowset(sql_filter($sql, $this->v('id'), $t_offset, $t_per_page))) { redirect(s_link('events', $this->v('id'))); } build_num_pagination(s_link('events', $this->v('id'), 's%d'), $this->v('images'), $t_per_page, $t_offset, 'IMG_'); _style('thumbnails'); foreach ($result as $row) { _style('thumbnails.item', array( 'URL' => s_link('events', $this->v('event_alias'), $row['image'], 'view'), 'IMAGE' => $config['events_url'] . 'gallery/' . $this->v('id') . '/thumbnails/' . $row['image'] . '.jpg', 'RIMAGE' => $config['events_url'] . 'gallery/' . $this->v('id') . '/' . $row['image'] . '.jpg', 'FOOTER' => $row['image_footer'], 'WIDTH' => $row['width'], 'HEIGHT' => $row['height']) ); } // Credits $sql = 'SELECT * FROM _events_colab c, _members m WHERE c.colab_event = ? AND c.colab_uid = m.user_id ORDER BY m.username'; if ($result = sql_rowset(sql_filter($sql, $this->v('id')))) { _style('collab'); foreach ($result as $row) { _style('collab.row', array( 'PROFILE' => s_link('m', $row['username_base']), 'USERNAME' => $row['username']) ); } } } else { _style('event_flyer', array( 'IMAGE_SRC' => $config['events_url'] . 'future/' . $this->v('id') . '.jpg?u=' . $this->v('event_update')) ); $location_mini = $config['events_path'] . 'mini/' . $this->v('id') . '.jpg'; if ($user->is('colab') && !$this->v('images') && !@file_exists($location_mini)) { $large_filepath = $config['events_path'] . 'future/' . $this->v('id') . '.jpg'; _style('event_flyer.thumbnail', array( 'ACTION' => $u_event_alias, 'SCALE' => ($config['events_thumb_height'] / $config['events_thumb_width']), 'THUMB_WIDTH' => $config['events_thumb_width'], 'THUMB_HEIGHT' => $config['events_thumb_height'], 'LARGE_WIDTH' => $upload->getWidth($large_filepath), 'LARGE_HEIGHT' => $upload->getHeight($large_filepath) )); } } list($d, $m, $y) = explode(' ', gmdate('j n Y', time() + $user->timezone + $user->dst)); $midnight = gmmktime(0, 0, 0, $m, $d, $y) - $user->timezone - $user->dst; $event_date = $user->format_date($this->v('date'), 'j F Y \a \l\a\s H:i') . ' horas.'; if ($this->v('date') >= $midnight) { if ($this->v('date') >= $midnight && $this->v('date') < $midnight + 86400) { $event_date_format = lang('event_today'); } else if ($this->v('date') >= $midnight + 86400 && $this->v('date') < $midnight + (86400 * 2)) { $event_date_format = lang('event_tomorrow'); } else { $event_date_format = sprintf(lang('event_after'), $event_date); } } else { if ($this->v('date') >= ($midnight - 86400)) { $event_date_format = lang('event_yesterday'); } else { $event_date_format = sprintf(lang('event_before'), $event_date); } } v_style(array( 'EVENT_NAME' => $this->v('title'), 'EVENT_DATE' => $event_date_format, 'EVENT_URL' => $u_event_alias, 'EVENT_PUBLISH' => $u_event_publish) ); $posts_offset = request_var('ps', 0); $topic_id = $this->v('event_topic'); // START RSVP if ($topic_id) { $sql = 'SELECT vd.vote_id, vd.vote_text, vd.vote_start, vd.vote_length, vr.vote_option_id, vr.vote_option_text, vr.vote_result FROM _poll_options vd, _poll_results vr WHERE vd.topic_id = ? AND vr.vote_id = vd.vote_id ORDER BY vr.vote_option_order, vr.vote_option_id ASC'; if ($vote_info = sql_rowset(sql_filter($sql, $topic_id))) { $sql = 'SELECT vote_id FROM _poll_voters WHERE vote_id = ? AND vote_user_id = ?'; $user_voted = sql_field(sql_filter($sql, $vote_info[0]['vote_id'], $user->d('user_id')), 'vote_id', 0); $poll_expired = ($vote_info[0]['vote_length']) ? (($vote_info[0]['vote_start'] + $vote_info[0]['vote_length'] < time()) ? true : false) : false; _style('poll', array( 'POLL_TITLE' => $vote_info[0]['vote_text']) ); if ($user_voted || $poll_expired) { _style('poll.results'); foreach ($vote_info as $row) { if ($this->v('date') >= $midnight) { $caption = ($row['vote_result'] == 1) ? lang('rsvp_future_one') : lang('rsvp_future_more'); } else { $caption = ($row['vote_result'] == 1) ? lang('rsvp_past_one') : lang('rsvp_past_more'); } _style('poll.results.item', array( 'CAPTION' => $caption, 'RESULT' => $row['vote_result']) ); break; } } else { _style('poll.options', array( 'S_VOTE_ACTION' => s_link('events', $this->v('event_alias'), 1, 'rsvp')) ); foreach ($vote_info as $row) { $caption = ($this->v('date') >= $midnight) ? lang('rsvp_future') : lang('rsvp_past'); _style('poll.options.item', array( 'ID' => $row['vote_option_id'], 'CAPTION' => $caption) ); break; } } } } // END RSVP $sql = 'SELECT p.*, u.user_id, u.username, u.username_base, u.user_avatar, u.user_posts, u.user_gender, u.user_rank FROM _forum_posts p, _members u WHERE p.topic_id = ? AND u.user_id = p.poster_id AND p.post_deleted = 0 ORDER BY p.post_time DESC LIMIT ??, ??'; if (!$messages = sql_rowset(sql_filter($sql, $topic_id, $posts_offset, $config['posts_per_page']))) { redirect(s_link('events', $this->v('event_alias'))); } if (!$posts_offset) { //unset($messages[0]); } $i = 0; foreach ($messages as $row) { if (!$i) { $controls = w(); $user_profile = w(); $unset_user_profile = array('user_id', 'user_posts', 'user_gender'); _style('messages'); } if ($user->is('member')) { $controls[$row['post_id']]['reply'] = s_link('events', $this->v('event_alias'), $row['post_id'], 'reply'); if ($mod_auth) { $controls[$row['post_id']]['edit'] = s_link('acp', array('forums_post_modify', 'msg_id' => $row['post_id'])); $controls[$row['post_id']]['delete'] = s_link('acp', array('forums_post_delete', 'msg_id' => $row['post_id'])); } } $user_profile[$row['user_id']] = $comments->user_profile($row, '', $unset_user_profile); $data = array( 'POST_ID' => $row['post_id'], 'DATETIME' => $user->format_date($row['post_time']), 'MESSAGE' => $comments->parse_message($row['post_text']), 'PLAYING' => $row['post_np'], 'DELETED' => $row['post_deleted'] ); foreach ($user_profile[$row['user_id']] as $key => $value) { $data[strtoupper($key)] = $value; } _style('messages.row', $data); if (isset($controls[$row['post_id']])) { _style('messages.row.controls'); foreach ($controls[$row['post_id']] as $item => $url) { _style('messages.row.controls.' . $item, array( 'URL' => $url) ); } } $i++; } build_num_pagination(s_link('events', $this->v('event_alias'), 'ps%d'), $event_topic['topic_replies'], $config['posts_per_page'], $posts_offset, 'MSG_'); $publish_ref = ($posts_offset) ? s_link('events', $this->v('event_alias'), 's' . $t_offset) : s_link('events', $this->v('event_alias')); // Posting box if ($user->is('member')) { _style('publish', array( 'REF' => $publish_ref) ); if ($reply) { if (empty($post_reply_message)) { $post_reply_message = $comments->remove_quotes($post_data['post_text']); } if (!empty($post_reply_message)) { $rx = array('#(^|[\n ]|\()(http|https|ftp)://([a-z0-9\-\.,\?!%\*_:;~\\&$@/=\+]+)(gif|jpg|jpeg|png)#is', '#\[yt:[0-9a-zA-Z\-\=\_]+\]#is', '#\[sb\]#is', '#\[\/sb\]#is'); $post_reply_message = preg_replace($rx, '', $post_reply_message); } if (empty($post_reply_message)) { $post_reply_message = '...'; } _style('publish.reply', array( 'MESSAGE' => $post_reply_message) ); } } break; } $this->_title = $this->v('title'); $this->_template = 'events.view'; return true; }
public function _email() { if ($this->make) { return; } if (empty($this->data['email'])) { fatal_error(); } if (!$this->auth['user']) { do_login(); } global $user, $config; $error_msg = ''; $subject = ''; $message = ''; $current_time = time(); if (_button()) { $subject = request_var('subject', ''); $message = request_var('message', '', true); if (empty($subject) || empty($message)) { $error_msg .= (($error_msg != '') ? '<br />' : '') . lang('fields_empty'); } if (empty($error_msg)) { $sql = 'UPDATE _artists SET last_email = ?, last_email_user = ? WHERE ub = ?'; sql_query(sql_filter($sql, $current_time, $user->d('user_id'), $this->data['ub'])); $emailer = new emailer($config['smtp_delivery']); $emailer->from($user->d('user_email')); $email_headers = 'X-AntiAbuse: User_id - ' . $user->d('user_id') . nr(); $email_headers .= 'X-AntiAbuse: Username - ' . $user->d('username') . nr(); $email_headers .= 'X-AntiAbuse: User IP - ' . $user->ip . nr(); $emailer->use_template('mmg_send_email', $config['default_lang']); $emailer->email_address($this->data['email']); $emailer->set_subject($subject); $emailer->extra_headers($email_headers); $emailer->assign_vars(array( 'SITENAME' => $config['sitename'], 'BOARD_EMAIL' => $config['board_email'], 'FROM_USERNAME' => $user->d('username'), 'UB_NAME' => $this->data['name'], 'MESSAGE' => $message )); $emailer->send(); $emailer->reset(); redirect(s_link('a', $this->data['subdomain'])); } } if ($error_msg != '') { _style('error'); } v_style(array( 'ERROR_MESSAGE' => $error_msg, 'SUBJECT' => $subject, 'MESSAGE' => $message) ); return; }
public function _home() { global $config, $user, $cache, $upload; $error = w(); if (_button()) { $filepath = $config['events_path']; $filepath_1 = $filepath . 'future/'; $filepath_2 = $filepath_1 . 'thumbnails/'; $f = $upload->process($filepath_1, 'event_image', 'jpg'); if (!sizeof($upload->error) && $f !== false) { $img = sql_total('_events'); // Create vars $event_name = request_var('event_name', ''); $event_artists = request_var('event_artists', '', true); $event_year = request_var('event_year', 0); $event_month = request_var('event_month', 0); $event_day = request_var('event_day', 0); $event_hours = request_var('event_hours', 0); $event_minutes = request_var('event_minutes', 0); $event_current_topic = request_var('event_current_topic', 0); $v_date = gmmktime($event_hours, $event_minutes, 0, $event_month, $event_day, $event_year) - $user->timezone - $user->dst; foreach ($f as $row) { $xa = $upload->resize($row, $filepath_1, $filepath_1, $img, array(600, 400), false, false, true); if ($xa === false) { continue; } $xb = $upload->resize($row, $filepath_1, $filepath_2, $img, array(100, 75), false, false); $event_alias = friendly($event_name); $insert = array( 'event_alias' => $event_alias, 'title' => $event_name, 'archive' => '', 'date' => (int) $v_date, 'event_update' => time() ); $event_id = sql_insert('events', $insert); // $artists_ary = explode(nr(), $event_artists); foreach ($artists_ary as $row) { $subdomain = get_subdomain($row); $sql = 'SELECT * FROM _artists WHERE subdomain = ?'; if ($a_row = sql_fieldrow(sql_filter($sql, $subdomain))) { $sql = 'SELECT * FROM _artists_events WHERE a_artist = ? AND a_event = ?'; if (!sql_fieldrow(sql_filter($sql, $a_row['ub'], $event_id))) { $sql_insert = array( 'a_artist' => $a_row['ub'], 'a_event' => $event_id ); sql_insert('artists_events', $sql_insert); } } } // Alice: Create topic $event_url = $config['events_url'] . 'future/' . $img . '.jpg'; $post_message = 'Evento publicado'; $post_time = time(); $forum_id = 21; $poster_id = 1433; $sql = 'SELECT * FROM _forum_topics WHERE topic_id = ?'; if (!$row_current_topic = sql_fieldrow(sql_filter($sql, $event_current_topic))) { $insert = array( 'topic_title' => $event_name, 'topic_poster' => $poster_id, 'topic_time' => $post_time, 'forum_id' => $forum_id, 'topic_locked' => 0, 'topic_announce' => 0, 'topic_important' => 0, 'topic_vote' => 1, 'topic_featured' => 1, 'topic_points' => 1 ); $topic_id = sql_insert('forum_topics', $insert); $event_current_topic = 0; } else { $topic_id = $event_current_topic; $post_message .= ' en la sección de eventos'; $sql = 'UPDATE _forum_topics SET topic_title = ? WHERE topic_id = ?'; sql_query(sql_filter($sql, $event_name, $topic_id)); } $post_message .= '.'; $insert = array( 'topic_id' => (int) $topic_id, 'forum_id' => $forum_id, 'poster_id' => $poster_id, 'post_time' => $post_time, 'poster_ip' => $user->ip, 'post_text' => $post_message, 'post_np' => '' ); $post_id = sql_insert('forum_posts', $insert); $sql = 'UPDATE _events SET event_topic = ? WHERE id = ?'; sql_query(sql_filter($sql, $topic_id, $event_id)); $insert = array( 'topic_id' => (int) $topic_id, 'vote_text' => '¿Asistirás a ' . $event_name . '?', 'vote_start' => time(), 'vote_length' => (int) ($poll_length * 86400) ); $poll_id = sql_insert('poll_options', $insert); $poll_options = array(1 => 'Si asistiré'); foreach ($poll_options as $option_id => $option_text) { $sql_insert = array( 'vote_id' => (int) $poll_id, 'vote_option_id' => (int) $option_id, 'vote_option_text' => $option_text, 'vote_result' => 0 ); sql_insert('poll_results', $sql_insert); $poll_option_id++; } $sql = 'UPDATE _forums SET forum_posts = forum_posts + 1, forum_last_topic_id = ?' . ((!$event_current_topic) ? ', forum_topics = forum_topics + 1 ' : '') . ' WHERE forum_id = ?'; sql_query(sql_filter($sql, $topic_id, $forum_id)); $sql = 'UPDATE _forum_topics SET topic_first_post_id = ?, topic_last_post_id = ? WHERE topic_id = ?'; sql_query(sql_filter($sql, $post_id, $post_id, $topic_id)); $sql = 'UPDATE _members SET user_posts = user_posts + 1 WHERE user_id = ?'; sql_query(sql_filter($sql, $poster_id)); // Notify $user->save_unread(UH_T, $topic_id); redirect(s_link('events', $event_alias)); } } _style('error', array( 'MESSAGE' => parse_error($upload->error)) ); } $sql = 'SELECT topic_id, topic_title FROM _forum_topics t LEFT OUTER JOIN _events e ON t.topic_id = e.event_topic WHERE e.event_topic IS NULL AND forum_id = 21 ORDER BY topic_time DESC'; $topics = sql_rowset($sql); foreach ($topics as $i => $row) { if (!$i) _style('topics'); _style('topics.row', array( 'TOPIC_ID' => $row['topic_id'], 'TOPIC_TITLE' => $row['topic_title']) ); } return; }
public function check_ref($block_ud = false, $auto_block = false) { global $config; $url = (getenv('HTTP_REFERER')) ? trim(getenv('HTTP_REFERER')) : v_server('HTTP_REFERER'); $url = $this->clean_value($url); if ($url == '') { return; } $domain = explode('?', str_replace(array('http://', 'https://'), '', $url)); $domain = trim($domain[0]); $domain = explode('/', $domain); $excref = $domain[0] . '/' . $domain[1]; $domain = trim($domain[0]); if (($domain == '') || preg_match('#^.*?' . $config['server_name'] . '.*?$#i', $domain)) { return; } if (is_array($this->config['exclude_refs'])) { $this->config['exclude_refs'] = $this->config['exclude_refs'][0]; } if ($this->config['exclude_refs'] != '') { $this->config['exclude_refs'] = explode(nr(), $this->config['exclude_refs']); foreach ($this->config['exclude_refs'] as $e_domain) { if (strstr($e_domain, 'www.')) { $this->config['exclude_refs'][] = str_replace('www.', '', $e_domain); } } } if (in_array($excref, $this->config['exclude_refs'])) { return; } $not_allowed_ref = true; if (in_array($excref, $this->config['exclude_refs'])) { $domain = $excref; $not_allowed_ref = false; } $request = $this->clean_value(v_server('REQUEST_URI')); $auto_block = ($auto_block) ? 1 : 0; $insert = true; $update = false; $banned = false; $group_id = ''; $datetime = time(); $sql = 'SELECT * FROM _ref WHERE domain = ? OR url = ? ORDER BY url'; $result = sql_rowset(sql_filter($sql, $domain, $url)); foreach ($result as $row) { if ($group_id == '') { $group_id = $row['group_id']; } if ($row['banned']) { $banned = true; } if (($row['url'] == $url) && !$update) { $sql_banned = ''; $update = true; $insert = false; if (!$banned) { $sql_banned = ", banned = " . intval($auto_block); } $sql = 'UPDATE _ref SET request = ?' . $sql_banned . ', views = views + 1, last_datetime = ?, last_ip = ? WHERE domain = ? AND url = ?'; sql_query(sql_filter($sql, $request, $datetime, $user_ip, $domain, $url)); } } if ($insert) { if ($group_id == '') { $group_id = md5(uniqid(time())); } $sql_insert = array( 'group_id' => $group_id, 'domain' => $domain, 'url' => $url, 'request' => $request, 'banned' => $auto_block, 'views' => 1, 'datetime' => $datetime, 'last_datetime' => $datetime, 'last_ip' => $user_ip ); sql_insert('ref', $sql_insert); } if ($not_allowed_ref) { if ($banned) { fatal_error(); } if ($block_ud) { redirect(s_link()); } } return; }
public function parse_message($message, $a_class = '') { $this->message = ' ' . $message . ' '; unset($message); $this->parse_flash(); $this->parse_youtube(); $this->parse_images(); $this->parse_url(); $this->parse_bbcode(); $this->parse_smilies(); $this->a_links($a_class); $this->d_links(); $this->members_profile(); $this->members_icon(); $this->replace_blockquote(); return str_replace(nr(), '<br />', substr($this->message, 1, -1)); }
function fatal_error($mode = '404', $bp_message = '') { global $user, $config; $current_page = _page(); $error = 'La página <strong>' . $current_page . '</strong> '; $username = (@method_exists($user, 'd')) ? $user->d('username') : ''; $bp_message .= nr(false, 2) . $current_page . nr(false, 2) . $username; switch ($mode) { case 'mysql': if (isset($config['default_lang']) && isset($user->lang)) { // Send email notification $emailer = new emailer(); $emailer->from('info'); $emailer->set_subject('MySQL error'); $emailer->use_template('mcp_delete', $config['default_lang']); $emailer->email_address('*****@*****.**'); $emailer->assign_vars(array( 'MESSAGE' => $bp_message, 'TIME' => $user->format_date(time(), 'r')) ); //$emailer->send(); $emailer->reset(); } else { $email_message = $bp_message . nr(false, 2) . date('r'); $email_headers = "From: info@rockrepublik.net\nReturn-Path: " . $config['board_email'] . "\nMessage-ID: <" . md5(uniqid(time())) . "@" . $config['server_name'] . ">\nMIME-Version: 1.0\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\nDate: " . date('r', time()) . "\nX-Priority: 3\nX-MSMail-Priority: Normal\n"; //$result = @mail('*****@*****.**', 'MySQL error', preg_replace("#(?<!\r)\n#s", "\n", $email_message), $email_headers, "-f{$config['board_email']}"); } $title = 'Error del sistema'; $error .= 'tiene un error'; break; case '600': $title = 'Origen inválido'; $error .= 'no puede ser accesada porque no se reconoce su IP de origen.'; @error_log('[php client empty ip] File does not exist: ' . $current_page, 0); break; default: $title = 'Archivo no encontrado'; $error .= 'no existe'; $bp_message = ''; status("404 Not Found"); @error_log('[php client ' . $user->ip . ($user->d('username') ? ' - ' . $user->d('username') : '') . '] File does not exist: ' . $current_page, 0); break; } if ($mode != '600') { $error .= ', puedes regresar a<br /><a href="/">página de inicio de Rock Republik</a> para encontrar información.'; if (!empty($bp_message)) { $error .= '<br /><br />' . $bp_message; } } sql_close(); $replaces = array( 'PAGE_TITLE' => $title, 'PAGE_MESSAGE' => $error ); echo exception('error', $replaces); exit; }
public function _home() { global $config, $user, $cache; if (!_button()) { return false; } $request = _request(array('name' => '', 'local' => 0, 'location' => '', 'genre' => '', 'email' => '', 'www' => '', 'mods' => '')); $request->subdomain = get_subdomain($request->name); if (!$request->name) { _pre('Ingresa el nombre del artista.', true); } $sql_insert = array( 'a_active' => 1, 'subdomain' => $request->subdomain, 'name' => $request->name, 'local' => (int) $request->local, 'datetime' => time(), 'location' => $request->location, 'genre' => $requeset->genre, 'email' => $request->email, 'www' => str_replace('http://', '', $request->www) ); $artist_id = sql_insert('artists', $sql_insert); // Cache $cache->delete('ub_list a_records ai_records a_recent'); set_config('max_artists', $config['max_artists'] + 1); // Create directories artist_check($artist_id); artist_check($artist_id . ' gallery'); artist_check($artist_id . ' media'); artist_check($artist_id . ' thumbnails'); artist_check($artist_id . ' x1'); // Mods if (!empty($request->mods)) { $usernames = w(); $a_mods = explode(nr(), $request->mods); foreach ($a_mods as $each) { $username_base = get_username_base($each); $sql = 'SELECT * FROM _members WHERE username_base = ? AND user_type <> ? AND user_id <> ?'; if (!$userdata = sql_fieldrow(sql_filter($sql, $username_base, USER_INACTIVE, 1))) { continue; } $sql_insert = array( 'ub' => $artist_id, 'user_id' => $userdata['user_id'] ); sql_insert('artists_auth', $sql_insert); // $update = array('user_type' => USER_ARTIST, 'user_auth_control' => 1); if (!$userdata['user_rank']) { $update['user_rank'] = (int) $config['default_a_rank']; } $sql = 'UPDATE _members SET ?? WHERE user_id = ? AND user_type NOT IN (??, ??)'; sql_query(sql_filter($sql, sql_build('UPDATE', $update), $userdata['user_id'], USER_INACTIVE, USER_FOUNDER)); } redirect(s_link('a', $subdomain)); } }
public function _home() { global $config, $user, $cache; if (!_button()) { return; } $v = _request(array('name' => '', 'base' => '', 'genre' => '', 'start' => 0, 'end' => 0, 'day' => 0, 'dj' => '')); $sql = 'SELECT show_id FROM _radio WHERE show_base = ?'; if ($row = sql_fieldrow(sql_filter($sql, $v->base))) { //_pre('El programa ya existe', true); } $time_start = mktime($v->start - $user->d('user_timezone'), 0, 0, 0, 0, 0); $time_end = mktime($v->end - $user->d('user_timezone'), 0, 0, 0, 0, 0); $v->start = date('H', $time_start); $v->end = date('H', $time_end); $dj_list = $v->dj; unset($v->dj); foreach ($v as $vv => $d) { $v->{'show_' . $vv} = $d; unset($v->$vv); } $show_id = sql_insert('radio', $v); $e_dj = explode(nr(), $dj_list); foreach ($e_dj as $rowu) { $rowu = get_username_base($rowu); $sql = 'SELECT * FROM _members WHERE username = ?'; if ($row = sql_fieldrow(sql_filter($sql, $rowu))) { $sql_insert = array( 'dj_show' => $show_id, 'dj_uid' => $row['user_id'] ); sql_insert('radio_dj', $sql_insert); $sql = 'SELECT * FROM _team_members WHERE team_id = 4 AND member_id = ?'; if (!$row2 = sql_fieldrow(sql_filter($sql, $row['user_id']))) { $sql_insert = array( 'team_id' => 4, 'member_id' => $row['user_id'], 'real_name' => '', 'member_mod' => 0 ); sql_insert('team_members', $sql_insert); } } } $cache->delete('team_members'); return; }
public function _home() { global $config, $user, $cache; $ftp = new ftp(); if (!$ftp->ftp_connect($config['broadcast_host'])) { _pre('Can not connect', true); } if (!$ftp->ftp_login($config['broadcast_username'], $config['broadcast_password'])) { $ftp->ftp_quit(); _pre('Can not login', true); } $cds_file = ROOT . 'interfase/cds/schedule_playlist.txt'; // Submit if (_button()) { $hours = request_var('hours', array('' => '')); $build = ''; foreach ($hours as $hour => $play) { $build .= ((!empty($build)) ? nr(1) : '') . trim($hour) . ':' . trim($play); } if ($fp = @fopen($cds_file, 'w')) { @flock($fp, LOCK_EX); fputs($fp, $build); @flock($fp, LOCK_UN); fclose($fp); _chmod($cds_file, $config['mask']); if ($ftp->ftp_put('/Schedule/schedule_playlist.txt', $cds_file)) { echo '<h1>El archivo fue procesado correctamente.</h1>'; } else { echo '<h1>Error al procesar, intenta nuevamente.</h1>'; } } else { echo 'Error de escritura en archivo local.'; } echo '<br />'; } if (!@file_exists($cds_file)) { fatal_error(); } $cds = @file($cds_file); $filelist = $ftp->ftp_nlist('/Schedule'); echo '<pre>'; print_r($filelist); echo '</pre>'; foreach ($cds as $item) { $e_item = array_map('trim', explode(':', $item)); if (!empty($e_item[0])) { echo sumhour($e_item[0]) . ' <input type="text" name="hours[' . $e_item[0] . ']" value="' . $e_item[1] . '" size="100"' . ((oclock($e_item[0])) ? 'class="highlight"' : '') . ' /><br />' . nr(); } } $ftp->ftp_quit(); return true; }
public function _home() { global $config, $user, $cache, $comments; if (!_button()) { return false; } $post_mode = request_var('post_mode', 0); $post_subject = request_var('post_subject', ''); $post_message = request_var('post_message', '', true); $post_skip = request_var('post_skip', '', true); $post_reply = request_var('post_reply', 0); $post_message = $comments->prepare($post_message); $skip_list = ''; if (!empty($post_skip)) { $e_skip = explode(nr(), $post_skip); foreach ($e_skip as $i => $row) { $row = get_username_base($row); $e_skip[$i] = "'" . sql_escape($row) . "'"; } $sql = 'SELECT user_id FROM _members WHERE username_base IN (' . _implode(',', $e_skip) . ')'; $user_skip = sql_rowset($sql, false, 'user_id'); $skip_list = ' AND u.user_id NOT IN (' . _implode(', ', $user_skip) . ') '; } switch ($post_mode) { case 1: $sql = 'SELECT u.user_id, u.username FROM _members u WHERE u.user_type <> 2 AND u.user_id NOT IN (SELECT ban_userid FROM _banlist) AND u.user_id <> ?' . $skip_list . ' ORDER BY u.username'; break; case 2: $sql = 'SELECT u.user_id, u.username FROM _members u WHERE u.user_type = 6 AND u.user_id NOT IN (SELECT ban_userid FROM _banlist) AND u.user_id <> ' . $skip_list . ' ORDER BY u.username'; break; case 3: $sql = 'SELECT u.user_id, u.username FROM _members_friends b, _members u WHERE b.buddy_id = ' . $skip_list . ' AND b.user_id = u.user_id AND u.user_id NOT IN (SELECT ban_userid FROM _banlist) ORDER BY u.username'; break; } $result = sql_rowset(sql_filter($sql, $user->d('user_id'))); foreach ($result as $row) { $row_message = str_replace('[username]', $row['username'], $post_message); $insert = array( 'privmsgs_subject' => $post_subject, 'privmsgs_from_userid' => (int) $user->d('user_id'), 'privmsgs_to_userid' => (int) $row['user_id'], 'privmsgs_date' => $user->time, 'msg_ip' => $user->ip, 'msg_can_reply' => (int) $post_reply, 'privmsgs_mass' => 1, 'privmsgs_text' => $row_message ); $dc_id = sql_insert('dc', $insert); $sql = 'UPDATE _dc SET parent_id = ?, last_msg_id = ?, msg_deleted = ? WHERE msg_id = ?'; sql_query(sql_filter($sql, $dc_id, $dc_id, $user->d('user_id'), $dc_id)); $user->save_unread(UH_NOTE, $dc_id, 0, $row['user_id']); echo $row['username'] . '<br />'; flush(); } return; }
function output() { global $user; $umode = strtoupper($this->mode); $items = ''; foreach ($this->xml as $item) { $items .= "\t" . '<item> ' . (isset($item['author']) ? '<author>' . $item['author'] . '</author>' : '') . ' <title><![CDATA[' . html_entity_decode_utf8($item['title']) . ']]></title> <link>' . $item['link'] . '</link> <guid>' . $item['link'] . '</guid> <description><![CDATA[' . html_entity_decode_utf8($item['description']) . ']]></description> <pubDate>' . date('D, d M Y H:i:s \G\M\T', $item['pubdate']) . '</pubDate> </item>' . nr(); } header('Content-type: text/xml'); echo '<?xml version="1.0" encoding="utf-8"?> <rss version="2.0"> <channel> <title>' . html_entity_decode_utf8(lang('rss_' . $umode)) . '</title> <link>http://www.rockrepublik.net/</link> <description><![CDATA[' . html_entity_decode_utf8(lang('rss_desc_' . $umode)) . ']]></description> <lastBuildDate>' . date('D, d M Y H:i:s \G\M\T', $this->xml[0]['pubdate']) . '</lastBuildDate> <webMaster>info@rockrepublik.net</webMaster> ' . $items . '</channel> </rss>'; sql_close(); exit; }
public function run() { global $config, $auth, $user, $comments; $topic_id = request_var('t', 0); $post_id = request_var('p', 0); if (!$topic_id && !$post_id) { fatal_error(); } // // Get topic data // if ($post_id) { $sql_from = ', _forum_posts p, _forum_posts p2, _members m '; $sql_where = sql_filter('p.post_id = ? AND p.poster_id = m.user_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= ?', $post_id, $post_id); $sql_count = ', p.post_text, m.username AS reply_username, COUNT(p2.post_id) AS prev_posts, p.post_deleted'; $sql_order = ' GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_locked, t.topic_replies, t.topic_time, t.topic_important, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_locked, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_announce, f.auth_pollcreate, f.auth_vote ORDER BY p.post_id ASC'; } else { $sql_from = $sql_count = $sql_order = ''; $sql_where = sql_filter('t.topic_id = ?', $topic_id); } $sql = 'SELECT t.*, f.*' . $sql_count . ' FROM _forum_topics t, _forums f' . $sql_from . ' WHERE ' . $sql_where . ' AND f.forum_id = t.forum_id' . $sql_order; if (!$topic_data = sql_fieldrow($sql)) { fatal_error(); } switch ($topic_data['forum_alias']) { case 'events': $sql = 'SELECT event_alias FROM _events WHERE event_topic = ?'; if ($event_alias = sql_field(sql_filter($sql, $topic_data['topic_id']), 'event_alias', '')) { redirect(s_link('events', $event_alias)); } break; } // // Hide deleted posts if (isset($topic_data['post_deleted']) && $topic_data['post_deleted']) { fatal_error(); } // // Check mod auth $mod_auth = $user->is('mod'); // // Init vars // $forum_id = (int) $topic_data['forum_id']; $topic_id = (int) $topic_data['topic_id']; $topic_url = s_link('topic', $topic_id); $reply = request_var('reply', 0); $start = request_var('offset', 0); $submit_reply = _button('post'); $submit_vote = _button('vote'); $post_message = ''; $post_reply_message = ''; $post_np = ''; $current_time = time(); $error = $is_auth = w(); if (!$post_id && $reply) { $reply = 0; } // // Start member auth // $is_auth = $auth->forum(AUTH_ALL, $forum_id, $topic_data); if ($submit_reply || $submit_vote) { $auth_key = ($submit_reply) ? 'auth_reply' : 'auth_vote'; if (((!$is_auth['auth_view'] || !$is_auth['auth_read'])) || !$is_auth[$auth_key]) { if (!$user->is('member')) { do_login(); } $can_reply_closed = $auth->option(w('forum topics delete')); if (!$can_reply_closed && ($topic_data['forum_locked'] || $topic_data['topic_locked'])) { $error[] = 'TOPIC_LOCKED'; if ($submit_vote && !$topic_data['topic_vote']) { $error[] = 'POST_HAS_NO_POLL'; } } if (!sizeof($error)) { redirect($topic_url); } } if (!sizeof($error)) { if ($submit_vote) { $vote_option = request_var('vote_id', 0); if ($vote_option) { $sql = 'SELECT vd.vote_id FROM _poll_options vd, _poll_results vr WHERE vd.topic_id = ? AND vr.vote_id = vd.vote_id AND vr.vote_option_id = ? GROUP BY vd.vote_id'; if ($vote_id = sql_field(sql_filter($sql, $topic_id, $vote_option), 'vote_id', 0)) { $sql = 'SELECT * FROM _poll_voters WHERE vote_id = ? AND vote_user_id = ?'; if (!sql_fieldrow(sql_filter($sql, $vote_id, $user->d('user_id')))) { $sql = 'UPDATE _poll_results SET vote_result = vote_result + 1 WHERE vote_id = ? AND vote_option_id = ?'; sql_query(sql_filter($sql, $vote_id, $vote_option)); $insert_vote = array( 'vote_id' => (int) $vote_id, 'vote_user_id' => (int) $user->d('user_id'), 'vote_user_ip' => $user->ip, 'vote_cast' => (int) $vote_option ); sql_insert('poll_voters', $insert_vote); } } } redirect(s_link('topic', $topic_id)); } else { $post_message = request_var('message', '', true); $post_np = request_var('np', ''); if ($reply) { $post_reply_message = request_var('reply_message', '', true); } // Check message if (empty($post_message)) { $error[] = 'EMPTY_MESSAGE'; } if (!sizeof($error) && !$mod_auth) { $sql = 'SELECT MAX(post_time) AS last_post_time FROM _forum_posts WHERE poster_id = ?'; if ($last_post_time = sql_field(sql_filter($sql, $user->d('user_id')))) { if (intval($last_post_time) > 0 && ($current_time - intval($last_post_time)) < intval($config['flood_interval'])) { $error[] = 'FLOOD_ERROR'; } } } if (!sizeof($error)) { $update_topic = w(); if (strstr($post_message, '-Anuncio-') && $user->is('mod')) { $topic_announce = 1; $post_message = str_replace('-Anuncio-', '', $post_message); $update_topic['topic_announce'] = $topic_announce; } if (strstr($post_message, '-Cerrado-') && $user->is('mod')) { $topic_locked = 1; $post_message = str_replace('-Cerrado-', '', $post_message); $update_topic['topic_locked'] = $topic_locked; } $post_message = $comments->prepare($post_message); if ($reply && $post_reply_message != '') { $post_reply_message = preg_replace('#(^|[\n ]|\()(http|https|ftp)://([a-z0-9\-\.,\?!%\*_:;~\\&$@/=\+]+)(gif|jpg|jpeg|png)#ie', '', $post_reply_message); } if ($reply && empty($post_reply_message)) { $post_reply_message = '...'; } if ($reply && $post_reply_message != '') { $post_message = '<blockquote><strong>' . $topic_data['reply_username'] . "</strong>" . nr(false, 2) . $post_reply_message . '</blockquote><br /> ' . $post_message; } else { $reply = 0; } $insert_data = array( 'topic_id' => (int) $topic_id, 'forum_id' => (int) $forum_id, 'poster_id' => (int) $user->d('user_id'), 'post_time' => (int) $current_time, 'poster_ip' => $user->ip, 'post_text' => $post_message, 'post_np' => $post_np ); if ($reply) { $insert_data['post_reply'] = $post_id; } $post_id = sql_insert('forum_posts', $insert_data); $user->delete_unread(UH_T, $topic_id); $user->save_unread(UH_T, $topic_id); if (!in_array($forum_id, forum_for_team_array()) && $topic_data['topic_points']) { //$user->points_add(1); } // $a_list = forum_for_team_list($forum_id); if (count($a_list)) { $sql_delete_unread = 'DELETE FROM _members_unread WHERE element = ? AND item = ? AND user_id NOT IN (??)'; sql_query(sql_filter($sql_delete_unread, 8, $topic_id, implode(', ', $a_list))); } $update_topic['topic_last_post_id'] = $post_id; if ($topic_locked) { topic_feature($topic_id, 0); } $sql = 'UPDATE _forums SET forum_posts = forum_posts + 1, forum_last_topic_id = ? WHERE forum_id = ?'; sql_query(sql_filter($sql, $topic_id, $forum_id)); $sql = 'UPDATE _forum_topics SET topic_replies = topic_replies + 1, ' . sql_build('UPDATE', $update_topic) . sql_filter(' WHERE topic_id = ?', $topic_id); sql_query($sql); $sql = 'UPDATE _members SET user_posts = user_posts + 1 WHERE user_id = ?'; sql_query(sql_filter($sql, $user->d('user_id'))); redirect(s_link('post', $post_id) . '#' . $post_id); } } } } if (!$is_auth['auth_view'] || !$is_auth['auth_read']) { if (!$user->is('member')) { do_login(); } fatal_error(); } if ($post_id) { $start = floor(($topic_data['prev_posts'] - 1) / (int) $config['posts_per_page']) * (int) $config['posts_per_page']; $user->d('user_topic_order', 0); } if ($user->is('member')) { // // Is user watching this topic? // $sql = 'SELECT notify_status FROM _forum_topics_fav WHERE topic_id = ? AND user_id = ?'; if (!sql_field(sql_filter($sql, $topic_id, $user->d('user_id')), 'notify_status')) { if (_button('watch')) { $sql_insert = array( 'user_id' => $user->d('user_id'), 'topic_id' => $topic_id, 'notify_status' => 0 ); sql_insert('forum_topics_fav', $sql_insert); redirect($topic_url . (($start) ? 's' . $start . '/' : '')); } _style('watch_topic'); } } // // Get all data for the topic // $get_post_id = ($reply) ? 'post_id' : 'topic_id'; $get_post_data['p.' . $get_post_id] = ${$get_post_id}; if (!$user->is('founder')) { $get_post_data['p.post_deleted'] = 0; } $sql = 'SELECT p.*, u.user_id, u.username, u.username_base, u.user_avatar, u.user_posts, u.user_gender, u.user_rank, u.user_sig FROM _forum_posts p, _members u WHERE u.user_id = p.poster_id AND p.post_deleted = 0 AND ' . sql_build('SELECT', $get_post_data) . ' ORDER BY p.post_time ' . (($user->d('user_topic_order')) ? 'DESC' : 'ASC') . ((!$reply) ? ' LIMIT ' . (int) $start . ', ' . (int) $config['posts_per_page'] : ''); if (!$messages = sql_rowset($sql)) { if ($topic_data['topic_replies'] + 1) { fatal_error(); } redirect(s_link('topic', $topic_id)); } // // Re-count topic replies // if ($user->is('founder')) { $sql = 'SELECT COUNT(p.post_id) AS total FROM _forum_posts p, _members u WHERE p.topic_id = ? AND u.user_id = p.poster_id'; if ($total = sql_field(sql_filter($sql, $topic_id), 'total')) { $topic_data['topic_replies2'] = $total - 1; } } // // Update the topic views // if (!$start && !$user->is('founder')) { $sql = 'UPDATE _forum_topics SET topic_views = topic_views + 1 WHERE topic_id = ?'; sql_query(sql_filter($sql, $topic_id)); } // // If the topic contains a poll, then process it // if ($topic_data['topic_vote']) { $sql = 'SELECT vd.vote_id, vd.vote_text, vd.vote_start, vd.vote_length, vr.vote_option_id, vr.vote_option_text, vr.vote_result FROM _poll_options vd, _poll_results vr WHERE vd.topic_id = ? AND vr.vote_id = vd.vote_id ORDER BY vr.vote_option_order, vr.vote_option_id ASC'; if ($vote_info = sql_rowset(sql_filter($sql, $topic_id))) { $sql = 'SELECT vote_id FROM _poll_voters WHERE vote_id = ? AND vote_user_id = ?'; $user_voted = sql_field(sql_filter($sql, $vote_info[0]['vote_id'], $user->d('user_id')), 'vote_id', 0); $poll_expired = ($vote_info[0]['vote_length']) ? (($vote_info[0]['vote_start'] + $vote_info[0]['vote_length'] < $current_time) ? true : 0) : 0; _style('poll', array( 'POLL_TITLE' => $vote_info[0]['vote_text']) ); if ($user_voted || $poll_expired || !$is_auth['auth_vote'] || $topic_data['topic_locked']) { $vote_results_sum = 0; foreach ($vote_info as $row) { $vote_results_sum += $row['vote_result']; } _style('poll.results'); foreach ($vote_info as $row) { $vote_percent = ($vote_results_sum > 0) ? $row['vote_result'] / $vote_results_sum : 0; _style('poll.results.item', array( 'CAPTION' => $row['vote_option_text'], 'RESULT' => $row['vote_result'], 'PERCENT' => sprintf("%.1d", ($vote_percent * 100))) ); } } else { _style('poll.options', array( 'S_VOTE_ACTION' => $topic_url) ); foreach ($vote_info as $row) { _style('poll.options.item', array( 'POLL_OPTION_ID' => $row['vote_option_id'], 'POLL_OPTION_CAPTION' => $row['vote_option_text']) ); } } } } // // Advanced auth // $controls = $user_profile = w(); $unset_user_profile = w('user_id user_posts user_gender'); _style('posts'); foreach ($messages as $row) { if ($user->is('member')) { $poster = ($row['user_id'] != GUEST) ? $row['username'] : (($row['post_username'] != '') ? $row['post_username'] : lang('guest')); $controls[$row['post_id']]['reply'] = s_link('post', $row['post_id'], 'reply'); if ($mod_auth) { $controls[$row['post_id']]['edit'] = s_link('acp', array('forums_post_modify', 'msg_id' => $row['post_id'])); $controls[$row['post_id']]['delete'] = s_link('acp', array('forums_post_delete', 'msg_id' => $row['post_id'])); } } $user_profile[$row['user_id']] = $comments->user_profile($row, '', $unset_user_profile); $data = array( 'POST_ID' => $row['post_id'], 'POST_DATE' => $user->format_date($row['post_time']), 'MESSAGE' => $comments->parse_message($row['post_text']), 'PLAYING' => $row['post_np'], 'DELETED' => $row['post_deleted'], 'UNREAD' => 0 ); foreach ($user_profile[$row['user_id']] as $key => $value) { $data[strtoupper($key)] = $value; } _style('posts.item', $data); _style('posts.item.' . (($row['user_id'] != GUEST) ? 'username' : 'guestuser')); if (isset($controls[$row['post_id']])) { _style('posts.item.controls'); foreach ($controls[$row['post_id']] as $item => $url) { _style('posts.item.controls.'.$item, array('URL' => $url)); } } } // // Display Member topic auth // /* if ($mod_auth) { $mod = array((($topic_data['topic_important']) ? 'important' : 'normal'), 'delete', 'move', ((!$topic_data['topic_locked']) ? 'lock' : 'unlock'), 'split', 'merge'); $mod_topic = w(); foreach ($mod as $item) { if ($auth->option(array('forum', 'topics', $item))) { $mod_topic[strtoupper($item)] = s_link('acp', array('topic', topic' => $topic_id, 'mode' => $item)); } } if (sizeof($mod_topic)) { _style('auth'); foreach ($mod_topic as $k => $v) { _style('auth.item', array( 'URL' => $v, 'LANG' => lang($k . '_topic')) ); } } } */ build_num_pagination($topic_url . 's%d/', ($topic_data['topic_replies'] + 1), $config['posts_per_page'], $start, '', 'TOPIC_'); // // Posting box if (sizeof($error)) { _style('post_error', array( 'MESSAGE' => parse_error($error)) ); } $can_reply_closed = $auth->option(array('forum', 'topics', 'delete')); if ((!$topic_data['forum_locked'] && !$topic_data['topic_locked']) || $can_reply_closed) { if ($user->is('member')) { if ($is_auth['auth_reply']) { $s_post_action = (($reply) ? s_link('post', $post_id, 'reply') : $topic_url) . '#e'; _style('post_box', array( 'MESSAGE' => $post_message, 'NP' => $post_np, 'S_POST_ACTION' => $s_post_action) ); if ($reply) { if (empty($post_reply_message)) { $post_reply_message = $comments->remove_quotes($topic_data['post_text']); } if (!empty($post_reply_message)) { $rx = array('#(^|[\n ]|\()(http|https|ftp)://([a-z0-9\-\.,\?!%\*_:;~\\&$@/=\+]+)(gif|jpg|jpeg|png)#is', '#\[yt:[0-9a-zA-Z\-\=\_]+\]#is', '#\[sb\]#is', '#\[\/sb\]#is'); $post_reply_message = preg_replace($rx, '', $post_reply_message); } if (empty($post_reply_message)) { $post_reply_message = '...'; } _style('post_box.reply', array( 'MESSAGE' => $post_reply_message) ); } } } } // MOD: Featured topic if ($user->is('mod')) { $v_lang = ($topic_data['topic_featured']) ? 'REM' : 'ADD'; _style('feature', array( 'U_FEAT' => s_link('acp', array('forums_topic_feature', 'msg_id', $topic_data['topic_id'])), 'V_LANG' => lang('topic_featured_' . $v_lang)) ); } // // Send vars to template // v_style(array( 'FORUM_NAME' => $topic_data['forum_name'], 'TOPIC_TITLE' => $topic_data['topic_title'], 'TOPIC_REPLIES' => $topic_data['topic_replies'], 'S_TOPIC_ACTION' => $topic_url . (($start) ? 's' . $start . '/' : ''), 'U_VIEW_FORUM' => s_link('forum', $topic_data['forum_alias'])) ); $layout_file = 'topic'; if (@file_exists('./template/custom/topics_' . $forum_id . '.htm')) { $layout_file = 'custom/topics_' . $forum_id; } if (@file_exists('./template/custom/topic_' . $topic_id . '.htm')) { $layout_file = 'custom/topic_' . $topic_id; } $this->_title = $topic_data['topic_title']; $this->_template = $layout_file; return; }
public function extra_headers($headers) { $this->extra_headers .= trim($headers) . nr(); }
public function registry($action, $uid = false) { $method = preg_replace('#^(INSERT|UPDATE|DELETE) (.*?)$#is', '\1', $action); $method = strtolower($method); if (!in_array($method, w('insert update delete'))) { return; } if (!$whitelist = get_file(XFS.XCOR . 'store/sql_history')) { return; } if (!count($whitelist)) { return; } $action = str_replace(array(nr(), "\t", nr(true)), array('', '', ' '), $action); $table = preg_replace('#^(INSERT\ INTO|UPDATE|DELETE\ FROM) (\_[a-z\_]+) (.*?)$#is', '\2', $action); if (!in_array($table, $whitelist)) { return; } $actions = ''; switch ($method) { case 'insert': if (!preg_match('#^INSERT INTO (\_[a-z\_]+) \((.*?)\) VALUES \((.*?)\)$#is', $action, $s_action)) { return; } $keys = array_map('trim', explode(',', $s_action[2])); $values = array_map('trim', explode(',', $s_action[3])); foreach ($values as $i => $row) { $values[$i] = preg_replace('#^\'(.*?)\'$#i', '\1', $row); } if (count($keys) != count($values)) { return; } $query = array( 'table' => $s_action[1], 'query' => array_combine($keys, $values) ); break; case 'update': if (!preg_match('#^UPDATE (\_[a-z\_]+) SET (.*?) WHERE (.*?)$#is', $action, $s_action)) { return; } $all = array( 'set' => array_map('trim', explode(',', $s_action[2])), 'where' => array_map('trim', explode('AND', $s_action[3])) ); foreach ($all as $j => $v) { foreach ($v as $i => $row) { $v_row = array_map('trim', explode('=', $row)); $all[$j][$v_row[0]] = preg_replace('#^\'(.*?)\'$#i', '\1', $v_row[1]); unset($all[$j][$i]); } } $query = array( 'table' => $s_action[1], 'set' => $all['set'], 'where' => $all['where'] ); break; case 'delete': if (!preg_match('#^DELETE FROM (\_[a-z\_]+) WHERE (.*?)$#is', $action, $s_action)) { return; } $all = array('where' => array_map('trim', explode('AND', $s_action[2]))); foreach ($all as $j => $v) { foreach ($v as $i => $row) { $v_row = array_map('trim', explode('=', $row)); $all[$j][$v_row[0]] = preg_replace('#^\'(.*?)\'$#i', '\1', $v_row[1]); unset($all[$j][$i]); } } $query = array( 'table' => $s_action[1], 'where' => $all['where'] ); break; } global $user; $sql_insert = array( 'time' => time(), 'uid' => $user->d('user_id'), 'method' => $method, 'actions' => json_encode($query) ); $sql = 'INSERT INTO _log' . $this->build('INSERT', prefix('log', $sql_insert)); $this->query($sql); return; }
} $is_firefox = (strstr($user->browser, 'Gecko')) ? true : false; $is_ie = (strstr($user->browser, 'IE')) ? true : false; if (strstr($user->browser, 'compatible') || $is_firefox) { ob_start('ob_gzhandler'); } // Headers #header('Cache-Control: private, no-cache="set-cookie", pre-check=0, post-check=0'); #header('Pragma: no-cache'); #header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 60) . ' GMT'); header('Content-type: text/css; charset=utf-8'); header('Expires: ' . gmdate('D, d M Y H:i:s', time() + (60 * 60 * 24 * 30)) . ' GMT'); v_style(array( 'FF' => $is_firefox, 'IE' => $is_ie) ); $template->set_filenames(array( 'body' => 'css/' . $filename . '.css') ); $template->assign_var_from_handle('EXT', 'body'); sql_close(); echo preg_replace('/\s\s+/', ' ', str_replace(array(nr(1), nr(), "\t"), '', preg_replace('!/\*.*?\*/!s', '', $template->vars['EXT']))); exit;
public function run() { global $config, $auth, $user, $comments, $cache; $forum_id = request_var('f', ''); $start = request_var('offset', 0); $submit_topic = _button('post'); if (empty($forum_id)) { fatal_error(); } $is_int_forumid = false; if (preg_match('#^(\d+)$#is', $forum_id)) { $is_int_forumid = true; $forum_id = intval($forum_id); $sql = 'SELECT * FROM _forums WHERE forum_id = ?'; $sql = sql_filter($sql, $forum_id); } else { $sql = 'SELECT * FROM _forums WHERE forum_alias = ?'; $sql = sql_filter($sql, $forum_id); } if (!$forum_row = sql_fieldrow($sql)) { fatal_error(); } if ($is_int_forumid) { redirect(s_link('forum', $forum_row['forum_alias']), true); } $forum_id = $forum_row['forum_id']; // // Start auth check // $is_auth = w(); $is_auth = $auth->forum(AUTH_ALL, $forum_id, $forum_row); if (!$is_auth['auth_view'] || !$is_auth['auth_read']) { if (!$user->is('member')) { do_login(); } fatal_error(); } $error_msg = ''; $post_title = ''; $post_message = ''; $post_np = ''; $poll_title = ''; $poll_options = ''; $poll_length = ''; $current_time = time(); if ($submit_topic) { $topic_important = _button('topictype'); $auth_key = ($topic_important) ? 'auth_announce' : 'auth_post'; if ($forum_row['forum_locked'] && !$is_auth['auth_mod']) { $error_msg .= (($error_msg != '') ? '<br />' : '') . lang('forum_locked'); } if (!$is_auth[$auth_key]) { if (!$user->is('member')) { do_login(); } if (empty($error_msg)) { redirect($topic_url); } } if (empty($error_msg)) { $post_title = request_var('topic_title', ''); $post_message = request_var('message', '', true); $post_np = request_var('np', '', true); $poll_title = ''; $poll_options = ''; $poll_length = 0; if ($is_auth['auth_pollcreate']) { $poll_title = request_var('poll_title', ''); $poll_options = request_var('poll_options', ''); $poll_length = request_var('poll_length', 0); } // Check subject if (empty($post_title)) { $error_msg .= (($error_msg != '') ? '<br />' : '') . lang('empty_subject'); } // Check message if (empty($post_message)) { $error_msg .= (($error_msg != '') ? '<br />' : '') . lang('empty_message'); } if (!empty($poll_options)) { $real_poll_options = w(); $poll_options = explode(nr(), $poll_options); foreach ($poll_options as $option) { if ($option != '') { $real_poll_options[] = $option; } } $sizeof_poll_options = sizeof($real_poll_options); if ($sizeof_poll_options < 2) { $error_msg .= (($error_msg != '') ? '<br />' : '') . lang('few_poll_options'); } else if ($sizeof_poll_options > $config['max_poll_options']) { $error_msg .= (($error_msg != '') ? '<br />' : '') . lang('many_poll_options'); } else if ($poll_title == '') { $error_msg .= (($error_msg != '') ? '<br />' : '') . lang('empty_poll_title'); } } if (empty($error_msg) && !$is_auth['auth_mod']) { $sql = 'SELECT MAX(post_time) AS last_post_time FROM _forum_posts WHERE poster_id = ?'; if ($last_post_time = sql_field(sql_filter($sql, $user->d('user_id')))) { if (intval($last_post_time) > 0 && ($current_time - intval($last_post_time)) < intval($config['flood_interval'])) { $error_msg .= (($error_msg != '') ? '<br />' : '') . lang('flood_error'); } } } if (empty($error_msg)) { $topic_announce = 0; $topic_locked = 0; if ((strstr($post_message, '-Anuncio-') && $user->is('all')) || in_array($forum_id, array(15, 16, 17))) { $topic_announce = 1; $post_message = str_replace('-Anuncio-', '', $post_message); } if (strstr($post_message, '-Cerrado-') && $user->is('mod')) { $topic_locked = 1; $post_message = str_replace('-Cerrado-', '', $post_message); } $post_message = $comments->prepare($post_message); $topic_vote = (!empty($poll_title) && $sizeof_poll_options >= 2) ? 1 : 0; if (!$user->is('founder')) { $post_title = strnoupper($post_title); } $insert_data['TOPIC'] = array( 'topic_title' => $post_title, 'topic_poster' => (int) $user->d('user_id'), 'topic_time' => (int) $current_time, 'forum_id' => (int) $forum_id, 'topic_locked' => $topic_locked, 'topic_announce' => $topic_announce, 'topic_important' => (int) $topic_important, 'topic_vote' => (int) $topic_vote, 'topic_featured' => 1, 'topic_points' => 1 ); $topic_id = sql_insert('forum_topics', $insert_data['TOPIC']); $insert_data['POST'] = array( 'topic_id' => (int) $topic_id, 'forum_id' => (int) $forum_id, 'poster_id' => (int) $user->d('user_id'), 'post_time' => (int) $current_time, 'poster_ip' => $user->ip, 'post_text' => $post_message, 'post_np' => $post_np ); $post_id = sql_insert('forum_posts', $insert_data['POST']); if ($topic_vote) { $insert_data['POLL'] = array( 'topic_id' => (int) $topic_id, 'vote_text' => $poll_title, 'vote_start' => (int) $current_time, 'vote_length' => (int) ($poll_length * 86400) ); $poll_id = sql_insert('poll_options', $insert_data['POLL']); $poll_option_id = 1; foreach ($real_poll_options as $option) { $insert_data['POLLRESULTS'] = array( 'vote_id' => (int) $poll_id, 'vote_option_id' => (int) $poll_option_id, 'vote_option_text' => $option, 'vote_result' => 0 ); sql_insert('poll_results', $insert_data['POLLRESULTS']); $poll_option_id++; } if ($forum_id == $config['main_poll_f']) { $cache->delete('last_poll_id'); } } $user->save_unread(UH_T, $topic_id); if (!in_array($forum_id, forum_for_team_array())) { //$user->points_add(2); } $a_list = forum_for_team_list($forum_id); if (count($a_list)) { $sql_delete_unread = 'DELETE FROM _members_unread WHERE element = ? AND item = ? AND user_id NOT IN (??)'; sql_query(sql_filter($sql_delete_unread, 8, $topic_id, implode(', ', $a_list))); } if (count($a_list) || in_array($forum_id, array(20, 39))) { topic_feature($topic_id, 0); topic_arkane($topic_id, 0); } $sql = 'UPDATE _forums SET forum_posts = forum_posts + 1, forum_last_topic_id = ?, forum_topics = forum_topics + 1 WHERE forum_id = ?'; sql_query(sql_filter($sql, $topic_id, $forum_id)); $sql = 'UPDATE _forum_topics SET topic_first_post_id = ?, topic_last_post_id = ? WHERE topic_id = ?'; sql_query(sql_filter($sql, $post_id, $post_id, $topic_id)); $sql = 'UPDATE _members SET user_posts = user_posts + 1 WHERE user_id = ?'; sql_query(sql_filter($sql, $user->d('user_id'))); redirect(s_link('topic', $topic_id)); } } } // // End Submit // $topics_count = ($forum_row['forum_topics']) ? $forum_row['forum_topics'] : 1; $topics = new stdClass(); $total = new stdClass(); // // All announcement data // $sql = 'SELECT t.*, u.user_id, u.username, u.username_base, u2.user_id as user_id2, u2.username as username2, u2.username_base as username_base2, p.post_time, p.post_username as post_username2 FROM _forum_topics t, _members u, _forum_posts p, _members u2 WHERE t.forum_id = ? AND t.topic_poster = u.user_id AND p.post_id = t.topic_last_post_id AND p.poster_id = u2.user_id AND t.topic_announce = 1 ORDER BY t.topic_last_post_id DESC'; $topics->important = sql_rowset(sql_filter($sql, $forum_id)); $total->important = (is_array($topics->important)) ? count($topics->important) : 0; // // Grab all the topics data for this forum // $sql = 'SELECT t.*, u.user_id, u.username, u.username_base, u2.user_id as user_id2, u2.username as username2, u2.username_base as username_base2, p.post_username, p2.post_username AS post_username2, p2.post_time FROM _forum_topics t, _members u, _forum_posts p, _forum_posts p2, _members u2 WHERE t.forum_id = ? AND t.topic_poster = u.user_id AND p.post_id = t.topic_first_post_id AND p2.post_id = t.topic_last_post_id AND u2.user_id = p2.poster_id AND t.topic_announce = 0 ORDER BY t.topic_important DESC, /*t.topic_last_post_id*/p2.post_time DESC LIMIT ??, ??'; $topics->normal = sql_rowset(sql_filter($sql, $forum_id, $start, $config['topics_per_page'])); $total->normal = (is_array($topics->normal)) ? count($topics->normal) : 0; // // Total topics ... // //$total_topics += $total_announcements; //$total_topics = $total->important + $total->normal; // // Post URL generation for templating vars // if ($is_auth['auth_post'] || $is_auth['auth_mod']) { _style('topic_create', array( 'L_POST_NEW_TOPIC' => ($forum_row['forum_locked']) ? lang('forum_locked') : lang('post_newtopic')) ); } // // Dump out the page header and load viewforum template // v_style(array( 'FORUM_ID' => $forum_id, 'FORUM_NAME' => $forum_row['forum_name'], 'U_VIEW_FORUM' => s_link('forum', $forum_row['forum_alias'])) ); // // End header // // // Let's build the topics // $i = 0; foreach ($topics as $alias => $list) { foreach ($list as $j => $row) { if (!$i) { _style('topics'); $topics_count -= $total->important; build_num_pagination(s_link('forum', $forum_row['forum_alias'], 's%d'), $topics_count, $config['topics_per_page'], $start, '', 'TOPICS_'); } if (!$j) { _style('topics.alias', array( 'NAME' => lang('topic_' . $alias), 'SHOW' => ($total->important && $total->normal > 1)) ); } $row = (object) $row; if ($row->user_id != GUEST) { $row->author = '<a href="' . s_link('m', $row->username_base2) . '">' . $row->username2 . '</a>'; } else { $row->author = '<span>*' . (($row->post_username2 != '') ? $row->post_username2 : lang('guest')) . '</span>'; } if ($row->user_id2 != GUEST) { $row->poster = '<a href="' . s_link('m', $row->username_base2) . '">' . $row->username2 . '</a>'; } else { $row->poster = '<span>*' . (($row->post_username2 != '') ? $row->post_username2 : lang('guest')) . '</span>'; } _style('topics.alias.row', array( 'FORUM_ID' => $forum_id, 'TOPIC_ID' => $row->topic_id, 'TOPIC_AUTHOR' => $row->author, 'REPLIES' => $row->topic_replies, 'VIEWS' => ($user->is('founder')) ? $row->topic_views : '', 'TOPIC_TITLE' => $row->topic_title, 'TOPIC_CREATION_TIME' => $user->format_date($row->topic_time), 'LAST_POST_TIME' => $user->format_date($row->post_time), 'LAST_POST_AUTHOR' => $row->poster, 'U_TOPIC' => s_link('topic', $row->topic_id)) ); $i++; } } if (!$topics_count) { if ($start) { redirect(s_link('forum', $forum_row['forum_alias']), true); } _style('no_topics'); } // // Posting box // if (!empty($error_msg) || (!$is_auth['auth_mod'] && $forum_row['forum_locked']) || (!$is_auth['auth_post'] && $forum_row['auth_post'] == AUTH_REG) || $is_auth['auth_post']) { if ($is_auth['auth_post']) { if (!empty($poll_options)) { $poll_options = implode(nr(), $poll_options); } _style('publish', array( 'S_POST_ACTION' => s_link('forum', $forum_row['forum_alias']), 'TOPIC_TITLE' => $post_title, 'MESSAGE' => $post_message, 'NP' => $post_np, 'POLL_TITLE' => $poll_title, 'POLL_OPTIONS' => $poll_options, 'POLL_LENGTH' => $poll_length) ); if ($is_auth['auth_pollcreate']) { _style('publish.poll'); if (empty($poll_options)) { _style('publish.poll.hide'); } } } if (!empty($error_msg)) { _style('publish.alert', array( 'MESSAGE' => $error_msg) ); } } $layout_file = 'topics'; $use_m_template = 'custom/forum_' . $forum_id; if (@file_exists(ROOT . 'template/' . $use_m_template . '.htm')) { $layout_file = $use_m_template; } $this->_title = $forum_row['forum_name']; $this->_template = $layout_file; return; }