public function deletePost($id)
{
$this->id = protectVar($id);
$query = $this->sql->sendQuery("DELETE FROM " . __PREFIX__ . "posts WHERE id = '" . $this->id . "';") or die(mysql_error());
if ($query == TRUE) {
return TRUE;
} else {
return FALSE;
}
}
public function newPost($text, $id_posts)
{
$this->username = protectVar($_COOKIE['username']);
$this->text = protectVar($text);
$this->id_posts = protectVar($id_posts);
$query = $this->sql->sendQuery("INSERT INTO " . __PREFIX__ . "posts (author, text, date_time, id_topics) VALUES ('" . $this->username . "', '" . $this->text . "', '" . $this->date_time . "', '" . $this->id_posts . "')") or die(mysql_error());
$query = $this->sql->sendQuery("UPDATE " . __PREFIX__ . "topics SET date_time = '" . $this->date_time . "', last_author = '" . $this->username . "' WHERE id = '" . $this->id_posts . "'") or die(mysql_error());
$query = $this->sql->sendQuery("SELECT * FROM " . __PREFIX__ . "topics WHERE id = '" . $this->id_posts . "'") or die(mysql_error());
$ris = mysql_fetch_array($query);
$id_section = $ris['id_sections'];
$query = $this->sql->sendQuery("UPDATE " . __PREFIX__ . "sections SET date_time = '" . $this->date_time . "', last_author = '" . $this->username . "' WHERE id = '" . $id_section . "'") or die(mysql_error());
}
<tr />
<tr>
<td> </td>
<td> <input type="submit" value="Edit Section" /> </td>
</tr>
</table>
<input type="hidden" name="id_topic" value="' . (int) @$_GET['id'] . '" />
</form>';
if (!empty($_POST['name']) && !empty($_POST['description'])) {
if (!$section->editSection($_POST['id'], $_POST['name'], $_POST['description'])) {
print "Section edited with success.<br />";
print '<meta http-equiv="refresh" content="3;url=admin.php" />';
}
}
} elseif ($action == 3) {
@($id = protectVar($_REQUEST['id']));
if (empty($id)) {
print '<form method="POST" action="?action=3&id=' . $id . '" />ID Section: <input type="text" name="id" value="' . $id . '" /><br /><input type="submit" value="Delete" /></form>';
} else {
if (empty($id)) {
die("ID NON specificato!");
}
if ($section->deleteSection($id) == TRUE) {
print "Section deleted with success.<br />";
print '<meta http-equiv="refresh" content="3;url=index.php" />';
}
}
} elseif ($action == 4) {
$name = !empty($_POST['name']) ? htmlspecialchars($_POST['name']) : "";
$description = !empty($_POST['description']) ? htmlspecialchars($_POST['description']) : "";
print '<form method="POST" action="?action=4">
} else {
print "<script> window.location='index.php' </script>";
}
} else {
echo "<script>alert(\"Errore! Inserire Nome e Testo.\"); windows.location=\"viewSection.php\";</script>";
}
}
} else {
include "include/security.php";
$template = new DxTemplate();
print $template->Head("viewSection");
print $template->includeCSS("template/Default/style.tmp");
print $template->includeJS("include/menu.js");
print $template->openBody(0);
print '<center>';
print $template->openDiv("header");
print $template->closeDiv();
print $template->openDiv("body");
print $template->setMenu(explode('/', $_SERVER['PHP_SELF']), 5);
$id = protectVar($_GET['id']);
if (empty($id)) {
die("<p align='center'>ID non specificato!</p>");
}
$template->printTopics($id);
print $template->closeDiv();
// print $template->openDiv ("body-left");
// $template->printLastMessageTopics ($id);
// print $template->closeDiv();
print '</center>';
print $template->closeBody();
}
<?php
include "include/config.php";
include "include/mysql.class.php";
include "include/security.php";
if (@$_REQUEST['install'] == 1) {
$sql = new MySQL($date["db_host"], $date["db_user"], $date["db_pass"], $date["db_name"]);
mysql_query("CREATE TABLE IF NOT EXISTS `" . __PREFIX__ . "user` (\n `id` int(5) NOT NULL auto_increment,\n `username` varchar(255) default NULL,\n `password` varchar(255) default NULL,\n `class` varchar(255) default NULL,\n `timesession` int(11) NOT NULL default '0',\n `clickup` text NOT NULL,\n PRIMARY KEY (`id`)\n) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;") or die(mysql_error());
echo "Table 'user' created with success<br>";
mysql_query("CREATE TABLE IF NOT EXISTS `" . __PREFIX__ . "sections` (\n `id` int(5) NOT NULL auto_increment,\n `name` varchar(255) default NULL,\n `description` varchar(225) NOT NULL default '',\n `last_author` varchar(225) NOT NULL default '',\n `date_time` varchar(225) NOT NULL default '',\n PRIMARY KEY (`id`)\n) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;") or die(mysql_error());
echo "Table 'sections' created with success<br>";
mysql_query("CREATE TABLE IF NOT EXISTS `" . __PREFIX__ . "topics` (\n `id` int(5) NOT NULL auto_increment,\n `name` varchar(255) default NULL,\n `author` varchar(255) NOT NULL default '',\n `last_author` varchar(255) NOT NULL default '',\n `text` text NOT NULL,\n `date_time` varchar(255) NOT NULL default '',\n `id_sections` int(5) default NULL,\n PRIMARY KEY (`id`)\n) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;") or die(mysql_error());
echo "Table 'topics' created with success<br>";
mysql_query("CREATE TABLE IF NOT EXISTS `" . __PREFIX__ . "posts` (\n `id` int(5) NOT NULL auto_increment,\n `author` varchar(255) default NULL,\n `text` varchar(255) default NULL,\n `date_time` text NOT NULL,\n `id_topics` int(11) NOT NULL default '0',\n PRIMARY KEY (`id`)\n) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;") or die(mysql_error());
echo "Table 'posts' created with success<br>";
$user = protectVar($_REQUEST['username']);
$pass = sha1(md5($_REQUEST['password']));
mysql_query("INSERT INTO `" . __PREFIX__ . "user` (`id`, `username`, `password`, `class`, `timesession`, `clickup`) VALUES ('1', '{$user}', '{$pass}', 'admin', '0', '');");
echo "User <b>'{$user}'</b> created with success<br>";
print "<br><br><br><br><p><a href=\"index.php\">Vai alla Home Page</a><br/><br/> <font color='red'>PRIMA CANCELLA IL FILE SEGENTE <u>install.php</u></font></p>";
} else {
?>
<html>
<head><title>Installation DxBB</title></head>
<body>
<h2 align="center">Installation</h2>
<br />
<form methos="POST" />
=> Dati di amministrazione_</br /><br />
Username: <input type="text" name="username" /><br /><br />
Password: <input type="password" name="password" /><br /><br />
public function printTopics($id)
{
$query_t = $this->sql->sendQuery("SELECT * FROM " . __PREFIX__ . "topics WHERE id_sections = '" . (int) $id . "'");
$query_m = $this->sql->sendQuery("SELECT * FROM " . __PREFIX__ . "topics WHERE id_sections = '" . (int) $id . "'");
$control_admin = $this->sql->sendQuery("SELECT * FROM " . __PREFIX__ . "user WHERE username = '******'username']) . "'");
print '<table width="100%" class="body">
<tr><td>Topics:</td><td>Ultimo messaggio:</td></tr>';
while ($result = mysql_fetch_array($control_admin)) {
$class = $result['class'];
$password = $result['password'];
}
while ($result_t = mysql_fetch_array($query_t)) {
$date_time = preg_replace("[/,: ]", "", $result_t['date_time']);
$code_left[] = '<td><p class="sections"><a class="link" href="viewTopic.php?id=' . $result_t['id'] . '">' . $result_t['name'] . "</a><br />";
if (@$class == 'admin' && $password == $_COOKIE['password']) {
if ($this->MarkAsNewPost->SetNewPost($date_time)) {
if ($this->MarkAsNewPost->UnsetNewPost($result_t['id'], $date_time)) {
$code_left[] = "<a class='link' href='admin.php?action=5&id=" . $result_t['id'] . "'>[x]</a></p></td>\n\t\t\t";
} else {
$code_left[] = "<a class='link' href='admin.php?action=5&id=" . $result_t['id'] . "'>[x]</a>[NEW]</p></td>\n\t\t\t";
}
} else {
$code_left[] = "<a class='link' href='admin.php?action=5&id=" . $result_t['id'] . "'>[x]</a> </p></td>\n\t\t\t";
}
} else {
if ($this->MarkAsNewPost->SetNewPost($date_time)) {
if ($this->MarkAsNewPost->UnsetNewPost($result_t['id'], $date_time)) {
$code_left[] = "</p></td>\n\t\t\t";
} else {
$code_left[] = "[NEW]</p></td>\n\t\t\t";
}
} else {
$code_left[] = "</p></td>\n\t\t\t";
}
}
}
while ($result_m = mysql_fetch_array($query_m)) {
$code_right[] = '<td><p class="sections">' . $result_m['date_time'] . '<br />' . $result_m['last_author'] . '</p></td>' . "\n\t\t\t";
}
@($count_left = count($code_left));
@($count_right = count($code_right));
$i = 0;
$j = 0;
while ($i < $count_left - 1) {
print "<tr>";
print $code_left[$i] . $code_left[++$i];
print $code_right[$j++];
print "</tr>";
$i++;
}
print "</table>";
}
