<BODY>
<h3>Banned users</h3>
<table border="1">
<tr>
<th>Username</th>
<th>Reason</th>
<th>Moderator</th>
<th>Ban ends</th>
</tr>
<?php
while ($row = mysql_fetch_assoc($result)) {
$username = htmlentities($row['username'], HTML_ENTITIES, 'UTF-8');
$translit_done = false;
$reason = translit($row['ban_reason'], $translit_done);
$reason = htmlentities($reason, HTML_ENTITIES, 'UTF-8');
$reason = before_bbcode($reason);
$reason = do_bbcode($reason);
$reason = nl2br($reason);
$reason = after_bbcode($reason);
$banned_by = htmlentities($row['banned_by'], HTML_ENTITIES, 'UTF-8');
$ban_ends = $row['ban_end'];
print '<tr><td>' . $username . '</td><td>' . $reason . '</td><td>' . $banned_by . '</td><td>' . $ban_ends . '</td></tr>';
}
?>
</table>
</BODY>
</HTML>
<?php
require 'tail_inc.php';
?>
/**
* Renderers
*/
function render_for_display($msgbody)
{
$msgbody = htmlentities($msgbody, HTML_ENTITIES, 'UTF-8');
$msgbody = before_bbcode($msgbody);
$msgbody = do_bbcode($msgbody);
$msgbody = nl2br($msgbody);
$msgbody = after_bbcode($msgbody);
return $msgbody;
}
?>
</b>!<br/><p>
Your article has been sent to forum.</p><p>
<?php
} else {
if (!is_null($preview)) {
$author = $user;
$subject = $subj;
$created = $time = strftime('%Y-%m-%d %H:%M:%S');
$translit_done = false;
$msgbody = translit($new_body, $translit_done);
if (!is_null($msgbody) && strlen($msgbody) > 0 && !is_null($prefix) && strlen($prefix) > 0) {
$msgbody = $prefix . ' ' . str_replace("\n", "\n" . $prefix . ' ', $msgbody);
}
$msgbody = htmlentities($msgbody, HTML_ENTITIES, 'UTF-8');
$msgbody = before_bbcode($msgbody);
$msgbody = do_bbcode($msgbody);
$msgbody = nl2br($msgbody);
$msgbody = after_bbcode($msgbody);
$trans_body = $msgbody;
if ($translit_done === true) {
$trans_body .= '<BR><BR>[Message was transliterated]';
}
}
}
} else {
// validation error
print $err;
http_response_code(400);
}
require_once 'tail_inc.php';
if (is_null($msg_id)) {
die("Specify message ID");
}
// 1 retrieve and print as is
$query = 'SELECT * from confa_posts where id = ' . $msg_id;
// $query = "alter table confa_users add last_pm_check_time timestamp default '0000-00-00 00:00:00'";
// $query = "update confa_users set last_pm_check_time = CURRENT_TIMEstamp";
$result = mysql_query($query);
if (!$result) {
mysql_log(__FILE__, 'Query page count failed: ' . mysql_error() . ' QUERY: ' . $query);
die('Query failed.' . mysql_error() . ' QUERY: ' . $query);
}
while ($row = mysql_fetch_assoc($result)) {
$body = $row['body'];
print "Original:<br/>" . $body;
$body = before_bbcode($body);
print "<br/><b>before_bbcode:</b><br/>" . $body;
$body = do_bbcode($body);
print "<br/><b>do_bbcode:</b><br/>" . $body;
$body = nl2br($body);
print "<br/><b>nl2br:</b><br/>" . $body;
$body = after_bbcode($body);
print "<br/><b>after_bbcode:</b><br/>" . $body;
// bbcode, print
// after bbcode, print
}
print "<br/>The end";
require_once 'tail_inc.php';
?>
if ($row2['status'] == 3) {
print '<font color="red">Censor (Мат)</font>';
} elseif ($row2['status'] == 4) {
print '<font color="red">Censor (Хамство)</font>';
} elseif ($row2['status'] == 5) {
print '<font color="red">Censor (Наезд)</font>';
} elseif ($row2['status'] == 2) {
print '<font color="red">Delete message</font>';
} else {
$translit_done = false;
$s_mess = trim($row2['body']);
$s_mess = str_replace($n_ff, "", $s_mess);
$s_mess = translit($s_mess, $translit_done);
if (!is_null($s_mess) && strlen($s_mess) > 0 && !is_null($prefix) && strlen($prefix) > 0) {
$s_mess = $prefix . ' ' . str_replace("\n", "\n" . $prefix . ' ', $s_mess);
}
$s_mess = htmlentities($s_mess, HTML_ENTITIES, 'UTF-8');
$s_mess = before_bbcode($s_mess);
$s_mess = do_bbcode($s_mess);
$s_mess = nl2br($s_mess);
$s_mess = after_bbcode($s_mess);
echo trim($s_mess);
}
}
$query = 'UPDATE confa_posts SET views=views + 1 where id=' . $mess_id;
$result = mysql_query($query);
}
require_once 'tail_inc.php';
?>
function post($subj, $body, $re = 0, $msg_id = 0, $ticket = "", $nsfw = false, $to)
{
global $err_login, $logged_in, $ban, $ip, $agent, $user_id, $content_nsfw;
$err = validate($subj, $body, $to);
if (strlen($err) != 0) {
return $err;
} else {
if (!$logged_in || $ban) {
// just in case
return "User not logged in or banned from forum";
}
}
$chars = 0;
$content_flags = 0;
if (!is_null($body) && strlen($body) != 0) {
$chars = strlen(utf8_decode($body));
$length = strlen($body);
if (stristr(render_for_display($body), "<img style")) {
$content_flags |= 2;
}
$new_body = render_for_db($body);
$has_video = false;
before_bbcode($body, $has_video);
if ($has_video || preg_match('/id="[a-z]*-video"/', $new_body)) {
$content_flags |= 4;
}
$ibody = '\'' . mysql_escape_string($new_body) . '\'';
} else {
$ibody = "''";
}
if (isset($nsfw) && $nsfw !== false) {
$content_flags |= $content_nsfw;
}
if (isset($to)) {
$query = 'SELECT id from confa_users where username=\'' . mysql_escape_string($to) . '\' and status != 2';
$result = mysql_query($query);
if (!$result) {
mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
return 'Query failed';
}
$row = mysql_fetch_assoc($result);
$to_id = $row['id'];
if (is_null($to_id)) {
return "No such recipient";
}
}
if (strlen($ticket) > 0) {
$query = 'INSERT into confa_tickets(ticket) values(\'' . $ticket . '\')';
$result = mysql_query($query);
if (!$result) {
mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
return 'This is duplicated post (ticket ' . $ticket . ')';
}
}
if (isset($to_id)) {
// send pmail
$query = 'INSERT INTO confa_pm(sender, receiver, subject, body, chars) values(' . $user_id . ', ' . $to_id . ', \'' . mysql_escape_string($subj) . '\', ' . $ibody . ', ' . $chars . ')';
$result = mysql_query($query);
if (!$result) {
mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
return 'Query failed';
}
$id = mysql_insert_id();
update_new_pm_count($to_id);
return array("id" => $id);
} else {
if (isset($msg_id) && $msg_id > 0) {
// update existing post
$query = 'SELECT p.subject, p.body, p.status, p.author, p.created, p.thread_id, p.level, p.closed as post_closed, p.id, t.closed as thread_closed, ( select max(page) from confa_threads) - t.page + 1 as page from confa_posts p, confa_threads t where t.id=p.thread_id and p.id=' . $msg_id;
$result = mysql_query($query);
if (!$result) {
mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
return 'Query failed';
}
if (mysql_num_rows($result) == 0) {
return "Message not found";
}
$row = mysql_fetch_assoc($result);
$thread_id = $row['thread_id'];
$old_subject = $row['subject'];
$old_body = $row['body'];
$closed = !is_null($row['post_closed']) && $row['post_closed'] > 0 || !is_null($row['thread_closed']) && $row['thread_closed'] > 0;
if ($closed || $row['status'] != 1 || !can_edit_post($row['author'], $row['created'], $user_id, $msg_id)) {
return 'Modifications to this post are not allowed.';
}
if (strcmp($old_subject, $subj) != 0 || strcmp($old_body, $new_body) != 0) {
// create a new version
$query = 'INSERT INTO confa_versions (parent, subject, body, created, chars, IP, user_agent, views, content_flags) ' . ' SELECT id, subject, body, IF(ISNULL(modified), created, modified), chars, IP, user_agent, views, content_flags FROM confa_posts WHERE id=' . $msg_id;
$result = mysql_query($query);
if (!$result) {
mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
return 'Query failed';
}
}
// update post
$query = 'UPDATE confa_posts SET subject=\'' . mysql_escape_string($subj) . '\',body=' . $ibody . ',modified=now(),ip=' . $ip . ',user_agent=' . $agent . ',content_flags=' . $content_flags . ', chars=' . $chars . ',views=0 WHERE id=' . $msg_id;
$result = mysql_query($query);
if (!$result) {
mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
return 'Query failed';
}
return array("id" => $msg_id);
} else {
if ($re == 0) {
// create new thread
$query = 'select sum(counter) as cnt, page from confa_threads group by page desc limit 1';
$result = mysql_query($query);
if (!$result) {
mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
return 'Query failed';
}
$row = mysql_fetch_assoc($result);
$last_page = $row['page'];
if ($row['cnt'] > 200) {
$last_page++;
}
if (is_null($last_page)) {
$last_page = 1;
}
$query = 'INSERT INTO confa_threads(author, page) values(' . $user_id . ', ' . $last_page . ')';
$result = mysql_query($query);
if (!$result) {
mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
return 'Query failed';
}
$thread_id = mysql_insert_id();
$query = 'INSERT INTO confa_posts(status, parent, author, subject, body, created, thread_id, chars, auth, ip, user_agent, content_flags) values(1, 0, ' . $user_id . ',\'' . mysql_escape_string($subj) . '\', ' . $ibody . ', now(), ' . $thread_id . ', ' . $chars . ', 1, ' . $ip . ', ' . $agent . ', ' . $content_flags . ')';
$result = mysql_query($query);
if (!$result) {
mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
return 'Query failed';
}
$id = mysql_insert_id();
$query = "UPDATE confa_users set status = 1 where id=" . $user_id;
$result = mysql_query($query);
if (!$result) {
mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
return 'Query failed';
}
return array("id" => $id, "thread_id" => $thread_id);
} else {
// respond to an existing post
$query = 'SELECT p.thread_id, p.level, p.closed as post_closed, p.id, t.closed as thread_closed, ( select max(page) from confa_threads) - t.page + 1 as page from confa_posts p, confa_threads t where t.id=p.thread_id and p.id=' . $re;
$result = mysql_query($query);
if (!$result) {
mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
return 'Query failed';
}
if (mysql_num_rows($result) != 0) {
$row = mysql_fetch_assoc($result);
if (!is_null($row['post_closed']) && $row['post_closed'] > 0 || !is_null($row['thread_closed']) && $row['thread_closed'] > 0) {
return 'Replies to this post are disabled.';
}
$msg_page = $row['page'];
if (is_null($msg_page)) {
$msg_page = 1;
}
$thread_id = $row['thread_id'];
$level = $row['level'];
$level++;
$query = 'UPDATE confa_threads set counter=counter+1 where id=' . $thread_id;
$result = mysql_query($query);
if (!$result) {
mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
return 'Query failed';
}
} else {
return 'Cannot find parent for msg=' . $re;
}
$query = 'INSERT INTO confa_posts(status, parent, level, author, subject, body, created, thread_id, chars, auth, ip, user_agent, content_flags) values( 1, ' . $re . ', ' . $level . ', ' . $user_id . ',\'' . mysql_escape_string($subj) . '\', ' . $ibody . ', now(), ' . $thread_id . ', ' . $chars . ', 1, ' . $ip . ', ' . $agent . ', ' . $content_flags . ')';
$result = mysql_query($query);
if (!$result) {
mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
return 'Query failed';
}
$id = mysql_insert_id();
// wtf is this for?
$query = "UPDATE confa_users set status = 1 where id=" . $user_id;
$result = mysql_query($query);
if (!$result) {
mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
return 'Query failed';
}
return array("id" => $id);
}
}
}
return "";
}