function show_posts($posttype, $set, $postid, $start, $finish) { global $cat; if (!has_read_access($posttype)) { echo '<div id="textSmall">' . "<p>Sorry, you don't have access to read this topic.</p>" . '</div>'; include_game_down(); exit; } $start = max(0, $start); $finish = max(FORUM_POSTS_PER_PAGE, $finish); if (isset($GLOBALS["objSrcUser"])) { $objSrcUser =& $GLOBALS["objSrcUser"]; $userid = $objSrcUser->get_userid(); $arrStats = $objSrcUser->get_stats(); } // dynamic stuff is sooooooo much cooler, isn't that what loops and // functions were invented for? $strSQL = "SELECT post_id FROM forum WHERE type = {$posttype} AND parent_id = {$postid}"; $num = mysql_num_rows(mysql_query($strSQL)); $strPages = 'Page '; $postcounter = 0; do { $counternext = $postcounter + FORUM_POSTS_PER_PAGE; $page = $postcounter / FORUM_POSTS_PER_PAGE + 1; if ($start != $postcounter) { $strPages .= "<a class='forum' href='main.php?cat={$cat}&page=forums&set={$set}&postid={$postid}&mode=posts&start={$postcounter}&finish={$counternext}'>"; } $strPages .= "{$page}"; if ($start != $postcounter) { $strPages .= "</a>"; } $strPages .= " "; $postcounter = $counternext; } while ($postcounter < $num); $posts = mysql_query("SELECT * FROM forum WHERE type = {$posttype} AND post_id = {$postid}") or die(mysql_error()); $posts = mysql_fetch_array($posts); if (trim($posts['title']) != '') { $posts['title'] = cleanHTML($posts['title']); } else { $posts['title'] = "No subject"; } // Species 5618, 30-3-2004 // Checks to see wether the tribe is in the same alli as the post belongs to // This was an exploit before i fixed, by manipulating the url, players could read any post in the game. if ($posttype == 0 && $arrStats[ALLIANCE] != $posts['poster_kd']) { if (isset($posts['poster_kd'])) { echo '<div class="center">' . 'The topic/post you requested can\'t be accessed.' . '</div>'; include_game_down(); exit; } else { echo '<div class="center">' . "The topic/post you requested doesn't exist anymore.</div>"; include_game_down(); exit; } } echo "<br />"; // Back button table echo "<div class='tableLinkBig'><a name='top' href='#bottom'>To The Bottom</a> :: "; echo "<a href=\"main.php?cat={$cat}&page=forums&set={$set}&mode=threads\">Back To Overview</a>"; echo "</div>"; $colspan = '2'; if ((mod_access($posttype) && isset($arrStats) && $arrStats[LEVEL] >= 5 || $posttype == 0 || $posttype == 4 || $posttype == 5) && $cat != 'main') { $colspan = '3'; } // Table Header echo '<table cellpadding="0" cellspacing="0" class="big">' . '<form id="center" name="forum" action="main.php?cat=' . $cat . '&page=forums&set=' . $set . '&mode=threads&action=moderation" method="post">' . '<tr class="header">' . '<th colspan="' . $colspan . '">Topic: ' . $posts['title'] . '</th>' . '</tr>' . '<tr class="subheader">' . '<th colspan="' . $colspan . '" class="right">' . $strPages . '</th>' . '</tr>'; if ($start == 0) { // FIRST POST OF A THREAD // NO DELETION ALLOWED $posts['post'] = cleanHTML($posts['post']); echo "<tr class=\"data\">"; echo "<td class='left'><br />"; // Hide id on WF - AI 31/10/06 M: enable on alliance, lno, ops, + admins if ((mod_access($posttype) && isset($arrStats) && $arrStats[LEVEL] >= 5 || $posttype == 0 || $posttype == 4 || $posttype == 5) && $cat != 'main') { $alliance = mysql_query("SELECT " . ALLIANCE . " FROM stats WHERE id = {$posts['poster_id']}"); $alliance = mysql_fetch_array($alliance); echo "<a href=\"main.php?cat=game&page=mail&set=compose&replyid={$posts['poster_id']}&kingdom={$alliance['kingdom']}\" title=\"{$posts['poster_tribe']} (#" . $alliance[ALLIANCE] . ")\">{$posts['poster_name']}</a> "; } else { echo "<strong>{$posts['poster_name']}</strong> "; } echo $posts['date_time'] . " "; if ($posts['date_time'] != $posts['updated']) { echo " edited "; } if ($cat == 'game' && $posts['poster_id'] == $userid && $posts['close_option'] != 1) { echo "<a href=\"main.php?cat={$cat}&page=forums&set={$set}&postid={$postid}&edit_id={$posts['post_id']}&mode=edit\">edit</a>"; } echo "<br /><br /></td>"; $strSponsorBadge = get_sponsor_badge($posts['poster_id']); echo '<td rowspan="2" class="center bsdown" width="45">' . '<a href="main.php?cat=' . $cat . '&page=sponsors" title="Dragon Sponsor">' . $strSponsorBadge . '</a>' . '</td>'; if (mod_access($posttype)) { echo "<td rowspan='2' align='center' class=\"center bsdown bsleft\" width=\"45\"> X </td>"; } echo "</tr><tr class='data'><td colspan='1' valign='top' class=\"left bsdown\" style='padding-left: 1em;'><div>" . $posts['post'] . "<br /><br /></div></td></tr>"; } @($result = mysql_query("SELECT * from forum where type ='{$posttype}' and parent_id='{$postid}' ORDER BY date_time ASC ")) or die(mysql_error()); $i = 0; while ($forum = mysql_fetch_array($result)) { if ($i >= $start && $i < $finish) { if ($forum['date_time']) { $forum['post'] = cleanHTML($forum['post']); echo "<tr class=\"data\">"; echo "<td class='left'><br />"; // Hide ID on WF - AI 31/10/06 if ((mod_access($posttype) && isset($arrStats) && $arrStats[LEVEL] >= 5 || $posttype == 0 || $posttype == 4 || $posttype == 5) && $cat != 'main') { $alliance = mysql_query("SELECT " . ALLIANCE . " FROM stats WHERE id = {$forum['poster_id']}"); $alliance = mysql_fetch_array($alliance); echo "<a href=\"main.php?cat=game&page=mail&set=compose&replyid={$forum['poster_id']}&kingdom={$alliance['kingdom']}\" title=\"{$forum['poster_tribe']} (#" . $alliance[ALLIANCE] . ")\">{$forum['poster_name']}</a> "; } else { echo "<strong>{$forum['poster_name']}</strong> "; } echo $forum['date_time'] . " "; if ($forum['date_time'] != $forum['updated']) { echo " edited "; } if ($cat == 'game' && $forum['poster_id'] == $userid && $posts['close_option'] != 1) { echo "<a href=\"main.php?cat={$cat}&page=forums&set={$set}&postid={$postid}&edit_id={$forum['post_id']}&mode=edit\">edit</a> "; } echo "<br /><br /></td>"; $strSponsorBadge = get_sponsor_badge($forum['poster_id']); echo '<td rowspan="2" class="center bsdown" width="45">' . '<a href="main.php?cat=' . $cat . '&page=sponsors" title="Dragon Sponsor">' . $strSponsorBadge . '</a>' . '</td>'; if (mod_access($posttype)) { echo "<td rowspan='2' align='center' class=\"center bsdown bsleft\"><input name='posts[]' type='checkbox' value='{$forum['post_id']}' /></td>"; } echo "</tr><tr class=\"data\"><td colspan='1' class=\"left bsdown\" valign='top' style='padding-left: 1em;'>"; echo "<div>" . $forum['post'] . "<br /><br /></div></td>"; echo "</tr>"; } } $i++; } echo "<tr class='subheader'><th colspan='{$colspan}' class='right' style='border: 0;'>{$strPages}</th></tr>"; echo "</table>"; echo '<div class="center"><br />'; if (mod_access($posttype)) { echo "| <a href='#' onclick=\"var posts=document.getElementsByName('forum')[0]['posts[]']; for(var i=0,len=posts.length;i<len;i++) posts[i].checked=true;\">Check All</a>"; echo " | <a href='#' onclick=\"var posts=document.getElementsByName('forum')[0]['posts[]']; for(var i=0,len=posts.length;i<len;i++) posts[i].checked=false;\">Uncheck All</a> "; } echo "| <a href=\"main.php?cat={$cat}&page=forums&set={$set}&mode=threads\">Back To Overview</a> |"; echo " <a name=\"bottom\" href='#top'>To The Top</a> |"; if (mod_access($posttype)) { echo "<br /><br />"; echo "<input type='submit' name='delete' value='Delete' /> "; } echo '</div>'; echo "</form>"; // Adding in open close option for threads //close at 120 posts if ($num >= FORUM_MAX_PAGES * FORUM_POSTS_PER_PAGE && $arrStats[ALLIANCE] > 10) { $posts['close_option'] = 2; } if ($posts['close_option'] == 0 && $cat != 'main') { $strReplyToTopicForm = '<div id="textMedium">' . '<h2>Reply To Topic</h2>' . '<form action="main.php?cat=game&page=forums&set=' . $set . '&mode=posts&action=post" method="post">' . '<label for="1">Your Reply</label>: ' . '<br /><textarea name="text" rows="8" cols="44" id="1"></textarea>' . '<br /><br />' . '<input type="submit" value="Post your reply" />' . '<br /><br />' . '<input type="checkbox" name="formatted" value="yes" id="2" /> ' . '<label for="2">With Tabs</label> (Sometimes this can make a copied table look great.)' . '<input type="hidden" name="postid" value="' . $postid . '" />' . '</form>' . '</div>'; echo $strReplyToTopicForm; } elseif ($posts['close_option'] == 2 && $arrStats[ALLIANCE] > 10) { echo '<div class="center"><br />' . "It seems this was a very popular topic! It is now full, but you may create a new one.</div>"; } elseif ($posts['close_option'] == 1) { echo '<div class="center"><br />' . "This topic has been closed, you can't reply to it.</div>"; } }
function include_forums_text() { global $orkTime, $cat; // Get stored session id from a user account if (isset($GLOBALS["objSrcUser"])) { $objSrcUser =& $GLOBALS["objSrcUser"]; $strSession = $objSrcUser->get_user_info(SESSION); } elseif ($cat == 'main') { $strSession = 'guest'; // Allow people without a stored session to read echo '<h2 style="margin: 15px auto; text-align: center;"><img src="' . HOST_PICS . 'first_forum.gif" alt="Forums" /></h2>'; } // Show Links $set = 'news'; if (isset($_GET['set'])) { $set = $_GET['set']; } echo get_forum_links($set); include_once 'inc/functions/forums.php'; $posttype = select_forum($set, TRUE); session_start(); $session = session_id(); if ($strSession == $session || $strSession == 'guest') { $action = ''; if (isset($_GET['action'])) { $action = $_GET['action']; } switch ($action) { case "moderation": if (mod_access($posttype) == 'yes') { if (isset($_POST['posts'])) { $posts = $_POST['posts']; $postcount = count($posts); $ids = ""; for ($i = 0; $i < $postcount; $i++) { $ids .= intval($posts[$i]); if ($i != $postcount - 1) { $ids .= ","; } } forum_moderation($objSrcUser, $posttype, $ids); } else { echo '<div class="center">' . 'Please select a topic or post first.' . '</div>'; } } break; case "edit": record_an_edit($posttype, $set, intval($_POST['postid']), intval($_POST['edit_id']), $orkTime); break; } $mode = 'threads'; if (isset($_GET['mode'])) { $mode = $_GET['mode']; } switch ($mode) { case "threads": if (isset($_GET['action']) && $_GET['action'] == "post") { record_a_thread_post($posttype, $set, $_POST['title'], $_POST['text']); } show_threads($posttype, $set); break; case "posts": if (isset($_GET['action']) && $_GET['action'] == "post") { record_a_post($posttype, $set, intval($_POST['postid']), $_POST['text']); } show_posts($posttype, $set, intval($_GET['postid']), intval($_GET['start']), intval($_GET['finish'])); break; case "edit": show_edit_form($posttype, $set, intval($_GET['postid']), intval($_GET['edit_id'])); break; } } else { echo '<div class="center">' . 'Sorry, we lost your session. You need to log in again to see ' . 'the forums.' . '</div>'; } }