<?php
require_once "configuration/main.php";
if (!$permissions['viewforum']) {
redirect("errors/permissions.html");
}
$mQuery = $mysql->query("SELECT `title`, `section` FROM `threads` WHERE `id` = '" . escape($_GET['thread']) . "'");
if ($mQuery->num_rows) {
$mData = $mQuery->fetch_assoc();
setPageInfo("Rate Thread", $mData['title']);
} else {
die("You have followed an invalid link.");
}
if (!$permissions['ratethreads']) {
redirect("errors/permissions.html");
}
$rateQuery = $mysql->query("SELECT `id` FROM `rating` WHERE `thread` = '" . escape($_GET['thread']) . "' AND `user` = '" . $_SESSION['accountid'] . "'");
if ($rateQuery->num_rows) {
die("You have already rated this thread.");
}
if ($_GET['rating'] != 1 && $_GET['rating'] != 2 && $_GET['rating'] != 3 && $_GET['rating'] != 4 && $_GET['rating'] != 5) {
die("You have followed an invalid link.");
}
$mysql->query("INSERT INTO `rating` (`thread`, `rating`, `user`) VALUES ('" . escape($_GET['thread']) . "', '" . escape($_GET['rating']) . "', '" . $_SESSION['accountid'] . "')");
redirect("section?id=" . $mData['section'] . "");
?>
<?php
require_once "includes/footer.php";
<?php
require_once "configuration/main.php";
if (!$permissions['viewforum']) {
redirect("errors/permissions.html");
}
$mQuery = $mysql->query("SELECT * FROM `comments` WHERE `id` = '" . escape($_GET['id']) . "'");
$mData = $mQuery->fetch_assoc();
if (!$permissions['viewotherthreads'] && $mData['poster'] != $_SESSION['accountid']) {
redirect("errors/permissions.html");
}
if ($mData['hidden'] && !$permissions['viewhiddencomments'] && (!$permissions['viewownhiddencomments'] || $mData['poster'] != $_SESSION['accountid'])) {
redirect("errors/permissions.html");
}
setPageInfo("View Comment", "");
$accountQuery = $mysql->query("SELECT `displayname`, `country`, `usertitle`, `avatar`, `ip`, `signature` FROM `accounts` WHERE `id` = '" . $mData['poster'] . "'");
if ($accountQuery->num_rows) {
$accountData = $accountQuery->fetch_assoc();
$commentPoster = $accountData['displayname'];
} else {
$commentPoster = "Guest";
}
if (!$accountData['usertitle']) {
$userTitleQuery = $mysql->query("SELECT `usergroup` FROM `usergroup_tracker` WHERE `user` = '" . $mData['poster'] . "' ORDER BY `primary` DESC");
if ($userTitleQuery->num_rows) {
while ($userTitleData = $userTitleQuery->fetch_assoc()) {
$userGroupQuery = $mysql->query("SELECT `title` FROM `usergroups` WHERE `id` = '" . $userTitleData['usergroup'] . "'");
$userGroupData = $userGroupQuery->fetch_assoc();
if ($accountData['usertitle'] && $userGropuData['title']) {
$accountData['usertitle'] .= "<br>";
}
<?php
require_once "configuration/main.php";
if (!$permissions['viewforum']) {
redirect("errors/permissions.html");
}
$mQuery = $mysql->query("SELECT * FROM `categories` WHERE `id` = '" . escape($_GET['id']) . "'");
if ($mQuery->num_rows) {
$mData = $mQuery->fetch_assoc();
setPageNavigation("category", $_GET['id']);
setPageInfo($mData['name'], $mData['description']);
} else {
die("You have followed an invalid link.");
}
echo "<div class='categoryTitle'>\n\t\t<table>\n\t\t\t<tr>\n\t\t\t\t<td width='540'>\n\t\t\t\t\t" . $mData['name'] . "\n\t\t\t\t</td>\n\n\t\t\t\t<td width='100'>\n\t\t\t\t\tStatistics\n\t\t\t\t</td>\n\n\t\t\t\t<td>\n\t\t\t\t\tLast Post\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t</div>";
if ($mData['description']) {
echo "<div class='categoryDescription'>\n\t\t\t" . $mData['description'] . "\n\t\t</div>";
}
$sectionQuery = $mysql->query("SELECT * FROM `sections` WHERE `category` = '" . escape($_GET['id']) . "' AND `parent` IS NULL ORDER BY `order` ASC");
while ($sectionData = $sectionQuery->fetch_assoc()) {
$threadAmount = 0;
$commentAmount = 0;
if ($permissions['viewotherthreads']) {
if ($permissions['viewhiddenthreads']) {
$threadQuery = $mysql->query("SELECT `id` FROM `threads` WHERE `section` = '" . $sectionData['id'] . "'");
} else {
$threadQuery = $mysql->query("SELECT `id` FROM `threads` WHERE `section` = '" . $sectionData['id'] . "' AND `hidden` != '1'");
}
} else {
if ($permissions['viewhiddenthreads']) {
$threadQuery = $mysql->query("SELECT `id` FROM `threads` WHERE `section` = '" . $sectionData['id'] . "' AND `poster` = '" . $_SESSION['accountid'] . "'");
<?php
require_once "configuration/main.php";
if (!$permissions['viewforum'] || !$permissions['search']) {
redirect("errors/permissions.html");
}
setPageInfo("Search", "");
if ($_POST['search']) {
echo "<div class='categoryTitle'>\n\t\t\t<table>\n\t\t\t\t<tr>\n\t\t\t\t\t<td width='540'>\n\t\t\t\t\t\tSearch Results\n\t\t\t\t\t</td>\n\n\t\t\t\t\t<td>\n\t\t\t\t\t\tType\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t</table>\n\t\t</div>";
if ($_POST['threadtitles'] == "on") {
$mQuery = $mysql->query("SELECT `id`, `poster`, `title`, `date`, `locked`, `hidden` FROM `threads` WHERE `title` LIKE '%" . escape($_POST['search']) . "%'");
while ($mData = $mQuery->fetch_assoc()) {
if (!$mData['hidden'] || $permissions['viewhiddenthreads']) {
$accountQuery = $mysql->query("SELECT `displayname` FROM `accounts` WHERE `id` = '" . $mData['poster'] . "'");
$accountData = $accountQuery->fetch_assoc();
$sectionIcon = $mData['locked'] ? "" : "";
if ($mData['hidden']) {
$sectionIcon = "";
}
echo "<a href='thread?id=" . $mData['id'] . "'>\n\t\t\t\t\t\t<div class='sectionContainer'>\n\t\t\t\t\t\t\t<table>\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t\t\t<div class='sectionIcon'>\n\t\t\t\t\t\t\t\t\t\t\t{$sectionIcon}\n\t\t\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t\t\t\t<td width='500'>\n\t\t\t\t\t\t\t\t\t\t<div class='sectionName'>\n\t\t\t\t\t\t\t\t\t\t\t" . $mData['title'] . "\n\t\t\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t\t\t<div class='sectionDescription'>\n\t\t\t\t\t\t\t\t\t\t\tStarted by " . $accountData['displayname'] . " - " . customDate($mData['date']) . "\n\t\t\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t\t\tThread Title\n\t\t\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t</div>\n\t\t\t\t\t</a>";
}
}
}
if ($_POST['threadcomments'] == "on") {
$mQuery = $mysql->query("SELECT `id`, `poster`, `thread`, `date`, `hidden` FROM `comments` WHERE `comment` LIKE '%" . escape($_POST['search']) . "%'");
while ($mData = $mQuery->fetch_assoc()) {
if (!$mData['hidden'] || $permissions['viewhiddencomments'] || $permissions['viewownhiddencomments'] && $mData['poster'] == $_SESSION['accountid']) {
$threadQuery = $mysql->query("SELECT `title` FROM `threads` WHERE `id` = '" . $mData['thread'] . "'");
$threadData = $threadQuery->fetch_assoc();
$accountQuery = $mysql->query("SELECT `displayname` FROM `accounts` WHERE `id` = '" . $mData['poster'] . "'");
$accountData = $accountQuery->fetch_assoc();
} else {
die("You have followed an invalid link.");
}
if (!$permissions['editpost'] && (!$permissions['editownprofilemessage'] || $mData['poster'] != $_SESSION['accountid'])) {
redirect("errors/permissions.html");
}
if ($_POST['editprofilemessage']) {
if (strlen($_POST['body']) >= 3) {
$mysql->query("UPDATE `profilemessages` SET `message` = '" . escape($_POST['body']) . "' WHERE `id` = '" . escape($_GET['profilemessage']) . "'");
echo "You have edited the profile message.";
redirect("user?id=" . $mData['user'] . "", 2);
} else {
echo "<div class='box'>\n\t\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\t\tThe profile message must be at least 3 characters long.\n\t\t\t\t\t</div>\n\t\t\t\t</div>\n\n\t\t\t\t<br>";
}
}
setPageInfo("Edit Profile Message", "");
echo "<form action='editpost?profilemessage=" . $_GET['profilemessage'] . "' method='POST'>\n\t\t\t<div id='commentBox' class='box'>\n\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\tEdit Profile Message\n\t\t\t\t</div>\n\n\t\t\t\t<div class='boxMain'>\n\t\t\t\t\t<button type='button' data-tag='B' class='bbcode boxButton'>bold</button>\n\t\t\t\t\t<button type='button' data-tag='I' class='bbcode boxButton'>italic</button>\n\t\t\t\t\t<button type='button' data-tag='U' class='bbcode boxButton'>underline</button>\n\t\t\t\t\t<button type='button' data-tag='LEFT' class='bbcode boxButton'>left</button>\n\t\t\t\t\t<button type='button' data-tag='CENTER' class='bbcode boxButton'>center</button>\n\t\t\t\t\t<button type='button' data-tag='RIGHT' class='bbcode boxButton'>right</button>\n\t\t\t\t\t<button type='button' data-tag='LIST' class='bbcode boxButton'>bullet list</button>\n\t\t\t\t\t<button type='button' data-tag='NLIST' class='bbcode boxButton'>number list</button>\n\t\t\t\t\t<button type='button' data-tag='LI' class='bbcode boxButton'>list item</button>\n\t\t\t\t\t<button type='button' data-tag='EMAIL' class='bbcode boxButton'>email</button>\n\t\t\t\t\t<button type='button' data-tag='IMG' class='bbcode boxButton'>image</button>\n\t\t\t\t\t<button type='button' data-tag='QUOTE' class='bbcode boxButton'>quote</button>\n\t\t\t\t\t<button id='bbcode-link' type='button' data-tooltip='Example: [URL=http://example.com]Click here[/URL]' class='boxButton'>link</button>\n\t\t\t\t\t<button id='bbcode-font' type='button' data-tooltip='Example: [FONT=Arial]Hello world![/FONT]' class='boxButton'>font</button>\n\t\t\t\t\t<button id='bbcode-size' type='button' data-tooltip='Example: [SIZE=5]Hello world![/SIZE]' class='boxButton'>size</button>\n\t\t\t\t\t<button id='bbcode-color' type='button' data-tooltip='Example: [COLOR=RED]Hello[/COLOR] [COLOR=#00FF00]world![/COLOR]' class='boxButton'>color</button> ";
if ($permissions['mentionusers']) {
echo "<button type='button' data-tag='MENTION' data-tooltip='Example: [MENTION]Jimmy[/MENTION]' class='bbcode boxButton'>mention</button>";
}
echo "<br><br>\n\n\t\t\t\t\t<textarea id='body' name='body' placeholder=' Profile Message' maxlength='5000' class='boxTextArea' required>" . $mData['message'] . "</textarea>\n\t\t\t\t</div>\n\t\t\t</div>\n\n\t\t\t<div align='right'>\n\t\t\t\t<input type='submit' name='editprofilemessage' value='Edit Profile Message' class='boxButton'>\n\t\t\t</div>\n\t\t</form>";
} else {
die("You have followed an invalid link.");
}
}
}
?>
<script>
$(document).ready(function()
{
<?php
require_once "configuration/main.php";
if (!$permissions['viewprofile']) {
redirect("errors/permissions.html");
}
if ($_GET['id'] == "me") {
redirect("user?id=" . $_SESSION['accountid'] . "");
}
$mQuery = $mysql->query("SELECT * FROM `accounts` WHERE `id` = '" . escape($_GET['id']) . "'");
if ($mQuery->num_rows) {
$mData = $mQuery->fetch_assoc();
setPageInfo("User Profile", $mData['displayname']);
if (!$mData['usertitle']) {
$userTitleQuery = $mysql->query("SELECT `usergroup` FROM `usergroup_tracker` WHERE `user` = '" . $mData['id'] . "' ORDER BY `primary` DESC");
if ($userTitleQuery->num_rows) {
while ($userTitleData = $userTitleQuery->fetch_assoc()) {
$userGroupQuery = $mysql->query("SELECT `title` FROM `usergroups` WHERE `id` = '" . $userTitleData['usergroup'] . "'");
$userGroupData = $userGroupQuery->fetch_assoc();
if ($mData['usertitle'] && $userGroupData['title']) {
$mData['usertitle'] .= "<br>";
}
$mData['usertitle'] .= $userGroupData['title'];
}
}
}
} else {
die("You have followed an invalid link.");
}
if ($_POST['postprofilemessage']) {
if (strlen($_POST['profilemessage']) >= 3) {
<p class="p3">
<span class="sp_1"><b>' . $award3 . '</b><s></s></span>
<span class="sp_2"><b>' . $award2 . '</b><s></s></span>
</p>
</div>
</div>';
$i++;
}
$totalnum = getTotalNumber($sql);
$totalpage = ceil($totalnum / $pagesize);
//$out= preg_replace("/".$searchkey."/", "<font style='color:#f60'>".$searchkey."</font>", $out);
if (empty($out)) {
$out = '<div class="nht_box" style="height:200px;width:960px; text-align:center"><img style="margin-top:40px" src="' . $cfg_templets_skin . '/images/nodata.jpg"/></div>';
}
$data['list'] = $out;
$data['pageinfo'] = setPageInfo($curpage, $totalpage);
$data['total'] = $totalnum;
$data['totalpage'] = $totalpage;
//$data['rechotel']=$recHotel;
//array_push($data,$out,$pageinfo,$totalnum);
echo json_encode($data);
}
//获取线路价格范围
function getMinMax($priceid)
{
global $dsql;
$arr = array();
$tablename = '#@__line_pricelist';
$arr['min'] = '';
$arr['max'] = '';
$sql = "select lowerprice,highprice from {$tablename} where id={$priceid}";
if ($mQuery->num_rows) {
$mData = $mQuery->fetch_assoc();
if (!$permissions['viewotherthreads'] && $mData['poster'] != $_SESSION['accountid']) {
redirect("errors/permissions.html");
}
if (!$permissions['postcomments'] && (!$permissions['postowncomments'] || $mData['poster'] != $_SESSION['accountid'])) {
redirect("errors/permissions.html");
}
if ($mData['locked']) {
echo "This thread is locked.";
redirect("thread?id=" . $_GET['thread'] . "", 2);
}
} else {
die("You have followed an invalid link.");
}
setPageInfo("Post Comment", $mData['title']);
if ($_GET['reply'] && !$_POST['comment']) {
if ($_GET['reply'] == "thread") {
$accountQuery = $mysql->query("SELECT `displayname` FROM `accounts` WHERE `id` = '" . escape($mData['poster']) . "'");
$accountData = $accountQuery->fetch_assoc();
$_POST['comment'] = "[SIZE=11]Quote by " . $accountData['displayname'] . "[/SIZE]\r\n[QUOTE]" . $mData['body'] . "[/QUOTE]\r\n\r\n";
} else {
$commentQuery = $mysql->query("SELECT `poster`, `comment` FROM `comments` WHERE `id` = '" . escape($_GET['reply']) . "'");
if ($commentQuery->num_rows) {
$commentData = $commentQuery->fetch_assoc();
$accountQuery = $mysql->query("SELECT `displayname` FROM `accounts` WHERE `id` = '" . escape($commentData['poster']) . "'");
$accountData = $accountQuery->fetch_assoc();
$_POST['comment'] = "[SIZE=11]Quote by " . $accountData['displayname'] . "[/SIZE]\r\n[QUOTE]" . $commentData['comment'] . "[/QUOTE]\r\n\r\n";
}
}
}
<?php
require_once "configuration/main.php";
setPageNavigation("index");
setPageInfo("Lawless Boards", "The new and revolutionary way of creating your forums.");
if ($permissions['viewforum']) {
$mQuery = $mysql->query("SELECT * FROM `categories` ORDER BY `order` ASC");
while ($mData = $mQuery->fetch_assoc()) {
echo "<div class='categoryTitle'>\n\t\t\t\t<table>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td width='540'>\n\t\t\t\t\t\t\t<a href='category?id=" . $mData['id'] . "'>\n\t\t\t\t\t\t\t\t" . $mData['name'] . "\n\t\t\t\t\t\t\t</a>\n\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t<td width='130'>\n\t\t\t\t\t\t\tStatistics\n\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t<td width='256'>\n\t\t\t\t\t\t\tLast Post\n\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t<td data-category='" . $mData['id'] . "' class='hidden categoryCollapse noselect'>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</td>\n\t\t\t\t</table>\n\t\t\t</div>";
if ($mData['description']) {
echo "<div class='categoryDescription'>\n\t\t\t\t\t" . $mData['description'] . "\n\t\t\t\t</div>";
}
echo "<div id='CATEGORY-" . $mData['id'] . "'>";
$sectionQuery = $mysql->query("SELECT * FROM `sections` WHERE `category` = '" . $mData['id'] . "' AND `parent` IS NULL ORDER BY `order` ASC");
while ($sectionData = $sectionQuery->fetch_assoc()) {
$threadAmount = 0;
$commentAmount = 0;
if ($permissions['viewotherthreads']) {
if ($permissions['viewhiddenthreads']) {
$threadQuery = $mysql->query("SELECT `id` FROM `threads` WHERE `section` = '" . $sectionData['id'] . "'");
} else {
$threadQuery = $mysql->query("SELECT `id` FROM `threads` WHERE `section` = '" . $sectionData['id'] . "' AND `hidden` != '1'");
}
} else {
if ($permissions['viewhiddenthreads']) {
$threadQuery = $mysql->query("SELECT `id` FROM `threads` WHERE `section` = '" . $sectionData['id'] . "' AND `poster` = '" . $_SESSION['accountid'] . "'");
} else {
$threadQuery = $mysql->query("SELECT `id` FROM `threads` WHERE `section` = '" . $sectionData['id'] . "' AND `poster` = '" . $_SESSION['accountid'] . "' AND `hidden` != '1'");
}
}
while ($threadData = $threadQuery->fetch_assoc()) {
<?php
require_once "configuration/main.php";
if (!$permissions['viewforum'] || !$permissions['postthreads']) {
redirect("errors/permissions.html");
}
$mQuery = $mysql->query("SELECT `name` FROM `sections` WHERE `id` = '" . escape($_GET['section']) . "'");
if ($mQuery->num_rows) {
$mData = $mQuery->fetch_assoc();
setPageInfo("Create New Thread", $mData['name']);
} else {
die("You have followed an invalid link.");
}
if ($_POST['newthread']) {
if (strlen($_POST['title']) >= 3) {
if (strlen($_POST['body']) >= 3) {
if (time() - $_SESSION['lastcomment'] >= 60) {
$mysql->query("INSERT INTO `threads` (`section`, `poster`, `date`, `lastpost`, `title`, `body`) VALUES ('" . escape($_GET['section']) . "', '" . $_SESSION['accountid'] . "', '" . time() . "', '" . time() . "', '" . escape($_POST['title']) . "', '" . escape($_POST['body']) . "')");
$threadID = $mysql->insert_id;
if ($permissions['postpolls'] && $_POST['polltext'] && $_POST['polloptions']) {
$mysql->query("INSERT INTO `polls` (`thread`, `text`) VALUES ('{$threadID}', '" . escape($_POST['polltext']) . "')");
$pollID = $mysql->insert_id;
foreach (explode("\n", $_POST['polloptions']) as $pollOption) {
$mysql->query("INSERT INTO `polloptions` (`poll`, `text`, `votes`) VALUES ('{$pollID}', '" . escape($pollOption) . "', '0')");
}
}
if ($permissions['uploadattachments']) {
$nextUploadIndex = file_get_contents(ATTACHMENTS_PATH . "/next") + 1;
mkdir(ATTACHMENTS_PATH . "/{$nextUploadIndex}");
file_put_contents(ATTACHMENTS_PATH . "/next", $nextUploadIndex);
foreach ($_FILES['attachments']['name'] as $fileIndex => $fileName) {
<?php
require_once "configuration/main.php";
$mQuery = $mysql->query("SELECT * FROM `privatemessages` WHERE `id` = '" . escape($_GET['id']) . "' AND `to` = '" . $_SESSION['accountid'] . "'");
if ($mQuery->num_rows) {
setPageInfo("Private Message", "");
$mData = $mQuery->fetch_assoc();
$accountQuery = $mysql->query("SELECT `displayname`, `country`, `usertitle`, `avatar`, `ip`, `signature` FROM `accounts` WHERE `id` = '" . $mData['from'] . "'");
$accountData = $accountQuery->fetch_assoc();
if (!$accountData['usertitle']) {
$userTitleQuery = $mysql->query("SELECT `usergroup` FROM `usergroup_tracker` WHERE `user` = '" . $mData['from'] . "' ORDER BY `primary` DESC");
if ($userTitleQuery->num_rows) {
while ($userTitleData = $userTitleQuery->fetch_assoc()) {
$userGroupQuery = $mysql->query("SELECT `title` FROM `usergroups` WHERE `id` = '" . $userTitleData['usergroup'] . "'");
$userGroupData = $userGroupQuery->fetch_assoc();
if ($accountData['usertitle'] && $userGropuData['title']) {
$accountData['usertitle'] .= "<br>";
}
$accountData['usertitle'] .= $userGroupData['title'];
}
}
}
if (!$mData['read']) {
$mysql->query("UPDATE `privatemessages` SET `read` = '1' WHERE `id` = '" . escape($_GET['id']) . "'");
}
} else {
die("You have followed an invalid link.");
}
$bbParser->parse($mData['message']);
echo "<div class='box'>\n\t\t<div class='boxHeading'>\n\t\t\t" . $mData['title'] . "\n\t\t</div>\n\n\t\t<div class='boxSubHeading'>\n\t\t\tSent by " . $accountData['displayname'] . " - " . customDate($mData['date']) . "\n\t\t</div>\n\n\t\t<div class='boxMain'>\n\t\t\t<table class='tdAlignTop'>\n\t\t\t\t<tr>\n\t\t\t\t\t<td width='200'>\n\t\t\t\t\t\t<a href='user?id=" . $mData['from'] . "' data-tooltip='View Profile: " . $accountData['displayname'] . "'>\n\t\t\t\t\t\t\t<div class='commentUser'>\n\t\t\t\t\t\t\t\t<div class='bold'>\n\t\t\t\t\t\t\t\t\t" . userNameTags($mData['from'], $accountData['displayname']) . "\n\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t<br>\n\n\t\t\t\t\t\t\t\t" . $accountData['usertitle'] . "\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t</a>\n\n\t\t\t\t\t\t<br> <br>\n\n\t\t\t\t\t\t<img src='" . $accountData['avatar'] . "' data-noenlarge='true' " . getAvatarStyle($mData['from']) . ">\n\n\t\t\t\t\t\t<br> <br> <br>\n\n\t\t\t\t\t\t<span class='bold'>Posts:</span> " . getPostCount($mData['from']) . " <br>\n\t\t\t\t\t\t<span class='bold'>Country:</span> " . $accountData['country'] . "\n\t\t\t\t\t</td>\n\n\t\t\t\t\t<td width='20'></td>\n\n\t\t\t\t\t<td width='900'>\n\t\t\t\t\t\t<div class='commentText'>\n\t\t\t\t\t\t\t" . nl2br(unescape($bbParser->getAsHtml())) . "";
storePermissions($mData['from']);
<?php
require_once "configuration/main.php";
if ($_SESSION['accountid']) {
redirect("index");
}
setPageInfo("Registration", "");
if ($_GET['key']) {
$mQuery = $mysql->query("SELECT `id`, `username`, `password` FROM `accounts` WHERE `key` = '" . escape($_GET['key']) . "' AND `verified` IS NULL");
if ($mQuery->num_rows) {
$mData = $mQuery->fetch_assoc();
$_SESSION['accountid'] = $mData['id'];
cookie("lb_accountid", $mData['id']);
cookie("lb_username", $mData['username']);
cookie("lb_password", $mData['password']);
$mysql->query("UPDATE `accounts` SET `verified` = '1' WHERE `id` = '" . $mData['id'] . "'");
echo "Your account has been verified.";
redirect("index", 2);
} else {
die("You have followed an invalid link.");
}
} else {
if ($_POST['register']) {
if (strlen($_POST['username']) >= 2) {
if (strlen($_POST['password']) >= 4) {
if ($_POST['confirmpassword']) {
if ($_POST['password'] == $_POST['confirmpassword']) {
if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) && strpos($_POST['email'], ".")) {
if ($_POST['confirmemail']) {
if ($_POST['email'] == $_POST['confirmemail']) {
if (strtolower($_POST['captcha']) == $_SESSION['captcha']) {
<?php
require_once "configuration/main.php";
if ($_SESSION['accountid']) {
redirect("index");
}
setPageInfo("Login", "");
if ($_POST['login']) {
if ($_POST['username']) {
if ($_POST['password']) {
$mQuery = $mysql->query("SELECT `id` FROM `accounts` WHERE `username` = '" . escape($_POST['username']) . "' AND `password` = '" . password($_POST['password']) . "' AND `verified` = '1'");
if ($mQuery->num_rows) {
$mData = $mQuery->fetch_assoc();
$_SESSION['accountid'] = $mData['id'];
cookie("lb_accountid", $mData['id']);
cookie("lb_username", $_POST['username']);
cookie("lb_password", password($_POST['password']));
echo "<div class='box'>\n\t\t\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\t\t\tYou have successfully logged in.\n\t\t\t\t\t\t</div>\n\t\t\t\t\t</div>";
redirect("index", 2);
} else {
echo "<div class='box'>\n\t\t\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\t\t\tThe account information you have entered is invalid or the account is not verified.\n\t\t\t\t\t\t</div>\n\t\t\t\t\t</div>\n\n\t\t\t\t\t<br>";
}
} else {
echo "<div class='box'>\n\t\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\t\tYou have entered an invalid password.\n\t\t\t\t\t</div>\n\t\t\t\t</div>\n\n\t\t\t\t<br>";
}
} else {
echo "<div class='box'>\n\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\tYou have entered an invalid username.\n\t\t\t\t</div>\n\t\t\t</div>\n\n\t\t\t<br>";
}
}
?>
}
if (!$_GET['id']) {
die("You have followed an invalid link.");
}
$mQuery = $mysql->query("SELECT * FROM `threads` WHERE `id` = '" . escape($_GET['id']) . "'");
$mData = $mQuery->fetch_assoc();
if (!$permissions['viewotherthreads'] && $mData['poster'] != $_SESSION['accountid']) {
redirect("errors/permissions.html");
}
if ($mData['hidden'] && !$permissions['viewhiddenthreads']) {
redirect("errors/permissions.html");
}
$threadLocked = $mData['locked'];
$threadPoster = $mData['poster'];
setPageNavigation("thread", $_GET['id']);
setPageInfo($mData['title'], "" . $mData['views'] . " views");
$mysql->query("UPDATE `threads` SET `views` = `views` + '1' WHERE `id` = '" . escape($_GET['id']) . "'");
if ($_SESSION['accountid']) {
$readQuery = $mysql->query("SELECT `id` FROM `read` WHERE `thread` = '" . escape($_GET['id']) . "' AND `user` = '" . $_SESSION['accountid'] . "'");
if (!$readQuery->num_rows) {
$mysql->query("INSERT INTO `read` (`thread`, `user`) VALUES ('" . escape($_GET['id']) . "', '" . $_SESSION['accountid'] . "')");
}
if (!$threadLocked) {
echo "<button id='commentScrollPost' class='commentScrollPost boxButton'>Comment</button>";
}
}
echo "<br>";
if ($permissions['votepolls'] && $_POST['votepoll']) {
$pollQuery = $mysql->query("SELECT `id`, `voters` FROM `polls` WHERE `thread` = '" . escape($_GET['id']) . "'");
$pollData = $pollQuery->fetch_assoc();
if (strpos($pollData['voters'], "[" . $_SESSION['accountid'] . "]") === false) {
<?php
require_once "configuration/main.php";
if (!$permissions['viewforum']) {
redirect("errors/permissions.html");
}
$mQuery = $mysql->query("SELECT `poster`, `title`, `section` FROM `threads` WHERE `id` = '" . escape($_GET['thread']) . "'");
if ($mQuery->num_rows) {
$mData = $mQuery->fetch_assoc();
setPageInfo("Move Thread", $mData['title']);
} else {
die("You have followed an invalid link.");
}
if (!$permissions['viewotherthreads'] && $mData['poster'] != $_SESSION['accountid']) {
redirect("errors/permissions.html");
}
if (!$permissions['movethreads'] && (!$permissions['moveownthreads'] || $mData['poster'] != $_SESSION['accountid'])) {
redirect("errors/permissions.html");
}
function listSubSections($sectionID, $parentIndex)
{
global $mysql;
$sectionQuery = $mysql->query("SELECT `id`, `name` FROM `sections` WHERE `parent` = '{$sectionID}' ORDER BY `order` ASC");
while ($sectionData = $sectionQuery->fetch_assoc()) {
echo "<option value='" . $sectionData['id'] . "'>" . getParentIndex($parentIndex) . " " . $sectionData['name'] . "</option>";
$parentQuery = $mysql->query("SELECT `id` FROM `sections` WHERE `parent` = '" . $sectionData['id'] . "' ORDER BY `order` ASC");
if ($parentQuery->num_rows) {
listSubSections($sectionData['id'], $parentIndex + 1);
}
}
}
</tr>';
$foot = '</table>';
$offset = ($curpage - 1) * $pagesize;
$arr = $_model->getAll("memberid='{$uid}'", "addtime desc", "{$offset},{$pagesize}");
foreach ($arr as $row) {
$addtime = Mydate('Y-m-d H:i:s', $row['addtime']);
$out .= ' <tr>
<td height="50">' . $addtime . '</td>
<td>' . $row['content'] . '</td>
</tr>';
}
$out = !empty($out) ? $head . $out . $foot : $nocontent_msg;
$totalnum = $_model->getCount("memberid='{$uid}'");
$totalpage = ceil($totalnum / $pagesize);
$pageinfo = setPageInfo($curpage, $totalpage);
$data = array('list' => $out, 'pageinfo' => $pageinfo);
echo json_encode($data);
exit;
}
/*
* 返库存操作
* */
function refundStorage($orderid, $op)
{
global $dsql;
Helper_Archive::loadModule('common');
$_model = new CommonModule('#@__member_order');
$row = $_model->getOne("id='{$orderid}'");
if (isset($row)) {
$dingnum = intval($row['dingnum']) + intval($row['childnum']);
<?php
require_once "configuration/main.php";
if (!$_SESSION['accountid']) {
redirect("index");
}
setPageInfo("Settings", "");
?>
<table class='tdAlignTop'>
<tr>
<td width='200'>
<div class='settingsNavigationHeader'>
Messages
</div>
<div class='settingsNavigationBox'>
<a href='?view=inbox'>
Inbox
</a>
<a href='?view=send'>
Send Private Message
</a>
</div>
<div class='settingsNavigationHeader'>
General Settings
</div>
<div class='settingsNavigationBox'>
<?php
if (isset($_GET['id'])) {
setPageInfo($_GET['id']);
$fileName = $markdown;
if (file_exists($fileName)) {
$globalPostId = $_GET['id'];
$text = file_get_contents($fileName);
$body = $globalMd->defaultTransform(remove_html_comments($text));
$head = '<h1 style="margin-bottom:10px;">■ ' . $title . '</h1>';
if ($description != '') {
$head .= '<div class="description">' . $description . '</div>';
}
$body = $head . $body;
} else {
$body = 'file not found';
}
} else {
$body = 'not found';
}
$globalBody = $body;
